OpenSource/telegram-crawler
OpenSource/telegram-crawler
1
0
Fork 0
mirror of https://github.com/MarshalX/telegram-crawler.git synced 2024-11-29 11:43:05 +01:00
Code Issues Projects Releases Packages Wiki Activity
telegram-crawler/data/web/blogfork.telegram.org/mtproto/samples-auth_key.html
GitHub Action 7e2a25065a Update content of files
2023-10-22 15:31:15 +00:00

931 lines
49 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html class="">
<head>
<meta charset="utf-8">
<title>Auth key generation example</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta property="description" content="A full auth key generation example">
<meta property="og:title" content="Auth key generation example">
<meta property="og:image" content="71a15765997de28d38">
<meta property="og:description" content="A full auth key generation example">
<link rel="icon" type="image/svg+xml" href="/img/website_icon.svg?4">
<link rel="apple-touch-icon" sizes="180x180" href="/img/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/img/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/img/favicon-16x16.png">
<link rel="alternate icon" href="/img/favicon.ico" type="image/x-icon" />
<link href="/css/bootstrap.min.css?3" rel="stylesheet">
<link href="/css/telegram.css?236" rel="stylesheet" media="screen">
<style>
</style>
</head>
<body class="preload">
<div class="dev_page_wrap">
<div class="dev_page_head navbar navbar-static-top navbar-tg">
<div class="navbar-inner">
<div class="container clearfix">
<ul class="nav navbar-nav navbar-right hidden-xs"><li class="navbar-twitter"><a href="https://twitter.com/telegram" target="_blank" data-track="Follow/Twitter" onclick="trackDlClick(this, event)"><i class="icon icon-twitter"></i><span> Twitter</span></a></li></ul>
<ul class="nav navbar-nav">
<li><a href="//telegram.org/">Home</a></li>
<li class="hidden-xs"><a href="//telegram.org/faq">FAQ</a></li>
<li class="hidden-xs"><a href="//telegram.org/apps">Apps</a></li>
<li class=""><a href="/api">API</a></li>
<li class="active"><a href="/mtproto">Protocol</a></li>
<li class=""><a href="/schema">Schema</a></li>
</ul>
</div>
</div>
</div>
<div class="container clearfix">
<div class="dev_page">
<div id="dev_page_content_wrap" class=" ">
<div class="dev_page_bread_crumbs"><ul class="breadcrumb clearfix"><li><a href="/mtproto" >Mobile Protocol</a></li><i class="icon icon-breadcrumb-divider"></i><li><a href="/mtproto/samples-auth_key" >Auth key generation example</a></li></ul></div>
<h1 id="dev_page_title">Auth key generation example</h1>
<div id="dev_page_content"><!-- scroll_nav -->
<p>In the examples below, the <a href="/mtproto#transport">transport</a> headers are omitted:</p>
<blockquote>
<p>For example, for the <a href="/mtproto/mtproto-transports#abridged">abridged version of the transport »</a>, the client sends <code>0xef</code> as the first byte (<strong>important:</strong> only prior to the very first data packet), then the packet length is encoded with a single byte (<code>0x01-0x7e</code> = data length divided by 4; or <code>0x7f</code> followed by 3 bytes (little endian) divided by 4) followed by the data itself. In this case, server responses have the same structure (although the server does not send <code>0xef</code>as the first byte).</p>
</blockquote>
<p>Detailed documentation on creating authorization keys is available <a href="/mtproto/auth_key">here »</a>.</p>
<h4><a class="anchor" href="#dh-exchange-initiation" id="dh-exchange-initiation" name="dh-exchange-initiation"><i class="anchor-icon"></i></a>DH exchange initiation</h4>
<h5><a class="anchor" href="#1-client-sends-query-to-server" id="1-client-sends-query-to-server" name="1-client-sends-query-to-server"><i class="anchor-icon"></i></a>1) Client sends query to server</h5>
<!-- start req_pq_multi -->
<p>Sent payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 54 BC 00 00 FF 9A 9E 64
0010 | 14 00 00 00 F1 8E 7E BE DA 60 3B 0B 6C 74 D6 0E
0020 | C9 4A 04 D8 3A F2 02 7D</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>req_pq_multi#be7e8ef1 nonce:int128 = ResPQ;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>auth_key_id</td>
<td>0, 8</td>
<td><code>0000000000000000</code></td>
<td>0 since the message is in plain text</td>
</tr>
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>54BC0000FF9A9E64</code></td>
<td>Message ID generated as specified <a href="/mtproto/description#message-identifier-msg-id">here »</a> (unixtime() &lt;&lt; 32) + (N*4)</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>14000000</code> (20 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
<td>%(req_pq_multi)</td>
<td>20, 4</td>
<td><code>f18e7ebe</code></td>
<td><em>req_pq_multi</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Random number</td>
</tr>
</tbody>
</table>
<!-- end req_pq_multi -->
<h5><a class="anchor" href="#2-server-sends-response-of-the-form" id="2-server-sends-response-of-the-form" name="2-server-sends-response-of-the-form"><i class="anchor-icon"></i></a>2) Server sends response of the form</h5>
<!-- start resPQ -->
<p>Received payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 64 63 C2 FF 9A 9E 64
0010 | 50 00 00 00 63 24 16 05 DA 60 3B 0B 6C 74 D6 0E
0020 | C9 4A 04 D8 3A F2 02 7D 8C 0C 71 9D 73 8B 75 78
0030 | 66 BA 31 F7 EF 43 97 39 08 1D 03 06 D7 8C 29 2A
0040 | 69 00 00 00 15 C4 B5 1C 03 00 00 00 A5 B7 F7 09
0050 | 35 5F C3 0B 21 6B E8 6C 02 2B B4 C3 85 FD 64 DE
0060 | 85 1D 9D D0</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>resPQ#05162463 nonce:int128 server_nonce:int128 pq:string server_public_key_fingerprints:Vector&lt;long&gt; = ResPQ;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>auth_key_id</td>
