[3.3.5] Core/Authserver: TOTP rewrite: (PR #23633)

- Proper management commands (.account 2fa) - Secrets can now be encrypted (set TOTPTokenSecret in .conf) - Secret now stored in binary - Argon2 and AES primitives - Base32/64 support (cherry picked from commit 4211645834c467a03c60248e80818d3607be9ea7)
author: Treeston <treeston.mmoc@gmail.com> 2019-08-10 21:34:51 +0200
committer: Shauren <shauren.trinity@gmail.com> 2021-12-18 20:24:50 +0100
commit: 0b61c3b7b1399f5dd0cab90da36002b7d8e0af6b (patch)
tree: d869f832263c29814004569c1353251fc8e8538c /src/server/database/Database/Implementation
parent: 92e92e818b704803377f44dbc6a8158b3d38225b (diff)
2 files changed, 14 insertions, 0 deletions
diff --git a/src/server/database/Database/Implementation/LoginDatabase.cpp b/src/server/database/Database/Implementation/LoginDatabase.cpp
index 57c777f5c15..f5a6c4aab81 100644
--- a/src/server/database/Database/Implementation/LoginDatabase.cpp
+++ b/src/server/database/Database/Implementation/LoginDatabase.cpp
@@ -113,6 +113,13 @@ void LoginDatabaseConnection::DoPrepareStatements()
     PrepareStatement(LOGIN_SEL_ACCOUNT_MUTE_INFO, "SELECT mutedate, mutetime, mutereason, mutedby FROM account_muted WHERE guid = ? ORDER BY mutedate ASC", CONNECTION_SYNCH);
     PrepareStatement(LOGIN_DEL_ACCOUNT_MUTED, "DELETE FROM account_muted WHERE guid = ?", CONNECTION_ASYNC);
 
+    PrepareStatement(LOGIN_SEL_SECRET_DIGEST, "SELECT digest FROM secret_digest WHERE id = ?", CONNECTION_SYNCH);
+    PrepareStatement(LOGIN_INS_SECRET_DIGEST, "INSERT INTO secret_digest (id, digest) VALUES (?,?)", CONNECTION_ASYNC);
+    PrepareStatement(LOGIN_DEL_SECRET_DIGEST, "DELETE FROM secret_digest WHERE id = ?", CONNECTION_ASYNC);
+
+    PrepareStatement(LOGIN_SEL_ACCOUNT_TOTP_SECRET, "SELECT totp_secret FROM account WHERE id = ?", CONNECTION_SYNCH);
+    PrepareStatement(LOGIN_UPD_ACCOUNT_TOTP_SECRET, "UPDATE account SET totp_secret = ? WHERE id = ?", CONNECTION_ASYNC);
+
 #define BnetAccountInfo "ba.id, UPPER(ba.email), ba.locked, ba.lock_country, ba.last_ip, ba.LoginTicketExpiry, bab.unbandate > UNIX_TIMESTAMP() OR bab.unbandate = bab.bandate, bab.unbandate = bab.bandate"
 #define BnetGameAccountInfo "a.id, a.username, ab.unbandate, ab.unbandate = ab.bandate, aa.SecurityLevel"
 
diff --git a/src/server/database/Database/Implementation/LoginDatabase.h b/src/server/database/Database/Implementation/LoginDatabase.h
index e18a3de612e..1f0d9ff6e52 100644
--- a/src/server/database/Database/Implementation/LoginDatabase.h
+++ b/src/server/database/Database/Implementation/LoginDatabase.h
@@ -109,6 +109,13 @@ enum LoginDatabaseStatements : uint32
     LOGIN_SEL_ACCOUNT_MUTE_INFO,
     LOGIN_DEL_ACCOUNT_MUTED,
 
+    LOGIN_SEL_SECRET_DIGEST,
+    LOGIN_INS_SECRET_DIGEST,
+    LOGIN_DEL_SECRET_DIGEST,
+
+    LOGIN_SEL_ACCOUNT_TOTP_SECRET,
+    LOGIN_UPD_ACCOUNT_TOTP_SECRET,
+
     LOGIN_SEL_BNET_AUTHENTICATION,
     LOGIN_UPD_BNET_AUTHENTICATION,
     LOGIN_SEL_BNET_EXISTING_AUTHENTICATION,
author	Treeston <treeston.mmoc@gmail.com>	2019-08-10 21:34:51 +0200
committer	Shauren <shauren.trinity@gmail.com>	2021-12-18 20:24:50 +0100
commit	0b61c3b7b1399f5dd0cab90da36002b7d8e0af6b (patch)
tree	d869f832263c29814004569c1353251fc8e8538c /src/server/database/Database/Implementation
parent	92e92e818b704803377f44dbc6a8158b3d38225b (diff)