|
|
Line 2: |
Line 2: |
| | | |
| == Overview == | | == Overview == |
− | | + | C->S : Handshake State=2 |
− | #Client connects to server
| + | C->S : Login Start |
− | #'''C->S''' 0x02 handshake
| + | S->C : Encryption Key Request |
− | #'''S->C''' 0xFD encryption request - server sends its server id string, public key, and 4 random bytes
| + | (Client Auth) |
− | #Client generates symmetric key (shared secret)
| + | C->S : Encryption Key Response |
− | #Client authenticates via [[Authentication|session.minecraft.net]].
| + | (Server Auth, Both enable encryption) |
− | #Client encrypts these 4 bytes with the servers public key.
| + | S->C : Login Success |
− | #'''C->S''' 0xFC encryption response - client encrypts shared secret with server's public key and sends along with encrypted 4 bytes
| |
− | #Server checks that the encrypted bytes match
| |
− | #Server decrypts shared secret with its private key
| |
− | #Server checks player authenticity via session.minecraft.net
| |
− | #'''S->C''' 0xFC encryption response - empty payload meaning two zero length byte arrays and two zero shorts
| |
− | #Server enables AES/CFB8 stream encryption
| |
− | #Client enables AES/CFB8 stream encryption
| |
− | #'''C->S''' 0xCD - Payload of 0 (byte)
| |
− | #'''S->C''' 0x01 login
| |
| #see [[Protocol FAQ]] to get information about what happens next. | | #see [[Protocol FAQ]] to get information about what happens next. |
| | | |
Line 30: |
Line 21: |
| == Key Exchange == | | == Key Exchange == |
| | | |
− | The server generates a 1024-bit RSA keypair on startup. The key, when packed into a 0xFD packet, is in ASN.1 format as defined by x.509. | + | The server generates a 1024-bit RSA keypair on startup. The key, when packed into a Encryption Request packet, is in ASN.1 format as defined by x.509. |
| The ASN.1 structure looks as follows | | The ASN.1 structure looks as follows |
| | | |
Line 50: |
Line 41: |
| == Symmetric Encryption == | | == Symmetric Encryption == |
| | | |
− | On receipt of a 0xFD from the server, the client will generate a 16-byte shared secret, to be used with the AES/CFB8 stream cipher. It then encrypts it with the server's public key (PKCS#1 v1.5 padded), and also encrypts the token received in the 0xFD packet in the same way, then sends both to the server in a 0xFC packet. | + | On receipt of a Encryption Request from the server, the client will generate a 16-byte shared secret, to be used with the AES/CFB8 stream cipher. It then encrypts it with the server's public key (PKCS#1 v1.5 padded), and also encrypts the token received in the Encryption Request packet in the same way, then sends both to the server in a Encryption Response packet. |
| | | |
