OpenSource/telegram-crawler
OpenSource/telegram-crawler
1
0
Fork 0
mirror of https://github.com/MarshalX/telegram-crawler.git synced 2024-12-28 23:38:26 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update content of files

Browse source
This commit is contained in:
GitHub Action 2023-06-28 21:11:38 +00:00
parent b88fbd4ce3
commit efb69d9602
2 changed files with 222 additions and 231 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
data/web/corefork.telegram.org/mtproto/auth_key.html
View file

@ -52,7 +52,7 @@
<pre><code>resPQ#05162463 nonce:int128 server_nonce:int128 pq:string server_public_key_fingerprints:Vector long = ResPQ;</code></pre>
<p>Here, string pq is a representation of a natural number (in binary big endian format). This number is the product of two different odd prime numbers. Normally, pq is less than or equal to 2^63-1. The value of <em>server_nonce</em> is selected randomly by the server; following this step, it is known to all.</p>
<p><code>server_public_key_fingerprints</code> is a list of public RSA key fingerprints (64 lower-order bits of SHA1 (server_public_key); the public key is represented as a bare type <code>rsa_public_key n:string e:string = RSAPublicKey</code>, where, as usual, n and e are numbers in big endian format serialized as strings of bytes, following which SHA1 is computed) received by the server.</p>
<p>All subsequent messages contain the pair (nonce, server_nonce) both in the plain-text, and the encrypted portions which makes it possible to identify a “temporary session” — one run of the key generation protocol described on this page that uses the same (nonce, server_nonce) pair. An intruder could not create a parallel session with the server with the same parameters and reuse parts of server- or client-encrypted messages for its own purposes in such a parallel session, because a different server_nonce would be selected by the server for any new “temporary session”.</p>
<p>All subsequent messages contain the pair (nonce, server_nonce) both in the plain-text, and the encrypted portions which makes it possible to identify a “temporary session” — one run of the key generation protocol described on this page that uses the same (nonce, server_nonce) pair. An intruder could not create a parallel session with the server with the same parameters and reuse parts of server- or client-encrypted messages for its own purposes in such a parallel session, because a different server_nonce would be selected by the server for any new “temporary session”.</p>
<h4><a class="anchor" href="#proof-of-work" id="proof-of-work" name="proof-of-work"><i class="anchor-icon"></i></a>Proof of work</h4>
<h5><a class="anchor" href="#3-client-decomposes-pq-into-prime-factors-such-that-p--q" id="3-client-decomposes-pq-into-prime-factors-such-that-p--q" name="3-client-decomposes-pq-into-prime-factors-such-that-p--q"><i class="anchor-icon"></i></a>3) Client decomposes pq into prime factors such that p &lt; q.</h5>
<p>This starts a round of Diffie-Hellman key exchanges.</p>
@ -76,7 +76,7 @@
</li>
</ul>
<p>Someone might intercept the query and replace it with their own, independently decomposing pq into factors instead of the client. The only field that it makes sense to modify is new_nonce which would be the one an intruder would have to re-generate (because an intruder cannot decrypt the encrypted data sent by the client). Since all subsequent messages are encrypted using new_nonce or contain new_nonce_hash, they will not be processed by the client (an intruder would not be able to make it look as though they had been generated by the server because they would not contain new_nonce). Therefore, this intercept will only result in the intruder's completing the authorization key generation protocol in place of the client and creating a new key (that has nothing to do with the client); however, the same effect could be achieved simply by creating a new key in one's own name.</p>
<p>An alternative form of inner data (<code>p_q_inner_data_temp_dc</code>) is used to create temporary keys, that are only stored in the server RAM and are discarded after at most <code>expires_in</code> seconds. The server is free to discard its copy earlier. In all other respects the temporary key generation protocol is the same. After a temporary key is created, the client usually binds it to its principal authorisation key by means of the <a href="/method/auth.bindTempAuthKey">auth.bindTempAuthKey</a> method, and uses it for all client-server communication until it expires; then a new temporary key is generated. Thus Perfect Forward Secrecy (PFS) in client-server communication is achieved. <a href="/api/pfs">Read more about PFS »</a></p>
<p>An alternative form of inner data (<code>p_q_inner_data_temp_dc</code>) is used to create temporary keys, that are only stored in the server RAM and are discarded after at most <code>expires_in</code> seconds. The server is free to discard its copy earlier. In all other respects the temporary key generation protocol is the same. After a temporary key is created, the client usually binds it to its principal authorisation key by means of the <a href="/method/auth.bindTempAuthKey">auth.bindTempAuthKey</a> method, and uses it for all client-server communication until it expires; then a new temporary key is generated. Thus Perfect Forward Secrecy (PFS) in client-server communication is achieved. <a href="/api/pfs">Read more about PFS »</a></p>
<h5><a class="anchor" href="#41-rsa-paddata-server-public-key-mentioned-above-is-implemented-as-follows" id="41-rsa-paddata-server-public-key-mentioned-above-is-implemented-as-follows" name="41-rsa-paddata-server-public-key-mentioned-above-is-implemented-as-follows"><i class="anchor-icon"></i></a>4.1) <code>RSA_PAD(data, server_public_key)</code> mentioned above is implemented as follows:</h5>
<ul>
<li>data_with_padding := data + random_padding_bytes; -- where random_padding_bytes are chosen so that the resulting length of data_with_padding is precisely 192 bytes, and data is the TL-serialized data to be encrypted as before. One has to check that data is not longer than 144 bytes.</li>
@ -120,7 +120,7 @@ A <code>-444</code> error may also be returned if a test DC ID is passed in <cod
<li>data_with_hash := SHA1(data) + data + (0-15 random bytes); such that length be divisible by 16;</li>
<li>encrypted_data := AES256_ige_encrypt (data_with_hash, tmp_aes_key, tmp_aes_iv);</li>
</ul>
<p>The retry_id field is equal to zero at the time of the first attempt; otherwise, it is equal to auth_key_aux_hash from the previous failed attempt (see Item 9).</p>
<p>The retry_id field is equal to zero at the time of the first attempt; otherwise, it is equal to auth_key_aux_hash from the previous failed attempt (see <a href="#9-server-responds-in-one-of-three-ways">Item 9</a>).</p>
<h5><a class="anchor" href="#7-thereafter-auth-key-equals-powg-ab-mod-dh-prime-on-the-server-it-is-computed-as-powg-b-a-mod-dh-prime-and-on-the-client-as-g-ab-mod-dh-prime" id="7-thereafter-auth-key-equals-powg-ab-mod-dh-prime-on-the-server-it-is-computed-as-powg-b-a-mod-dh-prime-and-on-the-client-as-g-ab-mod-dh-prime" name="7-thereafter-auth-key-equals-powg-ab-mod-dh-prime-on-the-server-it-is-computed-as-powg-b-a-mod-dh-prime-and-on-the-client-as-g-ab-mod-dh-prime"><i class="anchor-icon"></i></a>7) Thereafter, auth_key equals <code>pow(g, {ab}) mod dh_prime</code>; on the server, it is computed as <code>pow(g_b, a) mod dh_prime</code>, and on the client as <code>(g_a)^b mod dh_prime</code>.</h5>
<h5><a class="anchor" href="#8-auth-key-hash-is-computed--64-lower-order-bits-of-sha1-auth-key-the-server-checks-whether-there-already-is-another-key-with-the-same-auth-key-hash-and-responds-in-one-of-the-following-ways" id="8-auth-key-hash-is-computed--64-lower-order-bits-of-sha1-auth-key-the-server-checks-whether-there-already-is-another-key-with-the-same-auth-key-hash-and-responds-in-one-of-the-following-ways" name="8-auth-key-hash-is-computed--64-lower-order-bits-of-sha1-auth-key-the-server-checks-whether-there-already-is-another-key-with-the-same-auth-key-hash-and-responds-in-one-of-the-following-ways"><i class="anchor-icon"></i></a>8) auth_key_hash is computed := 64 lower-order bits of SHA1 (auth_key). The server checks whether there already is another key with the same auth_key_hash and responds in one of the following ways.</h5>
<h4><a class="anchor" href="#dh-key-exchange-complete" id="dh-key-exchange-complete" name="dh-key-exchange-complete"><i class="anchor-icon"></i></a>DH key exchange complete</h4>
@ -132,7 +132,7 @@ dh_gen_fail#a69dae02 nonce:int128 server_nonce:int128 new_nonce_hash3:int128 = S
<li>new_nonce_hash1, new_nonce_hash2, and new_nonce_hash3 are obtained as the 128 lower-order bits of SHA1 of the byte string derived from the new_nonce string by adding a single byte with the value of 1, 2, or 3, and followed by another 8 bytes with auth_key_aux_hash. Different values are required to prevent an intruder from changing server response dh_gen_ok into dh_gen_retry.</li>
<li>auth_key_aux_hash is the 64 <em>higher-order</em> bits of SHA1(auth_key). It must not be confused with auth_key_hash.</li>
</ul>
<p>In the other case, the client goes to Item 6) generating a new <em>b</em>.
<p>In the other case, the client goes to <a href="/mtproto/auth_key#6-client-computes-random-2048-bit-number-b-using-a-sufficient-amount-of-entropy-and-sends-the-server-a-message">Item 6)</a> generating a new <em>b</em>.
