diff --git a/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/PacketFactory.kt b/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/PacketFactory.kt index 5a8feff8d..1bf0b8a4d 100644 --- a/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/PacketFactory.kt +++ b/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/PacketFactory.kt @@ -188,7 +188,6 @@ internal object KnownPacketFactories : List> by mutableListOf( } // body - // TODO: 2020/1/23 在这里处理 Uni 解析 val packetFactory = findPacketFactory(commandName) bot.logger.verbose(commandName) diff --git a/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/login/LoginPacket.kt b/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/login/LoginPacket.kt index 953292005..504b2422b 100644 --- a/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/login/LoginPacket.kt +++ b/mirai-core-qqandroid/src/commonMain/kotlin/net/mamoe/mirai/qqandroid/network/protocol/packet/login/LoginPacket.kt @@ -308,7 +308,7 @@ internal object LoginPacket : PacketFactory("wt @InternalAPI @UseExperimental(MiraiDebugAPI::class) - private suspend fun onSolveLoginCaptcha(tlvMap: Map, bot: QQAndroidBot): LoginPacketResponse. Captcha { + private fun onSolveLoginCaptcha(tlvMap: Map, bot: QQAndroidBot): LoginPacketResponse. Captcha { val client = bot.client // val ret = tlvMap[0x104]?.let { println(it.toUHexString()) } println() @@ -348,11 +348,6 @@ internal object LoginPacket : PacketFactory("wt // 00 1C // 01 08 00 10 A1 73 76 98 64 E0 38 C6 C8 18 73 FA D3 85 DA D6 01 6A 00 30 1D 99 4A 28 7E B3 B8 AC 74 B9 C4 BB 6D BB 41 72 F7 5C 9F 0F 79 8A 82 4F 1F 69 34 6D 10 D6 BB E8 A3 4A 2B 5D F1 C7 05 3C F8 72 EF CF 67 E4 3C 94 01 06 00 78 B4 ED 9F 44 ED 10 18 A8 85 0A 8A 85 79 45 47 7F 25 AA EE 2C 53 83 80 0A B3 B0 47 3E 95 51 A4 AE 3E CA A0 1D B4 91 F7 BB 2E 94 76 A8 C8 97 02 C4 5B 15 02 B7 03 9A FC C2 58 6D 17 92 46 AE EB 2F 6F 65 B8 69 6C D6 9D AC 18 6F 07 53 AC FE FA BC BD CE 57 13 10 2D 5A C6 50 AA C2 AE 18 D4 FD CD F2 E0 D1 25 29 56 21 35 8F 01 9D D6 69 44 8F 06 D0 23 26 D3 0E E6 E6 B7 01 0C 00 10 73 32 61 4E 2C 72 35 58 68 28 47 3E 2B 6E 52 62 01 0A 00 48 A4 DA 48 FB B4 8D DA 7B 86 D7 A7 FE 01 1B 70 6F 54 F8 55 38 B0 AD 1B 0C 0B B9 F6 94 24 F8 9E 30 32 22 99 0C 22 CD 44 B8 B0 8A A8 65 E1 B8 F0 49 EF E1 23 D7 0D A3 F1 BB 52 B7 4B AF BD 50 EA BF 15 02 78 2B 8B 10 FB 15 01 0D 00 10 29 75 38 72 21 5D 3F 24 37 46 67 79 2B 65 6D 34 01 14 00 60 00 01 5E 19 65 8C 00 58 93 DD 4D 2C 2D 01 44 99 62 B8 7A EF 04 C5 71 0B F1 BE 4C F4 21 F2 97 B0 14 67 0E 14 9F D8 A2 0B 93 40 90 80 F3 59 7A 69 45 D7 D4 53 4C 08 3A 56 1D C9 95 36 2C 7C 5E EE 36 47 5F AE 26 72 76 FD FD 69 E6 0C 2D 3A E8 CF D4 8D 76 C9 17 C3 E3 CD 21 AB 04 6B 70 C5 EC EC 01 0E 00 10 56 48 3E 29 3A 5A 21 74 55 6A 2C 72 58 73 79 71 01 03 00 30 9B A6 5D 85 5C 40 7C 28 E7 05 A9 25 CA F5 FC C0 51 40 85 F3 2F D2 37 F9 09 A6 E6 56 7F 7A 2E 7D 9F B9 1C 00 65 55 D2 A9 60 03 77 AB 6A F5 3F CE 01 33 00 30 F4 3A A7 08 E2 04 FA C8 9D 54 49 DE 63 EA F0 A5 1C C4 03 57 51 B6 AE 0B 55 41 F8 AB 22 F1 DC A3 B0 73 08 55 14 02 BF FF 55 87 42 4C 23 70 91 6A 01 34 00 10 61 C7 02 3F 1D BE A6 27 2F 24 D4 92 95 68 71 EF 05 28 00 1A 7B 22 51 49 4D 5F 69 6E 76 69 74 61 74 69 6F 6E 5F 62 69 74 22 3A 22 31 22 7D 03 22 00 10 CE 1E 2E DC 69 24 4F 9B FF 2F 52 D8 8F 69 DD 40 01 1D 00 76 5F 5E 10 E2 34 36 79 27 23 53 4D 65 6B 6A 33 6D 7D 4E 3C 5F 00 60 00 01 5E 19 65 8C 00 58 67 00 9C 02 E4 BC DB A3 93 98 A1 ED 4C 91 08 6F 0C 06 E0 12 6A DC 14 5B 4D 20 7C 82 83 AE 94 53 A2 4A A0 35 FF 59 9D F3 EF 82 42 61 67 2A 31 E7 87 7E 74 E7 A3 E7 5C A8 3C 87 CF 40 6A 9F E5 F7 20 4E 56 C6 4F 1C 98 3A 8B A9 4F 1D 10 35 C2 3B A1 08 7A 89 0B 25 0C 63 01 1F 00 0A 00 01 51 80 00 00 03 84 00 00 01 38 00 0E 00 00 00 01 01 0A 00 27 8D 00 00 00 00 00 01 1A 00 13 02 5B 06 01 0E 73 74 65 61 6D 63 68 69 6E 61 2E 66 75 6E 05 22 00 14 00 00 00 00 76 E4 B8 DD AB 53 02 9F 5E 19 65 8C 20 02 ED BD 05 37 00 17 01 01 00 00 00 00 76 E4 B8 DD 04 AB 53 02 9F 5E 19 65 8C 20 02 ED BD 01 20 00 0A 4D 39 50 57 50 6E 4C 31 65 4F 01 6D 00 2C 31 7A 50 7A 63 72 70 4D 30 43 6E 31 37 4C 32 32 6E 77 2D 36 7A 4E 71 48 48 59 41 35 48 71 77 41 37 6D 76 4F 63 2D 4A 56 77 47 51 5F 05 12 03 5D 00 0E 00 0A 74 65 6E 70 61 79 2E 63 6F 6D 00 2C 6E 4A 72 55 55 74 63 2A 34 7A 32 76 31 66 6A 75 77 6F 6A 65 73 72 76 4F 68 70 66 45 76 4A 75 55 4B 6D 34 43 2D 76 74 38 4D 77 38 5F 00 00 00 11 6F 70 65 6E 6D 6F 62 69 6C 65 2E 71 71 2E 63 6F 6D 00 2C 78 59 35 65 62 4D 74 48 44 6D 30 53 6F 68 56 71 68 33 43 79 79 34 6F 63 65 4A 46 6A 51 58 65 68 30 44 61 75 55 30 6C 78 65 52 6B 5F 00 00 00 0B 64 6F 63 73 2E 71 71 2E 63 6F 6D 00 2C 64 6A 62 79 47 57 45 4F 34 58 34 6A 36 4A 73 48 45 65 6B 73 69 74 72 78 79 62 57 69 77 49 68 46 45 70 72 4A 59 4F 2D 6B 36 47 6F 5F 00 00 00 0E 63 6F 6E 6E 65 63 74 2E 71 71 2E 63 6F 6D 00 2C 64 4C 31 41 79 32 41 31 74 33 58 36 58 58 2A 74 33 64 4E 70 2A 31 61 2D 50 7A 65 57 67 48 70 2D 65 47 78 6B 59 74 71 62 69 6C 55 5F 00 00 00 0C 71 7A 6F 6E 65 2E 71 71 2E 63 6F 6D 00 2C 75 6A 55 5A 4F 6A 4F 48 52 61 75 6B 32 55 50 38 77 33 34 68 36 69 46 38 2A 77 4E 50 35 2D 66 54 75 37 67 39 56 67 44 57 2A 6B 6F 5F 00 00 00 0A 76 69 70 2E 71 71 2E 63 6F 6D 00 2C 37 47 31 44 6F 54 2D 4D 57 50 63 2D 62 43 46 68 63 62 32 56 38 6E 77 4A 75 41 51 63 54 39 77 45 49 62 57 43 4A 4B 44 4D 6C 6D 34 5F 00 00 00 0A 71 75 6E 2E 71 71 2E 63 6F 6D 00 2C 7A 73 70 5A 56 43 59 45 7A 35 2A 4F 6B 4E 68 6E 74 79 61 69 6E 6F 68 4D 32 6B 41 6C 2A 74 31 63 7A 48 57 77 30 41 6A 4B 50 4B 6B 5F 00 00 00 0B 67 61 6D 65 2E 71 71 2E 63 6F 6D 00 2C 32 6F 2D 51 53 36 65 43 70 37 6A 43 4E 34 6A 74 6E 47 4F 4B 33 67 73 32 63 4A 6F 56 71 58 65 44 48 61 55 39 65 34 2D 32 34 64 30 5F 00 00 00 0C 71 71 77 65 62 2E 71 71 2E 63 6F 6D 00 2C 63 54 4D 79 64 51 43 35 50 74 43 45 51 72 6F 33 53 54 41 66 7A 56 2D 44 76 46 56 35 58 6D 56 6B 49 31 68 4C 55 48 4E 65 76 56 38 5F 00 00 00 0D 6F 66 