− | The server decrypts the shared secret and token using its private key, and checks if the token is the same. It then sends a 0xFC to the client with an empty payload, and enables AES/CFB8 encryption. For the Initial Vector (IV) and AES setup, both sides use the secret key. Similarly, the client will also enable encryption upon receipt of the empty 0xFC. From this point forward, everything is encrypted. | + | The server decrypts the shared secret and token using its private key, and checks if the token is the same. It then sends a Login Success, and enables AES/CFB8 encryption. For the Initial Vector (IV) and AES setup, both sides use the secret key. Similarly, the client will also enable encryption upon receipt of Login Success. From this point forward, everything is encrypted. |
| | | |
| == Authentication == | | == Authentication == |
| | | |
− | Both server and client need to make a request to session.minecraft.net if the server is in online-mode. | + | Both server and client need to make a request to sessionserver.mojang.com if the server is in online-mode. |
| | | |
| === Client === | | === Client === |
Line 63: |
Line 54: |
| | | |
| sha1 := Sha1() | | sha1 := Sha1() |
− | sha1.update(ASCII encoding of the server id string from 0xFD) | + | sha1.update(ASCII encoding of the server id string from Encryption Request) |
| sha1.update(shared secret) | | sha1.update(shared secret) |
− | sha1.update(server's encoded public key from 0xFD) | + | sha1.update(server's encoded public key from Encryption Request) |
| hash := sha1.hexdigest() # String of hex characters | | hash := sha1.hexdigest() # String of hex characters |
| | | |
Line 75: |
Line 66: |
| | | |
| The resulting hash is then sent via an HTTP GET request to | | The resulting hash is then sent via an HTTP GET request to |
− | <nowiki>http://session.minecraft.net/game/joinserver.jsp?user=</nowiki>''username''&sessionId=''[[Authentication#Session_ID|user_session]]''&serverId=''hash'' | + | <nowiki>https://sessionserver.mojang.com/session/minecraft/join</nowiki> |
− | If it returns '''OK''' then continue, otherwise stop
| + | With the following sent as post data |
| + | <code> |
| + | { |
| + | "accessToken": "<accessToken>", |
| + | "selectedProfile": "<selectedProfile>", |
| + | "serverID": "<serverHash>" |
| + | } |
| + | </code> |
| | | |
| === Server === | | === Server === |
| | | |
− | After decrypting the shared secret in the second 0xFC, the server generates the login hash as above and sends it to | + | After decrypting the shared secret in the second Encryption Response, the server generates the login hash as above and sends it to |
− | <nowiki>http://session.minecraft.net/game/checkserver.jsp?user=</nowiki>''username''&serverId=''hash'' | + | <nowiki>https://sessionserver.mojang.com/session/minecraft/hasJoined?username=</nowiki>''username''&serverId=''hash'' |
| + | |
| + | The response is a JSON object containing the user's UUID |
| | | |
