Move half of the Challenge Hash stuff.

Sources/Plasma/Apps/plClient/winmain.cpp

@@ -994,7 +994,9 @@ static void SaveUserPass (LoginDialogParam *pLoginParam, char *password)
             memcpy(pLoginParam->namePassHash, shasum.GetData(), sizeof(ShaDigest));
         }
         else
-            CryptHashPassword(wusername, wpassword, &pLoginParam->namePassHash);
+        {
+            CryptHashPassword(_TEMP_CONVERT_FROM_WCHAR_T(wusername), _TEMP_CONVERT_FROM_WCHAR_T(wpassword), pLoginParam->namePassHash);
+        }
     }
 
     NetCommSetAccountUsernamePassword(wusername, pLoginParam->namePassHash);

Sources/Plasma/NucleusLib/pnEncryption/CMakeLists.txt

@@ -3,10 +3,12 @@ include_directories("../../NucleusLib")
 include_directories(${OPENSSL_INCLUDE_DIR})
 
 set(pnEncryption_SOURCES
+    plChallengeHash.cpp
     plChecksum.cpp
 )
 
 set(pnEncryption_HEADERS
+    plChallengeHash.h
     plChecksum.h
 )
 

Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.cpp

@@ -0,0 +1,78 @@
+/*==LICENSE==*
+
+CyanWorlds.com Engine - MMOG client, server and tools
+Copyright (C) 2011  Cyan Worlds, Inc.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Additional permissions under GNU GPL version 3 section 7
+
+If you modify this Program, or any covered work, by linking or
+combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
+NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
+JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
+(or a modified version of those libraries),
+containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
+PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
+JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
+licensors of this Program grant you additional
+permission to convey the resulting work. Corresponding Source for a
+non-source form of such a combination shall include the source code for
+the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
+work.
+
+You can contact Cyan Worlds, Inc. by email legal@cyan.com
+ or by snail mail at:
+      Cyan Worlds, Inc.
+      14617 N Newport Hwy
+      Mead, WA   99021
+
+*==LICENSE==*/
+
+#include "plChallengeHash.h"
+#include "pnUtils/pnUtils.h"
+
+ShaDigest fSeed;
+
+void CryptCreateRandomSeed(size_t length, uint8_t* data) {
+}
+
+void CryptHashPassword(const plString& username, const plString& password, ShaDigest dest) {
+
+    /* This should be unnecessary once plString has ToLower() */
+    wchar_t* w_name = (wchar_t*)_TEMP_CONVERT_TO_WCHAR_T(username);
+    StrLower(w_name);
+
+    plString buf = password;
+    buf += _TEMP_CONVERT_FROM_WCHAR_T(w_name);
+
+    plSHAChecksum sum(buf.GetSize() * sizeof(wchar_t), (uint8_t*)_TEMP_CONVERT_TO_WCHAR_T(buf));
+
+    memcpy(dest, sum.GetValue(), sizeof(ShaDigest));
+}
+
+void CryptHashPasswordChallenge(uint32_t clientChallenge, uint32_t serverChallenge, ShaDigest namePassHash, ShaDigest challengeHash) {
+    plSHAChecksum sum;
+
+    sum.Start();
+    sum.AddTo(sizeof(uint32_t), (uint8_t*)&clientChallenge);
+    sum.AddTo(sizeof(uint32_t), (uint8_t*)&serverChallenge);
+    sum.AddTo(sizeof(ShaDigest), namePassHash);
+    sum.Finish();
+
+    memcpy(challengeHash, sum.GetValue(), sizeof(ShaDigest));
+}
+
+void CryptCreateFastWeakChallenge(uint32_t* challenge, uint32_t val1, uint32_t val2) {
+}

Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.h

@@ -0,0 +1,57 @@
+/*==LICENSE==*
+
+CyanWorlds.com Engine - MMOG client, server and tools
+Copyright (C) 2011  Cyan Worlds, Inc.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Additional permissions under GNU GPL version 3 section 7
+
+If you modify this Program, or any covered work, by linking or
+combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
+NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
+JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
+(or a modified version of those libraries),
+containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
+PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
+JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
+licensors of this Program grant you additional
+permission to convey the resulting work. Corresponding Source for a
+non-source form of such a combination shall include the source code for
+the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
+work.
+
+You can contact Cyan Worlds, Inc. by email legal@cyan.com
+ or by snail mail at:
+      Cyan Worlds, Inc.
+      14617 N Newport Hwy
+      Mead, WA   99021
+
+*==LICENSE==*/
+#ifndef PL_CHALLENGE_HASH_H
+#define PL_CHALLENGE_HASH_H
+
+#include "HeadSpin.h"
+#include "plChecksum.h"
+#include "plString.h"
+
+void CryptCreateRandomSeed(size_t length, uint8_t* data);
+
+void CryptHashPassword(const plString& username, const plString& password, ShaDigest dest);
+
+void CryptHashPasswordChallenge(uint32_t clientChallenge, uint32_t serverChallenge, ShaDigest namePassHash, ShaDigest challengeHash);
+
+void CryptCreateFastWeakChallenge(uint32_t* challenge, uint32_t val1, uint32_t val2);
+
+#endif //PL_CHALLENGE_HASH_H

Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp

@@ -104,7 +104,7 @@ plChecksum::plChecksum(unsigned int bufsize, const char* buffer)
 
 //============================================================================
 
-plMD5Checksum::plMD5Checksum( uint32_t size, uint8_t *buffer )
+plMD5Checksum::plMD5Checksum(size_t size, uint8_t *buffer )
 {
     fValid = false;
     Start();
@@ -173,7 +173,7 @@ void plMD5Checksum::Start()
     fValid = false;
 }
 
-void plMD5Checksum::AddTo( uint32_t size, const uint8_t *buffer )
+void plMD5Checksum::AddTo(size_t size, const uint8_t *buffer )
 {
     MD5_Update( &fContext, buffer, size );
 }
@@ -230,7 +230,7 @@ bool plMD5Checksum::operator==( const plMD5Checksum &rhs ) const
 
 //============================================================================
 
-plSHAChecksum::plSHAChecksum( uint32_t size, uint8_t *buffer )
+plSHAChecksum::plSHAChecksum(size_t size, uint8_t *buffer )
 {
     fValid = false;
     Start();
@@ -301,7 +301,7 @@ void plSHAChecksum::Start()
     fValid = false;
 }
 
-void plSHAChecksum::AddTo(uint32_t size, const uint8_t* buffer)
+void plSHAChecksum::AddTo(size_t size, const uint8_t* buffer)
 {
     SHA_Update(&fContext, buffer, size);
 }
@@ -356,7 +356,7 @@ bool plSHAChecksum::operator==(const plSHAChecksum& rhs) const
 
 //============================================================================
 
-plSHA1Checksum::plSHA1Checksum( uint32_t size, uint8_t *buffer )
+plSHA1Checksum::plSHA1Checksum(size_t size, uint8_t *buffer )
 {
     fValid = false;
     Start();
@@ -427,7 +427,7 @@ void plSHA1Checksum::Start()
     fValid = false;
 }
 
-void plSHA1Checksum::AddTo(uint32_t size, const uint8_t* buffer)
+void plSHA1Checksum::AddTo(size_t size, const uint8_t* buffer)
 {
     SHA1_Update(&fContext, buffer, size);
 }

Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h

@@ -69,7 +69,7 @@ class plMD5Checksum
         uint8_t fChecksum[MD5_DIGEST_LENGTH];
 
     public:
-        plMD5Checksum(uint32_t size, uint8_t *buffer);
+        plMD5Checksum(size_t size, uint8_t *buffer);
         plMD5Checksum();
         plMD5Checksum(const plMD5Checksum &rhs);
         plMD5Checksum(const char *fileName);
@@ -82,11 +82,11 @@ class plMD5Checksum
         void    CalcFromStream(hsStream* stream);
 
         void    Start();
-        void    AddTo(uint32_t size, const uint8_t *buffer);
+        void    AddTo(size_t size, const uint8_t *buffer);
         void    Finish();
 
         const uint8_t *GetValue() const { return fChecksum; }
-        uint32_t      GetSize() const { return sizeof(fChecksum); }
+        size_t      GetSize() const { return sizeof(fChecksum); }
 
