mirror of
https://github.com/Kelsidavis/WoWee.git
synced 2026-03-23 15:50:20 +00:00
669d89c108
Save SHA1(UPPER(user):UPPER(pass)) hash to login.cfg instead of the plaintext password. On subsequent logins, use the stored hash directly with a new authenticateWithHash() method that bypasses password hashing. The password field shows a placeholder when using a stored hash.
79 lines
2.5 KiB
C++
79 lines
2.5 KiB
C++
#pragma once
|
|
|
|
#include "auth/big_num.hpp"
|
|
#include <vector>
|
|
#include <cstdint>
|
|
#include <string>
|
|
|
|
namespace wowee {
|
|
namespace auth {
|
|
|
|
// SRP6a implementation for World of Warcraft authentication
|
|
// Based on the original wowee JavaScript implementation
|
|
class SRP {
|
|
public:
|
|
SRP();
|
|
~SRP() = default;
|
|
|
|
// Initialize with username and password
|
|
void initialize(const std::string& username, const std::string& password);
|
|
|
|
// Initialize with username and pre-computed auth hash (SHA1(UPPER(user):UPPER(pass)))
|
|
void initializeWithHash(const std::string& username, const std::vector<uint8_t>& authHash);
|
|
|
|
// Feed server challenge data (B, g, N, salt)
|
|
void feed(const std::vector<uint8_t>& B,
|
|
const std::vector<uint8_t>& g,
|
|
const std::vector<uint8_t>& N,
|
|
const std::vector<uint8_t>& salt);
|
|
|
|
// Get client public ephemeral (A) - send to server
|
|
std::vector<uint8_t> getA() const;
|
|
|
|
// Get client proof (M1) - send to server
|
|
std::vector<uint8_t> getM1() const;
|
|
|
|
// Verify server proof (M2)
|
|
bool verifyServerProof(const std::vector<uint8_t>& serverM2) const;
|
|
|
|
// Get session key (K) - used for encryption
|
|
std::vector<uint8_t> getSessionKey() const;
|
|
|
|
private:
|
|
// WoW-specific SRP multiplier (k = 3)
|
|
static constexpr uint32_t K_VALUE = 3;
|
|
|
|
// Helper methods
|
|
std::vector<uint8_t> computeAuthHash(const std::string& username,
|
|
const std::string& password) const;
|
|
void computeClientEphemeral();
|
|
void computeSessionKey();
|
|
void computeProofs(const std::string& username);
|
|
|
|
// SRP values
|
|
BigNum g; // Generator
|
|
BigNum N; // Prime modulus
|
|
BigNum k; // Multiplier (3 for WoW)
|
|
BigNum s; // Salt
|
|
BigNum a; // Client private ephemeral
|
|
BigNum A; // Client public ephemeral
|
|
BigNum B; // Server public ephemeral
|
|
BigNum x; // Salted password hash
|
|
BigNum u; // Scrambling parameter
|
|
BigNum S; // Shared session key (raw)
|
|
|
|
// Derived values
|
|
std::vector<uint8_t> K; // Interleaved session key (40 bytes)
|
|
std::vector<uint8_t> M1; // Client proof (20 bytes)
|
|
std::vector<uint8_t> M2; // Expected server proof (20 bytes)
|
|
|
|
// Stored credentials
|
|
std::string stored_username;
|
|
std::string stored_password;
|
|
std::vector<uint8_t> stored_auth_hash; // Pre-computed SHA1(UPPER(user):UPPER(pass))
|
|
|
|
bool initialized = false;
|
|
};
|
|
|
|
} // namespace auth
|
|
} // namespace wowee
|