In the first case, the client and the server have negotiated auth_key, following which they forget all other temporary data, and the client creates another encrypted session using auth_key. At the same time, server_salt is initially set to <code>substr(new_nonce, 0, 8) XOR substr(server_nonce, 0, 8)</code>. If required, the client stores the difference between server_time received in 5) and its local time, to be able always to have a good approximation of server time which is required to generate correct message identifiers.</p>
<p><strong>IMPORTANT</strong>: Apart from the conditions on the Diffie-Hellman prime <strong>dh_prime</strong> and generator <strong>g</strong>, both sides are to check that <strong>g</strong>, <strong>g_a</strong> and <strong>g_b</strong> are greater than <strong>1</strong> and less than <strong>dh_prime - 1</strong>. We recommend checking that <strong>g_a</strong> and <strong>g_b</strong> are between <strong>2^{2048-64}</strong> and <strong>dh_prime - 2^{2048-64}</strong> as well.</p>
<h4><a class="anchor" href="#error-handling-lost-queries-and-responses" id="error-handling-lost-queries-and-responses" name="error-handling-lost-queries-and-responses"><i class="anchor-icon"></i></a>Error Handling (Lost Queries and Responses)</h4>

445
data/web/corefork.telegram.org/mtproto/samples-auth_key.html
View file

@ -2,14 +2,12 @@
<html class="">
<head>
<meta charset="utf-8">
<title>samples-auth_key</title>
<title>Auth key generation example</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta property="description" content="In the examples below, the transport headers are omitted:
For example, for the abridged version of the transport », the…">
<meta property="og:title" content="samples-auth_key">
<meta property="description" content="A full auth key generation example">
<meta property="og:title" content="Auth key generation example">
<meta property="og:image" content="71a15765997de28d38">
<meta property="og:description" content="In the examples below, the transport headers are omitted:
For example, for the abridged version of the transport », the…">
<meta property="og:description" content="A full auth key generation example">
<link rel="icon" type="image/svg+xml" href="/img/website_icon.svg?4">
<link rel="apple-touch-icon" sizes="180x180" href="/img/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/img/favicon-32x32.png">
@ -41,11 +39,10 @@ For example, for the abridged version of the transport », the…">
<div class="container clearfix">
<div class="dev_page">
<div id="dev_page_content_wrap" class=" ">
<div class="dev_page_bread_crumbs"><ul class="breadcrumb clearfix"><li><a href="/mtproto" >Mobile Protocol</a></li><i class="icon icon-breadcrumb-divider"></i><li><a href="/mtproto/samples-auth_key" >samples-auth_key</a></li></ul></div>
<h1 id="dev_page_title">samples-auth_key</h1>
<div class="dev_page_bread_crumbs"><ul class="breadcrumb clearfix"><li><a href="/mtproto" >Mobile Protocol</a></li><i class="icon icon-breadcrumb-divider"></i><li><a href="/mtproto/samples-auth_key" >Auth key generation example</a></li></ul></div>
<h1 id="dev_page_title">Auth key generation example</h1>
<div id="dev_page_content"><h1><a class="anchor" href="#" id="" name=""><i class="anchor-icon"></i></a></h1>
<p>In the examples below, the <a href="/mtproto#transport">transport</a> headers are omitted:</p>
<div id="dev_page_content"><p>In the examples below, the <a href="/mtproto#transport">transport</a> headers are omitted:</p>
<blockquote>
<p>For example, for the <a href="/mtproto/mtproto-transports#abridged">abridged version of the transport »</a>, the client sends <code>0xef</code> as the first byte (<strong>important:</strong> only prior to the very first data packet), then the packet length is encoded with a single byte (<code>0x01-0x7e</code> = data length divided by 4; or <code>0x7f</code> followed by 3 bytes (little endian) divided by 4) followed by the data itself. In this case, server responses have the same structure (although the server does not send <code>0xef</code>as the first byte).</p>
</blockquote>
@ -53,9 +50,9 @@ For example, for the abridged version of the transport », the…">
<h1><a class="anchor" href="#1-request-req-pq-multi" id="1-request-req-pq-multi" name="1-request-req-pq-multi"><i class="anchor-icon"></i></a>1. request req_pq_multi</h1>
<!-- start req_pq_multi -->
<p>Sent payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 00 00 00 00 58 9A 9C 64
0010 | 14 00 00 00 F1 8E 7E BE 61 07 9B D3 CE 40 0A AA
0020 | C0 6A 7E C0 F9 E7 0A F2</code></pre>
<pre><code>0000 | 00 00 00 00 00 00 00 00 00 00 00 00 DC 9D 9C 64
0010 | 14 00 00 00 F1 8E 7E BE 36 5B 3A 12 7C 5B 59 09
0020 | 49 0E 6C 3A EC EC 01 26</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>req_pq_multi#be7e8ef1 nonce:int128 = ResPQ;</code></pre>
<table class="table">
@ -77,7 +74,7 @@ For example, for the abridged version of the transport », the…">
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>00000000589A9C64</code></td>
<td><code>00000000DC9D9C64</code></td>
<td>Exact <code>unixtime*2^32</code>, <code>+(4*N)</code> if N messages with the same message ID were already generated</td>
</tr>
<tr>
@ -95,7 +92,7 @@ For example, for the abridged version of the transport », the…">
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Random number</td>
</tr>
</tbody>
@ -104,11 +101,11 @@ For example, for the abridged version of the transport », the…">
<h1><a class="anchor" href="#2-response-respq" id="2-response-respq" name="2-response-respq"><i class="anchor-icon"></i></a>2. response respq</h1>
<!-- start resPQ -->
<p>Received payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 68 EB F7 58 9A 9C 64
0010 | 7C 00 00 00 63 24 16 05 61 07 9B D3 CE 40 0A AA
0020 | C0 6A 7E C0 F9 E7 0A F2 F3 3B CB F4 A8 C2 3D 6A
0030 | EE 2D 08 5D 77 13 F5 B1 08 14 E0 52 91 6A AF 01
0040 | 01 00 00 00 15 C4 B5 1C 03 00 00 00 A5 B7 F7 09
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 90 2F 78 DC 9D 9C 64
0010 | 54 00 00 00 63 24 16 05 36 5B 3A 12 7C 5B 59 09
0020 | 49 0E 6C 3A EC EC 01 26 C2 18 4E 38 BA C1 64 9C
0030 | 35 FD 28 FC 20 E9 A7 EA 08 25 35 F6 04 92 13 80
0040 | 5B 00 00 00 15 C4 B5 1C 03 00 00 00 A5 B7 F7 09
0050 | 35 5F C3 0B 21 6B E8 6C 02 2B B4 C3 85 FD 64 DE
0060 | 85 1D 9D D0</code></pre>
<p>Payload (de)serialization:</p>
@ -132,13 +129,13 @@ For example, for the abridged version of the transport », the…">
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>0168EBF7589A9C64</code></td>
<td><code>01902F78DC9D9C64</code></td>
<td>Exact <code>unixtime*2^32</code>, <code>+(4*N)</code> if N messages with the same message ID were already generated</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>7C000000</code> (124 in decimal)</td>
<td><code>54000000</code> (84 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
@ -150,19 +147,19 @@ For example, for the abridged version of the transport », the…">
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Server-generated random number</td>
</tr>
<tr>
<td>pq</td>
<td>56, 12</td>
<td><code>0814E052916AAF0101000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1504293060055335169</td>
<td><code>082535F6049213805B000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 2681319652660052059</td>
<td>Single-byte prefix denoting length, an 8-byte string, and three bytes of padding</td>
</tr>
<tr>
@ -207,26 +204,23 @@ For example, for the abridged version of the transport », the…">
<!-- end fingerprints -->
<h1><a class="anchor" href="#21-decompose-p-and-q" id="21-decompose-p-and-q" name="21-decompose-p-and-q"><i class="anchor-icon"></i></a>2.1. decompose p and q</h1>
<!-- start pq -->
<pre><code>pq = 1504293060055335169</code></pre>
<p>Decompose into 2 prime cofactors: <code>1504293060055335169 = 1019397109 * 1475669341</code></p>
<pre><code>p = 1019397109
q = 1475669341</code></pre>
<pre><code>pq = 2681319652660052059</code></pre>
<p>Decompose into 2 prime cofactors: <code>2681319652660052059 = 1608915439 * 1666538581</code></p>
<pre><code>p = 1608915439
q = 1666538581</code></pre>
<!-- end pq -->
<h1><a class="anchor" href="#22-encrypted-data-generation" id="22-encrypted-data-generation" name="22-encrypted-data-generation"><i class="anchor-icon"></i></a>2.2. encrypted_data generation</h1>
<!-- start p_q_inner_data_dc -->
<p>Generated payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 95 5F F5 A9 08 14 E0 52 91 6A AF 01 01 00 00 00
0010 | 04 3C C2 C3 F5 00 00 00 04 57 F4 ED 5D 00 00 00
0020 | 61 07 9B D3 CE 40 0A AA C0 6A 7E C0 F9 E7 0A F2
0030 | F3 3B CB F4 A8 C2 3D 6A EE 2D 08 5D 77 13 F5 B1
0040 | 77 C0 A6 8B C9 A6 9D B0 E0 49 94 75 DD 0E ED 08
0050 | 0B F0 59 CA 67 9B A9 AB AC B5 BB CF 69 25 76 FA
<pre><code>0000 | 95 5F F5 A9 08 25 35 F6 04 92 13 80 5B 00 00 00
0010 | 04 5F E6 19 EF 00 00 00 04 63 55 5C 55 00 00 00
0020 | 36 5B 3A 12 7C 5B 59 09 49 0E 6C 3A EC EC 01 26
0030 | C2 18 4E 38 BA C1 64 9C 35 FD 28 FC 20 E9 A7 EA
