本文整理汇总了C++中BigNumber::SetBinary方法的典型用法代码示例。如果您正苦于以下问题:C++ BigNumber::SetBinary方法的具体用法?C++ BigNumber::SetBinary怎么用?C++ BigNumber::SetBinary使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类BigNumber的用法示例。
在下文中一共展示了BigNumber::SetBinary方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: _SetVSFields
/// Make the SRP6 calculation from hash in dB
void AuthSocket::_SetVSFields(const std::string& rI)
{
s.SetRand(s_BYTE_SIZE * 8);
BigNumber I;
I.SetHexStr(rI.c_str());
// In case of leading zeros in the rI hash, restore them
uint8 mDigest[SHA_DIGEST_LENGTH];
memset(mDigest, 0, SHA_DIGEST_LENGTH);
if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
memcpy(mDigest, I.AsByteArray(), I.GetNumBytes());
std::reverse(mDigest, mDigest + SHA_DIGEST_LENGTH);
Sha1Hash sha;
sha.UpdateData(s.AsByteArray(), s.GetNumBytes());
sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
// No SQL injection (username escaped)
const char *v_hex, *s_hex;
v_hex = v.AsHexStr();
s_hex = s.AsHexStr();
LoginDatabase.PExecute("UPDATE account SET v = '%s', s = '%s' WHERE username = '%s'", v_hex, s_hex, _safelogin.c_str() );
OPENSSL_free((void*)v_hex);
OPENSSL_free((void*)s_hex);
}示例2: HandleReconnectProof
void AuthSocket::HandleReconnectProof()
{
if( m_account == NULL )
return;
// Load sessionkey from account database.
QueryResult * result = sLogonSQL->Query ("SELECT SessionKey FROM accounts WHERE acct = %u", m_account->AccountId);
if(result)
{
Field * field = result->Fetch();
K.SetHexStr(field[0].GetString ());
delete result;
}
else
{
// Disconnect if the sessionkey invalid or not found
DEBUG_LOG("AuthReConnectProof","No matching SessionKey found while user %s tried to login.", AccountName.c_str());
Disconnect();
return;
}
if(GetReadBuffer().GetSize() < sizeof(sAuthLogonProofKey_C))
return;
sAuthLogonProofKey_C lp;
GetReadBuffer().Read(&lp, sizeof(sAuthLogonProofKey_C));
BigNumber A;
A.SetBinary(lp.R1, 16);
Sha1Hash sha;
sha.Initialize();
sha.UpdateData(AccountName);
sha.UpdateBigNumbers(&A, &rs, &K, 0);
sha.Finalize();
if (!memcmp(sha.GetDigest(), lp.R2, SHA_DIGEST_LENGTH))
{
///- Sending response
ByteBuffer pkt;
pkt << (uint8) 0x03; //ReconnectProof
pkt << (uint8) 0x00;
pkt << (uint16) 0x00; // 2 bytes zeros
Send(pkt.contents(), pkt.size());
// we're authenticated now :)
m_authenticated = true;
DEBUG_LOG("AuthReConnectProof","Authentication Success.");
}
else
DEBUG_LOG("AuthReConnectProof","Authentication Failed.");
}示例3:
void Battlenet::Session::_SetVSFields(std::string const& pstr)
{
s.SetRand(uint32(BufferSizes::SRP_6_S) * 8);
BigNumber p;
p.SetHexStr(pstr.c_str());
SHA256Hash sha;
sha.UpdateBigNumbers(&s, &p, NULL);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_VS_FIELDS);
stmt->setString(0, v.AsHexStr());
stmt->setString(1, s.AsHexStr());
stmt->setString(2, _accountInfo->Login);
LoginDatabase.Execute(stmt);
}示例4: _SetVSFields
// Make the SRP6 calculation from hash in dB
void AuthSocket::_SetVSFields(const std::string& rI)
{
s.SetRand(s_BYTE_SIZE * 8);
BigNumber I;
I.SetHexStr(rI.c_str());
// In case of leading zeros in the rI hash, restore them
uint8 mDigest[SHA_DIGEST_LENGTH];
memset(mDigest, 0, SHA_DIGEST_LENGTH);
if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
{
memcpy(mDigest, I.AsByteArray(), I.GetNumBytes());
}
std::reverse(mDigest, mDigest + SHA_DIGEST_LENGTH);
SHA1Hash sha;
sha.UpdateData(s.AsByteArray(), s.GetNumBytes());
sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
// No SQL injection (username escaped)
const char *v_hex, *s_hex;
v_hex = v.AsHexStr();
s_hex = s.AsHexStr();
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
stmt->setString(0, v_hex);
stmt->setString(1, s_hex);
stmt->setString(2, _login);
LoginDatabase.Execute(stmt);
OPENSSL_free((void*)v_hex);
OPENSSL_free((void*)s_hex);
}示例5: _SetVSFields
/// Make the SRP6 calculation from hash in dB
void AuthSocket::_SetVSFields(std::string rI)
{
BigNumber I;
I.SetHexStr(rI.c_str());
//In case of leading zeroes in the rI hash, restore them
uint8 mDigest[SHA_DIGEST_LENGTH];
memset(mDigest,0,SHA_DIGEST_LENGTH);
if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
memcpy(mDigest,I.AsByteArray(),I.GetNumBytes());
std::reverse(mDigest,mDigest+SHA_DIGEST_LENGTH);
Sha1Hash sha;
sha.UpdateData(s.AsByteArray(), s.GetNumBytes());
sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
// No SQL injection (username escaped)
dbRealmServer.PExecute("UPDATE `account` SET `v` = '%s', `s` = '%s' WHERE UPPER(`username`)= UPPER('%s')",v.AsHexStr(),s.AsHexStr(), _safelogin.c_str() );
}示例6: InformationRetreiveCallback
void WorldSocket::InformationRetreiveCallback(WorldPacket & recvData, uint32 requestid)
{
if(requestid != mRequestID)
return;
uint32 error;
recvData >> error;
if(error != 0)
{
// something happened wrong @ the logon server
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x0D");
return;
}
// Extract account information from the packet.
string AccountName;
uint32 AccountID;
string GMFlags;
uint32 AccountFlags;
recvData >> AccountID >> AccountName >> GMFlags >> AccountFlags;
sLog.outDebug( " >> got information packet from logon: `%s` ID %u (request %u)", AccountName.c_str(), AccountID, mRequestID);
// sLog.outColor(TNORMAL, "\n");
mRequestID = 0;
// Pull the session key.
uint8 K[40];
recvData.read(K, 40);
BigNumber BNK;
BNK.SetBinary(K, 40);
// Initialize crypto.
_crypt.SetKey(K, 40);
_crypt.Init();
Session * session = sClientMgr.CreateSession(AccountID);
if(session == NULL)
{
/* we are already logged in. send auth failed. (if anyone has a better error lemme know :P) */
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x0D");
return;
}
m_session = session;
session->m_socket = this;
Sha1Hash sha;
uint8 digest[20];
pAuthenticationPacket->read(digest, 20);
uint32 t = 0;
sha.UpdateData(AccountName);
sha.UpdateData((uint8 *)&t, 4);
sha.UpdateData((uint8 *)&mClientSeed, 4);
sha.UpdateData((uint8 *)&mSeed, 4);
sha.UpdateBigNumbers(&BNK, NULL);
sha.Finalize();
if (memcmp(sha.GetDigest(), digest, 20))
{
// AUTH_UNKNOWN_ACCOUNT = 21
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x15");
return;
}
// Allocate session
m_session->m_accountFlags = AccountFlags;
m_session->m_GMPermissions = GMFlags;
m_session->m_accountId = AccountID;
m_session->m_latency = _latency;
m_session->m_accountName = AccountName;
Log.Notice("Auth", "%s from %s:%u [%ums]", AccountName.c_str(), GetRemoteIP().c_str(), GetRemotePort(), _latency);
Authenticate();
}示例7: _HandleLogonProof
// Logon Proof command handler
bool AuthSocket::_HandleLogonProof()
{
sLog->outDebug(LOG_FILTER_AUTHSERVER, "Entering _HandleLogonProof");
// Read the packet
sAuthLogonProof_C lp;
if (!socket().recv((char *)&lp, sizeof(sAuthLogonProof_C)))
return false;
// Continue the SRP6 calculation based on data received from the client
BigNumber A;
A.SetBinary(lp.A, 32);
// SRP safeguard: abort if A == 0
if (A.isZero())
{
socket().shutdown();
return true;
}
SHA1Hash sha;
sha.UpdateBigNumbers(&A, &B, NULL);
sha.Finalize();
BigNumber u;
u.SetBinary(sha.GetDigest(), 20);
BigNumber S = (A * (v.ModExp(u, N))).ModExp(b, N);
uint8 t[32];
uint8 t1[16];
uint8 vK[40];
memcpy(t, S.AsByteArray(32), 32);
for (int i = 0; i < 16; ++i)
t1[i] = t[i * 2];
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for (int i = 0; i < 20; ++i)
vK[i * 2] = sha.GetDigest()[i];
for (int i = 0; i < 16; ++i)
t1[i] = t[i * 2 + 1];
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for (int i = 0; i < 20; ++i)
vK[i * 2 + 1] = sha.GetDigest()[i];
K.SetBinary(vK, 40);
uint8 hash[20];
sha.Initialize();
sha.UpdateBigNumbers(&N, NULL);
sha.Finalize();
memcpy(hash, sha.GetDigest(), 20);
sha.Initialize();
sha.UpdateBigNumbers(&g, NULL);
sha.Finalize();
for (int i = 0; i < 20; ++i)
hash[i] ^= sha.GetDigest()[i];
BigNumber t3;
t3.SetBinary(hash, 20);
sha.Initialize();
sha.UpdateData(_login);
sha.Finalize();
uint8 t4[SHA_DIGEST_LENGTH];
memcpy(t4, sha.GetDigest(), SHA_DIGEST_LENGTH);
sha.Initialize();
sha.UpdateBigNumbers(&t3, NULL);
sha.UpdateData(t4, SHA_DIGEST_LENGTH);
sha.UpdateBigNumbers(&s, &A, &B, &K, NULL);
sha.Finalize();
BigNumber M;
M.SetBinary(sha.GetDigest(), 20);
// Check if SRP6 results match (password is correct), else send an error
if (!memcmp(M.AsByteArray(), lp.M1, 20))
{
sLog->outDebug(LOG_FILTER_AUTHSERVER, "'%s:%d' User '%s' successfully authenticated", socket().getRemoteAddress().c_str(), socket().getRemotePort(), _login.c_str());
// Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
// No SQL injection (escaped user name) and IP address as received by socket
const char *K_hex = K.AsHexStr();
PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF);
stmt->setString(0, K_hex);
stmt->setString(1, socket().getRemoteAddress().c_str());
stmt->setUInt32(2, GetLocaleByName(_localizationName));
stmt->setString(3, _os);
//.........这里部分代码省略.........
示例8: _HandleLogonProof
// Logon Proof command handler
bool AuthSocket::_HandleLogonProof()
{
sLog->outStaticDebug("Entering _HandleLogonProof");
// Read the packet
sAuthLogonProof_C lp;
if (!socket().recv((char *)&lp, sizeof(sAuthLogonProof_C)))
return false;
// If the client has no valid version
if (_expversion == NO_VALID_EXP_FLAG)
{
// Check if we have the appropriate patch on the disk
sLog->outDebug(LOG_FILTER_NETWORKIO, "Client with invalid version, patching is not implemented");
socket().shutdown();
return true;
}
// Continue the SRP6 calculation based on data received from the client
BigNumber A;
A.SetBinary(lp.A, 32);
// SRP safeguard: abort if A == 0
if (A.isZero())
{
socket().shutdown();
return true;
}
SHA1Hash sha;
sha.UpdateBigNumbers(&A, &B, NULL);
sha.Finalize();
BigNumber u;
u.SetBinary(sha.GetDigest(), 20);
BigNumber S = (A * (v.ModExp(u, N))).ModExp(b, N);
uint8 t[32];
uint8 t1[16];
uint8 vK[40];
memcpy(t, S.AsByteArray(32), 32);
for (int i = 0; i < 16; ++i)
t1[i] = t[i * 2];
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for (int i = 0; i < 20; ++i)
vK[i * 2] = sha.GetDigest()[i];
for (int i = 0; i < 16; ++i)
t1[i] = t[i * 2 + 1];
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for (int i = 0; i < 20; ++i)
vK[i * 2 + 1] = sha.GetDigest()[i];
K.SetBinary(vK, 40);
uint8 hash[20];
sha.Initialize();
sha.UpdateBigNumbers(&N, NULL);
sha.Finalize();
memcpy(hash, sha.GetDigest(), 20);
sha.Initialize();
sha.UpdateBigNumbers(&g, NULL);
sha.Finalize();
for (int i = 0; i < 20; ++i)
hash[i] ^= sha.GetDigest()[i];
BigNumber t3;
t3.SetBinary(hash, 20);
sha.Initialize();
sha.UpdateData(_login);
sha.Finalize();
uint8 t4[SHA_DIGEST_LENGTH];
memcpy(t4, sha.GetDigest(), SHA_DIGEST_LENGTH);
sha.Initialize();
sha.UpdateBigNumbers(&t3, NULL);
sha.UpdateData(t4, SHA_DIGEST_LENGTH);
sha.UpdateBigNumbers(&s, &A, &B, &K, NULL);
sha.Finalize();
BigNumber M;
M.SetBinary(sha.GetDigest(), 20);
// Check if SRP6 results match (password is correct), else send an error
if (!memcmp(M.AsByteArray(), lp.M1, 20))
{
sLog->outBasic("User '%s' successfully authenticated", _login.c_str());
//.........这里部分代码省略.........
示例9: HandleProof
void AuthSocket::HandleProof()
{
if(readBuffer.GetSize() < sizeof(sAuthLogonProof_C))
{
LOG_ERROR("[AuthLogonProof] The packet received is larger than expected, refusing to handle it!");
return ;
}
// patch
if(m_patch && !m_account)
{
//RemoveReadBufferBytes(75,false);
readBuffer.Remove(75);
LOG_DEBUG("[AuthLogonProof] Intitiating PatchJob");
uint8 bytes[2] = {0x01, 0x0a};
Send(bytes, 2);
PatchMgr::getSingleton().InitiatePatch(m_patch, this);
return;
}
if(!m_account)
return;
LOG_DEBUG("[AuthLogonProof] Interleaving and checking proof...");
sAuthLogonProof_C lp;
//Read(sizeof(sAuthLogonProof_C), (uint8*)&lp);
readBuffer.Read(&lp, sizeof(sAuthLogonProof_C));
////////////////////////////////////////////////////// SRP6 ///////////////////////////////////////////////
//Now comes the famous secret Xi Chi fraternity handshake ( http://www.youtube.com/watch?v=jJSYBoI2si0 ),
//generating a session key
//
// A = g^a % N
// u = SHA1( A | B )
//
//
BigNumber A;
A.SetBinary(lp.A, 32);
Sha1Hash sha;
sha.UpdateBigNumbers(&A, &B, 0);
sha.Finalize();
BigNumber u;
u.SetBinary(sha.GetDigest(), 20);
// S session key key, S = ( A * v^u ) ^ b
BigNumber S = (A * (v.ModExp(u, N))).ModExp(b, N);
// Generate M
// M = H(H(N) xor H(g), H(I), s, A, B, K) according to http://srp.stanford.edu/design.html
uint8 t[32];
uint8 t1[16];
uint8 vK[40];
memcpy(t, S.AsByteArray(), 32);
for(int i = 0; i < 16; i++)
{
t1[i] = t[i * 2];
}
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for(int i = 0; i < 20; i++)
{
vK[i * 2] = sha.GetDigest()[i];
}
for(int i = 0; i < 16; i++)
{
t1[i] = t[i * 2 + 1];
}
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for(int i = 0; i < 20; i++)
{
vK[i * 2 + 1] = sha.GetDigest()[i];
}
m_sessionkey.SetBinary(vK, 40);
uint8 hash[20];
sha.Initialize();
sha.UpdateBigNumbers(&N, NULL);
sha.Finalize();
memcpy(hash, sha.GetDigest(), 20);
sha.Initialize();
sha.UpdateBigNumbers(&g, NULL);
sha.Finalize();
for(int i = 0; i < 20; i++)
{
hash[i] ^= sha.GetDigest()[i];
}
BigNumber t3;
t3.SetBinary(hash, 20);
sha.Initialize();
//.........这里部分代码省略.........
示例10: _HandleLogonChallenge
//.........这里部分代码省略.........
{
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint64(0);
}
if(securityFlags & 0x04) // Security token input
{
pkt << uint8(1);
}
uint8 secLevel = (*result)[4].GetUInt8();
_accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
_localizationName.resize(4);
for(int i = 0; i < 4; ++i)
_localizationName[i] = ch->country[4-i-1];
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3], ch->country[2], ch->country[1], ch->country[0], GetLocaleByName(_localizationName));
// user authenticated => turn off autoreg, thus account creating
_autoreg = false;
}
}
delete result;
}
else if(_autoreg) // no account
{
// check username
if(_safelogin.find_first_of(notAllowedChars)!=_safelogin.npos || _safelogin.length()<4)
_autoreg = false;
// check IP
else if(uint32 amountip = sConfig.GetIntDefault("AmountIP", 0))
{
QueryResult *result2 = loginDatabase.PQuery("SELECT COUNT(last_ip) FROM account WHERE last_ip = '%s'", GetRemoteAddress().c_str());
if (result2 && (*result2)[0].GetUInt8() >= amountip)
{
_autoreg = false;
delete result2;
}
}
// still all ok
if(_autoreg)
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::transform(_safelogin.begin(), _safelogin.end(), _safelogin.begin(), std::towupper);
Sha1Hash sha;
std::string sI = _safelogin + ":" + _safelogin;
sha.UpdateData(sI);
sha.Finalize();
BigNumber bn;
bn.SetBinary(sha.GetDigest(), sha.GetLength());
uint8 *val = bn.AsByteArray();
std::reverse(val, val+bn.GetNumBytes());
bn.SetBinary(val, bn.GetNumBytes());
const char* rI = bn.AsHexStr();
_SetVSFields(rI);
OPENSSL_free((void*)rI);
b.SetRand(19 * 8);
BigNumber gmod=g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
if (B.GetNumBytes() < 32)
sLog.outDetail("Interesting, calculation of B in realmd is < 32.");
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16*8);
///- Fill the response packet with the result
pkt << (uint8)REALM_AUTH_SUCCESS;
pkt.append(B.AsByteArray(), 32);
pkt << (uint8)1;
pkt.append(g.AsByteArray(), 1);
pkt << (uint8)32;
pkt.append(N.AsByteArray(), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes());
pkt.append(unk3.AsByteArray(), 16);
pkt << (uint8)0; // Added in 1.12.x client branch
}
else
// username and/or IP is bad
pkt << (uint8) REALM_AUTH_NO_MATCH;
}
else
{
// autoreg off in config, account is wrong
pkt << (uint8) REALM_AUTH_NO_MATCH;
}
}
SendBuf((char const*)pkt.contents(), pkt.size());
return true;
}示例11: HandleLogonProof
// Logon Proof command handler
bool AuthSession::HandleLogonProof()
{
TC_LOG_DEBUG("server.authserver", "Entering _HandleLogonProof");
_status = STATUS_CLOSED;
// Read the packet
sAuthLogonProof_C *logonProof = reinterpret_cast<sAuthLogonProof_C*>(GetReadBuffer().GetReadPointer());
// If the client has no valid version
if (_expversion == NO_VALID_EXP_FLAG)
{
// Check if we have the appropriate patch on the disk
TC_LOG_DEBUG("network", "Client with invalid version, patching is not implemented");
return false;
}
// Continue the SRP6 calculation based on data received from the client
BigNumber A;
A.SetBinary(logonProof->A, 32);
// SRP safeguard: abort if A == 0
if ((A % N).IsZero())
return false;
SHA1Hash sha;
sha.UpdateBigNumbers(&A, &B, nullptr);
sha.Finalize();
BigNumber u;
u.SetBinary(sha.GetDigest(), 20);
BigNumber S = (A * (v.ModExp(u, N))).ModExp(b, N);
uint8 t[32];
uint8 t1[16];
uint8 vK[40];
memcpy(t, S.AsByteArray(32).get(), 32);
for (int i = 0; i < 16; ++i)
t1[i] = t[i * 2];
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for (int i = 0; i < 20; ++i)
vK[i * 2] = sha.GetDigest()[i];
for (int i = 0; i < 16; ++i)
t1[i] = t[i * 2 + 1];
sha.Initialize();
sha.UpdateData(t1, 16);
sha.Finalize();
for (int i = 0; i < 20; ++i)
vK[i * 2 + 1] = sha.GetDigest()[i];
K.SetBinary(vK, 40);
uint8 hash[20];
sha.Initialize();
sha.UpdateBigNumbers(&N, nullptr);
sha.Finalize();
memcpy(hash, sha.GetDigest(), 20);
sha.Initialize();
sha.UpdateBigNumbers(&g, nullptr);
sha.Finalize();
for (int i = 0; i < 20; ++i)
hash[i] ^= sha.GetDigest()[i];
BigNumber t3;
t3.SetBinary(hash, 20);
sha.Initialize();
sha.UpdateData(_accountInfo.Login);
sha.Finalize();
uint8 t4[SHA_DIGEST_LENGTH];
memcpy(t4, sha.GetDigest(), SHA_DIGEST_LENGTH);
sha.Initialize();
sha.UpdateBigNumbers(&t3, nullptr);
sha.UpdateData(t4, SHA_DIGEST_LENGTH);
sha.UpdateBigNumbers(&s, &A, &B, &K, nullptr);
sha.Finalize();
BigNumber M;
M.SetBinary(sha.GetDigest(), sha.GetLength());
// Check if SRP6 results match (password is correct), else send an error
if (!memcmp(M.AsByteArray(sha.GetLength()).get(), logonProof->M1, 20))
{
// Check auth token
if ((logonProof->securityFlags & 0x04) || !_tokenKey.empty())
{
uint8 size = *(GetReadBuffer().GetReadPointer() + sizeof(sAuthLogonProof_C));
std::string token(reinterpret_cast<char*>(GetReadBuffer().GetReadPointer() + sizeof(sAuthLogonProof_C) + sizeof(size)), size);
GetReadBuffer().ReadCompleted(sizeof(size) + size);
uint32 validToken = TOTP::GenerateToken(_tokenKey.c_str());
//.........这里部分代码省略.........
