aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/common/Cryptography/ARC4.cpp4
-rw-r--r--src/common/Cryptography/ARC4.h4
-rw-r--r--src/common/Cryptography/BigNumber.cpp21
-rw-r--r--src/common/Cryptography/BigNumber.h8
-rw-r--r--src/server/authserver/Server/AuthSession.cpp18
5 files changed, 29 insertions, 26 deletions
diff --git a/src/common/Cryptography/ARC4.cpp b/src/common/Cryptography/ARC4.cpp
index eea523a2090..ead85a18e67 100644
--- a/src/common/Cryptography/ARC4.cpp
+++ b/src/common/Cryptography/ARC4.cpp
@@ -18,14 +18,14 @@
#include "ARC4.h"
-ARC4::ARC4(uint8 len) : m_ctx()
+ARC4::ARC4(uint32 len) : m_ctx()
{
EVP_CIPHER_CTX_init(&m_ctx);
EVP_EncryptInit_ex(&m_ctx, EVP_rc4(), NULL, NULL, NULL);
EVP_CIPHER_CTX_set_key_length(&m_ctx, len);
}
-ARC4::ARC4(uint8 *seed, uint8 len) : m_ctx()
+ARC4::ARC4(uint8 *seed, uint32 len) : m_ctx()
{
EVP_CIPHER_CTX_init(&m_ctx);
EVP_EncryptInit_ex(&m_ctx, EVP_rc4(), NULL, NULL, NULL);
diff --git a/src/common/Cryptography/ARC4.h b/src/common/Cryptography/ARC4.h
index 7e680176836..df412944ef6 100644
--- a/src/common/Cryptography/ARC4.h
+++ b/src/common/Cryptography/ARC4.h
@@ -25,8 +25,8 @@
class TC_COMMON_API ARC4
{
public:
- ARC4(uint8 len);
- ARC4(uint8 *seed, uint8 len);
+ ARC4(uint32 len);
+ ARC4(uint8 *seed, uint32 len);
~ARC4();
void Init(uint8 *seed);
void UpdateData(int len, uint8 *data);
diff --git a/src/common/Cryptography/BigNumber.cpp b/src/common/Cryptography/BigNumber.cpp
index 3b85122ebab..0d5dafc336b 100644
--- a/src/common/Cryptography/BigNumber.cpp
+++ b/src/common/Cryptography/BigNumber.cpp
@@ -163,11 +163,16 @@ uint32 BigNumber::AsDword()
return (uint32)BN_get_word(_bn);
}
-bool BigNumber::isZero() const
+bool BigNumber::IsZero() const
{
return BN_is_zero(_bn);
}
+bool BigNumber::IsNegative() const
+{
+ return BN_is_negative(_bn);
+}
+
std::unique_ptr<uint8[]> BigNumber::AsByteArray(int32 minSize, bool littleEndian)
{
int numBytes = GetNumBytes();
@@ -189,13 +194,19 @@ std::unique_ptr<uint8[]> BigNumber::AsByteArray(int32 minSize, bool littleEndian
return ret;
}
-char * BigNumber::AsHexStr() const
+std::string BigNumber::AsHexStr() const
{
- return BN_bn2hex(_bn);
+ char* ch = BN_bn2hex(_bn);
+ std::string ret = ch;
+ OPENSSL_free(ch);
+ return ret;
}
-char * BigNumber::AsDecStr() const
+std::string BigNumber::AsDecStr() const
{
- return BN_bn2dec(_bn);
+ char* ch = BN_bn2dec(_bn);
+ std::string ret = ch;
+ OPENSSL_free(ch);
+ return ret;
}
diff --git a/src/common/Cryptography/BigNumber.h b/src/common/Cryptography/BigNumber.h
index 1d21be1b431..baf338552d0 100644
--- a/src/common/Cryptography/BigNumber.h
+++ b/src/common/Cryptography/BigNumber.h
@@ -21,6 +21,7 @@
#include <memory>
#include "Define.h"
+#include <string>
struct bignum_st;
@@ -76,7 +77,8 @@ class TC_COMMON_API BigNumber
return t %= bn;
}
- bool isZero() const;
+ bool IsZero() const;
+ bool IsNegative() const;
BigNumber ModExp(BigNumber const& bn1, BigNumber const& bn2);
BigNumber Exp(BigNumber const&);
@@ -89,8 +91,8 @@ class TC_COMMON_API BigNumber
std::unique_ptr<uint8[]> AsByteArray(int32 minSize = 0, bool littleEndian = true);
- char * AsHexStr() const;
- char * AsDecStr() const;
+ std::string AsHexStr() const;
+ std::string AsDecStr() const;
private:
struct bignum_st *_bn;
diff --git a/src/server/authserver/Server/AuthSession.cpp b/src/server/authserver/Server/AuthSession.cpp
index 43c327ffda1..ec72651ecb7 100644
--- a/src/server/authserver/Server/AuthSession.cpp
+++ b/src/server/authserver/Server/AuthSession.cpp
@@ -499,7 +499,7 @@ bool AuthSession::HandleLogonProof()
A.SetBinary(logonProof->A, 32);
// SRP safeguard: abort if A == 0
- if (A.isZero())
+ if (A.IsZero())
{
return false;
}
@@ -575,18 +575,15 @@ bool AuthSession::HandleLogonProof()
// Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
// No SQL injection (escaped user name) and IP address as received by socket
- const char *K_hex = K.AsHexStr();
PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF);
- stmt->setString(0, K_hex);
+ stmt->setString(0, K.AsHexStr());
stmt->setString(1, GetRemoteIpAddress().to_string().c_str());
stmt->setUInt32(2, GetLocaleByName(_localizationName));
stmt->setString(3, _os);
stmt->setString(4, _accountInfo.Login);
LoginDatabase.DirectExecute(stmt);
- OPENSSL_free((void*)K_hex);
-
// Finish SRP6 and send the final result to the client
sha.Initialize();
sha.UpdateBigNumbers(&A, &M, &K, NULL);
@@ -959,16 +956,9 @@ void AuthSession::SetVSFields(const std::string& rI)
v = g.ModExp(x, N);
// No SQL injection (username escaped)
- char *v_hex, *s_hex;
- v_hex = v.AsHexStr();
- s_hex = s.AsHexStr();
-
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
- stmt->setString(0, v_hex);
- stmt->setString(1, s_hex);
+ stmt->setString(0, v.AsHexStr());
+ stmt->setString(1, s.AsHexStr());
stmt->setString(2, _accountInfo.Login);
LoginDatabase.Execute(stmt);
-
- OPENSSL_free(v_hex);
- OPENSSL_free(s_hex);
}