<td>0, 8</td>
<td><code>0000000000000000</code></td>
<td>0 since the message is in plain text</td>
</tr>
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>016463C2FF9A9E64</code></td>
<td>Message ID generated as specified <a href="/mtproto/description#message-identifier-msg-id">here »</a> (unixtime() &lt;&lt; 32) + (N*4)</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>50000000</code> (80 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
<td>%(resPQ)</td>
<td>20, 4</td>
<td><code>63241605</code></td>
<td><em>resPQ</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Server-generated random number</td>
</tr>
<tr>
<td>pq</td>
<td>56, 12</td>
<td><code>081D0306D78C292A69000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 2090522174869285481</td>
<td>Single-byte prefix denoting length, an 8-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>%(Vector long)</td>
<td>68, 4</td>
<td><code>15c4b51c</code></td>
<td><em>Vector t</em> constructor number from TL schema</td>
</tr>
<tr>
<td>count</td>
<td>72, 4</td>
<td><code>03000000</code></td>
<td>Number of elements in server_public_key_fingerprints</td>
</tr>
<tr>
<td>server_public_key_fingerprints[0]</td>
<td>76, 8</td>
<td><code>A5B7F709355FC30B</code></td>
<td>64 lower-order bits of <code>SHA1(server_public_key)</code></td>
</tr>
<tr>
<td>server_public_key_fingerprints[1]</td>
<td>84, 8</td>
<td><code>216BE86C022BB4C3</code></td>
<td>64 lower-order bits of <code>SHA1(server_public_key)</code></td>
</tr>
<tr>
<td>server_public_key_fingerprints[2]</td>
<td>92, 8</td>
<td><code>85FD64DE851D9DD0</code></td>
<td>64 lower-order bits of <code>SHA1(server_public_key)</code></td>
</tr>
</tbody>
</table>
<!-- end resPQ -->
<p>In our case, the client only has the following public keys, with the following fingerprints:</p>
<!-- start fingerprints -->
<ul>
<li><code>85FD64DE851D9DD0</code></li>
</ul>
<p>Let's choose the only matching key, the one with fingerprint equal to <code>85FD64DE851D9DD0</code>.</p>
<!-- end fingerprints -->
<h4><a class="anchor" href="#proof-of-work" id="proof-of-work" name="proof-of-work"><i class="anchor-icon"></i></a>Proof of work</h4>
<h5><a class="anchor" href="#3-client-decomposes-pq-into-prime-factors-such-that-p--q" id="3-client-decomposes-pq-into-prime-factors-such-that-p--q" name="3-client-decomposes-pq-into-prime-factors-such-that-p--q"><i class="anchor-icon"></i></a>3) Client decomposes pq into prime factors such that p &lt; q.</h5>
<!-- start pq -->
<pre><code>pq = 2090522174869285481</code></pre>
<p>Decompose into 2 prime cofactors <code>p &lt; q</code>: <code>2090522174869285481 = 1112973847 * 1878321023</code></p>
<pre><code>p = 1112973847
q = 1878321023</code></pre>
<!-- end pq -->
<h4><a class="anchor" href="#presenting-proof-of-work-server-authentication" id="presenting-proof-of-work-server-authentication" name="presenting-proof-of-work-server-authentication"><i class="anchor-icon"></i></a>Presenting proof of work; Server authentication</h4>
<h5><a class="anchor" href="#4-encrypted-data-payload-generation" id="4-encrypted-data-payload-generation" name="4-encrypted-data-payload-generation"><i class="anchor-icon"></i></a>4) <code>encrypted_data</code> payload generation</h5>
<p>First of all, generate an <code>encrypted_data</code> payload as follows:</p>
<!-- start p_q_inner_data_dc -->
<p>Generated payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 95 5F F5 A9 08 1D 03 06 D7 8C 29 2A 69 00 00 00
0010 | 04 42 56 A2 17 00 00 00 04 6F F4 E7 7F 00 00 00
0020 | DA 60 3B 0B 6C 74 D6 0E C9 4A 04 D8 3A F2 02 7D
0030 | 8C 0C 71 9D 73 8B 75 78 66 BA 31 F7 EF 43 97 39
0040 | 0E 63 58 A8 84 41 7C 48 A8 81 CD B2 44 E1 CE 7D
0050 | 3F F7 C4 E4 4E 38 10 39 EF DC E2 57 66 F4 8C E4
0060 | 02 00 00 00</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>p_q_inner_data_dc#a9f55f95 pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 dc:int = P_Q_inner_data;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>%(p_q_inner_data_dc)</td>
<td>0, 4</td>
<td><code>955ff5a9</code></td>
<td><em>p_q_inner_data_dc</em> constructor number from TL schema</td>
</tr>
<tr>
<td>pq</td>
<td>4, 12</td>
<td><code>081D0306D78C292A69000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 2090522174869285481</td>
<td>Single-byte prefix denoting length, 8-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>p</td>
<td>16, 8</td>
<td><code>044256A217000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1112973847</td>
<td>First prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>q</td>
<td>24, 8</td>
<td><code>046FF4E77F000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1878321023</td>
<td>Second prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>nonce</td>
<td>32, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>48, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>new_nonce</td>
<td>64, 32</td>
<td><code>0E6358A884417C48A881CDB244E1CE7D</code> <code>3FF7C4E44E381039EFDCE25766F48CE4</code></td>
<td>Client-generated random number</td>
</tr>
<tr>
<td>dc</td>
<td>96, 4</td>
<td><code>02000000</code> (2 in decimal)</td>
<td>DC ID: <code>10000</code> (decimal) has to be added to the DC ID to connect to the test servers; it has to be made negative if the DC we're connecting to is a media (not CDN) DC.</td>
</tr>
</tbody>
</table>
<!-- end p_q_inner_data_dc -->
<p>The serialization of <em>P_Q_inner_data</em> produces <strong>data</strong>, which is used to generate <strong>encrypted_data</strong> as specified in <a href="/mtproto/auth_key">step 4.1</a>.<br>
These are the inputs to the algorithm specified in <a href="/mtproto/auth_key">step 4.1</a>:</p>
<!-- start p_q_inner_data_input -->
