SRP6 and WoW Authentication Process

**julienguillot** · 07-31-2017

When hashing I:P and Compute K i use lowercase. Could be the problem ?

**doityourself** · 07-31-2017

Originally Posted by julienguillot

When hashing I:P and Compute K i use lowercase. Could be the problem ?

username & pw need a .ToUpper()

**julienguillot** · 07-31-2017

And when compute K too ?

**julienguillot** · 08-02-2017

[C#] using SharpCore.Framework.DataExtensions; using System; using System.Collectio - Pastebin.com

M and M1 are not equal yet...

I really don't know what to do... Any idea ?

**julienguillot** · 08-02-2017

Hello,

Is this algorithm is applicated to Wotlk ?

Password Proof (K)

This value is generated by the client and the server as proof that they actually know the value of S. This is another value which differs from standard SRP, which justs sends SHA1(S).
Blizzard's version calculates K as follows:
Place the even bytes of S into one buffer, and the odd bytes into another.
Create a SHA-1 hash of each buffer.
Create K by combining the even bytes of the first buffer, and the odd bytes of the second.

But.. it's exaclty what i'm doing :

public void CalculateK()
{
// Generation de S = (A * v^u) ^ b % N
BigInteger p1 = ClientPublicEphemeral * BigInteger.ModPow(Verifier, Scrambler, Modulus); // (A * v^u)
byte[] ss = BigInteger.ModPow(p1, ServerPrivateEphemeral, Modulus).ToByteArray();
SessionKeyRaw = MakeBigInteger(ss);

// Generation de K
byte[] t1 = new byte[16];
byte[] t2 = new byte[16];
byte[] vK = new byte[40];

for (int i = 0; i < 16; i++)
{
t1[i] = ss[i * 2];
t2[i] = ss[i * 2 + 1];
}

t1 = sha1.ComputeHash(t1, 0, 16);
t2 = sha1.ComputeHash(t1, 0, 16);

for (int i = 0; i < 20; i++)
{
vK[i * 2] = t1[i];
vK[i * 2 + 1] = t2[i];
}

SessionKeyHash = MakeBigInteger(vK);
}

**Glusk** · 08-03-2017

Change

Code:

byte[] HI = sha1.ComputeHash(Encoding.UTF8.GetBytes(username.StringToHex())); //line 139 of the latest paste

to

Code:

byte[] HI = sha1.ComputeHash(Encoding.UTF8.GetBytes(username.toUpper()));

**julienguillot** · 08-03-2017

Hey Glusk, thank you for your answer.

I tried with .ToUpper() before set .StringToHex() but M is still not equal to M1...

**julienguillot** · 08-05-2017

Any idea ?

**doityourself** · 08-05-2017

Maybe I can help you later again, but I have other wow related stuff todo now, sorry^^

**Glusk** · 08-17-2017

Could you please upload a working BigIntegerExtensions class with all its dependencies so that I can run your code. As it is, lines 368 and 461 have compile errors:

Line 368 uses an undefined method on a byte array, ToHexString():

Code:

            return bigInt.ToUnsignedByteArray().ToHexString();

Line 461 misses a dependant class ByteExtensions:

Code:

            return ByteExtensions.GenerateHashFor(bigInt.ToCleanByteArray());

**julienguillot** · 08-21-2017

Thank you dude but i found the problem and resolved it ! M and M1 are now always the same if password is correct.

Shout-Out

User Tag List

Thread: SRP6 and WoW Authentication Process

Thread Tools

Search Thread

Similar Threads

BNET Authentication and wow login

Leaving MMOwned and WoW

Itunes and WoW

Naruto and WoW?

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino