飞信登录过程的协议分析 (TCP直连方式)


  1. 用户向服务器发送get请求,获取sip和ssic

    服务器返回如下信息: 

    HTTPMessage: Date: Mon, 17 May 2010 04:39:09 GMT

    Server: Microsoft-IIS/6.0

    X-AspNet-Version: 2.0.50727

    Set-Cookie: ssic=DhIOAADSatQxhddLQSDjDno5AHKr/4fQ7i9mqAzjXsH74h1UWRerWJqPpo5YLIs0CoMrWDmEIVb/FO9KBDzvb1SJ7qJuLfkrGMhVgxrJnMEtnG3VD1uoBEqOQ+eXE5/MqtCgIpMAAA==; path=/

    Cache-Control: private

    Content-Type: text/html; charset=utf-8

    Content-Length: 219 

   <?xml version="1.0" encoding="utf-8" ?>

   <results status-code="200">

    <user uri=sip:592252757@fetion.com.cn;p=1630 mobile-no="13572997414" user-status="101" user-id="420232113">

    <credentials></credentials>

    </user>

   </results> 

    记录sip和ssic,后面要用到。 

  1. 向221.176.31.45:8080发送数据,获取nonce

    F: 592252757       //这个是飞信号

    I: 1                 //这个应该是会话编号

    Q: 1 R

    L: 336              //数据内容的长度 

    <args><device type="PC" version="327249223" client-version="3.5.2560" /><caps value="simple-im;im-session;temp-group;personal-group;im-relay;xeno-im;direct-sms;sms2fetion" /><events value="contact;permission;system-message;personal-group;compact" /><user-info attributes="all" /><presence><basic value="400" desc="" /></presence></args> 

    服务器返回如下信息:

   SIP-C/2.0 401 Unauthoried

   F: 592252757

   I: 1

   Q: 1 R

    W: Digest algorithm="MD5-sess;SHA1-sess",nonce="2A403D5F718C8CDB67D9D367447507E9" 

    记录下nonce,下面会用到。 

  1. 221.176.31.45:8080发送response:

    F: 592252757

    I: 1

    Q: 2 R

    A: Digest algorithm="SHA1-sess",response="88EDC599066D6B775CCF4E91637D4A0F",cnonce="627D247341E2C76B51553F413EACB75C",salt="777A6D03",ssic="DhIOAAD+RGauOHll++PD+iSpJwSjgSio8mf1v0pWOKfF8a4YG+i8lP1JfYOYTzbIEVGXYMjqXwxH+nWN5G54oE0o1R4yAHbyoVS4lAFBAazv/tGqaA9QAWDIH00mitYdu7KiRh4AAA=="

    L: 336 

    <args><device type="PC" version="327249223" client-version="3.5.2560" /><caps value="simple-im;im-session;temp-group;personal-group;im-relay;xeno-im;direct-sms;sms2fetion" /><events value="contact;permission;system-message;personal-group;compact" /><user-info attributes="all" /><presence><basic value="400" desc="" /></presence></args>

    如果服务器返回200 OK,即成功登陆。 

    其中response计算方法如下:

  1. 随机生成一个32位的cnonce (627D247341E2C76B51553F413EACB75C)
  2. 指定salt为777A6D03,相应的字符串为wzm\x03 (这个貌似也是任意的)
  3. Hash_pwd=(777A6D03+(Salt+密码的sha1值)的sha1值) (777A6D034D3493C9AC1FA46EB512C6CEF1B050E3802CD215)
  4. 求sip:fetion.com.cn:hash_pwd字符串的sha1值,得出key
  5. 求key:nonce:cnonce字符串的md5值,得出H1
  6. 求REGISTER:sip字符串的md5值,得出H2
  7. 求H1:nonce:H2字符串的md5值,得出response (88EDC599066D6B775CCF4E91637D4A0F)

你可能感兴趣的:(tcp)