− | If the response is '''YES''' then the client is authenticated and allowed to join. Otherwise the client will/should be [[Protocol#Disconnect.2FKick_.280xFF.29|kicked]] (unencrypted) with "Failed to verify username!"
| + | {"id":"<uuid>"} |
| | | |
| === Sample Code === | | === Sample Code === |
Line 92: |
Line 92: |
| * node.js: https://gist.github.com/4425843 | | * node.js: https://gist.github.com/4425843 |
| * Go: https://gist.github.com/toqueteos/5372776 | | * Go: https://gist.github.com/toqueteos/5372776 |
− |
| |
− | == Example ==
| |
− |
| |
− | A parsed transcript of a successful protocol encryption handshake follows:
| |
− |
| |
− | 127.0.0.1:43733 connected, there is now 1 client connected
| |
− | ====PROTOCOL ANALYSIS====
| |
− | 127.0.0.1:43733 ==> Server - Packet of type 0x02
| |
− | ====50 BYTES====
| |
− | 0x02 0x3D 0x00 0x0B 0x00 0x44 0x00 0x72
| |
− | 0x00 0x61 0x00 0x69 0x00 0x6E 0x00 0x65
| |
− | 0x00 0x64 0x00 0x73 0x00 0x6F 0x00 0x75
| |
− | 0x00 0x6C 0x00 0x09 0x00 0x6C 0x00 0x6F
| |
− | 0x00 0x63 0x00 0x61 0x00 0x6C 0x00 0x68
| |
− | 0x00 0x6F 0x00 0x73 0x00 0x74 0x00 0x00
| |
− | 0x2D 0x85
| |
− | ====PAYLOAD====
| |
− | #1 - Signed Byte: 61
| |
− | #2 - Unicode String (11 graphemes, 11 code points): "Drainedsoul"
| |
− | #3 - Unicode String (9 graphemes, 9 code points): "localhost"
| |
− | #4 - 32-bit Signed Integer: 11653
| |
− | ====PROTOCOL ANALYSIS====
| |
− | Server ==> 127.0.0.1:43733 - Packet of type 0xFD
| |
− | ====205 BYTES====
| |
− | 0xFD 0x00 0x10 0x00 0x4E 0x00 0x77 0x00
| |
− | 0x5D 0x00 0x31 0x00 0x51 0x00 0x61 0x00
| |
− | 0x43 0x00 0x3C 0x00 0x6F 0x00 0x3A 0x00
| |
− | 0x6C 0x00 0x2E 0x00 0x5C 0x00 0x65 0x00
| |
− | 0x53 0x00 0x39 0x00 0xA2 0x30 0x81 0x9F
| |
− | 0x30 0x0D 0x06 0x09 0x2A 0x86 0x48 0x86
| |
− | 0xF7 0x0D 0x01 0x01 0x01 0x05 0x00 0x03
| |
− | 0x81 0x8D 0x00 0x30 0x81 0x89 0x02 0x81
| |
− | 0x81 0x00 0x9D 0x09 0x76 0x71 0x45 0x24
| |
− | 0x18 0x53 0x5F 0x32 0x5A 0xD5 0xBB 0x26
| |
− | 0x43 0x2C 0x97 0xBB 0xB3 0xF4 0x03 0x96
| |
− | 0xEA 0xF1 0xAD 0xA6 0xC9 0x41 0x7B 0x01
| |
− | 0x8F 0x66 0xED 0x92 0x4B 0xB7 0x17 0x2C
| |
− | 0x65 0x5C 0xD2 0x42 0x35 0x0C 0x8A 0x8C
| |
− | 0xC3 0xE1 0x5C 0x76 0x0E 0x43 0x97 0x17
| |
− | 0xEE 0x9E 0xEF 0x4F 0x4E 0x2D 0xFC 0x2D
| |
− | 0xE6 0x92 0x0B 0x7E 0xA0 0x56 0xB5 0xB7
| |
− | 0x18 0x59 0x57 0x74 0x28 0x5C 0xA1 0x88
| |
− | 0xC4 0xE6 0x60 0xDF 0x64 0x3A 0x2C 0x0E
| |
− | 0x5C 0x7D 0xB9 0x7C 0xF9 0xFB 0xA2 0x21
| |
− | 0xC5 0x0B 0x36 0x7D 0xDE 0x8A 0xC9 0xC5
| |
− | 0x09 0xA0 0x2F 0xA0 0x25 0x8A 0x26 0xDB
| |
− | 0x0B 0x82 0xC8 0x60 0xCB 0x58 0x02 0xEC
| |
− | 0xBB 0xFE 0xBC 0x35 0x3F 0x40 0x9C 0x96
| |
− | 0xF4 0x5F 0x02 0x03 0x01 0x00 0x01 0x00
| |
− | 0x04 0xED 0x85 0x14 0xD6
| |
− | ====PAYLOAD====
| |
− | #1 - Unicode String (16 graphemes, 16 code points): "Nw]1QaC<o:l.\eS9"
| |
− | #2 - Array of bytes (162 bytes):
| |
− | 0x30 0x81 0x9F 0x30 0x0D 0x06 0x09 0x2A
