Exemple #1
        void HandleRealmLogonChallenge()
            ServerAuthChallenge challenge = new ServerAuthChallenge(new BinaryReader(connection.GetStream()));

            switch (challenge.error)
                case AuthResult.SUCCESS:
                    Game.UI.LogLine("Received logon challenge", LogLevel.Debug);

                    BigInteger N, A, B, a, u, x, S, salt, unk1, g, k;
                    k = new BigInteger(3);

                    #region Receive and initialize

                    B = challenge.B.ToBigInteger();			// server public key
                    g = challenge.g.ToBigInteger();
                    N = challenge.N.ToBigInteger();			// modulus
                    salt = challenge.salt.ToBigInteger();
                    unk1 = challenge.unk3.ToBigInteger();

                    Game.UI.LogLine("---====== Received from server: ======---", LogLevel.Debug);
                    Game.UI.LogLine(string.Format("B={0}", B.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("N={0}", N.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("salt={0}", challenge.salt.ToHexString()), LogLevel.Debug);


                    #region Hash password

                    x = HashAlgorithm.SHA1.Hash(challenge.salt, PasswordHash).ToBigInteger();

                    Game.UI.LogLine("---====== shared password hash ======---", LogLevel.Debug);
                    Game.UI.LogLine(string.Format("g={0}", g.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("x={0}", x.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("N={0}", N.ToCleanByteArray().ToHexString()), LogLevel.Debug);


                    #region Create random key pair

                    var rand = System.Security.Cryptography.RandomNumberGenerator.Create();

                        byte[] randBytes = new byte[19];
                        a = randBytes.ToBigInteger();

                        A = g.ModPow(a, N);
                    } while (A.ModPow(1, N) == 0);

                    Game.UI.LogLine("---====== Send data to server: ======---", LogLevel.Debug);
                    Game.UI.LogLine(string.Format("A={0}", A.ToCleanByteArray().ToHexString()), LogLevel.Debug);


                    #region Compute session key

                    u = HashAlgorithm.SHA1.Hash(A.ToCleanByteArray(), B.ToCleanByteArray()).ToBigInteger();

                    // compute session key
                    // TODO: session key computation fails for some reason
                    //     all variables match exactly to the server side, but
                    //     S is different
                    S = (B - k * g.ModPow(x, N)).ModPow(a + u * x, N);

                    byte[] keyHash;
                    byte[] sData = S.ToCleanByteArray();
                    byte[] keyData = new byte[40];
                    byte[] temp = new byte[16];

                    // take every even indices byte, hash, store in even indices
                    for (int i = 0; i < 16; ++i)
                        temp[i] = sData[i * 2];
                    keyHash = HashAlgorithm.SHA1.Hash(temp);
                    for (int i = 0; i < 20; ++i)
                        keyData[i * 2] = keyHash[i];

                    // do the same for odd indices
                    for (int i = 0; i < 16; ++i)
                        temp[i] = sData[i * 2 + 1];
                    keyHash = HashAlgorithm.SHA1.Hash(temp);
                    for (int i = 0; i < 20; ++i)
                        keyData[i * 2 + 1] = keyHash[i];

                    Key = keyData.ToBigInteger();

                    Game.UI.LogLine("---====== Compute session key ======---", LogLevel.Debug);
                    Game.UI.LogLine(string.Format("u={0}", u.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("S={0}", S.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("K={0}", Key.ToCleanByteArray().ToHexString()), LogLevel.Debug);


                    #region Generate crypto proof

                    // XOR the hashes of N and g together
                    byte[] gNHash = new byte[20];

                    byte[] nHash = HashAlgorithm.SHA1.Hash(N.ToCleanByteArray());
                    for (int i = 0; i < 20; ++i)
                        gNHash[i] = nHash[i];
                    Game.UI.LogLine(string.Format("nHash={0}", nHash.ToHexString()), LogLevel.Debug);

                    byte[] gHash = HashAlgorithm.SHA1.Hash(g.ToCleanByteArray());
                    for (int i = 0; i < 20; ++i)
                        gNHash[i] ^= gHash[i];
                    Game.UI.LogLine(string.Format("gHash={0}", gHash.ToHexString()), LogLevel.Debug);

                    // hash username
                    byte[] userHash = HashAlgorithm.SHA1.Hash(Encoding.ASCII.GetBytes(Username));

                    // our proof
                    byte[] m1Hash = HashAlgorithm.SHA1.Hash

                    Game.UI.LogLine("---====== Client proof: ======---", LogLevel.Debug);
                    Game.UI.LogLine(string.Format("gNHash={0}", gNHash.ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("userHash={0}", userHash.ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("salt={0}", challenge.salt.ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("A={0}", A.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("B={0}", B.ToCleanByteArray().ToHexString()), LogLevel.Debug);
                    Game.UI.LogLine(string.Format("key={0}", Key.ToCleanByteArray().ToHexString()), LogLevel.Debug);

                    Game.UI.LogLine("---====== Send proof to server: ======---", LogLevel.Debug);
                    Game.UI.LogLine(string.Format("M={0}", m1Hash.ToHexString()), LogLevel.Debug);

                    // expected proof for server
                    m2 = HashAlgorithm.SHA1.Hash(A.ToCleanByteArray(), m1Hash, keyData);


                    #region Send proof

                    ClientAuthProof proof = new ClientAuthProof()
                        A = A.ToCleanByteArray(),
                        M1 = m1Hash,
                        crc = new byte[20],

                    Game.UI.LogLine("Sending logon proof", LogLevel.Debug);


                case AuthResult.NO_MATCH:
                    Game.UI.LogLine("Unknown account name", LogLevel.Error);
                case AuthResult.ACCOUNT_IN_USE:
                    Game.UI.LogLine("Account already logged in", LogLevel.Error);
                case AuthResult.WRONG_BUILD_NUMBER:
                    Game.UI.LogLine("Wrong build number", LogLevel.Error);

            // get next command