RubyGems - mtproto - Versions diffs - 0.0.4 → 0.0.5 - Mend

mtproto 0.0.4 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

checksums.yaml +4 -4
data/Rakefile +13 -1
data/ext/aes_ige/Makefile +273 -0
data/ext/aes_ige/aes_ige.bundle +0 -0
data/ext/aes_ige/aes_ige.c +103 -0
data/ext/aes_ige/extconf.rb +25 -0
data/ext/factorization/Makefile +273 -0
data/ext/factorization/extconf.rb +3 -0
data/ext/factorization/factorization.bundle +0 -0
data/ext/factorization/factorization.c +62 -0
data/lib/mtproto/auth_key_generator.rb +228 -0
data/lib/mtproto/client.rb +182 -5
data/lib/mtproto/crypto/aes_ige.rb +23 -0
data/lib/mtproto/crypto/auth_key_helper.rb +25 -0
data/lib/mtproto/crypto/dh_key_exchange.rb +44 -0
data/lib/mtproto/crypto/dh_validator.rb +80 -0
data/lib/mtproto/crypto/factorization.rb +39 -0
data/lib/mtproto/crypto/message_key.rb +32 -0
data/lib/mtproto/crypto/rsa_pad.rb +59 -0
data/lib/mtproto/encrypted_message.rb +86 -0
data/lib/mtproto/session.rb +20 -0
data/lib/mtproto/tl/bad_msg_notification.rb +46 -0
data/lib/mtproto/tl/client_dh_inner_data.rb +29 -0
data/lib/mtproto/tl/config.rb +122 -0
data/lib/mtproto/tl/gzip_packed.rb +41 -0
data/lib/mtproto/tl/message.rb +142 -2
data/lib/mtproto/tl/msg_container.rb +40 -0
data/lib/mtproto/tl/new_session_created.rb +30 -0
data/lib/mtproto/tl/p_q_inner_data.rb +41 -0
data/lib/mtproto/tl/rpc_error.rb +34 -0
data/lib/mtproto/tl/serializer.rb +55 -0
data/lib/mtproto/tl/server_dh_inner_data.rb +85 -0
data/lib/mtproto/version.rb +1 -1
data/lib/mtproto.rb +20 -0
data/tmp/.keep +0 -0
metadata +30 -1

data/lib/mtproto/client.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 require 'securerandom'
+require 'digest'
 require_relative 'transport/tcp_connection'
 require_relative 'transport/abridged_packet_codec'
 require_relative 'tl/message'
@@ -15,7 +16,7 @@ module MTProto
       5 => ['91.108.56.130', 443]
     }.freeze
-    attr_reader :connection
+    attr_reader :connection, :server_key, :auth_key, :server_salt, :time_offset, :session
     def initialize(dc_id: 2)
       host, port = DC_ADDRESSES[dc_id]
@@ -23,6 +24,12 @@ module MTProto
       codec = Transport::AbridgedPacketCodec.new
       @connection = Transport::TCPConnection.new(host, port, codec)
+      @server_key = nil
+      @auth_key = nil
+      @server_salt = nil
+      @time_offset = 0
+      @session = nil
+      @connection_initialized = false
     end
     def connect
@@ -48,11 +55,181 @@ module MTProto
       raise 'Nonce mismatch!' unless res_pq[:nonce] == nonce
-      rsa_key = Crypto::RSAKey.find_by_fingerprint(res_pq[:fingerprints])
-      raise 'No matching RSA key found!' unless rsa_key
-      res_pq[:rsa_key] = rsa_key
       res_pq
     end
+    def make_auth_key
+      generator = AuthKeyGenerator.new(@connection)
+      result = generator.generate
+      @auth_key = generator.auth_key
+      @server_salt = generator.server_salt
+      @time_offset = generator.time_offset
+      @session = Session.new
+      result
+    end
+    def generate_msg_id
+      time = Time.now.to_f + @time_offset
+      msg_id = (time * (2**32)).to_i
+      (msg_id / 4) * 4
+    end
+    def rpc_call(body, content_related: true)
+      raise 'Auth key not generated' unless @auth_key
+      raise 'Session not initialized' unless @session
+      msg_id = generate_msg_id
+      seq_no = @session.next_seq_no(content_related: content_related)
+      encrypted_msg = EncryptedMessage.encrypt(
+        auth_key: @auth_key,
+        server_salt: @server_salt,
+        session_id: @session.session_id,
+        msg_id: msg_id,
+        seq_no: seq_no,
+        body: body
+      )
+      @connection.send(encrypted_msg.serialize)
+      response_data = @connection.recv(timeout: 10)
+      decrypted = EncryptedMessage.decrypt(
+        auth_key: @auth_key,
+        encrypted_message_data: response_data,
+        sender: :server
+      )
+      response_body = decrypted[:body]
+      constructor = response_body[0, 4].unpack1('L<')
+      puts "  [RPC] First response constructor: 0x#{constructor.to_s(16)} (#{response_body.bytesize} bytes)"
+      if constructor == TL::NewSessionCreated::CONSTRUCTOR
+        puts "  [RPC] Got new_session_created, waiting for actual response..."
+        session_info = TL::NewSessionCreated.deserialize(response_body)
+        @server_salt = session_info.server_salt
+        puts "  [RPC] Updated server_salt to: 0x#{@server_salt.to_s(16)}"
+        response_data = @connection.recv(timeout: 10)
+        puts "  [RPC] Second response received (#{response_data.bytesize} bytes encrypted)"
+        decrypted = EncryptedMessage.decrypt(
+          auth_key: @auth_key,
+          encrypted_message_data: response_data,
+          sender: :server
+        )
+        response_body = decrypted[:body]
+        constructor = response_body[0, 4].unpack1('L<')
+        puts "  [RPC] Second response constructor: 0x#{constructor.to_s(16)} (#{response_body.bytesize} bytes)"
+      end
+      if constructor == TL::Message::CONSTRUCTOR_MSG_CONTAINER
+        puts "  [RPC] Response is a container, unpacking..."
+        container = TL::MsgContainer.deserialize(response_body)
+        puts "  [RPC] Container has #{container.messages.size} messages"
+        container.messages.each_with_index do |msg, i|
+          msg_constructor = msg[:body][0, 4].unpack1('L<')
+          puts "  [RPC]   Message #{i}: constructor=0x#{msg_constructor.to_s(16)}, size=#{msg[:body].bytesize}"
+        end
+        rpc_result = container.messages.find do |msg|
+          msg[:body][0, 4].unpack1('L<') == 0xf35c6d01
+        end
+        if rpc_result
+          puts "  [RPC] Found rpc_result in container, extracting..."
+          return rpc_result[:body][12..]
+        end
+        new_session = container.messages.find { |msg| msg[:body][0, 4].unpack1('L<') == TL::NewSessionCreated::CONSTRUCTOR }
+        if new_session
+          puts "  [RPC] Container has new_session_created, updating salt and waiting for RPC result..."
+          session_info = TL::NewSessionCreated.deserialize(new_session[:body])
+          @server_salt = session_info.server_salt
+          puts "  [RPC] Updated server_salt to: 0x#{@server_salt.to_s(16)}"
+          response_data = @connection.recv(timeout: 10)
+          puts "  [RPC] Next response received (#{response_data.bytesize} bytes encrypted)"
+          decrypted = EncryptedMessage.decrypt(
+            auth_key: @auth_key,
+            encrypted_message_data: response_data,
+            sender: :server
+          )
+          response_body = decrypted[:body]
+          constructor = response_body[0, 4].unpack1('L<')
+          puts "  [RPC] Next response constructor: 0x#{constructor.to_s(16)} (#{response_body.bytesize} bytes)"
+          if constructor == 0xf35c6d01
+            puts "  [RPC] Next response is rpc_result, extracting payload..."
+            return response_body[12..]
+          end
+          if constructor == TL::Message::CONSTRUCTOR_MSG_CONTAINER
+            puts "  [RPC] Next response is also a container, looking for rpc_result..."
+            container = TL::MsgContainer.deserialize(response_body)
+            rpc_result = container.messages.find { |msg| msg[:body][0, 4].unpack1('L<') == 0xf35c6d01 }
+            return rpc_result[:body][12..] if rpc_result
+          end
+          return response_body
+        end
+        puts "  [RPC] No rpc_result found, returning first message body"
+        return container.messages.first[:body]
+      end
+      if constructor == 0xf35c6d01
+        puts "  [RPC] Response is rpc_result, extracting payload..."
+        return response_body[12..]
+      end
+      puts "  [RPC] Returning raw response body (constructor: 0x#{constructor.to_s(16)})"
+      response_body
+    end
+    def invoke_with_layer(layer, query)
+      body = TL::Serializer.serialize_int(0xda9b0d0d)
+      body += TL::Serializer.serialize_int(layer)
+      body += query
+      body
+    end
+    def init_connection(api_id, device_model, system_version, app_version, system_lang_code, lang_code, query)
+      body = TL::Serializer.serialize_int(0xc1cd5ea9)
+      flags = 0
+      body += TL::Serializer.serialize_int(flags)
+      body += TL::Serializer.serialize_int(api_id)
+      body += TL::Serializer.serialize_string(device_model)
+      body += TL::Serializer.serialize_string(system_version)
+      body += TL::Serializer.serialize_string(app_version)
+      body += TL::Serializer.serialize_string(system_lang_code)
+      body += TL::Serializer.serialize_string('')
+      body += TL::Serializer.serialize_string(lang_code)
+      body += query
+      body
+    end
+    def help_get_config
+      query = [0xc4f9186b].pack('L<')
+      unless @connection_initialized
+        query = init_connection(
+          123456,
+          'Ruby MTProto',
+          'Ruby 3.x',
+          '0.1.0',
+          'en',
+          'en',
+          query
+        )
+        query = invoke_with_layer(214, query)
+        @connection_initialized = true
+      end
+      rpc_call(query)
+    end
   end
 end

