diff --git a/build.gradle b/build.gradle index 8e96323..f6c0791 100644 --- a/build.gradle +++ b/build.gradle @@ -1,6 +1,6 @@ plugins { - id 'com.github.johnrengelman.shadow' version '7.0.0' - id 'com.palantir.git-version' version '0.12.3' + id 'com.github.johnrengelman.shadow' version '7.1.2' + id 'com.palantir.git-version' version '0.13.0' id 'java' } @@ -9,8 +9,8 @@ repositories { } dependencies { - implementation 'org.ow2.asm:asm:9.2' - testImplementation 'junit:junit:4.13.2' + implementation 'org.ow2.asm:asm:9.3' + testImplementation 'org.junit.jupiter:junit-jupiter:5.8.2' } sourceCompatibility = 8 @@ -46,6 +46,10 @@ processResources { } } +test { + useJUnitPlatform() +} + shadowJar { classifier = null diff --git a/src/main/java/moe/yushi/authlibinjector/transform/ClassTransformer.java b/src/main/java/moe/yushi/authlibinjector/transform/ClassTransformer.java index 7e484aa..f35ccd5 100644 --- a/src/main/java/moe/yushi/authlibinjector/transform/ClassTransformer.java +++ b/src/main/java/moe/yushi/authlibinjector/transform/ClassTransformer.java @@ -241,13 +241,14 @@ public byte[] transform(ClassLoader loader, String internalClassName, Class c TransformHandle handle = new TransformHandle(loader, className, classfileBuffer); TransformUnit[] unitsArray = units.toArray(new TransformUnit[0]); handle.accept(unitsArray); - listeners.forEach(it -> it.onClassLoading(loader, className, handle.getFinalResult(), handle.getAppliedTransformers())); Optional transformResult = handle.finish(); if (Config.printUntransformedClass && !transformResult.isPresent()) { log(DEBUG, "No transformation is applied to [" + className + "]"); } + listeners.forEach(it -> it.onClassLoading(loader, className, handle.getFinalResult(), handle.getAppliedTransformers())); + long t2 = System.nanoTime(); synchronized (performanceMetrics) { diff --git a/src/main/java/moe/yushi/authlibinjector/transform/support/YggdrasilKeyTransformUnit.java b/src/main/java/moe/yushi/authlibinjector/transform/support/YggdrasilKeyTransformUnit.java index 1092d79..2625beb 100644 --- a/src/main/java/moe/yushi/authlibinjector/transform/support/YggdrasilKeyTransformUnit.java +++ b/src/main/java/moe/yushi/authlibinjector/transform/support/YggdrasilKeyTransformUnit.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 Haowei Wen and contributors + * Copyright (C) 2022 Haowei Wen and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by @@ -16,11 +16,18 @@ */ package moe.yushi.authlibinjector.transform.support; +import static moe.yushi.authlibinjector.util.Logging.Level.DEBUG; +import static org.objectweb.asm.Opcodes.ALOAD; import static org.objectweb.asm.Opcodes.ASM9; import static org.objectweb.asm.Opcodes.H_INVOKEVIRTUAL; import static org.objectweb.asm.Opcodes.INVOKEVIRTUAL; +import static org.objectweb.asm.Opcodes.IRETURN; import java.lang.invoke.MethodHandle; +import java.security.GeneralSecurityException; import java.security.PublicKey; +import java.security.Signature; +import java.security.SignatureException; +import java.util.Base64; import java.util.List; import java.util.Optional; import java.util.concurrent.CopyOnWriteArrayList; @@ -31,6 +38,8 @@ import moe.yushi.authlibinjector.transform.CallbackSupport; import moe.yushi.authlibinjector.transform.TransformContext; import moe.yushi.authlibinjector.transform.TransformUnit; +import moe.yushi.authlibinjector.util.Logging; +import moe.yushi.authlibinjector.util.Logging.Level; public class YggdrasilKeyTransformUnit implements TransformUnit { @@ -49,6 +58,35 @@ public static boolean verifyPropertySignature(Object property, PublicKey mojangK return false; } + @CallbackMethod + public static boolean verifyPropertySignatureNew(Signature mojangSignatureObj, String propertyValue, String base64Signature) { + byte[] sig = Base64.getDecoder().decode(base64Signature); + byte[] data = propertyValue.getBytes(); + + try { + mojangSignatureObj.update(data); + if (mojangSignatureObj.verify(sig)) + return