Improve encrypt/decrypt algorithms

11 years ago · 4751941e4f
parent f492d291eb
commit 4751941e4f
5 changed files with 35 additions and 23 deletions
--- a/modules/client/client.lua
+++ b/modules/client/client.lua
@ -89,9 +89,7 @@ function init()

  -- generate machine uuid, this is a security measure for storing passwords
  if not g_crypt.setMachineUUID(g_configs.get('uuid')) then
-    local uuid = g_crypt.genUUID()
-    g_crypt.setMachineUUID(uuid)
-    g_configs.set('uuid', uuid)
+    g_configs.set('uuid', g_crypt.getMachineUUID())
    g_configs.save()
  end

--- a/modules/game_interface/gameinterface.lua
+++ b/modules/game_interface/gameinterface.lua
@ -553,7 +553,7 @@ function processMouseAction(menuPosition, mouseButton, autoWalkPos, lookThing, u
  player:stopAutoWalk()

  if autoWalkPos and keyboardModifiers == KeyboardNoModifier and mouseButton == MouseLeftButton then
-    player.onAutoWalkFail = function() modules.game_textmessage.displayStatusMessage(tr('There is no way.')) end
+    player.onAutoWalkFail = function() modules.game_textmessage.displayFailureMessage(tr('There is no way.')) end
    player:autoWalk(autoWalkPos)
    return true
  end
--- a/modules/game_minimap/minimap.lua
+++ b/modules/game_minimap/minimap.lua
@ -387,7 +387,7 @@ end
 function minimapAutoWalk(pos)
  local player = g_game.getLocalPlayer()
  if not player:autoWalk(pos) then
-    modules.game_textmessage.displayStatusMessage(tr('There is no way.'))
+    player.onAutoWalkFail = function() modules.game_textmessage.displayFailureMessage(tr('There is no way.')) end
    return false
  else
    return true
--- a/src/framework/util/crypt.cpp
+++ b/src/framework/util/crypt.cpp
@ -25,6 +25,7 @@
 #include <framework/core/logger.h>
 #include <framework/core/resourcemanager.h>
 #include <framework/platform/platform.h>
+#include <framework/core/application.h>

 #include <boost/uuid/uuid_generators.hpp>
 #include <boost/uuid/uuid_io.hpp>
@ -158,46 +159,57 @@ std::string Crypt::genUUID()
    return boost::uuids::to_string(u);
 }

-bool Crypt::setMachineUUID(const std::string& uuidstr)
+bool Crypt::setMachineUUID(std::string uuidstr)
 {
    if(uuidstr.empty())
        return false;
-    std::stringstream ss;
-    ss << uuidstr;
-    ss >> m_machineUUID;
-    return !m_machineUUID.is_nil();
+    uuidstr = _decrypt(uuidstr, false);
+    if(uuidstr.length() != 16)
+        return false;
+    std::copy(uuidstr.begin(), uuidstr.end(), m_machineUUID.begin());
+    return true;
 }

 std::string Crypt::getMachineUUID()
 {
-    return boost::uuids::to_string(m_machineUUID);
+    if(m_machineUUID.is_nil()) {
+        boost::uuids::random_generator gen;
+        m_machineUUID = gen();
+    }
+    return _encrypt(std::string(m_machineUUID.begin(), m_machineUUID.end()), false);
 }

-std::string Crypt::getMachineKey()
+std::string Crypt::getCryptKey(bool useMachineUUID)
 {
    boost::hash<boost::uuids::uuid> uuid_hasher;
-
-    boost::uuids::name_generator gen(m_machineUUID);
-    boost::uuids::uuid u = gen(g_platform.getCPUName() + g_platform.getOSName() + g_resources.getUserDir());
+    boost::uuids::uuid uuid;
+    if(useMachineUUID) {
+        uuid = m_machineUUID;
+    } else {
+        boost::uuids::nil_generator nilgen;
+        uuid = nilgen();
+    }
+    boost::uuids::name_generator namegen(uuid);
+    boost::uuids::uuid u = namegen(g_app.getCompactName() + g_platform.getCPUName() + g_platform.getOSName() + g_resources.getUserDir());
    std::size_t hash = uuid_hasher(u);
    std::string key;
    key.assign((const char *)&hash, sizeof(hash));
    return key;
 }

-std::string Crypt::encrypt(const std::string& decrypted_string)
+std::string Crypt::_encrypt(const std::string& decrypted_string, bool useMachineUUID)
 {
    std::string tmp = "0000" + decrypted_string;
    uint32 sum = stdext::adler32((const uint8*)decrypted_string.c_str(), decrypted_string.size());
    stdext::writeLE32((uint8*)&tmp[0], sum);
-    std::string encrypted = base64Encode(xorCrypt(tmp, getMachineKey()));
+    std::string encrypted = base64Encode(xorCrypt(tmp, getCryptKey(useMachineUUID)));
    return encrypted;
 }

-std::string Crypt::decrypt(const std::string& encrypted_string)
+std::string Crypt::_decrypt(const std::string& encrypted_string, bool useMachineUUID)
 {
    std::string decoded = base64Decode(encrypted_string);
-    std::string tmp = xorCrypt(base64Decode(encrypted_string), getMachineKey());
+    std::string tmp = xorCrypt(base64Decode(encrypted_string), getCryptKey(useMachineUUID));
    if(tmp.length() >= 4) {
        uint32 readsum = stdext::readLE32((const uint8*)tmp.c_str());
        std::string decrypted_string = tmp.substr(4);
--- a/src/framework/util/crypt.h
+++ b/src/framework/util/crypt.h
@ -39,11 +39,11 @@ public:
    std::string base64Encode(const std::string& decoded_string);
    std::string base64Decode(const std::string& encoded_string);
    std::string xorCrypt(const std::string& buffer, const std::string& key);
+    std::string encrypt(const std::string& decrypted_string) { return _encrypt(decrypted_string, true); }
+    std::string decrypt(const std::string& encrypted_string) { return _decrypt(encrypted_string, true); }
    std::string genUUID();
-    bool setMachineUUID(const std::string& uuidstr);
+    bool setMachineUUID(std::string uuidstr);
    std::string getMachineUUID();
-    std::string encrypt(const std::string& decrypted_string);
-    std::string decrypt(const std::string& encrypted_string);
    std::string md5Encode(const std::string& decoded_string, bool upperCase);
    std::string sha1Encode(const std::string& decoded_string, bool upperCase);
    std::string sha256Encode(const std::string& decoded_string, bool upperCase);
@ -58,7 +58,9 @@ public:
    int rsaGetSize();

 private:
-    std::string getMachineKey();
+    std::string _encrypt(const std::string& decrypted_string, bool useMachineUUID);
+    std::string _decrypt(const std::string& encrypted_string, bool useMachineUUID);
+    std::string getCryptKey(bool useMachineUUID);
    boost::uuids::uuid m_machineUUID;
    RSA *m_rsa;
 };