diff options
| author | Treeston <treeston.mmoc@gmail.com> | 2020-08-02 22:52:21 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2020-08-03 22:37:47 +0200 |
| commit | 73922d2a857614d27ddb9dfa517687b8018e5d39 (patch) | |
| tree | 2d1d2babf54728e4e784138b00105eaf042f35df /src/common/Cryptography/Authentication/SRP6.cpp | |
| parent | 77380f032b772ff180b6b663d241079a12eb608b (diff) | |
Core/Authserver: Re-organize the `accounts` table (PR #25135)
- no longer use sha_pass_hash for anything else core-side (.account, SOAP, RA)
- salt/verifier/session_key are now binary
- old s/v/sha_pass_hash fields kept around for backwards compatibility
- sha_pass_hash is still updated (for now), s/v are not
- sha_pass_hash is only read if s/v have been manually changed
- SRP6 b now uses the full 32 bytes of randomness (instead of randomly only using 19)
(cherry picked from commit 3164b58c7d170810b69378950c0891e5f5b8678b)
Diffstat (limited to 'src/common/Cryptography/Authentication/SRP6.cpp')
| -rw-r--r-- | src/common/Cryptography/Authentication/SRP6.cpp | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/common/Cryptography/Authentication/SRP6.cpp b/src/common/Cryptography/Authentication/SRP6.cpp index c8b80d58f9b..4d96a28960d 100644 --- a/src/common/Cryptography/Authentication/SRP6.cpp +++ b/src/common/Cryptography/Authentication/SRP6.cpp @@ -24,7 +24,12 @@ using SHA1 = Trinity::Crypto::SHA1; using SRP6 = Trinity::Crypto::SRP6; -/*static*/ std::array<uint8, 1> const SRP6::g = { 7 }; +/*static*/ std::array<uint8, 1> const SRP6::g = []() +{ + std::array<uint8, 1> g_temp; + g_temp[0] = 7; + return g_temp; +}(); /*static*/ std::array<uint8, 32> const SRP6::N = HexStrToByteArray<32>("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7", true); /*static*/ BigNumber const SRP6::_g(SRP6::g); /*static*/ BigNumber const SRP6::_N(N); @@ -54,7 +59,7 @@ using SRP6 = Trinity::Crypto::SRP6; // merge this into CalculateVerifier once the sha_pass hack finally gets nuked from orbit /*static*/ SRP6::Verifier SRP6::CalculateVerifierFromHash(SHA1::Digest const& hash, SRP6::Salt const& salt) { - return _g.ModExp(SHA1::GetDigestOf(salt, hash), _N).ToByteArray<32>(false); + return _g.ModExp(SHA1::GetDigestOf(salt, hash), _N).ToByteArray<32>(); } /*static*/ SessionKey SRP6::SHA1Interleave(SRP6::EphemeralKey const& S) @@ -88,7 +93,7 @@ using SRP6 = Trinity::Crypto::SRP6; } SRP6::SRP6(std::string const& username, Salt const& salt, Verifier const& verifier) - : _I(SHA1::GetDigestOf(username)), _b(Crypto::GetRandomBytes<19>()), _v(verifier, false), s(salt), B(_B(_b, _v)) {} + : _I(SHA1::GetDigestOf(username)), _b(Crypto::GetRandomBytes<32>()), _v(verifier), s(salt), B(_B(_b, _v)) {} Optional<SessionKey> SRP6::VerifyChallengeResponse(EphemeralKey const& A, SHA1::Digest const& clientM) { |