fix(auth): Skip further decryption if encrypted password fails to decrypt

this should only occur if the wrong RSA key is used on the client, otherwise the patch probably forgot to set `is_crypto` to false
2025-12-15 00:15:33 +01:00 · 2024-07-06 22:33:46 -04:00
parent 446e994ff0
commit 4ced11d567
1 changed files with 7 additions and 1 deletions
--- a/src/main/java/emu/grasscutter/auth/DefaultAuthenticators.java
+++ b/src/main/java/emu/grasscutter/auth/DefaultAuthenticators.java
@@ -112,7 +112,13 @@ public final class DefaultAuthenticators {
                                cipher.doFinal(Utils.base64Decode(request.getPasswordRequest().password)),
                                StandardCharsets.UTF_8);
            } catch (Exception ignored) {
-                decryptedPassword = request.getPasswordRequest().password;
+                if (requestData.is_crypto) {
+                    response.retcode = -201;
+                    response.message = translate("messages.dispatch.account.password_crypto_error");
+                    return response;
+                } else {
+                    decryptedPassword = request.getPasswordRequest().password;
+                }
            }

            if (decryptedPassword == null) {