From 596db51a8eb59060f8dede7b6dc9e5cd00a4bb07 Mon Sep 17 00:00:00 2001
From: md_5 <md_5@bigpond.com>
Date: Sat, 17 Nov 2012 11:45:52 +1100
Subject: [PATCH] Look! No BouncyCastle. Thanks to @macer1 for helping out with
 this.

---
 pom.xml                                       |  5 -----
 .../java/net/md_5/bungee/EncryptionUtil.java  | 22 +++++--------------
 .../java/net/md_5/bungee/InitialHandler.java  |  9 ++++----
 .../net/md_5/bungee/ServerConnection.java     |  9 ++++----
 4 files changed, 16 insertions(+), 29 deletions(-)

diff --git a/pom.xml b/pom.xml
index 3ba88b13f..2a791b0f4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -76,11 +76,6 @@
             <artifactId>mendax</artifactId>
             <version>1.4.4-SNAPSHOT</version>
         </dependency>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcprov-ext-jdk15on</artifactId>
-            <version>1.47</version>
-        </dependency>
         <dependency>
             <groupId>org.yaml</groupId>
             <artifactId>snakeyaml</artifactId>
diff --git a/src/main/java/net/md_5/bungee/EncryptionUtil.java b/src/main/java/net/md_5/bungee/EncryptionUtil.java
index d4ec2b87f..35cf0c687 100644
--- a/src/main/java/net/md_5/bungee/EncryptionUtil.java
+++ b/src/main/java/net/md_5/bungee/EncryptionUtil.java
@@ -6,6 +6,7 @@ import java.io.InputStreamReader;
 import java.math.BigInteger;
 import java.net.URL;
 import java.net.URLEncoder;
+import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.KeyFactory;
@@ -15,7 +16,6 @@ import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.PublicKey;
 import java.security.SecureRandom;
-import java.security.Security;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.X509EncodedKeySpec;
 import java.util.Arrays;
@@ -25,15 +25,10 @@ import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 import net.md_5.bungee.packet.PacketFCEncryptionResponse;
 import net.md_5.bungee.packet.PacketFDEncryptionRequest;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.engines.AESFastEngine;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
 /**
  * Class containing all encryption related methods for the proxy.
@@ -45,11 +40,6 @@ public class EncryptionUtil
     private static final Random random = new Random();
     private static KeyPair keys;
 
-    static
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
     public static PacketFDEncryptionRequest encryptRequest() throws NoSuchAlgorithmException
     {
         if (keys == null)
@@ -106,16 +96,16 @@ public class EncryptionUtil
         return "YES".equals(reply);
     }
 
-    public static BufferedBlockCipher getCipher(boolean forEncryption, Key shared)
+    public static Cipher getCipher(int opMode, Key shared) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException
     {
-        BufferedBlockCipher cip = new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8));
-        cip.init(forEncryption, new ParametersWithIV(new KeyParameter(shared.getEncoded()), shared.getEncoded(), 0, 16));
+        Cipher cip = Cipher.getInstance("AES/CFB8/NoPadding");
+        cip.init(opMode, shared, new IvParameterSpec(shared.getEncoded()));
         return cip;
     }
 
     public static SecretKey getSecret()
     {
-        byte[] rand = new byte[32];
+        byte[] rand = new byte[16];
         secure.nextBytes(rand);
         return new SecretKeySpec(rand, "AES");
     }
diff --git a/src/main/java/net/md_5/bungee/InitialHandler.java b/src/main/java/net/md_5/bungee/InitialHandler.java
index b2f54ace0..c01304ac5 100644
--- a/src/main/java/net/md_5/bungee/InitialHandler.java
+++ b/src/main/java/net/md_5/bungee/InitialHandler.java
@@ -5,6 +5,9 @@ import java.io.OutputStream;
 import java.net.Socket;
 import java.util.ArrayList;
 import java.util.List;
+import javax.crypto.Cipher;
+import javax.crypto.CipherInputStream;
+import javax.crypto.CipherOutputStream;
 import javax.crypto.SecretKey;
 import net.md_5.bungee.packet.Packet2Handshake;
 import net.md_5.bungee.packet.PacketFCEncryptionResponse;
@@ -12,8 +15,6 @@ import net.md_5.bungee.packet.PacketFDEncryptionRequest;
 import net.md_5.bungee.packet.PacketFFKick;
 import net.md_5.bungee.packet.PacketInputStream;
 import net.md_5.bungee.plugin.LoginEvent;
-import org.bouncycastle.crypto.io.CipherInputStream;
-import org.bouncycastle.crypto.io.CipherOutputStream;
 
 public class InitialHandler implements Runnable
 {
@@ -66,8 +67,8 @@ public class InitialHandler implements Runnable
                     }
 
                     out.write(new PacketFCEncryptionResponse().getPacket());
-                    in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(false, shared)));
-                    out = new CipherOutputStream(socket.getOutputStream(), EncryptionUtil.getCipher(true, shared));
+                    in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(Cipher.DECRYPT_MODE, shared)));
+                    out = new CipherOutputStream(socket.getOutputStream(), EncryptionUtil.getCipher(Cipher.ENCRYPT_MODE, shared));
                     List<byte[]> customPackets = new ArrayList<>();
                     byte[] custom;
                     while (Util.getId((custom = in.readPacket())) != 0xCD)
diff --git a/src/main/java/net/md_5/bungee/ServerConnection.java b/src/main/java/net/md_5/bungee/ServerConnection.java
index 5fd3fadfd..975440e23 100644
--- a/src/main/java/net/md_5/bungee/ServerConnection.java
+++ b/src/main/java/net/md_5/bungee/ServerConnection.java
@@ -4,6 +4,9 @@ import java.io.OutputStream;
 import java.net.InetSocketAddress;
 import java.net.Socket;
 import java.security.PublicKey;
+import javax.crypto.Cipher;
+import javax.crypto.CipherInputStream;
+import javax.crypto.CipherOutputStream;
 import javax.crypto.SecretKey;
 import net.md_5.bungee.packet.Packet1Login;
 import net.md_5.bungee.packet.Packet2Handshake;
@@ -13,8 +16,6 @@ import net.md_5.bungee.packet.PacketFCEncryptionResponse;
 import net.md_5.bungee.packet.PacketFDEncryptionRequest;
 import net.md_5.bungee.packet.PacketFFKick;
 import net.md_5.bungee.packet.PacketInputStream;
-import org.bouncycastle.crypto.io.CipherInputStream;
-import org.bouncycastle.crypto.io.CipherOutputStream;
 
 /**
  * Class representing a connection from the proxy to the server; ie upstream.
@@ -58,8 +59,8 @@ public class ServerConnection extends GenericConnection
                 throw new RuntimeException("Server did not send encryption enable");
             }
 
-            in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(false, myKey)));
-            out = new CipherOutputStream(out, EncryptionUtil.getCipher(true, myKey));
+            in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(Cipher.DECRYPT_MODE, myKey)));
+            out = new CipherOutputStream(out, EncryptionUtil.getCipher(Cipher.ENCRYPT_MODE, myKey));
 
             for (byte[] custom : user.loginPackets)
             {