         // Backdoor for cached checksums (ie, if you loaded it off disk)
         void SetValue(uint8_t* checksum);
@@ -113,7 +113,7 @@ class plSHAChecksum
         ShaDigest fChecksum;
 
     public:
-        plSHAChecksum(uint32_t size, uint8_t* buffer);
+        plSHAChecksum(size_t size, uint8_t* buffer);
         plSHAChecksum();
         plSHAChecksum(const plSHAChecksum& rhs);
         plSHAChecksum(const char* fileName);
@@ -126,11 +126,11 @@ class plSHAChecksum
         void CalcFromStream(hsStream* stream);
 
         void Start();
-        void AddTo(uint32_t size, const uint8_t* buffer);
+        void AddTo(size_t size, const uint8_t* buffer);
         void Finish();
 
         const uint8_t* GetValue() const { return fChecksum; }
-        uint32_t GetSize() const { return sizeof(fChecksum); }
+        size_t GetSize() const { return sizeof(fChecksum); }
 
         // Backdoor for cached checksums (ie, if you loaded it off disk)
         void SetValue(uint8_t* checksum);
@@ -152,7 +152,7 @@ class plSHA1Checksum
         ShaDigest fChecksum;
 
     public:
-        plSHA1Checksum(uint32_t size, uint8_t* buffer);
+        plSHA1Checksum(size_t size, uint8_t* buffer);
         plSHA1Checksum();
         plSHA1Checksum(const plSHA1Checksum& rhs);
         plSHA1Checksum(const char* fileName);
@@ -165,11 +165,11 @@ class plSHA1Checksum
         void CalcFromStream(hsStream* stream);
 
         void Start();
-        void AddTo(uint32_t size, const uint8_t* buffer);
+        void AddTo(size_t size, const uint8_t* buffer);
         void Finish();
 
         const uint8_t* GetValue() const { return fChecksum; }
-        uint32_t GetSize() const { return sizeof(fChecksum); }
+        size_t GetSize() const { return sizeof(fChecksum); }
 
         // Backdoor for cached checksums (ie, if you loaded it off disk)
         void SetValue(uint8_t* checksum);

Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp

@@ -282,49 +282,6 @@ void CryptCreateRandomSeed (
     }
 }
 
-//============================================================================
-void CryptHashPassword (
-    const wchar_t username[],
-    const wchar_t password[],
-    ShaDigest * namePassHash
-) {
-    unsigned passlen = StrLen(password);
-    unsigned userlen = StrLen(username);
-
-    wchar_t * buffer = (wchar_t*)malloc(sizeof(wchar_t) * (passlen + userlen));
-    StrCopy(buffer, password, passlen);
-    StrCopy(buffer + passlen, username, userlen);
-    StrLower(buffer + passlen); // lowercase the username
-
-    CryptDigest(
-        kCryptSha,
-        namePassHash,
-        (userlen + passlen) * sizeof(buffer[0]),
-        buffer
-    );
-
-    free(buffer);
-}
-
-//============================================================================
-void CryptHashPasswordChallenge (
-    unsigned            clientChallenge,
-    unsigned            serverChallenge,
-    const ShaDigest &   namePassHash,
-    ShaDigest *         challengeHash
-) {
-#pragma pack(push, 1)
-    struct {
-        uint32_t       clientChallenge;
-        uint32_t       serverChallenge;
-        ShaDigest   namePassHash;
-    } buffer;
-#pragma pack(pop)
-    buffer.clientChallenge  = clientChallenge;
-    buffer.serverChallenge  = serverChallenge;
-    buffer.namePassHash     = namePassHash;
-    CryptDigest(kCryptSha, challengeHash, sizeof(buffer), &buffer);
-}
 
 //============================================================================
 void CryptCreateFastWeakChallenge (

Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h

@@ -124,19 +124,6 @@ void CryptCreateRandomSeed (
     uint8_t *          data
 );
 
-void CryptHashPassword (
-    const wchar_t username[],
-    const wchar_t password[],
-    ShaDigest * namePassHash
-);
-
-void CryptHashPasswordChallenge (
-    unsigned            clientChallenge,
-    unsigned            serverChallenge,
-    const ShaDigest &   namePassHash,
-    ShaDigest *         challengeHash
-);
-
 void CryptCreateFastWeakChallenge (
     unsigned *  challenge,
     unsigned    val1,

Sources/Plasma/PubUtilLib/plNetClientComm/plNetClientComm.cpp

@@ -52,6 +52,7 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
 #include "pnNetCli/pnNetCli.h"
 #include "plNetGameLib/plNetGameLib.h"
 #include "pnIni/pnIni.h"
+#include "pnEncryption/plChallengeHash.h"
 
 #include "plMessage/plNetCommMsgs.h"
 #include "plMessage/plNetClientMgrMsg.h"
@@ -775,7 +776,7 @@ static void IReadNetIni() {
                 L""
             );
 
-            CryptHashPassword(s_iniAccountUsername, password, &s_namePassHash);
+            CryptHashPassword(_TEMP_CONVERT_FROM_WCHAR_T(s_iniAccountUsername), _TEMP_CONVERT_FROM_WCHAR_T(password), s_namePassHash);
         }
         else {
             StrCopy(s_iniStartupAgeName, L"StartUp", arrsize(s_iniStartupAgeName));

Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglAuth.cpp

@@ -48,6 +48,8 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
 #include "../Pch.h"
 #pragma hdrstop
 
+#include "pnEncryption/plChallengeHash.h"
+
 namespace Ngl { namespace Auth {
 /*****************************************************************************
 *
@@ -2661,7 +2663,7 @@ bool LoginRequestTrans::Send () {
             clientChallenge,
             s_active->serverChallenge,
             s_accountNamePassHash,
-            &challengeHash
+            challengeHash
         );
     }
 
@@ -2818,9 +2820,9 @@ AccountCreateRequestTrans::AccountCreateRequestTrans (
     StrCopy(m_accountName, accountName, arrsize(m_accountName));
 
     CryptHashPassword(
-        m_accountName,
-        password,
-        &m_namePassHash
+        _TEMP_CONVERT_FROM_WCHAR_T(m_accountName),
+        _TEMP_CONVERT_FROM_WCHAR_T(password),
+        m_namePassHash
     );
 }
 
@@ -2888,9 +2890,9 @@ AccountCreateFromKeyRequestTrans::AccountCreateFromKeyRequestTrans (
     StrCopy(m_accountName, accountName, arrsize(m_accountName));
 
     CryptHashPassword(
-        m_accountName,
-        password,
-        &m_namePassHash
+        _TEMP_CONVERT_FROM_WCHAR_T(m_accountName),
+        _TEMP_CONVERT_FROM_WCHAR_T(password),
+        m_namePassHash
     );
 }
 
@@ -3186,9 +3188,9 @@ AccountChangePasswordRequestTrans::AccountChangePasswordRequestTrans (
     StrCopy(m_accountName, accountName, arrsize(m_accountName));
     
     CryptHashPassword(
-        m_accountName,
-        password,
-        &m_namePassHash
+        _TEMP_CONVERT_FROM_WCHAR_T(m_accountName),
+        _TEMP_CONVERT_FROM_WCHAR_T(password),
+        m_namePassHash
     );
 }
 

Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglCsr.cpp

@@ -48,6 +48,8 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
 #include "../Pch.h"
 #pragma hdrstop
 
+#include "pnEncryption/plChallengeHash.h"
+
 
 namespace Ngl { namespace Csr {
 /*****************************************************************************
@@ -659,7 +661,7 @@ bool LoginRequestTrans::Send () {
         clientChallenge,
         s_active->serverChallenge,
         m_namePassHash,
-        &challengeHash
+        challengeHash
     );
 
     const uintptr_t msg[] = {