forked from GeyserMC/Geyser
39 lines
1.5 KiB
Java
39 lines
1.5 KiB
Java
|
package org.geysermc.connector.utils;
|
||
|
|
||
|
import com.fasterxml.jackson.databind.DeserializationFeature;
|
||
|
import com.fasterxml.jackson.databind.JsonNode;
|
||
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||
|
import com.fasterxml.jackson.databind.node.JsonNodeType;
|
||
|
import com.nimbusds.jose.JWSObject;
|
||
|
import com.nukkitx.network.util.Preconditions;
|
||
|
import com.nukkitx.protocol.bedrock.util.EncryptionUtils;
|
||
|
|
||
|
import java.security.interfaces.ECPublicKey;
|
||
|
|
||
|
public class LoginEncryptionUtils {
|
||
|
|
||
|
public static final ObjectMapper JSON_MAPPER = new ObjectMapper().disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
|
||
|
|
||
|
public static boolean validateChainData(JsonNode data) throws Exception {
|
||
|
ECPublicKey lastKey = null;
|
||
|
boolean validChain = false;
|
||
|
for (JsonNode node : data) {
|
||
|
JWSObject jwt = JWSObject.parse(node.asText());
|
||
|
|
||
|
if (!validChain) {
|
||
|
validChain = EncryptionUtils.verifyJwt(jwt, EncryptionUtils.getMojangPublicKey());
|
||
|
}
|
||
|
|
||
|
if (lastKey != null) {
|
||
|
EncryptionUtils.verifyJwt(jwt, lastKey);
|
||
|
}
|
||
|
|
||
|
JsonNode payloadNode = JSON_MAPPER.readTree(jwt.getPayload().toString());
|
||
|
JsonNode ipkNode = payloadNode.get("identityPublicKey");
|
||
|
Preconditions.checkState(ipkNode != null && ipkNode.getNodeType() == JsonNodeType.STRING, "identityPublicKey node is missing in chain");
|
||
|
lastKey = EncryptionUtils.generateKey(ipkNode.asText());
|
||
|
}
|
||
|
return validChain;
|
||
|
}
|
||
|
}
|