data/lib/mtproto/crypto/aes_ige.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+begin
+  require 'aes_ige/aes_ige'
+rescue LoadError => e
+  warn "Failed to load AES-IGE C extension: #{e.message}"
+  warn 'Run: cd ext/aes_ige && ruby extconf.rb && make'
+  warn 'AES-IGE encryption/decryption will not be available'
+  module MTProto
+    module Crypto
+      module AES_IGE
+        def self.encrypt_ige(_plaintext, _key, _iv)
+          raise NotImplementedError, 'AES-IGE not available (C extension not loaded)'
+        end
+        def self.decrypt_ige(_ciphertext, _key, _iv)
+          raise NotImplementedError, 'AES-IGE not available (C extension not loaded)'
+        end
+      end
+    end
+  end
+end

data/lib/mtproto/crypto/auth_key_helper.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+require 'digest'
+module MTProto
+  module Crypto
+    module AuthKeyHelper
+      module_function
+      def derive_tmp_aes_key(new_nonce, server_nonce)
+        sha1_a = Digest::SHA1.digest(new_nonce + server_nonce)
+        sha1_b = Digest::SHA1.digest(server_nonce + new_nonce)
+        sha1_a + sha1_b[0, 12]
+      end
+      def derive_tmp_aes_iv(new_nonce, server_nonce)
+        sha1_b = Digest::SHA1.digest(server_nonce + new_nonce)
+        sha1_c = Digest::SHA1.digest(new_nonce + new_nonce)
+        sha1_b[12, 8] + sha1_c + new_nonce[0, 4]
+      end
+    end
+  end
+end

data/lib/mtproto/crypto/dh_key_exchange.rb ADDED Viewed

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+require 'openssl'
+require 'securerandom'
+module MTProto
+  module Crypto
+    module DHKeyExchange
+      module_function
+      def generate_client_dh_params(g, dh_prime_bytes)
+        dh_prime = OpenSSL::BN.new(dh_prime_bytes, 2)
+        g_bn = OpenSSL::BN.new(g)
+        b = generate_random_2048_bit_number
+        g_b = g_bn.mod_exp(b, dh_prime)
+        DHValidator.validate_g_a(g_b, dh_prime)
+        {
+          b: b,
+          g_b: g_b,
+          g_b_bytes: g_b.to_s(2)
+        }
+      end
+      def compute_auth_key(g_a_bytes, b, dh_prime_bytes)
+        g_a = OpenSSL::BN.new(g_a_bytes, 2)
+        dh_prime = OpenSSL::BN.new(dh_prime_bytes, 2)
+        auth_key_bn = g_a.mod_exp(b, dh_prime)
+        auth_key_bn.to_s(2)
+      end
+      def generate_random_2048_bit_number
+        random_bytes = SecureRandom.random_bytes(256)
+        random_bytes[0] = (random_bytes[0].ord | 0x80).chr
+        bn = OpenSSL::BN.new(random_bytes, 2)
+        bn
+      end
+    end
+  end
+end

data/lib/mtproto/crypto/dh_validator.rb ADDED Viewed

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+require 'openssl'
+module MTProto
+  module Crypto
+    module DHValidator
+      module_function
+      def validate_dh_params(g, dh_prime_bytes, g_a_bytes)
+        dh_prime = OpenSSL::BN.new(dh_prime_bytes, 2)
+        g_a = OpenSSL::BN.new(g_a_bytes, 2)
+        validate_g(g, dh_prime)
+        validate_dh_prime(dh_prime)
+        validate_g_a(g_a, dh_prime)
+        true
+      end
+      def validate_g(g, dh_prime)
+        raise 'Invalid g: must be 2, 3, 4, 5, 6, or 7' unless [2, 3, 4, 5, 6, 7].include?(g)
+        p_mod = case g
+        when 2
+          dh_prime % 8 == 7
+        when 3
+          dh_prime % 3 == 2
+        when 4
+          true
+        when 5
+          mod5 = dh_prime % 5
+          mod5 == 1 || mod5 == 4
+        when 6
+          mod24 = dh_prime % 24
+          mod24 == 19 || mod24 == 23
+        when 7
+          mod7 = dh_prime % 7
+          [3, 5, 6].include?(mod7)
+        end
+        raise "g=#{g} is not a valid generator for this prime" unless p_mod
+        true
+      end
+      def validate_dh_prime(dh_prime)
+        bit_length = dh_prime.num_bits
+        raise 'dh_prime must be 2048 bits' unless bit_length == 2048
+        min_prime = OpenSSL::BN.new(2)**2047
+        max_prime = OpenSSL::BN.new(2)**2048
+        if dh_prime <= min_prime || dh_prime >= max_prime
+          raise 'dh_prime out of range (must be 2^2047 < p < 2^2048)'
+        end
+        true
+      end
+      def validate_g_a(g_a, dh_prime)
+        one = OpenSSL::BN.new(1)
+        dh_prime_minus_one = dh_prime - one
+        raise 'g_a must be > 1' if g_a <= one
+        raise 'g_a must be < dh_prime - 1' if g_a >= dh_prime_minus_one
+        safety_range_min = OpenSSL::BN.new(2)**1984
+        safety_range_max = dh_prime - safety_range_min
+        if g_a < safety_range_min || g_a > safety_range_max
+          raise 'g_a outside safety range (2^1984 to dh_prime - 2^1984)'
+        end
+        true
+      end
+    end
+  end
+end

data/lib/mtproto/crypto/factorization.rb ADDED Viewed

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+begin
+  require 'factorization/factorization'
+rescue LoadError => e
+  warn "Failed to load Factorization C extension: #{e.message}"
+  warn 'Run: cd ext/factorization && ruby extconf.rb && make'
+  raise
+end
+module MTProto
+  module Crypto
+    module Factorization
+      module_function
+      def factorize_pq(pq_bytes)
+        FactorizationExt.factorize_pq(pq_bytes)
+      end
+      def bytes_to_integer(bytes)
+        bytes.unpack('C*').inject(0) { |sum, byte| (sum << 8) | byte }
+      end
+      def integer_sqrt(n)
+        return n if n < 2
+        x = n
+        y = (x + 1) / 2
+        while y < x
+          x = y
+          y = (x + n / x) / 2
+        end
+        x
+      end
+    end
+  end
+end

