mirror of
https://github.com/LuckPerms/LuckPerms.git
synced 2025-01-28 03:02:20 +01:00
Switch to ECDSA keys for web editor socket
This commit is contained in:
parent
c773126a0f
commit
9420efd3ac
@ -32,6 +32,7 @@ import java.security.KeyPairGenerator;
|
|||||||
import java.security.PrivateKey;
|
import java.security.PrivateKey;
|
||||||
import java.security.PublicKey;
|
import java.security.PublicKey;
|
||||||
import java.security.Signature;
|
import java.security.Signature;
|
||||||
|
import java.security.spec.ECGenParameterSpec;
|
||||||
import java.security.spec.X509EncodedKeySpec;
|
import java.security.spec.X509EncodedKeySpec;
|
||||||
import java.util.Base64;
|
import java.util.Base64;
|
||||||
|
|
||||||
@ -52,7 +53,7 @@ public final class CryptographyUtils {
|
|||||||
try {
|
try {
|
||||||
byte[] bytes = Base64.getDecoder().decode(base64String);
|
byte[] bytes = Base64.getDecoder().decode(base64String);
|
||||||
X509EncodedKeySpec spec = new X509EncodedKeySpec(bytes);
|
X509EncodedKeySpec spec = new X509EncodedKeySpec(bytes);
|
||||||
KeyFactory rsa = KeyFactory.getInstance("RSA");
|
KeyFactory rsa = KeyFactory.getInstance("EC");
|
||||||
return rsa.generatePublic(spec);
|
return rsa.generatePublic(spec);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new IllegalArgumentException("Exception parsing public key", e);
|
throw new IllegalArgumentException("Exception parsing public key", e);
|
||||||
@ -66,8 +67,8 @@ public final class CryptographyUtils {
|
|||||||
*/
|
*/
|
||||||
public static KeyPair generateKeyPair() {
|
public static KeyPair generateKeyPair() {
|
||||||
try {
|
try {
|
||||||
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
|
KeyPairGenerator generator = KeyPairGenerator.getInstance("EC");
|
||||||
generator.initialize(4096);
|
generator.initialize(new ECGenParameterSpec("secp256r1"));
|
||||||
return generator.generateKeyPair();
|
return generator.generateKeyPair();
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new RuntimeException("Exception generating keypair", e);
|
throw new RuntimeException("Exception generating keypair", e);
|
||||||
@ -83,7 +84,7 @@ public final class CryptographyUtils {
|
|||||||
*/
|
*/
|
||||||
public static String sign(PrivateKey privateKey, String msg) {
|
public static String sign(PrivateKey privateKey, String msg) {
|
||||||
try {
|
try {
|
||||||
Signature sign = Signature.getInstance("SHA256withRSA");
|
Signature sign = Signature.getInstance("SHA256withECDSAinP1363Format");
|
||||||
sign.initSign(privateKey);
|
sign.initSign(privateKey);
|
||||||
sign.update(msg.getBytes(StandardCharsets.UTF_8));
|
sign.update(msg.getBytes(StandardCharsets.UTF_8));
|
||||||
|
|
||||||
@ -104,7 +105,7 @@ public final class CryptographyUtils {
|
|||||||
*/
|
*/
|
||||||
public static boolean verify(PublicKey publicKey, String msg, String signatureBase64) {
|
public static boolean verify(PublicKey publicKey, String msg, String signatureBase64) {
|
||||||
try {
|
try {
|
||||||
Signature sign = Signature.getInstance("SHA256withRSA");
|
Signature sign = Signature.getInstance("SHA256withECDSAinP1363Format");
|
||||||
sign.initVerify(publicKey);
|
sign.initVerify(publicKey);
|
||||||
sign.update(msg.getBytes(StandardCharsets.UTF_8));
|
sign.update(msg.getBytes(StandardCharsets.UTF_8));
|
||||||
|
|
||||||
|
@ -47,7 +47,7 @@ import java.util.concurrent.TimeoutException;
|
|||||||
|
|
||||||
public class WebEditorSocket {
|
public class WebEditorSocket {
|
||||||
|
|
||||||
private static final int PROTOCOL_VERSION = 1;
|
private static final int PROTOCOL_VERSION = 2;
|
||||||
|
|
||||||
/** The plugin */
|
/** The plugin */
|
||||||
private final LuckPermsPlugin plugin;
|
private final LuckPermsPlugin plugin;
|
||||||
|
@ -0,0 +1,62 @@
|
|||||||
|
/*
|
||||||
|
* This file is part of LuckPerms, licensed under the MIT License.
|
||||||
|
*
|
||||||
|
* Copyright (c) lucko (Luck) <luck@lucko.me>
|
||||||
|
* Copyright (c) contributors
|
||||||
|
*
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
*
|
||||||
|
* The above copyright notice and this permission notice shall be included in all
|
||||||
|
* copies or substantial portions of the Software.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
* SOFTWARE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package me.lucko.luckperms.common.webeditor.socket;
|
||||||
|
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
|
import java.security.KeyPair;
|
||||||
|
import java.security.PublicKey;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
|
||||||
|
public class CryptographyUtilsTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testKeypairGenerate() {
|
||||||
|
CryptographyUtils.generateKeyPair();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testSignVerify() {
|
||||||
|
KeyPair keyPair = CryptographyUtils.generateKeyPair();
|
||||||
|
|
||||||
|
String signature = CryptographyUtils.sign(keyPair.getPrivate(), "test");
|
||||||
|
assertTrue(CryptographyUtils.verify(keyPair.getPublic(), "test", signature));
|
||||||
|
|
||||||
|
assertFalse(CryptographyUtils.verify(keyPair.getPublic(), "test", "bleh"));
|
||||||
|
assertFalse(CryptographyUtils.verify(keyPair.getPublic(), "test", ""));
|
||||||
|
assertFalse(CryptographyUtils.verify(keyPair.getPublic(), "test", null));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testParseAndVerify() {
|
||||||
|
// the base64 values are generated from javascript crypto.subtle
|
||||||
|
PublicKey publicKey = CryptographyUtils.parsePublicKey("MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEkF5EWzdsbmVOYprtfMleBZYASm7AXBQQCE29xR2hpGkjVi4Fra/KPazRShqyGvQXY24sINsxIPEd4XamDfFAaQ==");
|
||||||
|
assertTrue(CryptographyUtils.verify(publicKey, "hello world", "XAZJMxOlR5Mcq7nJxU4oS1fYyViYH1FZxWOXwOC+LRXYF8KeP58k5KLTjc35L974t3RukwAqflul0HY64bJT3w=="));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user