66 69 63 65 2E 71 71 2E 63 6F 6D 00 2C 6F 73 72 54 36 32 69 37 66 76 6D 49 50 64 6F 58 4B 48 74 38 58 52 59 56 77 72 7A 6E 69 31 58 7A 57 4C 77 2A 71 36 33 44 74 73 6F 5F 00 00 00 09 74 69 2E 71 71 2E 63 6F 6D 00 2C 41 61 77 4D 78 4D 32 79 58 51 47 75 72 75 55 6C 66 53 58 79 5A 57 48 53 78 52 57 58 50 74 6B 6B 4F 78 6F 66 4A 59 47 6C 71 68 34 5F 00 00 00 0B 6D 61 69 6C 2E 71 71 2E 63 6F 6D 00 2C 67 72 57 68 58 77 34 4C 6E 4B 49 4F 67 63 78 45 71 70 33 61 45 67 37 38 46 7A 77 4E 6D 4B 48 56 6E 6F 50 4C 4F 32 6D 57 6D 6E 38 5F 00 00 00 09 71 7A 6F 6E 65 2E 63 6F 6D 00 2C 72 61 47 79 51 35 54 72 4D 55 7A 6E 74 31 4E 52 44 2D 50 72 74 72 41 55 43 35 6A 61 2D 49 47 2D 73 77 4C 6D 49 51 51 41 44 4C 41 5F 00 00 00 0A 6D 6D 61 2E 71 71 2E 63 6F 6D 00 2C 39 73 2D 4F 51 30 67 76 39 42 6A 37 58 71 52 49 4E 30 35 46 32 64 4D 47 67 47 43 58 57 4A 62 68 63 30 38 63 7A 4B 52 76 6B 78 6B 5F 00 00 03 05 00 10 77 75 6E 54 5F 7E 66 7A 72 40 3C 6E 35 50 53 46 01 43 00 40 3A AE 30 87 81 3D EE BA 31 9C EA 9D 0D D4 73 B1 81 12 E0 94 71 73 7A B0 47 3D 09 47 E5 1B E1 E2 06 1A CB A4 E3 71 9E A6 EA 2A 73 5C C8 D3 B1 2A B1 C7 DA 04 A6 6D 12 26 DF 6B 8B EC C7 12 F8 E1 01 18 00 05 00 00 00 01 00 01 63 00 10 67 6B 60 23 24 6A 55 39 4E 58 24 5E 39 2B 7A 69 01 38 00 5E 00 00 00 09 01 06 00 27 8D 00 00 00 00 00 01 0A 00 24 EA 00 00 00 00 00 01 1C 00 1A 5E 00 00 00 00 00 01 02 00 01 51 80 00 00 00 00 01 03 00 00 1C 20 00 00 00 00 01 20 00 01 51 80 00 00 00 00 01 36 00 1B AF 80 00 00 00 00 01 43 00 1B AF 80 00 00 00 00 01 64 00 1B AF 80 00 00 00 00 01 30 00 0E 00 00 5E 19 65 8C 9F 02 53 AB 00 00 00 00 val tlvMap119 = this.readTLVMap() - println("tlvMap119 KEYS: " + tlvMap119.keys.joinToString { it.contentToString() }) - tlvMap119[0x305]?.let { println("TLV 0x305=${it.toUHexString()}") } - tlvMap119.filterValues { it.size == 16 }.forEach { - println(it.key.toUHexString("") + "=" + it.value.toUHexString()) - } // ??? tlvMap119[0x1c]?.read { diff --git a/mirai-core-qqandroid/src/jvmTest/kotlin/androidPacketTests/clientToServer.kt b/mirai-core-qqandroid/src/jvmTest/kotlin/androidPacketTests/clientToServer.kt index ca646c1d4..b1d74199f 100644 --- a/mirai-core-qqandroid/src/jvmTest/kotlin/androidPacketTests/clientToServer.kt +++ b/mirai-core-qqandroid/src/jvmTest/kotlin/androidPacketTests/clientToServer.kt @@ -49,14 +49,12 @@ import kotlin.text.toByteArray // ConfigPushSvc.PushResp, ** StatSvc.register send 20da22db750806141ef448110800450002f85124400080060000c0a8030a71600dd0fe501f908b8c558508cee2605018020045cd0000000000ac0000000b01a4da6eb0000000000e3139393437303130323122465f76192ce454d64e90a36fe651eb96d052893396c002a815851dc04994d16f7a596b06ca02b4743077fb387442f00409806ece8bf2f533a129073db60c8d5a22b9d4224387629e8ce29959a683f505b741aa1a83068239f6df0f97a4e5499c1035092e7466b005307110460211aecd1f11c10cea0cc861007e08882accb0bbaec68cd9c9a83fd19bb5eebda016ff000002240000000a0100000044e0e22a59327abb9ce80cf63be86694210344