PDA

View Full Version : How does EQEmu work ?


LordCrush
11-11-2002, 01:41 AM
Perhaps i am completely wrong, but as we know from much very good posts about the encryption that the symetric session-key is generated on the client, then encrypted with the public key of the SoE server and then send to the server. The client does not know the private key of the server.

Now my question how does EQ-Emu decrypt that session key as the EQEmu-Server does not know the private key of SoE servers ? ...

Just curious :)
Mr. Suspicious
11-11-2002, 06:47 AM
Think a better place to ask would be at the EQEmu boards (and pretty sure the answer would be: Look at the source =P)
casey
11-11-2002, 07:44 AM
Each zone server could have its own keypair. All the EMU server would need to do is generate a keypair, and send down the public key to the client. Then it could use the private key to decrypt.

in short, the keys used by SOE's zones are irrelivant, since you can always generate your own pair if you're the server.
LordCrush
11-11-2002, 07:52 AM
Thnx Casey,

that makes much sense ... i will have to learn to look on both sides with this encryption thingy :)
Rufus
11-11-2002, 05:48 PM
Originally posted by casey
[B]Each zone server could have its own keypair. All the EMU server would need to do is generate a keypair, and send down the public key to the client. Then it could use the private key to decrypt.


That assumes that the server is generating the keys. I was under the impression that it was the client that was generating the pair?

- Rufus
high_jeeves
11-11-2002, 05:57 PM
Sigh... No, please go read one of the many many posts describing the process. I need a macro for this:

The server has a private key, and a public key.
It sends the public key to the client.
The client generates a session key.
The client encrypts the session key with the servers public key.
The client sends the session key to the server.
The server decrypts the session key with its private key.
The server encrypts certain packets with the session key (which is now a shared secret).

To head off the next question that always gets asked: Yes, we can grab the public key from the data stream... No, that doesnt matter.

--Jeeves
Rufus
11-11-2002, 08:22 PM
d'oh! Okay, I got my client vs. server mixed up, I thought the Client was responsible for generating all three keys (pub/priv/session)...Thanks for clarifying this for me.

- Rufus