log inhelp

 | 

  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • You already know Dokkio is an AI-powered assistant to organize & manage your digital files & messages. Very soon, Dokkio will support Outlook as well as One Drive. Check it out today!

View
 

login_sequence

Page history last edited by PBworks 17 years, 1 month ago

login_sequence

The login sequence uses a challenge response mechanism using a combination of SHA1 and RC4.

 

server lc1 -  server gives 64 byte challenge value (in base64 ASCII)
client login2 - client responds with response value (in base64 ASCII)
server lc2 - if login2 is succesful, server gives sessionkey

 

psuedo code for generating response value (+ means concatenate):

1) Decode challenge value from base64 ASCII into 64 bytes of data

2) UNENCRYPTED_DATA = First 32 bytes of challenge data + USERNAME (in unicode UTF-16LE) + 0000000002C0A8016600000000 (hex constant)

3) HASHED_PASSWORD = SHA1 hash of ASCII password

4) HASHED_PASSWORD2 = SHA1 of (HASHED_PASSWORD + Last 32 bytes of challenge data)

5) RC4_KEY = First 16 bytes of HASHED_PASSWORD2

6) ENCRYPTED_DATA = RC4 of UNENCRYPTED_DATA using RC4_KEY as the encryption key

7) Encode ENCRYPTED_DATA into base64 ASCII to obtain response value

 

example

server:

\lc\1\nc\Jfy+N46kTKNPCEPRaJP4QA3/3z4bayiCaJsFqGyOF97RQ1cQI5+xs1laahcrABCqlYp7pQgild0Qk+P8jGX9Mg==\id\1\final\

client:

\login2\196610\usernamemyspaceimtestuser1@glit.us\response\g/MFAWd84rcpcGcL8jQXaptT4hvXz/34cP+1sN/LAM3m6BDVrBr3KLKUjPt147dyGaQgJCYSFxVsBL1WVQZv2ihCs1RGaWE=\clientver\595\status\100\id\1\final\

 server:

\lc\2\sesskey\480534511\proof\myspaceimtestuserurl1\userid\166189759\profileid\166189759\uniquenick\myspaceimtestuserurl1\id\1\final\

 

 

Comments (0)

You don't have permission to comment on this page.

Printable version