Hello i'm having issue with this code, It creates record in database but the password is not correct when i try to login ingame it says wrong.
Can someone help me out how to make it working?
https://github.com/TrinityCore/old_basic-account-creator/blob/master/Trinity%20Account%20Creator/php/createAccount.php
https://github.com/TrinityCore/old_basic-account-creator/blob/master/Trinity%20Account%20Creator/php/db.php
private function calculateSRP6Verifier($username, $password, $salt)
{
$g = gmp_init(7);
$N = gmp_init('894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7', 16);
$h1 = sha1(strtoupper($username . ':' . $password), TRUE);
$h2 = sha1($salt.$h1, TRUE);
$h2 = gmp_import($h2, 1, GMP_LSW_FIRST);
$verifier = gmp_powm($g, $h2, $N);
$verifier = gmp_export($verifier, 1, GMP_LSW_FIRST);
$verifier = str_pad($verifier, 32, chr(0), STR_PAD_RIGHT);
return $verifier;
}
public function getRegistrationData($username, $password)
{
$salt = random_bytes(32);
$verifier = $this->calculateSRP6Verifier($username, $password, $salt);
return array($salt, $verifier);
}
public function close() {
$this->conn = null;
}
list($salt, $verifier) = $db->getRegistrationData($username, $password);
$accountCreateQuery = "INSERT INTO account(username, salt, verifier, email) VALUES(?, ?, ?, ?)";
$accountCreateParams = array($username, $salt, $verifier, $email);
$db->insertQuery($accountCreateQuery, $accountCreateParams);
$db->close();
Here is what i made:
Imports System.Security.Cryptography
Imports System.Numerics
Public Class SRP6
Public Shared Function CalculateSRP6Verifier(ByVal username As String, ByVal password As String, ByVal salt As Byte()) As Byte()
Dim g As BigInteger = BigInteger.Parse("7")
Dim N As BigInteger = BigInteger.Parse("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7", Globalization.NumberStyles.HexNumber)
Dim h1 As Byte() = SHA1.Create().ComputeHash(Text.Encoding.UTF8.GetBytes(username.ToUpper() & ":" & password.ToUpper()))
Dim h2 As Byte() = SHA1.Create().ComputeHash(salt.Concat(h1).ToArray())
Dim h2Int As New BigInteger(h2.Reverse().ToArray())
Dim verifier As BigInteger = BigInteger.ModPow(g, h2Int, N)
Dim verifierBytes As Byte() = verifier.ToByteArray().Reverse().ToArray()
Array.Resize(verifierBytes, 32)
Return verifierBytes
End Function
Public Shared Function ReturnResults(ByVal Username As String, ByVal Password As String)
Dim salt(31) As Byte
Using rng As New RNGCryptoServiceProvider()
rng.GetBytes(salt)
End Using
Dim verifier As Byte() = CalculateSRP6Verifier(Username, Password, salt)
Dim newSalt As Byte() = salt
Dim newVerifier As Byte() = verifier
Return verifier
End Function
Public Shared Function GetSRP6RegistrationData(username As String, password As String) As Byte()
Dim salt(31) As Byte
Using rngCsp As New RNGCryptoServiceProvider()
rngCsp.GetBytes(salt)
End Using
Dim verifier As Byte() = CalculateSRP6Verifier(username, password, salt)
Return verifier
End Function
Public Shared Function VerifySRP6Login(username As String, password As String, salt As Byte(), verifier As Byte()) As Boolean
Dim checkVerifier As Byte() = CalculateSRP6Verifier(username, password, salt)
Return verifier.SequenceEqual(checkVerifier)
End Function
End Class
Public Sub RegisterUser()
Dim conStr = "Server=" + Data.Settings.MySQLServerHost + ";Uid=" + Data.Settings.MySQLServerUser + ";Database=" + Data.Settings.AuthDatabase + ";Port=" + Data.Settings.MySQLServerPort + ";Pwd=" + Data.Settings.MySQLServerPassword + ";"
Try
Dim salt As Byte() = New Byte(31) {}
Using rng As RNGCryptoServiceProvider = RandomNumberGenerator.Create()
rng.GetBytes(salt)
End Using
Dim verifier As Byte() = SRP6.CalculateSRP6Verifier(TextAccountCreateName.Text, TextAccountPasswordCreate.Text, salt)
Dim newSalt As Byte() = salt
Dim newVerifier As Byte() = verifier
Using conn As New MySqlConnection(conStr)
Using cmd As New MySqlCommand()
cmd.Connection = conn
Select Case Data.Settings.SelectedCore
Case Cores.AzerothCore
cmd.CommandText = "INSERT INTO account (username, email, salt, verifier) VALUES (@user,@ema,@pass,@verif)"
cmd.Parameters.AddWithValue("@user", TextAccountCreateName.Text)
cmd.Parameters.AddWithValue("@ema", TextAccountEmailCreate.Text)
cmd.Parameters.AddWithValue("@verif", newVerifier)
If Data.Settings.EnableDBEncrypt And Data.Settings.DatabaseEncryption >= 1 Then
cmd.Parameters.AddWithValue("@pass", newSalt)
Else
cmd.Parameters.AddWithValue("@pass", TextAccountPasswordCreate.Text)
End If
Case Else
Exit Sub
End Select
conn.Open()
cmd.ExecuteNonQuery()
End Using
End Using
Catch ex As Exception
MsgBox(ex.Message)
End Try
End Sub