RendezVous: PRUDP Protocol

PRUDP probably stands for Protected Reliable User Datagram Protocol, as it is designed for adding reliability, encryption and compression to UDP. To do this, it adds connections, acknowledgements, ordering, fragmentation, compression, encryption and checksums.

Packets

Base Packet

Every packet, sent by both the client and the server, has the following base information:

Packet: SYN

This packet establishes a connection with the server.

Client->Server Payload

Server->Client Payload

Packet: CONNECT

This stage is used to execute a Diffie-Hellman key exchange, and then derive a shared secret key.

The key exchange operation is $S = d \times Q$, where $S$ is the resulting key, $d$ is the server's private key, and $Q$ is the client's public key. The resulting y co-ordinate of this exchange is discarded.

The shared key, used for DATA packet encryption and decryption, is derived using the first 16 bytes of a SHA1 hash on the Diffie-Hellman exchange result.

The server may also use this stage to affirm the client's connection signature.

Client->Server Payload

Server->Client Payload

Packet: DATA

The whole data is first fragmented, then compressed, then encrypted.

This means that the data in this packet, if fragmented, should be decrypted first, then de-compressed (if applicable), and then re-assembled.

The compressed payload (before encryption) is prefixed with a single byte indicating the compression ratio. 0 means that the remaining data is not compressed. The client appears to only ever use 0x02 for this byte, however.

The fragmented payload (before compression) is suffixed with the 2-byte sequence id of the data packet being sent.

Client->Server, Server->Client Payload

Packet: DISCONNECT

Packet: PING

Connections

Acknowledgements

Ordering

Compression

Encryption

Fragmentation

Checksums

Packet Format

Structures

Structure: Public Key

An uncompressed SEC1 formatted key, without the preceeding compression tag (0x04).

Structure: Stream

A packed u8 containing
| Name | Description | Type |
|------|---------------------------------------------------|------------------------------------|
| Port | The virtual port for this stream. | u4 |
| Port | The type of stream that the connection is using. | Stream Type |

Structure: Type and Flags

A packed u8 containing
| Name | Description | Type |
|-----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------|
| Type | The type of packet that is being sent. | Packet Type |
| Ack | This packet is an acknowledgement packet for a reliable packet sent by the recipient. | bool |
| Reliable | This packet must be acknowledged by the recipient, or it will be re-sent. | bool |
| Need Ack | The sender is expecting an acknowledgement for this packet. | bool |
| Has Size | The packet contains a u16 size following the packet header (or, for SYN and CONNECT, after the connection signature, and for DATA, after the fragment ID). | bool |
| Multi Ack | Unknown, doesn't appear to be supported, but if a packet flagged with Need Ack has this flag, the recipient should send an Ack with this flag set too. | bool |

Enum: Stream Type

A u4 containing these values:

[!IMPORTANT]
Hyperscape appears to exclusively use the RV Secure (3) type.

Enum: Packet Type

A u3 containing these values: