public static void HandleAuthLogOnProof(IClient client, IncomingAuthPacket packet)
{
Contract.Requires(client != null);
Contract.Requires(packet != null);
var clientPublicEphemeralA = packet.ReadBigInteger(32);
// Client Proof.
// SHA1 of { SHA1(Modulus) ^ SHA1(Generator), SHA1(USERNAME), salt, PublicA, PublicB, SessionKey }
var clientResult = packet.ReadBigInteger(20);
// SHA1 hash of the PublicA and HMACSHA1 of the contents of WoW.exe and unicows.dll. HMAC seed is the 16 bytes at the end of the challenge sent by the server.
packet.ReadBytes(20); // these can safely be ignored, clientFileHash
// the client tends to send 0, but just in case it's safer to implement this.
var numKeys = packet.ReadByte();
if (numKeys > 0)
{
// only initialize the array if we actually HAVE keys
AuthLogonKey[] keys = new AuthLogonKey[numKeys];
for (byte key = 0; key < numKeys; key++)
{
var unk1 = packet.ReadInt16();
var unk2 = packet.ReadInt32();
var unk3 = packet.ReadBytes(4);
// SHA of { PublicA, PublicB, byte[20] unknown data }
var shaHash = packet.ReadBytes(20);
Contract.Assume(unk3.Length == 4);
Contract.Assume(shaHash.Length == 20);
keys[key] = new AuthLogonKey(unk1, unk2, unk3, shaHash);
}
}
var securityFlags = (ExtraSecurityFlags)packet.ReadByte(); // can be safely ignored
if (securityFlags.HasFlag(ExtraSecurityFlags.PIN))
{
packet.ReadBytes(16); // pinRandom
packet.ReadBytes(20); // pinSha1
}
if (securityFlags.HasFlag(ExtraSecurityFlags.Matrix))
{
packet.ReadBytes(20); // matrixHmacResult
}
if (securityFlags.HasFlag(ExtraSecurityFlags.SecurityToken))
{
var tokenLength = packet.ReadByte();
packet.ReadBytes(tokenLength); // token
}
SRPServer srpData = client.UserData.SRP;
srpData.PublicEphemeralValueA = clientPublicEphemeralA;
var success = srpData.Validator.IsClientProofValid(clientResult);
if (success)
{
SendAuthenticationLogOnProofSuccess(client, srpData.Validator.ServerSessionKeyProof);
client.AddPermission(new AuthenticatedPermission());
}
else
SendAuthenticationLogOnProofFailure(client, AuthResult.FailUnknownAccount);
}
public static void HandleReconnectProof(IClient client, IncomingAuthPacket packet)
{
// MD5 hash of { AccountName, byte[16] random data }
BigInteger r1 = packet.ReadBigInteger(16);
// SHA1 hash of { AccountName, MD5 from above, ReconnectProof, SessionKey }
BigInteger r2 = packet.ReadBigInteger(20);
// SHA1 hash of { MD5 from above, byte[16] of 0's }
var r3 = packet.ReadBigInteger(20); // r3Data
var numKeys = packet.ReadByte();
if (numKeys > 0)
{
// only initialize the array if we actually HAVE keys
AuthLogonKey[] keys = new AuthLogonKey[numKeys];
for (byte key = 0; key < numKeys; key++)
{
var unk1 = packet.ReadInt16();
var unk2 = packet.ReadInt32();
var unk3 = packet.ReadBytes(4);
var shaHash = packet.ReadBytes(20);
keys[key] = new AuthLogonKey(unk1, unk2, unk3, shaHash);
}
}
SRPServer srpData = client.UserData.SRP;
string username = client.UserData.Username;
BigInteger rand = client.UserData.ReconnectRand;
// TODO fetch this from the database (or some other persistent storage)
//BigInteger sessionKey = null ?? new BigInteger(0);
BigInteger hash = srpData.Hash(new HashDataBroker(Encoding.ASCII.GetBytes(username)), r1, rand);
if (hash == r2)
{
SendReconnectProofSuccess(client);
client.AddPermission(new AuthenticatedPermission());
}
else
client.Disconnect();
}
