kai1846456/RediSkript
1
0
Fork 0
forked from Limework/RediSkript
Code Pull Requests Activity

Highly improve encryption security

Browse Source
This commit is contained in:
Govindas 2020-06-08 16:53:23 +03:00
parent 2e33fe4779
commit 2482e67bca
10 changed files with 87 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.idea/artifacts/SkLimework_jar.xml
View File

@ -7,6 +7,7 @@
<element id="extracted-dir" path="$MAVEN_REPOSITORY$/org/slf4j/slf4j-api/1.7.25/slf4j-api-1.7.25.jar" path-in-jar="/" /> <element id="extracted-dir" path="$MAVEN_REPOSITORY$/org/slf4j/slf4j-api/1.7.25/slf4j-api-1.7.25.jar" path-in-jar="/" />
<element id="extracted-dir" path="$MAVEN_REPOSITORY$/org/apache/commons/commons-pool2/2.6.2/commons-pool2-2.6.2.jar" path-in-jar="/" /> <element id="extracted-dir" path="$MAVEN_REPOSITORY$/org/apache/commons/commons-pool2/2.6.2/commons-pool2-2.6.2.jar" path-in-jar="/" />
<element id="extracted-dir" path="$MAVEN_REPOSITORY$/org/json/json/20190722/json-20190722.jar" path-in-jar="/" /> <element id="extracted-dir" path="$MAVEN_REPOSITORY$/org/json/json/20190722/json-20190722.jar" path-in-jar="/" />
<element id="extracted-dir" path="$MAVEN_REPOSITORY$/org/cryptomator/siv-mode/1.4.0/siv-mode-1.4.0.jar" path-in-jar="/" />
<element id="directory" name="sourcecode"> <element id="directory" name="sourcecode">
<element id="module-source" name="SkLimework" /> <element id="module-source" name="SkLimework" />
</element> </element>

7
.idea/dictionaries/Govindas.xml Normal file
View File

@ -0,0 +1,7 @@
<component name="ProjectDictionaryState">
<dictionary name="Govindas">
<words>
<w>jedis</w>
</words>
</dictionary>
</component>

23
.idea/workspace.xml
View File

@ -7,9 +7,16 @@
</component> </component>
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="61139119-6327-48a6-9183-0df6346ed8d8" name="Default Changelist" comment=""> <list default="true" id="61139119-6327-48a6-9183-0df6346ed8d8" name="Default Changelist" comment="">
<change afterPath="$PROJECT_DIR$/.idea/dictionaries/Govindas.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/.idea/artifacts/SkLimework_jar.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/artifacts/SkLimework_jar.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" /> <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/SkLimework.jar" beforeDir="false" afterPath="$PROJECT_DIR$/SkLimework.jar" afterDir="false" /> <change beforePath="$PROJECT_DIR$/SkLimework.jar" beforeDir="false" afterPath="$PROJECT_DIR$/SkLimework.jar" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pom.xml" beforeDir="false" afterPath="$PROJECT_DIR$/pom.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/AddonPlugin.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/AddonPlugin.java" afterDir="false" /> <change beforePath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/AddonPlugin.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/AddonPlugin.java" afterDir="false" />
<change beforePath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/Events/RedisSub.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/Events/RedisSub.java" afterDir="false" />
<change beforePath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/Events/onRedisMessage.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/Events/onRedisMessage.java" afterDir="false" />
<change beforePath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/elements/EffSendMessage.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/net/limework/skLimework/elements/EffSendMessage.java" afterDir="false" />
<change beforePath="$PROJECT_DIR$/src/main/resources/config.yml" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/resources/config.yml" afterDir="false" />
</list> </list>
<option name="SHOW_DIALOG" value="false" /> <option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" /> <option name="HIGHLIGHT_CONFLICTS" value="true" />
@ -105,10 +112,22 @@
</option> </option>
</component> </component>
<component name="WindowStateProjectService"> <component name="WindowStateProjectService">
<state x="163" y="0" key="SettingsEditor" timestamp="1590579862132"> <state x="488" y="73" key="#com.intellij.ide.util.MemberChooser" timestamp="1591617069198">
<screen x="0" y="0" width="1366" height="728" /> <screen x="0" y="0" width="1366" height="728" />
</state> </state>
<state x="163" y="0" key="SettingsEditor/0.0.1366.728@0.0.1366.728" timestamp="1590579862132" /> <state x="488" y="73" key="#com.intellij.ide.util.MemberChooser/0.0.1366.728@0.0.1366.728" timestamp="1591617069198" />
<state x="413" y="118" key="#com.intellij.util.ui.classpath.ChooseLibrariesDialog" timestamp="1591616099905">
<screen x="0" y="0" width="1366" height="728" />
</state>
<state x="413" y="118" key="#com.intellij.util.ui.classpath.ChooseLibrariesDialog/0.0.1366.728@0.0.1366.728" timestamp="1591616099905" />
<state x="355" y="237" key="FileChooserDialogImpl" timestamp="1591616084452">
<screen x="0" y="0" width="1366" height="728" />
</state>
<state x="355" y="237" key="FileChooserDialogImpl/0.0.1366.728@0.0.1366.728" timestamp="1591616084452" />
<state x="163" y="0" key="SettingsEditor" timestamp="1591616503146">
<screen x="0" y="0" width="1366" height="728" />
</state>
<state x="163" y="0" key="SettingsEditor/0.0.1366.728@0.0.1366.728" timestamp="1591616503146" />
<state x="346" y="49" width="672" height="678" key="search.everywhere.popup" timestamp="1590580687500"> <state x="346" y="49" width="672" height="678" key="search.everywhere.popup" timestamp="1590580687500">
<screen x="0" y="0" width="1366" height="728" /> <screen x="0" y="0" width="1366" height="728" />
</state> </state>

