Create cipher object

MacaylaMarvelous81 · Aug 18, 2024 · d598f45 · d598f45
1 parent 511ab2c
commit d598f45
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 28 deletions.
diff --git a/app.js b/app.js
@@ -14,21 +14,9 @@ const wss = new WebSocketServer({
         return protocols.has('com.microsoft.minecraft.wsencrypt') ? 'com.microsoft.minecraft.wsencrypt' : false;
     }
 });
-const key = await new Promise((resolve, reject) => {
-    crypto.generateKeyPair('ec', {
-        namedCurve: 'P-384',
-        publicKeyEncoding: {
-            type: 'spki',
-            format: 'der'
-        },
-    }, (err, publicKey, privateKey) => {
-        if (err) {
-            reject(err);
-        } else {
-            resolve({ publicKey, privateKey });
-        }
-    })
-});
+const ecdh = crypto.createECDH('secp384r1');
+ecdh.generateKeys();
+
 const salt = crypto.randomBytes(16);
 
 console.log(`Server started on port ${ port }`);
@@ -42,9 +30,9 @@ wss.on('connection', async (ws) => {
 
     sendAllRenderers('connection');
 
-    const client = new Client(ws);
+    const client = new Client(ws, ecdh);
 
-    await client.enableEncryption(key.publicKey, salt);
+    await client.enableEncryption(salt);
     client.subscribeEvent('PlayerDied');
     client.subscribeEvent('ItemUsed');
     client.subscribeEvent('PlayerMessage');

diff --git a/package.json b/package.json
@@ -60,6 +60,7 @@
 	"main": "app.js",
 	"dependencies": {
 		"blockly": "^11.1.1",
+		"eckey-utils": "^0.7.14",
 		"get-port": "^7.1.0",
 		"sval": "^0.5.2",
 		"vex-dialog": "^1.1.0",

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/websocket/client.js b/websocket/client.js
@@ -1,19 +1,22 @@
 import crypto from 'node:crypto';
 import { buildCommandRequest, buildSubscription } from './requests.js';
+import ecKeyUtils from 'eckey-utils';
 
 export class Client {
     static clients = [];
 
     #ws;
-    #serverPrivateKey;
+    #ecdh;
     #commandRequests = {};
     #gameEventHandlers = [];
     #playerKey;
     #sharedSecret;
+    #secretKey;
+    #cipher;
 
-    constructor(ws, privateKey) {
+    constructor(ws, ecdh) {
         this.#ws = ws;
-        this.#serverPrivateKey = privateKey;
+        this.#ecdh = ecdh;
 
         ws.on('message', this.#handleMessage.bind(this));
 
@@ -28,19 +31,24 @@ export class Client {
         this.#ws.send(JSON.stringify(buildSubscription(eventName, crypto.randomUUID())));
     }
 
-    async enableEncryption(pubkey, salt) {
+    async enableEncryption(salt) {
+        const encodedKey = this.#ecdh.getPublicKey('base64');
+        const encodedSalt = salt.toString('base64');
         const body = await this.execute(`enableencryption "${ encodedKey }" "${ encodedSalt }"`);
 
-        this.#playerKey = crypto.createPublicKey({
+        const pemKey = crypto.createPublicKey({
             key: Buffer.from(body.publicKey, 'base64'),
-            format: 'der',
-            type: 'spki'
+            type: 'spki',
+            format: 'der'
+        }).export({
+            type: 'spki',
+            format: 'pem'
         });
+        this.#playerKey = ecKeyUtils.parsePem(pemKey).publicKey;
 
-        const ecdh = crypto.createECDH('P-384');
-        ecdh.setPrivateKey(this.#serverPrivateKey);
-
-        this.#sharedSecret = ecdh.computeSecret(this.#playerKey);
+        this.#sharedSecret = this.#ecdh.computeSecret(this.#playerKey);
+        this.#secretKey = crypto.hash('sha256', Buffer.concat([ salt, this.#sharedSecret ]));
+        this.#cipher = crypto.createCipheriv('aes-256-cbc', this.#secretKey, this.#secretKey.slice(0, 16));
     }
 
     execute(command) {