Differences

This shows you the differences between two versions of the page.

--- b2f:b2f [2025/02/15 10:09] – [Calling Station ID] f4hof
+++ b2f:b2f [2025/03/09 17:46] (current) – [Secure Gateway Login] f4hof
@@ Line 57: / Line 57: @@
 The exchange happens after the SID has been transmitted.
-The server sends a '';PQ'' proposal with an authentication challenge, which is formatted as follow:
+The server sends a '';PQ:'' proposal with an authentication challenge, which is formatted as follow:
-<code>;PQ 99685857</code>
+<code>;PQ: 99685857</code>
 The client computes the response using the following pseudocode:
 <code c>
-// Trailing salt
+S3CRYPT:BEGIN:AESCTR:14AD:wrgBw7/DuMKaw5HDjWdeQ8K1Xj3CjDtjOcKBYUtNDSoNDMKvwq
-uint8_t sl_salt[] = {
+rDi8K8JsOww7bCixErw4fCgcKBA8Oew6TDm8Kcw4YhNRdjAgwt
-, 197, 101, 206, 190, 249,  93, 200,
+VcK2w6MdwpNhwppnw4QbX0HDkSbCgHM8w5I0w78NCsOOwrnCuG
-, 243,  93, 237,  71,  94, 239, 138,
+zDq8O0w5oNw5lNw6DCscOHSAlwwowSwqvDlMKAKw7DrMKGAHsp
-, 108,  70, 185, 225, 137, 217,  16,
+BCwMd8KjXmjDrMO7RTUTXlRqSU3CvsK4T8K2XT/DsArClsKUwq
-, 122, 193,  48, 194, 195, 198, 175,
+bCvD4/PRg+GkxZTWMQw755PxLCi1/Do8Oyw7TClMO3EjzCnMO2
-, 169,  70,  84,  61,  62, 104, 186,
+Yj1UwpRGwq5macOqwqFrfH0Dw5Fgw4bDoDzCp8KKR8Ouw7PDmD
-,  52,  61, 168,  66, 129, 192, 208,
+gFwpVbwovCqsOVeMOSGsKaUMOUwppHw63DhDdqCcKXNsKcTi1i
-, 249, 232, 193,  41, 113,  41,  45,
+DS4aCMOnw4Uew44BWwQ0wroUJcO7w4VqdMO1XcO7wqZYGMOAP8
-,  16,  29, 228, 208, 228,  61,  20
+KXwqdSwpprw4jClcKOFQPCkFQNwpt6bMKCw7TCisOTw7vDtcOc
-};
+LMOzMyXDih5KZMKBw64zw4LChGzCtjPDrMO/PBXCmVrDiA7Cp1
+Ncwq3Cm8KGw7bCj8Oaw53Do3nCs8O6bcKQwqDCvV7CgSXCusKX
+wrLCgMK0ewnDpBLDrMKcCsKXb8Khw4TCrcOBA2DCnx0xLsKEMs
+OZfMK9OMKRw7pDw4fDrn1BdWXDqkLChHRlwqrDrSbDi8O5K0HD
+qBFQw5kCw4NdSRvDnAopU05gaEAHSBfCm8KYw5vCnMKxZTLCuz
+wp0Owo0Zw6vCrsOuw5XCtsK2c8KzdcKwwq03w7TDt8KIw7Qh
+w7nCusOUNMOaXlLCjAQ0aMOjw4nDpGpWwp5XAk5pwr/ChsK0wr
+DjcOcw4jCplzCpsOkERPDskjCvnlFw7IJwqzCsBkGOg08wqzC
+gMKXw4M4w6/DvhIHYQ1eN3bCtwk9HMOJw4jCgsOgwpBISsOPw6
+Dq29AMR7DusOjFsOpw7sFwqnDsUnCgMO0eMKTwpXDtjjCicO+
+Q8KTLMOAwqrDjjEsw7vDmT1dKcOMCcKKw4wUwofDgcKkERBrw5
+ZNw4kUwqfDl8OdXWXDpsOGLMK6w57DgxPCqcKdw6jDnAfDqMOt
+wogDRwLCo8O7JyLDssOaPVHCscKVAHjDq8KMMcOUa8KFwp3DgX
+PCisKRw60QwpLCnMODYsKowqrCoDh4AsORLcKjcDBPJcOCKsOi
+Amx9UMK9woLClsOMEMKvwqJKCz0iN1JvGjfDuxLChWkcTH3DjM
+OowpkFw7fDkDjCiC/CgxhSRE1Xw7nDqsOLGTbDs8KXw5PCpRQP
+wq9/bRjDm8KQCsOHw7/DoB7Clgw4TX3Cpm/DvsKzwp7CrsK9w5
+llwo3DtkvDpVk/acKUfnMECMOpAsKKwqLCu8Kqw7TCtxsew7kH
+DMO4wrBswrTCoG0ZwrrDv8KqwovCri0AMsKFw5lJIsOraARJwp
+zDncKSS1DDhUpIwrULwp7CocOfMD3CmmPCjsOddsOTN2vDh8Ky
+FcK+wqPCpkhQw5N9Fkl0wq/CncOhwoNYOzwaw44TwrJxwoBXIc
+KEW00Tw7rCuMOzO8KsOkLCvsKiwp7CtcKhwqrCiMOiwpnDihIs
+wrDDocKPw7PDmy3CosKSEDECw53CuUM5woHDg8O8NhdPwrHCv8
+OGwq1cBiN4wqbCgjtDb8OYLsOQw5PCr8KNI0jDgTlDbAw6e3/D
+oMO6w751DcODwpI9wpINJzfCssOWw5TCmFUTBVnCoBcXclIawq
+LCoMOzwoERPAvDnThSwoTDvSl2PU8NwojCpF3DuRjDmcK1w7zC
+oXBjccKIwrHCiMKvD3HDlcOdY2Ygw67Co2nDo8KAwrzDkcKvwq
+gdcUNjw6TDpMO/w4LCpUVbVA7CvMOudsKjcMO0fcKHw7Zsw64j
+w4oywp7Dog8ZTcKcw5MMw6JYw4TDhMO5w6fDow9Bw6HCuVFYw6
+jDmUURJsK8PsKqUHLCo2rDsB/CrsK0w47DsMKxSg9+wqI=:END
+</code>
-// Concatenate the challenge, the password and the salt.
