SteamWar/Velocity
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
babb22bf884c869146430fac34d11fac44cf105a
Velocity/native/src/main/c/jni_cipher_openssl.c
Andrew Steinborn af97ffffa5 A few small code cleanups for cryptography 
* Remove some unused cryptographic code
* Add some notes about how Minecraft's cryptography choices have not quite survived the test of time
2024-12-21 03:45:17 -05:00

71 lines
2.3 KiB
C
Raw Blame History

#include <jni.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/evp.h>
#include "jni_util.h"
typedef unsigned char byte;
JNIEXPORT jlong JNICALL
Java_com_velocitypowered_natives_encryption_OpenSslCipherImpl_init(JNIEnv *env,
jclass clazz,
jbyteArray key,
jboolean encrypt)
{
jsize keyLen = (*env)->GetArrayLength(env, key);
if (keyLen != 16) {
throwException(env, "java/lang/IllegalArgumentException", "cipher not 16 bytes");
return 0;
}
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if (ctx == NULL) {
throwException(env, "java/lang/OutOfMemoryError", "allocate cipher");
return 0;
}
// Since we know the array size is always bounded, we can just use Get<Primitive>ArrayRegion
// and save ourselves some error-checking headaches.
jbyte keyBytes[16];
(*env)->GetByteArrayRegion(env, key, 0, keyLen, (jbyte*) keyBytes);
if ((*env)->ExceptionCheck(env)) {
return 0;
}
// But, you're saying, *why* are we using the key as the IV? After all, reusing the key as
// the IV defeats the entire point - we might as well just initialize it to all zeroes.
//
// You can blame Mojang. For the record, we also don't consider the Minecraft protocol
// encryption scheme to be secure, and it has reached the point where any serious cryptographic
// protocol needs a refresh. There are multiple obvious weaknesses, and this is far from the
// most serious.
//
// If you are using Minecraft in a security-sensitive application, *I don't know what to say.*
int result = EVP_CipherInit(ctx, EVP_aes_128_cfb8(), (byte*) keyBytes, (byte*) keyBytes,
encrypt);
if (result != 1) {
EVP_CIPHER_CTX_free(ctx);
throwException(env, "java/security/GeneralSecurityException", "openssl initialize cipher");
return 0;
}
return (jlong) ctx;
}
JNIEXPORT void JNICALL
Java_com_velocitypowered_natives_encryption_OpenSslCipherImpl_free(JNIEnv *env,
jclass clazz,
jlong ptr)
{
EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *) ptr);
}
JNIEXPORT void JNICALL
Java_com_velocitypowered_natives_encryption_OpenSslCipherImpl_process(JNIEnv *env,
jclass clazz,
jlong ptr,
jlong source,
jint len,
jlong dest)
{
EVP_CipherUpdate((EVP_CIPHER_CTX*) ptr, (byte*) dest, &len, (byte*) source, len);
}
Reference in New Issue View Git Blame Copy Permalink