BNETDocs
Blizzard Weak Digital Signature

The Blizzard Weak Digital Signature is a digital signature used by Battle.net(v1) clients used to verify the integrity and authenticity of remotely downloaded MPQ files. The signature is stored in a file named (signature), uncompressed and unencrypted.

Implementation

The RSASSA-PKCS1-v1_5 signature scheme is used in conjunction with the MD5 hashing algorithm and a 512-bit RSA key.

Usage

MPQ files used for CheckRevision and ExtraWork are signed with the Blizzard Weak Digital Signature, and are verified before loading those modules. The MPQ embedded inside the binaries of manual patches also contain a Blizard Weak Digital Signature.

File Structure

Offset Field Description
0x00 Unknown Always 0
0x04 Unknown Always 0
0x08 Signature The digital signature in little-endian order

Public Key

Modulus: 92627704bfb882cc0523b90cb1ac0459272175968d025eda47dd7c49371bf8faeb0e0a92167557ad51b78ccb68c5426290ee9fb14bc118e430349ea4ed6ad837

Exponent: 0x10001

-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJJidwS/uILMBSO5DLGsBFknIXWWjQJe2kfdfEk3G/j66w4KkhZ1V61Rt4zLaMVCYpDun7FLwRjkMDSepO1q2DcCAwEAAQ==
-----END PUBLIC KEY-----

Private Key

-----BEGIN PRIVATE KEY-----
MIIBOQIBAAJBAJJidwS/uILMBSO5DLGsBFknIXWWjQJe2kfdfEk3G/j66w4KkhZ1V61Rt4zLaMVCYpDun7FLwRjkMDSepO1q2DcCAwEAAQJANtiztVDMJh2hE1hjPDKyUmEJ9U/aN3gomuKOjbQbQ/bWWcM/WfhSVHmPqtqh/bQI2UXFr0rnXngeteZHLr/b8QIhAMuWriSKGMACw18/rVVfUrThs915odKBH1Alr3vMVVzZAiEAuBHPSQkgwcb6L4MWaiKuOzq08mSyNqPeN8oSy18q848CIHeMn+3s+eOmu7su1UYQl6yH7OrdBd1q3UxfFNEJiAbhAiAqxdCyOxHGlbM7aS3DOg3cq5ayoN2cvtV7h1R4t8OmVwIgF+5z/6vkzBUsZhd8Nwyis+MeQYH0rpFpMKdTlqmPF2Q=
-----END PRIVATE KEY-----

Signing

MPQ Editor and MPQSigner both use Stormlib to sign MPQ files.

| Edited: xboi209
Comments

no one has commented yet.