From a142eb9f7a9683f98fe1e9153f6958f80d374c9d Mon Sep 17 00:00:00 2001 From: Shauren Date: Wed, 30 Apr 2014 20:16:08 +0200 Subject: Core/Auth: Battle.net stuff --- .../Cryptography/Authentication/AuthCrypt.cpp | 73 ---------------------- .../shared/Cryptography/Authentication/AuthCrypt.h | 42 ------------- .../Cryptography/Authentication/PacketCrypt.cpp | 39 ++++++++++++ .../Cryptography/Authentication/PacketCrypt.h | 43 +++++++++++++ .../Authentication/WorldPacketCrypt.cpp | 51 +++++++++++++++ .../Cryptography/Authentication/WorldPacketCrypt.h | 34 ++++++++++ src/server/shared/Cryptography/HMACSHA1.cpp | 57 ----------------- src/server/shared/Cryptography/HMACSHA1.h | 47 -------------- src/server/shared/Cryptography/HmacHash.cpp | 59 +++++++++++++++++ src/server/shared/Cryptography/HmacHash.h | 48 ++++++++++++++ 10 files changed, 274 insertions(+), 219 deletions(-) delete mode 100644 src/server/shared/Cryptography/Authentication/AuthCrypt.cpp delete mode 100644 src/server/shared/Cryptography/Authentication/AuthCrypt.h create mode 100644 src/server/shared/Cryptography/Authentication/PacketCrypt.cpp create mode 100644 src/server/shared/Cryptography/Authentication/PacketCrypt.h create mode 100644 src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp create mode 100644 src/server/shared/Cryptography/Authentication/WorldPacketCrypt.h delete mode 100644 src/server/shared/Cryptography/HMACSHA1.cpp delete mode 100644 src/server/shared/Cryptography/HMACSHA1.h create mode 100644 src/server/shared/Cryptography/HmacHash.cpp create mode 100644 src/server/shared/Cryptography/HmacHash.h (limited to 'src/server/shared/Cryptography') diff --git a/src/server/shared/Cryptography/Authentication/AuthCrypt.cpp b/src/server/shared/Cryptography/Authentication/AuthCrypt.cpp deleted file mode 100644 index ff94f307254..00000000000 --- a/src/server/shared/Cryptography/Authentication/AuthCrypt.cpp +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (C) 2008-2014 TrinityCore - * Copyright (C) 2005-2009 MaNGOS - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along - * with this program. If not, see . - */ - -#include "AuthCrypt.h" -#include "Cryptography/HMACSHA1.h" -#include "Cryptography/BigNumber.h" - -AuthCrypt::AuthCrypt() : - _clientDecrypt(SHA_DIGEST_LENGTH), _serverEncrypt(SHA_DIGEST_LENGTH), - _initialized(false) -{ } - -void AuthCrypt::Init(BigNumber* K) -{ - uint8 ServerEncryptionKey[SEED_KEY_SIZE] = { 0xCC, 0x98, 0xAE, 0x04, 0xE8, 0x97, 0xEA, 0xCA, 0x12, 0xDD, 0xC0, 0x93, 0x42, 0x91, 0x53, 0x57 }; - HmacHash serverEncryptHmac(SEED_KEY_SIZE, (uint8*)ServerEncryptionKey); - uint8 *encryptHash = serverEncryptHmac.ComputeHash(K); - - uint8 ServerDecryptionKey[SEED_KEY_SIZE] = { 0xC2, 0xB3, 0x72, 0x3C, 0xC6, 0xAE, 0xD9, 0xB5, 0x34, 0x3C, 0x53, 0xEE, 0x2F, 0x43, 0x67, 0xCE }; - HmacHash clientDecryptHmac(SEED_KEY_SIZE, (uint8*)ServerDecryptionKey); - uint8 *decryptHash = clientDecryptHmac.ComputeHash(K); - - //ARC4 _serverDecrypt(encryptHash); - _clientDecrypt.Init(decryptHash); - _serverEncrypt.Init(encryptHash); - //ARC4 _clientEncrypt(decryptHash); - - // Drop first 1024 bytes, as WoW uses ARC4-drop1024. - uint8 syncBuf[1024]; - memset(syncBuf, 0, 1024); - - _serverEncrypt.UpdateData(1024, syncBuf); - //_clientEncrypt.UpdateData(1024, syncBuf); - - memset(syncBuf, 0, 1024); - - //_serverDecrypt.UpdateData(1024, syncBuf); - _clientDecrypt.UpdateData(1024, syncBuf); - - _initialized = true; -} - -void AuthCrypt::DecryptRecv(uint8 *data, size_t len) -{ - if (!_initialized) - return; - - _clientDecrypt.UpdateData(len, data); -} - -void AuthCrypt::EncryptSend(uint8 *data, size_t len) -{ - if (!_initialized) - return; - - _serverEncrypt.UpdateData(len, data); -} - diff --git a/src/server/shared/Cryptography/Authentication/AuthCrypt.h b/src/server/shared/Cryptography/Authentication/AuthCrypt.h deleted file mode 100644 index 8fa150068a2..00000000000 --- a/src/server/shared/Cryptography/Authentication/AuthCrypt.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (C) 2008-2014 TrinityCore - * Copyright (C) 2005-2009 MaNGOS - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along - * with this program. If not, see . - */ - -#ifndef _AUTHCRYPT_H -#define _AUTHCRYPT_H - -#include "Cryptography/ARC4.h" - -class BigNumber; - -class AuthCrypt -{ - public: - AuthCrypt(); - - void Init(BigNumber* K); - void DecryptRecv(uint8 *, size_t); - void EncryptSend(uint8 *, size_t); - - bool IsInitialized() const { return _initialized; } - - private: - ARC4 _clientDecrypt; - ARC4 _serverEncrypt; - bool _initialized; -}; -#endif diff --git a/src/server/shared/Cryptography/Authentication/PacketCrypt.cpp b/src/server/shared/Cryptography/Authentication/PacketCrypt.cpp new file mode 100644 index 00000000000..7fac311b8a2 --- /dev/null +++ b/src/server/shared/Cryptography/Authentication/PacketCrypt.cpp @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#include "PacketCrypt.h" + +PacketCrypt::PacketCrypt(uint32 rc4InitSize) + : _clientDecrypt(rc4InitSize), _serverEncrypt(rc4InitSize), _initialized(false) +{ +} + +void PacketCrypt::DecryptRecv(uint8* data, size_t len) +{ + if (!_initialized) + return; + + _clientDecrypt.UpdateData(len, data); +} + +void PacketCrypt::EncryptSend(uint8* data, size_t len) +{ + if (!