Authentication protocol is described incompletely #55
Description
According to the protocol specification that can be found in the README.MD, the AuthResponse message has the following structure:
message AuthResponse {
required bytes signature = 1;
required bytes client_auth_certificate = 2;
repeated bytes client_ca = 3;
}Whilst writing my own implementation of the castv2 protocol in Java using Netty, I realized that the AuthResponse message sent by the Cast-enabled device (Chromecast Gen2 and Chromecast Audio) is way more complex than described above.
In total, the Chromecast device sends a message consisting of 6 fields. Fields 1 to 3 are correctly described by this project's specification, but fields 4, 6 and 7 are completely missing.
Field 4 is of wiretype VARINT and stands, as far as I know, for the SignatureAlgorithm the Cast-enabled device has been challenged with (during testing, it was always equivalent).
Field 6 is also of type VARINT, but I have no idea what it stands for. During testing, it always had the value 0. (Maybe it stands for the client_ca certificate used for signing the client_auth_certificate?)
Field 7 is of wiretype LENGTH_DELIMITED. It is definetly not an UTF-8 encoded String since printing it out results in an unreadable mess. However, the sequence printed out contains the complete address that's also been used in the client_ca and client_auth_certificate, so I believe it has something to do with it. I've already tested whether this might be a certificate or RSA key, but both tests were negative. A file containing the raw byte sequence can be found here
Do you know what fields 6 and 7 stand for? Guesses are also highly appreciated.