Core/Authserver: Re-organize the `accounts` table (PR #25135)

- no longer use sha_pass_hash for anything else core-side (.account, SOAP, RA)
- salt/verifier/session_key are now binary
- old s/v/sha_pass_hash fields kept around for backwards compatibility
- sha_pass_hash is still updated (for now), s/v are not
- sha_pass_hash is only read if s/v have been manually changed
- SRP6 b now uses the full 32 bytes of randomness (instead of randomly only using 19)

1 files changed, 2 insertions, 2 deletions

diff --git a/src/common/Cryptography/Authentication/SRP6.cpp b/src/common/Cryptography/Authentication/SRP6.cpp
index de05ffd1693..11125a3211b 100644
--- a/src/common/Cryptography/Authentication/SRP6.cpp
+++ b/src/common/Cryptography/Authentication/SRP6.cpp
@@ -54,7 +54,7 @@ using SRP6 = Trinity::Crypto::SRP6;
 // merge this into CalculateVerifier once the sha_pass hack finally gets nuked from orbit
 /*static*/ SRP6::Verifier SRP6::CalculateVerifierFromHash(SHA1::Digest const& hash, SRP6::Salt const& salt)
 {
-    return _g.ModExp(SHA1::GetDigestOf(salt, hash), _N).ToByteArray<32>(false);
+    return _g.ModExp(SHA1::GetDigestOf(salt, hash), _N).ToByteArray<32>();
 }
 
 /*static*/ SessionKey SRP6::SHA1Interleave(SRP6::EphemeralKey const& S)
@@ -88,7 +88,7 @@ using SRP6 = Trinity::Crypto::SRP6;
 }
 
 SRP6::SRP6(std::string const& username, Salt const& salt, Verifier const& verifier)
-    : _I(SHA1::GetDigestOf(username)), _b(Crypto::GetRandomBytes<19>()), _v(verifier, false), s(salt), B(_B(_b, _v)) {}
+    : _I(SHA1::GetDigestOf(username)), _b(Crypto::GetRandomBytes<32>()), _v(verifier), s(salt), B(_B(_b, _v)) {}
 
 std::optional<SessionKey> SRP6::VerifyChallengeResponse(EphemeralKey const& A, SHA1::Digest const& clientM)
 {