TrinityCore
Loading...
Searching...
No Matches
SRP6.h
Go to the documentation of this file.
1/*
2 * This file is part of the TrinityCore Project. See AUTHORS file for Copyright information
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 * You should have received a copy of the GNU General Public License along
15 * with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18#ifndef TRINITY_SRP6_H
19#define TRINITY_SRP6_H
20
21#include "AuthDefines.h"
22#include "BigNumber.h"
23#include "Define.h"
24#include "Common.h"
25#include "CryptoHash.h"
26#include <array>
27#include <optional>
28
29namespace Trinity::Crypto
30{
32 {
33 public:
34 static constexpr size_t SALT_LENGTH = 32;
35 using Salt = std::array<uint8, SALT_LENGTH>;
36 static constexpr size_t VERIFIER_LENGTH = 32;
37 using Verifier = std::array<uint8, VERIFIER_LENGTH>;
38 static constexpr size_t EPHEMERAL_KEY_LENGTH = 32;
39 using EphemeralKey = std::array<uint8, EPHEMERAL_KEY_LENGTH>;
40
41 static std::array<uint8, 1> const g;
42 static std::array<uint8, 32> const N;
43
44 // username + password must be passed through Utf8ToUpperOnlyLatin FIRST!
45 static std::pair<Salt, Verifier> MakeRegistrationData(std::string const& username, std::string const& password);
46 // username + password must be passed through Utf8ToUpperOnlyLatin FIRST!
47 static bool CheckLogin(std::string const& username, std::string const& password, Salt const& salt, Verifier const& verifier)
48 {
49 return (verifier == CalculateVerifier(username, password, salt));
50 }
51
52 static SHA1::Digest GetSessionVerifier(EphemeralKey const& A, SHA1::Digest const& clientM, SessionKey const& K)
53 {
54 return SHA1::GetDigestOf(A, clientM, K);
55 }
56
57 SRP6(std::string const& username, Salt const& salt, Verifier const& verifier);
58 std::optional<SessionKey> VerifyChallengeResponse(EphemeralKey const& A, SHA1::Digest const& clientM);
59
60 private:
61 bool _used = false; // a single instance can only be used to verify once
62
63 static Verifier CalculateVerifier(std::string const& username, std::string const& password, Salt const& salt);
64 static SessionKey SHA1Interleave(EphemeralKey const& S);
65
66 /* global algorithm parameters */
67 static BigNumber const _g; // a [g]enerator for the ring of integers mod N, algorithm parameter
68 static BigNumber const _N; // the modulus, an algorithm parameter; all operations are mod this
69
70 static EphemeralKey _B(BigNumber const& b, BigNumber const& v) { return ((_g.ModExp(b,_N) + (v * 3)) % N).ToByteArray<EPHEMERAL_KEY_LENGTH>(); }
71
72 /* per-instantiation parameters, set on construction */
73 SHA1::Digest const _I; // H(I) - the username, all uppercase
74 BigNumber const _b; // b - randomly chosen by the server, 19 bytes, never given out
75 BigNumber const _v; // v - the user's password verifier, derived from s + H(USERNAME || ":" || PASSWORD)
76
77 public:
78 Salt const s; // s - the user's password salt, random, used to calculate v on registration
79 EphemeralKey const B; // B = 3v + g^b
80 };
81}
82
83#endif
std::array< uint8, SESSION_KEY_LENGTH > SessionKey
Definition AuthDefines.h:25
#define TC_COMMON_API
Definition Define.h:96
Trinity::Crypto::SRP6 SRP6
Definition SRP6.cpp:25
BigNumber ModExp(BigNumber const &bn1, BigNumber const &bn2) const
EphemeralKey const B
Definition SRP6.h:79
BigNumber const _b
Definition SRP6.h:74
static std::array< uint8, 32 > const N
Definition SRP6.h:42
Salt const s
Definition SRP6.h:78
static BigNumber const _N
Definition SRP6.h:68
std::array< uint8, SALT_LENGTH > Salt
Definition SRP6.h:35
std::array< uint8, EPHEMERAL_KEY_LENGTH > EphemeralKey
Definition SRP6.h:39
BigNumber const _v
Definition SRP6.h:75
static std::array< uint8, 1 > const g
Definition SRP6.h:41
static EphemeralKey _B(BigNumber const &b, BigNumber const &v)
Definition SRP6.h:70
std::array< uint8, VERIFIER_LENGTH > Verifier
Definition SRP6.h:37
static BigNumber const _g
Definition SRP6.h:67
static SHA1::Digest GetSessionVerifier(EphemeralKey const &A, SHA1::Digest const &clientM, SessionKey const &K)
Definition SRP6.h:52
SHA1::Digest const _I
Definition SRP6.h:73
static bool CheckLogin(std::string const &username, std::string const &password, Salt const &salt, Verifier const &verifier)
Definition SRP6.h:47
std::array< uint8, DIGEST_LENGTH > Digest
Definition CryptoHash.h:47
static Digest GetDigestOf(uint8 const *data, size_t len)
Definition CryptoHash.h:49