Work on support for 1.19 signed Login Start.

Author: retrixe

index.js

@@ -11,6 +11,7 @@ import { name as appName } from './app.json'
 global.Buffer = require('buffer').Buffer
 // global.process = require('process');
 global.process.env.NODE_ENV = __DEV__ ? 'development' : 'production'
+if (typeof BigInt === 'undefined') global.BigInt = require('big-integer')
 
 // Needed so that 'stream-http' chooses the right default protocol.
 global.location = {

package-lock.json

@@ -19,6 +19,7 @@
     "@react-navigation/native": "^6.0.2",
     "@react-navigation/native-stack": "^6.1.0",
     "assert": "^2.0.0",
+    "big-integer": "^1.6.51",
     "browserify-zlib": "^0.2.0",
     "buffer": "^6.0.3",
     "events": "^3.3.0",

package.json

@@ -0,0 +1,33 @@
+const joinMinecraftSessionUrl =
+  'https://sessionserver.mojang.com/session/minecraft/join'
+const getPlayerCertificatesUrl =
+  'https://api.minecraftservices.com/player/certificates'
+
+export interface Certificate {
+  keyPair: {
+    // -----BEGIN RSA PUBLIC KEY-----\n ... \n-----END RSA PUBLIC KEY-----\n
+    publicKey: string
+    // -----BEGIN RSA PRIVATE KEY-----\n ... \n-----END RSA PRIVATE KEY-----\n
+    privateKey: string
+  }
+  publicKeySignature: string // [Base64 string; signed data]
+  refreshedAfter: string // 2022-04-29T16:11:32.174783069Z
+  expiresAt: string // 2022-04-30T00:11:32.174783069Z
+}
+
+export const joinMinecraftSession = async (
+  accessToken: string,
+  selectedProfile: string,
+  serverId: string
+) =>
+  await fetch(joinMinecraftSessionUrl, {
+    body: JSON.stringify({ accessToken, selectedProfile, serverId }),
+    headers: { 'content-type': 'application/json' },
+    method: 'POST'
+  })
+
+export const getPlayerCertificates = async (accessToken: string) =>
+  await fetch(getPlayerCertificatesUrl, {
+    headers: { Authorization: 'Bearer ' + accessToken },
+    method: 'POST'
+  })

src/minecraft/authentication/microsoft.ts renamed to src/minecraft/api/microsoft.ts

@@ -15,6 +15,7 @@ import {
   makeBaseCompressedPacket,
   makeBasePacket,
   Packet,
+  PacketDataTypes,
   parseCompressedPacket,
   parsePacket
 } from './packet'
@@ -24,9 +25,9 @@ import {
   resolveHostname,
   generateSharedSecret,
   mcHexDigest,
-  authUrl,
   protocolMap
 } from './utils'
+import { Certificate, joinMinecraftSession } from './api/mojang'
 
 export interface ConnectionOptions {
   host: string
@@ -35,6 +36,7 @@ export interface ConnectionOptions {
   protocolVersion: number
   selectedProfile?: string
   accessToken?: string
+  certificate?: Certificate
 }
 
 export declare interface ServerConnection {
@@ -92,6 +94,33 @@ export class ServerConnection extends events.EventEmitter {
   }
 }
 
