我正尝试实现一个基于Yggdrasil的登录服务器,过程中在角色信息序列化中的signature签名这里遇到了一些麻烦,客户端总是提示Textures payload has been tampered with (signature invalid),且只能显示自己的皮肤,而无法看到其他人的。
由于我之前申请过证书,所以一开始我用的是证书内的公钥和私钥,但是总是出问题。参考
yggdrasil-mock后,我使用generator.initialize(4096, new SecureRandom()); keyPair = generator.generateKeyPair();就一切正常了。
查看日志,我认为问题大致出在密钥长度上。我的密钥长度是2048bits,获取API元数据时输出如下:
[DEBUG] Parsed metadata: APIMetadata [apiRoot=..., skinDomains=[...], decodedPublickey=Optional[Sun RSA public key, 2048 bits params: null modulus: ... public exponent: ...]
获取材质时报错如下:
[16:36:40] [Client thread/INFO]: [CHAT] <player> joined the game java.security.SignatureException: Signature length not correct: got 256 but was expecting 512 at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:211) at java.security.Signature$Delegate.engineVerify(Signature.java:1394) at java.security.Signature.verify(Signature.java:771) at com.mojang.authlib.properties.Property.isSignatureValid(Property.java:43) at moe.yushi.authlibinjector.transform.support.YggdrasilKeyTransformUnit.verifyPropertySignature(YggdrasilKeyTransformUnit.java:41) at com.mojang.authlib.yggdrasil.YggdrasilMinecraftSessionService.getTextures(YggdrasilMinecraftSessionService.java:129) at cvz.run(SourceFile:100) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)
表明需要512Byte而非256Byte。
我正尝试实现一个基于Yggdrasil的登录服务器,过程中在角色信息序列化中的signature签名这里遇到了一些麻烦,客户端总是提示
Textures payload has been tampered with (signature invalid)
,且只能显示自己的皮肤,而无法看到其他人的。由于我之前申请过证书,所以一开始我用的是证书内的公钥和私钥,但是总是出问题。参考 yggdrasil-mock后,我使用
generator.initialize(4096, new SecureRandom()); keyPair = generator.generateKeyPair();
就一切正常了。查看日志,我认为问题大致出在密钥长度上。我的密钥长度是2048bits,获取API元数据时输出如下:
[DEBUG] Parsed metadata: APIMetadata [apiRoot=..., skinDomains=[...], decodedPublickey=Optional[Sun RSA public key, 2048 bits params: null modulus: ... public exponent: ...]
获取材质时报错如下:[16:36:40] [Client thread/INFO]: [CHAT] <player> joined the game java.security.SignatureException: Signature length not correct: got 256 but was expecting 512 at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:211) at java.security.Signature$Delegate.engineVerify(Signature.java:1394) at java.security.Signature.verify(Signature.java:771) at com.mojang.authlib.properties.Property.isSignatureValid(Property.java:43) at moe.yushi.authlibinjector.transform.support.YggdrasilKeyTransformUnit.verifyPropertySignature(YggdrasilKeyTransformUnit.java:41) at com.mojang.authlib.yggdrasil.YggdrasilMinecraftSessionService.getTextures(YggdrasilMinecraftSessionService.java:129) at cvz.run(SourceFile:100) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)
表明需要512Byte而非256Byte。请问是因为authlib-injector只支持4096位的密钥吗,还是其它原因。如果是,能不能增加对其它长度的密钥的支持呢?