BIN
SkLimework.jar
View File

Binary file not shown.

5
pom.xml
View File

@ -87,5 +87,10 @@
<artifactId>json</artifactId> <artifactId>json</artifactId>
<version>20190722</version> <version>20190722</version>
</dependency> </dependency>
<dependency>
<groupId>org.cryptomator</groupId>
<artifactId>siv-mode</artifactId>
<version>1.4.0</version>
</dependency>
</dependencies> </dependencies>
</project> </project>

70
src/main/java/net/limework/skLimework/AddonPlugin.java
View File

@ -13,6 +13,8 @@ import net.limework.skLimework.elements.ExprMessage;
import org.bukkit.Bukkit; import org.bukkit.Bukkit;
import org.bukkit.configuration.file.FileConfiguration; import org.bukkit.configuration.file.FileConfiguration;
import org.bukkit.plugin.java.JavaPlugin; import org.bukkit.plugin.java.JavaPlugin;
import org.cryptomator.siv.SivMode;
import org.cryptomator.siv.UnauthenticCiphertextException;
import redis.clients.jedis.JedisPool; import redis.clients.jedis.JedisPool;
import redis.clients.jedis.JedisPoolConfig; import redis.clients.jedis.JedisPoolConfig;
@ -40,9 +42,10 @@ public class AddonPlugin extends JavaPlugin {
private JedisPool jedisPool; private JedisPool jedisPool;
private RedisSub redisSub; private RedisSub redisSub;
private ExecutorService service; private ExecutorService service;
private Cipher encryptionCipher;
private Cipher decryptionCipher;
private boolean encryptionEnabled; private boolean encryptionEnabled;
private String encryptionKey;
private String macKey;
private final SivMode AES_SIV = new SivMode();
@Override @Override
public void onEnable(){ public void onEnable(){
@ -52,47 +55,8 @@ public class AddonPlugin extends JavaPlugin {
encryptionEnabled = config.getBoolean("Redis.EncryptMessages"); encryptionEnabled = config.getBoolean("Redis.EncryptMessages");
if (encryptionEnabled) { if (encryptionEnabled) {
// AES-128 encryption // AES-128 encryption
String configKey = config.getString("Redis.EncryptionKey"); encryptionKey = config.getString("Redis.EncryptionKey");
byte[] key = null; macKey = config.getString("Redis.MacKey");
assert configKey != null;
key = configKey.getBytes(StandardCharsets.UTF_8);
MessageDigest sha = null;
try {
sha = MessageDigest.getInstance("SHA-1");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
assert sha != null;
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
SecretKeySpec encryptionKey = new SecretKeySpec(key, "AES");
encryptionCipher = null;
try {
encryptionCipher = Cipher.getInstance("AES/SIV/PKCS5Padding");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
}
try {
encryptionCipher.init(Cipher.ENCRYPT_MODE, encryptionKey);
} catch (InvalidKeyException e) {
e.printStackTrace();
}
decryptionCipher = null;
try {
decryptionCipher = Cipher.getInstance("AES/SIV/PKCS5Padding");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
}
try {
decryptionCipher.init(Cipher.DECRYPT_MODE, encryptionKey);
} catch (InvalidKeyException e) {
e.printStackTrace();
}
} }
addon = Skript.registerAddon(this); addon = Skript.registerAddon(this);
@ -157,23 +121,11 @@ public class AddonPlugin extends JavaPlugin {
public boolean isEncryptionEnabled() { return encryptionEnabled; } public boolean isEncryptionEnabled() { return encryptionEnabled; }
public String encrypt(String message) { public String decrypt(byte[] message) throws UnauthenticCiphertextException, IllegalBlockSizeException {
String encrypted = null; return new String(AES_SIV.decrypt(encryptionKey.getBytes(), macKey.getBytes(), message), StandardCharsets.UTF_8);
try {
encrypted = Base64.getEncoder().encodeToString(encryptionCipher.doFinal(message.getBytes(StandardCharsets.UTF_8)));
} catch (IllegalBlockSizeException | BadPaddingException e) {
e.printStackTrace();
}
return encrypted;
} }
public String decrypt(String message) { public byte[] encrypt(String message) {
String decrypted = null; return AES_SIV.encrypt(encryptionKey.getBytes(), macKey.getBytes(), message.getBytes());
try {
decrypted = new String(decryptionCipher.doFinal(Base64.getDecoder().decode(message)), StandardCharsets.UTF_8);
} catch (IllegalBlockSizeException | BadPaddingException e) {
e.printStackTrace();
}
return decrypted;
} }
} }

