CMD_AUTH_LOGON_CHALLENGE_Server
Protocol Version 2
Reply to CMD_AUTH_LOGON_CHALLENGE_Client.
Wowm Representation
Autogenerated from wowm file at wow_message_parser/wowm/login/cmd_auth_logon/challenge_server.wowm:2.
slogin CMD_AUTH_LOGON_CHALLENGE_Server = 0x00 {
u8 protocol_version = 0;
LoginResult result;
if (result == SUCCESS) {
u8[32] server_public_key;
u8 generator_length;
u8[generator_length] generator;
u8 large_safe_prime_length;
u8[large_safe_prime_length] large_safe_prime;
u8[32] salt;
u8[16] crc_salt;
}
}
Header
Login messages have a header of 1 byte with an opcode. Some messages also have a size field but this is not considered part of the header.
Login Header
| Offset | Size / Endianness | Type | Name | Description |
|---|---|---|---|---|
| 0x00 | 1 / - | uint8 | opcode | Opcode that determines which fields the message contains. |
Body
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x01 | 1 / - | u8 | protocol_version | Mangos statically sets this to 0. It is unknown exactly what it does. |
| 0x02 | 1 / - | LoginResult | result |
If result is equal to SUCCESS:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x03 | 32 / - | u8[32] | server_public_key | |
| 0x23 | 1 / - | u8 | generator_length | The only realistic values for the generator are well below 255, so there's no reason for this to anything other than 1. |
| 0x24 | ? / - | u8[generator_length] | generator | |
| - | 1 / - | u8 | large_safe_prime_length | Client can not handle arrays greater than 32. |
| - | ? / - | u8[large_safe_prime_length] | large_safe_prime | |
| - | 32 / - | u8[32] | salt | |
| - | 16 / - | u8[16] | crc_salt | Used for the crc_hash in CMD_AUTH_LOGON_PROOF_Client. |
Examples
Example 1
Comment
Reply to CMD_AUTH_LOGON_CHALLENGE_Client.
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
Protocol Version 3
Reply to CMD_AUTH_LOGON_CHALLENGE_Client.
Wowm Representation
Autogenerated from wowm file at wow_message_parser/wowm/login/cmd_auth_logon/challenge_server.wowm:76.
slogin CMD_AUTH_LOGON_CHALLENGE_Server = 0x00 {
u8 protocol_version = 0;
LoginResult result;
if (result == SUCCESS) {
u8[32] server_public_key;
u8 generator_length;
u8[generator_length] generator;
u8 large_safe_prime_length;
u8[large_safe_prime_length] large_safe_prime;
u8[32] salt;
u8[16] crc_salt;
SecurityFlag security_flag;
if (security_flag == PIN) {
u32 pin_grid_seed;
u8[16] pin_salt;
}
}
}
Header
Login messages have a header of 1 byte with an opcode. Some messages also have a size field but this is not considered part of the header.
Login Header
| Offset | Size / Endianness | Type | Name | Description |
|---|---|---|---|---|
| 0x00 | 1 / - | uint8 | opcode | Opcode that determines which fields the message contains. |
Body
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x01 | 1 / - | u8 | protocol_version | Mangos statically sets this to 0. |
| 0x02 | 1 / - | LoginResult | result |
If result is equal to SUCCESS:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x03 | 32 / - | u8[32] | server_public_key | |
| 0x23 | 1 / - | u8 | generator_length | The only realistic values for the generator are well below 255, so there's no reason for this to anything other than 1. |
| 0x24 | ? / - | u8[generator_length] | generator | |
| - | 1 / - | u8 | large_safe_prime_length | Client can not handle arrays greater than 32. |
| - | ? / - | u8[large_safe_prime_length] | large_safe_prime | |
| - | 32 / - | u8[32] | salt | |
| - | 16 / - | u8[16] | crc_salt | Used for the crc_hash in CMD_AUTH_LOGON_PROOF_Client. |
| - | 1 / - | SecurityFlag | security_flag |
If security_flag is equal to PIN:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| - | 4 / Little | u32 | pin_grid_seed | Used to randomize the layout of the PIN keypad. |
| - | 16 / - | u8[16] | pin_salt |
Examples
Example 1
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
1, // security_flag: SecurityFlag PIN (0x1)
239, 190, 173, 222, // pin_grid_seed: u32
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, // pin_salt: u8[16]
Example 2
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
0, // security_flag: SecurityFlag NONE (0x0)
Protocol Version 5, Protocol Version 6, Protocol Version 7
Wowm Representation
Autogenerated from wowm file at wow_message_parser/wowm/login/cmd_auth_logon/challenge_server.wowm:219.
