Common/Crypto: Reduce differences between 3.3.5 and 6.x branches

Code functionality shouldn't have been modified.
2026-01-22 18:15:31 +01:00 · 2016-08-03 23:33:36 +02:00
parent 25dc3dd7a2
commit e4b2e0450f
5 changed files with 29 additions and 26 deletions
--- a/src/common/Cryptography/ARC4.cpp
+++ b/src/common/Cryptography/ARC4.cpp
@@ -18,14 +18,14 @@

 #include "ARC4.h"

-ARC4::ARC4(uint8 len) : m_ctx()
+ARC4::ARC4(uint32 len) : m_ctx()
 {
    EVP_CIPHER_CTX_init(&m_ctx);
    EVP_EncryptInit_ex(&m_ctx, EVP_rc4(), NULL, NULL, NULL);
    EVP_CIPHER_CTX_set_key_length(&m_ctx, len);
 }

-ARC4::ARC4(uint8 *seed, uint8 len) : m_ctx()
+ARC4::ARC4(uint8 *seed, uint32 len) : m_ctx()
 {
    EVP_CIPHER_CTX_init(&m_ctx);
    EVP_EncryptInit_ex(&m_ctx, EVP_rc4(), NULL, NULL, NULL);
--- a/src/common/Cryptography/ARC4.h
+++ b/src/common/Cryptography/ARC4.h
@@ -25,8 +25,8 @@
 class TC_COMMON_API ARC4
 {
    public:
-        ARC4(uint8 len);
-        ARC4(uint8 *seed, uint8 len);
+        ARC4(uint32 len);
+        ARC4(uint8 *seed, uint32 len);
        ~ARC4();
        void Init(uint8 *seed);
        void UpdateData(int len, uint8 *data);
--- a/src/common/Cryptography/BigNumber.cpp
+++ b/src/common/Cryptography/BigNumber.cpp
@@ -163,11 +163,16 @@ uint32 BigNumber::AsDword()
    return (uint32)BN_get_word(_bn);
 }

-bool BigNumber::isZero() const
+bool BigNumber::IsZero() const
 {
    return BN_is_zero(_bn);
 }

+bool BigNumber::IsNegative() const
+{
+    return BN_is_negative(_bn);
+}
+
 std::unique_ptr<uint8[]> BigNumber::AsByteArray(int32 minSize, bool littleEndian)
 {
    int numBytes = GetNumBytes();
@@ -189,13 +194,19 @@ std::unique_ptr<uint8[]> BigNumber::AsByteArray(int32 minSize, bool littleEndian
    return ret;
 }

-char * BigNumber::AsHexStr() const
+std::string BigNumber::AsHexStr() const
 {
-    return BN_bn2hex(_bn);
+    char* ch = BN_bn2hex(_bn);
+    std::string ret = ch;
+    OPENSSL_free(ch);
+    return ret;
 }

-char * BigNumber::AsDecStr() const
+std::string BigNumber::AsDecStr() const
 {
-    return BN_bn2dec(_bn);
+    char* ch = BN_bn2dec(_bn);
+    std::string ret = ch;
+    OPENSSL_free(ch);
+    return ret;
 }

--- a/src/common/Cryptography/BigNumber.h
+++ b/src/common/Cryptography/BigNumber.h
@@ -21,6 +21,7 @@

 #include <memory>
 #include "Define.h"
+#include <string>

 struct bignum_st;

@@ -76,7 +77,8 @@ class TC_COMMON_API BigNumber
            return t %= bn;
        }

-        bool isZero() const;
+        bool IsZero() const;
+        bool IsNegative() const;

        BigNumber ModExp(BigNumber const& bn1, BigNumber const& bn2);
        BigNumber Exp(BigNumber const&);
@@ -89,8 +91,8 @@ class TC_COMMON_API BigNumber

        std::unique_ptr<uint8[]> AsByteArray(int32 minSize = 0, bool littleEndian = true);

-        char * AsHexStr() const;
-        char * AsDecStr() const;
+        std::string AsHexStr() const;
+        std::string AsDecStr() const;

    private:
        struct bignum_st *_bn;
--- a/src/server/authserver/Server/AuthSession.cpp
+++ b/src/server/authserver/Server/AuthSession.cpp
@@ -499,7 +499,7 @@ bool AuthSession::HandleLogonProof()
    A.SetBinary(logonProof->A, 32);

    // SRP safeguard: abort if A == 0
-    if (A.isZero())
+    if (A.IsZero())
    {
        return false;
    }
@@ -575,18 +575,15 @@ bool AuthSession::HandleLogonProof()

        // Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
        // No SQL injection (escaped user name) and IP address as received by socket
-        const char *K_hex = K.AsHexStr();

        PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF);
-        stmt->setString(0, K_hex);
+        stmt->setString(0, K.AsHexStr());
        stmt->setString(1, GetRemoteIpAddress().to_string().c_str());
        stmt->setUInt32(2, GetLocaleByName(_localizationName));
        stmt->setString(3, _os);
        stmt->setString(4, _accountInfo.Login);
        LoginDatabase.DirectExecute(stmt);

-        OPENSSL_free((void*)K_hex);
-
        // Finish SRP6 and send the final result to the client
        sha.Initialize();
        sha.UpdateBigNumbers(&A, &M, &K, NULL);
@@ -959,16 +956,9 @@ void AuthSession::SetVSFields(const std::string& rI)
    v = g.ModExp(x, N);

    // No SQL injection (username escaped)
-    char *v_hex, *s_hex;
-    v_hex = v.AsHexStr();
-    s_hex = s.AsHexStr();
-
    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
-    stmt->setString(0, v_hex);
-    stmt->setString(1, s_hex);
+    stmt->setString(0, v.AsHexStr());
+    stmt->setString(1, s.AsHexStr());
    stmt->setString(2, _accountInfo.Login);
    LoginDatabase.Execute(stmt);
-
-    OPENSSL_free(v_hex);
-    OPENSSL_free(s_hex);
 }