PluginReceiveResult TwoWayAuthentication::OnHashedNonceAndPassword(Packet *packet)
{
SLNet::BitStream bsIn(packet->data, packet->length, false);
bsIn.IgnoreBytes(sizeof(MessageID)*2);
char remoteHashedNonceAndPw[HASHED_NONCE_AND_PW_LENGTH];
unsigned short requestId;
bsIn.Read(requestId);
SLNet::RakString passwordIdentifier;
bsIn.Read(passwordIdentifier);
bsIn.ReadAlignedBytes((unsigned char *) remoteHashedNonceAndPw,HASHED_NONCE_AND_PW_LENGTH);
// Look up used nonce from requestId
char usedNonce[TWO_WAY_AUTHENTICATION_NONCE_LENGTH];
if (nonceGenerator.GetNonceById(usedNonce, requestId, packet, true)==false)
return RR_STOP_PROCESSING_AND_DEALLOCATE;
DataStructures::HashIndex skhi = passwords.GetIndexOf(passwordIdentifier.C_String());
if (skhi.IsInvalid()==false)
{
char hashedThisNonceAndPw[HASHED_NONCE_AND_PW_LENGTH];
Hash(usedNonce, passwords.ItemAtIndex(skhi), hashedThisNonceAndPw);
if (memcmp(hashedThisNonceAndPw, remoteHashedNonceAndPw,HASHED_NONCE_AND_PW_LENGTH)==0)
{
// Pass
SLNet::BitStream bsOut;
bsOut.Write((MessageID)ID_TWO_WAY_AUTHENTICATION_OUTGOING_CHALLENGE_SUCCESS);
bsOut.WriteAlignedBytes((const unsigned char*) usedNonce,TWO_WAY_AUTHENTICATION_NONCE_LENGTH);
bsOut.WriteAlignedBytes((const unsigned char*) remoteHashedNonceAndPw,HASHED_NONCE_AND_PW_LENGTH);
bsOut.Write(passwordIdentifier);
SendUnified(&bsOut,HIGH_PRIORITY,RELIABLE_ORDERED,0,packet,false);
// Incoming success, modify packet header to tell user
PushToUser(ID_TWO_WAY_AUTHENTICATION_INCOMING_CHALLENGE_SUCCESS, passwordIdentifier, packet);
return RR_STOP_PROCESSING_AND_DEALLOCATE;
}
}
// Incoming failure, modify arrived packet header to tell user
packet->data[0]=(MessageID) ID_TWO_WAY_AUTHENTICATION_INCOMING_CHALLENGE_FAILURE;
SLNet::BitStream bsOut;
bsOut.Write((MessageID)ID_TWO_WAY_AUTHENTICATION_OUTGOING_CHALLENGE_FAILURE);
bsOut.WriteAlignedBytes((const unsigned char*) usedNonce,TWO_WAY_AUTHENTICATION_NONCE_LENGTH);
bsOut.WriteAlignedBytes((const unsigned char*) remoteHashedNonceAndPw,HASHED_NONCE_AND_PW_LENGTH);
bsOut.Write(passwordIdentifier);
SendUnified(&bsOut,HIGH_PRIORITY,RELIABLE_ORDERED,0,packet,false);
return RR_CONTINUE_PROCESSING;
}
void CloudClient::Post(CloudKey *cloudKey, const unsigned char *data, uint32_t dataLengthBytes, RakNetGUID systemIdentifier)
{
RakAssert(cloudKey);
SLNet::BitStream bsOut;
bsOut.Write((MessageID)ID_CLOUD_POST_REQUEST);
cloudKey->Serialize(true,&bsOut);
if (data==0)
dataLengthBytes=0;
bsOut.Write(dataLengthBytes);
if (dataLengthBytes>0)
bsOut.WriteAlignedBytes((const unsigned char*) data, dataLengthBytes);
SendUnified(&bsOut, HIGH_PRIORITY, RELIABLE_ORDERED, 0, systemIdentifier, false);
}
void TwoWayAuthentication::OnNonceRequest(Packet *packet)
{
SLNet::BitStream bsIn(packet->data, packet->length, false);
bsIn.IgnoreBytes(sizeof(MessageID)*2);
char nonce[TWO_WAY_AUTHENTICATION_NONCE_LENGTH];
unsigned short requestId;
nonceGenerator.GetNonce(nonce,&requestId,packet);
SLNet::BitStream bsOut;
bsOut.Write((MessageID)ID_TWO_WAY_AUTHENTICATION_NEGOTIATION);
bsOut.Write((MessageID)ID_NONCE_REPLY);
bsOut.Write(requestId);
bsOut.WriteAlignedBytes((const unsigned char*) nonce,TWO_WAY_AUTHENTICATION_NONCE_LENGTH);
SendUnified(&bsOut,HIGH_PRIORITY,RELIABLE_ORDERED,0,packet,false);
}
void TwoWayAuthentication::OnNonceReply(Packet *packet)
{
SLNet::BitStream bsIn(packet->data, packet->length, false);
bsIn.IgnoreBytes(sizeof(MessageID)*2);
char thierNonce[TWO_WAY_AUTHENTICATION_NONCE_LENGTH];
unsigned short requestId;
bsIn.Read(requestId);
bsIn.ReadAlignedBytes((unsigned char *) thierNonce,TWO_WAY_AUTHENTICATION_NONCE_LENGTH);
// Lookup one of the negotiations for this guid/system address
AddressOrGUID aog(packet);
unsigned int i;
for (i=0; i < outgoingChallenges.Size(); i++)
{
if (outgoingChallenges[i].remoteSystem==aog && outgoingChallenges[i].sentHash==false)
{
outgoingChallenges[i].sentHash=true;
// Get the password for this identifier
DataStructures::HashIndex skhi = passwords.GetIndexOf(outgoingChallenges[i].identifier.C_String());
if (skhi.IsInvalid()==false)
{
SLNet::RakString password = passwords.ItemAtIndex(skhi);
// Hash their nonce with password and reply
char hashedNonceAndPw[HASHED_NONCE_AND_PW_LENGTH];
Hash(thierNonce, password, hashedNonceAndPw);
// Send
SLNet::BitStream bsOut;
bsOut.Write((MessageID)ID_TWO_WAY_AUTHENTICATION_NEGOTIATION);
bsOut.Write((MessageID)ID_HASHED_NONCE_AND_PASSWORD);
bsOut.Write(requestId);
bsOut.Write(outgoingChallenges[i].identifier); // Identifier helps the other system lookup the password quickly.
bsOut.WriteAlignedBytes((const unsigned char*) hashedNonceAndPw,HASHED_NONCE_AND_PW_LENGTH);
SendUnified(&bsOut,HIGH_PRIORITY,RELIABLE_ORDERED,0,packet,false);
}
return;
}
}
}
