Fixed key reuse issue

Author: devgianlu

core/src/main/java/xyz/gianlu/librespot/core/Session.java

@@ -129,15 +129,15 @@ void connect() throws IOException, GeneralSecurityException, SpotifyAuthenticati
         acc.dump();
 
         Keyexchange.APResponseMessage apResponseMessage = Keyexchange.APResponseMessage.parseFrom(buffer);
-        keys.computeSharedKey(apResponseMessage.getChallenge().getLoginCryptoChallenge().getDiffieHellman().getGs().toByteArray());
+        byte[] sharedKey = Utils.toByteArray(keys.computeSharedKey(apResponseMessage.getChallenge().getLoginCryptoChallenge().getDiffieHellman().getGs().toByteArray()));
 
 
         // Solve challenge
 
         ByteArrayOutputStream data = new ByteArrayOutputStream(0x64);
 
         Mac mac = Mac.getInstance("HmacSHA1");
-        mac.init(new SecretKeySpec(keys.sharedKeyArray(), "HmacSHA1"));
+        mac.init(new SecretKeySpec(sharedKey, "HmacSHA1"));
         for (int i = 1; i < 6; i++) {
             mac.update(acc.array());
             mac.update(new byte[]{(byte) i});

core/src/main/java/xyz/gianlu/librespot/core/ZeroconfServer.java

@@ -181,15 +181,14 @@ private void handleAddUser(OutputStream out, Map<String, String> params, String
             return;
         }
 
-        keys.computeSharedKey(Base64.getDecoder().decode(clientKeyStr));
-
+        byte[] sharedKey = Utils.toByteArray(keys.computeSharedKey(Base64.getDecoder().decode(clientKeyStr)));
         byte[] blobBytes = Base64.getDecoder().decode(blobStr);
         byte[] iv = Arrays.copyOfRange(blobBytes, 0, 16);
         byte[] encrypted = Arrays.copyOfRange(blobBytes, 16, blobBytes.length - 20);
         byte[] checksum = Arrays.copyOfRange(blobBytes, blobBytes.length - 20, blobBytes.length);
 
         MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
-        sha1.update(keys.sharedKeyArray());
+        sha1.update(sharedKey);
         byte[] baseKey = Arrays.copyOfRange(sha1.digest(), 0, 16);
 
         Mac hmac = Mac.getInstance("HmacSHA1");

core/src/main/java/xyz/gianlu/librespot/crypto/DiffieHellman.java

@@ -28,7 +28,6 @@ public class DiffieHellman {
     private static final Logger LOGGER = Logger.getLogger(DiffieHellman.class);
     private final BigInteger privateKey;
     private final BigInteger publicKey;
-    private BigInteger sharedKey = null;
 
     public DiffieHellman(Random random) {
         byte[] keyData = new byte[95];
@@ -38,26 +37,15 @@ public DiffieHellman(Random random) {
         publicKey = GENERATOR.modPow(privateKey, PRIME);
     }
 
-    public void computeSharedKey(byte[] remoteKeyBytes) {
-        if (sharedKey != null) throw new IllegalStateException("Cannot reuse object!");
-
+    @NotNull
+    public BigInteger computeSharedKey(byte[] remoteKeyBytes) {
         BigInteger remoteKey = new BigInteger(1, remoteKeyBytes);
-        sharedKey = remoteKey.modPow(privateKey, PRIME);
+        BigInteger sharedKey = remoteKey.modPow(privateKey, PRIME);
 
         LOGGER.trace("Computed shared key successfully!");
-    }
-
-    @NotNull
-    public BigInteger sharedKey() {
-        if (sharedKey == null) throw new IllegalStateException("Shared key not initialized!");
         return sharedKey;
     }
 
-    @NotNull
-    public byte[] sharedKeyArray() {
-        return Utils.toByteArray(sharedKey());
-    }
-
     @NotNull
     public BigInteger privateKey() {
         return privateKey;