36
src/main/java/net/limework/skLimework/Events/RedisSub.java
View File

@ -3,31 +3,35 @@ package net.limework.skLimework.Events;
import net.limework.skLimework.AddonPlugin; import net.limework.skLimework.AddonPlugin;
import org.bukkit.Bukkit; import org.bukkit.Bukkit;
import org.bukkit.ChatColor; import org.bukkit.ChatColor;
import org.cryptomator.siv.UnauthenticCiphertextException;
import org.json.JSONObject; import org.json.JSONObject;
import redis.clients.jedis.Jedis; import redis.clients.jedis.BinaryJedis;
import redis.clients.jedis.JedisPubSub; import redis.clients.jedis.BinaryJedisPubSub;
import redis.clients.jedis.exceptions.JedisConnectionException; import redis.clients.jedis.exceptions.JedisConnectionException;
import javax.crypto.IllegalBlockSizeException;
import java.util.Collections;
import java.util.List; import java.util.List;
public class RedisSub extends JedisPubSub implements Runnable{ public class RedisSub extends BinaryJedisPubSub implements Runnable{
private AddonPlugin plugin; private AddonPlugin plugin;
private Jedis j; private BinaryJedis j;
private String[] channels;
private Boolean isShuttingDown = false; private Boolean isShuttingDown = false;
private List<String> channels;
public RedisSub(AddonPlugin plugin, Jedis j, List<String> channels) { public RedisSub(AddonPlugin plugin, BinaryJedis j, List<String> channels) {
this.plugin = plugin; this.plugin = plugin;
this.j = j; this.j = j;
this.channels = channels.toArray(new String[0]); this.channels = channels;
} }
@Override @Override
public void run(){ public void run(){
try{ try{
this.j.subscribe(this, channels); this.j.subscribe(this, channels.get(0).getBytes(), channels.get(1).getBytes(), channels.get(2).getBytes(), channels.get(3).getBytes(), channels.get(4).getBytes());
} catch (Exception je){ } catch (Exception je){
plugin.getLogger().warning("Lost connection to redis!"); plugin.getLogger().warning("Lost connection to redis!");
newJedis(); newJedis();
@ -56,11 +60,21 @@ public class RedisSub extends JedisPubSub implements Runnable{
@Override @Override
public void onMessage(String channel, String message) { public void onMessage(byte[] channel, byte[] message) {
AddonPlugin plugin = (AddonPlugin) Bukkit.getPluginManager().getPlugin("SKLimework");
String channelString = new String(channel);
try { try {
JSONObject json = new JSONObject(message); String decrypted = null;
try {
assert plugin != null;
decrypted = plugin.decrypt(message);
} catch (UnauthenticCiphertextException | IllegalBlockSizeException e) {
e.printStackTrace();
}
assert decrypted != null;
JSONObject j = new JSONObject(decrypted);
//System.out.println("Message got from channel: "+channel +" and the Message: " +json.toString()); //System.out.println("Message got from channel: "+channel +" and the Message: " +json.toString());
plugin.getServer().getPluginManager().callEvent(new onRedisMessage(channel, json.getString("Message"))); plugin.getServer().getPluginManager().callEvent(new onRedisMessage(channelString, j.getString("Message")));
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); e.printStackTrace();
Bukkit.getLogger().warning(ChatColor.translateAlternateColorCodes('&', "&2[&aGBot&a] &cI Got a Message that Was empty from channel "+ channel +" Please check your code that you used to send the message. ^ ignore the error.")); Bukkit.getLogger().warning(ChatColor.translateAlternateColorCodes('&', "&2[&aGBot&a] &cI Got a Message that Was empty from channel "+ channel +" Please check your code that you used to send the message. ^ ignore the error."));