0040 | AA BB EA 0C 77 25 B4 A6 27 D8 E4 05 7B C3 BD A4
0050 | DF B4 30 72 30 91 E0 E2 0F BD 94 FC D0 F2 6F 24
0060 | 02 00 00 00</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>p_q_inner_data_dc#a9f55f95 pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 dc:int = P_Q_inner_data;
p_q_inner_data_temp_dc#56fddf88 pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 dc:int expires_in:int = P_Q_inner_data;
p_q_inner_data#83c95aec pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 = P_Q_inner_data;
p_q_inner_data_temp#3c6a84d4 pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 expires_in:int = P_Q_inner_data;</code></pre>
<pre><code>p_q_inner_data_dc#a9f55f95 pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 dc:int = P_Q_inner_data;</code></pre>
<table class="table">
<thead>
<tr>
@ -246,37 +240,37 @@ p_q_inner_data_temp#3c6a84d4 pq:string p:string q:string nonce:int128 server_non
<tr>
<td>pq</td>
<td>4, 12</td>
<td><code>0814E052916AAF0101000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1504293060055335169</td>
<td><code>082535F6049213805B000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 2681319652660052059</td>
<td>Single-byte prefix denoting length, 8-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>p</td>
<td>16, 8</td>
<td><code>043CC2C3F5000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1019397109</td>
<td><code>045FE619EF000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1608915439</td>
<td>First prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>q</td>
<td>24, 8</td>
<td><code>0457F4ED5D000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1475669341</td>
<td><code>0463555C55000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1666538581</td>
<td>Second prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>nonce</td>
<td>32, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>48, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>new_nonce</td>
<td>64, 32</td>
<td><code>77C0A68BC9A69DB0E0499475DD0EED08</code> <code>0BF059CA679BA9ABACB5BBCF692576FA</code></td>
<td><code>AABBEA0C7725B4A627D8E4057BC3BDA4</code> <code>DFB430723091E0E20FBD94FCD0F26F24</code></td>
<td>Client-generated random number</td>
</tr>
<tr>
@ -291,39 +285,39 @@ p_q_inner_data_temp#3c6a84d4 pq:string p:string q:string nonce:int128 server_non
<p>The serialization of <em>P_Q_inner_data</em> produces <strong>data</strong>, which is used to generate <strong>encrypted_data</strong> as specified in <a href="/mtproto/auth_key">step 4.1</a>.<br>
These are the inputs to the algorithm specified in <a href="/mtproto/auth_key">step 4.1</a>:</p>
<!-- start p_q_inner_data_input -->
<pre><code>data = 955FF5A90814E052916AAF0101000000043CC2C3F50000000457F4ED5D00000061079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B177C0A68BC9A69DB0E0499475DD0EED080BF059CA679BA9ABACB5BBCF692576FA02000000
random_padding_bytes = E5019A0D9F552D15ACB43E2264CD899B8F87534B8D3C6BD8DEBA75BBFD953DBD9141C0C87E30E96A343AAF4EA390489899E3325E01CC03C40198DDEA8CB382D6BCCB30380AD5FFA5AD054B2DC9BEB280C0039AF3C7DC0D6C62ED3703</code></pre>
<pre><code>data = 955FF5A9082535F6049213805B000000045FE619EF0000000463555C55000000365B3A127C5B5909490E6C3AECEC0126C2184E38BAC1649C35FD28FC20E9A7EAAABBEA0C7725B4A627D8E4057BC3BDA4DFB430723091E0E20FBD94FCD0F26F2402000000
random_padding_bytes = 216450FD2A974A81475A90261BAE56428354F18BEE55BFB415135941FFA2607DA534FB9099CB6B7A33FBF9E40ADCD43CB29C14B8E4C16DC2E0471A1E92D21966398AF8FF1EFEEF787DEB0D5AB1AA674D154799D1C9E9DBECA2682FD5</code></pre>
<!-- end p_q_inner_data_input -->
<p>And this is the output:</p>
<!-- start p_q_inner_data_output -->
<pre><code>encrypted_data = CFCCD0A2FE4CE6DA364CAD61560586C2A0481427128257864AF9BA9B047612F7030BECC81F3A911A8A9178E2EA0205297B3A70B9C4001273E817C289613DC2F80033EEE5B41ED7B6C8EBB2CDAAFBB1115B800F736D0B5651FD279F13D7E23B13365FBE0F561137D7D33A32BCD2FAEB8091FF528BEFD48EF6EAAB42BE1201E879259EC477AD033CBD13C2C1607F9EB61663CE372DD5E7999FC5F0CE6B7903AE812BDDA619551BFBE69218BEC7E550B2E5E8428C2C8AF615ACD34F53D25737B87280E28BB2157B34987C00C1F45D734D79364166BB1FA275DA0563DBE09EFBC03450450947196C526A580A09B25F4CB23786ABFB00862AE177183A9FADA88E86D3</code></pre>
<pre><code>encrypted_data = 272390AE7D9BD642310E05D77A4C34AE44CA3790AA81FAA4D18DE327DF7DF575105FDD874416F2E907C97AA97A0697D460E3824C51397675E5314196EBF6E1E771436830844417671E295822E1FB892DC830CEFC756EBBF5926703930918FC0FA379B350D5C4F74C8221622C58BD0561E898DDC1F614AE73A6D6E727D1857361E7940A233DB206A23F7B02A109C0D694DF29CC9C63085A98F6C478A726C7D01889DB009A471C2C471530AD95FDD7989B13D6216345314BEF01E84C8D673786861343A9979C54DD937BFA1A1B12C02B303EAFC9F69F16DBBED0AD5689495B90DD2F4062562DCF7934B75F5F00C9059005CE581DC2EE704548703E74C975EED2E4</code></pre>
<!-- end p_q_inner_data_output -->
<p>The length of the final string is 256 bytes.</p>
<h1><a class="anchor" href="#3-request-req-dh-params" id="3-request-req-dh-params" name="3-request-req-dh-params"><i class="anchor-icon"></i></a>3. request req_dh_params</h1>
<!-- start req_DH_params -->
<p>Sent payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 00 00 00 00 59 9A 9C 64
0010 | 40 01 00 00 BE E4 12 D7 61 07 9B D3 CE 40 0A AA
0020 | C0 6A 7E C0 F9 E7 0A F2 F3 3B CB F4 A8 C2 3D 6A
0030 | EE 2D 08 5D 77 13 F5 B1 04 3C C2 C3 F5 00 00 00
0040 | 04 57 F4 ED 5D 00 00 00 85 FD 64 DE 85 1D 9D D0
0050 | FE 00 01 00 CF CC D0 A2 FE 4C E6 DA 36 4C AD 61
0060 | 56 05 86 C2 A0 48 14 27 12 82 57 86 4A F9 BA 9B
0070 | 04 76 12 F7 03 0B EC C8 1F 3A 91 1A 8A 91 78 E2
0080 | EA 02 05 29 7B 3A 70 B9 C4 00 12 73 E8 17 C2 89
0090 | 61 3D C2 F8 00 33 EE E5 B4 1E D7 B6 C8 EB B2 CD
00A0 | AA FB B1 11 5B 80 0F 73 6D 0B 56 51 FD 27 9F 13
00B0 | D7 E2 3B 13 36 5F BE 0F 56 11 37 D7 D3 3A 32 BC
00C0 | D2 FA EB 80 91 FF 52 8B EF D4 8E F6 EA AB 42 BE
00D0 | 12 01 E8 79 25 9E C4 77 AD 03 3C BD 13 C2 C1 60
00E0 | 7F 9E B6 16 63 CE 37 2D D5 E7 99 9F C5 F0 CE 6B
00F0 | 79 03 AE 81 2B DD A6 19 55 1B FB E6 92 18 BE C7
0100 | E5 50 B2 E5 E8 42 8C 2C 8A F6 15 AC D3 4F 53 D2
0110 | 57 37 B8 72 80 E2 8B B2 15 7B 34 98 7C 00 C1 F4
0120 | 5D 73 4D 79 36 41 66 BB 1F A2 75 DA 05 63 DB E0
0130 | 9E FB C0 34 50 45 09 47 19 6C 52 6A 58 0A 09 B2
0140 | 5F 4C B2 37 86 AB FB 00 86 2A E1 77 18 3A 9F AD
0150 | A8 8E 86 D3</code></pre>
<pre><code>0000 | 00 00 00 00 00 00 00 00 04 00 00 00 DC 9D 9C 64
0010 | 40 01 00 00 BE E4 12 D7 36 5B 3A 12 7C 5B 59 09
0020 | 49 0E 6C 3A EC EC 01 26 C2 18 4E 38 BA C1 64 9C
0030 | 35 FD 28 FC 20 E9 A7 EA 04 5F E6 19 EF 00 00 00
0040 | 04 63 55 5C 55 00 00 00 85 FD 64 DE 85 1D 9D D0
0050 | FE 00 01 00 27 23 90 AE 7D 9B D6 42 31 0E 05 D7
0060 | 7A 4C 34 AE 44 CA 37 90 AA 81 FA A4 D1 8D E3 27
0070 | DF 7D F5 75 10 5F DD 87 44 16 F2 E9 07 C9 7A A9
0080 | 7A 06 97 D4 60 E3 82 4C 51 39 76 75 E5 31 41 96
0090 | EB F6 E1 E7 71 43 68 30 84 44 17 67 1E 29 58 22
00A0 | E1 FB 89 2D C8 30 CE FC 75 6E BB F5 92 67 03 93
00B0 | 09 18 FC 0F A3 79 B3 50 D5 C4 F7 4C 82 21 62 2C
00C0 | 58 BD 05 61 E8 98 DD C1 F6 14 AE 73 A6 D6 E7 27
00D0 | D1 85 73 61 E7 94 0A 23 3D B2 06 A2 3F 7B 02 A1
00E0 | 09 C0 D6 94 DF 29 CC 9C 63 08 5A 98 F6 C4 78 A7
00F0 | 26 C7 D0 18 89 DB 00 9A 47 1C 2C 47 15 30 AD 95
0100 | FD D7 98 9B 13 D6 21 63 45 31 4B EF 01 E8 4C 8D
0110 | 67 37 86 86 13 43 A9 97 9C 54 DD 93 7B FA 1A 1B
0120 | 12 C0 2B 30 3E AF C9 F6 9F 16 DB BE D0 AD 56 89
0130 | 49 5B 90 DD 2F 40 62 56 2D CF 79 34 B7 5F 5F 00
0140 | C9 05 90 05 CE 58 1D C2 EE 70 45 48 70 3E 74 C9
0150 | 75 EE D2 E4</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>req_DH_params#d712e4be nonce:int128 server_nonce:int128 p:string q:string public_key_fingerprint:long encrypted_data:string = Server_DH_Params;</code></pre>
<table class="table">
@ -345,7 +339,7 @@ random_padding_bytes = E5019A0D9F552D15ACB43E2264CD899B8F87534B8D3C6BD8DEBA75BBF
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>00000000599A9C64</code></td>
<td><code>04000000DC9D9C64</code></td>
<td>Exact <code>unixtime*2^32</code>, <code>+(4*N)</code> if N messages with the same message ID were already generated</td>
</tr>
<tr>
@ -363,25 +357,25 @@ random_padding_bytes = E5019A0D9F552D15ACB43E2264CD899B8F87534B8D3C6BD8DEBA75BBF
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>p</td>
<td>56, 8</td>
<td><code>043CC2C3F5000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1019397109</td>
<td><code>045FE619EF000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1608915439</td>
<td>First prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>q</td>
<td>64, 8</td>
<td><code>0457F4ED5D000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1475669341</td>
<td><code>0463555C55000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1666538581</td>
<td>Second prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
@ -393,7 +387,7 @@ random_padding_bytes = E5019A0D9F552D15ACB43E2264CD899B8F87534B8D3C6BD8DEBA75BBF
<tr>
<td>encrypted_data</td>
<td>80, 260</td>
<td><code>FE000100CFCCD0A2FE4CE6DA364CAD61</code> <code>560586C2A0481427128257864AF9BA9B</code> <code>047612F7030BECC81F3A911A8A9178E2</code> <code>EA0205297B3A70B9C4001273E817C289</code> <code>613DC2F80033EEE5B41ED7B6C8EBB2CD</code> <code>AAFBB1115B800F736D0B5651FD279F13</code> <code>D7E23B13365FBE0F561137D7D33A32BC</code> <code>D2FAEB8091FF528BEFD48EF6EAAB42BE</code> <code>1201E879259EC477AD033CBD13C2C160</code> <code>7F9EB61663CE372DD5E7999FC5F0CE6B</code> <code>7903AE812BDDA619551BFBE69218BEC7</code> <code>E550B2E5E8428C2C8AF615ACD34F53D2</code> <code>5737B87280E28BB2157B34987C00C1F4</code> <code>5D734D79364166BB1FA275DA0563DBE0</code> <code>9EFBC03450450947196C526A580A09B2</code> <code>5F4CB23786ABFB00862AE177183A9FAD</code><br> <code>A88E86D3</code></td>
<td><code>FE000100272390AE7D9BD642310E05D7</code> <code>7A4C34AE44CA3790AA81FAA4D18DE327</code> <code>DF7DF575105FDD874416F2E907C97AA9</code> <code>7A0697D460E3824C51397675E5314196</code> <code>EBF6E1E771436830844417671E295822</code> <code>E1FB892DC830CEFC756EBBF592670393</code> <code>0918FC0FA379B350D5C4F74C8221622C</code> <code>58BD0561E898DDC1F614AE73A6D6E727</code> <code>D1857361E7940A233DB206A23F7B02A1</code> <code>09C0D694DF29CC9C63085A98F6C478A7</code> <code>26C7D01889DB009A471C2C471530AD95</code> <code>FDD7989B13D6216345314BEF01E84C8D</code> <code>673786861343A9979C54DD937BFA1A1B</code> <code>12C02B303EAFC9F69F16DBBED0AD5689</code> <code>495B90DD2F4062562DCF7934B75F5F00</code> <code>C9059005CE581DC2EE704548703E74C9</code><br> <code>75EED2E4</code></td>
<td>See <a href="#generation-of-encrypted-data">Generation of encrypted_data »</a></td>
</tr>
</tbody>
@ -402,50 +396,49 @@ random_padding_bytes = E5019A0D9F552D15ACB43E2264CD899B8F87534B8D3C6BD8DEBA75BBF
<h1><a class="anchor" href="#4-response-server-dh-params-ok" id="4-response-server-dh-params-ok" name="4-response-server-dh-params-ok"><i class="anchor-icon"></i></a>4. response server_dh_params_ok</h1>
<!-- start server_DH_params_ok -->
<p>Received payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 64 79 85 59 9A 9C 64
0010 | E8 02 00 00 5C 07 E8 D0 61 07 9B D3 CE 40 0A AA
0020 | C0 6A 7E C0 F9 E7 0A F2 F3 3B CB F4 A8 C2 3D 6A
0030 | EE 2D 08 5D 77 13 F5 B1 FE 50 02 00 F1 B0 F8 E0
0040 | E2 34 D3 3F 9E 48 D8 71 E1 2F C9 0C E8 8E A5 36
0050 | E0 A5 61 EE 54 63 15 8E 72 20 8C F7 90 CD AD 29
0060 | A3 31 6D D8 F3 6F B9 4C DD 11 9B D7 7B 4C 7A 62
0070 | EF BC 3E 6E DC 40 10 E8 9E 72 08 65 1C 72 62 15
0080 | 5C 79 1F 23 52 EB F9 7F C6 88 3C 59 BB 94 03 3E
0090 | DE 00 6E 25 2C 46 FA 2F 7B 0B CA C6 35 4A F4 23
00A0 | 87 3F 70 5B DE 51 AC 92 4F 1B 59 25 8C DB 03 AB
00B0 | CA 67 AD 5B 2F F1 84 7C F5 DB 3F 0F 0A 65 52 5D
00C0 | EA B4 E0 FE A2 B3 BD F7 CB 47 52 15 CF CB BF 07
00D0 | 82 14 4B 7A 09 15 3A F9 AC B6 37 AC 8C 37 38 97
00E0 | 7A 48 0A 1C 36 7F 13 95 40 43 40 E9 34 F6 46 28
00F0 | C1 7C D3 3F E5 FD CB 36 26 38 AD C4 18 34 CE B6
0100 | B4 3C 25 F8 07 25 93 D2 17 2F B2 93 1A E1 D7 4D
0110 | 5F 62 49 3A 29 EC 52 B3 1C 91 19 56 AD 8B 10 57
0120 | CE AB 92 0B A1 02 A7 0D B6 78 A1 FE 5D 5A 7A 42
0130 | 87 16 F5 CC 06 3E BB EC F6 77 6A F4 AE 2D D2 E2
0140 | BA CB A2 82 40 B9 0E 26 76 B0 5C E2 7F 39 12 75
0150 | 10 44 12 A6 5E 5B 56 FC 74 1B 62 FE A8 BA 1D 61
0160 | 2C F1 FF 83 AE 51 32 26 42 B6 2B 60 58 25 84 D2
0170 | 45 9C 94 6A 49 72 25 C7 55 C0 3C A5 21 9C FA 50
0180 | F9 00 68 5C FD 26 D7 5E 11 26 7F F4 82 A3 CE A1
0190 | DC 50 FA B8 7E 08 CB 91 4F A4 F6 58 3A 1A 69 10
01A0 | 4E 03 4D BA 05 46 70 F2 2A D2 66 FE 80 0D 87 24
01B0 | 28 B5 16 5D C5 4D 87 FF E9 92 D3 1B 25 A0 E0 4F
01C0 | FC 70 08 D7 E5 BE 02 24 30 63 03 30 D3 65 D7 B2
01D0 | 8D 33 EC 8F 54 D4 DF 5C 5E D0 D9 E8 A1 75 35 C8
01E0 | A0 3B 25 F4 B2 97 D4 EC 03 6D 6A EE DF 84 65 3E
01F0 | 63 DD DE E7 A2 B9 1A 0F 0C 24 64 FE 56 CD 63 D6
0200 | 43 15 F7 7D DF 6B 44 29 E6 C1 EC 71 69 FC 1F 74
0210 | 96 31 54 73 8E 34 DF 12 01 E6 8B D0 3B 5D 7C BC
0220 | C6 D7 E2 82 0C 4C 05 B5 1A F1 67 43 7E 42 63 E2
0230 | 43 E4 52 93 24 6A C6 3C 3B 7A EE 5D F2 95 63 85
0240 | 38 21 61 C8 76 D7 81 22 84 5E 70 BF 4A 37 C1 48
0250 | E3 CB EF 47 49 FE 92 E6 6B 9D BA 10 32 1B EA F7
0260 | 72 81 89 CD CE 8A 0D 80 54 8F A1 6A 36 9A 8F 66
0270 | 89 B6 E2 FC E5 65 20 C4 95 14 22 F2 B2 13 D9 17
0280 | A5 6F F9 4F 4D 91 BB 96 86 7A 87 61</code></pre>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 F4 AA 18 DD 9D 9C 64
0010 | 84 02 00 00 5C 07 E8 D0 36 5B 3A 12 7C 5B 59 09
0020 | 49 0E 6C 3A EC EC 01 26 C2 18 4E 38 BA C1 64 9C
0030 | 35 FD 28 FC 20 E9 A7 EA FE 50 02 00 70 2F F1 03
0040 | 2B 5B A7 26 4B 04 CD 20 AA 98 0F B8 21 79 D0 16
0050 | 27 46 00 12 8E C8 6B 8E 70 5D 09 B6 C9 23 9A A6
0060 | 97 A9 9D 0D 6B 9F 39 7B 58 12 2C 49 20 5C 60 62
0070 | 90 C6 4B 67 FD 47 AA 12 5E BC 78 20 89 1E 11 7C
0080 | 99 10 98 4D 5F 82 4F 3B 51 3E 11 2E 73 3D 3A 79
0090 | 5C 0C 82 F1 59 36 4B 35 9F ED 51 E0 65 AE 46 4E
00A0 | 0A DF F0 5E 65 75 95 EF 0D DE 7D 28 D7 3A 86 42
00B0 | 04 85 48 3C BD 77 AD EE 1B AF CB 00 02 07 4D 76
00C0 | 6A C6 B7 C3 0D 4B 41 2F E2 DE 9B C7 0E FD 5D C2
00D0 | E7 BA A4 D5 2E 96 AF E6 8A FB 4D E4 C1 8E 16 03
00E0 | 4E 1F 0D 1E D8 93 07 B7 32 45 95 BF 8F DF 83 4C
00F0 | 10 9E A1 E0 B9 D9 D0 B6 56 A3 B3 BB B1 C3 FC 36
0100 | 27 FF F3 DE 47 0D 22 C8 37 5B 6C 76 99 AD 67 EF
0110 | 0F 72 0B 16 F9 EA 69 5C 53 0D 13 E5 85 A7 E6 12
0120 | 90 99 58 17 CB 21 ED 22 CD 74 BB 94 21 8C 39 CB
0130 | A8 60 F6 65 3E 43 BB C7 2C 02 A0 47 B8 11 CD 4D
0140 | 6A 48 46 EF A8 D3 F9 19 06 D9 05 6A AF 89 0E 0E
0150 | F5 1E A3 A7 2D FC 7F B6 CE 81 74 6F 1E A0 45 CF
0160 | B5 71 4D 2A E0 4E C0 12 CF 9A 44 24 CC B2 3C CC
0170 | BB 4C 84 82 CE BF 06 4B EE 18 EE AF 2A 43 85 01
0180 | 99 C7 44 31 ED BB 10 5C 63 CA 66 BA 31 37 84 40
0190 | 5D B0 E7 4F DD 70 D0 D5 E2 2E FD 16 57 2B 79 0F
01A0 | 9C E2 03 5E 51 E6 8B 82 7B 1B 7C 8E 36 48 E2 C3
01B0 | 7F BE F2 4A D2 5D 7E 97 95 B9 18 3D B2 C8 6E 30
01C0 | 8B 31 04 6E E2 92 3C C6 58 12 2F C9 02 40 95 C2
01D0 | 93 F7 E7 F7 E9 59 6C C0 75 0F 55 86 F2 0F 85 6A
01E0 | 56 1F A6 E2 FE 66 06 7C C7 5B A0 F1 A9 ED 76 C9
01F0 | FE DC 8B 13 77 FB DB 9C CC D0 29 37 DD 8E EA 22
0200 | 58 54 5A AA AB 6C BC 77 D9 1D 3F 22 87 41 DE 65
0210 | AB 49 26 4B 36 1B 93 6D 7B E2 06 AA D1 90 4C A5
0220 | 3D 29 14 48 DA D1 98 8B B2 77 9F 15 F6 F9 E8 26
0230 | 2A 7E C2 69 0D 8A 19 4F 0A 66 E8 0C 2C 18 90 1C
0240 | FD 81 1B 7C 2A 6A 07 DE 5A 62 AC 53 E6 BC F0 67
0250 | 9B A3 00 C4 E3 50 1D DF C5 0B 2E 5E 64 69 5A 2F
0260 | 38 C8 97 AD 6C DF 59 6B EB C7 5F 57 AB C5 F2 92
0270 | 8D 7C AE E7 9C 23 66 BA 19 72 FE 1D 98 95 04 1D
0280 | 4D 7F C8 48 3C 96 46 BB 1E BE FB 4D</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>server_DH_params_fail#79cb045d nonce:int128 server_nonce:int128 new_nonce_hash:int128 = Server_DH_Params;
server_DH_params_ok#d0e8075c nonce:int128 server_nonce:int128 encrypted_answer:string = Server_DH_Params;</code></pre>
<pre><code>server_DH_params_ok#d0e8075c nonce:int128 server_nonce:int128 encrypted_answer:string = Server_DH_Params;</code></pre>
<table class="table">
<thead>
<tr>
@ -465,13 +458,13 @@ server_DH_params_ok#d0e8075c nonce:int128 server_nonce:int128 encrypted_answer:s
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>01647985599A9C64</code></td>
<td><code>01F4AA18DD9D9C64</code></td>
<td>Exact <code>unixtime*2^32</code>, <code>+(4*N)</code> if N messages with the same message ID were already generated</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>E8020000</code> (744 in decimal)</td>
<td><code>84020000</code> (644 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
@ -483,19 +476,19 @@ server_DH_params_ok#d0e8075c nonce:int128 server_nonce:int128 encrypted_answer:s
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>encrypted_answer</td>
<td>56, 596</td>
<td><code>FE500200F1B0F8E0E234D33F9E48D871</code> <code>E12FC90CE88EA536E0A561EE5463158E</code> <code>72208CF790CDAD29A3316DD8F36FB94C</code> <code>DD119BD77B4C7A62EFBC3E6EDC4010E8</code> <code>9E7208651C7262155C791F2352EBF97F</code> <code>C6883C59BB94033EDE006E252C46FA2F</code> <code>7B0BCAC6354AF423873F705BDE51AC92</code> <code>4F1B59258CDB03ABCA67AD5B2FF1847C</code> <code>F5DB3F0F0A65525DEAB4E0FEA2B3BDF7</code> <code>CB475215CFCBBF0782144B7A09153AF9</code> <code>ACB637AC8C3738977A480A1C367F1395</code> <code>404340E934F64628C17CD33FE5FDCB36</code> <code>2638ADC41834CEB6B43C25F8072593D2</code> <code>172FB2931AE1D74D5F62493A29EC52B3</code> <code>1C911956AD8B1057CEAB920BA102A70D</code> <code>B678A1FE5D5A7A428716F5CC063EBBEC</code> <code>F6776AF4AE2DD2E2BACBA28240B90E26</code> <code>76B05CE27F391275104412A65E5B56FC</code> <code>741B62FEA8BA1D612CF1FF83AE513226</code> <code>42B62B60582584D2459C946A497225C7</code> <code>55C03CA5219CFA50F900685CFD26D75E</code> <code>11267FF482A3CEA1DC50FAB87E08CB91</code> <code>4FA4F6583A1A69104E034DBA054670F2</code> <code>2AD266FE800D872428B5165DC54D87FF</code> <code>E992D31B25A0E04FFC7008D7E5BE0224</code> <code>30630330D365D7B28D33EC8F54D4DF5C</code> <code>5ED0D9E8A17535C8A03B25F4B297D4EC</code> <code>036D6AEEDF84653E63DDDEE7A2B91A0F</code> <code>0C2464FE56CD63D64315F77DDF6B4429</code> <code>E6C1EC7169FC1F74963154738E34DF12</code> <code>01E68BD03B5D7CBCC6D7E2820C4C05B5</code> <code>1AF167437E4263E243E45293246AC63C</code> <code>3B7AEE5DF2956385382161C876D78122</code> <code>845E70BF4A37C148E3CBEF4749FE92E6</code> <code>6B9DBA10321BEAF7728189CDCE8A0D80</code> <code>548FA16A369A8F6689B6E2FCE56520C4</code> <code>951422F2B213D917A56FF94F4D91BB96</code><br> <code>867A8761</code></td>
