public static byte[] XeCryptHmacSha(byte[] key, byte[] input, int inputOffset, int inputCount) {
var sha = new HMACSHA1(key);
sha.TransformFinalBlock(input, inputOffset, inputCount);
return sha.Hash;
}
/// <summary>
/// returns the hmac of the data and the annotation chunk values (except HMAC chunk itself)
/// </summary>
protected byte[] hmac()
{
using(HMACSHA1 hmac=new HMACSHA1(Config.HMAC_KEY)) {
hmac.TransformBlock(this.data, 0, this.data.Length, this.data, 0);
foreach(var e in this.annotations)
{
if(e.Key!="HMAC")
hmac.TransformBlock(e.Value, 0, e.Value.Length, e.Value, 0);
}
hmac.TransformFinalBlock(this.data, 0, 0);
return hmac.Hash;
}
}
public byte[] pyrohmac(byte[] data, IDictionary<string, byte[]> annotations)
{
using(HMACSHA1 hmac=new HMACSHA1(Config.HMAC_KEY)) {
hmac.TransformBlock(data, 0, data.Length, data, 0);
if(annotations!=null)
{
foreach(var e in annotations)
{
if(e.Key!="HMAC")
hmac.TransformBlock(e.Value, 0, e.Value.Length, e.Value, 0);
}
}
hmac.TransformFinalBlock(data, 0, 0);
return hmac.Hash;
}
}
public void GenerateSessionKey(byte[] clientSalt, byte[] serverSalt)
{
var hmac = new HMACSHA1(SecureRemotePassword.SessionKey);
var wow = Encoding.ASCII.GetBytes("WoW\0");
var wowSessionKey = new byte[0x28];
hmac.TransformBlock(wow, 0, wow.Length, wow, 0);
hmac.TransformBlock(clientSalt, 0, clientSalt.Length, clientSalt, 0);
hmac.TransformFinalBlock(serverSalt, 0, serverSalt.Length);
Buffer.BlockCopy(hmac.Hash, 0, wowSessionKey, 0, hmac.Hash.Length);
hmac.Initialize();
hmac.TransformBlock(wow, 0, wow.Length, wow, 0);
hmac.TransformBlock(serverSalt, 0, serverSalt.Length, serverSalt, 0);
hmac.TransformFinalBlock(clientSalt, 0, clientSalt.Length);
Buffer.BlockCopy(hmac.Hash, 0, wowSessionKey, hmac.Hash.Length, hmac.Hash.Length);
GameAccount.SessionKey = wowSessionKey.ToHexString();
// Update SessionKey in database
DB.Auth.Update(GameAccount);
}
private string sign(byte[] hashBytes)
{
// Compute the signature hash
HMACSHA1 mac = new HMACSHA1(secret);
log.TraceEvent(TraceEventType.Verbose, 0, hashBytes.Length + " bytes to hash");
mac.TransformFinalBlock(hashBytes, 0, hashBytes.Length);
byte[] hashData = mac.Hash;
log.TraceEvent(TraceEventType.Verbose, 0, hashData.Length + " bytes in signature");
// Encode the hash in Base64.
string hashOut = Convert.ToBase64String(hashData);
log.TraceEvent(TraceEventType.Verbose, 0, "Hash: " + hashOut);
return hashOut;
}
public void CheckE (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new HMACSHA1 (key);
byte[] copy = new byte [data.Length];
// LAMESPEC or FIXME: TransformFinalBlock doesn't return HashValue !
for (int i=0; i < data.Length - 1; i++)
algo.TransformBlock (data, i, 1, copy, i);
algo.TransformFinalBlock (data, data.Length - 1, 1);
Assert.AreEqual (result, algo.Hash, testName + "e");
}
public void CheckD (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new HMACSHA1 (key);
// LAMESPEC or FIXME: TransformFinalBlock doesn't return HashValue !
algo.TransformFinalBlock (data, 0, data.Length);
Assert.AreEqual (result, algo.Hash, testName + "d");
}
/// <summary>
/// Decrypts using AES/CBC/PKCS7 with an input byte array and key, using the IV (comprised of random bytes and the HMAC-SHA1 of the random bytes and plaintext) prepended using AES/ECB/None
/// </summary>
public static byte[] SymmetricDecryptHMACIV( byte[] input, byte[] key, byte[] hmacSecret )
{
Debug.Assert( key.Length >= 16 );
var truncatedKeyForHmac = new byte[ 16 ];
Array.Copy( key, 0, truncatedKeyForHmac, 0, truncatedKeyForHmac.Length );
byte[] iv;
var plaintextData = SymmetricDecrypt( input, key, out iv );
// validate HMAC
byte[] hmacBytes;
using ( var hmac = new HMACSHA1( hmacSecret ) )
{
hmac.TransformBlock( iv, iv.Length - 3, 3, null, 0 );
hmac.TransformFinalBlock( plaintextData, 0, plaintextData.Length );
hmacBytes = hmac.Hash;
}
if ( !hmacBytes.Take( iv.Length - 3 ).SequenceEqual( iv.Take( iv.Length - 3 ) ) )
{
throw new CryptographicException( string.Format( CultureInfo.InvariantCulture, "{0} was unable to decrypt packet: HMAC from server did not match computed HMAC.", nameof(NetFilterEncryption) ) );
}
return plaintextData;
}
/// <summary>
/// Performs an encryption using AES/CBC/PKCS7 with an input byte array and key, with a IV (comprised of random bytes and the HMAC-SHA1 of the random bytes and plaintext) prepended using AES/ECB/None
/// </summary>
public static byte[] SymmetricEncryptWithHMACIV( byte[] input, byte[] key, byte[] hmacSecret )
{
// IV is HMAC-SHA1(Random(3) + Plaintext) + Random(3). (Same random values for both)
var iv = new byte[ 16 ];
var random = GenerateRandomBlock( 3 );
Array.Copy( random, 0, iv, iv.Length - random.Length, random.Length );
using ( var hmac = new HMACSHA1( hmacSecret ) )
{
hmac.TransformBlock( random, 0, random.Length, null, 0 );
hmac.TransformFinalBlock( input, 0, input.Length );
Array.Copy( hmac.Hash, iv, iv.Length - random.Length );
}
return SymmetricEncryptWithIV( input, key, iv );
}
/// <summary>
/// returns the hmac of the data and the annotation chunk values (except HMAC chunk itself)
/// </summary>
public byte[] hmac(byte[] key)
{
using(HMACSHA1 hmac=new HMACSHA1(key)) {
hmac.TransformBlock(this.data, 0, this.data.Length, this.data, 0);
foreach(var e in this.annotations.OrderBy(a=>a.Key))
{
if(e.Key!="HMAC")
hmac.TransformBlock(e.Value, 0, e.Value.Length, e.Value, 0);
}
hmac.TransformFinalBlock(this.data, 0, 0);
return hmac.Hash;
}
}
byte[] ComputeToken(byte[] hash, byte[] ascii_text)
{
using (HMAC hmac = new HMACSHA1 (_hmac_key, true)) {
hmac.Initialize ();
hmac.TransformBlock (hash, 0, hash.Length, null, 0);
hmac.TransformBlock (ascii_text, 0, ascii_text.Length, null, 0);
hmac.TransformFinalBlock (_salt, 0, _salt.Length);
return hmac.Hash;
}
}