fab2f2b065d7785a32cacfa4075cd509f49cb37a075ad0685cbd472344bfdef1ede611c0ad81129be9e2d7e476d2000000000e31393934373031303231f4cf6ac405adbbfab64c0905f9f1f4b3236e4b17c34bc8aaefd77b184f012c036978eea06bb7f9e6d443a9d71f6eaf8b08b3c49858269de0405d7acf5076fd3000357cdbced53142200fcd8f87dc2a047ecfdd0d374aa0bb1b5c97b35e59a7cc77f146c930d04be6b70a75be3d71704d1b95794cbc36ef0ffe96533d61521c7b4b676f6b067859c0760ae5689f146b3c1a19668b694a50aa1d561f2feb76b49d507dc530d49007ba08f84297b23290177539d0b2a3ceb0a2ef8a64b65494e574ed78857fc1c93911c7639dce6699d5fde605f432d4ab7dfd6cf8cc5451950b29d79f5e755f90faadf55dfcb3993d9b4fb9479f44e47c1a0702205da298327b0deb180e2976d07be7b6ac0302b128d792200a092e084ca6908fe0c13e142d50f42783009029b3d2da23bd1050a2cc56023f943ce3b164002fa31fdf9624a255455cc77b774223726f36cccb2603240ca528534ee1533eb66872b007ea20bb5e76f87efa35d7dcb4be7e5f410ed7276c09e20f04db63ea4b79fd7d2201ef0ec14b5f9795bd2bd028e58b3ab8d3461a188f113a8b50406e9c3db9f8b2115924faadc9f2707c6715dc2dda73119228079467fbe145cf951cf1948e755aa428f4e478a6ab9708ad39ded4 -internal val wtSessionTicketKey = "B6 9D E4 EC 65 38 64 FD C8 3A D8 33 54 35 0C 73".hexToBytes() -internal val tgtgtKey = "D7 71 03 E3 4C E5 8F 6B 05 D8 C7 8C 96 FB FB 23".hexToBytes() -internal val deviceToken = "CE 1E 2E DC 69 24 4F 9B FF 2F 52 D8 8F 69 DD 40".hexToBytes() -internal val D2Key = "44 28 6B 35 7A 54 2D 45 45 5D 56 32 44 33 47 49".hexToBytes() -internal val userStKey = "35 29 42 54 78 62 47 68 5E 77 68 54 6B 76 57 5F".hexToBytes() -internal val userStWebSig = - "63 A2 BD 78 FC 88 58 AC 12 95 6C 15 6A 9B A1 EB B0 E8 66 D0 95 D2 0E B4 BC C3 48 05 C1 D9 54 FB 65 8F 21 29 E5 5D 84 BA A1 63 48 5C 24 F3 84 A3".hexToBytes() -internal val tgtKey = "44 24 3F 43 3F 21 37 2B 29 44 6E 47 70 3A 4E 3D".hexToBytes() +internal var wtSessionTicketKey = "B6 9D E4 EC 65 38 64 FD C8 3A D8 33 54 35 0C 73".hexToBytes() +internal var tgtgtKey = "D7 71 03 E3 4C E5 8F 6B 05 D8 C7 8C 96 FB FB 23".hexToBytes() +internal var deviceToken = "CE 1E 2E DC 69 24 4F 9B FF 2F 52 D8 8F 69 DD 40".hexToBytes() +internal var D2Key = "44 28 6B 35 7A 54 2D 45 45 5D 56 32 44 33 47 49".hexToBytes() +internal var userStKey = "35 29 42 54 78 62 47 68 5E 77 68 54 6B 76 57 5F".hexToBytes() +internal var tgtKey = "44 24 3F 43 3F 21 37 2B 29 44 6E 47 70 3A 4E 3D".hexToBytes() internal val t108 = "BD 12 96 6C 83 53 EF DD 06 16 52 16 B8 1B 25 69".hexToBytes() internal val t10c = "23 7D 2C 7A 3F 4A 41 35 7D 3B 45 51 6D 3D 2A 56".hexToBytes() @@ -67,6 +65,10 @@ internal val shareKeyCalculatedByConstPubKey = ECDH.calculateShareKey( initialPublicKey ) +var ecdhPrivateKeyS = "97a52992cb7a2110413629af94a3c249c68a3b731510caa8" +var passwordMd5: ByteArray = byteArrayOf() +var uin: Long = 0L + fun main() { val data = """ 20da22db750806141ef448110800450000285129400080060000c0a8030a71600dd0fe501f908b8c5bf508cef1de5010020042fd0000 @@ -80,23 +82,32 @@ fun main() { bytes } else bytes.dropTCPHead() }.flatMap { it.toList() }.toByteArray() - data.debugPrint("input").read { - var count = 0 - while (remaining != 0L) { - readBytes((readUInt() - 4u).toInt()).toReadPacket().runCatching { analysisOneFullPacket() }.exceptionOrNull()?.printStackTrace() - count++ - if (remaining != 0L) { - println() - println() - println() - println() - println() - } else DebugLogger.info("共有 $count 个包") - } - } + data.read { decodeMultiClientToServerPackets() } } -fun ByteReadPacket.analysisOneFullPacket() = debugIfFail("Failed", { buildPacket { writeInt(it.size + 4); writeFully(it) } }) { +/** + * 顶层方法. TCP 切掉头后直接来这里 + */ +fun ByteReadPacket.decodeMultiClientToServerPackets() { + println("=======================处理客户端到服务器=======================") + var count = 0 + while (remaining != 0L) { + readBytes((readUInt() - 4u).toInt()).toReadPacket().runCatching { analysisOneFullPacket() }.exceptionOrNull()?.printStackTrace() + count++ + if (remaining != 0L) { + println() + println() + println() + println() + println() + } else DebugLogger.info("=======================共有 $count 个包=======================") + } + println() +} + +val firstShareKey = ECDH.calculateShareKey(loadPrivateKey(ecdhPrivateKeyS), initialPublicKey) + +fun ByteReadPacket.analysisOneFullPacket(): ByteReadPacket = debugIfFail("Failed", { buildPacket { writeInt(it.size + 4); writeFully(it) } }) { val flag1 = readInt() println("flag1=" + flag1.contentToString()) val flag2 = readByte().toInt() @@ -125,6 +136,109 @@ fun ByteReadPacket.analysisOneFullPacket() = debugIfFail("Failed", { buildPacket when (flag1) { 0x0A -> decodeSso() 0x0B -> decodeUni() + else -> error("unknown flag1: $flag1") + } + + when (flag2) { + + 2 -> { + + this.debugPrint("Oicq Request").apply { + /* + byte 2 // head flag + short 27 + 2 + remaining.length + ushort client.protocolVersion // const 8001 + ushort 0x0001 // const0 + uint client.uin + byte 3 // const1 + ubyte encryptMethod.value // [EncryptMethod] + byte 0 // const2 + int 2 // const3 + int client.appClientVersion + int 0 // const4 + */ + discardExact(3) + readShort().toInt().takeIf { it != 8001 }?.let { + println(" got new protocolVersion=$it") + } + println(" commandId=${readUShort()}") + readUShort().toInt().takeIf { it != 1 }?.let { + println(" got new const0=$it") + } + println(" uin=${readUInt()}") + readByte().toInt().takeIf { it != 3 }?.let { + println(" got new const1=$it") + } + val encryptionMethod = readUByte().toInt() + readByte().toInt().takeIf { it != 0 }?.let { + println(" got new const2=$it") + } + readInt().takeIf { it != 2 }?.let { + println(" got new const3=$it") + } + readInt().takeIf { it != 0 }?.let { + println(" got new appClientVersion=$it") + } + readInt().takeIf { it != 0 }?.let { + println(" got new const4=$it") + } + + + discardExact(1) + discardExact(1) + val randomKey = readBytes(16) + println("randomKey= ${randomKey.toUHexString()}") + readUShort().toInt().takeIf { it != 258 }?.let { + println(" got new const in ECDH head(originally=258)=$it") + } + val publicKey = readBytes(readShort().toInt()) + println("ecdh publicKey=" + publicKey.toUHexString()) + + + val encrypt = when (encryptionMethod) { + 135, 7 -> { + ECDH.calculateShareKey( + loadPrivateKey(ecdhPrivateKeyS), + //"04cb366698561e936e80c157e074cab13b0bb68ddeb2824548a1b18dd4fb6122afe12fe48c5266d8d7269d7651a8eb6fe7".chunkedHexToBytes().adjustToPublicKey() // QQ: 04cb366698561e936e80c157e074cab13b0bb68ddeb2824548a1b18dd4fb6122afe12fe48c5266d8d7269d7651a8eb6fe7 + publicKey.adjustToPublicKey() + ) + } + + 69 -> { + error("encryptionMethod 69") + } + else -> error("unknown encryptionMethod=$encryptionMethod") + } + + val encryptedBody = readBytes((remaining - 1).toInt()) + + val decrypted = kotlin.runCatching { + encryptedBody.decryptBy(encrypt).also { println("first by calculatedShareKey or sessionKey(method=7)") } + }.getOrElse { + encryptedBody.decryptBy(shareKeyCalculatedByConstPubKey).also { println("first by shareKeyCalculatedByConstPubKey") } + }.let { firstDecrypted -> + runCatching { + firstDecrypted.decryptBy(encrypt).also { println("second by calculatedShareKey") } + }.getOrElse { + kotlin.runCatching { + firstDecrypted.decryptBy(firstShareKey) + }.getOrDefault(firstDecrypted) + } + } + + decrypted.debugPrint("Real body").apply { + discardExact(4) + readTLVMap()[0x106]?.decryptBy(passwordMd5 + ByteArray(4) + uin.toInt().toByteArray())?.read { + discardExact(2 + 4 * 4 + 8 + 4 + 4 + 1 + 16) + tgtgtKey = readBytes(16) + } + + } + } + } + else -> { + this.debugPrint("uni packet") + } } } } @@ -137,8 +251,10 @@ fun ByteReadPacket.decodeUni() { // 00 00 00 5B 10 03 2C 3C 4C 56 23 51 51 53 65 72 76 69 63 65 2E 43 6F 6E 66 69 67 50 75 73 68 53 76 63 2E 4D 61 69 6E 53 65 72 76 61 6E 74 66 08 50 75 73 68 52 65 73 70 7D 00 00 1A 08 00 01 06 08 50 75 73 68 52 65 73 70 1D 00 00 09 0A 10 01 22 14 DA 6E B1 0B 8C 98 0C A8 0C println("// 尝试解 Uni") println("// head") + return readBytes(readInt() - 4).debugPrint("head").toReadPacket().apply { val commandName = readString(readInt() - 4).also { println("commandName=$it") } + println(commandName) println(" unknown4Bytes=" + readBytes(readInt() - 4).toUHexString()) // 00 00 00 1A 43 6F 6E 66 69 67 50 75 73 68 53 76 63 2E 50 75 73 68 52 65 73 70 // 00 00 00 08 02 B0 5B 8B @@ -202,108 +318,20 @@ fun ByteReadPacket.decodeSso() { discardExact(4) println("// body(maybe OicqRequest)") - this.debugPrint("SSO Body").apply { - /* - byte 2 // head flag - short 27 + 2 + remaining.length - ushort client.protocolVersion // const 8001 - ushort 0x0001 // const0 - uint client.uin - byte 3 // const1 - ubyte encryptMethod.value // [EncryptMethod] - byte 0 // const2 - int 2 // const3 - int client.appClientVersion - int 0 // const4 - */ - discardExact(3) - readShort().toInt().takeIf { it != 8001 }?.let { - println(" got new