![]() ![]() Though it isn't any longer possible to link a single authenticator to more than one account at a time, but maybe the support will ask for the serial number if there is a problem with the authenticator.Īuthenticator Time Synchronization Authenticator Time Synchronization Request The serial number SHOULD be stored together with the secret key. There should be no way to calculate the secret key corresponding to this serial number. The number seems to be simply incremented by the server for every initialization request. Authenticator serial number Serial number of the authenticator used for linking it to a account. ![]() The key MUST be stored within the authenticator as long as it is linked to a account and MUST kept secret. #Battlenet auth codeRefer to code calculation section for the usage of this key. Secret key for code calculation Secret key generated by the server for calculation of the authenticator codes. The decryption key is the key sent to the server within the initialization request.Īfter decryption the initialization information has the following format: Encrypted initialization data One time pad encrypted data with initialization information for the authenticator. The HTTP body of the response has the following format:Ĭurrent server time Milliseconds since midnight, JanuUTC (like returnded by System.currentTimeMillis() in Java), big endian format. Europe and North America are using the same keys for RSA. The resulting 128 encrypted bytes are sent to the server within the HTTP-POST-request. (big endian) and the public exponent is "0x101" (257). The plaintext is then encrypted with RSA-1024 (upper bytes of the RSA-block are padded with zeros). Mobile model Default value is "Motorola RAZR v3" but every other 16 bytes would be also OK. Region code "EU" or "US" but doesn't have any meaning - distinction is only done via the URL and not via the code here. But every other good source of randomness would be also OK here. #Battlenet auth generatorBlizzard is using the default Java random number generator (initialized with the current system time), hashes the created random bytes via SHA1 and is using the hash output for the key. The plaintext of the request has the following format:įunction code always 0x01 Response encryption key Random bytes for one time pad encryption of the response. With Content-type "application/octet-stream". Initialization request is an HTTP POST request to Server Communication Authenticator Initialization Authenticator Initialization Request Technical description of the Mobile Authenticator protocol: 1.2.2 Authenticator Time Synchronization Response.1.2.1 Authenticator Time Synchronization Request.1.1.2 Authenticator Initialization Response.1.1.1 Authenticator Initialization Request. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |