Botan-3 Migration

Phatcat · Phatcat · commit efababa692de · 2025-05-29T07:23:13.000+02:00
Complete Botan-3 migration targeting:

Migrate from marked as deprecated functions
 -1363 padding needs to be done manually now
 -No serialization directly on the hasher
 -no declaration of functions with a serialization.
diff --git a/src/account/AccountService.cpp b/src/account/AccountService.cpp
@@ -46,7 +46,8 @@ AccountService::handle_session_fetch(const SessionLookup& msg, const Link& link,
 		return response;
 	}
 
-	auto key = Botan::BigInt::encode(*session);
+	std::vector<uint8_t> key((*session).bytes());
+	(*session).serialize_to(std::span<uint8_t>(key.data(), key.size()));
 
 	response.status = Status::OK;
 	response.account_id = msg.account_id();
@@ -120,4 +121,4 @@ AccountService::handle_disconnect_by_id(const DisconnectID& msg, const Link& lin
 	return std::nullopt; 
 }
 
-} // ember
+} // ember
diff --git a/src/gateway/AccountClient.cpp b/src/gateway/AccountClient.cpp
@@ -87,8 +87,8 @@ void AccountClient::handle_locate_response(std::expected<const SessionResponse*,
 		return;
 	}
 
-	auto key = Botan::BigInt::decode(msg->key()->data(), msg->key()->size());
+	auto key = Botan::BigInt::from_bytes(std::span<const std::uint8_t>(msg->key()->data(), msg->key()->size()));
 	cb(msg->status(), std::move(key));
 }
 
-} // gateway, ember
+} // gateway, ember
diff --git a/src/gateway/PacketCrypto.h b/src/gateway/PacketCrypto.h
@@ -44,7 +44,7 @@ class PacketCrypto final {
 		);
 
 		key_.resize(key.bytes(), boost::container::default_init);
-		key.binary_encode(key_.data(), key_.size());
+		key.serialize_to(std::span<uint8_t>( key_.data() + (key_.size() - key.bytes()), key.bytes() ));
 	}
 
 	inline void encrypt(auto& data) {
@@ -77,4 +77,4 @@ class PacketCrypto final {
 	}
 };
 
-} // gateway, ember
+} // gateway, ember
diff --git a/src/gateway/states/Authentication.cpp b/src/gateway/states/Authentication.cpp
@@ -164,7 +164,7 @@ void prove_session(ClientContext& ctx, const Botan::BigInt& key) {
 		key.bytes(), boost::container::default_init
 	);
 
-	key.binary_encode(k_bytes.data(), k_bytes.size());
+	key.serialize_to(std::span<uint8_t>(k_bytes.data() + (k_bytes.size() - key.bytes()), key.bytes()));
 
 	const std::uint32_t protocol_id = 0; // best guess, this is hardcoded to zero in the client
 	auto& auth_ctx = std::get<Context>(ctx.state_ctx);
diff --git a/src/libs/shared/shared/database/daos/mysql/PatchDAO.h b/src/libs/shared/shared/database/daos/mysql/PatchDAO.h
@@ -64,7 +64,8 @@ class MySQLPatchDAO final : public PatchDAO {
 
 			const auto md5 = res->getString("md5");
 			Botan::BigInt md5_int(md5.asStdString());
-			Botan::BigInt::encode_1363(meta.file_meta.md5.data(), meta.file_meta.md5.size(), md5_int);
+			std::fill(meta.file_meta.md5.begin(), meta.file_meta.md5.end(), 0);		// 1363 style padding
+			md5_int.serialize_to({ meta.file_meta.md5.data() + meta.file_meta.md5.size() - md5_int.bytes(), md5_int.bytes() });
 			patches.emplace_back(std::move(meta));
 		}
 
@@ -87,8 +88,8 @@ class MySQLPatchDAO final : public PatchDAO {
 		stmt->setBoolean(3, meta.mpq);
 		stmt->setString(4, meta.file_meta.name);
 		stmt->setUInt64(5, meta.file_meta.size);
-		auto md5 = Botan::BigInt::decode(reinterpret_cast<const std::uint8_t*>(meta.file_meta.md5.data()),
-		                                 meta.file_meta.md5.size());
+		auto md5 = Botan::BigInt::from_bytes(std::span<const uint8_t>(reinterpret_cast<const std::uint8_t*>(
+                                                     meta.file_meta.md5.data()), meta.file_meta.md5.size()));
 
 		stmt->setString(6, md5.to_hex_string());
 		stmt->setUInt(7, meta.locale_id);
diff --git a/src/libs/srp6/src/Client.cpp b/src/libs/srp6/src/Client.cpp
@@ -23,7 +23,7 @@ Client::Client(std::string identifier, std::string password, Generator gen, std:
 	: Client(std::move(identifier),
 	         std::move(password),
 	         gen,
-             BigInt::decode((AutoSeeded_RNG()).random_vec(key_size)) % gen.prime(),
+             BigInt::from_bytes(std::span<const uint8_t>{ (AutoSeeded_RNG().random_vec(key_size)).data(), key_size }) % gen.prime(),
 	         srp6a) { }
 
 Client::Client(std::string identifier, std::string password, Generator gen, BigInt a, bool srp6a)
@@ -64,7 +64,7 @@ SessionKey Client::session_key(const BigInt& B, std::span<const std::uint8_t> sa
 		return SessionKey(detail::interleaved_hash(detail::encode_flip_1363(S, N.bytes())));
 	} else {
 		KeyType key(S.bytes(), boost::container::default_init);
-		S.binary_encode(key.data(), key.size());
+		S.serialize_to(std::span<uint8_t>(key.data(), key.size()));
 		return SessionKey(key);
 	}
 }
@@ -74,4 +74,4 @@ BigInt Client::generate_proof(const SessionKey& key, const Botan::BigInt& B,
 	return generate_client_proof(identifier_, key, gen_.prime(), gen_.generator(), A_, B, salt);
 }
 
-} // srp6, ember
+} // srp6, ember
diff --git a/src/libs/srp6/src/Server.cpp b/src/libs/srp6/src/Server.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014 - 2024 Ember
+ * Copyright (c) 2014 - 2025 Ember
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -48,7 +48,7 @@ SessionKey Server::session_key(const BigInt& A, Compliance mode, bool interleave
 		return SessionKey(detail::interleaved_hash(detail::encode_flip_1363(S, N_.bytes())));
 	} else {
 		KeyType key(N_.bytes(), boost::container::default_init);
-		S.binary_encode(key.data(), key.size());
+		S.serialize_to(std::span<uint8_t>(key.data(), key.size()));
 		return SessionKey(key);
 	}
 }
@@ -58,4 +58,4 @@ BigInt Server::generate_proof(const SessionKey& key, const Botan::BigInt& A,
 	return generate_server_proof(A, client_proof, key, N_.bytes());
 }
 
-} // srp6, ember
+} // srp6, ember
diff --git a/src/libs/srp6/src/Util.cpp b/src/libs/srp6/src/Util.cpp
@@ -21,19 +21,20 @@ namespace detail {
 
 Botan::BigInt decode_flip(std::span<std::uint8_t> val) {
 	std::ranges::reverse(val);
-	return Botan::BigInt::decode(val.data(), val.size());
+	return Botan::BigInt::from_bytes(std::span<const uint8_t>(val.data(), val.size()));
 }
 
 SmallVec encode_flip(const Botan::BigInt& val) {
 	SmallVec res(val.bytes(), boost::container::default_init);
-	val.binary_encode(res.data(), res.size());
+	val.serialize_to(std::span<uint8_t>(res.data(), res.size()));
 	std::ranges::reverse(res);
 	return res;
 }
 
 SmallVec encode_flip_1363(const Botan::BigInt& val, std::size_t padding) {
 	SmallVec res(padding, boost::container::default_init);
-	Botan::BigInt::encode_1363(res.data(), res.size(), val);
+	std::fill(res.begin(), res.end(), 0); // 1363 style padding
+	val.serialize_to({ res.data() + res.size() - val.bytes(), val.bytes() });
 	std::ranges::reverse(res);
 	return res;
 }
@@ -69,15 +70,15 @@ Botan::BigInt scrambler(const Botan::BigInt& A, const Botan::BigInt& B, std::siz
 	auto hasher = Botan::HashFunction::create_or_throw("SHA-1");
 	BOOST_ASSERT_MSG(SHA1_LEN == hasher->output_length(), "Bad hash length");
 	std::array<std::uint8_t, SHA1_LEN> hash_out;
-	SmallVec vec(padding, boost::container::default_init);
+	SmallVec vec(padding, 0); // 1363 style padding
 
 	if(mode == Compliance::RFC5054) {
-		Botan::BigInt::encode_1363(vec.data(), vec.size(), A);
+		A.serialize_to(std::span<uint8_t>(vec.data(), vec.size()));
 		hasher->update(vec.data(), vec.size());
-		Botan::BigInt::encode_1363(vec.data(), vec.size(), B);
+		B.serialize_to(std::span<uint8_t>(vec.data(), vec.size()));
 		hasher->update(vec.data(), vec.size());
 		hasher->final(hash_out.data());
-		return Botan::BigInt::decode(hash_out.data(), hash_out.size());
+		return Botan::BigInt::from_bytes(std::span<const uint8_t>(hash_out.data(), hash_out.size()));
 	} else {
 		const auto& a_enc = encode_flip_1363(A, padding);
 		const auto& b_enc = encode_flip_1363(B, padding);
@@ -93,10 +94,14 @@ Botan::BigInt compute_k(const Botan::BigInt& g, const Botan::BigInt& N) {
 	std::array<std::uint8_t, SHA1_LEN> hash;
 	auto hasher = Botan::HashFunction::create_or_throw("SHA-1");
 	BOOST_ASSERT_MSG(SHA1_LEN == hasher->output_length(), "Bad hash length");
-	hasher->update(Botan::BigInt::encode(N));
-	hasher->update(Botan::BigInt::encode_1363(g, N.bytes()));
+	std::vector<uint8_t> n_buf(N.bytes(), 0);		// 1363 style padding
+	N.serialize_to({ n_buf.data() + n_buf.size() - N.bytes(), N.bytes() });
+	std::vector<uint8_t> g_buf(N.bytes(), 0);		// 1363 style padding
+	g.serialize_to({ g_buf.data() + g_buf.size() - g.bytes(), g.bytes() });
+	hasher->update(n_buf.data(), n_buf.size());
+	hasher->update(g_buf.data(), g_buf.size());
 	hasher->final(hash.data());
-	return Botan::BigInt::decode(hash.data(), hash.size());
+	return Botan::BigInt::from_bytes(std::span<const uint8_t>(hash.data(), hash.size()));
 }
 
 Botan::BigInt compute_x(std::string_view identifier, std::string_view password,
@@ -123,7 +128,7 @@ Botan::BigInt compute_x(std::string_view identifier, std::string_view password,
 	hasher->final(hash.data());
 
 	if(mode == Compliance::RFC5054) {
-		return Botan::BigInt::decode(hash.data(), hash.size());
+		return Botan::BigInt::from_bytes(std::span<const uint8_t>(hash.data(), hash.size()));
 	} else {
 		return detail::decode_flip(hash);
 	}
@@ -194,4 +199,4 @@ Botan::BigInt generate_verifier(std::string_view identifier, std::string_view pa
 	return detail::generate(identifier, password, generator, salt, mode);
 }
 
-} // srp6, ember
+} // srp6, ember
diff --git a/src/login/AccountClient.cpp b/src/login/AccountClient.cpp
@@ -90,8 +90,8 @@ void AccountClient::handle_locate_response(std::expected<const SessionResponse*,
 		return;
 	}
 
-	auto key = Botan::BigInt::decode(msg->key()->data(), msg->key()->size());
+	auto key = Botan::BigInt::from_bytes(std::span<const std::uint8_t>(msg->key()->data(), msg->key()->size()));
 	cb(msg->status(), std::move(key));
 }
 
-} // ember
+} // ember
diff --git a/src/login/Authenticator.cpp b/src/login/Authenticator.cpp
@@ -53,7 +53,7 @@ ReconnectAuthenticator::ReconnectAuthenticator(utf8_string username,
 	: username_(std::move(username)) {
 	std::ranges::copy(salt, salt_.data());
 	sess_key_.t.resize(session_key.bytes());
-	session_key.binary_encode(sess_key_.t.data(), sess_key_.t.size());
+	session_key.serialize_to(std::span<uint8_t>(sess_key_.t.data() + (sess_key_.t.size() - session_key.bytes()), session_key.bytes()));
 }
 
 bool ReconnectAuthenticator::proof_check(std::span<const std::uint8_t> salt,
@@ -69,4 +69,4 @@ bool ReconnectAuthenticator::proof_check(std::span<const std::uint8_t> salt,
 	return std::ranges::equal(res, proof);
 }
 
-} // ember
+} // ember
diff --git a/src/login/LoginHandler.cpp b/src/login/LoginHandler.cpp
@@ -360,7 +360,7 @@ bool LoginHandler::validate_client_integrity(std::span<const std::uint8_t> hash,
 		salt.bytes(), boost::container::default_init
 	);
 
-	salt.binary_encode(bytes.data(), bytes.size());
+	salt.serialize_to(std::span<uint8_t>(bytes.data(), salt.bytes()));
 	std::ranges::reverse(bytes);
 	return validate_client_integrity(hash, bytes, reconnect);
 }
diff --git a/src/login/grunt/client/LoginProof.h b/src/login/grunt/client/LoginProof.h
@@ -166,11 +166,13 @@ class LoginProof final : public Packet {
 		stream << opcode;
 
 		std::array<std::uint8_t, A_LENGTH> a_bytes;
-		Botan::BigInt::encode_1363(a_bytes.data(), a_bytes.size(), A);
+		std::fill(a_bytes.begin(), a_bytes.end(), 0); // 1363 style padding
+		A.serialize_to({ a_bytes.data() + a_bytes.size() - A.bytes(), A.bytes() });
 		stream.put(a_bytes.rbegin(), a_bytes.rend());
 
 		std::array<std::uint8_t, M1_LENGTH> m1_bytes;
-		Botan::BigInt::encode_1363(m1_bytes.data(), m1_bytes.size(), M1);
+		std::fill(m1_bytes.begin(), m1_bytes.end(), 0); // 1363 style padding
+		M1.serialize_to({ m1_bytes.data() + m1_bytes.size() - M1.bytes(), M1.bytes() });
 		stream.put(m1_bytes.rbegin(), m1_bytes.rend());
 
 		stream.put(client_checksum.data(), client_checksum.size());
@@ -193,4 +195,4 @@ class LoginProof final : public Packet {
 	}
 };
 
-} // client, grunt, ember
+} // client, grunt, ember
diff --git a/src/login/grunt/server/LoginChallenge.h b/src/login/grunt/server/LoginChallenge.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015 - 2024 Ember
+ * Copyright (c) 2015 - 2025 Ember
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -132,19 +132,22 @@ class LoginChallenge final : public Packet {
 		}
 		
 		std::array<std::uint8_t, PUB_KEY_LENGTH> bytes{};
-		Botan::BigInt::encode_1363(bytes.data(), bytes.size(), B);
+		std::fill(bytes.begin(), bytes.end(), 0); // 1363 style padding
+		B.serialize_to({ bytes.data() + (bytes.size() - B.bytes()), B.bytes() });
 		stream.put(bytes.rbegin(), bytes.rend());
 
 		stream << g_len;
 		stream << g;
 		stream << n_len;
 
 		static_assert(bytes.size() == PRIME_LENGTH);
-		Botan::BigInt::encode_1363(bytes.data(), bytes.size(), N);
+		std::fill(bytes.begin(), bytes.end(), 0); // 1363 style padding
+		N.serialize_to({ bytes.data() + (bytes.size() - N.bytes()), N.bytes() });
 		stream.put(bytes.rbegin(), bytes.rend());
 
 		static_assert(bytes.size() == SALT_LENGTH);
-		Botan::BigInt::encode_1363(bytes.data(), bytes.size(), s);
+		std::fill(bytes.begin(), bytes.end(), 0); // 1363 style padding
+		s.serialize_to({ bytes.data() + (bytes.size() - s.bytes()), s.bytes() });
 		stream.put(bytes.rbegin(), bytes.rend());
 
 		stream.put(checksum_salt.data(), checksum_salt.size());
@@ -157,4 +160,4 @@ class LoginChallenge final : public Packet {
 	}
 };
 