4
src/main/java/net/limework/skLimework/Events/onRedisMessage.java
View File

@ -17,12 +17,8 @@ public class onRedisMessage extends Event {
this.channelName = channelName; this.channelName = channelName;
AddonPlugin instance = (AddonPlugin) Bukkit.getPluginManager().getPlugin("SKLimework"); AddonPlugin instance = (AddonPlugin) Bukkit.getPluginManager().getPlugin("SKLimework");
assert instance != null; assert instance != null;
if (instance.isEncryptionEnabled()) {
this.message = instance.decrypt(message);
} else {
this.message = message; this.message = message;
} }
}
@Override @Override

21
src/main/java/net/limework/skLimework/elements/EffSendMessage.java
View File

@ -11,9 +11,11 @@ import org.bukkit.Bukkit;
import org.bukkit.ChatColor; import org.bukkit.ChatColor;
import org.bukkit.event.Event; import org.bukkit.event.Event;
import org.json.JSONObject; import org.json.JSONObject;
import redis.clients.jedis.Jedis; import redis.clients.jedis.BinaryJedis;
import redis.clients.jedis.exceptions.JedisConnectionException; import redis.clients.jedis.exceptions.JedisConnectionException;
import java.nio.charset.StandardCharsets;
public class EffSendMessage extends Effect { public class EffSendMessage extends Effect {
//"hi" //"hi"
static { static {
@ -36,18 +38,19 @@ public class EffSendMessage extends Effect {
} }
assert plugin != null; assert plugin != null;
plugin.getJedisExecutionService().execute(() -> { plugin.getJedisExecutionService().execute(() -> {
Jedis j = plugin.getJedisPool().getResource(); BinaryJedis j = plugin.getJedisPool().getResource();
JSONObject json = new JSONObject(); JSONObject json = new JSONObject();
try {
if (plugin.isEncryptionEnabled()) {
json.put("Message", plugin.encrypt(message));
} else {
json.put("Message", message); json.put("Message", message);
}
json.put("Type", "Skript"); json.put("Type", "Skript");
j.publish(channel, json.toString()); json.put("Date", System.nanoTime()); //for unique string every time & PING calculations
byte[] msg;
if (plugin.isEncryptionEnabled()) {
msg = plugin.encrypt(json.toString());
} else {
msg = message.getBytes(StandardCharsets.UTF_8);
}
j.publish(channel.getBytes(), msg);
//System.out.println("SkriptSide sent MESSAGE: ["+ message + "] to channel: " + channel + " and json: \n" + json.toString()); //System.out.println("SkriptSide sent MESSAGE: ["+ message + "] to channel: " + channel + " and json: \n" + json.toString());
}catch (Exception e){e.printStackTrace();}
j.close(); j.close();
}); });

1
src/main/resources/config.yml
View File

@ -9,6 +9,7 @@ Redis:
#useful if SSL is disabled #useful if SSL is disabled
EncryptMessages: false EncryptMessages: false
EncryptionKey: "16CHARACTERS KEY" EncryptionKey: "16CHARACTERS KEY"
MacKey: "16CHARACTERS KEY"
Channels: Channels:
- "Channel1" - "Channel1"