true; + } catch (SignatureException e) { + Logging.log(DEBUG, "Failed to verify signature with Mojang's key", e); + } + + for (PublicKey customKey : PUBLIC_KEYS) { + try { + Signature signature = Signature.getInstance("SHA1withRSA"); + signature.initVerify(customKey); + signature.update(data); + if (signature.verify(sig)) + return true; + } catch (GeneralSecurityException e) { + Logging.log(DEBUG, "Failed to verify signature with custom key " + customKey, e); + } + } + + Logging.log(Level.WARNING, "Failed to verify property signature"); + return false; + } + @Override public Optional transform(ClassLoader classLoader, String className, ClassVisitor writer, TransformContext ctx) { if ("com.mojang.authlib.yggdrasil.YggdrasilMinecraftSessionService".equals(className)) { @@ -73,6 +111,32 @@ public void visitMethodInsn(int opcode, String owner, String name, String descri } }); + } else if ("com.mojang.authlib.yggdrasil.YggdrasilServicesKeyInfo".equals(className)) { + return Optional.of(new ClassVisitor(ASM9, writer) { + @Override + public MethodVisitor visitMethod(int access, String name, String desc, String signature, String[] exceptions) { + if ("validateProperty".equals(name) && "(Lcom/mojang/authlib/properties/Property;)Z".equals(desc)) { + ctx.markModified(); + + MethodVisitor mv = super.visitMethod(access, name, desc, signature, exceptions); + mv.visitCode(); + mv.visitVarInsn(ALOAD, 0); + mv.visitMethodInsn(INVOKEVIRTUAL, "com/mojang/authlib/yggdrasil/YggdrasilServicesKeyInfo", "signature", "()Ljava/security/Signature;", false); + mv.visitVarInsn(ALOAD, 1); + mv.visitMethodInsn(INVOKEVIRTUAL, "com/mojang/authlib/properties/Property", "getValue", "()Ljava/lang/String;", false); + mv.visitVarInsn(ALOAD, 1); + mv.visitMethodInsn(INVOKEVIRTUAL, "com/mojang/authlib/properties/Property", "getSignature", "()Ljava/lang/String;", false); + CallbackSupport.invoke(ctx, mv, YggdrasilKeyTransformUnit.class, "verifyPropertySignatureNew"); + mv.visitInsn(IRETURN); + mv.visitMaxs(-1, -1); + mv.visitEnd(); + + return null; + } else { + return super.visitMethod(access, name, desc, signature, exceptions); + } + } + }); } else { return Optional.empty(); } diff --git a/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/ChunkedInputStreamTest.java b/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/ChunkedInputStreamTest.java index e0cdd82..8398665 100644 --- a/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/ChunkedInputStreamTest.java +++ b/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/ChunkedInputStreamTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 Haowei Wen and contributors + * Copyright (C) 2022 Haowei Wen and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by @@ -18,15 +18,14 @@ import static java.nio.charset.StandardCharsets.US_ASCII; import static moe.yushi.authlibinjector.util.IOUtils.asBytes; -import static org.junit.Assert.assertArrayEquals; -import static org.junit.Assert.assertEquals; - +import static org.junit.jupiter.api.Assertions.assertArrayEquals; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; import java.io.ByteArrayInputStream; import java.io.EOFException; import java.io.IOException; import java.io.InputStream; - -import org.junit.Test; +import org.junit.jupiter.api.Test; @SuppressWarnings("resource") public class ChunkedInputStreamTest { @@ -76,99 +75,99 @@ public void testRead5() throws IOException { assertEquals(underlying.read(), -1); } - @Test(expected = EOFException.class) + @Test public void testReadEOF1() throws IOException { byte[] data = ("a").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } - @Test(expected = EOFException.class) + @Test public void testReadEOF2() throws IOException { byte[] data = ("a\r").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } - @Test(expected = EOFException.class) + @Test public void testReadEOF3() throws IOException { byte[] data = ("a\r\n").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } - @Test(expected = EOFException.class) + @Test public void testReadEOF4() throws IOException { byte[] data = ("a\r\nabc").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } - @Test(expected = EOFException.class) + @Test public void testReadEOF5() throws IOException { byte[] data = ("a\r\n123456789a\r").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } - @Test(expected = EOFException.class) + @Test public void testReadEOF6() throws IOException { byte[] data = ("a\r\n123456789a\r\n").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } - @Test(expected = EOFException.class) + @Test public void testReadEOF7() throws IOException { byte[] data = ("a\r\n123456789a\r\n0\r\n\r").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } - @Test(expected = IOException.class) + @Test public void testBadIn1() throws IOException { byte[] data = ("-1").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(IOException.class, () -> asBytes(in)); } - @Test(expected = IOException.class) + @Test public void testBadIn2() throws IOException { byte[] data = ("a\ra").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(IOException.class, () -> asBytes(in)); } - @Test(expected = IOException.class) + @Test public void testBadIn3() throws IOException { byte[] data = ("a\r\n123456789aa").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(IOException.class, () -> asBytes(in)); } - @Test(expected = IOException.class) + @Test public void testBadIn4() throws IOException { byte[] data = ("a\r\n123456789a\ra").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(IOException.class, () -> asBytes(in)); } - @Test(expected = IOException.class) + @Test public void testBadIn5() throws IOException { byte[] data = ("a\r\n123456789a\r\n0\r\n\r-").getBytes(US_ASCII); ByteArrayInputStream underlying = new ByteArrayInputStream(data); InputStream in = new ChunkedInputStream(underlying); - asBytes(in); + assertThrows(IOException.class, () -> asBytes(in)); } } diff --git a/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/FixedLengthInputStreamTest.java b/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/FixedLengthInputStreamTest.java index 1fe4d72..4186718 100644 --- a/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/FixedLengthInputStreamTest.java +++ b/src/test/java/moe/yushi/authlibinjector/internal/fi/iki/elonen/FixedLengthInputStreamTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 Haowei Wen and contributors + * Copyright (C) 2022 Haowei Wen and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by @@ -17,16 +17,15 @@ package moe.yushi.authlibinjector.internal.fi.iki.elonen; import static moe.yushi.authlibinjector.util.IOUtils.asBytes; -import static org.junit.Assert.assertArrayEquals; -import static org.junit.Assert.assertEquals; - +import static org.junit.jupiter.api.Assertions.assertArrayEquals; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; import java.io.ByteArrayInputStream; import java.io.EOFException; import java.io.IOException; import java.io.InputStream; import java.util.Arrays; - -import org.junit.Test; +import org.junit.jupiter.api.Test; @SuppressWarnings("resource") public class FixedLengthInputStreamTest { @@ -58,10 +57,10 @@ public void testRead3() throws IOException { assertEquals(underlying.read(), 0x11); } - @Test(expected = EOFException.class) + @Test public void testReadEOF() throws IOException { byte[] data = new byte[] { 0x11, 0x22, 0x33, 0x44, 0x55 }; InputStream in = new FixedLengthInputStream(new ByteArrayInputStream(data), 6); - asBytes(in); + assertThrows(EOFException.class, () -> asBytes(in)); } } diff --git a/src/test/java/moe/yushi/authlibinjector/test/DefaultURLRedirectorTest.java b/src/test/java/moe/yushi/authlibinjector/test/DefaultURLRedirectorTest.java index 74df8d0..86ba6ec 100644 --- a/src/test/java/moe/yushi/authlibinjector/test/DefaultURLRedirectorTest.java +++ b/src/test/java/moe/yushi/authlibinjector/test/DefaultURLRedirectorTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2020 