Improve encrypt/decrypt algorithms

modules/client/client.lua

@@ -89,9 +89,7 @@ function init()
 
   -- generate machine uuid, this is a security measure for storing passwords
   if not g_crypt.setMachineUUID(g_configs.get('uuid')) then
-    local uuid = g_crypt.genUUID()
-    g_crypt.setMachineUUID(uuid)
-    g_configs.set('uuid', uuid)
+    g_configs.set('uuid', g_crypt.getMachineUUID())
     g_configs.save()
   end
 

modules/game_interface/gameinterface.lua

@@ -553,7 +553,7 @@ function processMouseAction(menuPosition, mouseButton, autoWalkPos, lookThing, u
   player:stopAutoWalk()
 
   if autoWalkPos and keyboardModifiers == KeyboardNoModifier and mouseButton == MouseLeftButton then
-    player.onAutoWalkFail = function() modules.game_textmessage.displayStatusMessage(tr('There is no way.')) end
+    player.onAutoWalkFail = function() modules.game_textmessage.displayFailureMessage(tr('There is no way.')) end
     player:autoWalk(autoWalkPos)
     return true
   end

modules/game_minimap/minimap.lua

@@ -387,7 +387,7 @@ end
 function minimapAutoWalk(pos)
   local player = g_game.getLocalPlayer()
   if not player:autoWalk(pos) then
-    modules.game_textmessage.displayStatusMessage(tr('There is no way.'))
+    player.onAutoWalkFail = function() modules.game_textmessage.displayFailureMessage(tr('There is no way.')) end
     return false
   else
     return true

src/framework/util/crypt.cpp

@@ -25,6 +25,7 @@
 #include <framework/core/logger.h>
 #include <framework/core/resourcemanager.h>
 #include <framework/platform/platform.h>
+#include <framework/core/application.h>
 
 #include <boost/uuid/uuid_generators.hpp>
 #include <boost/uuid/uuid_io.hpp>
@@ -158,46 +159,57 @@ std::string Crypt::genUUID()
     return boost::uuids::to_string(u);
 }
 
-bool Crypt::setMachineUUID(const std::string& uuidstr)
+bool Crypt::setMachineUUID(std::string uuidstr)
 {
     if(uuidstr.empty())
         return false;
-    std::stringstream ss;
-    ss << uuidstr;
-    ss >> m_machineUUID;
-    return !m_machineUUID.is_nil();
+    uuidstr = _decrypt(uuidstr, false);
+    if(uuidstr.length() != 16)
+        return false;
+    std::copy(uuidstr.begin(), uuidstr.end(), m_machineUUID.begin());
+    return true;
 }
 
 std::string Crypt::getMachineUUID()
 {
-    return boost::uuids::to_string(m_machineUUID);
+    if(m_machineUUID.is_nil()) {
+        boost::uuids::random_generator gen;
+        m_machineUUID = gen();
+    }
+    return _encrypt(std::string(m_machineUUID.begin(), m_machineUUID.end()), false);
 }
 
-std::string Crypt::getMachineKey()
+std::string Crypt::getCryptKey(bool useMachineUUID)
 {
     boost::hash<boost::uuids::uuid> uuid_hasher;
-
-    boost::uuids::name_generator gen(m_machineUUID);
-    boost::uuids::uuid u = gen(g_platform.getCPUName() + g_platform.getOSName() + g_resources.getUserDir());
+    boost::uuids::uuid uuid;
+    if(useMachineUUID) {
+        uuid = m_machineUUID;
+    } else {
+        boost::uuids::nil_generator nilgen;
+        uuid = nilgen();
+    }
+    boost::uuids::name_generator namegen(uuid);
+    boost::uuids::uuid u = namegen(g_app.getCompactName() + g_platform.getCPUName() + g_platform.getOSName() + g_resources.getUserDir());
     std::size_t hash = uuid_hasher(u);
     std::string key;
     key.assign((const char *)&hash, sizeof(hash));
     return key;
 }
 
-std::string Crypt::encrypt(const std::string& decrypted_string)
+std::string Crypt::_encrypt(const std::string& decrypted_string, bool useMachineUUID)
 {
     std::string tmp = "0000" + decrypted_string;
     uint32 sum = stdext::adler32((const uint8*)decrypted_string.c_str(), decrypted_string.size());
     stdext::writeLE32((uint8*)&tmp[0], sum);
-    std::string encrypted = base64Encode(xorCrypt(tmp, getMachineKey()));
+    std::string encrypted = base64Encode(xorCrypt(tmp, getCryptKey(useMachineUUID)));
     return encrypted;
 }
 
-std::string Crypt::decrypt(const std::string& encrypted_string)
+std::string Crypt::_decrypt(const std::string& encrypted_string, bool useMachineUUID)
 {
     std::string decoded = base64Decode(encrypted_string);
-    std::string tmp = xorCrypt(base64Decode(encrypted_string), getMachineKey());
+    std::string tmp = xorCrypt(base64Decode(encrypted_string), getCryptKey(useMachineUUID));
     if(tmp.length() >= 4) {
         uint32 readsum = stdext::readLE32((const uint8*)tmp.c_str());
         std::string decrypted_string = tmp.substr(4);

src/framework/util/crypt.h

@@ -39,11 +39,11 @@ public:
     std::string base64Encode(const std::string& decoded_string);
     std::string base64Decode(const std::string& encoded_string);
     std::string xorCrypt(const std::string& buffer, const std::string& key);
+    std::string encrypt(const std::string& decrypted_string) { return _encrypt(decrypted_string, true); }
+    std::string decrypt(const std::string& encrypted_string) { return _decrypt(encrypted_string, true); }
     std::string genUUID();
-    bool setMachineUUID(const std::string& uuidstr);
+    bool setMachineUUID(std::string uuidstr);
     std::string getMachineUUID();
-    std::string encrypt(const std::string& decrypted_string);
-    std::string decrypt(const std::string& encrypted_string);
     std::string md5Encode(const std::string& decoded_string, bool upperCase);
     std::string sha1Encode(const std::string& decoded_string, bool upperCase);
     std::string sha256Encode(const std::string& decoded_string, bool upperCase);
@@ -58,7 +58,9 @@ public:
     int rsaGetSize();
 
 private:
-    std::string getMachineKey();
+    std::string _encrypt(const std::string& decrypted_string, bool useMachineUUID);
+    std::string _decrypt(const std::string& encrypted_string, bool useMachineUUID);
+    std::string getCryptKey(bool useMachineUUID);
     boost::uuids::uuid m_machineUUID;
     RSA *m_rsa;
 };