diff options
| author | Treeston <treeston.mmoc@gmail.com> | 2020-09-06 16:04:10 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-06 16:04:10 +0200 |
| commit | bcdbdd6f23ce65cc0e381e61d2840140dce79311 (patch) | |
| tree | 3bf3f8734702d940a2939971e77fb2136b5231f4 /src/common | |
| parent | 3b1e911da3551cf9c69798bbb8b5f52d34be8522 (diff) | |
Core/Authserver: Removal of sha_pass_hash, compatibility fields, and everything that uses them (PR #25156)
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common/Cryptography/Authentication/SRP6.cpp | 21 | ||||
| -rw-r--r-- | src/common/Cryptography/Authentication/SRP6.h | 6 |
2 files changed, 6 insertions, 21 deletions
diff --git a/src/common/Cryptography/Authentication/SRP6.cpp b/src/common/Cryptography/Authentication/SRP6.cpp index 11125a3211b..daaa1155869 100644 --- a/src/common/Cryptography/Authentication/SRP6.cpp +++ b/src/common/Cryptography/Authentication/SRP6.cpp @@ -37,24 +37,15 @@ using SRP6 = Trinity::Crypto::SRP6; return res; } -/*static*/ std::pair<SRP6::Salt, SRP6::Verifier> SRP6::MakeRegistrationDataFromHash_DEPRECATED_DONOTUSE(SHA1::Digest const& hash) -{ - std::pair<SRP6::Salt, SRP6::Verifier> res; - Crypto::GetRandomBytes(res.first); - res.second = CalculateVerifierFromHash(hash, res.first); - return res; -} - /*static*/ SRP6::Verifier SRP6::CalculateVerifier(std::string const& username, std::string const& password, SRP6::Salt const& salt) { // v = g ^ H(s || H(u || ':' || p)) mod N - return CalculateVerifierFromHash(SHA1::GetDigestOf(username, ":", password), salt); -} - -// merge this into CalculateVerifier once the sha_pass hack finally gets nuked from orbit -/*static*/ SRP6::Verifier SRP6::CalculateVerifierFromHash(SHA1::Digest const& hash, SRP6::Salt const& salt) -{ - return _g.ModExp(SHA1::GetDigestOf(salt, hash), _N).ToByteArray<32>(); + return _g.ModExp( + SHA1::GetDigestOf( + salt, + SHA1::GetDigestOf(username, ":", password) + ) + ,_N).ToByteArray<32>(); } /*static*/ SessionKey SRP6::SHA1Interleave(SRP6::EphemeralKey const& S) diff --git a/src/common/Cryptography/Authentication/SRP6.h b/src/common/Cryptography/Authentication/SRP6.h index ab4dfc56889..7014c26607e 100644 --- a/src/common/Cryptography/Authentication/SRP6.h +++ b/src/common/Cryptography/Authentication/SRP6.h @@ -41,11 +41,6 @@ namespace Trinity::Crypto static std::array<uint8, 1> const g; static std::array<uint8, 32> const N; - // this is the old sha_pass_hash hack - // YOU SHOULD NEVER STORE THIS HASH, if you do you are breaking SRP6 guarantees - // use MakeRegistrationData instead - static std::pair<Salt, Verifier> MakeRegistrationDataFromHash_DEPRECATED_DONOTUSE(SHA1::Digest const& hash); - // username + password must be passed through Utf8ToUpperOnlyLatin FIRST! static std::pair<Salt, Verifier> MakeRegistrationData(std::string const& username, std::string const& password); // username + password must be passed through Utf8ToUpperOnlyLatin FIRST! @@ -66,7 +61,6 @@ namespace Trinity::Crypto bool _used = false; // a single instance can only be used to verify once static Verifier CalculateVerifier(std::string const& username, std::string const& password, Salt const& salt); - static Verifier CalculateVerifierFromHash(SHA1::Digest const& hash, Salt const& salt); static SessionKey SHA1Interleave(EphemeralKey const& S); /* global algorithm parameters */ |