aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--cmake/macros/FindOpenSSL.cmake3
-rw-r--r--src/common/Cryptography/CryptoConstants.h1
-rw-r--r--src/common/Cryptography/CryptoHash.h38
-rw-r--r--src/common/Cryptography/HMAC.h81
-rw-r--r--src/server/authserver/Main.cpp2
-rw-r--r--src/server/game/Warden/Warden.cpp31
-rw-r--r--src/server/game/Warden/WardenMac.cpp9
-rw-r--r--src/server/worldserver/Main.cpp2
8 files changed, 93 insertions, 74 deletions
diff --git a/cmake/macros/FindOpenSSL.cmake b/cmake/macros/FindOpenSSL.cmake
index 2a18f098189..f40a591f9a7 100644
--- a/cmake/macros/FindOpenSSL.cmake
+++ b/cmake/macros/FindOpenSSL.cmake
@@ -80,7 +80,6 @@ Set ``OPENSSL_MSVC_STATIC_RT`` set ``TRUE`` to choose the MT version of the lib.
#]=======================================================================]
set(OPENSSL_EXPECTED_VERSION "1.0")
-set(OPENSSL_MAX_VERSION "1.2")
macro(_OpenSSL_test_and_find_dependencies ssl_library crypto_library)
if((CMAKE_SYSTEM_NAME STREQUAL "Linux") AND
@@ -574,7 +573,7 @@ if(OPENSSL_FOUND)
message(STATUS "Found OpenSSL library: ${OPENSSL_LIBRARIES}")
message(STATUS "Found OpenSSL headers: ${OPENSSL_INCLUDE_DIR}")
include(EnsureVersion)
- ENSURE_VERSION_RANGE("${OPENSSL_EXPECTED_VERSION}" "${OPENSSL_VERSION}" "${OPENSSL_MAX_VERSION}" OPENSSL_VERSION_OK)
+ ENSURE_VERSION("${OPENSSL_EXPECTED_VERSION}" "${OPENSSL_VERSION}" OPENSSL_VERSION_OK)
if(NOT OPENSSL_VERSION_OK)
message(FATAL_ERROR "TrinityCore needs OpenSSL version ${OPENSSL_EXPECTED_VERSION} but found too new version ${OPENSSL_VERSION}. TrinityCore needs OpenSSL 1.0.x or 1.1.x to work properly. If you still have problems please install OpenSSL 1.0.x if you still have problems search on forum for TCE00022")
endif()
diff --git a/src/common/Cryptography/CryptoConstants.h b/src/common/Cryptography/CryptoConstants.h
index 7e698a685e4..d9fad902ab6 100644
--- a/src/common/Cryptography/CryptoConstants.h
+++ b/src/common/Cryptography/CryptoConstants.h
@@ -24,6 +24,7 @@ namespace Trinity::Crypto
{
struct Constants
{
+ static constexpr size_t MD5_DIGEST_LENGTH_BYTES = 16;
static constexpr size_t SHA1_DIGEST_LENGTH_BYTES = 20;
static constexpr size_t SHA256_DIGEST_LENGTH_BYTES = 32;
};
diff --git a/src/common/Cryptography/CryptoHash.h b/src/common/Cryptography/CryptoHash.h
index 56af9740c04..38f2047c30d 100644
--- a/src/common/Cryptography/CryptoHash.h
+++ b/src/common/Cryptography/CryptoHash.h
@@ -35,10 +35,10 @@ namespace Trinity::Impl
typedef EVP_MD const* (*HashCreator)();
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L
- static EVP_MD_CTX* MakeCTX() { return EVP_MD_CTX_create(); }
+ static EVP_MD_CTX* MakeCTX() noexcept { return EVP_MD_CTX_create(); }
static void DestroyCTX(EVP_MD_CTX* ctx) { EVP_MD_CTX_destroy(ctx); }
#else
- static EVP_MD_CTX* MakeCTX() { return EVP_MD_CTX_new(); }
+ static EVP_MD_CTX* MakeCTX() noexcept { return EVP_MD_CTX_new(); }
static void DestroyCTX(EVP_MD_CTX* ctx) { EVP_MD_CTX_free(ctx); }
#endif
};
