From b2636161f73409d496de3f5ce69a4cca71115203 Mon Sep 17 00:00:00 2001
From: "Dylan K. Taylor" <odigiman@gmail.com>
Date: Thu, 23 Apr 2020 16:27:49 +0100
Subject: [PATCH] PrepareEncryptionTask: move a bunch of stuff out of the
 AsyncTask class

---
 .../mcpe/encryption/EncryptionUtils.php       | 71 +++++++++++++++++++
 .../mcpe/encryption/PrepareEncryptionTask.php | 33 ++-------
 2 files changed, 75 insertions(+), 29 deletions(-)
 create mode 100644 src/network/mcpe/encryption/EncryptionUtils.php

diff --git a/src/network/mcpe/encryption/EncryptionUtils.php b/src/network/mcpe/encryption/EncryptionUtils.php
new file mode 100644
index 0000000000..ad09457bbf
--- /dev/null
+++ b/src/network/mcpe/encryption/EncryptionUtils.php
@@ -0,0 +1,71 @@
+<?php
+
+/*
+ *
+ *  ____            _        _   __  __ _                  __  __ ____
+ * |  _ \ ___   ___| | _____| |_|  \/  (_)_ __   ___      |  \/  |  _ \
+ * | |_) / _ \ / __| |/ / _ \ __| |\/| | | '_ \ / _ \_____| |\/| | |_) |
+ * |  __/ (_) | (__|   <  __/ |_| |  | | | | | |  __/_____| |  | |  __/
+ * |_|   \___/ \___|_|\_\___|\__|_|  |_|_|_| |_|\___|     |_|  |_|_|
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * @author PocketMine Team
+ * @link http://www.pocketmine.net/
+ *
+ *
+*/
+
+declare(strict_types=1);
+
+namespace pocketmine\network\mcpe\encryption;
+
+use Mdanter\Ecc\Crypto\Key\PrivateKeyInterface;
+use Mdanter\Ecc\Crypto\Key\PublicKeyInterface;
+use Mdanter\Ecc\Serializer\PrivateKey\DerPrivateKeySerializer;
+use Mdanter\Ecc\Serializer\PrivateKey\PemPrivateKeySerializer;
+use Mdanter\Ecc\Serializer\PublicKey\DerPublicKeySerializer;
+use Mdanter\Ecc\Serializer\Signature\DerSignatureSerializer;
+
+final class EncryptionUtils{
+
+	private function __construct(){
+		//NOOP
+	}
+
+	private static function b64UrlEncode(string $str) : string{
+		return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');
+	}
+
+	public static function generateSharedSecret(PrivateKeyInterface $localPriv, PublicKeyInterface $remotePub) : \GMP{
+		return $localPriv->createExchange($remotePub)->calculateSharedKey();
+	}
+
+	public static function generateKey(\GMP $secret, string $salt) : string{
+		return openssl_digest($salt . hex2bin(str_pad(gmp_strval($secret, 16), 96, "0", STR_PAD_LEFT)), 'sha256', true);
+	}
+
+	public static function generateServerHandshakeJwt(PrivateKeyInterface $serverPriv, string $salt) : string{
+		$jwtBody = self::b64UrlEncode(json_encode([
+					"x5u" => base64_encode((new DerPublicKeySerializer())->serialize($serverPriv->getPublicKey())),
+					"alg" => "ES384"
+				])
+			) . "." . self::b64UrlEncode(json_encode([
+					"salt" => base64_encode($salt)
+				])
+			);
+
+		openssl_sign($jwtBody, $sig, (new PemPrivateKeySerializer(new DerPrivateKeySerializer()))->serialize($serverPriv), OPENSSL_ALGO_SHA384);
+
+		$decodedSig = (new DerSignatureSerializer())->parse($sig);
+		$jwtSig = self::b64UrlEncode(
+			hex2bin(str_pad(gmp_strval($decodedSig->getR(), 16), 96, "0", STR_PAD_LEFT)) .
+			hex2bin(str_pad(gmp_strval($decodedSig->getS(), 16), 96, "0", STR_PAD_LEFT))
+		);
+
+		return "$jwtBody.$jwtSig";
+	}
+}
\ No newline at end of file
diff --git a/src/network/mcpe/encryption/PrepareEncryptionTask.php b/src/network/mcpe/encryption/PrepareEncryptionTask.php
index e36fc6afdf..65314b3b24 100644
--- a/src/network/mcpe/encryption/PrepareEncryptionTask.php
+++ b/src/network/mcpe/encryption/PrepareEncryptionTask.php
@@ -82,36 +82,11 @@ class PrepareEncryptionTask extends AsyncTask{
 
 	public function onRun() : void{
 		$serverPriv = $this->serverPrivateKey;
+		$sharedSecret = EncryptionUtils::generateSharedSecret($serverPriv, $this->clientPub);
+
 		$salt = random_bytes(16);
-		$sharedSecret = $serverPriv->createExchange($this->clientPub)->calculateSharedKey();
-
-		$this->aesKey = openssl_digest($salt . hex2bin(str_pad(gmp_strval($sharedSecret, 16), 96, "0", STR_PAD_LEFT)), 'sha256', true);
-		$this->handshakeJwt = $this->generateServerHandshakeJwt($serverPriv, $salt);
-	}
-
-	private function generateServerHandshakeJwt(PrivateKeyInterface $serverPriv, string $salt) : string{
-		$jwtBody = self::b64UrlEncode(json_encode([
-				"x5u" => base64_encode((new DerPublicKeySerializer())->serialize($serverPriv->getPublicKey())),
-				"alg" => "ES384"
-			])
-		) . "." . self::b64UrlEncode(json_encode([
-				"salt" => base64_encode($salt)
-			])
-		);
-
-		openssl_sign($jwtBody, $sig, (new PemPrivateKeySerializer(new DerPrivateKeySerializer()))->serialize($serverPriv), OPENSSL_ALGO_SHA384);
-
-		$decodedSig = (new DerSignatureSerializer())->parse($sig);
-		$jwtSig = self::b64UrlEncode(
-			hex2bin(str_pad(gmp_strval($decodedSig->getR(), 16), 96, "0", STR_PAD_LEFT)) .
-			hex2bin(str_pad(gmp_strval($decodedSig->getS(), 16), 96, "0", STR_PAD_LEFT))
-		);
-
-		return "$jwtBody.$jwtSig";
-	}
-
-	private static function b64UrlEncode(string $str) : string{
-		return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');
+		$this->aesKey = EncryptionUtils::generateKey($sharedSecret, $salt);
+		$this->handshakeJwt = EncryptionUtils::generateServerHandshakeJwt($serverPriv, $salt);
 	}
 
 	public function onCompletion() : void{