space-wizards · PJB3005 · Sep 16, 2024 · Sep 17, 2024 · Sep 17, 2024 · Sep 17, 2024
@@ -8,6 +8,7 @@
 using Robust.Client.GameStates;
 using Robust.Client.Graphics;
 using Robust.Client.Graphics.Clyde;
+using Robust.Client.HWId;
 using Robust.Client.Input;
 using Robust.Client.Map;
 using Robust.Client.Placement;
@@ -158,6 +159,7 @@ public static void RegisterIoC(GameController.DisplayMode mode, IDependencyColle
 
             deps.Register<IXamlProxyHelper, XamlProxyHelper>();
             deps.Register<MarkupTagManager>();
+            deps.Register<IHWId, BasicHWId>();
         }
     }
 }
diff --git a/Robust.Client/Console/Commands/LauncherAuthCommand.cs b/Robust.Client/Console/Commands/LauncherAuthCommand.cs
@@ -20,8 +20,9 @@ public override void Execute(IConsoleShell shell, string argStr, string[] args)
         {
             var wantName = args.Length > 0 ? args[0] : null;
 
-            var basePath = Path.GetDirectoryName(UserDataDir.GetUserDataDir(_gameController))!;
-            var dbPath = Path.Combine(basePath, "launcher", "settings.db");
+            var basePath = UserDataDir.GetRootUserDataDir(_gameController);
+            var launcherDirName = Environment.GetEnvironmentVariable("SS14_LAUNCHER_APPDATA_NAME") ?? "launcher";
+            var dbPath = Path.Combine(basePath, launcherDirName, "settings.db");
 
 #if USE_SYSTEM_SQLITE
             SQLitePCL.raw.SetProvider(new SQLitePCL.SQLite3Provider_sqlite3());

@@ -0,0 +1,86 @@
+using System;
+using System.IO;
+using System.Security.Cryptography;
+using Microsoft.Win32;
+using Robust.Client.Utility;
+using Robust.Shared.IoC;
+using Robust.Shared.Network;
+
+namespace Robust.Client.HWId;
+
+internal sealed class BasicHWId : IHWId
+{
+    [Dependency] private readonly IGameControllerInternal _gameController = default!;
+
+    public const int LengthHwid = 32;
+
+    public byte[] GetLegacy()
+    {
+        if (OperatingSystem.IsWindows())
+            return GetWindowsHWid("Hwid");
+
+        return [];
+    }
+
+    public byte[] GetModern()
+    {
+        byte[] raw;
+
+        if (OperatingSystem.IsWindows())
+            raw = GetWindowsHWid("Hwid2");
+        else
+            raw = GetFileHWid();
+
+        return [0, ..raw];
+    }
+
+    private static byte[] GetWindowsHWid(string keyName)
+    {
+        const string keyPath = @"HKEY_CURRENT_USER\SOFTWARE\Space Wizards\Robust";
+
+        var regKey = Registry.GetValue(keyPath, keyName, null);
+        if (regKey is byte[] { Length: LengthHwid } bytes)
+            return bytes;
+
+        var newId = new byte[LengthHwid];
+        RandomNumberGenerator.Fill(newId);
+        Registry.SetValue(
+            keyPath,
+            keyName,
+            newId,
+            RegistryValueKind.Binary);
+
+        return newId;
+    }
+
+    private byte[] GetFileHWid()
+    {
+        var path = UserDataDir.GetRootUserDataDir(_gameController);
+        var hwidPath = Path.Combine(path, ".hwid");
+
+        var value = ReadHWidFile(hwidPath);
+        if (value != null)
+            return value;
+
+        value = RandomNumberGenerator.GetBytes(LengthHwid);
+        File.WriteAllBytes(hwidPath, value);
+
+        return value;
+    }
+
+    private static byte[]? ReadHWidFile(string path)
+    {
+        try
+        {
+            var value = File.ReadAllBytes(path);
+            if (value.Length == LengthHwid)
+                return value;
+        }
+        catch (FileNotFoundException)
+        {
+            // First time the file won't exist.
+        }
+
+        return null;
+    }
+}
@@ -1,14 +1,19 @@
 using System;
 using System.IO;
 using JetBrains.Annotations;
-using Robust.Shared.IoC;
 
 namespace Robust.Client.Utility
 {
     internal static class UserDataDir
     {
         [Pure]
         public static string GetUserDataDir(IGameControllerInternal gameController)
+        {
+            return Path.Combine(GetRootUserDataDir(gameController), "data");
+        }
+
+        [Pure]
+        public static string GetRootUserDataDir(IGameControllerInternal gameController)
         {
             string appDataDir;
 
