- Module* sha256 = Instance->Modules->Find("m_sha256.so");
- if (Utils->ChallengeResponse && sha256 && !challenge.empty())
- {
- /* XXX: This is how HMAC is supposed to be done:
- *
- * sha256( (pass xor 0x5c) + sha256((pass xor 0x36) + m) )
- *
- * Note that we are encoding the hex hash, not the binary
- * output of the hash which is slightly different to standard.
- *
- * Don't ask me why its always 0x5c and 0x36... it just is.
- */
- std::string hmac1, hmac2;
-
- for (size_t n = 0; n < password.length(); n++)
- {
- hmac1 += static_cast<char>(password[n] ^ 0x5C);
- hmac2 += static_cast<char>(password[n] ^ 0x36);
- }
-
- hmac2 += challenge;
- HashResetRequest(Utils->Creator, sha256).Send();
- hmac2 = HashSumRequest(Utils->Creator, sha256, hmac2).Send();
-
- HashResetRequest(Utils->Creator, sha256).Send();
- std::string hmac = hmac1 + hmac2;
- hmac = HashSumRequest(Utils->Creator, sha256, hmac).Send();
+ HashProvider* sha256 = ServerInstance->Modules->FindDataService<HashProvider>("hash/sha256");
+ if (sha256 && !challenge.empty())
+ return "AUTH:" + BinToBase64(sha256->hmac(password, challenge));