diff options
Diffstat (limited to 'src/routers/vault/utils/md5saltcrypt.js')
-rw-r--r-- | src/routers/vault/utils/md5saltcrypt.js | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/src/routers/vault/utils/md5saltcrypt.js b/src/routers/vault/utils/md5saltcrypt.js new file mode 100644 index 0000000..55933f5 --- /dev/null +++ b/src/routers/vault/utils/md5saltcrypt.js @@ -0,0 +1,38 @@ +// password hashing for the Legacy server +// https://gitlab.com/evol/evol-hercules/blob/master/src/elogin/md5calc.c +// https://github.com/themanaworld/tmwa/blob/c82c9741bc1a0b110bccce1bcc76903a6e747a00/src/high/md5more.cpp + +const crypto = require("crypto"); // native + +// generate md5 from string +const md5 = (str) => crypto.createHash("md5").update(str).digest("hex"); + +// weak md5 password hashing and salting (eAthena) +const md5saltcrypt = (salt, plain) => md5(md5(plain) + md5(salt)).slice(0, -8); + +// check plain password against its salted hash +const verify = (salt, hashed, plain) => md5saltcrypt(salt, plain) === hashed; + +// takes apart a password string (!salt$hash) and verifies it +const verify_ea = (raw, plain) => verify(raw.slice(1, 6), raw.slice(-24), plain); + +// generate a new salt +const new_salt = () => { + let salt = ""; + do { + salt += String.fromCharCode(Math.floor(78 * Math.random() + 48)); + } while (salt.length < 5); + return salt; +}; + +// generate a password string with the given salt +const hash = (salt, plain) => `!${salt}$${md5saltcrypt(salt, plain)}`; + +// generate a password string with a new salt +const hash_new = (plain) => hash(new_salt(), plain); + + +module.exports = { + verify: verify_ea, + hash: hash_new, +}; |