slogin CMD_AUTH_LOGON_CHALLENGE_Server = 0x00 {
u8 protocol_version = 0;
LoginResult result;
if (result == SUCCESS) {
u8[32] server_public_key;
u8 generator_length;
u8[generator_length] generator;
u8 large_safe_prime_length;
u8[large_safe_prime_length] large_safe_prime;
u8[32] salt;
u8[16] crc_salt;
SecurityFlag security_flag;
if (security_flag & PIN) {
u32 pin_grid_seed;
u8[16] pin_salt;
}
if (security_flag & MATRIX_CARD) {
u8 width;
u8 height;
u8 digit_count;
u8 challenge_count;
u64 seed;
}
}
}
Header
Login messages have a header of 1 byte with an opcode. Some messages also have a size field but this is not considered part of the header.
Login Header
| Offset | Size / Endianness | Type | Name | Description |
|---|---|---|---|---|
| 0x00 | 1 / - | uint8 | opcode | Opcode that determines which fields the message contains. |
Body
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x01 | 1 / - | u8 | protocol_version | |
| 0x02 | 1 / - | LoginResult | result |
If result is equal to SUCCESS:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x03 | 32 / - | u8[32] | server_public_key | |
| 0x23 | 1 / - | u8 | generator_length | The only realistic values for the generator are well below 255, so there's no reason for this to anything other than 1. |
| 0x24 | ? / - | u8[generator_length] | generator | |
| - | 1 / - | u8 | large_safe_prime_length | Client can not handle arrays greater than 32. |
| - | ? / - | u8[large_safe_prime_length] | large_safe_prime | |
| - | 32 / - | u8[32] | salt | |
| - | 16 / - | u8[16] | crc_salt | Used for the crc_hash in CMD_AUTH_LOGON_PROOF_Client. |
| - | 1 / - | SecurityFlag | security_flag |
If security_flag contains PIN:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| - | 4 / Little | u32 | pin_grid_seed | Used to randomize the layout of the PIN keypad. |
| - | 16 / - | u8[16] | pin_salt |
If security_flag contains MATRIX_CARD:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| - | 1 / - | u8 | width | Number of columns to display. |
| - | 1 / - | u8 | height | Number of rows to display. |
| - | 1 / - | u8 | digit_count | Number of digits to be entered for each cell. |
| - | 1 / - | u8 | challenge_count | Number of cells to complete. |
| - | 8 / Little | u64 | seed | Seed value used to randomize cell selection. |
Examples
Example 1
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
58, 43, 237, 162, 169, 101, 37, 78, 69, 4, 195, 168, 246, 106, 134, 201, 81, 114,
215, 99, 107, 54, 137, 237, 192, 63, 252, 193, 66, 165, 121, 50, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
174, 120, 124, 96, 218, 20, 21, 219, 130, 36, 67, 72, 71, 108, 63, 211, 188, 22,
60, 89, 21, 128, 86, 5, 146, 59, 82, 46, 114, 18, 41, 82, // salt: u8[32]
70, 15, 184, 237, 114, 71, 169, 255, 31, 242, 228, 96, 253, 255, 127, 249, // crc_salt: u8[16]
3, // security_flag: SecurityFlag PIN| MATRIX_CARD (3)
0, 0, 0, 0, // pin_grid_seed: u32
89, 29, 166, 11, 52, 253, 100, 94, 56, 108, 84, 192, 24, 182, 167, 47, // pin_salt: u8[16]
8, // width: u8
8, // height: u8
2, // digit_count: u8
1, // challenge_count: u8
194, 216, 23, 56, 5, 251, 84, 143, // seed: u64
Protocol Version 8
Wowm Representation
Autogenerated from wowm file at wow_message_parser/wowm/login/cmd_auth_logon/challenge_server.wowm:300.
slogin CMD_AUTH_LOGON_CHALLENGE_Server = 0x00 {
u8 protocol_version = 0;
LoginResult result;
if (result == SUCCESS) {
u8[32] server_public_key;
u8 generator_length;
u8[generator_length] generator;
u8 large_safe_prime_length;
u8[large_safe_prime_length] large_safe_prime;
u8[32] salt;
u8[16] crc_salt;
SecurityFlag security_flag;
if (security_flag & PIN) {
u32 pin_grid_seed;
u8[16] pin_salt;
}
if (security_flag & MATRIX_CARD) {
u8 width;
u8 height;
u8 digit_count;
u8 challenge_count;
u64 seed;
}
if (security_flag & AUTHENTICATOR) {
u8 required;
}
}
}
Header
Login messages have a header of 1 byte with an opcode. Some messages also have a size field but this is not considered part of the header.