| |
− | 0x86 0x48 0x86 0xF7 0x0D 0x01 0x01 0x01
| |
− | 0x05 0x00 0x03 0x81 0x8D 0x00 0x30 0x81
| |
− | 0x89 0x02 0x81 0x81 0x00 0x9D 0x09 0x76
| |
− | 0x71 0x45 0x24 0x18 0x53 0x5F 0x32 0x5A
| |
− | 0xD5 0xBB 0x26 0x43 0x2C 0x97 0xBB 0xB3
| |
− | 0xF4 0x03 0x96 0xEA 0xF1 0xAD 0xA6 0xC9
| |
− | 0x41 0x7B 0x01 0x8F 0x66 0xED 0x92 0x4B
| |
− | 0xB7 0x17 0x2C 0x65 0x5C 0xD2 0x42 0x35
| |
− | 0x0C 0x8A 0x8C 0xC3 0xE1 0x5C 0x76 0x0E
| |
− | 0x43 0x97 0x17 0xEE 0x9E 0xEF 0x4F 0x4E
| |
− | 0x2D 0xFC 0x2D 0xE6 0x92 0x0B 0x7E 0xA0
| |
− | 0x56 0xB5 0xB7 0x18 0x59 0x57 0x74 0x28
| |
− | 0x5C 0xA1 0x88 0xC4 0xE6 0x60 0xDF 0x64
| |
− | 0x3A 0x2C 0x0E 0x5C 0x7D 0xB9 0x7C 0xF9
| |
− | 0xFB 0xA2 0x21 0xC5 0x0B 0x36 0x7D 0xDE
| |
− | 0x8A 0xC9 0xC5 0x09 0xA0 0x2F 0xA0 0x25
| |
− | 0x8A 0x26 0xDB 0x0B 0x82 0xC8 0x60 0xCB
| |
− | 0x58 0x02 0xEC 0xBB 0xFE 0xBC 0x35 0x3F
| |
− | 0x40 0x9C 0x96 0xF4 0x5F 0x02 0x03 0x01
| |
− | 0x00 0x01
| |
− | #3 - Array of bytes (4 bytes):
| |
− | 0xED 0x85 0x14 0xD6
| |
− | ====PROTOCOL ANALYSIS====
| |
− | 127.0.0.1:43733 ==> Server - Packet of type 0xFC
| |
− | ====261 BYTES====
| |
− | 0xFC 0x00 0x80 0x9B 0xD1 0xD7 0xA8 0xDB
| |
− | 0x54 0x49 0x8F 0x41 0xD5 0xA3 0x74 0x18
| |
− | 0xBD 0x8D 0x09 0xEA 0x45 0xFC 0x0F 0x3F
| |
− | 0x9B 0xE4 0xF9 0xAC 0xC5 0x7B 0xF6 0x16
| |
− | 0xBB 0xFA 0x36 0x51 0xF9 0x19 0xAB 0x72
| |
− | 0x2B 0xBA 0x46 0x6C 0x8D 0xB0 0x2D 0x53
| |
− | 0x5F 0xA5 0xD4 0x17 0x46 0x0E 0xD7 0xC1
| |
− | 0xAA 0x5D 0xC7 0x73 0x51 0xDA 0x3F 0xD7
| |
− | 0x5E 0xF6 0x96 0xF9 0x10 0xB2 0x1C 0x0D
| |
− | 0xAA 0x1E 0x61 0x37 0xFB 0x3C 0x66 0x77
| |
− | 0x20 0xCB 0xF7 0x3C 0x55 0xE5 0x9E 0xC1
| |
− | 0x28 0x63 0xD1 0xD7 0xF6 0xEE 0x1E 0x2C
| |
− | 0x20 0x72 0x98 0x7E 0xF2 0x7D 0xDF 0xFE
| |
− | 0x5A 0x25 0x3C 0x22 0xC0 0xCF 0x86 0xB3
| |
− | 0x02 0x97 0xB1 0x80 0x97 0xA1 0x92 0xDA
| |
− | 0xD2 0x44 0xB1 0xDA 0x0F 0x1C 0x30 0x96
| |
− | 0x98 0x0B 0xB7 0x00 0x80 0x78 0x85 0x42
| |
− | 0xF7 0xF8 0x2F 0x00 0xDB 0xBF 0x2E 0x22
| |
− | 0x33 0x10 0x6C 0x19 0xE3 0x16 0x8F 0x36
| |
− | 0x16 0xE3 0xD9 0x86 0x67 0x52 0x04 0x57
| |
− | 0xB6 0x4F 0x57 0x8C 0xB4 0x02 0x18 0x6D
| |
− | 0x16 0xC6 0xB5 0x95 0xBC 0xE6 0xEA 0x76
| |
− | 0x10 0x7A 0xB9 0xE3 0xBD 0x3C 0x50 0xEA
| |
− | 0x42 0xDF 0x47 0x05 0x3F 0xCF 0xD5 0x70
| |
− | 0xF4 0xAB 0xB5 0x07 0x90 0xA2 0x84 0x12
| |
− | 0x79 0x65 0x03 0x2A 0xB6 0x6B 0x0A 0xA8
| |
− | 0x90 0x8B 0xFE 0xCC 0x4E 0x04 0x35 0xA2
| |
− | 0xDD 0x08 0xBF 0xDD 0x29 0xAF 0x50 0xFD
| |
− | 0x2B 0x73 0xE1 0x6A 0xED 0xE8 0xE2 0x27
| |
− | 0x8F 0x0B 0xD5 0x0D 0xBC 0x9B 0x47 0x16
| |
− | 0x92 0x7B 0xD2 0xE6 0xD7 0xF1 0x3A 0xAE
| |
− | 0x3D 0x14 0xA9 0xC3 0xF2 0x96 0x8A 0x54
| |
− | 0x24 0x29 0xA3 0x53 0x55
| |
− | ====PAYLOAD====
| |
− | #1 - Array of bytes (128 bytes):
| |
− | 0x9B 0xD1 0xD7 0xA8 0xDB 0x54 0x49 0x8F
| |
− | 0x41 0xD5 0xA3 0x74 0x18 0xBD 0x8D 0x09
| |