<td><code>FE500200702FF1032B5BA7264B04CD20</code> <code>AA980FB82179D016274600128EC86B8E</code> <code>705D09B6C9239AA697A99D0D6B9F397B</code> <code>58122C49205C606290C64B67FD47AA12</code> <code>5EBC7820891E117C9910984D5F824F3B</code> <code>513E112E733D3A795C0C82F159364B35</code> <code>9FED51E065AE464E0ADFF05E657595EF</code> <code>0DDE7D28D73A86420485483CBD77ADEE</code> <code>1BAFCB0002074D766AC6B7C30D4B412F</code> <code>E2DE9BC70EFD5DC2E7BAA4D52E96AFE6</code> <code>8AFB4DE4C18E16034E1F0D1ED89307B7</code> <code>324595BF8FDF834C109EA1E0B9D9D0B6</code> <code>56A3B3BBB1C3FC3627FFF3DE470D22C8</code> <code>375B6C7699AD67EF0F720B16F9EA695C</code> <code>530D13E585A7E61290995817CB21ED22</code> <code>CD74BB94218C39CBA860F6653E43BBC7</code> <code>2C02A047B811CD4D6A4846EFA8D3F919</code> <code>06D9056AAF890E0EF51EA3A72DFC7FB6</code> <code>CE81746F1EA045CFB5714D2AE04EC012</code> <code>CF9A4424CCB23CCCBB4C8482CEBF064B</code> <code>EE18EEAF2A43850199C74431EDBB105C</code> <code>63CA66BA313784405DB0E74FDD70D0D5</code> <code>E22EFD16572B790F9CE2035E51E68B82</code> <code>7B1B7C8E3648E2C37FBEF24AD25D7E97</code> <code>95B9183DB2C86E308B31046EE2923CC6</code> <code>58122FC9024095C293F7E7F7E9596CC0</code> <code>750F5586F20F856A561FA6E2FE66067C</code> <code>C75BA0F1A9ED76C9FEDC8B1377FBDB9C</code> <code>CCD02937DD8EEA2258545AAAAB6CBC77</code> <code>D91D3F228741DE65AB49264B361B936D</code> <code>7BE206AAD1904CA53D291448DAD1988B</code> <code>B2779F15F6F9E8262A7EC2690D8A194F</code> <code>0A66E80C2C18901CFD811B7C2A6A07DE</code> <code>5A62AC53E6BCF0679BA300C4E3501DDF</code> <code>C50B2E5E64695A2F38C897AD6CDF596B</code> <code>EBC75F57ABC5F2928D7CAEE79C2366BA</code> <code>1972FE1D9895041D4D7FC8483C9646BB</code><br> <code>1EBEFB4D</code></td>
<td>See <a href="#conversion-of-encrypted-answer-into-answer">Decomposition of encrypted_answer »</a></td>
</tr>
</tbody>
@ -504,20 +497,20 @@ server_DH_params_ok#d0e8075c nonce:int128 server_nonce:int128 encrypted_answer:s
<h1><a class="anchor" href="#41-server-dh-inner-data-decryption-and-deserialization" id="41-server-dh-inner-data-decryption-and-deserialization" name="41-server-dh-inner-data-decryption-and-deserialization"><i class="anchor-icon"></i></a>4.1 server_dh_inner_data decryption and deserialization</h1>
<p>Decrypt <code>encrypted_answer</code> using the reverse of the process specified in <a href="/mtproto/auth_key#5-server-responds-with">step 5</a>:</p>
<!-- start server_DH_inner_data_input -->
<pre><code>encrypted_answer = F1B0F8E0E234D33F9E48D871E12FC90CE88EA536E0A561EE5463158E72208CF790CDAD29A3316DD8F36FB94CDD119BD77B4C7A62EFBC3E6EDC4010E89E7208651C7262155C791F2352EBF97FC6883C59BB94033EDE006E252C46FA2F7B0BCAC6354AF423873F705BDE51AC924F1B59258CDB03ABCA67AD5B2FF1847CF5DB3F0F0A65525DEAB4E0FEA2B3BDF7CB475215CFCBBF0782144B7A09153AF9ACB637AC8C3738977A480A1C367F1395404340E934F64628C17CD33FE5FDCB362638ADC41834CEB6B43C25F8072593D2172FB2931AE1D74D5F62493A29EC52B31C911956AD8B1057CEAB920BA102A70DB678A1FE5D5A7A428716F5CC063EBBECF6776AF4AE2DD2E2BACBA28240B90E2676B05CE27F391275104412A65E5B56FC741B62FEA8BA1D612CF1FF83AE51322642B62B60582584D2459C946A497225C755C03CA5219CFA50F900685CFD26D75E11267FF482A3CEA1DC50FAB87E08CB914FA4F6583A1A69104E034DBA054670F22AD266FE800D872428B5165DC54D87FFE992D31B25A0E04FFC7008D7E5BE022430630330D365D7B28D33EC8F54D4DF5C5ED0D9E8A17535C8A03B25F4B297D4EC036D6AEEDF84653E63DDDEE7A2B91A0F0C2464FE56CD63D64315F77DDF6B4429E6C1EC7169FC1F74963154738E34DF1201E68BD03B5D7CBCC6D7E2820C4C05B51AF167437E4263E243E45293246AC63C3B7AEE5DF2956385382161C876D78122845E70BF4A37C148E3CBEF4749FE92E66B9DBA10321BEAF7728189CDCE8A0D80548FA16A369A8F6689B6E2FCE56520C4951422F2B213D917A56FF94F4D91BB96867A8761
tmp_aes_key = 83E6FC26B9543A3D5FE6357D7DF98DC7E5EDA4B1791A2973A414443CD6736E2B
tmp_aes_iv = F61B20DAF8A413BCEBE132A7EE9410C958F7B1C3537E82A7C35E899F77C0A68B</code></pre>
<pre><code>encrypted_answer = 702FF1032B5BA7264B04CD20AA980FB82179D016274600128EC86B8E705D09B6C9239AA697A99D0D6B9F397B58122C49205C606290C64B67FD47AA125EBC7820891E117C9910984D5F824F3B513E112E733D3A795C0C82F159364B359FED51E065AE464E0ADFF05E657595EF0DDE7D28D73A86420485483CBD77ADEE1BAFCB0002074D766AC6B7C30D4B412FE2DE9BC70EFD5DC2E7BAA4D52E96AFE68AFB4DE4C18E16034E1F0D1ED89307B7324595BF8FDF834C109EA1E0B9D9D0B656A3B3BBB1C3FC3627FFF3DE470D22C8375B6C7699AD67EF0F720B16F9EA695C530D13E585A7E61290995817CB21ED22CD74BB94218C39CBA860F6653E43BBC72C02A047B811CD4D6A4846EFA8D3F91906D9056AAF890E0EF51EA3A72DFC7FB6CE81746F1EA045CFB5714D2AE04EC012CF9A4424CCB23CCCBB4C8482CEBF064BEE18EEAF2A43850199C74431EDBB105C63CA66BA313784405DB0E74FDD70D0D5E22EFD16572B790F9CE2035E51E68B827B1B7C8E3648E2C37FBEF24AD25D7E9795B9183DB2C86E308B31046EE2923CC658122FC9024095C293F7E7F7E9596CC0750F5586F20F856A561FA6E2FE66067CC75BA0F1A9ED76C9FEDC8B1377FBDB9CCCD02937DD8EEA2258545AAAAB6CBC77D91D3F228741DE65AB49264B361B936D7BE206AAD1904CA53D291448DAD1988BB2779F15F6F9E8262A7EC2690D8A194F0A66E80C2C18901CFD811B7C2A6A07DE5A62AC53E6BCF0679BA300C4E3501DDFC50B2E5E64695A2F38C897AD6CDF596BEBC75F57ABC5F2928D7CAEE79C2366BA1972FE1D9895041D4D7FC8483C9646BB1EBEFB4D
tmp_aes_key = 81A769A19DC0ED0D3DABE397D479407674D72119F479C1425094F54AB0188100
tmp_aes_iv = 3C22B0B11A532C2778AEB3002E5331A7B5D59D62E0E72FA734EB7B62AABBEA0C</code></pre>
<!-- end server_DH_inner_data_input -->
<p>Yielding:</p>
<!-- start server_DH_inner_data_output -->
<pre><code>answer_with_hash = B0130D06F5DE68C63D9D8BAD16F534BEE3EE354BBA0D89B561079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B103000000FE000100C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5BFE0001002E356F542ED36C7C234A0C6DBA49CDF1B1D4510968CEF23450B0FC42F20B63757B95D5AFC1DCA0ED8E146219B411B0D254A7C740457F54E51C4EC8B6B9C97B84A23EA77E36D38A4230BE5D7B1E65BB3F0A4E6D486B22CB279703634AFE013962427A67D78C81FC74AD292FB970B3DFB4F00F93F0FB172B3C9069234E2154AC2D2CD52EA2015D693CF37308D81F1A27B92EE69B260B056A34ADBFC6496A419A24E2D8F54B048FCDD66AB99D0A3CD0DA36DE726019C11750F39FF63BAC6ADD9758286D44275535BB19B53AB57C7C890E0DE9DA13A50DC6F3E9F3C6EBD637489D6968960CC9991F69B0E2E1C306144395D303284C0C12D4376CB56BA051C060FCFF599A9C64A0D61A12CE49CCFA
answer = BA0D89B561079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B103000000FE000100C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5BFE0001002E356F542ED36C7C234A0C6DBA49CDF1B1D4510968CEF23450B0FC42F20B63757B95D5AFC1DCA0ED8E146219B411B0D254A7C740457F54E51C4EC8B6B9C97B84A23EA77E36D38A4230BE5D7B1E65BB3F0A4E6D486B22CB279703634AFE013962427A67D78C81FC74AD292FB970B3DFB4F00F93F0FB172B3C9069234E2154AC2D2CD52EA2015D693CF37308D81F1A27B92EE69B260B056A34ADBFC6496A419A24E2D8F54B048FCDD66AB99D0A3CD0DA36DE726019C11750F39FF63BAC6ADD9758286D44275535BB19B53AB57C7C890E0DE9DA13A50DC6F3E9F3C6EBD637489D6968960CC9991F69B0E2E1C306144395D303284C0C12D4376CB56BA051C060FCFF599A9C64A0D61A12CE49CCFA</code></pre>
<pre><code>answer_with_hash = B5268655881048B58B35EEAD840D915DB708F81EBA0D89B5365B3A127C5B5909490E6C3AECEC0126C2184E38BAC1649C35FD28FC20E9A7EA03000000FE000100C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5BFE000100AA3BB529DC2EF3C74A49AB7F8C9A84BFE86F5CC3ACBBBB5EE047566E5AF06CE56F10627D75F886ECD2777D1679B87E81523BB585DC50F768C9A419C22C260B6924B17A8F153B9F260FC161ECE1D595380FC33CDBDF552F019FB829E0701C005A7B849A71F9EF8C5141E01F152466F41BB9F13B0FEF8E0EFC3091DAF7C4A9E4F65F77B4D3F15EC3977FFA6CB6BAB7F995E2CE25398E09DA9EAD7AAA4BF05A9133B954080F7B258F20C0FADE9E44A7B2AA73E51D91AC86720335CBB38A3DB90689D85233899F292228EFB6FD285923760A5E220ADC3F52B3E0265BFC5AB23E4DDC2D4E14E18B2811EE656B5A16586663289D02422C48F1B8D77017EFFCD276E5EDDD9D9C64A1FEA3302BD58173
answer = BA0D89B5365B3A127C5B5909490E6C3AECEC0126C2184E38BAC1649C35FD28FC20E9A7EA03000000FE000100C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5BFE000100AA3BB529DC2EF3C74A49AB7F8C9A84BFE86F5CC3ACBBBB5EE047566E5AF06CE56F10627D75F886ECD2777D1679B87E81523BB585DC50F768C9A419C22C260B6924B17A8F153B9F260FC161ECE1D595380FC33CDBDF552F019FB829E0701C005A7B849A71F9EF8C5141E01F152466F41BB9F13B0FEF8E0EFC3091DAF7C4A9E4F65F77B4D3F15EC3977FFA6CB6BAB7F995E2CE25398E09DA9EAD7AAA4BF05A9133B954080F7B258F20C0FADE9E44A7B2AA73E51D91AC86720335CBB38A3DB90689D85233899F292228EFB6FD285923760A5E220ADC3F52B3E0265BFC5AB23E4DDC2D4E14E18B2811EE656B5A16586663289D02422C48F1B8D77017EFFCD276E5EDDD9D9C64A1FEA3302BD58173</code></pre>
<!-- end server_DH_inner_data_output -->
<!-- start server_DH_inner_data -->
<p>Generated payload (excluding transport headers/trailers):</p>
<pre><code>0000 | BA 0D 89 B5 61 07 9B D3 CE 40 0A AA C0 6A 7E C0
0010 | F9 E7 0A F2 F3 3B CB F4 A8 C2 3D 6A EE 2D 08 5D
0020 | 77 13 F5 B1 03 00 00 00 FE 00 01 00 C7 1C AE B9
