Browse Source

Move half of the Challenge Hash stuff.

Darryl Pogue 13 years ago
parent
commit
4a1b36b284
  1. 4
      Sources/Plasma/Apps/plClient/winmain.cpp
  2. 2
      Sources/Plasma/NucleusLib/pnEncryption/CMakeLists.txt
  3. 78
      Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.cpp
  4. 57
      Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.h
  5. 12
      Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp
  6. 18
      Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h
  7. 43
      Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp
  8. 13
      Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h
  9. 3
      Sources/Plasma/PubUtilLib/plNetClientComm/plNetClientComm.cpp
  10. 22
      Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglAuth.cpp
  11. 4
      Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglCsr.cpp

4
Sources/Plasma/Apps/plClient/winmain.cpp

@ -994,7 +994,9 @@ static void SaveUserPass (LoginDialogParam *pLoginParam, char *password)
memcpy(pLoginParam->namePassHash, shasum.GetData(), sizeof(ShaDigest)); memcpy(pLoginParam->namePassHash, shasum.GetData(), sizeof(ShaDigest));
} }
else else
CryptHashPassword(wusername, wpassword, &pLoginParam->namePassHash); {
CryptHashPassword(_TEMP_CONVERT_FROM_WCHAR_T(wusername), _TEMP_CONVERT_FROM_WCHAR_T(wpassword), pLoginParam->namePassHash);
}
} }
NetCommSetAccountUsernamePassword(wusername, pLoginParam->namePassHash); NetCommSetAccountUsernamePassword(wusername, pLoginParam->namePassHash);

2
Sources/Plasma/NucleusLib/pnEncryption/CMakeLists.txt

@ -3,10 +3,12 @@ include_directories("../../NucleusLib")
include_directories(${OPENSSL_INCLUDE_DIR}) include_directories(${OPENSSL_INCLUDE_DIR})
set(pnEncryption_SOURCES set(pnEncryption_SOURCES
plChallengeHash.cpp
plChecksum.cpp plChecksum.cpp
) )
set(pnEncryption_HEADERS set(pnEncryption_HEADERS
plChallengeHash.h
plChecksum.h plChecksum.h
) )

78
Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.cpp

@ -0,0 +1,78 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "plChallengeHash.h"
#include "pnUtils/pnUtils.h"
ShaDigest fSeed;
void CryptCreateRandomSeed(size_t length, uint8_t* data) {
}
void CryptHashPassword(const plString& username, const plString& password, ShaDigest dest) {
/* This should be unnecessary once plString has ToLower() */
wchar_t* w_name = (wchar_t*)_TEMP_CONVERT_TO_WCHAR_T(username);
StrLower(w_name);
plString buf = password;
buf += _TEMP_CONVERT_FROM_WCHAR_T(w_name);
plSHAChecksum sum(buf.GetSize() * sizeof(wchar_t), (uint8_t*)_TEMP_CONVERT_TO_WCHAR_T(buf));
memcpy(dest, sum.GetValue(), sizeof(ShaDigest));
}
void CryptHashPasswordChallenge(uint32_t clientChallenge, uint32_t serverChallenge, ShaDigest namePassHash, ShaDigest challengeHash) {
plSHAChecksum sum;
sum.Start();
sum.AddTo(sizeof(uint32_t), (uint8_t*)&clientChallenge);
sum.AddTo(sizeof(uint32_t), (uint8_t*)&serverChallenge);
sum.AddTo(sizeof(ShaDigest), namePassHash);
sum.Finish();
memcpy(challengeHash, sum.GetValue(), sizeof(ShaDigest));
}
void CryptCreateFastWeakChallenge(uint32_t* challenge, uint32_t val1, uint32_t val2) {
}

57
Sources/Plasma/NucleusLib/pnEncryption/plChallengeHash.h

@ -0,0 +1,57 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#ifndef PL_CHALLENGE_HASH_H
#define PL_CHALLENGE_HASH_H
#include "HeadSpin.h"
#include "plChecksum.h"
#include "plString.h"
void CryptCreateRandomSeed(size_t length, uint8_t* data);
void CryptHashPassword(const plString& username, const plString& password, ShaDigest dest);
void CryptHashPasswordChallenge(uint32_t clientChallenge, uint32_t serverChallenge, ShaDigest namePassHash, ShaDigest challengeHash);
void CryptCreateFastWeakChallenge(uint32_t* challenge, uint32_t val1, uint32_t val2);
#endif //PL_CHALLENGE_HASH_H

12
Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp

@ -104,7 +104,7 @@ plChecksum::plChecksum(unsigned int bufsize, const char* buffer)
//============================================================================ //============================================================================
plMD5Checksum::plMD5Checksum( uint32_t size, uint8_t *buffer ) plMD5Checksum::plMD5Checksum(size_t size, uint8_t *buffer )
{ {
fValid = false; fValid = false;
Start(); Start();
@ -173,7 +173,7 @@ void plMD5Checksum::Start()
fValid = false; fValid = false;
} }
void plMD5Checksum::AddTo( uint32_t size, const uint8_t *buffer ) void plMD5Checksum::AddTo(size_t size, const uint8_t *buffer )
{ {
MD5_Update( &fContext, buffer, size ); MD5_Update( &fContext, buffer, size );
} }
@ -230,7 +230,7 @@ bool plMD5Checksum::operator==( const plMD5Checksum &rhs ) const
//============================================================================ //============================================================================
plSHAChecksum::plSHAChecksum( uint32_t size, uint8_t *buffer ) plSHAChecksum::plSHAChecksum(size_t size, uint8_t *buffer )
{ {
fValid = false; fValid = false;
Start(); Start();
@ -301,7 +301,7 @@ void plSHAChecksum::Start()
fValid = false; fValid = false;
} }
void plSHAChecksum::AddTo(uint32_t size, const uint8_t* buffer) void plSHAChecksum::AddTo(size_t size, const uint8_t* buffer)
{ {
SHA_Update(&fContext, buffer, size); SHA_Update(&fContext, buffer, size);
} }
@ -356,7 +356,7 @@ bool plSHAChecksum::operator==(const plSHAChecksum& rhs) const
//============================================================================ //============================================================================
plSHA1Checksum::plSHA1Checksum( uint32_t size, uint8_t *buffer ) plSHA1Checksum::plSHA1Checksum(size_t size, uint8_t *buffer )
{ {
fValid = false; fValid = false;
Start(); Start();
@ -427,7 +427,7 @@ void plSHA1Checksum::Start()
fValid = false; fValid = false;
} }
void plSHA1Checksum::AddTo(uint32_t size, const uint8_t* buffer) void plSHA1Checksum::AddTo(size_t size, const uint8_t* buffer)
{ {
SHA1_Update(&fContext, buffer, size); SHA1_Update(&fContext, buffer, size);
} }

18
Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h

@ -69,7 +69,7 @@ class plMD5Checksum
uint8_t fChecksum[MD5_DIGEST_LENGTH]; uint8_t fChecksum[MD5_DIGEST_LENGTH];
public: public:
plMD5Checksum(uint32_t size, uint8_t *buffer); plMD5Checksum(size_t size, uint8_t *buffer);
plMD5Checksum(); plMD5Checksum();
plMD5Checksum(const plMD5Checksum &rhs); plMD5Checksum(const plMD5Checksum &rhs);
plMD5Checksum(const char *fileName); plMD5Checksum(const char *fileName);
@ -82,11 +82,11 @@ class plMD5Checksum
void CalcFromStream(hsStream* stream); void CalcFromStream(hsStream* stream);
void Start(); void Start();
void AddTo(uint32_t size, const uint8_t *buffer); void AddTo(size_t size, const uint8_t *buffer);
void Finish(); void Finish();
const uint8_t *GetValue() const { return fChecksum; } const uint8_t *GetValue() const { return fChecksum; }
uint32_t GetSize() const { return sizeof(fChecksum); } size_t GetSize() const { return sizeof(fChecksum); }
// Backdoor for cached checksums (ie, if you loaded it off disk) // Backdoor for cached checksums (ie, if you loaded it off disk)
void SetValue(uint8_t* checksum); void SetValue(uint8_t* checksum);
@ -113,7 +113,7 @@ class plSHAChecksum
ShaDigest fChecksum; ShaDigest fChecksum;
public: public:
plSHAChecksum(uint32_t size, uint8_t* buffer); plSHAChecksum(size_t size, uint8_t* buffer);
plSHAChecksum(); plSHAChecksum();
plSHAChecksum(const plSHAChecksum& rhs); plSHAChecksum(const plSHAChecksum& rhs);
plSHAChecksum(const char* fileName); plSHAChecksum(const char* fileName);
@ -126,11 +126,11 @@ class plSHAChecksum
void CalcFromStream(hsStream* stream); void CalcFromStream(hsStream* stream);
void Start(); void Start();
void AddTo(uint32_t size, const uint8_t* buffer); void AddTo(size_t size, const uint8_t* buffer);
void Finish(); void Finish();
const uint8_t* GetValue() const { return fChecksum; } const uint8_t* GetValue() const { return fChecksum; }
uint32_t GetSize() const { return sizeof(fChecksum); } size_t GetSize() const { return sizeof(fChecksum); }
// Backdoor for cached checksums (ie, if you loaded it off disk) // Backdoor for cached checksums (ie, if you loaded it off disk)
void SetValue(uint8_t* checksum); void SetValue(uint8_t* checksum);
@ -152,7 +152,7 @@ class plSHA1Checksum
ShaDigest fChecksum; ShaDigest fChecksum;
public: public:
plSHA1Checksum(uint32_t size, uint8_t* buffer); plSHA1Checksum(size_t size, uint8_t* buffer);
plSHA1Checksum(); plSHA1Checksum();
plSHA1Checksum(const plSHA1Checksum& rhs); plSHA1Checksum(const plSHA1Checksum& rhs);
plSHA1Checksum(const char* fileName); plSHA1Checksum(const char* fileName);
@ -165,11 +165,11 @@ class plSHA1Checksum
void CalcFromStream(hsStream* stream); void CalcFromStream(hsStream* stream);
void Start(); void Start();
void AddTo(uint32_t size, const uint8_t* buffer); void AddTo(size_t size, const uint8_t* buffer);
void Finish(); void Finish();
const uint8_t* GetValue() const { return fChecksum; } const uint8_t* GetValue() const { return fChecksum; }
uint32_t GetSize() const { return sizeof(fChecksum); } size_t GetSize() const { return sizeof(fChecksum); }
// Backdoor for cached checksums (ie, if you loaded it off disk) // Backdoor for cached checksums (ie, if you loaded it off disk)
void SetValue(uint8_t* checksum); void SetValue(uint8_t* checksum);

43
Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.cpp

@ -282,49 +282,6 @@ void CryptCreateRandomSeed (
} }
} }
//============================================================================
void CryptHashPassword (
const wchar_t username[],
const wchar_t password[],
ShaDigest * namePassHash
) {
unsigned passlen = StrLen(password);
unsigned userlen = StrLen(username);
wchar_t * buffer = (wchar_t*)malloc(sizeof(wchar_t) * (passlen + userlen));
StrCopy(buffer, password, passlen);
StrCopy(buffer + passlen, username, userlen);
StrLower(buffer + passlen); // lowercase the username
CryptDigest(
kCryptSha,
namePassHash,
(userlen + passlen) * sizeof(buffer[0]),
buffer
);
free(buffer);
}
//============================================================================
void CryptHashPasswordChallenge (
unsigned clientChallenge,
unsigned serverChallenge,
const ShaDigest & namePassHash,
ShaDigest * challengeHash
) {
#pragma pack(push, 1)
struct {
uint32_t clientChallenge;
uint32_t serverChallenge;
ShaDigest namePassHash;
} buffer;
#pragma pack(pop)
buffer.clientChallenge = clientChallenge;
buffer.serverChallenge = serverChallenge;
buffer.namePassHash = namePassHash;
CryptDigest(kCryptSha, challengeHash, sizeof(buffer), &buffer);
}
//============================================================================ //============================================================================
void CryptCreateFastWeakChallenge ( void CryptCreateFastWeakChallenge (

13
Sources/Plasma/NucleusLib/pnUtils/pnUtCrypt.h

@ -124,19 +124,6 @@ void CryptCreateRandomSeed (
uint8_t * data uint8_t * data
); );
void CryptHashPassword (
const wchar_t username[],
const wchar_t password[],
ShaDigest * namePassHash
);
void CryptHashPasswordChallenge (
unsigned clientChallenge,
unsigned serverChallenge,
const ShaDigest & namePassHash,
ShaDigest * challengeHash
);
void CryptCreateFastWeakChallenge ( void CryptCreateFastWeakChallenge (
unsigned * challenge, unsigned * challenge,
unsigned val1, unsigned val1,