@@ -30,8 +35,7 @@ public static string GetUserDataDir(IGameControllerInternal gameController)
             appDataDir = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);
 #endif
 
-            return Path.Combine(appDataDir, gameController.Options.UserDataDirectoryName, "data");
+            return Path.Combine(appDataDir, gameController.Options.UserDataDirectoryName);
         }
-
     }
 }
@@ -97,6 +97,7 @@ internal static void RegisterIoC(IDependencyCollection deps)
             deps.Register<NetworkResourceManager>();
             deps.Register<IHttpClientHolder, HttpClientHolder>();
             deps.Register<UploadedContentManager>();
+             deps.Register<IHWId, DummyHWId>();
         }
     }
 }
@@ -394,6 +394,18 @@ protected CVars()
         public static readonly CVarDef<int> NetEncryptionThreadChannelSize =
             CVarDef.Create("net.encryption_thread_channel_size", 16);
 
+        /// <summary>
+        /// Whether the server should request HWID system for client identification.
+        /// </summary>
+        /// <remarks>
+        /// <para>
+        /// Note that modern HWIDs are only available if the connection is authenticated.
+        /// </para>
+        /// </remarks>
+        public static readonly CVarDef<bool> NetHWId =
+            CVarDef.Create("net.hwid", true, CVar.SERVERONLY);
+
+
         /**
          * SUS
          */

@@ -15,6 +15,11 @@ internal interface IAuthManager
         string? Token { get; set; }
         string? PubKey { get; set; }
 
+        /// <summary>
+        /// If true, the user allows HWID information to be provided to servers.
+        /// </summary>
+        bool AllowHwid { get; set; }
+
         void LoadFromEnv();
     }
 
@@ -26,6 +31,7 @@ internal sealed class AuthManager : IAuthManager
         public string? Server { get; set; } = DefaultAuthServer;
         public string? Token { get; set; }
         public string? PubKey { get; set; }
+        public bool AllowHwid { get; set; } = true;
 
         public void LoadFromEnv()
         {
@@ -49,6 +55,11 @@ public void LoadFromEnv()
                 Token = token;
             }
 
+            if (TryGetVar("ROBUST_AUTH_ALLOW_HWID", out var allowHwid))
+            {
+                AllowHwid = allowHwid.Trim() == "1";
+            }
+
             static bool TryGetVar(string var, [NotNullWhen(true)] out string? val)
             {
                 val = Environment.GetEnvironmentVariable(var);

@@ -0,0 +1,67 @@
+using System;
+using Robust.Shared.Console;
+using Robust.Shared.IoC;
+using Robust.Shared.Utility;
+
+namespace Robust.Shared.Network;
+
+/// <summary>
+/// Fetches HWID (hardware ID) unique identifiers for the local system.
+/// </summary>
+internal interface IHWId
+{
+    /// <summary>
+    /// Gets the "legacy" HWID.
+    /// </summary>
+    /// <remarks>
+    /// These are directly sent to servers and therefore susceptible to malicious spoofing.
+    /// They should not be relied on for the future.
+    /// </remarks>
+    /// <returns>
+    /// An opaque value that gets sent to the server to identify this computer,
+    /// or an empty array if legacy HWID is not supported on this platform.
+    /// </returns>
+    byte[] GetLegacy();
+
+    /// <summary>
+    /// Gets the "modern" HWID.
+    /// </summary>
+    /// <returns>
+    /// An opaque value that gets sent to the auth server to identify this computer,
+    /// or null if modern HWID is not supported on this platform.
+    /// </returns>
+    byte[]? GetModern();
+}
+
+/// <summary>
+/// Implementation of <see cref="IHWId"/> that does nothing, always returning an empty result.
+/// </summary>
+internal sealed class DummyHWId : IHWId
+{
+    public byte[] GetLegacy()
+    {
+        return [];
+    }
+
+    public byte[] GetModern()
+    {
+        return [];
+    }
+}
+
+#if DEBUG
+internal sealed class HwidCommand : LocalizedCommands
+{
+    [Dependency] private readonly IHWId _hwId = default!;
+
+    public override string Command => "hwid";
+
+    public override void Execute(IConsoleShell shell, string argStr, string[] args)
+    {
+        shell.WriteLine($"""
+            legacy: {Convert.ToBase64String(_hwId.GetLegacy(), Base64FormattingOptions.None)}
+            modern: {Base64Helpers.ToBase64Nullable(_hwId.GetModern())}
+            """);
+    }
+}
+#endif
@@ -13,13 +13,15 @@ internal sealed class MsgEncryptionRequest : NetMessage
 
         public byte[] VerifyToken;
         public byte[] PublicKey;
+        public bool WantHwid;
 
         public override void ReadFromBuffer(NetIncomingMessage buffer, IRobustSerializer serializer)
         {
             var tokenLength = buffer.ReadVariableInt32();
             VerifyToken = buffer.ReadBytes(tokenLength);
             var keyLength = buffer.ReadVariableInt32();
             PublicKey = buffer.ReadBytes(keyLength);
+            WantHwid = buffer.ReadBoolean();
         }
 
         public override void WriteToBuffer(NetOutgoingMessage buffer, IRobustSerializer serializer)
@@ -28,6 +30,7 @@ public override void WriteToBuffer(NetOutgoingMessage buffer, IRobustSerializer
             buffer.Write(VerifyToken);
             buffer.WriteVariableInt32(PublicKey.Length);
             buffer.Write(PublicKey);
+            buffer.Write(WantHwid);
         }
     }
 }
@@ -14,19 +14,24 @@ internal sealed class MsgEncryptionResponse : NetMessage
 
         public Guid UserId;
         public byte[] SealedData;
+        public byte[] LegacyHwid;
 
         public override void ReadFromBuffer(NetIncomingMessage buffer, IRobustSerializer serializer)
         {
             UserId = buffer.ReadGuid();
             var keyLength = buffer.ReadVariableInt32();
             SealedData = buffer.ReadBytes(keyLength);
+            var legacyHwidLength = buffer.ReadVariableInt32();
+            LegacyHwid = buffer.ReadBytes(legacyHwidLength);
         }
 
         public override void WriteToBuffer(NetOutgoingMessage buffer, IRobustSerializer serializer)
         {
             buffer.Write(UserId);
             buffer.WriteVariableInt32(SealedData.Length);
             buffer.Write(SealedData);
+            buffer.WriteVariableInt32(LegacyHwid.Length);
+            buffer.Write(LegacyHwid);
         }
     }
 }
@@ -16,16 +16,13 @@ internal sealed class MsgLoginStart : NetMessage
         public override MsgGroups MsgGroup => MsgGroups.Core;
 
         public string UserName;
-        public ImmutableArray<byte> HWId;
         public bool CanAuth;
         public bool NeedPubKey;
         public bool Encrypt;
 
         public override void ReadFromBuffer(NetIncomingMessage buffer, IRobustSerializer serializer)
         {
             UserName = buffer.ReadString();
-            var length = buffer.ReadByte();
-            HWId = ImmutableArray.Create(buffer.ReadBytes(length));
             CanAuth = buffer.ReadBoolean();
             NeedPubKey = buffer.ReadBoolean();
             Encrypt = buffer.ReadBoolean();
@@ -34,8 +31,6 @@ public override void ReadFromBuffer(NetIncomingMessage buffer, IRobustSerializer
         public override void WriteToBuffer(NetOutgoingMessage buffer, IRobustSerializer serializer)
         {
             buffer.Write(UserName);
-            buffer.Write((byte) HWId.Length);
-            buffer.Write(HWId.AsSpan());
             buffer.Write(CanAuth);
             buffer.Write(NeedPubKey);
             buffer.Write(Encrypt);