_initialized) + return; + + _serverEncrypt.UpdateData(len, data); +} diff --git a/src/server/shared/Cryptography/Authentication/PacketCrypt.h b/src/server/shared/Cryptography/Authentication/PacketCrypt.h new file mode 100644 index 00000000000..36f3b81fb53 --- /dev/null +++ b/src/server/shared/Cryptography/Authentication/PacketCrypt.h @@ -0,0 +1,43 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#ifndef _PACKETCRYPT_H +#define _PACKETCRYPT_H + +#include "Cryptography/ARC4.h" + +class BigNumber; + +class PacketCrypt +{ + public: + PacketCrypt(uint32 rc4InitSize); + virtual ~PacketCrypt() { } + + virtual void Init(BigNumber* K) = 0; + void DecryptRecv(uint8* data, size_t length); + void EncryptSend(uint8* data, size_t length); + + bool IsInitialized() const { return _initialized; } + + protected: + ARC4 _clientDecrypt; + ARC4 _serverEncrypt; + bool _initialized; +}; + +#endif // _PACKETCRYPT_H diff --git a/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp b/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp new file mode 100644 index 00000000000..c6b283d9961 --- /dev/null +++ b/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * Copyright (C) 2005-2009 MaNGOS + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#include "WorldPacketCrypt.h" +#include "Cryptography/HmacHash.h" +#include "Cryptography/BigNumber.h" + +WorldPacketCrypt::WorldPacketCrypt() : PacketCrypt(SHA_DIGEST_LENGTH) +{ +} + +void WorldPacketCrypt::Init(BigNumber* K) +{ + uint8 ServerEncryptionKey[SEED_KEY_SIZE] = { 0xCC, 0x98, 0xAE, 0x04, 0xE8, 0x97, 0xEA, 0xCA, 0x12, 0xDD, 0xC0, 0x93, 0x42, 0x91, 0x53, 0x57 }; + HmacHash serverEncryptHmac(SEED_KEY_SIZE, (uint8*)ServerEncryptionKey, EVP_sha1(), SHA_DIGEST_LENGTH); + uint8 *encryptHash = serverEncryptHmac.ComputeHash(K); + + uint8 ServerDecryptionKey[SEED_KEY_SIZE] = { 0xC2, 0xB3, 0x72, 0x3C, 0xC6, 0xAE, 0xD9, 0xB5, 0x34, 0x3C, 0x53, 0xEE, 0x2F, 0x43, 0x67, 0xCE }; + HmacHash clientDecryptHmac(SEED_KEY_SIZE, (uint8*)ServerDecryptionKey, EVP_sha1(), SHA_DIGEST_LENGTH); + uint8 *decryptHash = clientDecryptHmac.ComputeHash(K); + + _clientDecrypt.Init(decryptHash); + _serverEncrypt.Init(encryptHash); + + // Drop first 1024 bytes, as WoW uses ARC4-drop1024. + uint8 syncBuf[1024]; + memset(syncBuf, 0, 1024); + + _serverEncrypt.UpdateData(1024, syncBuf); + + memset(syncBuf, 0, 1024); + + _clientDecrypt.UpdateData(1024, syncBuf); + + _initialized = true; +} diff --git a/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.h b/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.h new file mode 100644 index 00000000000..7ccca11f09d --- /dev/null +++ b/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.h @@ -0,0 +1,34 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * Copyright (C) 2005-2009 MaNGOS + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#ifndef _WORLDPACKETCRYPT_H +#define _WORLDPACKETCRYPT_H + +#include "PacketCrypt.h" + +class BigNumber; + +class WorldPacketCrypt : public PacketCrypt +{ + public: + WorldPacketCrypt(); + + void Init(BigNumber* K) override; +}; + +#endif // _WORLDPACKETCRYPT_H diff --git a/src/server/shared/Cryptography/HMACSHA1.cpp b/src/server/shared/Cryptography/HMACSHA1.cpp deleted file mode 100644 index 2148a3b8a7b..00000000000 --- a/src/server/shared/Cryptography/HMACSHA1.cpp +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (C) 2008-2014 TrinityCore - * Copyright (C) 2005-2009 MaNGOS - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along - * with this program. If not, see . - */ - -#include "HMACSHA1.h" -#include "BigNumber.h" -#include "Common.h" - -HmacHash::HmacHash(uint32 len, uint8 *seed) -{ - HMAC_CTX_init(&m_ctx); - HMAC_Init_ex(&m_ctx, seed, len, EVP_sha1(), NULL); - memset(m_digest, 0, sizeof(m_digest)); -} - -HmacHash::~HmacHash() -{ - HMAC_CTX_cleanup(&m_ctx); -} - -void HmacHash::UpdateData(const std::string &str) -{ - HMAC_Update(&m_ctx, (uint8 const*)str.c_str(), str.length()); -} - -void HmacHash::UpdateData(const uint8* data, size_t len) -{ - HMAC_Update(&m_ctx, data, len); -} - -void HmacHash::Finalize() -{ - uint32 length = 0; - HMAC_Final(&m_ctx, (uint8*)m_digest, &length); - ASSERT(length == SHA_DIGEST_LENGTH); -} - -uint8 *HmacHash::ComputeHash(BigNumber* bn) -{ - HMAC_Update(&m_ctx, bn->AsByteArray().get(), bn->GetNumBytes()); - Finalize(); - return (uint8*)m_digest; -} diff --git a/src/server/shared/Cryptography/HMACSHA1.h b/src/server/shared/Cryptography/HMACSHA1.h deleted file mode 100644 index de1556d3c98..00000000000 --- a/src/server/shared/Cryptography/HMACSHA1.