Crate wow_srp[−][src]
Expand description
An implementation of the World of Warcraft flavor of SRP6 used for authentication on the 1.12 client.
The implementation is intended to abstract away as much of the protocol as possible, and limits itself to the specific requirements of the World of Warcraft implementation. For example, all key sizes are limited to exactly 32 bytes since the network packet fields describing public keys are of a fixed size in the protocol and key sizes of any other sizes are not possible.
This crate does not deal with parsing the network packets necessary to obtain the required parameters. The WoWDev wiki (archive) contains a reference list of packets and the examples implement the required functionality.
THIS SHOULD NOT BE USED FOR ANYTHING OTHER THAN WORLD OF WARCRAFT EMULATION. THE CODE IS NOT CRYPTOGRAPHICALLY VERIFIED, HAS VERY LOW KEY SIZES BECAUSE OF PACKET REQUIREMENTS AND MOST LIKELY CONTAINS EXPLOITS.
Usage
The crate is split into a server
module, a client
module,
an error
module, and a normalized_string
module.
A server example can be found in examples/server.rs
and a client example can be found in examples/client.rs
.
These example will perform the full SRP6 protocol and reconnect.
The server will work with a 1.12 client,
using the username and password a
and a
.
The client will work not with anything else since it ignores everything
that is not absolutely necessary for SRP6.
The normalized string module is used for both the client and server
and prevents the use of non-ASCII username/password strings.
Further information can be found on the normalized_string
page.
Running the examples
- Clone the repo with
git clone https://github.com/gtker/wow_srp
. - Run the server with
cargo run --example server
inside the directory. This runs a simple authentication server that accepts the username “a” and the password “a”. Anything else panics. - Run a real client with the realmlist set to
localhost
or run the client example withcargo run --example client
.
Other implementations
Modules
client | Contains all functionality related to the client part. |
error | The various errors that can happen during the SRP6 process. |
normalized_string | Functionality for keeping strings in a format the client expects. |
server | Contains all functionality related to the server part, including the generation of values for the database. |
Structs
PublicKey | Represents a public key for both the client and server. |
Constants
GENERATOR | Called |
GENERATOR_LENGTH | The length in bytes for GENERATOR. Will always be 1, constant is provided here for clarity. |
LARGE_SAFE_PRIME_BIG_ENDIAN | Static large safe prime ( |
LARGE_SAFE_PRIME_LENGTH | The size in bytes of the large safe prime. |
LARGE_SAFE_PRIME_LITTLE_ENDIAN | Static large safe prime ( |
PASSWORD_VERIFIER_LENGTH | Password verifier size in bytes. |
PROOF_LENGTH | Length of a proof in bytes. |
PUBLIC_KEY_LENGTH | Length in bytes for both client and server public key. |
RECONNECT_CHALLENGE_DATA_LENGTH | The size of the reconnect challenge data in bytes. |
SALT_LENGTH | The salt is always 32 bytes since the client expects a 32 byte salt field and will use leading zeros in the calculation. |
SESSION_KEY_LENGTH | Size of the session key in bytes. |