feat: upgrade stream cipher from XOR to AES-128-CTR

Replace the XOR obfuscation cipher with AES-128-CTR using the Windows BCrypt API. Key material grows from 16 to 32 bytes (16 AES key + 16 IV). All callers auto-adjust via StreamCipher::KEY_SIZE. No handshake or protocol changes needed beyond the larger MC|CKey payload.
2026-05-28 23:04:59 +00:00 · 2026-03-28 20:10:35 -05:00
parent 1036c360dc
commit 245da783b3
6 changed files with 211 additions and 59 deletions
--- a/Minecraft.Server/Security/IdentityTokenManager.cpp
+++ b/Minecraft.Server/Security/IdentityTokenManager.cpp
@@ -1,6 +1,9 @@
 #include "stdafx.h"
 #include "IdentityTokenManager.h"
-#include "StreamCipher.h"
+
+#ifdef _WINDOWS64
+#include <bcrypt.h>
+#endif

 #include "..\Common\FileUtils.h"
 #include "..\Common\StringUtils.h"
@@ -136,15 +139,20 @@ namespace ServerRuntime

 		bool IdentityTokenManager::IssueToken(PlayerUID xuid, uint8_t outToken[TOKEN_SIZE])
 		{
-			// Generate a random 32-byte token using two 16-byte CryptGenRandom calls
+			// Generate a random 32-byte identity token
 			uint8_t token[TOKEN_SIZE];
-			bool ok1 = StreamCipher::GenerateKey(token);
-			bool ok2 = StreamCipher::GenerateKey(token + StreamCipher::KEY_SIZE);
-			if (!ok1 || !ok2)
+#ifdef _WINDOWS64
+			NTSTATUS status = BCryptGenRandom(nullptr, token, TOKEN_SIZE,
+				BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+			if (!BCRYPT_SUCCESS(status))
 			{
 				SecureZeroMemory(token, sizeof(token));
 				return false;
 			}
+#else
+			for (int i = 0; i < TOKEN_SIZE; ++i)
+				token[i] = static_cast<uint8_t>(rand() & 0xFF);
+#endif

 			EnterCriticalSection(&m_lock);
 			m_tokens[xuid] = std::vector<uint8_t>(token, token + TOKEN_SIZE);