− | 0xEA 0x45 0xFC 0x0F 0x3F 0x9B 0xE4 0xF9
| |
− | 0xAC 0xC5 0x7B 0xF6 0x16 0xBB 0xFA 0x36
| |
− | 0x51 0xF9 0x19 0xAB 0x72 0x2B 0xBA 0x46
| |
− | 0x6C 0x8D 0xB0 0x2D 0x53 0x5F 0xA5 0xD4
| |
− | 0x17 0x46 0x0E 0xD7 0xC1 0xAA 0x5D 0xC7
| |
− | 0x73 0x51 0xDA 0x3F 0xD7 0x5E 0xF6 0x96
| |
− | 0xF9 0x10 0xB2 0x1C 0x0D 0xAA 0x1E 0x61
| |
− | 0x37 0xFB 0x3C 0x66 0x77 0x20 0xCB 0xF7
| |
− | 0x3C 0x55 0xE5 0x9E 0xC1 0x28 0x63 0xD1
| |
− | 0xD7 0xF6 0xEE 0x1E 0x2C 0x20 0x72 0x98
| |
− | 0x7E 0xF2 0x7D 0xDF 0xFE 0x5A 0x25 0x3C
| |
− | 0x22 0xC0 0xCF 0x86 0xB3 0x02 0x97 0xB1
| |
− | 0x80 0x97 0xA1 0x92 0xDA 0xD2 0x44 0xB1
| |
− | 0xDA 0x0F 0x1C 0x30 0x96 0x98 0x0B 0xB7
| |
− | #2 - Array of bytes (128 bytes):
| |
− | 0x78 0x85 0x42 0xF7 0xF8 0x2F 0x00 0xDB
| |
− | 0xBF 0x2E 0x22 0x33 0x10 0x6C 0x19 0xE3
| |
− | 0x16 0x8F 0x36 0x16 0xE3 0xD9 0x86 0x67
| |
− | 0x52 0x04 0x57 0xB6 0x4F 0x57 0x8C 0xB4
| |
− | 0x02 0x18 0x6D 0x16 0xC6 0xB5 0x95 0xBC
| |
− | 0xE6 0xEA 0x76 0x10 0x7A 0xB9 0xE3 0xBD
| |
− | 0x3C 0x50 0xEA 0x42 0xDF 0x47 0x05 0x3F
| |
− | 0xCF 0xD5 0x70 0xF4 0xAB 0xB5 0x07 0x90
| |
− | 0xA2 0x84 0x12 0x79 0x65 0x03 0x2A 0xB6
| |
− | 0x6B 0x0A 0xA8 0x90 0x8B 0xFE 0xCC 0x4E
| |
− | 0x04 0x35 0xA2 0xDD 0x08 0xBF 0xDD 0x29
| |
− | 0xAF 0x50 0xFD 0x2B 0x73 0xE1 0x6A 0xED
| |
− | 0xE8 0xE2 0x27 0x8F 0x0B 0xD5 0x0D 0xBC
| |
− | 0x9B 0x47 0x16 0x92 0x7B 0xD2 0xE6 0xD7
| |
− | 0xF1 0x3A 0xAE 0x3D 0x14 0xA9 0xC3 0xF2
| |
− | 0x96 0x8A 0x54 0x24 0x29 0xA3 0x53 0x55
| |
− | ====PROTOCOL ANALYSIS====
| |
− | HTTP request ==> <nowiki>http://session.minecraft.net/game/checkserver.jsp?user=Draineds</nowiki>
| |
− | oul&serverId=-219245c9f4bce438ee84e84b28514ced1cd2846b
| |
− | ====PROTOCOL ANALYSIS====
| |
− | HTTP response <== <nowiki>http://session.minecraft.net/game/checkserver.jsp?user=Drained</nowiki>
| |
− | soul&serverId=-219245c9f4bce438ee84e84b28514ced1cd2846b - Status: 200 - Time ela
| |
− | psed: 279902765ns - Response body (3 graphemes, 3 code points):
| |
− | YES
| |
− | ====PROTOCOL ANALYSIS====
| |
− | Server ==> 127.0.0.1:43733 - Packet of type 0xFC
| |
− | ====5 BYTES====
| |
− | 0xFC 0x00 0x00 0x00 0x00
| |
− | ====PAYLOAD====
| |
− | #1 - Array of bytes (0 bytes):
| |
− |
| |
− | #2 - Array of bytes (0 bytes):
| |
− |
| |
− | ====ENCRYPTION ENABLED====
| |
− | Encryption enabled with key:
| |
− | 0x6C 0xBC 0x2E 0x17 0x45 0xBD 0x65 0xDF
| |
− | 0xA0 0x12 0x85 0x8F 0x00 0x87 0xAA 0x74
| |
− | Encryption enabled with IV:
| |
− | 0x6C 0xBC 0x2E 0x17 0x45 0xBD 0x65 0xDF
| |
− | 0xA0 0x12 0x85 0x8F 0x00 0x87 0xAA 0x74
| |
− | 127.0.0.1 : 43733 logged in as Drainedsoul
| |
− | ====PROTOCOL ANALYSIS====
| |
− | 127.0.0.1:43733 ==> Server - Packet of type 0xCD
| |
− | ====2 BYTES====
| |
− | 0xCD 0x00
| |
| | | |
| == Additional Links == | | == Additional Links == |
As of 12w17a, Minecraft implements SSL-like encryption.
