I want to create a Legion Registration Site and now i am stuck at the Password hashing you are using.
BattlenetAccountMgr.cpp
line 175-188
std::string Battlenet::AccountMgr::CalculateShaPassHash(std::string const& name, std::string const& password)
{
SHA256Hash email;
email.UpdateData(name);
email.Finalize();
SHA256Hash sha;
sha.UpdateData(ByteArrayToHexStr(email.GetDigest(), email.GetLength()));
sha.UpdateData(":");
sha.UpdateData(password);
sha.Finalize();
return ByteArrayToHexStr(sha.GetDigest(), sha.GetLength(), true);
}
As i Understand, you first hash the email with sha256
then you rehash it with the password like email:password
i cant reproduce that in php
public function RegisterBattleNetAccount($email, $password)
{
# $GLOBALS[‘mysqli’]->query(“use {$GLOBALS[‘db_auth’]}”);
//strtoupper
$pass = hash(‘sha256’, strtoupper(hash(‘sha256’, $email)).‘:’.$password);
$pass = strtoupper($pass);
$email = strtoupper($email);
// $stmt = $GLOBALS[‘mysqli’]->prepare(“INSERT INTO battlenet_accounts (email
,sha_pass_hash
) VALUES (?, ?)”);
// $stmt->bind_param("ss", $email, $pass);
// $stmt->execute();
}
Always returns a wrong hash when i run it with details already in the databse for testing purpose.