// Ryzom - MMORPG Framework
// Copyright (C) 2010 Winch Gate Property Limited
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see .
#include "stdpch.h"
#include "security_check.h"
using namespace NLMISC;
using namespace NLNET;
//
CSecurityCheckForFastDisconnection::CSecurityCheckForFastDisconnection()
{
memset(&Block, 0, sizeof(Block)); // ensure encode() will work the same of different builds
}
//
void CSecurityCheckForFastDisconnection::receiveSecurityCode(NLMISC::IStream& msgin)
{
msgin.serial(Block.SessionId);
SecurityCode.serial(msgin);
}
//
void CSecurityCheckForFastDisconnection::forwardSecurityCode(NLMISC::IStream& msgout, TSessionId sessionId, CSecurityCode& securityCode)
{
msgout.serial(sessionId);
securityCode.serial(msgout);
}
//
CSecurityCode CSecurityCheckForFastDisconnection::encode(char *passPhrase)
{
if (!passPhrase)
throw Exception("Null passPhrase");
strncpy(Block.PassPhrase, passPhrase, 10);
CHashKeyMD5 md5 = getMD5((uint8*)&Block, sizeof(Block));
CSecurityCode sc; // parts from NLMISC::CHashKeyMD5 (would CRC16 be better?)
sc.Data[0] = md5.Data[0];
sc.Data[1] = md5.Data[15];
return sc;
}
//
void CSecurityCheckForFastDisconnection::check(char *passPhrase)
{
if (SecurityCode != encode(passPhrase))
throw Exception("Check not passed");
}
/*
// The following code helps ensure a sub portion of the md5 produces a wide range of different data
for (uint i=1; i!=10000; ++i)
{
CSecurityCheckForFastDisconnection securityCheck;
securityCheck.setSessionId(i);
securityCheck.setCookie(cookie);
CHashKeyMD5 md5 = securityCheck.encode(""); // replace by pwd
uint8 Data[2];
Data[0] = md5.Data[0];
Data[1] = md5.Data[15];
InfoLog->displayNL("%u\t%u", i, Data[0] + (Data[1] << 8));
}
for (uint i=1; i!=100; ++i)
{
CLoginCookie ck2;
ck2.set(cookie.getUserAddr(), cookie.generateKey(), cookie.getUserId());
CSecurityCheckForFastDisconnection securityCheck;
securityCheck.setSessionId(sessionId);
securityCheck.setCookie(ck2);
CHashKeyMD5 md5 = securityCheck.encode(""); // replace by pwd
uint8 Data[2];
Data[0] = md5.Data[0];
Data[1] = md5.Data[15];
InfoLog->displayNL("%u\t%u", i, Data[0] + (Data[1] << 8));
}
*/