protocolVersion=$it") - } - println(" commandId=${readUShort()}") - readUShort().toInt().takeIf { it != 1 }?.let { - println(" got new const0=$it") - } - println(" uin=${readUInt()}") - readByte().toInt().takeIf { it != 3 }?.let { - println(" got new const1=$it") - } - val encryptionMethod = readUByte().toInt() - readByte().toInt().takeIf { it != 0 }?.let { - println(" got new const2=$it") - } - readInt().takeIf { it != 2 }?.let { - println(" got new const3=$it") - } - readInt().takeIf { it != 0 }?.let { - println(" got new appClientVersion=$it") - } - readInt().takeIf { it != 0 }?.let { - println(" got new const4=$it") - } - - val firstShareKey = "8bcf4c91a46b6959685094fa2bf7597d".chunkedHexToBytes() - - discardExact(1) - discardExact(1) - val randomKey = readBytes(16) - println("randomKey= ${randomKey.toUHexString()}") - readUShort().toInt().takeIf { it != 258 }?.let { - println(" got new const in ECDH head(originally=258)=$it") - } - val publicKey = readBytes(readShort().toInt()) - println("ecdh publicKey=" + publicKey.toUHexString()) - - - val encrypt = when (encryptionMethod) { - 135, 7 -> { - ECDH.calculateShareKey( - loadPrivateKey("97a52992cb7a2110413629af94a3c249c68a3b731510caa8"), - //"04cb366698561e936e80c157e074cab13b0bb68ddeb2824548a1b18dd4fb6122afe12fe48c5266d8d7269d7651a8eb6fe7".chunkedHexToBytes().adjustToPublicKey() // QQ: 04cb366698561e936e80c157e074cab13b0bb68ddeb2824548a1b18dd4fb6122afe12fe48c5266d8d7269d7651a8eb6fe7 - publicKey.adjustToPublicKey() - ) - } - - 69 -> { - error("encryptionMethod 7") - } - else -> error("unknown encryptionMethod=$encryptionMethod") - } - - val encryptedBody = readBytes((remaining - 1).toInt()) - - val decrypted = kotlin.runCatching { - encryptedBody.decryptBy(encrypt).also { println("first by calculatedShareKey or sessionKey(method=7)") } - }.getOrElse { - encryptedBody.decryptBy(shareKeyCalculatedByConstPubKey).also { println("first by shareKeyCalculatedByConstPubKey") } - }.let { firstDecrypted -> - runCatching { - firstDecrypted.decryptBy(encrypt).also { println("second by calculatedShareKey") } - }.getOrElse { - kotlin.runCatching { - firstDecrypted.decryptBy(firstShareKey) - }.getOrDefault(firstDecrypted) - } - } - - decrypted.debugPrint("Real body") - decrypted.read { - - } - } } -val keys = mapOf( - "16 zero" to ByteArray(16), - "wtSessionTicketKey" to wtSessionTicketKey, - "D2 key" to D2Key, - "tgtgtKey" to tgtgtKey, - "tgtKey" to tgtKey, - "userStKey" to userStKey, - "deviceToken" to deviceToken, - "shareKeyCalculatedByConstPubKey" to shareKeyCalculatedByConstPubKey, - "t108" to t108, - "t10c" to t10c, +val keys: Map + get() = mapOf( + "16 zero" to ByteArray(16), + "wtSessionTicketKey" to wtSessionTicketKey, + "D2 key" to D2Key, + "tgtgtKey" to tgtgtKey, + "tgtKey" to tgtKey, + "userStKey" to userStKey, + "deviceToken" to deviceToken, + "shareKeyCalculatedByConstPubKey" to shareKeyCalculatedByConstPubKey, + "t108" to t108, + "t10c" to t10c, "t163" to t163 )