From 4a1b36b2843c8fa6482499cbe135ce7c5c1e62bf Mon Sep 17 00:00:00 2001 From: Darryl Pogue Date: Sun, 12 Feb 2012 01:19:22 -0800 Subject: [PATCH] Move half of the Challenge Hash stuff. --- Sources/Plasma/Apps/plClient/winmain.cpp | 4 +- .../NucleusLib/pnEncryption/CMakeLists.txt | 2 + .../pnEncryption/plChallengeHash.cpp | 78 +++++++++++++++++++ .../NucleusLib/pnEncryption/plChallengeHash.h | 57 ++++++++++++++ .../NucleusLib/pnEncryption/plChecksum.cpp | 12 +-- .../NucleusLib/pnEncryption/plChecksum.h | 18 ++--- .../Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp | 43 ---------- Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h | 13 ---- .../plNetClientComm/plNetClientComm.cpp | 3 +- .../plNetGameLib/Private/plNglAuth.cpp | 22 +++--- .../plNetGameLib/Private/plNglCsr.cpp | 4 +- 11 files changed, 172 insertions(+), 84 deletions(-) create mode 100644 Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.cpp create mode 100644 Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.h diff --git a/Sources/Plasma/Apps/plClient/winmain.cpp b/Sources/Plasma/Apps/plClient/winmain.cpp index 166c20a8..4024ee5b 100644 --- a/Sources/Plasma/Apps/plClient/winmain.cpp +++ b/Sources/Plasma/Apps/plClient/winmain.cpp @@ -994,7 +994,9 @@ static void SaveUserPass (LoginDialogParam *pLoginParam, char *password) memcpy(pLoginParam->namePassHash, shasum.GetData(), sizeof(ShaDigest)); } else - CryptHashPassword(wusername, wpassword, &pLoginParam->namePassHash); + { + CryptHashPassword(_TEMP_CONVERT_FROM_WCHAR_T(wusername), _TEMP_CONVERT_FROM_WCHAR_T(wpassword), pLoginParam->namePassHash); + } } NetCommSetAccountUsernamePassword(wusername, pLoginParam->namePassHash); diff --git a/Sources/Plasma/NucleusLib/pnEncryption/CMakeLists.txt b/Sources/Plasma/NucleusLib/pnEncryption/CMakeLists.txt index 55e7f922..b27bffdc 100644 --- a/Sources/Plasma/NucleusLib/pnEncryption/CMakeLists.txt +++ b/Sources/Plasma/NucleusLib/pnEncryption/CMakeLists.txt @@ -3,10 +3,12 @@ include_directories("../../NucleusLib") include_directories(${OPENSSL_INCLUDE_DIR}) set(pnEncryption_SOURCES + plChallengeHash.cpp plChecksum.cpp ) set(pnEncryption_HEADERS + plChallengeHash.h plChecksum.h ) diff --git a/Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.cpp b/Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.cpp new file mode 100644 index 00000000..a5d26794 --- /dev/null +++ b/Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.cpp @@ -0,0 +1,78 @@ +/*==LICENSE==* + +CyanWorlds.com Engine - MMOG client, server and tools +Copyright (C) 2011 Cyan Worlds, Inc. + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . + +Additional permissions under GNU GPL version 3 section 7 + +If you modify this Program, or any covered work, by linking or +combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK, +NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent +JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK +(or a modified version of those libraries), +containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA, +PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG +JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the +licensors of this Program grant you additional +permission to convey the resulting work. Corresponding Source for a +non-source form of such a combination shall include the source code for +the parts of OpenSSL and IJG JPEG Library used as well as that of the covered +work. + +You can contact Cyan Worlds, Inc. by email legal@cyan.com + or by snail mail at: + Cyan Worlds, Inc. + 14617 N Newport Hwy + Mead, WA 99021 + +*==LICENSE==*/ + +#include "plChallengeHash.h" +#include "pnUtils/pnUtils.h" + +ShaDigest fSeed; + +void CryptCreateRandomSeed(size_t length, uint8_t* data) { +} + +void CryptHashPassword(const plString& username, const plString& password, ShaDigest dest) { + + /* This should be unnecessary once plString has ToLower() */ + wchar_t* w_name = (wchar_t*)_TEMP_CONVERT_TO_WCHAR_T(username); + StrLower(w_name); + + plString buf = password; + buf += _TEMP_CONVERT_FROM_WCHAR_T(w_name); + + plSHAChecksum sum(buf.GetSize() * sizeof(wchar_t), (uint8_t*)_TEMP_CONVERT_TO_WCHAR_T(buf)); + + memcpy(dest, sum.GetValue(), sizeof(ShaDigest)); +} + +void CryptHashPasswordChallenge(uint32_t clientChallenge, uint32_t serverChallenge, ShaDigest namePassHash, ShaDigest challengeHash) { + plSHAChecksum sum; + + sum.Start(); + sum.AddTo(sizeof(uint32_t), (uint8_t*)&clientChallenge); + sum.AddTo(sizeof(uint32_t), (uint8_t*)&serverChallenge); + sum.AddTo(sizeof(ShaDigest), namePassHash); + sum.Finish(); + + memcpy(challengeHash, sum.GetValue(), sizeof(ShaDigest)); +} + +void CryptCreateFastWeakChallenge(uint32_t* challenge, uint32_t val1, uint32_t val2) { +} diff --git a/Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.h b/Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.h new file mode 100644 index 00000000..10ff930c --- /dev/null +++ b/Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.h @@ -0,0 +1,57 @@ +/*==LICENSE==* + +CyanWorlds.com Engine - MMOG client, server and tools +Copyright (C) 2011 Cyan Worlds, Inc. + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . + +Additional permissions under GNU GPL version 3 section 7 + +If you modify this Program, or any covered work, by linking or +combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK, +NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent +JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK +(or a modified version of those libraries), +containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA, +PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG +JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the +licensors of this Program grant you additional +permission to convey the resulting work. Corresponding Source for a +non-source form of such a combination shall include the source code for +the parts of OpenSSL and IJG JPEG Library used as well as that of the covered +work. + +You can contact Cyan Worlds, Inc. by email legal@cyan.com + or by snail mail at: + Cyan Worlds, Inc. + 14617 N Newport Hwy + Mead, WA 99021 + +*==LICENSE==*/ +#ifndef PL_CHALLENGE_HASH_H +#define PL_CHALLENGE_HASH_H + +#include "HeadSpin.h" +#include "plChecksum.h" +#include "plString.h" + +void CryptCreateRandomSeed(size_t length, uint8_t* data); + +void CryptHashPassword(const plString& username, const plString& password, ShaDigest dest); + +void CryptHashPasswordChallenge(uint32_t clientChallenge, uint32_t serverChallenge, ShaDigest namePassHash, ShaDigest challengeHash); + +void CryptCreateFastWeakChallenge(uint32_t* challenge, uint32_t val1, uint32_t val2); + +#endif //PL_CHALLENGE_HASH_H diff --git a/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp b/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp index b7c79c0e..e22b6ee9 100644 --- a/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp +++ b/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp @@ -104,7 +104,7 @@ plChecksum::plChecksum(unsigned int bufsize, const char* buffer) //============================================================================ -plMD5Checksum::plMD5Checksum( uint32_t size, uint8_t *buffer ) +plMD5Checksum::plMD5Checksum(size_t size, uint8_t *buffer ) { fValid = false; Start(); @@ -173,7 +173,7 @@ void plMD5Checksum::Start() fValid = false; } -void plMD5Checksum::AddTo( uint32_t size, const uint8_t *buffer ) +void plMD5Checksum::AddTo(size_t size, const uint8_t *buffer ) { MD5_Update( &fContext, buffer, size ); } @@ -230,7 +230,7 @@ bool plMD5Checksum::operator==( const plMD5Checksum &rhs ) const //============================================================================ -plSHAChecksum::plSHAChecksum( uint32_t size, uint8_t *buffer ) +plSHAChecksum::plSHAChecksum(size_t size, uint8_t *buffer ) { fValid = false; Start(); @@ -301,7 +301,7 @@ void plSHAChecksum::Start() fValid = false; } -void plSHAChecksum::AddTo(uint32_t size, const uint8_t* buffer) +void plSHAChecksum::AddTo(size_t size, const uint8_t* buffer) { SHA_Update(&fContext, buffer, size); } @@ -356,7 +356,7 @@ bool plSHAChecksum::operator==(const plSHAChecksum& rhs) const //============================================================================ -plSHA1Checksum::plSHA1Checksum( uint32_t size, uint8_t *buffer ) +plSHA1Checksum::plSHA1Checksum(size_t size, uint8_t *buffer ) { fValid = false; Start(); @@ -427,7 +427,7 @@ void plSHA1Checksum::Start() fValid = false; } -void plSHA1Checksum::AddTo(uint32_t size, const uint8_t* buffer) +void plSHA1Checksum::AddTo(size_t size, const uint8_t* buffer) { SHA1_Update(&fContext, buffer, size); } diff --git a/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h b/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h index 5cb8dc80..a42529f1 100644 --- a/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h +++ b/Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h @@ -69,7 +69,7 @@ class plMD5Checksum uint8_t fChecksum[MD5_DIGEST_LENGTH]; public: - plMD5Checksum(uint32_t size, uint8_t *buffer); + plMD5Checksum(size_t size, uint8_t *buffer); plMD5Checksum(); plMD5Checksum(const plMD5Checksum &rhs); plMD5Checksum(const char *fileName); @@ -82,11 +82,11 @@ class plMD5Checksum void CalcFromStream(hsStream* stream); void Start(); - void AddTo(uint32_t size, const uint8_t *buffer); + void AddTo(size_t size, const uint8_t *buffer); void Finish(); const uint8_t *GetValue() const { return fChecksum; } - uint32_t GetSize() const { return sizeof(fChecksum); } + size_t GetSize() const { return sizeof(fChecksum); } // Backdoor for cached checksums (ie, if you loaded it off disk) void SetValue(uint8_t* checksum); @@ -113,7 +113,7 @@ class plSHAChecksum ShaDigest fChecksum; public: - plSHAChecksum(uint32_t size, uint8_t* buffer); + plSHAChecksum(size_t size, uint8_t* buffer); plSHAChecksum(); plSHAChecksum(const plSHAChecksum& rhs); plSHAChecksum(const char* fileName); @@ -126,11 +126,11 @@ class plSHAChecksum void CalcFromStream(hsStream* stream); void Start(); - void AddTo(uint32_t size, const uint8_t* buffer); + void AddTo(size_t size, const uint8_t* buffer); void Finish(); const uint8_t* GetValue() const { return fChecksum; } - uint32_t GetSize() const { return sizeof(fChecksum); } + size_t GetSize() const { return sizeof(fChecksum); } // Backdoor for cached checksums (ie, if you loaded it off disk) void SetValue(uint8_t* checksum); @@ -152,7 +152,7 @@ class plSHA1Checksum ShaDigest fChecksum; public: - plSHA1Checksum(uint32_t size, uint8_t* buffer); + plSHA1Checksum(size_t size, uint8_t* buffer); plSHA1Checksum(); plSHA1Checksum(const plSHA1Checksum& rhs); plSHA1Checksum(const char* fileName); @@ -165,11 +165,11 @@ class plSHA1Checksum void CalcFromStream(hsStream* stream); void Start(); - void AddTo(uint32_t size, const uint8_t* buffer); + void AddTo(size_t size, const uint8_t* buffer); void Finish(); const uint8_t* GetValue() const { return fChecksum; } - uint32_t GetSize() const { return sizeof(fChecksum); } + size_t GetSize() const { return sizeof(fChecksum); } // Backdoor for cached checksums (ie, if you loaded it off disk) void SetValue(uint8_t* checksum); diff --git a/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp b/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp index 12cd096b..818ef9d5 100644 --- a/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp +++ b/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp @@ -282,49 +282,6 @@ void CryptCreateRandomSeed ( } } -//============================================================================ -void CryptHashPassword ( - const wchar_t username[], - const wchar_t password[], - ShaDigest * namePassHash -) { - unsigned passlen = StrLen(password); - unsigned userlen = StrLen(username); - - wchar_t * buffer = (wchar_t*)malloc(sizeof(wchar_t) * (passlen + userlen)); - StrCopy(buffer, password, passlen); - StrCopy(buffer + passlen, username, userlen); - StrLower(buffer + passlen); // lowercase the username - - CryptDigest( - kCryptSha, - namePassHash, - (userlen + passlen) * sizeof(buffer[0]), - buffer - ); - - free(buffer); -} - -//============================================================================ -void CryptHashPasswordChallenge ( - unsigned clientChallenge, - unsigned serverChallenge, - const ShaDigest & namePassHash, - ShaDigest * challengeHash -) { -#pragma pack(push, 1) - struct { - uint32_t clientChallenge; - uint32_t serverChallenge; - ShaDigest namePassHash; - } buffer; -#pragma pack(pop) - buffer.clientChallenge = clientChallenge; - buffer.serverChallenge = serverChallenge; - buffer.namePassHash = namePassHash; - CryptDigest(kCryptSha, challengeHash, sizeof(buffer), &buffer); -} //============================================================================ void CryptCreateFastWeakChallenge ( diff --git a/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h b/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h index 7ec9590f..eab9e465 100644 --- a/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h +++ b/Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h @@ -124,19 +124,6 @@ void CryptCreateRandomSeed ( uint8_t * data ); -void CryptHashPassword ( - const wchar_t username[], - const wchar_t password[], - ShaDigest * namePassHash -); - -void CryptHashPasswordChallenge ( - unsigned clientChallenge, - unsigned serverChallenge, - const ShaDigest & namePassHash, - ShaDigest * challengeHash -); - void CryptCreateFastWeakChallenge ( unsigned * challenge, unsigned val1, diff --git a/Sources/Plasma/PubUtilLib/plNetClientComm/plNetClientComm.cpp b/Sources/Plasma/PubUtilLib/plNetClientComm/plNetClientComm.cpp index 326387d7..bfeed522 100644 --- a/Sources/Plasma/PubUtilLib/plNetClientComm/plNetClientComm.cpp +++ b/Sources/Plasma/PubUtilLib/plNetClientComm/plNetClientComm.cpp @@ -52,6 +52,7 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com #include "pnNetCli/pnNetCli.h" #include "plNetGameLib/plNetGameLib.h" #include "pnIni/pnIni.h" +#include "pnEncryption/plChallengeHash.h" #include "plMessage/plNetCommMsgs.h" #include "plMessage/plNetClientMgrMsg.h" @@ -775,7 +776,7 @@ static void IReadNetIni() { L"" ); - CryptHashPassword(s_iniAccountUsername, password, &s_namePassHash); + CryptHashPassword(_TEMP_CONVERT_FROM_WCHAR_T(s_iniAccountUsername), _TEMP_CONVERT_FROM_WCHAR_T(password), s_namePassHash); } else { StrCopy(s_iniStartupAgeName, L"StartUp", arrsize(s_iniStartupAgeName)); diff --git a/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglAuth.cpp b/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglAuth.cpp index 9a1ab597..a2819c91 100644 --- a/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglAuth.cpp +++ b/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglAuth.cpp @@ -48,6 +48,8 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com #include "../Pch.h" #pragma hdrstop +#include "pnEncryption/plChallengeHash.h" + namespace Ngl { namespace Auth { /***************************************************************************** * @@ -2661,7 +2663,7 @@ bool LoginRequestTrans::Send () { clientChallenge, s_active->serverChallenge, s_accountNamePassHash, - &challengeHash + challengeHash ); } @@ -2818,9 +2820,9 @@ AccountCreateRequestTrans::AccountCreateRequestTrans ( StrCopy(m_accountName, accountName, arrsize(m_accountName)); CryptHashPassword( - m_accountName, - password, - &m_namePassHash + _TEMP_CONVERT_FROM_WCHAR_T(m_accountName), + _TEMP_CONVERT_FROM_WCHAR_T(password), + m_namePassHash ); } @@ -2888,9 +2890,9 @@ AccountCreateFromKeyRequestTrans::AccountCreateFromKeyRequestTrans ( StrCopy(m_accountName, accountName, arrsize(m_accountName)); CryptHashPassword( - m_accountName, - password, - &m_namePassHash + _TEMP_CONVERT_FROM_WCHAR_T(m_accountName), + _TEMP_CONVERT_FROM_WCHAR_T(password), + m_namePassHash ); } @@ -3186,9 +3188,9 @@ AccountChangePasswordRequestTrans::AccountChangePasswordRequestTrans ( StrCopy(m_accountName, accountName, arrsize(m_accountName)); CryptHashPassword( - m_accountName, - password, - &m_namePassHash + _TEMP_CONVERT_FROM_WCHAR_T(m_accountName), + _TEMP_CONVERT_FROM_WCHAR_T(password), + m_namePassHash ); } diff --git a/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglCsr.cpp b/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglCsr.cpp index b28c012f..7c84e206 100644 --- a/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglCsr.cpp +++ b/Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglCsr.cpp @@ -48,6 +48,8 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com #include "../Pch.h" #pragma hdrstop +#include "pnEncryption/plChallengeHash.h" + namespace Ngl { namespace Csr { /***************************************************************************** @@ -659,7 +661,7 @@ bool LoginRequestTrans::Send () { clientChallenge, s_active->serverChallenge, m_namePassHash, - &challengeHash + challengeHash ); const uintptr_t msg[] = {