<pre><code>0000 | BA 0D 89 B5 36 5B 3A 12 7C 5B 59 09 49 0E 6C 3A
0010 | EC EC 01 26 C2 18 4E 38 BA C1 64 9C 35 FD 28 FC
0020 | 20 E9 A7 EA 03 00 00 00 FE 00 01 00 C7 1C AE B9
0030 | C6 B1 C9 04 8E 6C 52 2F 70 F1 3F 73 98 0D 40 23
0040 | 8E 3E 21 C1 49 34 D0 37 56 3D 93 0F 48 19 8A 0A
0050 | A7 C1 40 58 22 94 93 D2 25 30 F4 DB FA 33 6F 6E
@ -534,23 +527,23 @@ answer = BA0D89B561079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B
0100 | F4 7B F9 59 D9 56 85 0C E9 29 85 1F 0D 81 15 F6
0110 | 35 B1 05 EE 2E 4E 15 D0 4B 24 54 BF 6F 4F AD F0
0120 | 34 B1 04 03 11 9C D8 E3 B9 2F CC 5B FE 00 01 00
0130 | 2E 35 6F 54 2E D3 6C 7C 23 4A 0C 6D BA 49 CD F1
0140 | B1 D4 51 09 68 CE F2 34 50 B0 FC 42 F2 0B 63 75
0150 | 7B 95 D5 AF C1 DC A0 ED 8E 14 62 19 B4 11 B0 D2
0160 | 54 A7 C7 40 45 7F 54 E5 1C 4E C8 B6 B9 C9 7B 84
0170 | A2 3E A7 7E 36 D3 8A 42 30 BE 5D 7B 1E 65 BB 3F
0180 | 0A 4E 6D 48 6B 22 CB 27 97 03 63 4A FE 01 39 62
0190 | 42 7A 67 D7 8C 81 FC 74 AD 29 2F B9 70 B3 DF B4
01A0 | F0 0F 93 F0 FB 17 2B 3C 90 69 23 4E 21 54 AC 2D
01B0 | 2C D5 2E A2 01 5D 69 3C F3 73 08 D8 1F 1A 27 B9
01C0 | 2E E6 9B 26 0B 05 6A 34 AD BF C6 49 6A 41 9A 24
01D0 | E2 D8 F5 4B 04 8F CD D6 6A B9 9D 0A 3C D0 DA 36
01E0 | DE 72 60 19 C1 17 50 F3 9F F6 3B AC 6A DD 97 58
01F0 | 28 6D 44 27 55 35 BB 19 B5 3A B5 7C 7C 89 0E 0D
0200 | E9 DA 13 A5 0D C6 F3 E9 F3 C6 EB D6 37 48 9D 69
0210 | 68 96 0C C9 99 1F 69 B0 E2 E1 C3 06 14 43 95 D3
0220 | 03 28 4C 0C 12 D4 37 6C B5 6B A0 51 C0 60 FC FF
0230 | 59 9A 9C 64</code></pre>
0130 | AA 3B B5 29 DC 2E F3 C7 4A 49 AB 7F 8C 9A 84 BF
0140 | E8 6F 5C C3 AC BB BB 5E E0 47 56 6E 5A F0 6C E5
0150 | 6F 10 62 7D 75 F8 86 EC D2 77 7D 16 79 B8 7E 81
0160 | 52 3B B5 85 DC 50 F7 68 C9 A4 19 C2 2C 26 0B 69
0170 | 24 B1 7A 8F 15 3B 9F 26 0F C1 61 EC E1 D5 95 38
0180 | 0F C3 3C DB DF 55 2F 01 9F B8 29 E0 70 1C 00 5A
0190 | 7B 84 9A 71 F9 EF 8C 51 41 E0 1F 15 24 66 F4 1B
01A0 | B9 F1 3B 0F EF 8E 0E FC 30 91 DA F7 C4 A9 E4 F6
01B0 | 5F 77 B4 D3 F1 5E C3 97 7F FA 6C B6 BA B7 F9 95
01C0 | E2 CE 25 39 8E 09 DA 9E AD 7A AA 4B F0 5A 91 33
01D0 | B9 54 08 0F 7B 25 8F 20 C0 FA DE 9E 44 A7 B2 AA
01E0 | 73 E5 1D 91 AC 86 72 03 35 CB B3 8A 3D B9 06 89
01F0 | D8 52 33 89 9F 29 22 28 EF B6 FD 28 59 23 76 0A
0200 | 5E 22 0A DC 3F 52 B3 E0 26 5B FC 5A B2 3E 4D DC
0210 | 2D 4E 14 E1 8B 28 11 EE 65 6B 5A 16 58 66 63 28
0220 | 9D 02 42 2C 48 F1 B8 D7 70 17 EF FC D2 76 E5 ED
0230 | DD 9D 9C 64</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>server_DH_inner_data#b5890dba nonce:int128 server_nonce:int128 g:int dh_prime:string g_a:string server_time:int = Server_DH_inner_data;</code></pre>
<table class="table">
@ -572,13 +565,13 @@ answer = BA0D89B561079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B
<tr>
<td>nonce</td>
<td>4, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>20, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
@ -596,13 +589,13 @@ answer = BA0D89B561079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B
<tr>
<td>g_a</td>
<td>300, 260</td>
<td><code>FE0001002E356F542ED36C7C234A0C6D</code> <code>BA49CDF1B1D4510968CEF23450B0FC42</code> <code>F20B63757B95D5AFC1DCA0ED8E146219</code> <code>B411B0D254A7C740457F54E51C4EC8B6</code> <code>B9C97B84A23EA77E36D38A4230BE5D7B</code> <code>1E65BB3F0A4E6D486B22CB279703634A</code> <code>FE013962427A67D78C81FC74AD292FB9</code> <code>70B3DFB4F00F93F0FB172B3C9069234E</code> <code>2154AC2D2CD52EA2015D693CF37308D8</code> <code>1F1A27B92EE69B260B056A34ADBFC649</code> <code>6A419A24E2D8F54B048FCDD66AB99D0A</code> <code>3CD0DA36DE726019C11750F39FF63BAC</code> <code>6ADD9758286D44275535BB19B53AB57C</code> <code>7C890E0DE9DA13A50DC6F3E9F3C6EBD6</code> <code>37489D6968960CC9991F69B0E2E1C306</code> <code>144395D303284C0C12D4376CB56BA051</code><br> <code>C060FCFF</code></td>
<td><code>FE000100AA3BB529DC2EF3C74A49AB7F</code> <code>8C9A84BFE86F5CC3ACBBBB5EE047566E</code> <code>5AF06CE56F10627D75F886ECD2777D16</code> <code>79B87E81523BB585DC50F768C9A419C2</code> <code>2C260B6924B17A8F153B9F260FC161EC</code> <code>E1D595380FC33CDBDF552F019FB829E0</code> <code>701C005A7B849A71F9EF8C5141E01F15</code> <code>2466F41BB9F13B0FEF8E0EFC3091DAF7</code> <code>C4A9E4F65F77B4D3F15EC3977FFA6CB6</code> <code>BAB7F995E2CE25398E09DA9EAD7AAA4B</code> <code>F05A9133B954080F7B258F20C0FADE9E</code> <code>44A7B2AA73E51D91AC86720335CBB38A</code> <code>3DB90689D85233899F292228EFB6FD28</code> <code>5923760A5E220ADC3F52B3E0265BFC5A</code> <code>B23E4DDC2D4E14E18B2811EE656B5A16</code> <code>586663289D02422C48F1B8D77017EFFC</code><br> <code>D276E5ED</code></td>
<td><code>g_a</code> diffie-hellman parameter</td>
</tr>
<tr>
<td>server_time</td>
<td>560, 4</td>
<td><code>599A9C64</code> (1687984729 in decimal)</td>
<td><code>DD9D9C64</code> (1687985629 in decimal)</td>
<td>Server time</td>
</tr>
</tbody>
@ -611,34 +604,34 @@ answer = BA0D89B561079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B
<h1><a class="anchor" href="#42-generate-diffie-helman-parameters" id="42-generate-diffie-helman-parameters" name="42-generate-diffie-helman-parameters"><i class="anchor-icon"></i></a>4.2. generate diffie-helman parameters</h1>
<p>First, generate a secure random 2048-bit number b:</p>
<!-- start b -->
<pre><code>b = BEB68C99A15F26F3590BB9E035CF2285590CDC8BCEC7DC112973D0D68FC78DD283FB7C38D39450FDA2B65BD7B4EBB25C042C4C1D7B52DAEEA7C40898984279DE8A5B4101D94A9621D2B4EF405864B0975FF21C6971B039161190346706C8A35473CA5B9E8CF0A1E3819D2DFA294270CEB6652DF940C26555425987513EAFD09CDD6F70C889DBBC1D1BBF287154760CC4BB3E80A8B313914F4017C22314A3DCDC634AE3BB7C33A45835E87A093706280FD7BEF2C1C3952BC19C55F2086E966EB374A635CC66D8B70899236C6E0944FF2353DE77610C9567ACC221FF036F29F463C0593DA02E90DE1AF4F65C1C709482610A76E71E20B1068B7DFC5D990E865D66</code></pre>
<pre><code>b = 3333AB3DDBC89A3297AFD5C1FD314F9F6F90D3FDFB47EEC50B6710C2378B98D18EDDB06FD1977780D8B10A5DE2B5CBAD8FADD3F6526F3ECB8AF27ADF629915701287D23BC30EC426C4DCF8663DA2D700A98617E74EEFDDA53F4F6DEC2086406FC9FD1EBF423380E57C796B599978B6A028A70CA23D9D53318A9CD17C4AF652CA9119AFB6031EBD15293D1BFEA24183FE033113FF79BCC7C9A472CFC4CEFC800793CBC2366777525895056107937C7C52C34CD318F91F8B59D5DAA100AE11A2C4381D2FC16086C8C46BA641CF25036F52575688956773C91C734D7BF63FBC699795669B832A879A93B06238720B35A46B4C8878627D96C18577C978BFE9499157</code></pre>
<!-- end b -->
<p>Then compute <code>g_b = pow(g, b) mod dh_prime</code></p>
<!-- start g_b -->
<pre><code>g_b = 2F96BE7689D134320851F8247F8B92A541EA353EFBE190F0B79A54451121A3A21B3AE5AD1F744A957804362EFFCB1199342FEB787873032801CC9B991349E86B9E6973A1337A67AE94A5E73BD312DD146B0659B25460A838612055B5A5823814F3AAA8DFBD54B8094C42994541407C11293DFC08FCEDB50665104207ECAAC3DEE4B5AEBC1742159B39F8B00D4CD49616F8C3AF5E50A69EBEE7B7913B91369BD9736F9A42B4697F0DB7B11B95A7C927DF7D72DD90A42B2B3B9D3F2281D27454F1CFE659B33832855DD95E65EB6CF34EAE308F7B2972016BBBDEB20C30782B587CA16C8CDEB87A5108975A6069BAAB97EDBBFB1E2C0B7C190142F66B4970C2D130</code></pre>
<pre><code>g_b = 3DE753B9F0985A68E14BD95E3B720FCB617EB5899AA28772C8B477BAD4FA9544C671AA9D4B3E2F90ABDC55B25A61AD4FE5132AD3CFEDC5EA196110F4E4F02656F57D61FCE05D660F129DD1B817A003F73783BA041103A199B0AAB76A13FFFC339C35DB8A368FCBB4B35387CB82A019886FEFB17227616BBE287818B5553E339247890288C2DC6077FE721F769F92751F637E1731D1101803E522F293D4BEB4B17FDF121FB5C23B8D0EF2B02A0706638FD6415B5A7E90B8A55AE6CA13E2F238BF4C7856D1406ED546D7A6A79CBCEDDBF2209C0F074502067B7A15B2AD28EE139D2250006ECE5A2449C87F2B0EAA0B2CB75CD97D775055495DB03C7E03F9F614DF</code></pre>
<!-- end g_b -->
<h1><a class="anchor" href="#43-generation-of-encrypted-data" id="43-generation-of-encrypted-data" name="43-generation-of-encrypted-data"><i class="anchor-icon"></i></a>4.3 generation of encrypted_data</h1>
<!-- start client_DH_inner_data -->
<p>Generated payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 54 B6 43 66 61 07 9B D3 CE 40 0A AA C0 6A 7E C0
0010 | F9 E7 0A F2 F3 3B CB F4 A8 C2 3D 6A EE 2D 08 5D
0020 | 77 13 F5 B1 00 00 00 00 00 00 00 00 FE 00 01 00
0030 | 2F 96 BE 76 89 D1 34 32 08 51 F8 24 7F 8B 92 A5
0040 | 41 EA 35 3E FB E1 90 F0 B7 9A 54 45 11 21 A3 A2
0050 | 1B 3A E5 AD 1F 74 4A 95 78 04 36 2E FF CB 11 99
0060 | 34 2F EB 78 78 73 03 28 01 CC 9B 99 13 49 E8 6B
0070 | 9E 69 73 A1 33 7A 67 AE 94 A5 E7 3B D3 12 DD 14
0080 | 6B 06 59 B2 54 60 A8 38 61 20 55 B5 A5 82 38 14
0090 | F3 AA A8 DF BD 54 B8 09 4C 42 99 45 41 40 7C 11
00A0 | 29 3D FC 08 FC ED B5 06 65 10 42 07 EC AA C3 DE
00B0 | E4 B5 AE BC 17 42 15 9B 39 F8 B0 0D 4C D4 96 16
00C0 | F8 C3 AF 5E 50 A6 9E BE E7 B7 91 3B 91 36 9B D9
00D0 | 73 6F 9A 42 B4 69 7F 0D B7 B1 1B 95 A7 C9 27 DF
00E0 | 7D 72 DD 90 A4 2B 2B 3B 9D 3F 22 81 D2 74 54 F1
00F0 | CF E6 59 B3 38 32 85 5D D9 5E 65 EB 6C F3 4E AE
0100 | 30 8F 7B 29 72 01 6B BB DE B2 0C 30 78 2B 58 7C
0110 | A1 6C 8C DE B8 7A 51 08 97 5A 60 69 BA AB 97 ED
0120 | BB FB 1E 2C 0B 7C 19 01 42 F6 6B 49 70 C2 D1 30</code></pre>
<pre><code>0000 | 54 B6 43 66 36 5B 3A 12 7C 5B 59 09 49 0E 6C 3A
0010 | EC EC 01 26 C2 18 4E 38 BA C1 64 9C 35 FD 28 FC