Login Header
| Offset | Size / Endianness | Type | Name | Description |
|---|---|---|---|---|
| 0x00 | 1 / - | uint8 | opcode | Opcode that determines which fields the message contains. |
Body
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x01 | 1 / - | u8 | protocol_version | |
| 0x02 | 1 / - | LoginResult | result |
If result is equal to SUCCESS:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| 0x03 | 32 / - | u8[32] | server_public_key | |
| 0x23 | 1 / - | u8 | generator_length | The only realistic values for the generator are well below 255, so there's no reason for this to anything other than 1. |
| 0x24 | ? / - | u8[generator_length] | generator | |
| - | 1 / - | u8 | large_safe_prime_length | Client can not handle arrays greater than 32. |
| - | ? / - | u8[large_safe_prime_length] | large_safe_prime | |
| - | 32 / - | u8[32] | salt | |
| - | 16 / - | u8[16] | crc_salt | Used for the crc_hash in CMD_AUTH_LOGON_PROOF_Client. |
| - | 1 / - | SecurityFlag | security_flag |
If security_flag contains PIN:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| - | 4 / Little | u32 | pin_grid_seed | Used to randomize the layout of the PIN keypad. |
| - | 16 / - | u8[16] | pin_salt |
If security_flag contains MATRIX_CARD:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| - | 1 / - | u8 | width | Number of columns to display. |
| - | 1 / - | u8 | height | Number of rows to display. |
| - | 1 / - | u8 | digit_count | Number of digits to be entered for each cell. |
| - | 1 / - | u8 | challenge_count | Number of cells to complete. |
| - | 8 / Little | u64 | seed | Seed value used to randomize cell selection. |
If security_flag contains AUTHENTICATOR:
| Offset | Size / Endianness | Type | Name | Comment |
|---|---|---|---|---|
| - | 1 / - | u8 | required | Dictates if the authenticator is in use and not just assigned to the account. |
Examples
Example 1
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
0, // security_flag: SecurityFlag NONE (0)
Example 2
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
1, // security_flag: SecurityFlag PIN (1)
239, 190, 173, 222, // pin_grid_seed: u32
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, // pin_salt: u8[16]
Example 3
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
4, // security_flag: SecurityFlag AUTHENTICATOR (4)
1, // required: u8
Example 4
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
2, // security_flag: SecurityFlag MATRIX_CARD (2)
255, // width: u8
238, // height: u8
221, // digit_count: u8
204, // challenge_count: u8
222, 202, 250, 239, 190, 173, 222, 0, // seed: u64
Example 5
0, // opcode (0)
0, // protocol_version: u8
5, // result: LoginResult FAIL_INCORRECT_PASSWORD (0x05)
Example 6
0, // opcode (0)
0, // protocol_version: u8
0, // result: LoginResult SUCCESS (0x00)
73, 216, 194, 188, 104, 92, 43, 206, 74, 244, 250, 7, 10, 71, 147, 120, 88, 120,
70, 181, 131, 212, 65, 130, 158, 36, 216, 135, 206, 218, 52, 70, // server_public_key: u8[32]
1, // generator_length: u8
7, // generator: u8[generator_length]
32, // large_safe_prime_length: u8
183, 155, 62, 42, 135, 130, 60, 171, 143, 94, 191, 191, 142, 177, 1, 8, 83, 80,
6, 41, 139, 91, 173, 189, 91, 83, 225, 137, 94, 100, 75, 137, // large_safe_prime: u8[large_safe_prime_length]
199, 9, 135, 125, 140, 101, 82, 102, 165, 125, 184, 101, 61, 110, 166, 43, 181,
84, 242, 11, 207, 116, 214, 74, 119, 167, 211, 61, 243, 48, 144, 135, // salt: u8[32]
186, 163, 30, 153, 160, 11, 33, 87, 252, 55, 63, 179, 105, 205, 210, 241, // crc_salt: u8[16]
6, // security_flag: SecurityFlag MATRIX_CARD| AUTHENTICATOR (6)
255, // width: u8
238, // height: u8
221, // digit_count: u8
204, // challenge_count: u8
222, 202, 250, 239, 190, 173, 222, 0, // seed: u64
1, // required: u8
Example 7
0, // opcode (0)
0, // protocol_version: u8
5, // result: LoginResult FAIL_INCORRECT_PASSWORD (0x05)