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (C) 2008-2014 TrinityCore - * Copyright (C) 2005-2009 MaNGOS - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along - * with this program. If not, see . - */ - -#ifndef _AUTH_HMAC_H -#define _AUTH_HMAC_H - -#include "Define.h" -#include -#include -#include - -class BigNumber; - -#define SEED_KEY_SIZE 16 - -class HmacHash -{ - public: - HmacHash(uint32 len, uint8 *seed); - ~HmacHash(); - void UpdateData(const std::string &str); - void UpdateData(const uint8* data, size_t len); - void Finalize(); - uint8 *ComputeHash(BigNumber* bn); - uint8 *GetDigest() { return (uint8*)m_digest; } - int GetLength() const { return SHA_DIGEST_LENGTH; } - private: - HMAC_CTX m_ctx; - uint8 m_digest[SHA_DIGEST_LENGTH]; -}; -#endif - diff --git a/src/server/shared/Cryptography/HmacHash.cpp b/src/server/shared/Cryptography/HmacHash.cpp new file mode 100644 index 00000000000..7a365ade457 --- /dev/null +++ b/src/server/shared/Cryptography/HmacHash.cpp @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * Copyright (C) 2005-2009 MaNGOS + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#include "HmacHash.h" +#include "BigNumber.h" +#include "Common.h" + +HmacHash::HmacHash(uint32 len, uint8 *seed, EVP_MD const* hasher, uint32 digestLength) +{ + HMAC_CTX_init(&_ctx); + HMAC_Init_ex(&_ctx, seed, len, hasher, NULL); + _digest = new uint8[digestLength]; + memset(_digest, 0, digestLength); +} + +HmacHash::~HmacHash() +{ + HMAC_CTX_cleanup(&_ctx); + delete[] _digest; +} + +void HmacHash::UpdateData(const std::string &str) +{ + HMAC_Update(&_ctx, (uint8 const*)str.c_str(), str.length()); +} + +void HmacHash::UpdateData(const uint8* data, size_t len) +{ + HMAC_Update(&_ctx, data, len); +} + +void HmacHash::Finalize() +{ + uint32 length = 0; + HMAC_Final(&_ctx, _digest, &length); + ASSERT(length == _digestLength); +} + +uint8* HmacHash::ComputeHash(BigNumber* bn) +{ + HMAC_Update(&_ctx, bn->AsByteArray().get(), bn->GetNumBytes()); + Finalize(); + return _digest; +} diff --git a/src/server/shared/Cryptography/HmacHash.h b/src/server/shared/Cryptography/HmacHash.h new file mode 100644 index 00000000000..cf59e16f08e --- /dev/null +++ b/src/server/shared/Cryptography/HmacHash.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * Copyright (C) 2005-2009 MaNGOS + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#ifndef _AUTH_HMAC_H +#define _AUTH_HMAC_H + +#include "Define.h" +#include +#include +#include + +class BigNumber; + +#define SEED_KEY_SIZE 16 + +class HmacHash +{ + public: + HmacHash(uint32 len, uint8 *seed, EVP_MD const* hasher, uint32 digestLength); + ~HmacHash(); + void UpdateData(const std::string &str); + void UpdateData(const uint8* data, size_t len); + void Finalize(); + uint8* ComputeHash(BigNumber* bn); + uint8* GetDigest() { return _digest; } + int GetLength() const { return SHA_DIGEST_LENGTH; } + private: + HMAC_CTX _ctx; + uint8* _digest; + uint32 _digestLength; +}; + +#endif -- cgit v1.2.3 From b2180ef5b849bd81a6b85a99fa9391dd6e20d105 Mon Sep 17 00:00:00 2001 From: Shauren Date: Fri, 2 May 2014 13:31:23 +0200 Subject: Core/Cryptography: Added class to generate SHA256 hashes --- src/server/shared/Cryptography/SHA256.cpp | 66 +++++++++++++++++++++++++++++++ src/server/shared/Cryptography/SHA256.h | 49 +++++++++++++++++++++++ 2 files changed, 115 insertions(+) create mode 100644 src/server/shared/Cryptography/SHA256.cpp create mode 100644 src/server/shared/Cryptography/SHA256.h (limited to 'src/server/shared/Cryptography') diff --git a/src/server/shared/Cryptography/SHA256.cpp b/src/server/shared/Cryptography/SHA256.cpp new file mode 100644 index 00000000000..b58c7db40c6 --- /dev/null +++ b/src/server/shared/Cryptography/SHA256.cpp @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#include "SHA256.h" +#include "BigNumber.h" +#include + +SHA256Hash::SHA256Hash() +{ + SHA256_Init(&mC); + memset(mDigest, 0, SHA256_DIGEST_LENGTH * sizeof(uint8)); +} + +SHA256Hash::~SHA256Hash() +{ + SHA256_Init(&mC); +} + +void SHA256Hash::UpdateData(const uint8 *dta, int len) +{ + SHA256_Update(&mC, dta, len); +} + +void SHA256Hash::UpdateData(const std::string &str) +{ + UpdateData((uint8 const*)str.c_str(), str.length()); +} + +void SHA256Hash::UpdateBigNumbers(BigNumber* bn0, ...) +{ + va_list v; + BigNumber* bn; + + va_start(v, bn0); + bn = bn0; + while (bn) + { + UpdateData(bn->AsByteArray().get(), bn->GetNumBytes()); + bn = va_arg(v, BigNumber*); + } + va_end(v); +} + +void SHA256Hash::Initialize() +{ + SHA256_Init(&mC); +} + +void SHA256Hash::Finalize(void) +{ + SHA256_Final(mDigest, &mC); +} diff --git a/src/server/shared/Cryptography/SHA256.h b/src/server/shared/Cryptography/SHA256.h new file mode 100644 index 00000000000..78b3666dca8 --- /dev/null +++ b/src/server/shared/Cryptography/SHA256.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2008-2014 TrinityCore + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#ifndef SHA256_h__ +#define SHA256_h__ + +#include "Define.h" +#include +#include + +class BigNumber; + +class SHA256Hash +{ + public: + SHA256Hash(); + ~SHA256Hash(); + + void UpdateBigNumbers(BigNumber* bn0, ...); + + void UpdateData(const uint8 *dta, int len); + void UpdateData(const std::string &str); + + void Initialize(); + void Finalize(); + + uint8 *GetDigest(void) { return mDigest; }; + int GetLength(void) const { return SHA256_DIGEST_LENGTH; }; + + private: + SHA256_CTX mC; + uint8 mDigest[SHA256_DIGEST_LENGTH]; +}; + +#endif // SHA256_h__ -- cgit v1.2.3 From f0d6f87138a915825f9986fae80ccd1fb72c154c Mon Sep 17 00:00:00 2001 From: Shauren Date: Sun, 4 May 2014 11:49:32 +0200 Subject: Core/Battle.net: Fixed encryption --- src/server/authserver/Server/BattlenetPacketCrypt.cpp | 17 ++++++++++------- src/server/shared/Cryptography/HmacHash.cpp | 2 +- 2 files changed, 11 insertions(+), 8 deletions(-) (limited to 'src/server/shared/Cryptography') diff --git a/src/server/authserver/Server/BattlenetPacketCrypt.cpp b/src/server/authserver/Server/BattlenetPacketCrypt.cpp index 10aa684e10a..31fcfdd930a 100644 --- a/src/server/authserver/Server/BattlenetPacketCrypt.cpp +++ b/src/server/authserver/Server/BattlenetPacketCrypt.cpp @@ -26,14 +26,17 @@ Battlenet::PacketCrypt::PacketCrypt() : ::PacketCrypt(SHA256_DIGEST_LENGTH) void Battlenet::PacketCrypt::Init(BigNumber* K) { uint8 ServerEncryptionKey[SEED_KEY_SIZE] = { 0x68, 0xE0, 0xC7, 0x2E, 0xDD, 0xD6, 0xD2, 0xF3, 0x1E, 0x5A, 0xB1, 0x55, 0xB1, 0x8B, 0x63, 0x1E }; - HmacHash serverEncryptHmac(SEED_KEY_SIZE, ServerEncryptionKey, EVP_sha256(), SHA256_DIGEST_LENGTH); - uint8 *encryptHash = serverEncryptHmac.ComputeHash(K); - uint8 ClientDecryptionKey[SEED_KEY_SIZE] = { 0xDE, 0xA9, 0x65, 0xAE, 0x54, 0x3A, 0x1E, 0x93, 0x9E, 0x69, 0x0C, 0xAA, 0x68, 0xDE, 0x78, 0x39 }; - HmacHash clientDecryptHmac(SEED_KEY_SIZE, ClientDecryptionKey, EVP_sha256(), SHA256_DIGEST_LENGTH); - uint8 *decryptHash = clientDecryptHmac.ComputeHash(K); - _clientDecrypt.Init(decryptHash); - _serverEncrypt.Init(encryptHash); + HmacHash serverEncryptHmac(K->GetNumBytes(), K->AsByteArray().get(), EVP_sha256(), SHA256_DIGEST_LENGTH); + serverEncryptHmac.UpdateData(ServerEncryptionKey, SEED_KEY_SIZE); + serverEncryptHmac.Finalize(); + + HmacHash clientDecryptHmac(K->GetNumBytes(), K->AsByteArray().get(), EVP_sha256(), SHA256_DIGEST_LENGTH); + clientDecryptHmac.UpdateData(ClientDecryptionKey, SEED_KEY_SIZE); + clientDecryptHmac.Finalize(); + + _clientDecrypt.Init(clientDecryptHmac.GetDigest()); + _serverEncrypt.Init(serverEncryptHmac.GetDigest()); _initialized = true; } diff --git a/src/server/shared/Cryptography/HmacHash.cpp b/src/server/shared/Cryptography/HmacHash.cpp index 7a365ade457..71fc362ae5d 100644 --- a/src/server/shared/Cryptography/HmacHash.cpp +++ b/src/server/shared/Cryptography/HmacHash.cpp @@ -20,7 +20,7 @@ #include "BigNumber.h" #include "Common.h" -HmacHash::HmacHash(uint32 len, uint8 *seed, EVP_MD const* hasher, uint32 digestLength) +HmacHash::HmacHash(uint32 len, uint8 *seed, EVP_MD const* hasher, uint32 digestLength) : _digestLength(digestLength) { HMAC_CTX_init(&_ctx); HMAC_Init_ex(&_ctx, seed, len, hasher, NULL); -- cgit v1.2.3 From a860d5ca47031a7123da901c1c26a1107901dad0 Mon Sep 17 00:00:00 2001 From: Shauren Date: Sun, 1 Jun 2014 02:37:40 +0200 Subject: Core/Crypto: Fixed values returned by HmacHash::GetLength --- src/server/shared/Cryptography/HmacHash.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/server/shared/Cryptography') diff --git a/src/server/shared/Cryptography/HmacHash.h b/src/server/shared/Cryptography/HmacHash.h index cf59e16f08e..bf82e39a526 100644 --- a/src/server/shared/Cryptography/HmacHash.h +++ b/src/server/shared/Cryptography/HmacHash.h @@ -38,7 +38,7 @@ class HmacHash void Finalize(); uint8* ComputeHash(BigNumber* bn); uint8* GetDigest() { return _digest; } - int GetLength() const { return SHA_DIGEST_LENGTH; } + uint32 GetLength() const { return _digestLength; } private: HMAC_CTX _ctx; uint8* _digest; -- cgit v1.2.3 From dc5c5ef6361f3f4dbb5fc9b5a755951c83f954fa Mon Sep 17 00:00:00 2001 From: Shauren Date: Sun, 1 Jun 2014 13:03:30 +0200 Subject: Core/Authserver: Refactoring - moved GetAddressForClient to Realm structure, changed BigNumber string methods to return std::string, added missing prepared statement --- src/server/authserver/Realms/RealmList.cpp | 21 ++++++++++- src/server/authserver/Realms/RealmList.h | 2 + src/server/authserver/Server/AuthSocket.cpp | 43 ++-------------------- src/server/authserver/Server/AuthSocket.h | 2 - src/server/authserver/Server/BattlenetSocket.cpp | 39 ++++---------------- src/server/authserver/Server/BattlenetSocket.h | 3 +- src/server/shared/Cryptography/BigNumber.cpp | 14 +++++-- src/server/shared/Cryptography/BigNumber.h | 5 ++- .../Database/Implementation/LoginDatabase.cpp | 3 +- .../shared/Database/Implementation/LoginDatabase.h | 1 + 10 files changed, 51 insertions(+), 82 deletions(-) (limited to 'src/server/shared/Cryptography') diff --git a/src/server/authserver/Realms/RealmList.cpp b/src/server/authserver/Realms/RealmList.cpp index bd856623faf..48b7a178c2d 100644 --- a/src/server/authserver/Realms/RealmList.cpp +++ b/src/server/authserver/Realms/RealmList.cpp @@ -20,8 +20,27 @@ #include "RealmList.h" #include "BattlenetManager.h" #include "Database/DatabaseEnv.h" +#include "Util.h" -RealmList::RealmList() : m_UpdateInterval(0), m_NextUpdateTime(time(NULL)) { } +ACE_INET_Addr const& Realm::GetAddressForClient(ACE_INET_Addr const& clientAddr) const +{ + // Attempt to send best address for client + if (clientAddr.is_loopback()) + // Assume that user connecting from the machine that authserver is located on + // has all realms available in his local network + return LocalAddress; + + // Check if connecting client is in the same network + if (IsIPAddrInNetwork(LocalAddress, clientAddr, LocalSubnetMask)) + return LocalAddress; + + // Return external IP + return ExternalAddress; +} + +RealmList::RealmList() : m_UpdateInterval(0), m_NextUpdateTime(time(NULL)) +{ +} // Load the realm list from the database void RealmList::Initialize(uint32 