0020 | 20 E9 A7 EA 00 00 00 00 00 00 00 00 FE 00 01 00
0030 | 3D E7 53 B9 F0 98 5A 68 E1 4B D9 5E 3B 72 0F CB
0040 | 61 7E B5 89 9A A2 87 72 C8 B4 77 BA D4 FA 95 44
0050 | C6 71 AA 9D 4B 3E 2F 90 AB DC 55 B2 5A 61 AD 4F
0060 | E5 13 2A D3 CF ED C5 EA 19 61 10 F4 E4 F0 26 56
0070 | F5 7D 61 FC E0 5D 66 0F 12 9D D1 B8 17 A0 03 F7
0080 | 37 83 BA 04 11 03 A1 99 B0 AA B7 6A 13 FF FC 33
0090 | 9C 35 DB 8A 36 8F CB B4 B3 53 87 CB 82 A0 19 88
00A0 | 6F EF B1 72 27 61 6B BE 28 78 18 B5 55 3E 33 92
00B0 | 47 89 02 88 C2 DC 60 77 FE 72 1F 76 9F 92 75 1F
00C0 | 63 7E 17 31 D1 10 18 03 E5 22 F2 93 D4 BE B4 B1
00D0 | 7F DF 12 1F B5 C2 3B 8D 0E F2 B0 2A 07 06 63 8F
00E0 | D6 41 5B 5A 7E 90 B8 A5 5A E6 CA 13 E2 F2 38 BF
00F0 | 4C 78 56 D1 40 6E D5 46 D7 A6 A7 9C BC ED DB F2
0100 | 20 9C 0F 07 45 02 06 7B 7A 15 B2 AD 28 EE 13 9D
0110 | 22 50 00 6E CE 5A 24 49 C8 7F 2B 0E AA 0B 2C B7
0120 | 5C D9 7D 77 50 55 49 5D B0 3C 7E 03 F9 F6 14 DF</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>client_DH_inner_data#6643b654 nonce:int128 server_nonce:int128 retry_id:long g_b:string = Client_DH_Inner_Data;</code></pre>
<table class="table">
@ -660,73 +653,73 @@ answer = BA0D89B561079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B
<tr>
<td>nonce</td>
<td>4, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>20, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>g_b</td>
<td>36, 260</td>
<td><code>FE0001002F96BE7689D134320851F824</code> <code>7F8B92A541EA353EFBE190F0B79A5445</code> <code>1121A3A21B3AE5AD1F744A957804362E</code> <code>FFCB1199342FEB787873032801CC9B99</code> <code>1349E86B9E6973A1337A67AE94A5E73B</code> <code>D312DD146B0659B25460A838612055B5</code> <code>A5823814F3AAA8DFBD54B8094C429945</code> <code>41407C11293DFC08FCEDB50665104207</code> <code>ECAAC3DEE4B5AEBC1742159B39F8B00D</code> <code>4CD49616F8C3AF5E50A69EBEE7B7913B</code> <code>91369BD9736F9A42B4697F0DB7B11B95</code> <code>A7C927DF7D72DD90A42B2B3B9D3F2281</code> <code>D27454F1CFE659B33832855DD95E65EB</code> <code>6CF34EAE308F7B2972016BBBDEB20C30</code> <code>782B587CA16C8CDEB87A5108975A6069</code> <code>BAAB97EDBBFB1E2C0B7C190142F66B49</code><br> <code>70C2D130</code></td>
<td><code>FE0001003DE753B9F0985A68E14BD95E</code> <code>3B720FCB617EB5899AA28772C8B477BA</code> <code>D4FA9544C671AA9D4B3E2F90ABDC55B2</code> <code>5A61AD4FE5132AD3CFEDC5EA196110F4</code> <code>E4F02656F57D61FCE05D660F129DD1B8</code> <code>17A003F73783BA041103A199B0AAB76A</code> <code>13FFFC339C35DB8A368FCBB4B35387CB</code> <code>82A019886FEFB17227616BBE287818B5</code> <code>553E339247890288C2DC6077FE721F76</code> <code>9F92751F637E1731D1101803E522F293</code> <code>D4BEB4B17FDF121FB5C23B8D0EF2B02A</code> <code>0706638FD6415B5A7E90B8A55AE6CA13</code> <code>E2F238BF4C7856D1406ED546D7A6A79C</code> <code>BCEDDBF2209C0F074502067B7A15B2AD</code> <code>28EE139D2250006ECE5A2449C87F2B0E</code> <code>AA0B2CB75CD97D775055495DB03C7E03</code><br> <code>F9F614DF</code></td>
<td>Single-byte prefix denoting length, a 256-byte (2048-bit) string, and zero bytes of padding</td>
</tr>
<tr>
<td>retry_id</td>
<td>296, 8</td>
<td><code>0000000000000000</code></td>
<td>Equal to zero at the time of the first attempt; otherwise, it is equal to <code>auth_key_aux_hash</code> from the previous failed attempt (see Item 7).</td>
<td>Equal to zero at the time of the first attempt; otherwise, it is equal to <code>auth_key_aux_hash</code> from the previous failed attempt (see <a href="/mtproto/auth_key#9-server-responds-in-one-of-three-ways">Item 9</a>).</td>
</tr>
</tbody>
</table>
<!-- end client_DH_inner_data -->
<p>The serialization of <em>Client_DH_Inner_Data</em> produces a string <strong>data</strong>. This is used to generate <strong>encrypted_data</strong> as specified in <a href="#6-client-computes-random-2048-bit-number-b-using-a-sufficient-amount-of-entropy-and-sends-the-server-a-message">step 6</a>, using the following inputs:</p>
<!-- start client_DH_inner_data_input -->
<pre><code>data = 54B6436661079BD3CE400AAAC06A7EC0F9E70AF2F33BCBF4A8C23D6AEE2D085D7713F5B10000000000000000FE0001002F96BE7689D134320851F8247F8B92A541EA353EFBE190F0B79A54451121A3A21B3AE5AD1F744A957804362EFFCB1199342FEB787873032801CC9B991349E86B9E6973A1337A67AE94A5E73BD312DD146B0659B25460A838612055B5A5823814F3AAA8DFBD54B8094C42994541407C11293DFC08FCEDB50665104207ECAAC3DEE4B5AEBC1742159B39F8B00D4CD49616F8C3AF5E50A69EBEE7B7913B91369BD9736F9A42B4697F0DB7B11B95A7C927DF7D72DD90A42B2B3B9D3F2281D27454F1CFE659B33832855DD95E65EB6CF34EAE308F7B2972016BBBDEB20C30782B587CA16C8CDEB87A5108975A6069BAAB97EDBBFB1E2C0B7C190142F66B4970C2D130
padding = 3F278A4C4010D41218A1D70F
tmp_aes_key = 83E6FC26B9543A3D5FE6357D7DF98DC7E5EDA4B1791A2973A414443CD6736E2B
tmp_aes_iv = F61B20DAF8A413BCEBE132A7EE9410C958F7B1C3537E82A7C35E899F77C0A68B</code></pre>
<pre><code>data = 54B64366365B3A127C5B5909490E6C3AECEC0126C2184E38BAC1649C35FD28FC20E9A7EA0000000000000000FE0001003DE753B9F0985A68E14BD95E3B720FCB617EB5899AA28772C8B477BAD4FA9544C671AA9D4B3E2F90ABDC55B25A61AD4FE5132AD3CFEDC5EA196110F4E4F02656F57D61FCE05D660F129DD1B817A003F73783BA041103A199B0AAB76A13FFFC339C35DB8A368FCBB4B35387CB82A019886FEFB17227616BBE287818B5553E339247890288C2DC6077FE721F769F92751F637E1731D1101803E522F293D4BEB4B17FDF121FB5C23B8D0EF2B02A0706638FD6415B5A7E90B8A55AE6CA13E2F238BF4C7856D1406ED546D7A6A79CBCEDDBF2209C0F074502067B7A15B2AD28EE139D2250006ECE5A2449C87F2B0EAA0B2CB75CD97D775055495DB03C7E03F9F614DF
padding = 8FD908884FACC949D9DC73DE
tmp_aes_key = 81A769A19DC0ED0D3DABE397D479407674D72119F479C1425094F54AB0188100
tmp_aes_iv = 3C22B0B11A532C2778AEB3002E5331A7B5D59D62E0E72FA734EB7B62AABBEA0C</code></pre>
<!-- end client_DH_inner_data_input -->
<p>Process:</p>
<pre><code>data_with_hash := SHA1(data) + data + padding (0-15 random bytes such that total length is divisible by 16)
encrypted_data := AES256_ige_encrypt (data_with_hash, tmp_aes_key, tmp_aes_iv);</code></pre>
<p>Output:</p>
<!-- start client_DH_inner_data_output -->
<pre><code>encrypted_data = 430A36E55F18CB44BFFFAC0272BCBE6F1FCFC589D2FD35A96EF285F383800F6CBBCC0B0A576827B237A41894BFFEFA5D9C880340CBB1CD4E016BE6A089ED80C41456397EFE2791707BBBD629C5CBAE237856BCFF5D3B057A26C9FA8917B6B218B10D1B7ADB62F471AEFDA26D2678C492B569D636E38DC46B1BDE833A980C16E4A1D8E7CDE40AF26DD28E00CA34A8C01BE311550C81681B0E070CD627333E837E395980C93F69417BCA8864AECCF4211E949EA79FC3556F415E4F8C1B0454217759E8436132323A4251BBB051F17E4191C40BA003757918180EDF9537AC791C15093FED041F1FC0F0A88C39BAF6E463F1A90BAC6D7A3BE0C6195F3230DB264047341E2CB4067404FE078EB89E0745903DB1AA4BBDAB03E1DA91083D7F8D57AD0AC69948D00A380912E7F297CF86C316F7517798869B2185E9AEFADB2BDC07E2893D4B9FD06E723AC2FE0A96BD7532A424</code></pre>
<pre><code>encrypted_data = 93330604E44C6F993349C60F05C23EDC56B844B57C654AEDF19B44F5EF8DB9590F7D9A9F8E81C50C377E3481D8DF9DD585D45AE25D3B9E51CE4FF584130236697C14C6BBFD65599D53132AB5FB31FF4AAC92EC7F256B5F9CE8FFB747F77E9F81588D277E3DFFB9F14E3642ACD2A1F9BBE66054608627027692D2A08DCC6671A4E6A43EFF37053E7F57DA1E04D8D6395D27BD09D7D49F46713CF0232073B342A3E2F34D23D9D8CD70E154A713B0AFACC27910ABC49D99EBA882FEBC22F6A5E7FD5AE5ABF49352372FA64D9D11BF4380197C59AEDE23D11DD7E09FABDD85A6173CD0CB8F1DFD7D0301C6DD4E40FDDC9C3A80C1E5ABDC51ADFEF357753C7B7D4DE4E8A4CAF10DF7248BCDACE125A08A35CBF4A021CFA1D78F606EE604BA14F012B13F22252C952FD52B0560679C63168188B07805E45613C7EFEE8C5495E72931C2553A0FCA7BB11D3ED48F1A5043DC776D</code></pre>
<!-- end client_DH_inner_data_output -->
<p>The length of the final string is 336 bytes.</p>
<h1><a class="anchor" href="#5-request-set-client-dh-params" id="5-request-set-client-dh-params" name="5-request-set-client-dh-params"><i class="anchor-icon"></i></a>5. request set_client_dh_params</h1>
<!-- start set_client_DH_params -->
<p>Sent payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 04 00 00 00 59 9A 9C 64
0010 | 78 01 00 00 1F 5F 04 F5 61 07 9B D3 CE 40 0A AA
0020 | C0 6A 7E C0 F9 E7 0A F2 F3 3B CB F4 A8 C2 3D 6A
0030 | EE 2D 08 5D 77 13 F5 B1 FE 50 01 00 43 0A 36 E5
0040 | 5F 18 CB 44 BF FF AC 02 72 BC BE 6F 1F CF C5 89
0050 | D2 FD 35 A9 6E F2 85 F3 83 80 0F 6C BB CC 0B 0A
0060 | 57 68 27 B2 37 A4 18 94 BF FE FA 5D 9C 88 03 40
0070 | CB B1 CD 4E 01 6B E6 A0 89 ED 80 C4 14 56 39 7E
0080 | FE 27 91 70 7B BB D6 29 C5 CB AE 23 78 56 BC FF
0090 | 5D 3B 05 7A 26 C9 FA 89 17 B6 B2 18 B1 0D 1B 7A
00A0 | DB 62 F4 71 AE FD A2 6D 26 78 C4 92 B5 69 D6 36
00B0 | E3 8D C4 6B 1B DE 83 3A 98 0C 16 E4 A1 D8 E7 CD
00C0 | E4 0A F2 6D D2 8E 00 CA 34 A8 C0 1B E3 11 55 0C
00D0 | 81 68 1B 0E 07 0C D6 27 33 3E 83 7E 39 59 80 C9
00E0 | 3F 69 41 7B CA 88 64 AE CC F4 21 1E 94 9E A7 9F
00F0 | C3 55 6F 41 5E 4F 8C 1B 04 54 21 77 59 E8 43 61
0100 | 32 32 3A 42 51 BB B0 51 F1 7E 41 91 C4 0B A0 03
0110 | 75 79 18 18 0E DF 95 37 AC 79 1C 15 09 3F ED 04
0120 | 1F 1F C0 F0 A8 8C 39 BA F6 E4 63 F1 A9 0B AC 6D
0130 | 7A 3B E0 C6 19 5F 32 30 DB 26 40 47 34 1E 2C B4
0140 | 06 74 04 FE 07 8E B8 9E 07 45 90 3D B1 AA 4B BD
0150 | AB 03 E1 DA 91 08 3D 7F 8D 57 AD 0A C6 99 48 D0
