[3.3.5] Core/Authserver: TOTP rewrite: (PR #23633)

- Proper management commands (.account 2fa) - Secrets can now be encrypted (set TOTPTokenSecret in .conf) - Secret now stored in binary - Argon2 and AES primitives - Base32/64 support (cherry picked from commit 4211645834c467a03c60248e80818d3607be9ea7)
author: Treeston <treeston.mmoc@gmail.com> 2019-08-10 21:34:51 +0200
committer: Shauren <shauren.trinity@gmail.com> 2021-12-18 20:24:50 +0100
commit: 0b61c3b7b1399f5dd0cab90da36002b7d8e0af6b (patch)
tree: d869f832263c29814004569c1353251fc8e8538c /src/server/worldserver
parent: 92e92e818b704803377f44dbc6a8158b3d38225b (diff)
2 files changed, 23 insertions, 0 deletions
diff --git a/src/server/worldserver/Main.cpp b/src/server/worldserver/Main.cpp
index 2f6cf319c8a..c24d60eef54 100644
--- a/src/server/worldserver/Main.cpp
+++ b/src/server/worldserver/Main.cpp
@@ -45,6 +45,8 @@
 #include "ScriptLoader.h"
 #include "ScriptMgr.h"
 #include "ScriptReloadMgr.h"
+#include "SecretMgr.h"
+#include "SharedDefines.h"
 #include "TCSoap.h"
 #include "World.h"
 #include "WorldSocket.h"
@@ -256,6 +258,7 @@ extern int main(int argc, char** argv)
     });
 
     // Initialize the World
+    sSecretMgr->Initialize(SECRET_OWNER_WORLDSERVER);
     sWorld->SetInitialWorldSettings();
 
     std::shared_ptr<void> mapManagementHandle(nullptr, [](void*)
diff --git a/src/server/worldserver/worldserver.conf.dist b/src/server/worldserver/worldserver.conf.dist
index 138816786ab..3a64aedf766 100644
--- a/src/server/worldserver/worldserver.conf.dist
+++ b/src/server/worldserver/worldserver.conf.dist
@@ -11,6 +11,7 @@
 #    PERFORMANCE SETTINGS
 #    SERVER LOGGING
 #    SERVER SETTINGS
+#    CRYPTOGRAPHY
 #    UPDATE SETTINGS
 #    HOTSWAP SETTINGS
 #    WARDEN SETTINGS
@@ -1348,6 +1349,25 @@ FeatureSystem.CharacterUndelete.Cooldown = 2592000
 ###################################################################################################
 
 ###################################################################################################
+# CRYPTOGRAPHY
+#
+#    TOTPMasterSecret
+#        Description: The key used by authserver to decrypt TOTP secrets from database storage.
+#                     You only need to set this here if you plan to use the in-game 2FA
+#                     management commands (.account 2fa), otherwise this can be left blank.
+#
+#                     The server will auto-detect if this does not match your authserver setting,
+#                     in which case any commands reliant on the secret will be disabled.
+#
+#        Default:     <blank>
+#
+
+TOTPMasterSecret =
+
+#
+###################################################################################################
+
+###################################################################################################
 # UPDATE SETTINGS
 #
 #    Updates.EnableDatabases
author	Treeston <treeston.mmoc@gmail.com>	2019-08-10 21:34:51 +0200
committer	Shauren <shauren.trinity@gmail.com>	2021-12-18 20:24:50 +0100
commit	0b61c3b7b1399f5dd0cab90da36002b7d8e0af6b (patch)
tree	d869f832263c29814004569c1353251fc8e8538c /src/server/worldserver
parent	92e92e818b704803377f44dbc6a8158b3d38225b (diff)