CMD AUTH LOGON PROOF Client: Difference between revisions
(Add example packets) |
Barncastle (talk | contribs) m (→Packet Layout) |
||
Line 19: | Line 19: | ||
| 0x35 || 20 / Little || uint8[20] || crc_hash || Hash of arbitrary files. Can be safely ignored. | | 0x35 || 20 / Little || uint8[20] || crc_hash || Hash of arbitrary files. Can be safely ignored. | ||
|- | |- | ||
| 0x49 || 1 / - || uint8 || num_keys || Used for | | 0x49 || 1 / - || uint8 || num_keys || Used for {{Template:Unverified|CD Key related}} telemetry. Used when <tt>base.MPQ</tt> contains a <tt>telemetry.dat</tt> file.<br>Can be expected to always be 0. See the table below for when it is not 0. | ||
|- | |- | ||
!colspan="5"| num_keys amounts of num_key fields, if applicable. | !colspan="5"| num_keys amounts of num_key fields, if applicable. | ||
Line 40: | Line 40: | ||
| || 4 / - || uint8[4] || unk3 || Used for unknown telemetry. Can be expected to not be present. | | || 4 / - || uint8[4] || unk3 || Used for unknown telemetry. Can be expected to not be present. | ||
|- | |- | ||
| || 20 / - || uint8[20] || | | || 20 / - || uint8[20] || cd_key_proof || SHA1 hash of the session_key, server_public_key and an unknown 20 byte value. | ||
|} | |} | ||
Line 77: | Line 77: | ||
== {{Template:Sandbox/PrettyVersion|expansionlevel=2|build=2.4.3.8606}} Changes == | == {{Template:Sandbox/PrettyVersion|expansionlevel=2|build=2.4.3.8606}} Changes == | ||
Sometime around {{Template:Sandbox/PrettyVersion|expansionlevel=2|build=2}} the two factor fields were repurposed to the below | Sometime around {{Template:Sandbox/PrettyVersion|expansionlevel=2|build=2.0.0.5991}} the two factor fields were repurposed to the below. | ||
These replace the {{Template:Sandbox/PrettyVersion|expansionlevel=1|build=1.12}} fields from above. | These replace the {{Template:Sandbox/PrettyVersion|expansionlevel=1|build=1.12}} fields from above. | ||
Line 93: | Line 92: | ||
!colspan="5"| security_flags.PIN fields, if applicable. | !colspan="5"| security_flags.PIN fields, if applicable. | ||
|- | |- | ||
!colspan="5"| security_flags. | !colspan="5"| security_flags.MatrixCard fields, if applicable. | ||
|- | |- | ||
!colspan="5"| security_flags.Authenticator field, if applicable. | !colspan="5"| security_flags.Authenticator field, if applicable. | ||
|} | |} | ||
Line 127: | Line 107: | ||
! Description | ! Description | ||
|- | |- | ||
| 0x00 || | | 0x00 || 16 / Little || uint8[16] || pin_salt || Salt used for PIN. | ||
|- | |- | ||
| | | 0x10 || 20 / Little || uint8[20] || pin_proof || Client proof for PIN. | ||
|} | |} | ||
{| class="wikitable" | {| class="wikitable" | ||
|+ security_flags. | |+ security_flags.MatrixCard Fields | ||
! Offset | ! Offset | ||
! Size / Endianness | ! Size / Endianness | ||
Line 140: | Line 120: | ||
! Description | ! Description | ||
|- | |- | ||
| 0x00 || | | 0x00 || 20 / - || uint8[20] || matrix_card_proof || Client proof of matrix input.<br> Implementation details are available [https://gist.github.com/barncastle/979c12a9c5e64d810a28ad1728e7e0f9 here]. | ||
|} | |} | ||
Line 159: | Line 131: | ||
! Description | ! Description | ||
|- | |- | ||
| 0x00 || 1 / - || uint8 || | | 0x00 || 1 / - || uint8 || token_size || Maximum size of 16 characters. | ||
|- | |||
| 0x10 || token_size / - || char[token_size] || token_string || | |||
|} | |} | ||
Latest revision as of 18:18, 27 July 2022
CMD_AUTH_LOGON_PROOF_Client is a Login Packet sent by the client after receiving a CMD_AUTH_LOGON_CHALLENGE_Server. The server reply is CMD_AUTH_LOGON_PROOF_Server.
Packet Layout
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
0x0 | 1 / - | uint8 | command | 0x01 for CMD_AUTH_LOGON_PROOF |
0x1 | 32 / Little | uint8[32] | client_public_key | SRP6 Client public key. Called A in RFC2945. |
0x21 | 20 / Little | uint8[20] | client_proof | SRP6 Client proof. Called M1 in RFC2945. |
0x35 | 20 / Little | uint8[20] | crc_hash | Hash of arbitrary files. Can be safely ignored. |
0x49 | 1 / - | uint8 | num_keys | Used for CD Key relatedᵘ telemetry. Used when base.MPQ contains a telemetry.dat file. Can be expected to always be 0. See the table below for when it is not 0. |
num_keys amounts of num_key fields, if applicable. |
When num_keys is not 0, the field is followed by 4 key data fields that repeat num_key times.
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
2 / - | uint16 | unk1 | Used for unknown telemetry. Can be expected to not be present. | |
4 / - | uint32 | unk2 | Used for unknown telemetry. Can be expected to not be present. | |
4 / - | uint8[4] | unk3 | Used for unknown telemetry. Can be expected to not be present. | |
20 / - | uint8[20] | cd_key_proof | SHA1 hash of the session_key, server_public_key and an unknown 20 byte value. |
(1.12.1.5875) Additions
(1.12) added two factor authentication PIN fields which are appended to the packet.
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
0x4A | 1 / - | bool (size 1 byte) | two_factor_enabled | If false the packet ends here, if true the fields in the table below are included. Added in 1.12.x client branch. |
security_flags.PIN fields, if applicable. |
When two_factor_enabled is not 0, the field is followed by the data in the table below.
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
16 / ? | uint8[16] | pin_salt | Salt used for PIN. Only included if two_factor_enabled is true. | |
20 / ? | uint8[20] | pin_hash | Client proof for PIN. Only included if two_factor_enabled is true. |
(2.4.3.8606) Changes
Sometime around (2.0.0.5991) the two factor fields were repurposed to the below. These replace the (1.12) fields from above.
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
0x4A | 1 / - | bool (size 1 byte) | security_flags | Bit pattern for optional authentication features. More than one feature can be used, and the fields are just appended in the bit pattern order from lowest first. See security_flag. tables below for specifics. If 0 the packet ends here. |
security_flags.PIN fields, if applicable. | ||||
security_flags.MatrixCard fields, if applicable. | ||||
security_flags.Authenticator field, if applicable. |
When security_flags is not 0 the following fields can appear.
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
0x00 | 16 / Little | uint8[16] | pin_salt | Salt used for PIN. |
0x10 | 20 / Little | uint8[20] | pin_proof | Client proof for PIN. |
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
0x00 | 20 / - | uint8[20] | matrix_card_proof | Client proof of matrix input. Implementation details are available here. |
Offset | Size / Endianness | Type | Name | Description |
---|---|---|---|---|
0x00 | 1 / - | uint8 | token_size | Maximum size of 16 characters. |
0x10 | token_size / - | char[token_size] | token_string |
Size
For all versions, if the result is not SUCCESS (0x00) the packet is 3 bytes.
If the result is SUCCESS (0x00):
Packet Example
Below is complete packet sent from a (1.12.1.5875) client. The values are explained as comments. This can be used for verifying packet parser implementations.
The first packet does not include the extra two factor fields.
char bytes[] = { 0x01, // Opcode: CMD_AUTH_LOGON_PROOF 0xf1, 0x3e, 0xe5, 0xd1, 0x83, 0xc4, 0xc8, 0xa9, 0x50, 0x0e, 0x3f, 0x5a, 0x5d, 0x8a, 0xee, 0x4e, 0x2e, 0x45, 0xe1, 0xf7, 0xcc, 0x8f, 0x1c, 0xf5, 0xee, 0x8e, 0x11, 0xce, 0xd3, 0x1d, 0xd7, 0x08, // Client Public Key 0x6b, 0x1e, 0x48, 0x1b, 0x4d, 0x04, 0xa1, 0x18, 0xd8, 0xf2, 0xde, 0x5c, 0x59, 0xd5, 0x5c, 0x81, 0x2e, 0x65, 0xec, 0x3e, // Client Proof 0x4e, 0xf5, 0x2d, 0xe1, 0x80, 0x5e, 0x1a, 0x67, 0x15, 0xec, 0xc8, 0x41, 0xee, 0xb8, 0x90, 0x8a, 0x58, 0xbb, 0x00, 0xd0, // CRC Hash 0x00, // Num keys: 0 0x00, // Two factor enabled: false };
And a packet with two factor fields.
char bytes[] = { 0x01, // Opcode: CMD_AUTH_LOGON_PROOF 0xf1, 0x3e, 0xe5, 0xd1, 0x83, 0xc4, 0xc8, 0xa9, 0x50, 0x0e, 0x3f, 0x5a, 0x5d, 0x8a, 0xee, 0x4e, 0x2e, 0x45, 0xe1, 0xf7, 0xcc, 0x8f, 0x1c, 0xf5, 0xee, 0x8e, 0x11, 0xce, 0xd3, 0x1d, 0xd7, 0x08, // Client Public Key 0x6b, 0x1e, 0x48, 0x1b, 0x4d, 0x04, 0xa1, 0x18, 0xd8, 0xf2, 0xde, 0x5c, 0x59, 0xd5, 0x5c, 0x81, 0x2e, 0x65, 0xec, 0x3e, // Client Proof 0x4e, 0xf5, 0x2d, 0xe1, 0x80, 0x5e, 0x1a, 0x67, 0x15, 0xec, 0xc8, 0x41, 0xee, 0xb8, 0x90, 0x8a, 0x58, 0xbb, 0x00, 0xd0, // CRC Hash 0x00, // Num keys: 0 0x01, // Two factor enabled: true 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, // PIN Salt 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, // PIN hash };