data/lib/mtproto/crypto/message_key.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+require 'digest'
+module MTProto
+  module Crypto
+    module MessageKey
+      module_function
+      def generate_msg_key(auth_key, plaintext, sender: :client)
+        x = sender == :client ? 0 : 8
+        auth_key_part = auth_key[88 + x, 32]
+        sha256_a = Digest::SHA256.digest(auth_key_part + plaintext)
+        sha256_a[8, 16]
+      end
+      def derive_aes_key_iv(auth_key, msg_key, sender: :client)
+        x = sender == :client ? 0 : 8
+        sha256_a = Digest::SHA256.digest(msg_key + auth_key[x, 36])
+        sha256_b = Digest::SHA256.digest(auth_key[40 + x, 36] + msg_key)
+        aes_key = sha256_a[0, 8] + sha256_b[8, 16] + sha256_a[24, 8]
+        aes_iv = sha256_b[0, 8] + sha256_a[8, 16] + sha256_b[24, 8]
+        { aes_key: aes_key, aes_iv: aes_iv }
+      end
+    end
+  end
+end

data/lib/mtproto/crypto/rsa_pad.rb ADDED Viewed

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+require 'securerandom'
+require 'digest'
+require 'openssl'
+module MTProto
+  module Crypto
+    module RSA_PAD
+      module_function
+      def encrypt(data, rsa_key)
+        raise ArgumentError, 'Data too large' if data.bytesize > 144
+        loop do
+          result = perform_encryption(data)
+          result_bn = OpenSSL::BN.new(result, 2)
+          return rsa_key.key.public_encrypt(result, OpenSSL::PKey::RSA::NO_PADDING) if result_bn < rsa_key.key.n
+          # If result >= modulus, retry with new random data
+        end
+      end
+      def perform_encryption(data)
+        data_with_padding = pad_to_192(data)
+        data_reversed = data_with_padding.reverse
+        temp_key = SecureRandom.random_bytes(32)
+        data_hash = Digest::SHA256.digest(temp_key + data_with_padding)
+        to_encrypt = data_reversed + data_hash
+        aes_key = temp_key
+        aes_iv = "\x00" * 32
+        encrypted = AES_IGE.encrypt_ige(to_encrypt, aes_key, aes_iv)
+        encrypted_hash = Digest::SHA256.digest(encrypted)
+        temp_key_xor = xor_bytes(temp_key, encrypted_hash)
+        temp_key_xor + encrypted
+      end
+      def pad_to_192(data)
+        padding_length = 192 - data.bytesize
+        raise ArgumentError, 'Data too large for RSA_PAD' if padding_length < 0
+        data + SecureRandom.random_bytes(padding_length)
+      end
+      def xor_bytes(bytes1, bytes2)
+        length = [bytes1.bytesize, bytes2.bytesize].min
+        result = String.new(capacity: length)
+        length.times do |i|
+          result << (bytes1.getbyte(i) ^ bytes2.getbyte(i))
+        end
+        result
+      end
+    end
+  end
+end

