srp

package module

v1.1.0 Latest Latest Go to latest Published: Jul 1, 2024 License: MIT Imports: 4 Imported by: 4

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kangaroux/go-wow-srp6

Links

Open Source Insights

README ¶

This library implements the SRP6 protocol used in World of Warcraft. It also provides a header implementation for WotLK.

go get github.com/kangaroux/go-wow-srp6

Check out the gomaggus authd server for a reference on how this library is used (sorry, but it's 2AM and I'm too tired to write up a full example, unlucky).

SRP6 Overview

The Gtker guide provides an approachable and comprehensive look at SRP6. This library is heavily based on this guide.

SRP6 is a protocol used to authenticate users over an insecure connection. The client and server do a series of handshakes to prove they both know the password. At the end of the exchange, both parties will have a shared session key.

Prior to login, the user registers an account. The server stores the username, salt, and password verifier.

At the login screen, after the user has entered their username and password, the handshaking begins:

Client sends the username (challenge).
Server responds with the salt, the server's public key, and some parameters (challenge reply).
- gomaggus generates a fake salt if the username doesn't exist to protect against data mining, though this isn't necessary.
Client computes a proof and sends it (proof).
Server computes the same proof and compares it.
- Proofs match: auth success, the client/server now have a shared session key.
- Proofs don't match: auth failed, the client is kicked.

Both the auth and realm server will need to know the session key.

The session key is primarily used by the realm server for encryption (realmd in gomaggus, worldd in most other implementations). When the client connects to the realm server, it will send another proof that it knows the session key.

The session key should not be reused once the client disconnects from the realm server.

Headers

This library includes a header implementation for WotLK. If your server is running Vanilla or TBC you will need to use a different implementation. The Gtker guide contains all the info you will need.

The go-wow-srp6/header pkg provides the encryption/decryption for packet headers. Packet headers are encrypted once the client has authenticated with the world/realm server. An Encode function will build the header for server packets, and automatically encrypt them after Init is called.

For an example of how the header logic is used, check out the realmd server in gomaggus.

Documentation ¶

Overview ¶

Package srp implements the SRP6 protocol used in World of Warcraft.

See the README for more info: https://github.com/kangaroux/go-wow-srp6

Index ¶

Constants
func ClientChallengeProof(username string, salt, clientPublicKey, serverPublicKey, sessionKey []byte) []byte
func LargePrime() []byte
func PasswordVerifier(username, password string, salt []byte) []byte
func ReconnectProof(username string, clientData, serverData, sessionKey []byte) []byte
func ServerChallengeProof(clientPublicKey, clientProof, sessionKey []byte) []byte
func ServerPublicKey(verifier, serverPrivateKey []byte) []byte
func SessionKey(clientPublicKey, serverPublicKey, serverPrivateKey, verifier []byte) []byte
func WorldProof(username string, clientSeed, serverSeed, sessionKey []byte) []byte

Constants ¶

View Source

const (
	ProofDataSize  = 16
	ProofSize      = 20
	SaltSize       = 32
	VerifierSize   = 32
	KeySize        = 32
	LargePrimeSize = 32
	SessionKeySize = 40

	Generator = 7
)

Variables ¶

This section is empty.

Functions ¶

func ClientChallengeProof ¶

func ClientChallengeProof(
	username string,
	salt,
	clientPublicKey,
	serverPublicKey,
	sessionKey []byte,
) []byte

ClientChallengeProof returns a proof that the client should send after receiving the auth challenge. The server should compare this with the proof received by the client and verify they match. If they match, the client has proven they know the session key.

func LargePrime ¶

func LargePrime() []byte

LargePrime returns the *little endian* fixed prime.

func PasswordVerifier ¶

func PasswordVerifier(username, password string, salt []byte) []byte

PasswordVerifier returns a 32 byte array containing the verifier. The verifier is a shared secret. The server should store it and ensure it is never made public.

func ReconnectProof ¶

func ReconnectProof(username string, clientData, serverData, sessionKey []byte) []byte

ReconnectProof returns a proof that the client should send when attempting to reconnect. Like ClientChallengeProof, the server should compare this with the proof received by the client.

func ServerChallengeProof ¶

func ServerChallengeProof(clientPublicKey, clientProof, sessionKey []byte) []byte

ServerChallengeProof returns a proof that the server should send after validating the client proof. The server proof is not used when the client is reconnecting.

func ServerPublicKey ¶

func ServerPublicKey(verifier, serverPrivateKey []byte) []byte

ServerPublicKey returns a 32 byte public key. The private key should be a 32 byte array cryptographically secure random data (crypto/rand). The server should send the public key to the client in plaintext.

func SessionKey ¶

func SessionKey(clientPublicKey, serverPublicKey, serverPrivateKey, verifier []byte) []byte

SessionKey returns a 40 byte key that will be used for header encryption/decryption. The session key should never be made public.

func WorldProof ¶

func WorldProof(username string, clientSeed, serverSeed, sessionKey []byte) []byte

WorldProof returns a proof that the client should send once they have finished authenticating and want to connect to the world/realm server.

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
header
internal

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL