From c879d0e753f4f16fe5889ba53c9c004cc8832a56 Mon Sep 17 00:00:00 2001 From: Jacob Koshy <42344274+jacobk999@users.noreply.github.com> Date: Sun, 19 Jan 2025 09:21:41 -0500 Subject: [PATCH] fix: use node-rsa for decryption for higher node compatibility (#1319) Co-authored-by: extremeheat --- src/server/login.js | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/src/server/login.js b/src/server/login.js index bc578511..60cb4d49 100644 --- a/src/server/login.js +++ b/src/server/login.js @@ -7,6 +7,7 @@ const chatPlugin = require('./chat') const { concat } = require('../transforms/binaryStream') const { mojangPublicKeyPem } = require('./constants') const debug = require('debug')('minecraft-protocol') +const NodeRSA = require('node-rsa') const nbt = require('prismarine-nbt') /** @@ -112,6 +113,9 @@ module.exports = function (client, server, options) { } } + const keyRsa = new NodeRSA(server.serverKey.exportKey('pkcs1'), 'private', { encryptionScheme: 'pkcs1' }) + keyRsa.setOptions({ environment: 'browser' }) + if (packet.hasVerifyToken === false) { // 1.19, hasVerifyToken is set and equal to false IF chat signing is enabled // This is the default action starting in 1.19.1. @@ -123,10 +127,7 @@ module.exports = function (client, server, options) { } else { const encryptedToken = packet.hasVerifyToken ? packet.crypto.verifyToken : packet.verifyToken try { - const decryptedToken = crypto.privateDecrypt({ - key: server.serverKey.exportKey(), - padding: crypto.constants.RSA_PKCS1_PADDING - }, encryptedToken) + const decryptedToken = keyRsa.decrypt(encryptedToken) if (!client.verifyToken.equals(decryptedToken)) { client.end('DidNotEncryptVerifyTokenProperly') @@ -137,13 +138,9 @@ module.exports = function (client, server, options) { return } } - let sharedSecret try { - sharedSecret = crypto.privateDecrypt({ - key: server.serverKey.exportKey(), - padding: crypto.constants.RSA_PKCS1_PADDING - }, packet.sharedSecret) + sharedSecret = keyRsa.decrypt(packet.sharedSecret) } catch (e) { client.end('DidNotEncryptVerifyTokenProperly') return