diff options
| author | Treeston <treeston.mmoc@gmail.com> | 2020-07-26 01:53:34 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2020-08-03 19:39:00 +0200 |
| commit | e9392ad28767626e519c463e2110184d71ba8426 (patch) | |
| tree | da391d7daf1ede4ef73883b5053520e160dc4ec4 /src/server/bnetserver/REST/LoginRESTService.cpp | |
| parent | caa1e1171a1ea4e2db754cfb52b3be795385d544 (diff) | |
Core/Authserver: Authserver cleanup (PR#25093)
- Fix a handful of 1/256 bugs with most significant byte zero in BigNumber
- Get rid of (most of) the C-style arrays in authserver
- CryptoRandom as a unified source for cryptographic randomness
- Bring our other crypto APIs into 2020
- BigNumber usability improvements
- Authserver is now actually readable as a result of all of the above
(cherry picked from commit 210176fd915cf4ba16f428d3c1a249a71f4aa7a7)
Diffstat (limited to 'src/server/bnetserver/REST/LoginRESTService.cpp')
| -rw-r--r-- | src/server/bnetserver/REST/LoginRESTService.cpp | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/src/server/bnetserver/REST/LoginRESTService.cpp b/src/server/bnetserver/REST/LoginRESTService.cpp index c8fb91b163b..16ce194b190 100644 --- a/src/server/bnetserver/REST/LoginRESTService.cpp +++ b/src/server/bnetserver/REST/LoginRESTService.cpp @@ -17,6 +17,8 @@ #include "LoginRESTService.h" #include "Configuration/Config.h" +#include "CryptoHash.h" +#include "CryptoRandom.h" #include "DatabaseEnv.h" #include "Errors.h" #include "IpNetwork.h" @@ -24,8 +26,6 @@ #include "Realm.h" #include "Resolver.h" #include "SessionManager.h" -#include "SHA1.h" -#include "SHA256.h" #include "SslContext.h" #include "Util.h" #include "httpget.h" @@ -362,10 +362,9 @@ int32 LoginRESTService::HandlePostLogin(std::shared_ptr<AsyncRequest> request) { if (loginTicket.empty() || loginTicketExpiry < time(nullptr)) { - BigNumber ticket; - ticket.SetRand(20 * 8); + std::array<uint8, 20> ticket = Trinity::Crypto::GetRandomBytes<20>(); - loginTicket = "TC-" + ByteArrayToHexStr(ticket.AsByteArray(20).get(), 20); + loginTicket = "TC-" + ByteArrayToHexStr(ticket); } LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_AUTHENTICATION); @@ -503,17 +502,17 @@ void LoginRESTService::HandleAsyncRequest(std::shared_ptr<AsyncRequest> request) std::string LoginRESTService::CalculateShaPassHash(std::string const& name, std::string const& password) { - SHA256Hash email; + Trinity::Crypto::SHA256 email; email.UpdateData(name); email.Finalize(); - SHA256Hash sha; - sha.UpdateData(ByteArrayToHexStr(email.GetDigest(), email.GetLength())); + Trinity::Crypto::SHA256 sha; + sha.UpdateData(ByteArrayToHexStr(email.GetDigest())); sha.UpdateData(":"); sha.UpdateData(password); sha.Finalize(); - return ByteArrayToHexStr(sha.GetDigest(), sha.GetLength(), true); + return ByteArrayToHexStr(sha.GetDigest(), true); } Namespace namespaces[] = |