<pre><code>data = 955FF5A9081D0306D78C292A69000000044256A217000000046FF4E77F000000DA603B0B6C74D60EC94A04D83AF2027D8C0C719D738B757866BA31F7EF4397390E6358A884417C48A881CDB244E1CE7D3FF7C4E44E381039EFDCE25766F48CE402000000
random_padding_bytes = 6A5F16CE16C2F010CF1F5B1305F4340A22E68A8BC48EC863A7F3FB907CBA6FFDE7C240684F1767F3ABECA72A65B6B737894D25CF280679407F569BD4F5A52BCEB645852B499E9A467DFFD015FC2AA75DE1AB51568B018CEE65999DD3</code></pre>
<!-- end p_q_inner_data_input -->
<p>And this is the output:</p>
<!-- start p_q_inner_data_output -->
<pre><code>encrypted_data = 978CD0DA71C89E58D5DD3A369FD23C91CDF29AE8DEF7D7FADC5303F2D7D0BF676E6408C20F9888167525245E891B2884D4894406FD34D0A3739BB89D8BEFC5982F4CE7D899CAD65156931C8048627A86C3549183D914CFFBCB3B39E2B719B1F243CEFBFEEB8E5EBCD0C343772500D27BA8CEB80A46FA4EEBD88435FDF979DF40938AC43C6947D55F7C3130122D5D90BAA23C03CDBD5EEDDF9D1F0D46054856E3A3F4A86E9BE4FF61E80FA5606A9A0D1F797DE334D6DE845B71C48544A5AC2ECEFC92F0194789C66085F6DBC1D81E6674A8CDAC6D1911BAEAE1279133C162A4091E04B85732AEBEC304C17DCD5A8637413EC2CAE8B00A06A2121179D4DBAACBB7</code></pre>
<!-- end p_q_inner_data_output -->
<p>The length of the final string is 256 bytes.</p>
<h5><a class="anchor" href="#5-send-req-dh-params-query-with-generated-encrypted-data" id="5-send-req-dh-params-query-with-generated-encrypted-data" name="5-send-req-dh-params-query-with-generated-encrypted-data"><i class="anchor-icon"></i></a>5) Send req_DH_params query with generated <code>encrypted_data</code></h5>
<!-- start req_DH_params -->
<p>Sent payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 9C A0 09 00 FF 9A 9E 64
0010 | 40 01 00 00 BE E4 12 D7 DA 60 3B 0B 6C 74 D6 0E
0020 | C9 4A 04 D8 3A F2 02 7D 8C 0C 71 9D 73 8B 75 78
0030 | 66 BA 31 F7 EF 43 97 39 04 42 56 A2 17 00 00 00
0040 | 04 6F F4 E7 7F 00 00 00 85 FD 64 DE 85 1D 9D D0
0050 | FE 00 01 00 97 8C D0 DA 71 C8 9E 58 D5 DD 3A 36
0060 | 9F D2 3C 91 CD F2 9A E8 DE F7 D7 FA DC 53 03 F2
0070 | D7 D0 BF 67 6E 64 08 C2 0F 98 88 16 75 25 24 5E
0080 | 89 1B 28 84 D4 89 44 06 FD 34 D0 A3 73 9B B8 9D
0090 | 8B EF C5 98 2F 4C E7 D8 99 CA D6 51 56 93 1C 80
00A0 | 48 62 7A 86 C3 54 91 83 D9 14 CF FB CB 3B 39 E2
00B0 | B7 19 B1 F2 43 CE FB FE EB 8E 5E BC D0 C3 43 77
00C0 | 25 00 D2 7B A8 CE B8 0A 46 FA 4E EB D8 84 35 FD
00D0 | F9 79 DF 40 93 8A C4 3C 69 47 D5 5F 7C 31 30 12
00E0 | 2D 5D 90 BA A2 3C 03 CD BD 5E ED DF 9D 1F 0D 46
00F0 | 05 48 56 E3 A3 F4 A8 6E 9B E4 FF 61 E8 0F A5 60
0100 | 6A 9A 0D 1F 79 7D E3 34 D6 DE 84 5B 71 C4 85 44
0110 | A5 AC 2E CE FC 92 F0 19 47 89 C6 60 85 F6 DB C1
0120 | D8 1E 66 74 A8 CD AC 6D 19 11 BA EA E1 27 91 33
0130 | C1 62 A4 09 1E 04 B8 57 32 AE BE C3 04 C1 7D CD
0140 | 5A 86 37 41 3E C2 CA E8 B0 0A 06 A2 12 11 79 D4
0150 | DB AA CB B7</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>req_DH_params#d712e4be nonce:int128 server_nonce:int128 p:string q:string public_key_fingerprint:long encrypted_data:string = Server_DH_Params;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>auth_key_id</td>
<td>0, 8</td>
<td><code>0000000000000000</code></td>
<td>0 since the message is in plain text</td>
</tr>
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>9CA00900FF9A9E64</code></td>
<td>Message ID generated as specified <a href="/mtproto/description#message-identifier-msg-id">here »</a> (unixtime() &lt;&lt; 32) + (N*4)</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>40010000</code> (320 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
<td>%(req_DH_params)</td>
<td>20, 4</td>
<td><code>bee412d7</code></td>
<td><em>req_DH_params</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>p</td>
<td>56, 8</td>
<td><code>044256A217000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1112973847</td>
<td>First prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>q</td>
<td>64, 8</td>
<td><code>046FF4E77F000000</code><br>TL byte deserialization <br>=&gt; bigendian conversion to decimal<br>=&gt; 1878321023</td>
<td>Second prime cofactor: single-byte prefix denoting length, 4-byte string, and three bytes of padding</td>
</tr>
<tr>
<td>public_key_fingerprint</td>
<td>72, 8</td>
<td><code>85FD64DE851D9DD0</code></td>
<td><code>fingerprint</code> of public key used</td>
</tr>
<tr>
<td>encrypted_data</td>
<td>80, 260</td>
<td><code>FE000100978CD0DA71C89E58D5DD3A36</code> <code>9FD23C91CDF29AE8DEF7D7FADC5303F2</code> <code>D7D0BF676E6408C20F9888167525245E</code> <code>891B2884D4894406FD34D0A3739BB89D</code> <code>8BEFC5982F4CE7D899CAD65156931C80</code> <code>48627A86C3549183D914CFFBCB3B39E2</code> <code>B719B1F243CEFBFEEB8E5EBCD0C34377</code> <code>2500D27BA8CEB80A46FA4EEBD88435FD</code> <code>F979DF40938AC43C6947D55F7C313012</code> <code>2D5D90BAA23C03CDBD5EEDDF9D1F0D46</code> <code>054856E3A3F4A86E9BE4FF61E80FA560</code> <code>6A9A0D1F797DE334D6DE845B71C48544</code> <code>A5AC2ECEFC92F0194789C66085F6DBC1</code> <code>D81E6674A8CDAC6D1911BAEAE1279133</code> <code>C162A4091E04B85732AEBEC304C17DCD</code> <code>5A8637413EC2CAE8B00A06A2121179D4</code><br> <code>DBAACBB7</code></td>
<td>Value generated above</td>
</tr>
</tbody>
</table>
<!-- end req_DH_params -->
<h5><a class="anchor" href="#6-server-responds-with" id="6-server-responds-with" name="6-server-responds-with"><i class="anchor-icon"></i></a>6) Server responds with:</h5>
<!-- start server_DH_params_ok -->
<p>Received payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 98 C2 50 00 9B 9E 64
0010 | 78 02 00 00 5C 07 E8 D0 DA 60 3B 0B 6C 74 D6 0E
0020 | C9 4A 04 D8 3A F2 02 7D 8C 0C 71 9D 73 8B 75 78
0030 | 66 BA 31 F7 EF 43 97 39 FE 50 02 00 A0 35 2C C0
0040 | 87 EA 1E 38 08 20 F7 C9 46 61 88 32 08 B6 F3 9D
0050 | 47 BA DA 5D C7 2B 94 D7 22 F6 F7 C4 19 4B D2 56
