Authorization in steam

Question

I am trying to log in to the Steam website. How the authorization takes place can be found here (CLoginPromptManager.prototype.OnRSAKeyResponse)

To encrypt the key using the library phplibsec. I encrypt the password as follows:

public function encryptPassword($password, $publickey_exp, $publickey_mod) { $RSA = new RSA(); $RSA->setEncryptionMode(RSA::ENCRYPTION_PKCS1); $key = [ 'modulus' => new BigInteger($publickey_mod, 16), 'publicExponent' => new BigInteger($publickey_exp, 16) ]; $RSA->loadKey($key, RSA::PUBLIC_FORMAT_RAW); return urlencode(base64_encode($RSA->encrypt($password))); }

Everything worked until a certain point, then started issuing errors:

 Notice (1024): Message representative out of range [ROOT/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php, line 2225] Fatal error: Call to a member function toBytes() on boolean in /var/www/cakephp/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php on line 2062

or

 Notice (1024): Integer too large [ROOT/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php, line 2064]

var_dump:

 public_exp: 010001 public_mod: BBF843183FFAB35A7AB5DF426389B553372A7DEB10031A219C80EDC165BD5C3EFC4AAAA69CFBF9E20D829B62937A1E24AF0F190B72435E47C93934D0E566F6EBFB481CF17E726792D016F3D8227061B5D5A452DAC2EA5475051EFC511B0C64F1EE8D2E3D975E4838774232185312D7F9795F6679845500B46BA148173A11DC8CC5F1D2EEAC1AEE820FC4FA86AC562666E30E6D38FF867AB5988B44FC51BC08664BD3B7432570217157240972D732FC0931CD91785193D59FAC783B45F554364E307693E313B3FBD1828FC67CEED3BC33380D3FDB4463B971EE2BCB798253C5377BCBF1A258055192E2D6A27CC3BA70E8E3C4AF7D5049ED55D96C212D34B63AE3

Help fix the problem.

update:

Project repository: github.com/SpekToR-ru/Awesomenauts-Match-Players

I tried to do password encryption via js (like on the site of the incentive), but it hasn’t taken off yet - the answer of the incentive: Incorrect login.

Ps. Join who is interested in this topic)

Iaroslav Gashuk Iaroslav Gashuk 41 2 bronze marks · Answer 1 · 2016-04-17T04:37:35

There is a suspicion that the second parameter of the encrypt method still needs to be an integer. Well, or absent, if you are satisfied with the default value.

Iaroslav Gashuk

41 2 bronze marks

Thanks for the answer, I tried to clean, but there is no difference. It seems to me that the matter is in the module and the exponent that Steam sends. Also, the error "Integer too large" periodically occurs (added to the description). Before that, everything worked and I did not update anything. Then it stopped. Maybe something changed. Filled on github repository . ProfilesController.php files (authorize method) and Profile.php (encryptPassword method) - Devyatov A
I also tried to do encryption via JS (I loaded methods from a stim), but, unfortunately, something did not work (Incorrect login), I will try again. This is a more realistic option for me so far) - Devyatov A

|

Devyatov A Devyatov A 6 3 bronze marks · Answer 2 · 2016-06-06T07:27:35

The problem turned out to be in the PHP version .. After installing (for the test) version 7, everything worked fine. Before that, php was also 64bit (checked before deleting). Maybe the problem was in one of the modules. At leisure, I will experiment.

vebmaster vebmaster 49 5 bronze marks · Answer 3 · 2018-03-15T15:53:52

Now the correct version is:

 function encryptPassword($password, $publickey_exp, $publickey_mod) { $RSA = new Crypt_RSA(); $RSA->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); $key = [ 'modulus' => new Math_BigInteger($publickey_mod, 16), 'publicExponent' => new Math_BigInteger($publickey_exp, 16) ]; $RSA->loadKey($key, CRYPT_RSA_PUBLIC_FORMAT_RAW); $RSA->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); return base64_encode($RSA->encrypt($password)); }

Authorization in steam

3 answers 3

More articles: