From 879a4c21ba07f2e181f48d768428e35c150ffb2c Mon Sep 17 00:00:00 2001
From: extremeheat <extreme@protonmail.ch>
Date: Wed, 12 May 2021 04:20:35 -0400
Subject: [PATCH] Rename src/auth -> src/handshake

---
 src/client.js                                        |  8 ++++----
 src/{auth => handshake}/constants.js                 |  0
 src/{auth/encryption.js => handshake/keyExchange.js} | 12 +++++++-----
 src/{auth => handshake}/login.js                     |  0
 src/{auth => handshake}/loginVerify.js               |  0
 src/serverPlayer.js                                  |  8 ++++----
 6 files changed, 15 insertions(+), 13 deletions(-)
 rename src/{auth => handshake}/constants.js (100%)
 rename src/{auth/encryption.js => handshake/keyExchange.js} (92%)
 rename src/{auth => handshake}/login.js (100%)
 rename src/{auth => handshake}/loginVerify.js (100%)

diff --git a/src/client.js b/src/client.js
index 68f247c..68c8886 100644
--- a/src/client.js
+++ b/src/client.js
@@ -7,9 +7,9 @@ const debug = require('debug')('minecraft-protocol')
 const Options = require('./options')
 const auth = require('./client/auth')
 
-const { Encrypt } = require('./auth/encryption')
-const Login = require('./auth/login')
-const LoginVerify = require('./auth/loginVerify')
+const { KeyExchange } = require('./handshake/keyExchange')
+const Login = require('./handshake/login')
+const LoginVerify = require('./handshake/loginVerify')
 
 const debugging = false
 
@@ -25,7 +25,7 @@ class Client extends Connection {
     this.serializer = createSerializer(this.options.version)
     this.deserializer = createDeserializer(this.options.version)
 
-    Encrypt(this, null, this.options)
+    KeyExchange(this, null, this.options)
     Login(this, null, this.options)
     LoginVerify(this, null, this.options)
 
diff --git a/src/auth/constants.js b/src/handshake/constants.js
similarity index 100%
rename from src/auth/constants.js
rename to src/handshake/constants.js
diff --git a/src/auth/encryption.js b/src/handshake/keyExchange.js
similarity index 92%
rename from src/auth/encryption.js
rename to src/handshake/keyExchange.js
index 2656a99..e4dfe54 100644
--- a/src/auth/encryption.js
+++ b/src/handshake/keyExchange.js
@@ -8,7 +8,8 @@ const curve = 'secp384r1'
 const pem = { format: 'pem', type: 'sec1' }
 const der = { format: 'der', type: 'spki' }
 
-function Encrypt (client, server, options) {
+function KeyExchange (client, server, options) {
+  // Generate a key pair at program start up
   client.ecdhKeyPair = crypto.generateKeyPairSync('ec', { namedCurve: curve })
   client.publicKeyDER = client.ecdhKeyPair.publicKey.export(der)
   client.privateKeyPEM = client.ecdhKeyPair.privateKey.export(pem)
@@ -31,10 +32,9 @@ function Encrypt (client, server, options) {
     const secretHash = crypto.createHash('sha256')
     secretHash.update(SALT)
     secretHash.update(client.sharedSecret)
-    // console.log('[encrypt] Shared secret', client.sharedSecret)
 
     client.secretKeyBytes = secretHash.digest()
-    // console.log('[encrypt] Shared hash', client.secretKeyBytes)
+
     const token = JWT.sign({
       salt: toBase64(SALT),
       signedToken: client.clientX509
@@ -56,13 +56,14 @@ function Encrypt (client, server, options) {
       throw Error('Server did not return a valid JWT, cannot start encryption!')
     }
 
-    // TODO: Should we do some JWT signature validation here? Seems pointless
+    // No verification here, not needed
 
     const [header, payload] = jwt.split('.').map(k => Buffer.from(k, 'base64'))
     const head = JSON.parse(String(header))
     const body = JSON.parse(String(payload))
 
     const pubKeyDer = crypto.createPublicKey({ key: Buffer.from(head.x5u, 'base64'), ...der })
+
     // Shared secret from the client's public key + our private key
     client.sharedSecret = crypto.diffieHellman({ privateKey: client.ecdhKeyPair.privateKey, publicKey: pubKeyDer })
 
@@ -76,6 +77,7 @@ function Encrypt (client, server, options) {
     client.startEncryption(iv)
 
     // It works! First encrypted packet :)
+
     client.write('client_to_server_handshake', {})
     this.emit('join')
     client.status = ClientStatus.Initializing
@@ -89,4 +91,4 @@ function toBase64 (string) {
   return Buffer.from(string).toString('base64')
 }
 
-module.exports = { Encrypt }
+module.exports = { KeyExchange }
diff --git a/src/auth/login.js b/src/handshake/login.js
similarity index 100%
rename from src/auth/login.js
rename to src/handshake/login.js
diff --git a/src/auth/loginVerify.js b/src/handshake/loginVerify.js
similarity index 100%
rename from src/auth/loginVerify.js
rename to src/handshake/loginVerify.js
diff --git a/src/serverPlayer.js b/src/serverPlayer.js
index 9005cef..7335d6d 100644
--- a/src/serverPlayer.js
+++ b/src/serverPlayer.js
@@ -3,9 +3,9 @@ const fs = require('fs')
 const Options = require('./options')
 const debug = require('debug')('minecraft-protocol')
 
-const { Encrypt } = require('./auth/encryption')
-const Login = require('./auth/login')
-const LoginVerify = require('./auth/loginVerify')
+const { KeyExchange } = require('./handshake/keyExchange')
+const Login = require('./handshake/login')
+const LoginVerify = require('./handshake/loginVerify')
 
 class Player extends Connection {
   constructor (server, connection) {
@@ -16,7 +16,7 @@ class Player extends Connection {
     this.connection = connection
     this.options = server.options
 
-    Encrypt(this, server, server.options)
+    KeyExchange(this, server, server.options)
     Login(this, server, server.options)
     LoginVerify(this, server, server.options)