PocketMine-MP 5.15.1 git-5ef247620a7c6301a849b54e5ef1009217729fc8
EncryptionContext.php
1<?php
2
3/*
4 *
5 * ____ _ _ __ __ _ __ __ ____
6 * | _ \ ___ ___| | _____| |_| \/ (_)_ __ ___ | \/ | _ \
7 * | |_) / _ \ / __| |/ / _ \ __| |\/| | | '_ \ / _ \_____| |\/| | |_) |
8 * | __/ (_) | (__| < __/ |_| | | | | | | | __/_____| | | | __/
9 * |_| \___/ \___|_|\_\___|\__|_| |_|_|_| |_|\___| |_| |_|_|
10 *
11 * This program is free software: you can redistribute it and/or modify
12 * it under the terms of the GNU Lesser General Public License as published by
13 * the Free Software Foundation, either version 3 of the License, or
14 * (at your option) any later version.
15 *
16 * @author PocketMine Team
17 * @link http://www.pocketmine.net/
18 *
19 *
20 */
21
22declare(strict_types=1);
23
24namespace pocketmine\network\mcpe\encryption;
25
26use Crypto\Cipher;
27use pocketmine\utils\Binary;
28use function bin2hex;
29use function openssl_digest;
30use function openssl_error_string;
31use function strlen;
32use function substr;
33
34class EncryptionContext{
35 private const CHECKSUM_ALGO = "sha256";
36
37 public static bool $ENABLED = true;
38
39 private string $key;
40
41 private Cipher $decryptCipher;
42 private int $decryptCounter = 0;
43
44 private Cipher $encryptCipher;
45 private int $encryptCounter = 0;
46
47 public function __construct(string $encryptionKey, string $algorithm, string $iv){
48 $this->key = $encryptionKey;
49
50 $this->decryptCipher = new Cipher($algorithm);
51 $this->decryptCipher->decryptInit($this->key, $iv);
52
53 $this->encryptCipher = new Cipher($algorithm);
54 $this->encryptCipher->encryptInit($this->key, $iv);
55 }
56
67 public static function fakeGCM(string $encryptionKey) : self{
68 return new EncryptionContext(
69 $encryptionKey,
70 "AES-256-CTR",
71 substr($encryptionKey, 0, 12) . "\x00\x00\x00\x02"
72 );
73 }
74
75 public static function cfb8(string $encryptionKey) : self{
76 return new EncryptionContext(
77 $encryptionKey,
78 "AES-256-CFB8",
79 substr($encryptionKey, 0, 16)
80 );
81 }
82
86 public function decrypt(string $encrypted) : string{
87 if(strlen($encrypted) < 9){
88 throw new DecryptionException("Payload is too short");
89 }
90 $decrypted = $this->decryptCipher->decryptUpdate($encrypted);
91 $payload = substr($decrypted, 0, -8);
92
93 $packetCounter = $this->decryptCounter++;
94
95 if(($expected = $this->calculateChecksum($packetCounter, $payload)) !== ($actual = substr($decrypted, -8))){
96 throw new DecryptionException("Encrypted packet $packetCounter has invalid checksum (expected " . bin2hex($expected) . ", got " . bin2hex($actual) . ")");
97 }
98
99 return $payload;
100 }
101
102 public function encrypt(string $payload) : string{
103 return $this->encryptCipher->encryptUpdate($payload . $this->calculateChecksum($this->encryptCounter++, $payload));
104 }
105
106 private function calculateChecksum(int $counter, string $payload) : string{
107 $hash = openssl_digest(Binary::writeLLong($counter) . $payload . $this->key, self::CHECKSUM_ALGO, true);
108 if($hash === false){
109 throw new \RuntimeException("openssl_digest() error: " . openssl_error_string());
110 }
111 return substr($hash, 0, 8);
112 }
113}