diff options
Diffstat (limited to 'src/mmo/md5more.cpp')
| -rw-r--r-- | src/mmo/md5more.cpp | 128 |
1 files changed, 128 insertions, 0 deletions
diff --git a/src/mmo/md5more.cpp b/src/mmo/md5more.cpp new file mode 100644 index 0000000..51ff5c4 --- /dev/null +++ b/src/mmo/md5more.cpp @@ -0,0 +1,128 @@ +#include "md5more.hpp" + +#include "../compat/rawmem.hpp" + +#include "../generic/random.hpp" + +#include "../io/cxxstdio.hpp" + +#include "../poison.hpp" + +#define X block.data + +// TODO - refactor MD5 into a stream, and merge the implementations +// I once implemented an ostream that does it ... +MD5_state MD5_from_FILE(io::ReadFile& in) +{ + uint64_t total_len = 0; + + uint8_t buf[0x40]; + uint8_t block_len = 0; + + MD5_state state; + MD5_init(&state); + + MD5_block block; + + while (true) + { + size_t rv = in.get(sign_cast<char *>(buf + block_len), 0x40 - block_len); + if (!rv) + break; + total_len += 8 * rv; // in bits + block_len += rv; + if (block_len != 0x40) + continue; + for (int i = 0; i < 0x10; i++) + X[i] = buf[4 * i + 0] | buf[4 * i + 1] << 8 | buf[4 * i + 2] << 16 | buf[4 * i + 3] << 24; + MD5_do_block(&state, block); + block_len = 0; + } + // no more input, just pad and append the length + buf[block_len] = 0x80; + really_memset0(buf + block_len + 1, 0x40 - block_len - 1); + if (block_len < 0x38) + { + for (int i = 0; i < 8; i++) + buf[0x38 + i] = total_len >> i * 8; + } + for (int i = 0; i < 0x10; i++) + X[i] = buf[4 * i + 0] | buf[4 * i + 1] << 8 | buf[4 * i + 2] << 16 | buf[4 * i + 3] << 24; + MD5_do_block(&state, block); + if (0x38 <= block_len) + { + really_memset0(buf, 0x38); + for (int i = 0; i < 8; i++) + buf[0x38 + i] = total_len >> i * 8; + for (int i = 0; i < 0x10; i++) + X[i] = buf[4 * i + 0] | buf[4 * i + 1] << 8 | buf[4 * i + 2] << 16 | buf[4 * i + 3] << 24; + MD5_do_block(&state, block); + } + return state; +} + + +// Hash a password with a salt. +// Whoever wrote this FAILS programming +AccountCrypt MD5_saltcrypt(AccountPass key, SaltString salt) +{ + char cbuf[64] {}; + + // hash the key then the salt + // buf ends up as a 64-char NUL-terminated string + md5_string tbuf, tbuf2; + MD5_to_str(MD5_from_string(key), tbuf); + MD5_to_str(MD5_from_string(salt), tbuf2); + const auto it = std::copy(tbuf.begin(), tbuf.end(), std::begin(cbuf)); + auto it2 = std::copy(tbuf2.begin(), tbuf2.end(), it); + assert(it2 == std::end(cbuf)); + + md5_string tbuf3; + MD5_to_str(MD5_from_string(XString(std::begin(cbuf), it2, nullptr)), tbuf3); + + VString<31> obuf; + + // This truncates the string, but we have to keep it like that for compatibility + SNPRINTF(obuf, 32, "!%s$%s", salt, tbuf3); + return stringish<AccountCrypt>(obuf); +} + +SaltString make_salt(void) +{ + char salt[5]; + for (int i = 0; i < 5; i++) + // 126 would probably actually be okay + salt[i] = random_::in(48, 125); + return stringish<SaltString>(XString(salt + 0, salt + 5, nullptr)); +} + +bool pass_ok(AccountPass password, AccountCrypt crypted) +{ + // crypted is like !salt$hash + auto begin = crypted.begin() + 1; + auto end = std::find(begin, crypted.end(), '$'); + SaltString salt = stringish<SaltString>(crypted.xislice(begin, end)); + + return crypted == MD5_saltcrypt(password, salt); +} + +// [M|h]ashes up an IP address and a secret key +// to return a hopefully unique masked IP. +IP4Address MD5_ip(IP4Address ip) +{ + static SaltString secret = make_salt(); + + // MD5sum a secret + the IP address + VString<31> ipbuf; + SNPRINTF(ipbuf, 32, "%s %s", ip, secret); + md5_binary obuf; + MD5_to_bin(MD5_from_string(ipbuf), obuf); + + // Fold the md5sum to 32 bits, pack the bytes to an in_addr + return IP4Address({ + static_cast<uint8_t>(obuf[0] ^ obuf[1] ^ obuf[8] ^ obuf[9]), + static_cast<uint8_t>(obuf[2] ^ obuf[3] ^ obuf[10] ^ obuf[11]), + static_cast<uint8_t>(obuf[4] ^ obuf[5] ^ obuf[12] ^ obuf[13]), + static_cast<uint8_t>(obuf[6] ^ obuf[7] ^ obuf[14] ^ obuf[15]), + }); +} |