0060 | B0 75 4F BD 65 E2 C2 CA 64 28 AB 69 7A 3C D2 25
0070 | 5C 3C 28 96 7A 0B 83 3C 1B 51 C9 D5 73 F2 DE BC
0080 | B9 AE 8E BF 03 F6 C8 63 55 7D 44 02 7F 39 60 8B
0090 | 2C A0 2F C9 8F EF CD 0C 1F 31 54 95 E7 EC C8 B1
00A0 | 7A 33 47 D6 6C FD E0 35 3D E7 EB 42 1F E0 63 B0
00B0 | C2 E4 85 DC 3E F6 EB 7B AE 57 4B 21 DD DB F7 D2
00C0 | 73 BF D0 8B 0A 17 CF B9 34 0D D2 C9 C4 B6 FF F2
00D0 | 4E 02 DE 47 32 22 D0 86 9E D1 A2 2E C6 59 3F 3A
00E0 | 6E B6 55 07 2A CA B4 54 DC 17 33 A8 BA 64 A2 FA
00F0 | FC B9 67 9D 8F 1A 43 20 4C BB F3 59 60 5A FB A7
0100 | 7F 4F 4B 89 86 D8 A8 4B 35 76 83 38 09 78 BB 66
0110 | F7 15 8C 5A 89 ED 75 B1 07 99 8E 89 51 6D D9 33
0120 | DE DE 35 D2 FA 4F 53 DF 49 29 54 1B 45 26 FB 13
0130 | 49 38 1F 96 A8 57 EE FB 9D F2 65 84 FF 51 6F D0
0140 | 6B 23 67 96 0A 4E 38 6D 7D FA 06 7E 60 30 41 DB
0150 | 1A BD 27 48 28 BD 3D 5F B7 43 6D B2 B1 C2 5D 81
0160 | 05 F2 10 8A 48 AE 0B F4 19 65 24 E6 83 EC 10 CC
0170 | 3A B8 CD 58 35 8C 02 AC 41 D9 26 FF 1E CD 4A 5F
0180 | 19 36 98 6B C9 73 21 BD 4C 88 ED 7B 5F 09 4B 1E
0190 | 70 B7 2B 5E FC 1D 86 E9 82 43 05 19 52 35 F0 E0
01A0 | 66 F2 DF A0 BB D2 48 8C C8 8B B5 7A C7 89 59 59
01B0 | CB 1A FE BF B0 36 FB 92 00 E8 44 D2 60 31 A1 4A
01C0 | BB F5 18 B0 89 3A FA 4C 29 D7 B0 6C 69 0D 5A 7F
01D0 | D3 16 CC 92 08 17 D4 5E 7E FE BF EB B5 89 BA 99
01E0 | F4 10 40 93 29 6E 99 99 B0 9E A6 6A 72 67 9A DD
01F0 | BA CE C3 63 D1 50 E1 6D FB 8D 51 C4 6E 19 50 5D
0200 | C1 53 97 32 DD D3 CF F3 51 BD CE B2 8A D3 79 3C
0210 | 0D A3 08 D1 2A 31 3B D7 D2 66 BB BA 88 76 5E 20
0220 | F3 39 22 08 58 43 97 68 07 2F 26 C4 AB EC CE 48
0230 | A5 F8 99 C5 26 E5 26 6F 7A 4A 4E F2 F3 B0 8B 5F
0240 | 53 AB 6B 45 90 F9 E0 DF 8B 44 10 05 C8 0C E4 72
0250 | E2 68 31 F8 64 E0 A9 CE 06 C9 DF FE C4 E6 01 3A
0260 | 26 B8 23 A8 3B A4 64 3D 5F DD B6 DE EA F7 5D A3
0270 | 0C 87 AB FE 29 F4 71 DD 82 7B 39 9C 6E C5 9D 98
0280 | CE EE 1F D4 30 19 63 95 88 5F DB F9</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>server_DH_params_ok#d0e8075c nonce:int128 server_nonce:int128 encrypted_answer:string = Server_DH_Params;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>auth_key_id</td>
<td>0, 8</td>
<td><code>0000000000000000</code></td>
<td>0 since the message is in plain text</td>
</tr>
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>0198C250009B9E64</code></td>
<td>Message ID generated as specified <a href="/mtproto/description#message-identifier-msg-id">here »</a> (unixtime() &lt;&lt; 32) + (N*4)</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>78020000</code> (632 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
<td>%(server_DH_params_ok)</td>
<td>20, 4</td>
<td><code>5c07e8d0</code></td>
<td><em>server_DH_params_ok</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>encrypted_answer</td>
<td>56, 596</td>
<td><code>FE500200A0352CC087EA1E380820F7C9</code> <code>4661883208B6F39D47BADA5DC72B94D7</code> <code>22F6F7C4194BD256B0754FBD65E2C2CA</code> <code>6428AB697A3CD2255C3C28967A0B833C</code> <code>1B51C9D573F2DEBCB9AE8EBF03F6C863</code> <code>557D44027F39608B2CA02FC98FEFCD0C</code> <code>1F315495E7ECC8B17A3347D66CFDE035</code> <code>3DE7EB421FE063B0C2E485DC3EF6EB7B</code> <code>AE574B21DDDBF7D273BFD08B0A17CFB9</code> <code>340DD2C9C4B6FFF24E02DE473222D086</code> <code>9ED1A22EC6593F3A6EB655072ACAB454</code> <code>DC1733A8BA64A2FAFCB9679D8F1A4320</code> <code>4CBBF359605AFBA77F4F4B8986D8A84B</code> <code>357683380978BB66F7158C5A89ED75B1</code> <code>07998E89516DD933DEDE35D2FA4F53DF</code> <code>4929541B4526FB1349381F96A857EEFB</code> <code>9DF26584FF516FD06B2367960A4E386D</code> <code>7DFA067E603041DB1ABD274828BD3D5F</code> <code>B7436DB2B1C25D8105F2108A48AE0BF4</code> <code>196524E683EC10CC3AB8CD58358C02AC</code> <code>41D926FF1ECD4A5F1936986BC97321BD</code> <code>4C88ED7B5F094B1E70B72B5EFC1D86E9</code> <code>824305195235F0E066F2DFA0BBD2488C</code> <code>C88BB57AC7895959CB1AFEBFB036FB92</code> <code>00E844D26031A14ABBF518B0893AFA4C</code> <code>29D7B06C690D5A7FD316CC920817D45E</code> <code>7EFEBFEBB589BA99F4104093296E9999</code> <code>B09EA66A72679ADDBACEC363D150E16D</code> <code>FB8D51C46E19505DC1539732DDD3CFF3</code> <code>51BDCEB28AD3793C0DA308D12A313BD7</code> <code>D266BBBA88765E20F339220858439768</code> <code>072F26C4ABECCE48A5F899C526E5266F</code> <code>7A4A4EF2F3B08B5F53AB6B4590F9E0DF</code> <code>8B441005C80CE472E26831F864E0A9CE</code> <code>06C9DFFEC4E6013A26B823A83BA4643D</code> <code>5FDDB6DEEAF75DA30C87ABFE29F471DD</code> <code>827B399C6EC59D98CEEE1FD430196395</code><br> <code>885FDBF9</code></td>
<td>See below</td>
</tr>
</tbody>
</table>
<!-- end server_DH_params_ok -->
<p>Decrypt <code>encrypted_answer</code> using the reverse of the process specified in <a href="/mtproto/auth_key#6-server-responds-with">step 6</a>:</p>
<!-- start server_DH_inner_data_input -->
<pre><code>encrypted_answer = A0352CC087EA1E380820F7C94661883208B6F39D47BADA5DC72B94D722F6F7C4194BD256B0754FBD65E2C2CA6428AB697A3CD2255C3C28967A0B833C1B51C9D573F2DEBCB9AE8EBF03F6C863557D44027F39608B2CA02FC98FEFCD0C1F315495E7ECC8B17A3347D66CFDE0353DE7EB421FE063B0C2E485DC3EF6EB7BAE574B21DDDBF7D273BFD08B0A17CFB9340DD2C9C4B6FFF24E02DE473222D0869ED1A22EC6593F3A6EB655072ACAB454DC1733A8BA64A2FAFCB9679D8F1A43204CBBF359605AFBA77F4F4B8986D8A84B357683380978BB66F7158C5A89ED75B107998E89516DD933DEDE35D2FA4F53DF4929541B4526FB1349381F96A857EEFB9DF26584FF516FD06B2367960A4E386D7DFA067E603041DB1ABD274828BD3D5FB7436DB2B1C25D8105F2108A48AE0BF4196524E683EC10CC3AB8CD58358C02AC41D926FF1ECD4A5F1936986BC97321BD4C88ED7B5F094B1E70B72B5EFC1D86E9824305195235F0E066F2DFA0BBD2488CC88BB57AC7895959CB1AFEBFB036FB9200E844D26031A14ABBF518B0893AFA4C29D7B06C690D5A7FD316CC920817D45E7EFEBFEBB589BA99F4104093296E9999B09EA66A72679ADDBACEC363D150E16DFB8D51C46E19505DC1539732DDD3CFF351BDCEB28AD3793C0DA308D12A313BD7D266BBBA88765E20F339220858439768072F26C4ABECCE48A5F899C526E5266F7A4A4EF2F3B08B5F53AB6B4590F9E0DF8B441005C80CE472E26831F864E0A9CE06C9DFFEC4E6013A26B823A83BA4643D5FDDB6DEEAF75DA30C87ABFE29F471DD827B399C6EC59D98CEEE1FD430196395885FDBF9
