Blizzard Weak Digital Signature
The Blizzard Weak Digital Signature is a digital signature used by Battle.net(v1) clients used to verify the integrity and authenticity of remotely downloaded MPQ files. The signature is stored in a file named (signature), uncompressed and unencrypted.
Implementation
The RSASSA-PKCS1-v1_5 signature scheme is used in conjunction with the MD5 hashing algorithm and a 512-bit RSA key.
Usage
MPQ files used for CheckRevision and ExtraWork are signed with the Blizzard Weak Digital Signature, and are verified before loading those modules. The MPQ embedded inside the binaries of manual patches also contain a Blizard Weak Digital Signature.
File Structure
| Offset | Field | Description |
|---|---|---|
| 0x00 | Unknown | Always 0 |
| 0x04 | Unknown | Always 0 |
| 0x08 | Signature | The digital signature in little-endian order |
Public Key
Modulus:
92627704bfb882cc0523b90cb1ac0459272175968d025eda47dd7c49371bf8faeb0e0a92167557ad51b78ccb68c5426290ee9fb14bc118e430349ea4ed6ad837Exponent:
0x10001
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJJidwS/uILMBSO5DLGsBFknIXWWjQJe2kfdfEk3G/j66w4KkhZ1V61Rt4zLaMVCYpDun7FLwRjkMDSepO1q2DcCAwEAAQ==
-----END PUBLIC KEY-----Private Key
-----BEGIN PRIVATE KEY-----
MIIBOQIBAAJBAJJidwS/uILMBSO5DLGsBFknIXWWjQJe2kfdfEk3G/j66w4KkhZ1V61Rt4zLaMVCYpDun7FLwRjkMDSepO1q2DcCAwEAAQJANtiztVDMJh2hE1hjPDKyUmEJ9U/aN3gomuKOjbQbQ/bWWcM/WfhSVHmPqtqh/bQI2UXFr0rnXngeteZHLr/b8QIhAMuWriSKGMACw18/rVVfUrThs915odKBH1Alr3vMVVzZAiEAuBHPSQkgwcb6L4MWaiKuOzq08mSyNqPeN8oSy18q848CIHeMn+3s+eOmu7su1UYQl6yH7OrdBd1q3UxfFNEJiAbhAiAqxdCyOxHGlbM7aS3DOg3cq5ayoN2cvtV7h1R4t8OmVwIgF+5z/6vkzBUsZhd8Nwyis+MeQYH0rpFpMKdTlqmPF2Q=
-----END PRIVATE KEY-----Signing
MPQ Editor and MPQSigner both use Stormlib to sign MPQ files.
| Edited:
xboi209
xboi209 Comments
no one has commented yet.