From cd8f06e3ee74f67dfc6deeeeb6b33b869bf705a2 Mon Sep 17 00:00:00 2001 From: jacobk999 Date: Wed, 21 Aug 2024 12:56:14 -0400 Subject: [PATCH] fix: use node-rsa for decryption for higher node compatibility --- src/server/login.js | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/src/server/login.js b/src/server/login.js index 68dc27a..fdcec31 100644 --- a/src/server/login.js +++ b/src/server/login.js @@ -7,6 +7,7 @@ const chatPlugin = require('./chat') const { concat } = require('../transforms/binaryStream') const { mojangPublicKeyPem } = require('./constants') const debug = require('debug')('minecraft-protocol') +const NodeRSA = require('node-rsa') module.exports = function (client, server, options) { const mojangPubKey = crypto.createPublicKey(mojangPublicKeyPem) @@ -106,6 +107,9 @@ module.exports = function (client, server, options) { } } + const keyRsa = new NodeRSA(server.serverKey.exportKey('pkcs1'), 'private', { encryptionScheme: 'pkcs1' }) + keyRsa.setOptions({ environment: 'browser' }) + if (packet.hasVerifyToken === false) { // 1.19, hasVerifyToken is set and equal to false IF chat signing is enabled // This is the default action starting in 1.19.1. @@ -117,10 +121,7 @@ module.exports = function (client, server, options) { } else { const encryptedToken = packet.hasVerifyToken ? packet.crypto.verifyToken : packet.verifyToken try { - const decryptedToken = crypto.privateDecrypt({ - key: server.serverKey.exportKey(), - padding: crypto.constants.RSA_PKCS1_PADDING - }, encryptedToken) + const decryptedToken = keyRsa.decrypt(encryptedToken) if (!client.verifyToken.equals(decryptedToken)) { client.end('DidNotEncryptVerifyTokenProperly') @@ -131,13 +132,9 @@ module.exports = function (client, server, options) { return } } - let sharedSecret try { - sharedSecret = crypto.privateDecrypt({ - key: server.serverKey.exportKey(), - padding: crypto.constants.RSA_PKCS1_PADDING - }, packet.sharedSecret) + sharedSecret = keyRsa.decrypt(packet.sharedSecret) } catch (e) { client.end('DidNotEncryptVerifyTokenProperly') return