Merge branch 'legacy/pm4' into stable

composer.json

@@ -33,7 +33,7 @@
       "composer-runtime-api": "^2.0",
       "adhocore/json-comment": "~1.2.0",
       "fgrosse/phpasn1": "~2.5.0",
-      "pocketmine/netresearch-jsonmapper": "~v4.2.999",
+      "pocketmine/netresearch-jsonmapper": "~v4.2.1000",
       "pocketmine/bedrock-block-upgrade-schema": "~3.1.0+bedrock-1.20.10",
       "pocketmine/bedrock-data": "~2.4.0+bedrock-1.20.10",
       "pocketmine/bedrock-item-upgrade-schema": "~1.4.0+bedrock-1.20.10",

src/network/mcpe/JwtUtils.php

@@ -61,6 +61,7 @@
 use const STR_PAD_LEFT;
 
 final class JwtUtils{
+	public const BEDROCK_SIGNING_KEY_CURVE_NAME = "secp384r1";
 
 	/**
 	 * @return string[]
@@ -203,6 +204,17 @@ public static function parseDerPublicKey(string $derKey) : \OpenSSLAsymmetricKey
 		if($signingKeyOpenSSL === false){
 			throw new JwtException("OpenSSL failed to parse key: " . openssl_error_string());
 		}
+		$details = openssl_pkey_get_details($signingKeyOpenSSL);
+		if($details === false){
+			throw new JwtException("OpenSSL failed to get details from key: " . openssl_error_string());
+		}
+		if(!isset($details['ec']['curve_name'])){
+			throw new JwtException("Expected an EC key");
+		}
+		$curve = $details['ec']['curve_name'];
+		if($curve !== self::BEDROCK_SIGNING_KEY_CURVE_NAME){
+			throw new JwtException("Key must belong to curve " . self::BEDROCK_SIGNING_KEY_CURVE_NAME . ", got $curve");
+		}
 		return $signingKeyOpenSSL;
 	}
 }

src/network/mcpe/auth/ProcessLoginTask.php

@@ -34,7 +34,6 @@
 use function base64_decode;
 use function igbinary_serialize;
 use function igbinary_unserialize;
-use function openssl_error_string;
 use function time;
 
 class ProcessLoginTask extends AsyncTask{
@@ -164,7 +163,8 @@ private function validateToken(string $jwt, ?string &$currentPublicKey, bool $fi
 		try{
 			$signingKeyOpenSSL = JwtUtils::parseDerPublicKey($headerDerKey);
 		}catch(JwtException $e){
-			throw new VerifyLoginException("Invalid JWT public key: " . openssl_error_string());
+			//TODO: we shouldn't be showing this internal information to the client
+			throw new VerifyLoginException("Invalid JWT public key: " . $e->getMessage(), null, 0, $e);
 		}
 		try{
 			if(!JwtUtils::verify($jwt, $signingKeyOpenSSL)){
@@ -204,6 +204,12 @@ private function validateToken(string $jwt, ?string &$currentPublicKey, bool $fi
 			if($identityPublicKey === false){
 				throw new VerifyLoginException("Invalid identityPublicKey: base64 error decoding");
 			}
+			try{
+				//verify key format and parameters
+				JwtUtils::parseDerPublicKey($identityPublicKey);
+			}catch(JwtException $e){
+				throw new VerifyLoginException("Invalid identityPublicKey: " . $e->getMessage(), null, 0, $e);
+			}
 			$currentPublicKey = $identityPublicKey; //if there are further links, the next link should be signed with this
 		}
 	}

src/network/mcpe/encryption/EncryptionUtils.php

@@ -33,6 +33,7 @@
 use function openssl_digest;
 use function openssl_error_string;
 use function openssl_pkey_derive;
+use function openssl_pkey_get_details;
 use function str_pad;
 use const STR_PAD_LEFT;
 
@@ -42,7 +43,20 @@ private function __construct(){
 		//NOOP
 	}
 
+	private static function validateKey(\OpenSSLAsymmetricKey $key) : void{
+		$keyDetails = Utils::assumeNotFalse(openssl_pkey_get_details($key));
+		if(!isset($keyDetails["ec"]["curve_name"])){
+			throw new \InvalidArgumentException("Key must be an EC key");
+		}
+		$curveName = $keyDetails["ec"]["curve_name"];
+		if($curveName !== JwtUtils::BEDROCK_SIGNING_KEY_CURVE_NAME){
+			throw new \InvalidArgumentException("Key must belong to the " . JwtUtils::BEDROCK_SIGNING_KEY_CURVE_NAME . " elliptic curve, got $curveName");
+		}
+	}
+
 	public static function generateSharedSecret(\OpenSSLAsymmetricKey $localPriv, \OpenSSLAsymmetricKey $remotePub) : \GMP{
+		self::validateKey($localPriv);
+		self::validateKey($remotePub);
 		$hexSecret = openssl_pkey_derive($remotePub, $localPriv, 48);
 		if($hexSecret === false){
 			throw new \InvalidArgumentException("Failed to derive shared secret: " . openssl_error_string());