Skip to content

Commit 9f93008

Browse files
ELF-NigelELF-Nigel
committed
Add debug signature verification dump
1 parent 5449f47 commit 9f93008

1 file changed

Lines changed: 50 additions & 0 deletions

File tree

auth.cpp

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2332,17 +2332,46 @@ void KeyAuth::api::reset_lockout(lockout_state& state)
23322332

23332333
int VerifyPayload(std::string signature, std::string timestamp, std::string body)
23342334
{
2335+
#if defined(_DEBUG)
2336+
auto dump_sig_debug = [&](const char* reason) {
2337+
char temp_path[MAX_PATH] = {};
2338+
char log_path[MAX_PATH] = {};
2339+
if (GetTempPathA(MAX_PATH, temp_path) == 0) {
2340+
strcpy_s(temp_path, ".\\");
2341+
}
2342+
sprintf_s(log_path, "%skeyauth_sig_debug.log", temp_path);
2343+
std::ofstream dbg(log_path, std::ios::out | std::ios::app);
2344+
if (!dbg.is_open()) {
2345+
return;
2346+
}
2347+
dbg << "reason=" << (reason ? reason : "unknown") << "\n";
2348+
dbg << "timestamp=" << timestamp << "\n";
2349+
dbg << "signature_len=" << signature.size() << "\n";
2350+
dbg << "signature=" << signature << "\n";
2351+
dbg << "body_len=" << body.size() << "\n";
2352+
dbg << "body=" << body << "\n";
2353+
dbg << "pubkey=" << get_public_key_hex() << "\n";
2354+
dbg << "----\n";
2355+
};
2356+
#endif
2357+
23352358
// disabled prologue checks. -nigel
23362359
// if (!prologues_ok()) {
23372360
// error(XorStr("function prologue check failed, possible inline hook detected."));
23382361
// }
23392362
integrity_check();
23402363
if (timestamp.size() < 10 || timestamp.size() > 13) {
2364+
#if defined(_DEBUG)
2365+
dump_sig_debug("timestamp_length");
2366+
#endif
23412367
MessageBoxA(0, "Signature verification failed (timestamp length)", "KeyAuth", MB_ICONERROR);
23422368
exit(2);
23432369
}
23442370
for (char c : timestamp) {
23452371
if (c < '0' || c > '9') {
2372+
#if defined(_DEBUG)
2373+
dump_sig_debug("timestamp_format");
2374+
#endif
23462375
MessageBoxA(0, "Signature verification failed (timestamp format)", "KeyAuth", MB_ICONERROR);
23472376
exit(2);
23482377
}
@@ -2353,6 +2382,9 @@ int VerifyPayload(std::string signature, std::string timestamp, std::string body
23532382
}
23542383
catch (...) {
23552384
std::cerr << "[ERROR] Invalid timestamp format\n";
2385+
#if defined(_DEBUG)
2386+
dump_sig_debug("invalid_timestamp");
2387+
#endif
23562388
MessageBoxA(0, "Signature verification failed (invalid timestamp)", "KeyAuth", MB_ICONERROR);
23572389
exit(2);
23582390
}
@@ -2365,12 +2397,18 @@ int VerifyPayload(std::string signature, std::string timestamp, std::string body
23652397
if (diff > 120) {
23662398
std::cerr << "[ERROR] Timestamp too skewed (diff = "
23672399
<< diff << "s)\n";
2400+
#if defined(_DEBUG)
2401+
dump_sig_debug("timestamp_skew");
2402+
#endif
23682403
MessageBoxA(0, "Signature verification failed (timestamp skew)", "KeyAuth", MB_ICONERROR);
23692404
exit(3);
23702405
}
23712406

23722407
if (sodium_init() < 0) {
23732408
std::cerr << "[ERROR] Failed to initialize libsodium\n";
2409+
#if defined(_DEBUG)
2410+
dump_sig_debug("libsodium_init");
2411+
#endif
23742412
MessageBoxA(0, "Signature verification failed (libsodium init)", "KeyAuth", MB_ICONERROR);
23752413
exit(4);
23762414
}
@@ -2381,18 +2419,27 @@ int VerifyPayload(std::string signature, std::string timestamp, std::string body
23812419
unsigned char pk[32];
23822420

23832421
if (signature.size() != 128) {
2422+
#if defined(_DEBUG)
2423+
dump_sig_debug("signature_length");
2424+
#endif
23842425
MessageBoxA(0, "Signature verification failed (sig length)", "KeyAuth", MB_ICONERROR);
23852426
exit(5);
23862427
}
23872428
if (sodium_hex2bin(sig, sizeof(sig), signature.c_str(), signature.length(), NULL, NULL, NULL) != 0) {
23882429
std::cerr << "[ERROR] Failed to parse signature hex.\n";
2430+
#if defined(_DEBUG)
2431+
dump_sig_debug("signature_hex_parse");
2432+
#endif
23892433
MessageBoxA(0, "Signature verification failed (invalid signature format)", "KeyAuth", MB_ICONERROR);
23902434
exit(5);
23912435
}
23922436

23932437
const std::string pubkey_hex = get_public_key_hex();
23942438
if (sodium_hex2bin(pk, sizeof(pk), pubkey_hex.c_str(), pubkey_hex.length(), NULL, NULL, NULL) != 0) {
23952439
std::cerr << "[ERROR] Failed to parse public key hex.\n";
2440+
#if defined(_DEBUG)
2441+
dump_sig_debug("public_key_parse");
2442+
#endif
23962443
MessageBoxA(0, "Signature verification failed (invalid public key)", "KeyAuth", MB_ICONERROR);
23972444
exit(6);
23982445
}
@@ -2409,6 +2456,9 @@ int VerifyPayload(std::string signature, std::string timestamp, std::string body
24092456
pk) != 0)
24102457
{
24112458
std::cerr << "[ERROR] Signature verification failed.\n";
2459+
#if defined(_DEBUG)
2460+
dump_sig_debug("invalid_signature");
2461+
#endif
24122462
MessageBoxA(0, "Signature verification failed (invalid signature)", "KeyAuth", MB_ICONERROR);
24132463
exit(7);
24142464
}

0 commit comments

Comments
 (0)