@@ -73,6 +73,16 @@ namespace Trinity::Impl
ASSERT(result == 1);
}
+ GenericHash(GenericHash const& right) : _ctx(GenericHashImpl::MakeCTX())
+ {
+ *this = right;
+ }
+
+ GenericHash(GenericHash&& right) noexcept
+ {
+ *this = std::move(right);
+ }
+
~GenericHash()
{
if (!_ctx)
@@ -81,6 +91,27 @@ namespace Trinity::Impl
_ctx = nullptr;
}
+ GenericHash& operator=(GenericHash const& right)
+ {
+ if (this == &right)
+ return *this;
+
+ int result = EVP_MD_CTX_copy(_ctx, right._ctx);
+ ASSERT(result == 1);
+ _digest = right._digest;
+ return *this;
+ }
+
+ GenericHash& operator=(GenericHash&& right) noexcept
+ {
+ if (this == &right)
+ return *this;
+
+ _ctx = std::exchange(right._ctx, GenericHashImpl::MakeCTX());
+ _digest = std::exchange(right._digest, Digest{});
+ return *this;
+ }
+
void UpdateData(uint8 const* data, size_t len)
{
int result = EVP_DigestUpdate(_ctx, data, len);
@@ -98,8 +129,6 @@ namespace Trinity::Impl
int result = EVP_DigestFinal_ex(_ctx, _digest.data(), &length);
ASSERT(result == 1);
ASSERT(length == DIGEST_LENGTH);
- GenericHashImpl::DestroyCTX(_ctx);
- _ctx = nullptr;
}
Digest const& GetDigest() const { return _digest; }
@@ -112,6 +141,7 @@ namespace Trinity::Impl
namespace Trinity::Crypto
{
+ using MD5 = Trinity::Impl::GenericHash<EVP_md5, Constants::MD5_DIGEST_LENGTH_BYTES>;
using SHA1 = Trinity::Impl::GenericHash<EVP_sha1, Constants::SHA1_DIGEST_LENGTH_BYTES>;
using SHA256 = Trinity::Impl::GenericHash<EVP_sha256, Constants::SHA256_DIGEST_LENGTH_BYTES>;
}
diff --git a/src/common/Cryptography/HMAC.h b/src/common/Cryptography/HMAC.h
index 200955df832..b8db59a1ae9 100644
--- a/src/common/Cryptography/HMAC.h
+++ b/src/common/Cryptography/HMAC.h
@@ -19,41 +19,18 @@
#define TRINITY_HMAC_H
#include "CryptoConstants.h"
+#include "CryptoHash.h"
#include "Define.h"
#include "Errors.h"
#include <array>
#include <string>
#include <string_view>
-#include <openssl/hmac.h>
class BigNumber;
namespace Trinity::Impl
{
- struct HMACImpl
- {
- typedef EVP_MD const* (*HashCreator)();
-
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L
- static HMAC_CTX* MakeCTX()
- {
- HMAC_CTX* ctx = new HMAC_CTX();
- HMAC_CTX_init(ctx);
- return ctx;
- }
-
- static void DestroyCTX(HMAC_CTX* ctx)
- {
- HMAC_CTX_cleanup(ctx);
- delete ctx;
- }
-#else
- static HMAC_CTX* MakeCTX() { return HMAC_CTX_new(); }
- static void DestroyCTX(HMAC_CTX* ctx) { HMAC_CTX_free(ctx); }
-#endif
- };
-
- template <HMACImpl::HashCreator HashCreator, size_t DigestLength>
+ template <GenericHashImpl::HashCreator HashCreator, size_t DigestLength>
class GenericHMAC
{
public:
@@ -78,25 +55,58 @@ namespace Trinity::Impl
return hash.GetDigest();
}
- GenericHMAC(uint8 const* seed, size_t len) : _ctx(HMACImpl::MakeCTX())
+ GenericHMAC(uint8 const* seed, size_t len) : _ctx(GenericHashImpl::MakeCTX()), _key(EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, nullptr, seed, len))
{
- int result = HMAC_Init_ex(_ctx, seed, len, HashCreator(), nullptr);
+ int result = EVP_DigestSignInit(_ctx, nullptr, HashCreator(), nullptr, _key);
ASSERT(result == 1);
}
template <typename Container>
GenericHMAC(Container const& container) : GenericHMAC(std::data(container), std::size(container)) {}
+ GenericHMAC(GenericHMAC const& right) : _ctx(GenericHashImpl::MakeCTX())
+ {
+ *this = right;
+ }
+
+ GenericHMAC(GenericHMAC&& right) noexcept
+ {
+ *this = std::move(right);
+ }
+
~GenericHMAC()
{
- if (!_ctx)
- return;
- HMACImpl::DestroyCTX(_ctx);
+ GenericHashImpl::DestroyCTX(_ctx);
_ctx = nullptr;
+ EVP_PKEY_free(_key);
+ _key = nullptr;
+ }
+
+ GenericHMAC& operator=(GenericHMAC const& right)
+ {
+ if (this == &right)
+ return *this;
+
+ int result = EVP_MD_CTX_copy(_ctx, right._ctx);
+ ASSERT(result == 1);
+ _key = right._key; // EVP_PKEY uses reference counting internally, just copy the pointer
+ _digest = right._digest;
+ return *this;
+ }
+
+ GenericHMAC& operator=(GenericHMAC&& right) noexcept
+ {
+ if (this == &right)
+ return *this;
+
+ _ctx = std::exchange(right._ctx, GenericHashImpl::MakeCTX());
+ _key = std::exchange(right._key, EVP_PKEY_new());
+ _digest = std::exchange(right._digest, Digest{});
+ return *this;
}
void UpdateData(uint8 const* data, size_t len)
{
- int result = HMAC_Update(_ctx, data, len);
+ int result = EVP_DigestSignUpdate(_ctx, data, len);
ASSERT(result == 1);
}
void UpdateData(std::string_view str) { UpdateData(reinterpret_cast<uint8 const*>(str.data()), str.size()); }
@@ -107,17 +117,16 @@ namespace Trinity::Impl
void Finalize()
{
- uint32 length = 0;
- int result = HMAC_Final(_ctx, _digest.data(), &length);
+ size_t length = 0;
+ int result = EVP_DigestSignFinal(_ctx, _digest.data(), &length);
ASSERT(result == 1);
ASSERT(length == DIGEST_LENGTH);
- HMACImpl::DestroyCTX(_ctx);
- _ctx = nullptr;
}
Digest const& GetDigest() const { return _digest; }
private:
- HMAC_CTX* _ctx;
+ EVP_MD_CTX* _ctx;
+ EVP_PKEY* _key;
Digest _digest = { };
};
}
diff --git a/src/server/authserver/Main.cpp b/src/server/authserver/Main.cpp
index af0acb97236..145ec132966 100644
--- a/src/server/authserver/Main.cpp
+++ b/src/server/authserver/Main.cpp
@@ -121,7 +121,7 @@ int main(int argc, char** argv)
[]()
{
TC_LOG_INFO("server.authserver", "Using configuration file %s.", sConfigMgr->GetFilename().c_str());
- TC_LOG_INFO("server.authserver", "Using SSL version: %s (library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
+ TC_LOG_INFO("server.authserver", "Using SSL version: %s (library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION));
TC_LOG_INFO("server.authserver", "Using Boost version: %i.%i.%i", BOOST_VERSION / 100000, BOOST_VERSION / 100 % 1000, BOOST_VERSION % 100);
}
);
diff --git a/src/server/game/Warden/Warden.cpp b/src/server/game/Warden/Warden.cpp
index 8f109e387df..2f974860185 100644
--- a/src/server/game/Warden/Warden.cpp
+++ b/src/server/game/Warden/Warden.cpp
@@ -21,15 +21,12 @@
#include "Log.h"
#include "Opcodes.h"
#include "ByteBuffer.h"
+#include "CryptoHash.h"
#include "GameTime.h"
#include "World.h"
#include "Util.h"
#include "Warden.h"
#include "AccountMgr.h"
-
-#include <openssl/sha.h>
-#include <openssl/md5.h>
-
#include <charconv>
Warden::Warden() : _session(nullptr), _checkTimer(10 * IN_MILLISECONDS), _clientResponseTimer(0),
@@ -47,10 +44,7 @@ void Warden::MakeModuleForClient()
TC_LOG_DEBUG("warden", "Make module for client");
InitializeModuleForClient(_module.emplace());
- MD5_CTX ctx;
- MD5_Init(&ctx);
- MD5_Update(&ctx, _module->CompressedData, _module->CompressedSize);
- MD5_Final(_module->Id.data(), &ctx);
+ _module->Id = Trinity::Crypto::MD5::GetDigestOf(_module->CompressedData, _module->CompressedSize);
}
void Warden::SendModuleToClient()
@@ -160,28 +154,19 @@ bool Warden::IsValidCheckSum(uint32 checksum, uint8 const* data, const uint16 le
}
}
-struct keyData {
- union
- {
- struct
- {
- uint8 bytes[20];
- } bytes;
-
- struct
- {
- uint32 ints[5];
- } ints;
- };
+union keyData
+{
+ std::array<uint8, 20> bytes;
+ std::array<uint32, 5> ints;
};
uint32 Warden::BuildChecksum(uint8 const* data, uint32 length)
{
keyData hash;
- SHA1(data, length, hash.bytes.bytes);
+ hash.bytes = Trinity::Crypto::SHA1::GetDigestOf(data, size_t(length));
uint32 checkSum = 0;
for (uint8 i = 0; i < 5; ++i)
- checkSum = checkSum ^ hash.ints.ints[i];
+ checkSum = checkSum ^ hash.ints[i];
return checkSum;
}
diff --git a/src/server/game/Warden/WardenMac.cpp b/src/server/game/Warden/WardenMac.cpp
index b2242123818..65f60670771 100644
--- a/src/server/game/Warden/WardenMac.cpp
+++ b/src/server/game/Warden/WardenMac.cpp
@@ -18,6 +18,7 @@
#include "WardenMac.h"
#include "ByteBuffer.h"
#include "Common.h"
+#include "CryptoHash.h"
#include "GameTime.h"
#include "Log.h"
#include "Opcodes.h"
@@ -28,7 +29,6 @@
#include "WorldPacket.h"
#include "WorldSession.h"
-#include <openssl/md5.h>
#include <array>
WardenMac::WardenMac() : Warden() { }
@@ -231,12 +231,7 @@ void WardenMac::HandleCheckResult(ByteBuffer &buff)
//found = true;
}
- MD5_CTX ctx;
- MD5_Init(&ctx);
- MD5_Update(&ctx, str.c_str(), str.size());
- std::array<uint8, 16> ourMD5Hash;
- MD5_Final(ourMD5Hash.data(), &ctx);
-
+ std::array<uint8, 16> ourMD5Hash = Trinity::Crypto::MD5::GetDigestOf(str);
std::array<uint8, 16> theirsMD5Hash;
buff.read(theirsMD5Hash);
diff --git a/src/server/worldserver/Main.cpp b/src/server/worldserver/Main.cpp
index f370881001e..1c97d92b8f3 100644
--- a/src/server/worldserver/Main.cpp
+++ b/src/server/worldserver/Main.cpp
@@ -201,7 +201,7 @@ extern int main(int argc, char** argv)
[]()
{
TC_LOG_INFO("server.worldserver", "Using configuration file %s.", sConfigMgr->GetFilename().c_str());
- TC_LOG_INFO("server.worldserver", "Using SSL version: %s (library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
+ TC_LOG_INFO("server.worldserver", "Using SSL version: %s (library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION));
TC_LOG_INFO("server.worldserver", "Using Boost version: %i.%i.%i", BOOST_VERSION / 100000, BOOST_VERSION / 100 % 1000, BOOST_VERSION % 100);
}
);