tmp_aes_key = FD36AB8054D1E2F02F5205DC00729025F859AB708409CE4F32E82FDA951B0D7A
tmp_aes_iv = 049A211296D24BE36D7FFA1E3C30904487A544973922E4930CD594630E6358A8</code></pre>
<!-- end server_DH_inner_data_input -->
<p>Yielding:</p>
<!-- start server_DH_inner_data_output -->
<pre><code>answer_with_hash = 46A914334DFF3DF06D9A1E5330BF60A105E40B07BA0D89B5DA603B0B6C74D60EC94A04D83AF2027D8C0C719D738B757866BA31F7EF43973903000000FE000100C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5BFE00010035D6639175B1FF6E0AC40189370B3067AF8D52CEA7087E49E01707B5E6112CB33327267BD526CDCD1E971B0488E8C93510E86049B25F640170B02BDE609E83050E5FAB0654C03837E7832018152B11928E0F2E4C3327DBE2717E123CC5994EA0A6034CED7EAD34D99CA90D8940B2065897EBF617B9B1662E682053CDC75A31FD6D7B27B1B8FE868C8139752A4848A5493DFC71477009E0653D185051A7D6F6C3A59C2A89EC8B9BCDD87CB849893D709261D690E3843565DEB19B76B21FB8A0A28DE3BEA19869F1D73346909D17666F94778077C599761176248536A8BB944F4F73C366BF70A04D13326D227999E146C830A473FC9B1F3525263FE30B7D82C2B7009B9E644AD2ABF1F215707B
answer = BA0D89B5DA603B0B6C74D60EC94A04D83AF2027D8C0C719D738B757866BA31F7EF43973903000000FE000100C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5BFE00010035D6639175B1FF6E0AC40189370B3067AF8D52CEA7087E49E01707B5E6112CB33327267BD526CDCD1E971B0488E8C93510E86049B25F640170B02BDE609E83050E5FAB0654C03837E7832018152B11928E0F2E4C3327DBE2717E123CC5994EA0A6034CED7EAD34D99CA90D8940B2065897EBF617B9B1662E682053CDC75A31FD6D7B27B1B8FE868C8139752A4848A5493DFC71477009E0653D185051A7D6F6C3A59C2A89EC8B9BCDD87CB849893D709261D690E3843565DEB19B76B21FB8A0A28DE3BEA19869F1D73346909D17666F94778077C599761176248536A8BB944F4F73C366BF70A04D13326D227999E146C830A473FC9B1F3525263FE30B7D82C2B7009B9E644AD2ABF1F215707B</code></pre>
<!-- end server_DH_inner_data_output -->
<!-- start server_DH_inner_data -->
<p>Generated payload (excluding transport headers/trailers):</p>
<pre><code>0000 | BA 0D 89 B5 DA 60 3B 0B 6C 74 D6 0E C9 4A 04 D8
0010 | 3A F2 02 7D 8C 0C 71 9D 73 8B 75 78 66 BA 31 F7
0020 | EF 43 97 39 03 00 00 00 FE 00 01 00 C7 1C AE B9
0030 | C6 B1 C9 04 8E 6C 52 2F 70 F1 3F 73 98 0D 40 23
0040 | 8E 3E 21 C1 49 34 D0 37 56 3D 93 0F 48 19 8A 0A
0050 | A7 C1 40 58 22 94 93 D2 25 30 F4 DB FA 33 6F 6E
0060 | 0A C9 25 13 95 43 AE D4 4C CE 7C 37 20 FD 51 F6
0070 | 94 58 70 5A C6 8C D4 FE 6B 6B 13 AB DC 97 46 51
0080 | 29 69 32 84 54 F1 8F AF 8C 59 5F 64 24 77 FE 96
0090 | BB 2A 94 1D 5B CD 1D 4A C8 CC 49 88 07 08 FA 9B
00A0 | 37 8E 3C 4F 3A 90 60 BE E6 7C F9 A4 A4 A6 95 81
00B0 | 10 51 90 7E 16 27 53 B5 6B 0F 6B 41 0D BA 74 D8
00C0 | A8 4B 2A 14 B3 14 4E 0E F1 28 47 54 FD 17 ED 95
00D0 | 0D 59 65 B4 B9 DD 46 58 2D B1 17 8D 16 9C 6B C4
00E0 | 65 B0 D6 FF 9C A3 92 8F EF 5B 9A E4 E4 18 FC 15
00F0 | E8 3E BE A0 F8 7F A9 FF 5E ED 70 05 0D ED 28 49
0100 | F4 7B F9 59 D9 56 85 0C E9 29 85 1F 0D 81 15 F6
0110 | 35 B1 05 EE 2E 4E 15 D0 4B 24 54 BF 6F 4F AD F0
0120 | 34 B1 04 03 11 9C D8 E3 B9 2F CC 5B FE 00 01 00
0130 | 35 D6 63 91 75 B1 FF 6E 0A C4 01 89 37 0B 30 67
0140 | AF 8D 52 CE A7 08 7E 49 E0 17 07 B5 E6 11 2C B3
0150 | 33 27 26 7B D5 26 CD CD 1E 97 1B 04 88 E8 C9 35
0160 | 10 E8 60 49 B2 5F 64 01 70 B0 2B DE 60 9E 83 05
0170 | 0E 5F AB 06 54 C0 38 37 E7 83 20 18 15 2B 11 92
0180 | 8E 0F 2E 4C 33 27 DB E2 71 7E 12 3C C5 99 4E A0
0190 | A6 03 4C ED 7E AD 34 D9 9C A9 0D 89 40 B2 06 58
01A0 | 97 EB F6 17 B9 B1 66 2E 68 20 53 CD C7 5A 31 FD
01B0 | 6D 7B 27 B1 B8 FE 86 8C 81 39 75 2A 48 48 A5 49
01C0 | 3D FC 71 47 70 09 E0 65 3D 18 50 51 A7 D6 F6 C3
01D0 | A5 9C 2A 89 EC 8B 9B CD D8 7C B8 49 89 3D 70 92
01E0 | 61 D6 90 E3 84 35 65 DE B1 9B 76 B2 1F B8 A0 A2
01F0 | 8D E3 BE A1 98 69 F1 D7 33 46 90 9D 17 66 6F 94
0200 | 77 80 77 C5 99 76 11 76 24 85 36 A8 BB 94 4F 4F
0210 | 73 C3 66 BF 70 A0 4D 13 32 6D 22 79 99 E1 46 C8
0220 | 30 A4 73 FC 9B 1F 35 25 26 3F E3 0B 7D 82 C2 B7
0230 | 00 9B 9E 64</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>server_DH_inner_data#b5890dba nonce:int128 server_nonce:int128 g:int dh_prime:string g_a:string server_time:int = Server_DH_inner_data;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>%(server_DH_inner_data)</td>
<td>0, 4</td>
<td><code>ba0d89b5</code></td>
<td><em>server_DH_inner_data</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>4, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>20, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>g</td>
<td>36, 4</td>
<td><code>03000000</code> (3 in decimal)</td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>dh_prime</td>
<td>40, 260</td>
<td><code>FE000100C71CAEB9C6B1C9048E6C522F</code> <code>70F13F73980D40238E3E21C14934D037</code> <code>563D930F48198A0AA7C14058229493D2</code> <code>2530F4DBFA336F6E0AC925139543AED4</code> <code>4CCE7C3720FD51F69458705AC68CD4FE</code> <code>6B6B13ABDC9746512969328454F18FAF</code> <code>8C595F642477FE96BB2A941D5BCD1D4A</code> <code>C8CC49880708FA9B378E3C4F3A9060BE</code> <code>E67CF9A4A4A695811051907E162753B5</code> <code>6B0F6B410DBA74D8A84B2A14B3144E0E</code> <code>F1284754FD17ED950D5965B4B9DD4658</code> <code>2DB1178D169C6BC465B0D6FF9CA3928F</code> <code>EF5B9AE4E418FC15E83EBEA0F87FA9FF</code> <code>5EED70050DED2849F47BF959D956850C</code> <code>E929851F0D8115F635B105EE2E4E15D0</code> <code>4B2454BF6F4FADF034B10403119CD8E3</code><br> <code>B92FCC5B</code></td>
<td>2048-bit prime, in big-endian byte order, to be checked as specified in the auth key docs</td>
</tr>
<tr>
<td>g_a</td>
<td>300, 260</td>
<td><code>FE00010035D6639175B1FF6E0AC40189</code> <code>370B3067AF8D52CEA7087E49E01707B5</code> <code>E6112CB33327267BD526CDCD1E971B04</code> <code>88E8C93510E86049B25F640170B02BDE</code> <code>609E83050E5FAB0654C03837E7832018</code> <code>152B11928E0F2E4C3327DBE2717E123C</code> <code>C5994EA0A6034CED7EAD34D99CA90D89</code> <code>40B2065897EBF617B9B1662E682053CD</code> <code>C75A31FD6D7B27B1B8FE868C8139752A</code> <code>4848A5493DFC71477009E0653D185051</code> <code>A7D6F6C3A59C2A89EC8B9BCDD87CB849</code> <code>893D709261D690E3843565DEB19B76B2</code> <code>1FB8A0A28DE3BEA19869F1D73346909D</code> <code>17666F94778077C599761176248536A8</code> <code>BB944F4F73C366BF70A04D13326D2279</code> <code>99E146C830A473FC9B1F3525263FE30B</code><br> <code>7D82C2B7</code></td>
<td><code>g_a</code> diffie-hellman parameter</td>
</tr>
<tr>
<td>server_time</td>
<td>560, 4</td>
<td><code>009B9E64</code> (1688115968 in decimal)</td>
<td>Server time</td>
</tr>
</tbody>
</table>
<!-- end server_DH_inner_data -->
<h5><a class="anchor" href="#7-client-computes-random-2048-bit-number-b-using-a-sufficient-amount-of-entropy-and-sends-the-server-a-message" id="7-client-computes-random-2048-bit-number-b-using-a-sufficient-amount-of-entropy-and-sends-the-server-a-message" name="7-client-computes-random-2048-bit-number-b-using-a-sufficient-amount-of-entropy-and-sends-the-server-a-message"><i class="anchor-icon"></i></a>7) Client computes random 2048-bit number <em>b</em> (using a sufficient amount of entropy) and sends the server a message</h5>
<p>First, generate a secure random 2048-bit number b:</p>
<!-- start b -->
<pre><code>b = F7C5CD46D4A88DED59C1B412D39FEC78BD86A6DC2BF2C5C5D8AF305204158F14B3244D42FFCF2363DC0D25DC6C48A16A3A0E63813D9E87442CA3C2CF84DF848C540531FCDBAD8290A6B25E021EB9AAEEB702F6FB31DC39C48EF615BB0CBBEDE1958D8BF5DCC205CBED3A9DFCD597115163A131DFD4939E68EB2C6F097A5632A3773D5201783A3B6CDE805794F5CBEEFD9FCB8DEAEAD1C5BCADD6366C8A907FABE99A026E59E8521085CE6130123E80B72DFD5EF3D2C0BC880F52DEEF7404638D8053D464036BF7057A77BE75EDA78D3C82221BB131FE6ECB8C43F77DF1D04935F978BA40F3F59385D6D6C2E7782BFFB040AB60F28459EB68A42A904B55E8088C</code></pre>
<!-- end b -->
<p>Then compute <code>g_b = pow(g, b) mod dh_prime</code></p>
<!-- start g_b -->
<pre><code>g_b = 2545CE89DAD14BDF0F1E2E34F366124474E221B5C2019CF5240612B81798311E9ED33201DE78EA34B59DC0151E4CF820DEEC3850E1B08114B7599A1C99F28A85234ABCF8DC8BE8AB0CD1019EC56AB7BB2E05F07B7656338BE254ABB2F45AD42A86848E602B04A6B9CC9262780D4F87505A8B17191F53E72BDB00AB290B76810EB15C873183D72EC3D2CB411C3F4BDC7944E1CABF5571B152F7FC3CA1DA470977329DC49854BA62A85AE7645FECBD8183B5A4AAD06DFC56D4BA6106F81A45BEF32A9E4F56A213FB2A027B3ACDFDDDE6A6D57E68352C82F7C0D2108FC010725929CB7C88EE737F7B498D86134C7C7F2626F0357067A07813C0D3F2C86876CC1FF1</code></pre>
<!-- end g_b -->
<h6>7.1) generation of encrypted_data</h6>
<!-- start client_DH_inner_data -->
<p>Generated payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 54 B6 43 66 DA 60 3B 0B 6C 74 D6 0E C9 4A 04 D8
0010 | 3A F2 02 7D 8C 0C 71 9D 73 8B 75 78 66 BA 31 F7
0020 | EF 43 97 39 00 00 00 00 00 00 00 00 FE 00 01 00
0030 | 25 45 CE 89 DA D1 4B DF 0F 1E 2E 34 F3 66 12 44
0040 | 74 E2 21 B5 C2 01 9C F5 24 06 12 B8 17 98 31 1E
0050 | 9E D3 32 01 DE 78 EA 34 B5 9D C0 15 1E 4C F8 20
0060 | DE EC 38 50 E1 B0 81 14 B7 59 9A 1C 99 F2 8A 85
0070 | 23 4A BC F8 DC 8B E8 AB 0C D1 01 9E C5 6A B7 BB
0080 | 2E 05 F0 7B 76 56 33 8B E2 54 AB B2 F4 5A D4 2A
0090 | 86 84 8E 60 2B 04 A6 B9 CC 92 62 78 0D 4F 87 50
00A0 | 5A 8B 17 19 1F 53 E7 2B DB 00 AB 29 0B 76 81 0E
00B0 | B1 5C 87 31 83 D7 2E C3 D2 CB 41 1C 3F 4B DC 79
00C0 | 44 E1 CA BF 55 71 B1 52 F7 FC 3C A1 DA 47 09 77
00D0 | 32 9D C4 98 54 BA 62 A8 5A E7 64 5F EC BD 81 83
00E0 | B5 A4 AA D0 6D FC 56 D4 BA 61 06 F8 1A 45 BE F3
00F0 | 2A 9E 4F 56 A2 13 FB 2A 02 7B 3A CD FD DD E6 A6
0100 | D5 7E 68 35 2C 82 F7 C0 D2 10 8F C0 10 72 59 29
0110 | CB 7C 88 EE 73 7F 7B 49 8D 86 13 4C 7C 7F 26 26
0120 | F0 35 70 67 A0 78 13 C0 D3 F2 C8 68 76 CC 1F F1</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>client_DH_inner_data#6643b654 nonce:int128 server_nonce:int128 retry_id:long g_b:string = Client_DH_Inner_Data;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>%(client_DH_inner_data)</td>
<td>0, 4</td>
<td><code>54b64366</code></td>
<td><em>client_DH_inner_data</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>4, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>20, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>g_b</td>
<td>36, 260</td>
<td><code>FE0001002545CE89DAD14BDF0F1E2E34</code> <code>F366124474E221B5C2019CF5240612B8</code> <code>1798311E9ED33201DE78EA34B59DC015</code> <code>1E4CF820DEEC3850E1B08114B7599A1C</code> <code>99F28A85234ABCF8DC8BE8AB0CD1019E</code> <code>C56AB7BB2E05F07B7656338BE254ABB2</code> <code>F45AD42A86848E602B04A6B9CC926278</code> <code>0D4F87505A8B17191F53E72BDB00AB29</code> <code>0B76810EB15C873183D72EC3D2CB411C</code> <code>3F4BDC7944E1CABF5571B152F7FC3CA1</code> <code>DA470977329DC49854BA62A85AE7645F</code> <code>ECBD8183B5A4AAD06DFC56D4BA6106F8</code> <code>1A45BEF32A9E4F56A213FB2A027B3ACD</code> <code>FDDDE6A6D57E68352C82F7C0D2108FC0</code> <code>10725929CB7C88EE737F7B498D86134C</code> <code>7C7F2626F0357067A07813C0D3F2C868</code><br> <code>76CC1FF1</code></td>
<td>Single-byte prefix denoting length, a 256-byte (2048-bit) string, and zero bytes of padding</td>
</tr>
<tr>
<td>retry_id</td>
<td>296, 8</td>
<td><code>0000000000000000</code></td>
