forked from metin-server/m2dev-client-src
Reduce m2pack client hot-path overhead
This commit is contained in:
server
@@ -1,6 +1,7 @@
|
||||
#include "M2PackRuntimeKeyProvider.h"
|
||||
|
||||
#include <algorithm>
|
||||
#include <cctype>
|
||||
#include <cstring>
|
||||
#include <string>
|
||||
|
||||
@@ -18,6 +19,7 @@ constexpr const char* M2PACK_ENV_MASTER_KEY = "M2PACK_MASTER_KEY_HEX";
|
||||
constexpr const char* M2PACK_ENV_PUBLIC_KEY = "M2PACK_SIGN_PUBKEY_HEX";
|
||||
constexpr const char* M2PACK_ENV_MAP_NAME = "M2PACK_KEY_MAP";
|
||||
constexpr const char* M2PACK_ENV_KEY_ID = "M2PACK_KEY_ID";
|
||||
constexpr const char* M2PACK_ENV_STRICT_HASH = "M2PACK_STRICT_HASH";
|
||||
|
||||
#pragma pack(push, 1)
|
||||
struct M2PackSharedKeys
|
||||
@@ -38,6 +40,7 @@ struct RuntimeKeyState
|
||||
std::array<uint8_t, M2PACK_PUBLIC_KEY_SIZE> public_key {};
|
||||
bool runtime_master_key = false;
|
||||
bool runtime_public_key = false;
|
||||
bool verify_plaintext_hash = false;
|
||||
bool initialized = false;
|
||||
};
|
||||
|
||||
@@ -100,6 +103,31 @@ uint32_t ParseUInt32(const std::string& value)
|
||||
}
|
||||
}
|
||||
|
||||
bool ParseBoolFlag(std::string value, bool& out)
|
||||
{
|
||||
value.erase(std::remove_if(value.begin(), value.end(), [](unsigned char ch) {
|
||||
return std::isspace(ch) != 0;
|
||||
}), value.end());
|
||||
|
||||
std::transform(value.begin(), value.end(), value.begin(), [](unsigned char ch) {
|
||||
return static_cast<char>(std::tolower(ch));
|
||||
});
|
||||
|
||||
if (value == "1" || value == "true" || value == "yes" || value == "on")
|
||||
{
|
||||
out = true;
|
||||
return true;
|
||||
}
|
||||
|
||||
if (value == "0" || value == "false" || value == "no" || value == "off")
|
||||
{
|
||||
out = false;
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
const std::array<uint8_t, M2PACK_PUBLIC_KEY_SIZE>* FindCompiledPublicKey(uint32_t keyId)
|
||||
{
|
||||
for (std::size_t i = 0; i < M2PACK_SIGN_KEY_IDS.size(); ++i)
|
||||
@@ -191,6 +219,19 @@ void ApplyCommandLineOption(const std::string& key, const std::string& value)
|
||||
LoadFromSharedMapping(value);
|
||||
return;
|
||||
}
|
||||
|
||||
if (key == "--m2pack-strict-hash")
|
||||
{
|
||||
bool enabled = false;
|
||||
if (ParseBoolFlag(value, enabled))
|
||||
{
|
||||
g_state.verify_plaintext_hash = enabled;
|
||||
}
|
||||
else
|
||||
{
|
||||
TraceError("Invalid value for --m2pack-strict-hash");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} // namespace
|
||||
@@ -201,6 +242,9 @@ bool InitializeM2PackRuntimeKeyProvider(const char* commandLine)
|
||||
return true;
|
||||
|
||||
g_state = RuntimeKeyState {};
|
||||
#ifdef _DEBUG
|
||||
g_state.verify_plaintext_hash = true;
|
||||
#endif
|
||||
|
||||
const std::string mapName = GetEnvString(M2PACK_ENV_MAP_NAME);
|
||||
if (!mapName.empty())
|
||||
@@ -240,6 +284,16 @@ bool InitializeM2PackRuntimeKeyProvider(const char* commandLine)
|
||||
TraceError("Invalid M2PACK_SIGN_PUBKEY_HEX value");
|
||||
}
|
||||
|
||||
const std::string envStrictHash = GetEnvString(M2PACK_ENV_STRICT_HASH);
|
||||
if (!envStrictHash.empty())
|
||||
{
|
||||
bool enabled = false;
|
||||
if (ParseBoolFlag(envStrictHash, enabled))
|
||||
g_state.verify_plaintext_hash = enabled;
|
||||
else
|
||||
TraceError("Invalid M2PACK_STRICT_HASH value");
|
||||
}
|
||||
|
||||
int argc = 0;
|
||||
PCHAR* argv = CommandLineToArgv(const_cast<PCHAR>(commandLine ? commandLine : ""), &argc);
|
||||
if (argv)
|
||||
@@ -247,6 +301,31 @@ bool InitializeM2PackRuntimeKeyProvider(const char* commandLine)
|
||||
for (int i = 0; i < argc; ++i)
|
||||
{
|
||||
const std::string key = argv[i];
|
||||
if (key == "--m2pack-strict-hash")
|
||||
{
|
||||
bool enabled = true;
|
||||
if (i + 1 < argc)
|
||||
{
|
||||
const std::string next = argv[i + 1];
|
||||
if (!next.starts_with("--"))
|
||||
{
|
||||
if (!ParseBoolFlag(next, enabled))
|
||||
{
|
||||
TraceError("Invalid value for --m2pack-strict-hash");
|
||||
}
|
||||
else
|
||||
{
|
||||
g_state.verify_plaintext_hash = enabled;
|
||||
}
|
||||
++i;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
g_state.verify_plaintext_hash = enabled;
|
||||
continue;
|
||||
}
|
||||
|
||||
if ((key == "--m2pack-key-hex" || key == "--m2pack-pubkey-hex" || key == "--m2pack-key-map" || key == "--m2pack-key-id") && i + 1 < argc)
|
||||
{
|
||||
ApplyCommandLineOption(key, argv[i + 1]);
|
||||
@@ -268,6 +347,11 @@ bool InitializeM2PackRuntimeKeyProvider(const char* commandLine)
|
||||
Tracef("M2Pack runtime key provider: no runtime master key available; .m2p loading will be denied\n");
|
||||
}
|
||||
|
||||
if (g_state.verify_plaintext_hash)
|
||||
{
|
||||
Tracef("M2Pack runtime key provider: plaintext hash verification enabled\n");
|
||||
}
|
||||
|
||||
g_state.initialized = true;
|
||||
return true;
|
||||
}
|
||||
@@ -311,3 +395,8 @@ bool IsM2PackUsingRuntimePublicKey()
|
||||
{
|
||||
return g_state.runtime_public_key;
|
||||
}
|
||||
|
||||
bool ShouldVerifyM2PackPlaintextHash()
|
||||
{
|
||||
return g_state.verify_plaintext_hash;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user