3
Sources/Plasma/PubUtilLib/plNetClientComm/plNetClientComm.cpp

@ -52,6 +52,7 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
#include "pnNetCli/pnNetCli.h" #include "pnNetCli/pnNetCli.h"
#include "plNetGameLib/plNetGameLib.h" #include "plNetGameLib/plNetGameLib.h"
#include "pnIni/pnIni.h" #include "pnIni/pnIni.h"
#include "pnEncryption/plChallengeHash.h"
#include "plMessage/plNetCommMsgs.h" #include "plMessage/plNetCommMsgs.h"
#include "plMessage/plNetClientMgrMsg.h" #include "plMessage/plNetClientMgrMsg.h"
@ -775,7 +776,7 @@ static void IReadNetIni() {
L"" L""
); );
CryptHashPassword(s_iniAccountUsername, password, &s_namePassHash); CryptHashPassword(_TEMP_CONVERT_FROM_WCHAR_T(s_iniAccountUsername), _TEMP_CONVERT_FROM_WCHAR_T(password), s_namePassHash);
} }
else { else {
StrCopy(s_iniStartupAgeName, L"StartUp", arrsize(s_iniStartupAgeName)); StrCopy(s_iniStartupAgeName, L"StartUp", arrsize(s_iniStartupAgeName));

22
Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglAuth.cpp

@ -48,6 +48,8 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
#include "../Pch.h" #include "../Pch.h"
#pragma hdrstop #pragma hdrstop
#include "pnEncryption/plChallengeHash.h"
namespace Ngl { namespace Auth { namespace Ngl { namespace Auth {
/***************************************************************************** /*****************************************************************************
* *
@ -2661,7 +2663,7 @@ bool LoginRequestTrans::Send () {
clientChallenge, clientChallenge,
s_active->serverChallenge, s_active->serverChallenge,
s_accountNamePassHash, s_accountNamePassHash,
&challengeHash challengeHash
); );
} }
@ -2818,9 +2820,9 @@ AccountCreateRequestTrans::AccountCreateRequestTrans (
StrCopy(m_accountName, accountName, arrsize(m_accountName)); StrCopy(m_accountName, accountName, arrsize(m_accountName));
CryptHashPassword( CryptHashPassword(
m_accountName, _TEMP_CONVERT_FROM_WCHAR_T(m_accountName),
password, _TEMP_CONVERT_FROM_WCHAR_T(password),
&m_namePassHash m_namePassHash
); );
} }
@ -2888,9 +2890,9 @@ AccountCreateFromKeyRequestTrans::AccountCreateFromKeyRequestTrans (
StrCopy(m_accountName, accountName, arrsize(m_accountName)); StrCopy(m_accountName, accountName, arrsize(m_accountName));
CryptHashPassword( CryptHashPassword(
m_accountName, _TEMP_CONVERT_FROM_WCHAR_T(m_accountName),
password, _TEMP_CONVERT_FROM_WCHAR_T(password),
&m_namePassHash m_namePassHash
); );
} }
@ -3186,9 +3188,9 @@ AccountChangePasswordRequestTrans::AccountChangePasswordRequestTrans (
StrCopy(m_accountName, accountName, arrsize(m_accountName)); StrCopy(m_accountName, accountName, arrsize(m_accountName));
CryptHashPassword( CryptHashPassword(
m_accountName, _TEMP_CONVERT_FROM_WCHAR_T(m_accountName),
password, _TEMP_CONVERT_FROM_WCHAR_T(password),
&m_namePassHash m_namePassHash
); );
} }

4
Sources/Plasma/PubUtilLib/plNetGameLib/Private/plNglCsr.cpp

@ -48,6 +48,8 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
#include "../Pch.h" #include "../Pch.h"
#pragma hdrstop #pragma hdrstop
#include "pnEncryption/plChallengeHash.h"
namespace Ngl { namespace Csr { namespace Ngl { namespace Csr {
/***************************************************************************** /*****************************************************************************
@ -659,7 +661,7 @@ bool LoginRequestTrans::Send () {
clientChallenge, clientChallenge,
s_active->serverChallenge, s_active->serverChallenge,
m_namePassHash, m_namePassHash,
&challengeHash challengeHash
); );
const uintptr_t msg[] = { const uintptr_t msg[] = {

Loading…
Cancel
Save