+The result is then sent to the server using the following format:
-payload = concat( challenge, password, sl_salt)
-// Compute the md5 of the last result
+<code>;PR: 99685857</code>
-md5sum = md5(payload)
-// Take the first 4 bytes of the hash, flip the byte-wise endianness, and cap the first byte to 0x3f
+ABNF Grammar:
-response = ( (uint8_t)(md5sum[3]) & 0x3f ) << 24 | (uint8_t)(md5sum[2]) << 16 | (uint8_t)(md5sum[1]) << 8 | (uint8_t)(md5sum[0]) )
-// Keep the 8 least significant digits in base 10 of response.
-// If response is shorter than 8 digits, 0-pad from the left.
-resval = itoa( response % 100000000, base10)
-sprintf( result, "%08d", resval)
+<code abnf>
+B2F_AUTH_CHALLENGE = %x3B %x50 %x51 %x3A SP 8DIGIT CR
+B2F_AUTH_RESPONSE  = %x3B %x50 %x52 %x3A SP 8DIGIT CR
 </code>
-The result is then sent to the server using the following format:
+Reference source code in [[https://github.com/nwdigitalradio/paclink-unix/blob/1df400712a985045f2fce0d582a70763c2b2ba7b/wl2k.c#L1249|paclink-unix, function compute_secure_login_response()]] and [[https://github.com/la5nta/wl2k-go/blob/master/fbb/secure.go|wl2k-go]]
-<code>;PR 99685857</code>
+==== Secure Gateway Login ====
+When a RMS connects to a CMS, the latter sends a login challenge with '';SQ:'' proposal.
+The auth scheme works the same way the Secure login does.
+The RMS answers with a triplet composed of the secure login response, the frequency the client is binding to (10 digit integer in Hertz), and the used mode.
 ABNF Grammar:
 <code abnf>
-B2F_AUTH_RESPONSE = %x3B %x50 %x52 SP 8DIGIT CR
+B2F_GW_AUTH_CHALLENGE = %x3B %x53 %x51 %x3A SP 8DIGIT CR
+B2F_GW_AUTH_RESPONSE  = %x3B %x53 %x52 %x3A SP 8DIGIT SP 10DIGIT SP VCHAR CR
 </code>
-Reference source code in [[https://github.com/nwdigitalradio/paclink-unix/blob/1df400712a985045f2fce0d582a70763c2b2ba7b/wl2k.c#L1249|paclink-unix, function compute_secure_login_response()]] and [[https://github.com/la5nta/wl2k-go/blob/master/fbb/secure.go|wl2k-go]]
 ===== Data transfer =====
@@ Line 108: / Line 139: @@
 A message is structured in 3 parts:
+  - The message header
+  - The message body
+  - Attachments
-The first is the header which contains the properties of the message such as its MID, origination date, originator, destination(s), subject, etc. The address header is US-ASCII encoded. Each line is separated by carriage return/line feed (''0x0d 0x0a'').
+==== Message Header ====
+The header contains the message properties, such as its MID, origination date, originator, destination(s), subject, etc. The address header is US-ASCII encoded. Each line is separated by carriage return/line feed (''0x0d 0x0a'').
 Packet headers received from a packet connection may optionally be retained as part of the body of the message. RFC 822 headers received as part of a message from the Internet will be parsed and removed at the point of entry into the Winlink system.
-The second part is the message body, which MAY NOT be empty. The message body is limited to ASCII characters. It is separated from the address header by a single blank line. The exact length (in characters) of the body of the message is indicated in the address header. The message body is terminated with a carriage return/line feed character sequence. These two characters are not included in the length of the message body indicated in the address header and are in addition to any carriage return/line feed characters that may be in the body of the message.
+==== Message Body ====
+The message body MAY NOT be empty. Its content is encoded to the US-ASCII character set.
+It is separated from the address header by a single blank line.
+The exact length (in characters) of the body of the message is indicated in the address header.
+The message body is terminated with a carriage return/line feed character sequence. These two characters are not included in the length of the message body indicated in the address header and are in addition to any carriage return/line feed characters that may be in the body of the message.
 The third part of the message is the attachments. There may be any number of attachments. For each attachment, there is a parameter in the address header that includes the exact length of the attachment, the original file name and extension for the attachment. The file name and extension is limited to 50 characters. An attachment is a sequence of 8-bit bytes without restriction. An attachment is always terminated by a carriage return/line feed. The carriage return/line feed sequence is not included in the attachment length indicted in the address header.