<td>Equal to zero at the time of the first attempt; otherwise, it is equal to <code>auth_key_aux_hash</code> from the previous failed attempt (see Item 7).</td>
</tr>
</tbody>
</table>
<!-- end client_DH_inner_data -->
<p>The serialization of <em>Client_DH_Inner_Data</em> produces a string <strong>data</strong>. This is used to generate <strong>encrypted_data</strong> as specified in <a href="#7-client-computes-random-2048-bit-number-b-using-a-sufficient-amount-of-entropy-and-sends-the-server-a-message">step 6</a>, using the following inputs:</p>
<!-- start client_DH_inner_data_input -->
<pre><code>data = 54B64366DA603B0B6C74D60EC94A04D83AF2027D8C0C719D738B757866BA31F7EF4397390000000000000000FE0001002545CE89DAD14BDF0F1E2E34F366124474E221B5C2019CF5240612B81798311E9ED33201DE78EA34B59DC0151E4CF820DEEC3850E1B08114B7599A1C99F28A85234ABCF8DC8BE8AB0CD1019EC56AB7BB2E05F07B7656338BE254ABB2F45AD42A86848E602B04A6B9CC9262780D4F87505A8B17191F53E72BDB00AB290B76810EB15C873183D72EC3D2CB411C3F4BDC7944E1CABF5571B152F7FC3CA1DA470977329DC49854BA62A85AE7645FECBD8183B5A4AAD06DFC56D4BA6106F81A45BEF32A9E4F56A213FB2A027B3ACDFDDDE6A6D57E68352C82F7C0D2108FC010725929CB7C88EE737F7B498D86134C7C7F2626F0357067A07813C0D3F2C86876CC1FF1
padding = BD8A6AC82FFB68885A48E0ED
tmp_aes_key = FD36AB8054D1E2F02F5205DC00729025F859AB708409CE4F32E82FDA951B0D7A
tmp_aes_iv = 049A211296D24BE36D7FFA1E3C30904487A544973922E4930CD594630E6358A8</code></pre>
<!-- end client_DH_inner_data_input -->
<p>Process:</p>
<pre><code>data_with_hash := SHA1(data) + data + padding (0-15 random bytes such that total length is divisible by 16)
encrypted_data := AES256_ige_encrypt (data_with_hash, tmp_aes_key, tmp_aes_iv);</code></pre>
<p>Output:</p>
<!-- start client_DH_inner_data_output -->
<pre><code>encrypted_data = E3B5716AC2E86342AD2E8C7B75FD17C713CE5C8559659F8301258D63D9101D1DB99EA9C1909315495C8776FD7885CA40AB860F38C8BD946F90CCEC63F3ED2A5A8F06F4E45BFDD0CC4A626AF74C299623B64E8E384BB7A66C36483EA667CE513FB5C2B9C7C635206E824F6BFC45A259CE0692745EBF3FDE3DEE350903FC0E2FF821DAECDF333B23F77866A444E2AC3B1BC8CC2EA38D4C2C3FF375FF70CFAF76E35BE863D54969CF4A887C8D6223874017B4B509CF3DE096E288512FBEF295D4DE4CC3CA6EAEA779B07100D8CC9E2EF7A6B40575CCC5EC93E32E7F8E4FD7332737F3B179573B4BEC13ABD868CC06A725ECFFC29494FE6AFFD3CEF2DE94681D4A3F19DDE0CF9BB0F13974443EA04D6CE173E0655BAFC847B5D55393BE982E00903B557B61FB38F15A88CADA345BC8B7820BB1C051C0A8B13AE70A5479E87D6BCA8A7AA73C306AF0FACD6760C566014DE790</code></pre>
<!-- end client_DH_inner_data_output -->
<p>The length of the final string is 336 bytes.</p>
<h6>7.2) set_client_DH_params query</h6>
<!-- start set_client_DH_params -->
<p>Sent payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 E8 30 0F 00 00 9B 9E 64
0010 | 78 01 00 00 1F 5F 04 F5 DA 60 3B 0B 6C 74 D6 0E
0020 | C9 4A 04 D8 3A F2 02 7D 8C 0C 71 9D 73 8B 75 78
0030 | 66 BA 31 F7 EF 43 97 39 FE 50 01 00 E3 B5 71 6A
0040 | C2 E8 63 42 AD 2E 8C 7B 75 FD 17 C7 13 CE 5C 85
0050 | 59 65 9F 83 01 25 8D 63 D9 10 1D 1D B9 9E A9 C1
0060 | 90 93 15 49 5C 87 76 FD 78 85 CA 40 AB 86 0F 38
0070 | C8 BD 94 6F 90 CC EC 63 F3 ED 2A 5A 8F 06 F4 E4
0080 | 5B FD D0 CC 4A 62 6A F7 4C 29 96 23 B6 4E 8E 38
0090 | 4B B7 A6 6C 36 48 3E A6 67 CE 51 3F B5 C2 B9 C7
00A0 | C6 35 20 6E 82 4F 6B FC 45 A2 59 CE 06 92 74 5E
00B0 | BF 3F DE 3D EE 35 09 03 FC 0E 2F F8 21 DA EC DF
00C0 | 33 3B 23 F7 78 66 A4 44 E2 AC 3B 1B C8 CC 2E A3
00D0 | 8D 4C 2C 3F F3 75 FF 70 CF AF 76 E3 5B E8 63 D5
00E0 | 49 69 CF 4A 88 7C 8D 62 23 87 40 17 B4 B5 09 CF
00F0 | 3D E0 96 E2 88 51 2F BE F2 95 D4 DE 4C C3 CA 6E
0100 | AE A7 79 B0 71 00 D8 CC 9E 2E F7 A6 B4 05 75 CC
0110 | C5 EC 93 E3 2E 7F 8E 4F D7 33 27 37 F3 B1 79 57
0120 | 3B 4B EC 13 AB D8 68 CC 06 A7 25 EC FF C2 94 94
0130 | FE 6A FF D3 CE F2 DE 94 68 1D 4A 3F 19 DD E0 CF
0140 | 9B B0 F1 39 74 44 3E A0 4D 6C E1 73 E0 65 5B AF
0150 | C8 47 B5 D5 53 93 BE 98 2E 00 90 3B 55 7B 61 FB
0160 | 38 F1 5A 88 CA DA 34 5B C8 B7 82 0B B1 C0 51 C0
0170 | A8 B1 3A E7 0A 54 79 E8 7D 6B CA 8A 7A A7 3C 30
0180 | 6A F0 FA CD 67 60 C5 66 01 4D E7 90</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>set_client_DH_params#f5045f1f nonce:int128 server_nonce:int128 encrypted_data:string = Set_client_DH_params_answer;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>auth_key_id</td>
<td>0, 8</td>
<td><code>0000000000000000</code></td>
<td>0 since the message is in plain text</td>
</tr>
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>E8300F00009B9E64</code></td>
<td>Message ID generated as specified <a href="/mtproto/description#message-identifier-msg-id">here »</a> (unixtime() &lt;&lt; 32) + (N*4)</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>78010000</code> (376 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
<td>%(set_client_DH_params)</td>
<td>20, 4</td>
<td><code>1f5f04f5</code></td>
<td><em>set_client_DH_params</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>encrypted_data</td>
<td>56, 340</td>
<td><code>FE500100E3B5716AC2E86342AD2E8C7B</code> <code>75FD17C713CE5C8559659F8301258D63</code> <code>D9101D1DB99EA9C1909315495C8776FD</code> <code>7885CA40AB860F38C8BD946F90CCEC63</code> <code>F3ED2A5A8F06F4E45BFDD0CC4A626AF7</code> <code>4C299623B64E8E384BB7A66C36483EA6</code> <code>67CE513FB5C2B9C7C635206E824F6BFC</code> <code>45A259CE0692745EBF3FDE3DEE350903</code> <code>FC0E2FF821DAECDF333B23F77866A444</code> <code>E2AC3B1BC8CC2EA38D4C2C3FF375FF70</code> <code>CFAF76E35BE863D54969CF4A887C8D62</code> <code>23874017B4B509CF3DE096E288512FBE</code> <code>F295D4DE4CC3CA6EAEA779B07100D8CC</code> <code>9E2EF7A6B40575CCC5EC93E32E7F8E4F</code> <code>D7332737F3B179573B4BEC13ABD868CC</code> <code>06A725ECFFC29494FE6AFFD3CEF2DE94</code> <code>681D4A3F19DDE0CF9BB0F13974443EA0</code> <code>4D6CE173E0655BAFC847B5D55393BE98</code> <code>2E00903B557B61FB38F15A88CADA345B</code> <code>C8B7820BB1C051C0A8B13AE70A5479E8</code> <code>7D6BCA8A7AA73C306AF0FACD6760C566</code><br> <code>014DE790</code></td>