updateInterval) diff --git a/src/server/authserver/Realms/RealmList.h b/src/server/authserver/Realms/RealmList.h index ab453720827..c4a6b4eaa0b 100644 --- a/src/server/authserver/Realms/RealmList.h +++ b/src/server/authserver/Realms/RealmList.h @@ -53,6 +53,8 @@ struct Realm uint32 gamebuild; uint8 Region; uint8 Battlegroup; + + ACE_INET_Addr const& GetAddressForClient(ACE_INET_Addr const& clientAddr) const; }; namespace Battlenet diff --git a/src/server/authserver/Server/AuthSocket.cpp b/src/server/authserver/Server/AuthSocket.cpp index 3afce0d77d9..8180967a92e 100644 --- a/src/server/authserver/Server/AuthSocket.cpp +++ b/src/server/authserver/Server/AuthSocket.cpp @@ -293,19 +293,11 @@ void AuthSocket::_SetVSFields(const std::string& rI) x.SetBinary(sha.GetDigest(), sha.GetLength()); v = g.ModExp(x, N); - // No SQL injection (username escaped) - char *v_hex, *s_hex; - v_hex = v.AsHexStr(); - s_hex = s.AsHexStr(); - PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS); - stmt->setString(0, v_hex); - stmt->setString(1, s_hex); + stmt->setString(0, v.AsHexStr()); + stmt->setString(1, s.AsHexStr()); stmt->setString(2, _login); LoginDatabase.Execute(stmt); - - OPENSSL_free(v_hex); - OPENSSL_free(s_hex); } // Logon Challenge command handler @@ -650,19 +642,14 @@ bool AuthSocket::_HandleLogonProof() TC_LOG_DEBUG("server.authserver", "'%s:%d' User '%s' successfully authenticated", socket().getRemoteAddress().c_str(), socket().getRemotePort(), _login.c_str()); // Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account - // No SQL injection (escaped user name) and IP address as received by socket - const char *K_hex = K.AsHexStr(); - PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF); - stmt->setString(0, K_hex); + stmt->setString(0, K.AsHexStr()); stmt->setString(1, socket().getRemoteAddress().c_str()); stmt->setUInt32(2, GetLocaleByName(_localizationName)); stmt->setString(3, _os); stmt->setString(4, _login); LoginDatabase.DirectExecute(stmt); - OPENSSL_free((void*)K_hex); - // Finish SRP6 and send the final result to the client sha.Initialize(); sha.UpdateBigNumbers(&A, &M, &K, NULL); @@ -879,28 +866,6 @@ bool AuthSocket::_HandleReconnectProof() } } -ACE_INET_Addr const& AuthSocket::GetAddressForClient(Realm const& realm, ACE_INET_Addr const& clientAddr) -{ - // Attempt to send best address for client - if (clientAddr.is_loopback()) - { - // Try guessing if realm is also connected locally - if (realm.LocalAddress.is_loopback() || realm.ExternalAddress.is_loopback()) - return clientAddr; - - // Assume that user connecting from the machine that authserver is located on - // has all realms available in his local network - return realm.LocalAddress; - } - - // Check if connecting client is in the same network - if (IsIPAddrInNetwork(realm.LocalAddress, clientAddr, realm.LocalSubnetMask)) - return realm.LocalAddress; - - // Return external IP - return realm.ExternalAddress; -} - // Realm List command handler bool AuthSocket::_HandleRealmList() { @@ -981,7 +946,7 @@ bool AuthSocket::_HandleRealmList() pkt << lock; // if 1, then realm locked pkt << uint8(flag); // RealmFlags pkt << name; - pkt << GetAddressString(GetAddressForClient(realm, clientAddr)); + pkt << GetAddressString(realm.GetAddressForClient(clientAddr)); pkt << realm.populationLevel; pkt << AmountOfCharacters; pkt << realm.timezone; // realm category diff --git a/src/server/authserver/Server/AuthSocket.h b/src/server/authserver/Server/AuthSocket.h index 5e04d459ba1..e81944389ef 100644 --- a/src/server/authserver/Server/AuthSocket.h +++ b/src/server/authserver/Server/AuthSocket.h @@ -39,8 +39,6 @@ public: virtual void OnAccept(void); virtual void OnClose(void); - static ACE_INET_Addr const& GetAddressForClient(Realm const& realm, ACE_INET_Addr const& clientAddr); - bool _HandleLogonChallenge(); bool _HandleLogonProof(); bool _HandleReconnectChallenge(); diff --git a/src/server/authserver/Server/BattlenetSocket.cpp b/src/server/authserver/Server/BattlenetSocket.cpp index 12b02b5963e..258ae371075 100644 --- a/src/server/authserver/Server/BattlenetSocket.cpp +++ b/src/server/authserver/Server/BattlenetSocket.cpp @@ -94,35 +94,12 @@ void Battlenet::Socket::_SetVSFields(std::string const& pstr) x.SetBinary(sha.GetDigest(), sha.GetLength()); v = g.ModExp(x, N); - char* v_hex = v.AsHexStr(); - char* s_hex = s.AsHexStr(); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_VS_FIELDS); + stmt->setString(0, v.AsHexStr()); + stmt->setString(1, s.AsHexStr()); + stmt->setString(2, _accountName); - LoginDatabase.PExecute("UPDATE battlenet_accounts SET s = '%s', v = '%s' WHERE email ='%s'", s_hex, v_hex, _accountName.c_str()); - - OPENSSL_free(v_hex); - OPENSSL_free(s_hex); -} - -ACE_INET_Addr const& Battlenet::Socket::GetAddressForClient(Realm const& realm, ACE_INET_Addr const& clientAddr) -{ - // Attempt to send best address for client - if (clientAddr.is_loopback()) - { - // Try guessing if realm is also connected locally - if (realm.LocalAddress.is_loopback() || realm.ExternalAddress.is_loopback()) - return clientAddr; - - // Assume that user connecting from the machine that authserver is located on - // has all realms available in his local network - return realm.LocalAddress; - } - - // Check