示例12: InformationRetreiveCallback
void WorldSocket::InformationRetreiveCallback(WorldPacket & recvData, uint32 requestid)
{
if(requestid != mRequestID)
return;
uint32 error;
recvData >> error;
if(error != 0)
{
// something happened wrong @ the logon server
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x0D");
printf("Information callback returns failure.\n");
return;
}
// Extract account information from the packet.
string AccountName;
uint32 AccountID;
string GMFlags;
uint8 AccountFlags;
recvData >> AccountID >> AccountName >> GMFlags >> AccountFlags;
printf( " >> got information packet from logon: `%s` ID %u (request %u)", AccountName.c_str(), AccountID, mRequestID);
// sLog.outColor(TNORMAL, "\n");
mRequestID = 0;
//Pull the session key.
recvData.read(K, 40);
_crypt.Init(K);
BigNumber BNK;
BNK.SetBinary(K, 40);
//checking if player is already connected
//disconnect current player and login this one(blizzlike)
string lang = "enUS";
if(recvData.rpos() != recvData.wpos())
recvData.read((uint8*)lang.data(), 4);
Session * session = sClientMgr.CreateSession(AccountID);
if(session == NULL)
{
/* we are already logged in. send auth failed. (if anyone has a better error lemme know :P) */
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x0D");
printf("Duplicate client error.\n");
return;
}
m_session = session;
session->m_socket = this;
Sha1Hash sha;
uint8 digest[20];
pAuthenticationPacket->read(digest, 20);
uint32 t = 0;
if( m_fullAccountName == NULL ) // should never happen !
sha.UpdateData(AccountName);
else
{
sha.UpdateData(*m_fullAccountName);
// this is unused now. we may as well free up the memory.
delete m_fullAccountName;
m_fullAccountName = NULL;
}
sha.UpdateData((uint8 *)&t, 4);
sha.UpdateData((uint8 *)&mClientSeed, 4);
sha.UpdateData((uint8 *)&mSeed, 4);
sha.UpdateBigNumbers(&BNK, NULL);
sha.Finalize();
if (memcmp(sha.GetDigest(), digest, 20))
{
// AUTH_UNKNOWN_ACCOUNT = 21
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x15");
return;
}
//_crypt.Init(digest);
// Allocate session
m_session->m_accountFlags = AccountFlags;
m_session->m_GMPermissions = GMFlags;
m_session->m_accountId = AccountID;
m_session->m_latency = _latency;
m_session->m_accountName = AccountName;
m_session->m_ClientBuild = mClientBuild;
Log.Notice("Auth", "%s from %s:%u [%ums]", AccountName.c_str(), GetRemoteIP().c_str(), GetRemotePort(), _latency);
Authenticate();
}示例13: InformationRetreiveCallback
void WorldSocket::InformationRetreiveCallback(WorldPacket & recvData, uint32 requestid)
{
if(requestid != mRequestID)
return;
uint32 error;
recvData >> error;
if(error != 0 || pAuthenticationPacket == NULL)
{
// something happened wrong @ the logon server
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x0D");
return;
}
// Extract account information from the packet.
string AccountName;
const string * ForcedPermissions;
uint32 AccountID;
string GMFlags;
uint8 AccountFlags;
string lang = "enUS";
uint32 i;
recvData >> AccountID >> AccountName >> GMFlags >> AccountFlags;
ForcedPermissions = sLogonCommHandler.GetForcedPermissions(AccountName);
if( ForcedPermissions != NULL )
GMFlags.assign(ForcedPermissions->c_str());
DEBUG_LOG( "WorldSocket","Received information packet from logon: `%s` ID %u (request %u)", AccountName.c_str(), AccountID, mRequestID);
mRequestID = 0;
// Pull the session key.