<td>Encrypted client_DH_inner_data generated previously, serialized as a TL byte string</td>
</tr>
</tbody>
</table>
<!-- end set_client_DH_params -->
<h5><a class="anchor" href="#8-auth-key-generation" id="8-auth-key-generation" name="8-auth-key-generation"><i class="anchor-icon"></i></a>8) Auth key generation</h5>
<p>The client computes the auth_key using formula <code>g_a^b mod dh_prime</code>:</p>
<!-- start auth_key -->
<pre><code>auth_key = 48892B997A14A133B6D5B234A7F9B19DCE70CB192B9238372639DD6230B1BCC8D31BBBCCFA7F00BBEF38303BAE50FFF3DC814333123CE6E5980EF4493A74F38AD6B05B6737E296ADF4C97C69C95C5EC840BC22694F4CBFC14598B28F83B5CD79FE881F6AB9615226DF63078688371B3CDD2F6E97B35D17E6710E29469E1476B596C1DE136F05D585290776B306D6946B1C33374A459ECB0E9BFBC5A43D145A6B37C276E94C840EA0950B0B2523744CD538817DBA33CD6C84175AEA8561EBA117D2589EFB30A304B0F7AF29FF141E6B3F6F9FA5CEFF31DF1166937EA07D850427B6D779BBAB5B062526D435206EA25158EABC659DE3DC5E4ABF0D93B87B35E5E7</code></pre>
<!-- end auth_key -->
<h5><a class="anchor" href="#9-final-server-reply" id="9-final-server-reply" name="9-final-server-reply"><i class="anchor-icon"></i></a>9) Final server reply</h5>
<p>The server verifies and confirms that auth_key_hash is unique: since it's unique, it replies with the following:</p>
<!-- start dh_gen_ok -->
<p>Received payload (excluding transport headers/trailers):</p>
<pre><code>0000 | 00 00 00 00 00 00 00 00 01 84 8C 9F 00 9B 9E 64
0010 | 34 00 00 00 34 F7 CB 3B DA 60 3B 0B 6C 74 D6 0E
0020 | C9 4A 04 D8 3A F2 02 7D 8C 0C 71 9D 73 8B 75 78
0030 | 66 BA 31 F7 EF 43 97 39 B0 91 C6 77 C6 99 6C 09
0040 | FF 59 F2 F9 AB 28 16 78</code></pre>
<p>Payload (de)serialization:</p>
<pre><code>dh_gen_ok#3bcbf734 nonce:int128 server_nonce:int128 new_nonce_hash1:int128 = Set_client_DH_params_answer;</code></pre>
<table class="table">
<thead>
<tr>
<th>Parameter</th>
<th>Offset, Length in bytes</th>
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>auth_key_id</td>
<td>0, 8</td>
<td><code>0000000000000000</code></td>
<td>0 since the message is in plain text</td>
</tr>
<tr>
<td>message_id</td>
<td>8, 8</td>
<td><code>01848C9F009B9E64</code></td>
<td>Message ID generated as specified <a href="/mtproto/description#message-identifier-msg-id">here »</a> (unixtime() &lt;&lt; 32) + (N*4)</td>
</tr>
<tr>
<td>message_length</td>
<td>16, 4</td>
<td><code>34000000</code> (52 in decimal)</td>
<td>Message body length</td>
</tr>
<tr>
<td>%(dh_gen_ok)</td>
<td>20, 4</td>
<td><code>34f7cb3b</code></td>
<td><em>dh_gen_ok</em> constructor number from TL schema</td>
</tr>
<tr>
<td>nonce</td>
<td>24, 16</td>
<td><code>DA603B0B6C74D60EC94A04D83AF2027D</code></td>
<td>Value generated by client in Step 1</td>
</tr>
<tr>
<td>server_nonce</td>
<td>40, 16</td>
<td><code>8C0C719D738B757866BA31F7EF439739</code></td>
<td>Value received from server in Step 2</td>
</tr>
<tr>
<td>new_nonce_hash1</td>
<td>56, 16</td>
<td><code>B091C677C6996C09FF59F2F9AB281678</code></td>
<td>The 128 lower-order bits of SHA1 of the byte string derived from the <code>new_nonce</code> string by adding a single byte with the value of 1, 2, or 3, and followed by another 8 bytes with <code>auth_key_aux_hash</code>. Different values are required to prevent an intruder from changing server response dh_gen_ok into dh_gen_retry.</td>
</tr>
</tbody>
</table>
<!-- end dh_gen_ok --></div>
</div>
</div>
</div>
<div class="footer_wrap">
<div class="footer_columns_wrap footer_desktop">
<div class="footer_column footer_column_telegram">
<h5>Telegram</h5>
<div class="footer_telegram_description"></div>
Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed.
</div>
<div class="footer_column">
<h5><a href="//telegram.org/faq">About</a></h5>
<ul>
<li><a href="//telegram.org/faq">FAQ</a></li>
<li><a href="//telegram.org/privacy">Privacy</a></li>
<li><a href="//telegram.org/press">Press</a></li>
</ul>
</div>
<div class="footer_column">
<h5><a href="//telegram.org/apps#mobile-apps">Mobile Apps</a></h5>
<ul>
<li><a href="//telegram.org/dl/ios">iPhone/iPad</a></li>
<li><a href="//telegram.org/android">Android</a></li>
<li><a href="//telegram.org/dl/web">Mobile Web</a></li>
</ul>
</div>
<div class="footer_column">
<h5><a href="//telegram.org/apps#desktop-apps">Desktop Apps</a></h5>
<ul>
<li><a href="//desktop.telegram.org/">PC/Mac/Linux</a></li>
<li><a href="//macos.telegram.org/">macOS</a></li>
<li><a href="//telegram.org/dl/web">Web-browser</a></li>
</ul>
</div>
<div class="footer_column footer_column_platform">
<h5><a href="/">Platform</a></h5>
<ul>
<li><a href="/api">API</a></li>
<li><a href="//translations.telegram.org/">Translations</a></li>
<li><a href="//instantview.telegram.org/">Instant View</a></li>
</ul>
</div>
</div>
<div class="footer_columns_wrap footer_mobile">
<div class="footer_column">
<h5><a href="//telegram.org/faq">About</a></h5>
</div>
<div class="footer_column">
<h5><a href="//telegram.org/blog">Blog</a></h5>
</div>
<div class="footer_column">
<h5><a href="//telegram.org/apps">Apps</a></h5>
</div>
<div class="footer_column">
<h5><a href="/">Platform</a></h5>
</div>
<div class="footer_column">
<h5><a href="//telegram.org/press">Press</a></h5>
</div>
</div>
</div>
</div>
<script src="/js/main.js?47"></script>
<script src="/js/jquery.min.js?1"></script>
<script src="/js/bootstrap.min.js?1"></script>
<script>window.initDevPageNav&&initDevPageNav();
backToTopInit("Go up");
removePreloadInit();
</script>
</body>
</html>
Reference in a new issue View git blame Copy permalink