if connecting client is in the same network - if (IsIPAddrInNetwork(realm.LocalAddress, clientAddr, realm.LocalSubnetMask)) - return realm.LocalAddress; - - // Return external IP - return realm.ExternalAddress; + LoginDatabase.Execute(stmt); } bool Battlenet::Socket::HandleAuthChallenge(PacketHeader& header, BitStream& packet) @@ -425,7 +402,7 @@ bool Battlenet::Socket::HandleRealmUpdateSubscribe(PacketHeader& /*header*/, Bit version << buildInfo->MajorVersion << '.' << buildInfo->MinorVersion << '.' << buildInfo->BugfixVersion << '.' << buildInfo->HotfixVersion; update->Version = version.str(); - update->Address = GetAddressForClient(realm, clientAddr); + update->Address = realm.GetAddressForClient(clientAddr); update->Build = realm.gamebuild; } @@ -821,7 +798,7 @@ bool Battlenet::Socket::HandleRiskFingerprintModule(BitStream* dataStream, Serve complete->GameAccountName = str.str(); complete->AccountFlags = 0x800000; // 0x1 IsGMAccount, 0x8 IsTrialAccount, 0x800000 IsProPassAccount - PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_LAST_LOGIN_INFO); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_LAST_LOGIN_INFO); stmt->setString(0, _socket.getRemoteAddress()); stmt->setUInt8(1, GetLocaleByName(_locale)); stmt->setString(2, _os); @@ -832,7 +809,7 @@ bool Battlenet::Socket::HandleRiskFingerprintModule(BitStream* dataStream, Serve complete->SetAuthResult(AUTH_BAD_VERSION_HASH); ReplaceResponse(response, complete); - return false; + return true; } bool Battlenet::Socket::UnhandledModule(BitStream* /*dataStream*/, ServerPacket** response) diff --git a/src/server/authserver/Server/BattlenetSocket.h b/src/server/authserver/Server/BattlenetSocket.h index ef6157b022a..ff441b19cdd 100644 --- a/src/server/authserver/Server/BattlenetSocket.h +++ b/src/server/authserver/Server/BattlenetSocket.h @@ -47,7 +47,7 @@ namespace Battlenet static uint32 const SRP6_V_Size; static uint32 const SRP6_S_Size; - Socket(RealmSocket& socket); + explicit Socket(RealmSocket& socket); typedef bool(Socket::*PacketHandler)(PacketHeader& socket, BitStream& packet); @@ -71,7 +71,6 @@ namespace Battlenet private: void _SetVSFields(std::string const& rI); - static ACE_INET_Addr const& GetAddressForClient(Realm const& realm, ACE_INET_Addr const& clientAddr); typedef bool(Socket::*ModuleHandler)(BitStream* dataStream, ServerPacket** response); static ModuleHandler const ModuleHandlers[MODULE_COUNT]; diff --git a/src/server/shared/Cryptography/BigNumber.cpp b/src/server/shared/Cryptography/BigNumber.cpp index 1f3fc96e28d..1c82314bdba 100644 --- a/src/server/shared/Cryptography/BigNumber.cpp +++ b/src/server/shared/Cryptography/BigNumber.cpp @@ -190,13 +190,19 @@ ACE_Auto_Array_Ptr BigNumber::AsByteArray(int32 minSize, bool littleEndia return ret; } -char * BigNumber::AsHexStr() const +std::string BigNumber::AsHexStr() const { - return BN_bn2hex(_bn); + char* ch = BN_bn2hex(_bn); + std::string ret = ch; + OPENSSL_free(ch); + return ret; } -char * BigNumber::AsDecStr() const +std::string BigNumber::AsDecStr() const { - return BN_bn2dec(_bn); + char* ch = BN_bn2dec(_bn); + std::string ret = ch; + OPENSSL_free(ch); + return ret; } diff --git a/src/server/shared/Cryptography/BigNumber.h b/src/server/shared/Cryptography/BigNumber.h index dc553babec9..7de53b442ae 100644 --- a/src/server/shared/Cryptography/BigNumber.h +++ b/src/server/shared/Cryptography/BigNumber.h @@ -21,6 +21,7 @@ #include "Define.h" #include +#include struct bignum_st; @@ -89,8 +90,8 @@ class BigNumber ACE_Auto_Array_Ptr AsByteArray(int32 minSize = 0, bool littleEndian = true); - char * AsHexStr() const; - char * AsDecStr() const; + std::string AsHexStr() const; + std::string AsDecStr() const; private: struct bignum_st *_bn; diff --git a/src/server/shared/Database/Implementation/LoginDatabase.cpp b/src/server/shared/Database/Implementation/LoginDatabase.cpp index 208873448c6..a54557310e1 100644 --- a/src/server/shared/Database/Implementation/LoginDatabase.cpp +++ b/src/server/shared/Database/Implementation/LoginDatabase.cpp @@ -106,6 +106,7 @@ void LoginDatabaseConnection::DoPrepareStatements() PrepareStatement(LOGIN_SEL_BNET_ACCOUNT_INFO, "SELECT sha_pass_hash, id, locked, lock_country, last_ip, v, s FROM battlenet_accounts WHERE email = ?", CONNECTION_SYNCH); PrepareStatement(LOGIN_DEL_BNET_EXPIRED_BANS, "UPDATE battlenet_account_bans SET active = 0 WHERE active = 1 AND unbandate <> bandate AND unbandate <= UNIX_TIMESTAMP()", CONNECTION_SYNCH); PrepareStatement(LOGIN_SEL_BNET_ACTIVE_ACCOUNT_BAN, "SELECT bandate, unbandate FROM battlenet_account_bans WHERE id = ? AND active = 1", CONNECTION_SYNCH); + PrepareStatement(LOGIN_UPD_BNET_VS_FIELDS, "UPDATE battlenet_accounts SET v = ?, s = ? WHERE email = ?", CONNECTION_ASYNC); PrepareStatement(LOGIN_SEL_BNET_GAME_ACCOUNTS, "SELECT a.username, a.id, ab.bandate, ab.unbandate, ab.active FROM account a LEFT JOIN account_banned ab ON a.id = ab.id WHERE battlenet_account = ?", CONNECTION_SYNCH); PrepareStatement(LOGIN_SEL_BNET_GAME_ACCOUNT, "SELECT a.id, ab.bandate, ab.unbandate, ab.active FROM account a LEFT JOIN account_banned ab ON a.id = ab.id WHERE username = ? AND battlenet_account = ?", CONNECTION_SYNCH); PrepareStatement(LOGIN_UPD_BNET_LAST_LOGIN_INFO, "UPDATE battlenet_accounts SET last_ip = ?, last_login = NOW(), locale = ?, failed_logins = 0, os = ? WHERE id = ?", CONNECTION_ASYNC); @@ -114,5 +115,5 @@ void LoginDatabaseConnection::DoPrepareStatements() PrepareStatement(LOGIN_SEL_BNET_ACCOUNT_EMAIL_BY_ID, "SELECT email FROM battlenet_accounts WHERE id = ?", CONNECTION_SYNCH); PrepareStatement(LOGIN_SEL_BNET_ACCOUNT_ID_BY_EMAIL, "SELECT id FROM battlenet_accounts WHERE email = ?", CONNECTION_SYNCH); PrepareStatement(LOGIN_UPD_BNET_PASSWORD, "UPDATE account SET v = '', s = '', username = ?, sha_pass_hash = ? WHERE id = ?", CONNECTION_ASYNC); - PrepareStatement(LOGIN_SEL_BNET_CHECK_PASSWORD, "SELECT 1 FROM battlenet_accounts WHERE id = %u AND sha_pass_hash = ?", CONNECTION_ASYNC); + PrepareStatement(LOGIN_SEL_BNET_CHECK_PASSWORD, "SELECT 1 FROM battlenet_accounts WHERE id = ? AND sha_pass_hash = ?", CONNECTION_ASYNC); } diff --git a/src/server/shared/Database/Implementation/LoginDatabase.h b/src/server/shared/Database/Implementation/LoginDatabase.h index 18f9110409d..fff7a36766c 100644 --- a/src/server/shared/Database/Implementation/LoginDatabase.h +++ b/src/server/shared/Database/Implementation/LoginDatabase.h @@ -125,6 +125,7 @@ enum LoginDatabaseStatements LOGIN_SEL_BNET_ACCOUNT_INFO, LOGIN_DEL_BNET_EXPIRED_BANS, LOGIN_SEL_BNET_ACTIVE_ACCOUNT_BAN, + LOGIN_UPD_BNET_VS_FIELDS, LOGIN_SEL_BNET_GAME_ACCOUNTS, LOGIN_SEL_BNET_GAME_ACCOUNT, LOGIN_UPD_BNET_LAST_LOGIN_INFO, -- cgit v1.2.3 From 7a27492071d79b036343b90ecdf1678548f3c550 Mon Sep 17 00:00:00 2001 From: Shauren Date: Tue, 3 Jun 2014 18:15:35 +0200 Subject: Core/Crypto: Refactored HmacHash to make it easier to use with different hash algorithms --- .../authserver/Server/BattlenetPacketCrypt.cpp | 4 +-- src/server/authserver/Server/BattlenetSocket.cpp | 12 ++++----- src/server/game/Warden/WardenWin.cpp | 2 +- .../Authentication/WorldPacketCrypt.cpp | 4 +-- src/server/shared/Cryptography/HmacHash.cpp | 29 ++++++++++++++-------- src/server/shared/Cryptography/HmacHash.h | 17 ++++++++----- 6 files changed, 40 insertions(+), 28 deletions(-) (limited to 'src/server/shared/Cryptography') diff --git a/src/server/authserver/Server/BattlenetPacketCrypt.cpp b/src/server/authserver/Server/BattlenetPacketCrypt.cpp index 31fcfdd930a..de4cf73f71c 100644 --- a/src/server/authserver/Server/BattlenetPacketCrypt.cpp +++ b/src/server/authserver/Server/BattlenetPacketCrypt.cpp @@ -28,11 +28,11 @@ void Battlenet::PacketCrypt::Init(BigNumber* K) uint8 ServerEncryptionKey[SEED_KEY_SIZE] = { 0x68, 0xE0, 0xC7, 0x2E, 0xDD, 0xD6, 0xD2, 0xF3, 0x1E, 0x5A, 0xB1, 0x55, 0xB1, 0x8B, 0x63, 0x1E }; uint8 ClientDecryptionKey[SEED_KEY_SIZE] = { 0xDE, 0xA9, 0x65, 0xAE, 0x54, 0x3A, 0x1E, 0x93, 0x9E, 0x69, 0x0C, 0xAA, 0x68, 0xDE, 0x78, 0x39 }; - HmacHash serverEncryptHmac(K->GetNumBytes(), K->AsByteArray().get(), EVP_sha256(), SHA256_DIGEST_LENGTH); + HmacSha256 serverEncryptHmac(K->GetNumBytes(), K->AsByteArray().get()); serverEncryptHmac.UpdateData(ServerEncryptionKey, SEED_KEY_SIZE); serverEncryptHmac.Finalize(); - HmacHash clientDecryptHmac(K->GetNumBytes(), K->AsByteArray().get(), EVP_sha256(), SHA256_DIGEST_LENGTH); + HmacSha256 clientDecryptHmac(K->GetNumBytes(), K->AsByteArray().get()); clientDecryptHmac.UpdateData(ClientDecryptionKey, SEED_KEY_SIZE); clientDecryptHmac.Finalize(); diff --git a/src/server/authserver/Server/BattlenetSocket.cpp b/src/server/authserver/Server/BattlenetSocket.cpp index db72cbf5e07..1cce8f2f94d 100644 --- a/src/server/authserver/Server/BattlenetSocket.cpp +++ b/src/server/authserver/Server/BattlenetSocket.cpp @@ -503,7 +503,7 @@ bool Battlenet::Socket::HandleRealmJoinRequest(PacketHeader& header, BitStream& result.ServerSeed = uint32(rand32()); uint8 sessionKey[40]; - HmacHash hmac(K.GetNumBytes(), K.AsByteArray().get(), EVP_sha1(), SHA_DIGEST_LENGTH); + HmacSha1 hmac(K.GetNumBytes(), K.AsByteArray().get()); hmac.UpdateData((uint8*)"WoW\0", 4); hmac.UpdateData((uint8*)&join.ClientSeed, 4); hmac.UpdateData((uint8*)&result.ServerSeed, 4); @@ -511,7 +511,7 @@ bool Battlenet::Socket::HandleRealmJoinRequest(PacketHeader& header, BitStream& memcpy(sessionKey, hmac.GetDigest(), hmac.GetLength()); - HmacHash hmac2(K.GetNumBytes(), K.AsByteArray().get(), EVP_sha1(), SHA_DIGEST_LENGTH); + HmacSha1 hmac2(K.GetNumBytes(), K.AsByteArray().get()); hmac2.UpdateData((uint8*)"WoW\0", 4); hmac2.UpdateData((uint8*)&result.ServerSeed, 4); hmac2.UpdateData((uint8*)&join.ClientSeed, 4); @@ -915,13 +915,13 @@ bool Battlenet::Socket::HandleResumeModule(BitStream* dataStream, ServerPacket** ACE_Auto_Array_Ptr&& serverChallenge = _reconnectProof.AsByteArray(); ACE_Auto_Array_Ptr&& sessionKey = K.AsByteArray(); - HmacHash clientPart(64, sessionKey.get(), EVP_sha256(), SHA256_DIGEST_LENGTH); + HmacSha256 clientPart(64, sessionKey.get()); clientPart.UpdateData(&ResumeClient, 1); clientPart.UpdateData(clientChallenge.get(), 16); clientPart.UpdateData(serverChallenge.get(), 16); clientPart.Finalize(); - HmacHash serverPart(64, sessionKey.get(), EVP_sha256(), SHA256_DIGEST_LENGTH); + HmacSha256 serverPart(64, sessionKey.get()); serverPart.UpdateData(&ResumeServer, 1); serverPart.UpdateData(serverChallenge.get(), 16); serverPart.UpdateData(clientChallenge.get(), 16); @@ -933,7 +933,7 @@ bool Battlenet::Socket::HandleResumeModule(BitStream* dataStream, ServerPacket** K.SetBinary(newSessionKey, 64); - HmacHash proof(64, newSessionKey, EVP_sha256(), SHA256_DIGEST_LENGTH); + HmacSha256 proof(64, newSessionKey); proof.UpdateData(&ResumeClient, 1); proof.UpdateData(clientChallenge.get(), 16); proof.UpdateData(serverChallenge.get(), 16); @@ -953,7 +953,7 @@ bool Battlenet::Socket::HandleResumeModule(BitStream* dataStream, ServerPacket** stmt->setUInt32(1, _accountId); LoginDatabase.Execute(stmt); - HmacHash serverProof(64, newSessionKey, EVP_sha256(), SHA256_DIGEST_LENGTH); + HmacSha256 serverProof(64, newSessionKey); serverProof.UpdateData(&ResumeServer, 1); serverProof.UpdateData(serverChallenge.get(), 16); serverProof.UpdateData(clientChallenge.get(), 16); diff --git a/src/server/game/Warden/WardenWin.cpp b/src/server/game/Warden/WardenWin.cpp index 3014fcfb993..3428708ed69 100644 --- a/src/server/game/Warden/WardenWin.cpp +++ b/src/server/game/Warden/WardenWin.cpp @@ -283,7 +283,7 @@ void WardenWin::RequestData() { uint32 seed = static_cast(rand32()); buff << uint32(seed); - HmacHash hmac(4, (uint8*)&seed, EVP_sha1(), SHA_DIGEST_LENGTH); + HmacSha1 hmac(4, (uint8*)&seed); hmac.UpdateData(wd->Str); hmac.Finalize(); buff.append(hmac.GetDigest(), hmac.GetLength()); diff --git a/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp b/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp index c6b283d9961..10403b84a1f 100644 --- a/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp +++ b/src/server/shared/Cryptography/Authentication/WorldPacketCrypt.cpp @@ -27,11 +27,11 @@ WorldPacketCrypt::WorldPacketCrypt() : PacketCrypt(SHA_DIGEST_LENGTH) void WorldPacketCrypt::Init(BigNumber* K) { uint8 ServerEncryptionKey[SEED_KEY_SIZE] = { 0xCC, 0x98, 0xAE, 0x04, 0xE8, 0x97, 0xEA, 0xCA, 0x12, 0xDD, 0xC0, 0x93, 0x42, 0x91, 0x53, 0x57 }; - HmacHash serverEncryptHmac(SEED_KEY_SIZE, (uint8*)ServerEncryptionKey, EVP_sha1(), SHA_DIGEST_LENGTH); + HmacSha1 serverEncryptHmac(SEED_KEY_SIZE, (uint8*)ServerEncryptionKey); uint8 *encryptHash = serverEncryptHmac.ComputeHash(K); uint8 ServerDecryptionKey[SEED_KEY_SIZE] = { 0xC2, 0xB3, 0x72, 0x3C, 0xC6, 0xAE, 0xD9, 0xB5, 0x34, 0x3C, 0x53, 0xEE, 0x2F, 0x43, 0x67, 0xCE }; - HmacHash clientDecryptHmac(SEED_KEY_SIZE, (uint8*)ServerDecryptionKey, EVP_sha1(), SHA_DIGEST_LENGTH); + HmacSha1 clientDecryptHmac(SEED_KEY_SIZE, (uint8*)ServerDecryptionKey); uint8 *decryptHash = clientDecryptHmac.ComputeHash(K); _clientDecrypt.Init(decryptHash); diff --git a/src/server/shared/Cryptography/HmacHash.cpp b/src/server/shared/Cryptography/HmacHash.cpp index 71fc362ae5d..2913b9fa79a 100644 --- a/src/server/shared/Cryptography/HmacHash.cpp +++ b/src/server/shared/Cryptography/HmacHash.cpp @@ -20,40 +20,47 @@ #include "BigNumber.h" #include "Common.h" -HmacHash::HmacHash(uint32 len, uint8 *seed, EVP_MD const* hasher, uint32 digestLength) : _digestLength(digestLength) +template +HmacHash::HmacHash(uint32 len, uint8 *seed) { HMAC_CTX_init(&_ctx); - HMAC_Init_ex(&_ctx, seed, len, hasher, NULL); - _digest = new uint8[digestLength]; - memset(_digest, 0, digestLength); + HMAC_Init_ex(&_ctx, seed, len, HashCreator(), NULL); + memset(_digest, 0, DigestLength); } -HmacHash::~HmacHash() +template +HmacHash::~HmacHash() { HMAC_CTX_cleanup(&_ctx); - delete[] _digest; } -void HmacHash::UpdateData(const std::string &str) +template +void HmacHash::UpdateData(const std::string &str) { HMAC_Update(&_ctx, (uint8 const*)str.c_str(), str.length()); } -void HmacHash::UpdateData(const uint8* data, size_t len) +template +void HmacHash::UpdateData(const uint8* data, size_t len) { HMAC_Update(&_ctx, data, len); } -void HmacHash::Finalize() +template +void HmacHash::Finalize() { uint32 length = 0; HMAC_Final(&_ctx, _digest, &length); - ASSERT(length == _digestLength); + ASSERT(length == DigestLength); } -uint8* HmacHash::ComputeHash(BigNumber* bn) +template +uint8* HmacHash::ComputeHash(BigNumber* bn) { HMAC_Update(&_ctx, bn->AsByteArray().get(), bn->GetNumBytes()); Finalize(); return _digest; } + +template class HmacHash; +template class HmacHash; diff --git a/src/server/shared/Cryptography/HmacHash.h b/src/server/shared/Cryptography/HmacHash.h index bf82e39a526..56ee55edda2 100644 --- a/src/server/shared/Cryptography/HmacHash.h +++ b/src/server/shared/Cryptography/HmacHash.h @@ -28,21 +28,26 @@ class BigNumber; #define SEED_KEY_SIZE 16 +typedef EVP_MD const* (*HashCreateFn)(); + +template class HmacHash { public: - HmacHash(uint32 len, uint8 *seed, EVP_MD const* hasher, uint32 digestLength); + HmacHash(uint32 len, uint8 *seed); ~HmacHash(); - void UpdateData(const std::string &str); - void UpdateData(const uint8* data, size_t len); + void UpdateData(std::string const& str); + void UpdateData(uint8 const* data, size_t len); void Finalize(); uint8* ComputeHash(BigNumber* bn); uint8* GetDigest() { return _digest; } - uint32 GetLength() const { return _digestLength; } + uint32 GetLength() const { return DigestLength; } private: HMAC_CTX _ctx; - uint8* _digest; - uint32 _digestLength; + uint8 _digest[DigestLength]; }; +typedef HmacHash HmacSha1; +typedef HmacHash HmacSha256; + #endif -- cgit v1.2.3