0160 | 0A 38 09 12 E7 F2 97 CF 86 C3 16 F7 51 77 98 86
0170 | 9B 21 85 E9 AE FA DB 2B DC 07 E2 89 3D 4B 9F D0
0180 | 6E 72 3A C2 FE 0A 96 BD 75 32 A4 24</code></pre>
<pre><code>0000 | 00 00 00 00 00 00 00 00 00 00 00 00 DD 9D 9C 64
0010 | 78 01 00 00 1F 5F 04 F5 36 5B 3A 12 7C 5B 59 09
0020 | 49 0E 6C 3A EC EC 01 26 C2 18 4E 38 BA C1 64 9C
0030 | 35 FD 28 FC 20 E9 A7 EA FE 50 01 00 93 33 06 04
0040 | E4 4C 6F 99 33 49 C6 0F 05 C2 3E DC 56 B8 44 B5
0050 | 7C 65 4A ED F1 9B 44 F5 EF 8D B9 59 0F 7D 9A 9F
0060 | 8E 81 C5 0C 37 7E 34 81 D8 DF 9D D5 85 D4 5A E2
0070 | 5D 3B 9E 51 CE 4F F5 84 13 02 36 69 7C 14 C6 BB
0080 | FD 65 59 9D 53 13 2A B5 FB 31 FF 4A AC 92 EC 7F
0090 | 25 6B 5F 9C E8 FF B7 47 F7 7E 9F 81 58 8D 27 7E
00A0 | 3D FF B9 F1 4E 36 42 AC D2 A1 F9 BB E6 60 54 60
00B0 | 86 27 02 76 92 D2 A0 8D CC 66 71 A4 E6 A4 3E FF
00C0 | 37 05 3E 7F 57 DA 1E 04 D8 D6 39 5D 27 BD 09 D7
00D0 | D4 9F 46 71 3C F0 23 20 73 B3 42 A3 E2 F3 4D 23
00E0 | D9 D8 CD 70 E1 54 A7 13 B0 AF AC C2 79 10 AB C4
00F0 | 9D 99 EB A8 82 FE BC 22 F6 A5 E7 FD 5A E5 AB F4
0100 | 93 52 37 2F A6 4D 9D 11 BF 43 80 19 7C 59 AE DE
0110 | 23 D1 1D D7 E0 9F AB DD 85 A6 17 3C D0 CB 8F 1D
0120 | FD 7D 03 01 C6 DD 4E 40 FD DC 9C 3A 80 C1 E5 AB
0130 | DC 51 AD FE F3 57 75 3C 7B 7D 4D E4 E8 A4 CA F1
0140 | 0D F7 24 8B CD AC E1 25 A0 8A 35 CB F4 A0 21 CF
0150 | A1 D7 8F 60 6E E6 04 BA 14 F0 12 B1 3F 22 25 2C
0160 | 95 2F D5 2B 05 60 67 9C 63 16 81 88 B0 78 05 E4
0170 | 56 13 C7 EF EE 8C 54 95 E7 29 31 C2 55 3A 0F CA
0180 | 7B B1 1D 3E D4 8F 1A 50 43 DC 77 6D</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>set_client_DH_params#f5045f1f nonce:int128 server_nonce:int128 encrypted_data:string = Set_client_DH_params_answer;</code></pre>
<table class="table">
@ -748,7 +741,7 @@ encrypted_data := AES256_ige_encrypt (data_with_hash, tmp_aes_key, tmp_aes_iv);<
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>04000000599A9C64</code></td>
<td><code>00000000DD9D9C64</code></td>
<td>Exact <code>unixtime*2^32</code>, <code>+(4*N)</code> if N messages with the same message ID were already generated</td>
</tr>
<tr>
@ -766,20 +759,20 @@ encrypted_data := AES256_ige_encrypt (data_with_hash, tmp_aes_key, tmp_aes_iv);<
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>encrypted_data</td>
<td>56, 340</td>
<td><code>FE500100430A36E55F18CB44BFFFAC02</code> <code>72BCBE6F1FCFC589D2FD35A96EF285F3</code> <code>83800F6CBBCC0B0A576827B237A41894</code> <code>BFFEFA5D9C880340CBB1CD4E016BE6A0</code> <code>89ED80C41456397EFE2791707BBBD629</code> <code>C5CBAE237856BCFF5D3B057A26C9FA89</code> <code>17B6B218B10D1B7ADB62F471AEFDA26D</code> <code>2678C492B569D636E38DC46B1BDE833A</code> <code>980C16E4A1D8E7CDE40AF26DD28E00CA</code> <code>34A8C01BE311550C81681B0E070CD627</code> <code>333E837E395980C93F69417BCA8864AE</code> <code>CCF4211E949EA79FC3556F415E4F8C1B</code> <code>0454217759E8436132323A4251BBB051</code> <code>F17E4191C40BA003757918180EDF9537</code> <code>AC791C15093FED041F1FC0F0A88C39BA</code> <code>F6E463F1A90BAC6D7A3BE0C6195F3230</code> <code>DB264047341E2CB4067404FE078EB89E</code> <code>0745903DB1AA4BBDAB03E1DA91083D7F</code> <code>8D57AD0AC69948D00A380912E7F297CF</code> <code>86C316F7517798869B2185E9AEFADB2B</code> <code>DC07E2893D4B9FD06E723AC2FE0A96BD</code><br> <code>7532A424</code></td>
<td>Encrypted client_DH_inner_data generated previously</td>
<td><code>FE50010093330604E44C6F993349C60F</code> <code>05C23EDC56B844B57C654AEDF19B44F5</code> <code>EF8DB9590F7D9A9F8E81C50C377E3481</code> <code>D8DF9DD585D45AE25D3B9E51CE4FF584</code> <code>130236697C14C6BBFD65599D53132AB5</code> <code>FB31FF4AAC92EC7F256B5F9CE8FFB747</code> <code>F77E9F81588D277E3DFFB9F14E3642AC</code> <code>D2A1F9BBE66054608627027692D2A08D</code> <code>CC6671A4E6A43EFF37053E7F57DA1E04</code> <code>D8D6395D27BD09D7D49F46713CF02320</code> <code>73B342A3E2F34D23D9D8CD70E154A713</code> <code>B0AFACC27910ABC49D99EBA882FEBC22</code> <code>F6A5E7FD5AE5ABF49352372FA64D9D11</code> <code>BF4380197C59AEDE23D11DD7E09FABDD</code> <code>85A6173CD0CB8F1DFD7D0301C6DD4E40</code> <code>FDDC9C3A80C1E5ABDC51ADFEF357753C</code> <code>7B7D4DE4E8A4CAF10DF7248BCDACE125</code> <code>A08A35CBF4A021CFA1D78F606EE604BA</code> <code>14F012B13F22252C952FD52B0560679C</code> <code>63168188B07805E45613C7EFEE8C5495</code> <code>E72931C2553A0FCA7BB11D3ED48F1A50</code><br> <code>43DC776D</code></td>
<td>Encrypted client_DH_inner_data generated previously, serialized as a TL byte string</td>
</tr>
</tbody>
</table>
@ -787,21 +780,19 @@ encrypted_data := AES256_ige_encrypt (data_with_hash, tmp_aes_key, tmp_aes_iv);<
<h1><a class="anchor" href="#6-auth-key-generation" id="6-auth-key-generation" name="6-auth-key-generation"><i class="anchor-icon"></i></a>6. auth key generation</h1>
<p>The client computes the auth_key using formula <code>g_a^b mod dh_prime</code>:</p>
<!-- start auth_key -->
<pre><code>auth_key = 387F13DD24C48755BB0B3F4EF874E0AE86EAE3236676695D30BCC0005ECD0836F9968DAB19B362E4A2C0E0A1DDB1E0DCDA225A2571D5D911EFBE764CA97123799117B3AC18FA749F287B304156427DCECF1D4C16A2922C9727D0CF004EA075C22A37B0D901933DEFAF27A6D1D7FC57024E02E5D12ECF9D6C1ADF1E7A1B5A85284FA29B09DA5BD5ACB0DAE6580B88C026E97F2BFDCFF183C9661DFD639804B3DFB175EA755E9D9B02DA907B299C4A84B070C0A517E27F395B8ABA67C923583BF0493A27559C9716951B554669D0A33AD6E9A8D78C5EE1E89A03A177B06833B45DD60A5680E46F6B03B7C94ECAF5E7E31B3B03D28F59E237D764E80973C1F05C98</code></pre>
<pre><code>auth_key = 05ACE659A2FCCFDE0B093E1FAC47A3FA50D252047AE565F40311FC448366518D7419AA9E1ACE2AAB527BAF62405988E30B8A604BA8FADFEDCB0E36A0C9DD11CEF496105F252996DDC7925D5BB0DDA956448F460AC373FAF99575CC8D477C77B90261092265F272DF7B82753DEBDC86831D36FFF971F05CD9D9E5A09088FE293F2E9BCF08A75B66A9FE01D91CD75707B8F91BEAFD541EA235CB831CCF7694DFAB9C7E1BECF60CCBF2A38C1CD413DCB9D2E109153F66693A54E5DECAB905BBF1D7434D6FCF6A7C8D5A9787DA866ACC25B9F1317D7DD34C185ADD5A90861CF592DD0B8C09F825D26FDE8F3E17AE16478BB5D7F95AE11D4F674D8D21EAF6CC67CF29</code></pre>
<!-- end auth_key -->
<h1><a class="anchor" href="#7-reply-set-client-dh-params-answer" id="7-reply-set-client-dh-params-answer" name="7-reply-set-client-dh-params-answer"><i class="anchor-icon"></i></a>7. reply set_client_dh_params_answer</h1>
<p>The server verifies and confirms that auth_key_hash is unique: since it's unique, it replies with the following:</p>
<!-- start dh_gen_ok -->
<p>Received payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 CC C6 CE 59 9A 9C 64
0010 | 54 00 00 00 34 F7 CB 3B 61 07 9B D3 CE 40 0A AA
0020 | C0 6A 7E C0 F9 E7 0A F2 F3 3B CB F4 A8 C2 3D 6A
0030 | EE 2D 08 5D 77 13 F5 B1 C9 C0 EC 9D DD 5F 1A 18
0040 | 52 51 15 70 51 A6 94 1E</code></pre>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 A8 E5 65 DD 9D 9C 64
0010 | A0 00 00 00 34 F7 CB 3B 36 5B 3A 12 7C 5B 59 09
0020 | 49 0E 6C 3A EC EC 01 26 C2 18 4E 38 BA C1 64 9C
0030 | 35 FD 28 FC 20 E9 A7 EA 20 6C 98 37 3F A1 E0 49
0040 | 14 C0 9B E1 57 2B 96 3C</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>dh_gen_ok#3bcbf734 nonce:int128 server_nonce:int128 new_nonce_hash1:int128 = Set_client_DH_params_answer;
dh_gen_retry#46dc1fb9 nonce:int128 server_nonce:int128 new_nonce_hash2:int128 = Set_client_DH_params_answer;
dh_gen_fail#a69dae02 nonce:int128 server_nonce:int128 new_nonce_hash3:int128 = Set_client_DH_params_answer;</code></pre>
<pre><code>dh_gen_ok#3bcbf734 nonce:int128 server_nonce:int128 new_nonce_hash1:int128 = Set_client_DH_params_answer;</code></pre>
<table class="table">
<thead>
<tr>
@ -821,13 +812,13 @@ dh_gen_fail#a69dae02 nonce:int128 server_nonce:int128 new_nonce_hash3:int128 = S
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>01CCC6CE599A9C64</code></td>
<td><code>01A8E565DD9D9C64</code></td>
<td>Exact <code>unixtime*2^32</code>, <code>+(4*N)</code> if N messages with the same message ID were already generated</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>54000000</code> (84 in decimal)</td>
<td><code>A0000000</code> (160 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
@ -839,19 +830,19 @@ dh_gen_fail#a69dae02 nonce:int128 server_nonce:int128 new_nonce_hash3:int128 = S
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>61079BD3CE400AAAC06A7EC0F9E70AF2</code></td>
<td><code>365B3A127C5B5909490E6C3AECEC0126</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>F33BCBF4A8C23D6AEE2D085D7713F5B1</code></td>
<td><code>C2184E38BAC1649C35FD28FC20E9A7EA</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>new_nonce_hash1</td>
<td>56, 16</td>
<td><code>C9C0EC9DDD5F1A185251157051A6941E</code></td>
<td><code>206C98373FA1E04914C09BE1572B963C</code></td>
<td>The 128 lower-order bits of SHA1 of the byte string derived from the <code>new_nonce</code> string by adding a single byte with the value of 1, 2, or 3, and followed by another 8 bytes with <code>auth_key_aux_hash</code>. Different values are required to prevent an intruder from changing server response dh_gen_ok into dh_gen_retry.</td>
</tr>
</tbody>