protected override void BuildNormalResponse() { //string checkSumStr = _result.Nick + _result.UniqueNick + _result.NamespaceID; //_session.UserData.SessionKey = _crc.ComputeChecksum(checkSumStr); ChallengeProofData proofData = new ChallengeProofData( _request.UserData, _request.LoginType, _request.PartnerID, ChallengeProofData.ServerChallenge, _request.UserChallenge, _result.PasswordHash); string responseProof = ChallengeProof.GenerateProof(proofData); _sendingBuffer = @"\lc\2\sesskey\" + UserData.SessionKey; _sendingBuffer += @"\proof\" + responseProof; _sendingBuffer += @"\userid\" + _result.UserID; _sendingBuffer += @"\profileid\" + _result.ProfileID; if (_request.LoginType != LoginType.NickEmail) { _sendingBuffer += @"\uniquenick\" + _result.UniqueNick; } _sendingBuffer += $@"\lt\{UserData.LoginTicket}"; _sendingBuffer += $@"\id\{_request.OperationID}\final\"; _session.UserData.LoginStatus = LoginStatus.Completed; }
protected bool IsChallengeCorrect() { ChallengeProofData proofData = new ChallengeProofData( _request.UserData, _request.LoginType, _request.PartnerID, _request.UserChallenge, ChallengeProofData.ServerChallenge, _result.PasswordHash); string response = ChallengeProof.GenerateProof(proofData); if (_request.Response == response) { return(true); } return(false); }
/// <summary> /// Generates an MD5 hash, which is used to verify the sessions login information /// </summary> /// <returns> /// The proof verification MD5 hash string that can be compared to what the _session sends, /// to verify that the users entered password matches the specific user data in the database. /// </returns> public static string GenerateProof(ChallengeProofData data) { string tempUserData = data.UserData; // Auth token does not have partnerid append. if (data.PartnerID != (uint)PartnerID.Gamespy && data.LoginType != LoginType.AuthToken) { tempUserData = $@"{data.PartnerID}@{data.UserData}"; } // Generate our response string StringBuilder responseString = new StringBuilder(data.PasswordHash); responseString.Append(' ', 48); // 48 spaces responseString.Append(tempUserData); responseString.Append(data.Challenge1); responseString.Append(data.Challenge2); responseString.Append(data.PasswordHash); string hashString = responseString.ToString().GetMD5Hash(); return(hashString); }