BigNumber BNK;
recvData.read(K, 40);
_crypt.Init(K);
BNK.SetBinary(K, 40);
//checking if player is already connected
//disconnect current player and login this one(blizzlike)
if(recvData.rpos() != recvData.wpos())
recvData.read((uint8*)lang.data(), 4);
WorldSession *session = NULL;
session = sWorld.FindSession( AccountID );
if( session != NULL )
{
if(session->_player != NULL && session->_player->GetMapMgr() == NULL)
{
DEBUG_LOG("WorldSocket","_player found without m_mapmgr during logon, trying to remove him [player %s, map %d, instance %d].", session->_player->GetName(), session->_player->GetMapId(), session->_player->GetInstanceID() );
if(objmgr.GetPlayer(session->_player->GetLowGUID()))
objmgr.RemovePlayer(session->_player);
session->LogoutPlayer(false);
}
// AUTH_FAILED = 0x0D
session->Disconnect();
// clear the logout timer so he times out straight away
session->SetLogoutTimer(1);
// we must send authentication failed here.
// the stupid newb can relog his client.
// otherwise accounts dupe up and disasters happen.
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x15");
return;
}
Sha1Hash sha;
uint8 digest[20];
pAuthenticationPacket->read(digest, 20);
uint32 t = 0;
if( m_fullAccountName == NULL ) // should never happen !
sha.UpdateData(AccountName);
else
{
sha.UpdateData(*m_fullAccountName);
// this is unused now. we may as well free up the memory.
delete m_fullAccountName;
m_fullAccountName = NULL;
}
sha.UpdateData((uint8 *)&t, 4);
sha.UpdateData((uint8 *)&mClientSeed, 4);
sha.UpdateData((uint8 *)&mSeed, 4);
sha.UpdateBigNumbers(&BNK, NULL);
sha.Finalize();
if (memcmp(sha.GetDigest(), digest, 20))
{
// AUTH_UNKNOWN_ACCOUNT = 21
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x15");
return;
}
// Allocate session
//.........这里部分代码省略.........
示例14: HandleChallenge
//.........这里部分代码省略.........
//AccountName.erase( i );
}
// Look up the account information
LOG_DEBUG("[AuthChallenge] Account Name: \"%s\"", AccountName.c_str());
m_account = AccountMgr::getSingleton().GetAccount(AccountName);
if(m_account == 0)
{
LOG_DEBUG("[AuthChallenge] Invalid account.");
// Non-existant account
SendChallengeError(CE_NO_ACCOUNT);
return;
}
LOG_DEBUG("[AuthChallenge] Account banned state = %u", m_account->Banned);
// Check that the account isn't banned.
if(m_account->Banned == 1)
{
SendChallengeError(CE_ACCOUNT_CLOSED);
return;
}
else if(m_account->Banned > 0)
{
SendChallengeError(CE_ACCOUNT_FREEZED);
return;
}
// update cached locale
if(!m_account->forcedLocale)
{
char temp[4];
temp[0] = m_challenge.country[3];
temp[1] = m_challenge.country[2];
temp[2] = m_challenge.country[1];
temp[3] = m_challenge.country[0];
*(uint32*)&m_account->Locale[0] = *(uint32*)temp;
}
//////////////////////////////////////////////// SRP6 Challenge ////////////////////////////////////////////////
//
//
// First we will generate the Verifier value using the following formulas
//
// x = SHA1(s | SHA1(I | ":" | P))
// v = g^x % N
//
// The SHA1(I | ":" | P) part for x we have in the account database, this is the encrypted password, reversed
// N is a safe prime
// g is the generator
// | means concatenation in this contect
//
//
Sha1Hash sha;
sha.UpdateData( s.AsByteArray(), 32 );
sha.UpdateData( m_account->SrpHash, 20 );
sha.Finalize();
BigNumber x;
x.SetBinary( sha.GetDigest(), sha.GetLength() );
v = g.ModExp(x, N);
// Next we generate b, and B which are the public and private values of the server
//
// b = random()
// B = k*v + g^b % N
//
// in our case the multiplier parameters, k = 3
b.SetRand(152);
uint8 k = 3;
BigNumber gmod = g.ModExp(b, N);
B = ( ( v * k ) + gmod ) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk;
unk.SetRand(128);
// Now we send B, g, N and s to the client as a challenge, asking the client for the proof
sAuthLogonChallenge_S challenge;
challenge.cmd = 0;
challenge.error = 0;
challenge.unk2 = CE_SUCCESS;
memcpy( challenge.B, B.AsByteArray(), 32 );
challenge.g_len = 1;
challenge.g = ( g.AsByteArray() )[ 0 ];
challenge.N_len = 32;
memcpy( challenge.N, N.AsByteArray(), 32 );
memcpy( challenge.s, s.AsByteArray(), 32 );
memcpy( challenge.unk3, unk.AsByteArray(), 16 );
challenge.unk4 = 0;
Send( reinterpret_cast< uint8* >( &challenge ), sizeof( sAuthLogonChallenge_S ) );
}示例15: HandleChallenge
//.........这里部分代码省略.........
BAN_STATUS ipb = IPBanner::getSingleton().CalculateBanStatus(GetRemoteAddress());
switch(ipb)
{
case BAN_STATUS_PERMANENT_BAN:
SendChallengeError(CE_ACCOUNT_CLOSED);
return;
case BAN_STATUS_TIME_LEFT_ON_BAN:
SendChallengeError(CE_ACCOUNT_FREEZED);
return;
default:
break;
}
// Null-terminate the account string
if(m_challenge.I_len >= 0x50) { Disconnect(); return; }
m_challenge.I[m_challenge.I_len] = 0;
AccountName = (char*)&m_challenge.I;
string::size_type i = AccountName.rfind("#");
if( i != string::npos )
{
printf("# ACCOUNTNAME!\n");
return;
}
// Look up the account information
m_account = AccountMgr::getSingleton().GetAccount(AccountName);
if(m_account == 0)
{
DEBUG_LOG("AuthChallenge","Account Name: \"%s\" - Account state: INVALID", AccountName.c_str());
// Non-existant account
SendChallengeError(CE_NO_ACCOUNT);
return;
}
// Check that the account isn't banned.
if(m_account->Banned == 1)
{
SendChallengeError(CE_ACCOUNT_CLOSED);
Log.Notice("AuthChallenge","Account Name: \"%s\" - Account state: CLOSED", AccountName.c_str());
return;
}
else if(m_account->Banned > 0)
{
SendChallengeError(CE_ACCOUNT_FREEZED);
Log.Notice("AuthChallenge","Account Name: \"%s\" - Account state: FROZEN (%u)", AccountName.c_str(), m_account->Banned);
return;
}
else
Log.Notice("AuthChallenge","Account Name: \"%s\" - Account state: OK", AccountName.c_str());
// update cached locale
if(!m_account->forcedLocale)
{
char temp[4];
temp[0] = m_challenge.country[3];
temp[1] = m_challenge.country[2];
temp[2] = m_challenge.country[1];
temp[3] = m_challenge.country[0];
*(uint32*)&m_account->Locale[0] = *(uint32*)temp;
}
Sha1Hash sha;
//uint32 tc = s.GetNumBytes();
sha.UpdateData( s.AsByteArray(), 32 );
sha.UpdateData( m_account->SrpHash, 20 );
sha.Finalize();
BigNumber x;
x.SetBinary( sha.GetDigest(), sha.GetLength() );
v = g.ModExp(x, N);
b.SetRand(152);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk;
unk.SetRand(128);
uint8 response[200];
uint32 c = 0;
response[c] = 0; c += 1;
response[c] = 0; c += 1;
response[c] = CE_SUCCESS; c += 1;
memcpy(&response[c], B.AsByteArray(), 32); c += 32;
response[c] = 1; c += 1;
response[c] = g.AsByteArray()[0]; c += 1;
response[c] = 32; c += 1;
memcpy(&response[c], N.AsByteArray(), 32); c += 32;
memcpy(&response[c], s.AsByteArray(), s.GetNumBytes()); c += s.GetNumBytes();
memcpy(&response[c], unk.AsByteArray(), 16); c += 16;
response[c] = 0; c += 1;
Send(response, c);
DEBUG_LOG("AuthSocket","Sending Success Response");
}