mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-07-04 09:10:00 +00:00
Code Issues Projects Releases Wiki Activity

Fixed trying to get pubkey that doesn't exist in VerifyLoginTask

Browse Source 
bug was exposed by previous commit
This commit is contained in:
Dylan K. Taylor 2017-09-28 18:14:53 +01:00
parent 7ba193dc2e
commit 86b76bfcab
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/pocketmine/network/mcpe/VerifyLoginTask.php
View File

@ -59,11 +59,13 @@ class VerifyLoginTask extends AsyncTask{
$packet = $this->packet; //Get it in a local variable to make sure it stays unserialized $packet = $this->packet; //Get it in a local variable to make sure it stays unserialized
$currentKey = null; $currentKey = null;
$first = true;
foreach($packet->chainData["chain"] as $jwt){ foreach($packet->chainData["chain"] as $jwt){
if(!$this->validateToken($jwt, $currentKey)){ if(!$this->validateToken($jwt, $currentKey, $first)){
return; return;
} }
$first = false;
} }
if(!$this->validateToken($packet->clientDataJwt, $currentKey)){ if(!$this->validateToken($packet->clientDataJwt, $currentKey)){
@ -73,12 +75,17 @@ class VerifyLoginTask extends AsyncTask{
$this->valid = true; $this->valid = true;
} }
private function validateToken(string $jwt, ?string &$currentPublicKey) : bool{ private function validateToken(string $jwt, ?string &$currentPublicKey, bool $first = false) : bool{
[$headB64, $payloadB64, $sigB64] = explode('.', $jwt); [$headB64, $payloadB64, $sigB64] = explode('.', $jwt);
$headers = json_decode(base64_decode(strtr($headB64, '-_', '+/'), true), true); $headers = json_decode(base64_decode(strtr($headB64, '-_', '+/'), true), true);
if($currentPublicKey === null){ //First link, check that it is self-signed if($currentPublicKey === null){
if(!$first){
return false; //we should have a key but the last link didn't have one
}
//First link, check that it is self-signed
$currentPublicKey = $headers["x5u"]; $currentPublicKey = $headers["x5u"];
} }
@ -125,7 +132,7 @@ class VerifyLoginTask extends AsyncTask{
return false; //token has expired return false; //token has expired
} }
$currentPublicKey = $claims["identityPublicKey"]; //the next link should be signed with this $currentPublicKey = $claims["identityPublicKey"] ?? null; //if there are further links, the next link should be signed with this
return true; return true;
} }