data/lib/mtproto/encrypted_message.rb ADDED Viewed

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+require 'digest'
+require 'securerandom'
+module MTProto
+  class EncryptedMessage
+    attr_reader :auth_key_id, :msg_key, :encrypted_data
+    def initialize(auth_key_id:, msg_key:, encrypted_data:)
+      @auth_key_id = auth_key_id
+      @msg_key = msg_key
+      @encrypted_data = encrypted_data
+    end
+    def self.encrypt(auth_key:, server_salt:, session_id:, msg_id:, seq_no:, body:)
+      salt_bytes = [server_salt].pack('Q<')
+      session_id_bytes = [session_id].pack('Q<')
+      msg_id_bytes = [msg_id].pack('Q<')
+      seq_no_bytes = [seq_no].pack('L<')
+      body_length_bytes = [body.bytesize].pack('L<')
+      plaintext = salt_bytes + session_id_bytes + msg_id_bytes + seq_no_bytes + body_length_bytes + body
+      padding_length = (16 - (plaintext.bytesize % 16)) % 16
+      padding_length += 16 if padding_length < 12
+      plaintext += SecureRandom.random_bytes(padding_length)
+      msg_key = Crypto::MessageKey.generate_msg_key(auth_key, plaintext, sender: :client)
+      keys = Crypto::MessageKey.derive_aes_key_iv(auth_key, msg_key, sender: :client)
+      encrypted_data = Crypto::AES_IGE.encrypt_ige(plaintext, keys[:aes_key], keys[:aes_iv])
+      auth_key_id = Digest::SHA1.digest(auth_key)[-8..].unpack1('Q<')
+      new(auth_key_id: auth_key_id, msg_key: msg_key, encrypted_data: encrypted_data)
+    end
+    def self.decrypt(auth_key:, encrypted_message_data:, sender: :server)
+      auth_key_id = encrypted_message_data[0, 8].unpack1('Q<')
+      msg_key = encrypted_message_data[8, 16]
+      encrypted_data = encrypted_message_data[24..]
+      keys = Crypto::MessageKey.derive_aes_key_iv(auth_key, msg_key, sender: sender)
+      plaintext = Crypto::AES_IGE.decrypt_ige(encrypted_data, keys[:aes_key], keys[:aes_iv])
+      expected_msg_key = Crypto::MessageKey.generate_msg_key(auth_key, plaintext, sender: sender)
+      raise 'msg_key mismatch!' unless msg_key == expected_msg_key
+      offset = 0
+      server_salt = plaintext[offset, 8].unpack1('Q<')
+      offset += 8
+      session_id = plaintext[offset, 8].unpack1('Q<')
+      offset += 8
+      msg_id = plaintext[offset, 8].unpack1('Q<')
+      offset += 8
+      seq_no = plaintext[offset, 4].unpack1('L<')
+      offset += 4
+      body_length = plaintext[offset, 4].unpack1('L<')
+      offset += 4
+      body = plaintext[offset, body_length]
+      {
+        auth_key_id: auth_key_id,
+        msg_key: msg_key,
+        server_salt: server_salt,
+        session_id: session_id,
+        msg_id: msg_id,
+        seq_no: seq_no,
+        body: body
+      }
+    end
+    def serialize
+      auth_key_id_bytes = [@auth_key_id].pack('Q<')
+      auth_key_id_bytes + @msg_key + @encrypted_data
+    end
+  end
+end

data/lib/mtproto/session.rb ADDED Viewed

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+require 'securerandom'
+module MTProto
+  class Session
+    attr_reader :session_id, :seq_no
+    def initialize
+      @session_id = SecureRandom.random_bytes(8).unpack1('Q<')
+      @seq_no = 0
+    end
+    def next_seq_no(content_related: true)
+      current = @seq_no
+      @seq_no += content_related ? 1 : 0
+      current * 2 + (content_related ? 1 : 0)
+    end
+  end
+end

data/lib/mtproto/tl/bad_msg_notification.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module MTProto
+  module TL
+    class BadMsgNotification
+      CONSTRUCTOR = 0xa7eff811
+      attr_reader :bad_msg_id, :bad_msg_seqno, :error_code
+      def self.deserialize(data)
+        offset = 4
+        bad_msg_id = data[offset, 8].unpack1('Q<')
+        offset += 8
+        bad_msg_seqno = data[offset, 4].unpack1('L<')
+        offset += 4
+        error_code = data[offset, 4].unpack1('L<')
+        new(bad_msg_id: bad_msg_id, bad_msg_seqno: bad_msg_seqno, error_code: error_code)
+      end
+      def initialize(bad_msg_id:, bad_msg_seqno:, error_code:)
+        @bad_msg_id = bad_msg_id
+        @bad_msg_seqno = bad_msg_seqno
+        @error_code = error_code
+      end
+      def error_message
+        case @error_code
+        when 16 then "msg_id too low (client time is wrong)"
+        when 17 then "msg_id too high (client time needs sync)"
+        when 18 then "incorrect two lower order msg_id bits (must be divisible by 4)"
+        when 19 then "container msg_id is the same as previously received"
+        when 20 then "message too old"
+        when 32 then "msg_seqno too low"
+        when 33 then "msg_seqno too high"
+        when 34 then "even msg_seqno expected but odd received"
+        when 35 then "odd msg_seqno expected but even received"
+        when 48 then "incorrect server salt"
+        else "unknown error code #{@error_code}"
+        end
+      end
+    end
+  end
+end