mirror of
https://github.com/Kelsidavis/WoWee.git
synced 2026-02-20 00:04:23 -05:00
91 lines
3.0 KiB
C++
91 lines
3.0 KiB
C++
#pragma once
|
|
|
|
#include "auth/big_num.hpp"
|
|
#include <vector>
|
|
#include <cstdint>
|
|
#include <string>
|
|
|
|
namespace wowee {
|
|
namespace auth {
|
|
|
|
// SRP6a implementation for World of Warcraft authentication
|
|
// Based on the original wowee JavaScript implementation
|
|
class SRP {
|
|
public:
|
|
SRP();
|
|
~SRP() = default;
|
|
|
|
// Initialize with username and password
|
|
void initialize(const std::string& username, const std::string& password);
|
|
|
|
// Initialize with username and pre-computed auth hash (SHA1(UPPER(user):UPPER(pass)))
|
|
void initializeWithHash(const std::string& username, const std::vector<uint8_t>& authHash);
|
|
|
|
// Feed server challenge data (B, g, N, salt)
|
|
void feed(const std::vector<uint8_t>& B,
|
|
const std::vector<uint8_t>& g,
|
|
const std::vector<uint8_t>& N,
|
|
const std::vector<uint8_t>& salt);
|
|
|
|
// Some SRP implementations use k = H(N|g) instead of the WoW-specific k=3.
|
|
// Default is false (k=3).
|
|
void setUseHashedK(bool enabled) { useHashedK_ = enabled; }
|
|
|
|
// Controls how SHA1 outputs are interpreted when converted to big integers (x, u, optionally k).
|
|
// Many SRP implementations treat hash outputs as big-endian integers.
|
|
// Default is false (treat hash outputs as little-endian integers).
|
|
void setHashBigEndian(bool enabled) { hashBigEndian_ = enabled; }
|
|
|
|
// Get client public ephemeral (A) - send to server
|
|
std::vector<uint8_t> getA() const;
|
|
|
|
// Get client proof (M1) - send to server
|
|
std::vector<uint8_t> getM1() const;
|
|
|
|
// Verify server proof (M2)
|
|
bool verifyServerProof(const std::vector<uint8_t>& serverM2) const;
|
|
|
|
// Get session key (K) - used for encryption
|
|
std::vector<uint8_t> getSessionKey() const;
|
|
|
|
private:
|
|
// WoW-specific SRP multiplier (k = 3)
|
|
static constexpr uint32_t K_VALUE = 3;
|
|
|
|
// Helper methods
|
|
std::vector<uint8_t> computeAuthHash(const std::string& username,
|
|
const std::string& password) const;
|
|
void computeClientEphemeral();
|
|
void computeSessionKey();
|
|
void computeProofs(const std::string& username);
|
|
|
|
// SRP values
|
|
BigNum g; // Generator
|
|
BigNum N; // Prime modulus
|
|
BigNum k; // Multiplier (3 for WoW)
|
|
BigNum s; // Salt
|
|
BigNum a; // Client private ephemeral
|
|
BigNum A; // Client public ephemeral
|
|
BigNum B; // Server public ephemeral
|
|
BigNum x; // Salted password hash
|
|
BigNum u; // Scrambling parameter
|
|
BigNum S; // Shared session key (raw)
|
|
|
|
// Derived values
|
|
std::vector<uint8_t> K; // Interleaved session key (40 bytes)
|
|
std::vector<uint8_t> M1; // Client proof (20 bytes)
|
|
std::vector<uint8_t> M2; // Expected server proof (20 bytes)
|
|
|
|
// Stored credentials
|
|
std::string stored_username;
|
|
std::string stored_password;
|
|
std::vector<uint8_t> stored_auth_hash; // Pre-computed SHA1(UPPER(user):UPPER(pass))
|
|
|
|
bool initialized = false;
|
|
bool useHashedK_ = false;
|
|
bool hashBigEndian_ = false;
|
|
};
|
|
|
|
} // namespace auth
|
|
} // namespace wowee
|