-} // server, grunt, ember
+} // server, grunt, ember
diff --git a/src/login/grunt/server/LoginProof.h b/src/login/grunt/server/LoginProof.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015 - 2024 Ember
+ * Copyright (c) 2015 - 2025 Ember
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -93,11 +93,12 @@ class LoginProof final : public Packet {
 		}
 
 		std::array<std::uint8_t, PROOF_LENGTH> bytes{};
-		Botan::BigInt::encode_1363(bytes.data(), bytes.size(), M2);
+		std::fill(bytes.begin(), bytes.end(), 0); // 1363 style padding
+		M2.serialize_to({ bytes.data() + (bytes.size() - M2.bytes()), M2.bytes() });
 		stream.put(bytes.rbegin(), bytes.rend());
 		stream << survey_id;
 	
 	}
 };
 
-} // server, grunt, ember
+} // server, grunt, ember
diff --git a/src/tools/srpgen/main.cpp b/src/tools/srpgen/main.cpp
@@ -84,7 +84,7 @@ void launch(const po::variables_map& args) {
 
 void plaintext_output(std::string_view username, const Botan::BigInt& verifier, std::span<std::uint8_t> salt) {
 	std::cout << "Username: " << username << "\n";
-	std::cout << "Verifier: " << "0x" << std::hex << verifier << "\n";
+	std::cout << "Verifier: " << "0x" << verifier.to_hex_string() << "\n";
 	std::cout << "Salt: ";
 
 	for(auto byte : salt) {
@@ -94,7 +94,7 @@ void plaintext_output(std::string_view username, const Botan::BigInt& verifier,
 
 void json_output(std::string_view username, const Botan::BigInt& verifier, std::span<std::uint8_t> salt) {
 	const auto vstr = std::format("0x{}", verifier.to_hex_string());
-	const auto saltdec = Botan::BigInt::decode(salt.data(), salt.size());
+	const auto saltdec = Botan::BigInt::from_bytes(std::span<const uint8_t>(salt.data(), salt.size()));
 	const auto sstr = std::format("0x{}",  saltdec.to_hex_string());
 
 	json data;
@@ -123,4 +123,4 @@ po::variables_map parse_arguments(const int argc, const char* argv[]) {
 	po::notify(options);
 
 	return options;
-}
+}
diff --git a/tests/MPQ.cpp b/tests/MPQ.cpp
diff --git a/tests/SRP6.cpp b/tests/SRP6.cpp

Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,8 @@ AccountService::handle_session_fetch(const SessionLookup& msg, const Link& link,`
`46`	`46`	`return response;`
`47`	`47`	`}`
`48`	`48`
`49`		`- auto key = Botan::BigInt::encode(*session);`
	`49`	`+ std::vector<uint8_t> key((*session).bytes());`
	`50`	`+ (*session).serialize_to(std::span<uint8_t>(key.data(), key.size()));`
`50`	`51`
`51`	`52`	`response.status = Status::OK;`
`52`	`53`	`response.account_id = msg.account_id();`
`@@ -120,4 +121,4 @@ AccountService::handle_disconnect_by_id(const DisconnectID& msg, const Link& lin`
`120`	`121`	`return std::nullopt;`
`121`	`122`	`}`
`122`	`123`
`123`		`-} // ember`
	`124`	`+} // ember`
Original file line number	Diff line number	Diff line change
`@@ -87,8 +87,8 @@ void AccountClient::handle_locate_response(std::expected<const SessionResponse*,`
`87`	`87`	`return;`
`88`	`88`	`}`
`89`	`89`
`90`		`- auto key = Botan::BigInt::decode(msg->key()->data(), msg->key()->size());`
	`90`	`+ auto key = Botan::BigInt::from_bytes(std::span<const std::uint8_t>(msg->key()->data(), msg->key()->size()));`
`91`	`91`	`cb(msg->status(), std::move(key));`
`92`	`92`	`}`
`93`	`93`
`94`		`-} // gateway, ember`
	`94`	`+} // gateway, ember`
Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ class PacketCrypto final {`
`44`	`44`	`);`
`45`	`45`
`46`	`46`	`key_.resize(key.bytes(), boost::container::default_init);`
`47`		`- key.binary_encode(key_.data(), key_.size());`
	`47`	`+ key.serialize_to(std::span<uint8_t>( key_.data() + (key_.size() - key.bytes()), key.bytes() ));`
`48`	`48`	`}`
`49`	`49`
`50`	`50`	`inline void encrypt(auto& data) {`
`@@ -77,4 +77,4 @@ class PacketCrypto final {`
`77`	`77`	`}`
`78`	`78`	`};`
`79`	`79`
`80`		`-} // gateway, ember`
	`80`	`+} // gateway, ember`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`/*`
`2`		`- * Copyright (c) 2014 - 2024 Ember`
	`2`	`+ * Copyright (c) 2014 - 2025 Ember`
`3`	`3`	`*`
`4`	`4`	`* This Source Code Form is subject to the terms of the Mozilla Public`
`5`	`5`	`* License, v. 2.0. If a copy of the MPL was not distributed with this`
`@@ -48,7 +48,7 @@ SessionKey Server::session_key(const BigInt& A, Compliance mode, bool interleave`
`48`	`48`	`return SessionKey(detail::interleaved_hash(detail::encode_flip_1363(S, N_.bytes())));`
`49`	`49`	`} else {`
`50`	`50`	`KeyType key(N_.bytes(), boost::container::default_init);`
`51`		`- S.binary_encode(key.data(), key.size());`
	`51`	`+ S.serialize_to(std::span<uint8_t>(key.data(), key.size()));`
`52`	`52`	`return SessionKey(key);`
`53`	`53`	`}`
`54`	`54`	`}`
`@@ -58,4 +58,4 @@ BigInt Server::generate_proof(const SessionKey& key, const Botan::BigInt& A,`
`58`	`58`	`return generate_server_proof(A, client_proof, key, N_.bytes());`
`59`	`59`	`}`
`60`	`60`
`61`		`-} // srp6, ember`
	`61`	`+} // srp6, ember`
Original file line number	Diff line number	Diff line change
`@@ -90,8 +90,8 @@ void AccountClient::handle_locate_response(std::expected<const SessionResponse*,`
`90`	`90`	`return;`
`91`	`91`	`}`
`92`	`92`
`93`		`- auto key = Botan::BigInt::decode(msg->key()->data(), msg->key()->size());`
	`93`	`+ auto key = Botan::BigInt::from_bytes(std::span<const std::uint8_t>(msg->key()->data(), msg->key()->size()));`
`94`	`94`	`cb(msg->status(), std::move(key));`
`95`	`95`	`}`
`96`	`96`
`97`		`-} // ember`
	`97`	`+} // ember`
Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ ReconnectAuthenticator::ReconnectAuthenticator(utf8_string username,`
`53`	`53`	`: username_(std::move(username)) {`
`54`	`54`	`std::ranges::copy(salt, salt_.data());`
`55`	`55`	`sess_key_.t.resize(session_key.bytes());`
`56`		`- session_key.binary_encode(sess_key_.t.data(), sess_key_.t.size());`
	`56`	`+ session_key.serialize_to(std::span<uint8_t>(sess_key_.t.data() + (sess_key_.t.size() - session_key.bytes()), session_key.bytes()));`
`57`	`57`	`}`
`58`	`58`
`59`	`59`	`bool ReconnectAuthenticator::proof_check(std::span<const std::uint8_t> salt,`
`@@ -69,4 +69,4 @@ bool ReconnectAuthenticator::proof_check(std::span<const std::uint8_t> salt,`
`69`	`69`	`return std::ranges::equal(res, proof);`
`70`	`70`	`}`
`71`	`71`
`72`		`-} // ember`
	`72`	`+} // ember`