Haowei Wen and contributors + * Copyright (C) 2022 Haowei Wen and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by @@ -18,9 +18,9 @@ import static java.util.Collections.emptyList; import static java.util.Collections.emptyMap; -import static org.junit.Assert.assertEquals; +import static org.junit.jupiter.api.Assertions.assertEquals; import java.util.Optional; -import org.junit.Test; +import org.junit.jupiter.api.Test; import moe.yushi.authlibinjector.APIMetadata; import moe.yushi.authlibinjector.httpd.DefaultURLRedirector; diff --git a/src/test/java/moe/yushi/authlibinjector/test/KeyUtilsTest.java b/src/test/java/moe/yushi/authlibinjector/test/KeyUtilsTest.java index 5fcdb0b..319b106 100644 --- a/src/test/java/moe/yushi/authlibinjector/test/KeyUtilsTest.java +++ b/src/test/java/moe/yushi/authlibinjector/test/KeyUtilsTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 Haowei Wen and contributors + * Copyright (C) 2022 Haowei Wen and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by @@ -17,8 +17,9 @@ package moe.yushi.authlibinjector.test; import static moe.yushi.authlibinjector.util.KeyUtils.decodePEMPublicKey; -import static org.junit.Assert.assertArrayEquals; -import org.junit.Test; +import static org.junit.jupiter.api.Assertions.assertArrayEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; +import org.junit.jupiter.api.Test; public class KeyUtilsTest { @@ -34,14 +35,16 @@ public void testDecodePublicKey2() { decodePEMPublicKey("-----BEGIN PUBLIC KEY-----\nf\n39/fw==\n-----END PUBLIC KEY-----\n")); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDecodePublicKey3() { - decodePEMPublicKey("-----BEGIN PUBLIC KEY----- f39/fw== -----END PUBLIC KEY-----"); + assertThrows(IllegalArgumentException.class, + () -> decodePEMPublicKey("-----BEGIN PUBLIC KEY----- f39/fw== -----END PUBLIC KEY-----")); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDecodePublicKey4() { - decodePEMPublicKey("-----BEGIN PUBLIC KEY-----f39/fw==-----END NOT A PUBLIC KEY-----"); + assertThrows(IllegalArgumentException.class, + () -> decodePEMPublicKey("-----BEGIN PUBLIC KEY-----f39/fw==-----END NOT A PUBLIC KEY-----")); } } diff --git a/src/test/java/moe/yushi/authlibinjector/test/SkinWhitelistTest.java b/src/test/java/moe/yushi/authlibinjector/test/SkinWhitelistTest.java index 6e3cfca..2d350e2 100644 --- a/src/test/java/moe/yushi/authlibinjector/test/SkinWhitelistTest.java +++ b/src/test/java/moe/yushi/authlibinjector/test/SkinWhitelistTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2020 Haowei Wen and contributors + * Copyright (C) 2022 Haowei Wen and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by @@ -17,9 +17,9 @@ package moe.yushi.authlibinjector.test; import static moe.yushi.authlibinjector.transform.support.SkinWhitelistTransformUnit.domainMatches; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; -import org.junit.Test; +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertTrue; +import org.junit.jupiter.api.Test; public class SkinWhitelistTest { diff --git a/src/test/java/moe/yushi/authlibinjector/test/VersionSeriesDetectTest.java b/src/test/java/moe/yushi/authlibinjector/test/VersionSeriesDetectTest.java index 97e76c4..43dfce8 100644 --- a/src/test/java/moe/yushi/authlibinjector/test/VersionSeriesDetectTest.java +++ b/src/test/java/moe/yushi/authlibinjector/test/VersionSeriesDetectTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 Haowei Wen and contributors + * Copyright (C) 2022 Haowei Wen and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by @@ -17,11 +17,9 @@ package moe.yushi.authlibinjector.test; import static moe.yushi.authlibinjector.transform.support.MainArgumentsTransformer.inferVersionSeries; -import static org.junit.Assert.assertEquals; - +import static org.junit.jupiter.api.Assertions.assertEquals; import java.util.Optional; - -import org.junit.Test; +import org.junit.jupiter.api.Test; public class VersionSeriesDetectTest {