Overview
C->S : Handshake State=2
C->S : Login Start
S->C : Encryption Key Request
(Client Auth)
C->S : Encryption Key Response
(Server Auth, Both enable encryption)
S->C : Login Success
- see Protocol FAQ to get information about what happens next.
Server ID String
The server ID string is a randomly-generated string of characters with a maximum length of 20 code points (the client disconnects with an exception if the length is longer than 20).
The client appears to arrive at incorrect hashes if the server ID string contains certain unprintable characters, so for consistent results only characters with code points in the range U+0021-U+007E (inclusive) should be sent. This range corresponds to all of ASCII with the exception of the space character (U+0020) and all control characters (U+0000-U+001F, U+007F).
The client appears to arrive at incorrect hashes if the server ID string is too short. 15 to 20 (inclusive) length strings have been observed from the Notchian server and confirmed to work as of 1.5.2.
Key Exchange
The server generates a 1024-bit RSA keypair on startup. The key, when packed into a Encryption Request packet, is in ASN.1 format as defined by x.509.
The ASN.1 structure looks as follows
SubjectPublicKeyInfo ::= SEQUENCE {
algorithm SEQUENCE {
algorithm OBJECT IDENTIFIER
parameters ANY OPTIONAL
}
subjectPublicKey BITSTRING
}
SubjectPublicKey ::= SEQUENCE {
modulus INTEGER
publicExponent INTEGER
}
If you're struggling to import this using a crypto library, you can convert it to common PEM by base64-encoding and wrapping in '-----BEGIN PUBLIC KEY-----' and '-----END PUBLIC KEY-----'.
Symmetric Encryption
On receipt of a Encryption Request from the server, the client will generate a 16-byte shared secret, to be used with the AES/CFB8 stream cipher. It then encrypts it with the server's public key (PKCS#1 v1.5 padded), and also encrypts the token received in the Encryption Request packet in the same way, then sends both to the server in a Encryption Response packet.
The server decrypts the shared secret and token using its private key, and checks if the token is the same. It then sends a Login Success, and enables AES/CFB8 encryption. For the Initial Vector (IV) and AES setup, both sides use the secret key. Similarly, the client will also enable encryption upon receipt of Login Success. From this point forward, everything is encrypted.
Authentication
Both server and client need to make a request to sessionserver.mojang.com if the server is in online-mode.
Client
After generating the shared secret, the client generates the following hash:
sha1 := Sha1()
sha1.update(ASCII encoding of the server id string from Encryption Request)
sha1.update(shared secret)
sha1.update(server's encoded public key from Encryption Request)
hash := sha1.hexdigest() # String of hex characters
Note that the Sha1.hexdigest() method used by minecraft removes leading zeros and uses the two's-complement of negative numbers prefixed with a minus sign:
sha1(Notch) : 4ed1f46bbe04bc756bcb17c0c7ce3e4632f06a48
sha1(jeb_) : -7c9d5b0044c130109a5d7b5fb5c317c02b4e28c1
sha1(simon) : 88e16a1019277b15d58faf0541e11910eb756f6
The resulting hash is then sent via an HTTP GET request to
https://sessionserver.mojang.com/session/minecraft/join
With the following sent as post data
{
"accessToken": "<accessToken>",
"selectedProfile": "<selectedProfile>",
"serverID": "<serverHash>"
}
Server
After decrypting the shared secret in the second Encryption Response, the server generates the login hash as above and sends it to
https://sessionserver.mojang.com/session/minecraft/hasJoined?username=username&serverId=hash
The response is a JSON object containing the user's UUID
{"id":"<uuid>"}
Sample Code
Examples of generating Java-style hex digests:
Additional Links
Encrypt shared secret using OpenSSL
Generate RSA-Keys and building the ASN.1v8 structure of the x.509 certificate using Crypto++
Decrypt shared secret using Crypto++
De/Encrypt data via AES using Crypto++
C# AES/CFB support with bouncy castle on Mono