+const getLoginPacket = (opts: ConnectionOptions) => {
+  const data: PacketDataTypes[] = [opts.username]
+  if (opts.protocolVersion >= protocolMap[1.19]) {
+    data.push(!!opts.certificate)
+    // TODO-1.19: Test if chat signing keys work.
+    if (opts.certificate) {
+      let buf = Buffer.alloc(8)
+      buf.writeBigInt64BE(
+        BigInt(new Date(opts.certificate.expiresAt).getTime())
+      )
+      data.push(buf)
+      const pkData = opts.certificate.keyPair.publicKey
+        .split('\n')
+        .filter(line => !line.startsWith('-----'))
+        .join('')
+        .trim()
+      buf = Buffer.from(pkData, 'base64')
+      data.push(writeVarInt(buf.byteLength))
+      data.push(buf)
+      buf = Buffer.from(opts.certificate.publicKeySignature, 'base64')
+      data.push(writeVarInt(buf.byteLength))
+      data.push(buf)
+    }
+  }
+  return concatPacketData(data)
+}
+
 const initiateConnection = async (opts: ConnectionOptions) => {
   const [host, port] = await resolveHostname(opts.host, opts.port)
   return await new Promise<ServerConnection>((resolve, reject) => {
@@ -112,20 +141,10 @@ const initiateConnection = async (opts: ConnectionOptions) => {
       // Initialise Handshake with server.
       socket.write(makeBasePacket(0x00, concatPacketData(handshakeData)), () =>
         // Send Login Start packet.
-        socket.write(
-          makeBasePacket(
-            0x00,
-            concatPacketData(
-              opts.protocolVersion < protocolMap[1.19]
-                ? [opts.username]
-                : [opts.username, false] // TODO-1.19: Support chat signing keys.
-            )
-          ),
-          () => {
-            resolved = true
-            resolve(conn)
-          }
-        )
+        socket.write(makeBasePacket(0x00, getLoginPacket(opts)), () => {
+          resolved = true
+          resolve(conn)
+        })
       )
     })
     socket.on('close', () => {
@@ -197,16 +216,11 @@ const initiateConnection = async (opts: ConnectionOptions) => {
                   sha1.update(publicKey) // Server's encoded public key from Encryption Request
                   const hash = mcHexDigest(sha1.digest())
                   // Send hash to Mojang servers.
-                  const body = JSON.stringify({
-                    accessToken,
-                    selectedProfile,
-                    serverId: hash
-                  })
-                  const req = await fetch(authUrl, {
-                    headers: { 'content-type': 'application/json' },
-                    method: 'POST',
-                    body
-                  })
+                  const req = await joinMinecraftSession(
+                    accessToken as string,
+                    selectedProfile as string,
+                    hash
+                  )
                   if (!req.ok) {
                     throw new Error('Mojang online mode network request failed')
                   }

src/minecraft/api/mojang.ts

@@ -61,9 +61,6 @@ export const resolveHostname = async (
   } else return [hostname, port]
 }
 
-// Online-mode cryptography utilities.
-export const authUrl = 'https://sessionserver.mojang.com/session/minecraft/join'
-
 export const generateSharedSecret = async () =>
   await new Promise<Buffer>((resolve, reject) => {
     randomBytes(16, (err, buf) => {

src/minecraft/authentication/yggdrasil.ts renamed to src/minecraft/api/yggdrasil.ts

@@ -9,7 +9,7 @@ import Dialog, { dialogStyles } from '../../components/Dialog'
 import useDarkMode from '../../context/useDarkMode'
 import UsersContext from '../../context/accountsContext'
 import ElevatedView from '../../components/ElevatedView'
-import { invalidate } from '../../minecraft/authentication/yggdrasil'
+import { invalidate } from '../../minecraft/api/yggdrasil'
 
 // LOW-TODO: Reload to update account info for online mode using /refresh.
 // Also, to reload all the skin images?

src/minecraft/connection.ts

@@ -8,7 +8,7 @@ import Dialog, { dialogStyles } from '../../components/Dialog'
 import TextField from '../../components/TextField'
 import useDarkMode from '../../context/useDarkMode'
 import UsersContext from '../../context/accountsContext'
-import { authenticate } from '../../minecraft/authentication/yggdrasil'
+import { authenticate } from '../../minecraft/api/yggdrasil'
 
 const AddAccountDialog = ({
   open,

src/minecraft/utils.ts

@@ -13,7 +13,7 @@ import {
   getXstsTokenAndUserHash,
   authenticateWithXsts,
   getGameProfile
-} from '../../minecraft/authentication/microsoft'
+} from '../../minecraft/api/microsoft'
 
 const MicrosoftLogin = ({ close }: { close: () => void }) => {
   const darkMode = useDarkMode()

src/screens/accounts/AccountScreen.tsx

@@ -2517,6 +2517,11 @@
   dependencies:
     "tweetnacl" "^0.14.3"
 
+"big-integer@^1.6.51":
+  "integrity" "sha512-GPEid2Y9QU1Exl1rpO9B2IPJGHPSupF5GnVIP0blYvNOMer2bTvSWs1jGOUg04hTmu67nmLsQ9TBo1puaotBHg=="
+  "resolved" "https://registry.npmjs.org/big-integer/-/big-integer-1.6.51.tgz"
+  "version" "1.6.51"
+
 "bl@^4.1.0":
   "integrity" "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w=="
   "resolved" "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz"