OpenSource/telegram-crawler
OpenSource/telegram-crawler
1
0
Fork 0
mirror of https://github.com/MarshalX/telegram-crawler.git synced 2025-01-01 09:06:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update content of files

Browse source
This commit is contained in:
GitHub Action 2022-03-03 20:22:33 +00:00
parent 95c00daef7
commit bfabec0baf
2 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
data/corefork.telegram.org/api/layers.html
View file

@ -45,8 +45,8 @@ Layer…">
<p>Below you will find information on schema changes. For more details on the use of layers, see <a href="/api/invoking#layers">Invoking API methods</a>.</p>
<h3><a class="anchor" href="#layer-138" id="layer-138" name="layer-138"><i class="anchor-icon"></i></a><a href="/schema?layer=138">Layer 138</a></h3>
<p><a href="https://telegram.org/blog/video-stickers-better-reactions#video-stickers">Video stickers</a>, <a href="https://telegram.org/blog/video-stickers-better-reactions#better-reactions">better reactions</a>, RTMP streams in group calls and livestreams. </p>
<p>The <a href="https://core.telegram.org/api/errors#error-database">RPC error database »</a> was also updated. </p>
<p><a href="https://telegram.org/blog/video-stickers-better-reactions#video-stickers">Video stickers</a>, <a href="https://telegram.org/blog/video-stickers-better-reactions#better-reactions">better reactions</a>, RTMP streams in group calls and livestreams.</p>
<p>The <a href="/api/errors#error-database">RPC error database »</a> was also updated.</p>
<h4><a class="anchor" href="#schema-changes" id="schema-changes" name="schema-changes"><i class="anchor-icon"></i></a>Schema changes</h4>
<h5><a class="anchor" href="#new-methods" id="new-methods" name="new-methods"><i class="anchor-icon"></i></a>New Methods</h5>
<ul>

4
data/corefork.telegram.org/api/srp.html
View file

@ -45,7 +45,7 @@
<p>Example implementation: <a href="https://github.com/tdlib/td/blob/56163c2460a65afc4db2c57ece576b8c38ea194b/td/telegram/PasswordManager.cpp">tdlib</a>.</p>
<h3><a class="anchor" href="#checking-the-password-with-srp" id="checking-the-password-with-srp" name="checking-the-password-with-srp"><i class="anchor-icon"></i></a>Checking the password with SRP</h3>
<p>To login to an account protected by a 2FA password or to perform some other actions (like changing channel owner), you will need to verify the user's knowledge of the current 2FA account password.</p>
<p>To do this, first the client needs to obtain SRP parameters and the KDF algorithm to use to check the validity of the password via <a href="https://core.telegram.org/method/account.getPassword">account.getPassword</a> method. For now, only the <a href="/constructor/passwordKdfAlgoSHA256SHA256PBKDF2HMACSHA512iter100000SHA256ModPow">passwordKdfAlgoSHA256SHA256PBKDF2HMACSHA512iter100000SHA256ModPow</a> algorithm is supported, so we'll only explain that.</p>
<p>To do this, first the client needs to obtain SRP parameters and the KDF algorithm to use to check the validity of the password via <a href="/method/account.getPassword">account.getPassword</a> method. For now, only the <a href="/constructor/passwordKdfAlgoSHA256SHA256PBKDF2HMACSHA512iter100000SHA256ModPow">passwordKdfAlgoSHA256SHA256PBKDF2HMACSHA512iter100000SHA256ModPow</a> algorithm is supported, so we'll only explain that.</p>
<p>Then, after the user provides a password, the client should generate an <a href="/type/InputCheckPasswordSRP">InputCheckPasswordSRP</a> object using SRP and a specific KDF algorithm as shown below and pass it to appropriate method (e.g. <a href="/method/auth.checkPassword">auth.checkPassword</a> in case of authorization).</p>
<p>This extension of the <a href="https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol">SRP protocol</a> uses the password-based <a href="https://en.wikipedia.org/wiki/PBKDF2">PBKDF2</a> with 100000 iterations using sha512 (<code>PBKDF2HMACSHA512iter100000</code>).
PBKDF2 is used to additionally rehash the <code>x</code> parameter, obtained using a method similar to the one described in <a href="https://tools.ietf.org/html/rfc2945#section-3">RFC 2945</a> (<code>H(s | H ( I | password | I) | s)</code> instead of <code>H(s | H ( I | ":" | password)</code>) (see below).</p>
@ -193,7 +193,7 @@ The client is expected to check whether <strong>p</strong> is a safe 2048-bit pr
<p>To set a new 2FA password use the <a href="/method/account.updatePasswordSettings">account.updatePasswordSettings</a> method.<br>
If a password is already set, generate an InputCheckPasswordSRP object as per <a href="#checking-the-password-with-srp">checking passwords with SRP</a>, and insert it in the <code>password</code> field of the <a href="/method/account.updatePasswordSettings">account.updatePasswordSettings</a> method.<br>
To remove the current password, pass an empty <code>new_password_hash</code> in the <a href="/type/account.PasswordInputSettings">account.PasswordInputSettings</a> object.</p>
<p>To set a new password, use the SRP parameters and the KDF algorithm obtained using <a href="https://core.telegram.org/method/account.getPassword">account.getPassword</a> when generating the <code>password</code> field.
<p>To set a new password, use the SRP parameters and the KDF algorithm obtained using <a href="/method/account.getPassword">account.getPassword</a> when generating the <code>password</code> field.
Then generate a new <code>new_password_hash</code> using the KDF algorithm specified in the <code>new_settings</code>, just append 32 sufficiently random bytes to the <code>salt1</code>, first.
Proceed as for <a href="#checking-the-password-with-srp">checking passwords with SRP</a>, just stop at the generation of the <code>v</code> parameter, and use it as <code>new_password_hash</code>:</p>
<ul>