MayaTheShy/Starworld
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add RSA keypair generation and upload in login process; update comments on username signature requirements

Browse Source
This commit is contained in:
MayaTheShy
2025-11-16 19:45:46 -05:00
parent db3a2e2a59
commit 9a404df9d4
2 changed files with 23 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/OverteAuth.cpp
View File

@@ -354,6 +354,21 @@ bool OverteAuth::login(const std::string& username, const std::string& password,
} }
std::cout << "[OverteAuth] Successfully authenticated as " << username << std::endl; std::cout << "[OverteAuth] Successfully authenticated as " << username << std::endl;
// Generate and upload RSA keypair for signature authentication
if (!hasKeypair()) {
std::cout << "[OverteAuth] Generating RSA keypair for signature authentication..." << std::endl;
if (generateKeypair()) {
if (uploadPublicKey()) {
std::cout << "[OverteAuth] Keypair generated and uploaded successfully" << std::endl;
} else {
std::cerr << "[OverteAuth] Warning: Failed to upload public key: " << m_lastError << std::endl;
}
} else {
std::cerr << "[OverteAuth] Warning: Failed to generate keypair" << std::endl;
}
}
return true; return true;
} }

16
src/OverteClient.cpp
View File

@@ -1397,21 +1397,21 @@ void OverteClient::sendDomainConnectRequest() {
qs.writeQString(""); qs.writeQString("");
// 14. Directory services (metaverse) username (QString) // 14. Directory services (metaverse) username (QString)
// TEMPORARILY DISABLED: Sending username might require signature // NOTE: Sending a username requires a cryptographic signature (field 15) using a
// private key registered with the metaverse. Without a valid signature, the domain
// server will reject the connection. For now, we send empty string (anonymous mode).
// TODO: Implement RSA keypair generation and username signature
std::string metaverseUsername = ""; std::string metaverseUsername = "";
// if (m_auth && m_auth->isAuthenticated()) {
// metaverseUsername = m_auth->getUsername();
// std::cout << "[OverteClient] Including metaverse username: " << metaverseUsername << std::endl;
// }
qs.writeQString(metaverseUsername); qs.writeQString(metaverseUsername);
// 15. Username signature (QString) - empty (no keypair authentication yet) // 15. Username signature (QString) - empty (no keypair authentication)
// This would be AccountInfo::getUsernameSignature(connectionToken) in official client
qs.writeQString(""); qs.writeQString("");
// 16. Domain username (QString) - empty for now (domain-specific auth not yet implemented) // 16. Domain username (QString) - for domain-specific auth (separate from metaverse)
qs.writeQString(""); qs.writeQString("");
// 17. Domain access token:refreshToken (QString) - empty for now // 17. Domain access token:refreshToken (QString) - for domain OAuth
qs.writeQString(""); qs.writeQString("");
// Append payload to packet // Append payload to packet