From c3efc36be2556551afaa8a88504bfe6b52eb8a7c Mon Sep 17 00:00:00 2001 From: beerpsi Date: Wed, 12 Jun 2024 16:08:12 +0700 Subject: [PATCH 1/3] [chuni] Add correct endpoint `iter_count`s for all versions with encryption --- titles/chuni/index.py | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/titles/chuni/index.py b/titles/chuni/index.py index f0f1eac..e030004 100644 --- a/titles/chuni/index.py +++ b/titles/chuni/index.py @@ -107,8 +107,23 @@ class ChuniServlet(BaseServlet): iter_count = 36 elif version == ChuniConstants.VER_CHUNITHM_SUN: iter_count = 70 - else: + elif version == ChuniConstants.VER_CHUNITHM_NEW_PLUS: + iter_count = 25 + elif version == ChuniConstants.VER_CHUNITHM_NEW: + iter_count = 54 + elif version == ChuniConstants.VER_CHUNITHM_PARADISE: iter_count = 44 + elif version == ChuniConstants.VER_CHUNITHM_CRYSTAL_PLUS: + iter_count = 67 + else: + disp_version = ( + ChuniConstants.VERSION_NAMES[version] + if version in ChuniConstants.VERSION_NAMES + else str(version) + ) + + self.logger.warning("Version %s does not support encryption", disp_version) + continue hash = PBKDF2( method_fixed, @@ -313,4 +328,4 @@ class ChuniServlet(BaseServlet): bytes.fromhex(self.game_cfg.crypto.keys[internal_ver][1]), ) - return Response(crypt.encrypt(padded)) \ No newline at end of file + return Response(crypt.encrypt(padded)) From bf8631448a6ed63bd16e40d9f63a59951fc3a758 Mon Sep 17 00:00:00 2001 From: beerpsi Date: Sat, 15 Jun 2024 22:22:07 +0700 Subject: [PATCH 2/3] support SDGS encryption --- titles/chuni/index.py | 88 +++++++++++++++++++++++++++---------------- 1 file changed, 55 insertions(+), 33 deletions(-) diff --git a/titles/chuni/index.py b/titles/chuni/index.py index e030004..726f02a 100644 --- a/titles/chuni/index.py +++ b/titles/chuni/index.py @@ -39,7 +39,7 @@ class ChuniServlet(BaseServlet): def __init__(self, core_cfg: CoreConfig, cfg_dir: str) -> None: super().__init__(core_cfg, cfg_dir) self.game_cfg = ChuniConfig() - self.hash_table: Dict[Dict[str, str]] = {} + self.hash_table: Dict[str, Dict[str, str]] = {} if path.exists(f"{cfg_dir}/{ChuniConstants.CONFIG_NAME}"): self.game_cfg.update( yaml.safe_load(open(f"{cfg_dir}/{ChuniConstants.CONFIG_NAME}")) @@ -89,45 +89,59 @@ class ChuniServlet(BaseServlet): ) self.logger.inited = True + known_iter_counts = { + ChuniConstants.VER_CHUNITHM_CRYSTAL_PLUS: 67, + ChuniConstants.VER_CHUNITHM_PARADISE: 44, + f"{ChuniConstants.VER_CHUNITHM_PARADISE}_int": 25, + ChuniConstants.VER_CHUNITHM_NEW: 54, + f"{ChuniConstants.VER_CHUNITHM_NEW}_int": 49, + ChuniConstants.VER_CHUNITHM_NEW_PLUS: 25, + ChuniConstants.VER_CHUNITHM_SUN: 70, + ChuniConstants.VER_CHUNITHM_SUN_PLUS: 36, + } + for version, keys in self.game_cfg.crypto.keys.items(): if len(keys) < 3: continue - self.hash_table[version] = {} + if isinstance(version, int): + version_idx = version + else: + version_idx = int(version.split("_")[0]) + + salt = bytes.fromhex(keys[2]) + if len(keys) >= 4: + iter_count = keys[3] + elif (iter_count := known_iter_counts.get(version)) is None: + self.logger.error( + "Number of iteration rounds for version %s is not known, but it is not specified in the config", + version, + ) + continue + + self.hash_table[version] = {} method_list = [ method - for method in dir(self.versions[version]) + for method in dir(self.versions[version_idx]) if not method.startswith("__") ] + for method in method_list: method_fixed = inflection.camelize(method)[6:-7] - # number of iterations was changed to 70 in SUN and then to 36 - if version == ChuniConstants.VER_CHUNITHM_SUN_PLUS: - iter_count = 36 - elif version == ChuniConstants.VER_CHUNITHM_SUN: - iter_count = 70 - elif version == ChuniConstants.VER_CHUNITHM_NEW_PLUS: - iter_count = 25 - elif version == ChuniConstants.VER_CHUNITHM_NEW: - iter_count = 54 - elif version == ChuniConstants.VER_CHUNITHM_PARADISE: - iter_count = 44 - elif version == ChuniConstants.VER_CHUNITHM_CRYSTAL_PLUS: - iter_count = 67 - else: - disp_version = ( - ChuniConstants.VERSION_NAMES[version] - if version in ChuniConstants.VERSION_NAMES - else str(version) - ) - - self.logger.warning("Version %s does not support encryption", disp_version) - continue + + # This only applies for CHUNITHM NEW International and later for some reason. + # CHUNITHM SUPERSTAR (PLUS) did not add "Exp" to the endpoint when hashing. + if ( + isinstance(version, str) + and version.endswith("_int") + and version_idx >= ChuniConstants.VER_CHUNITHM_NEW + ): + method_fixed += "C3Exp" hash = PBKDF2( method_fixed, - bytes.fromhex(keys[2]), + salt, 128, count=iter_count, hmac_hash_module=SHA1, @@ -137,7 +151,7 @@ class ChuniServlet(BaseServlet): self.hash_table[version][hashed_name] = method_fixed self.logger.debug( - f"Hashed v{version} method {method_fixed} with {bytes.fromhex(keys[2])} to get {hash.hex()}" + f"Hashed v{version} method {method_fixed} with {salt} to get {hashed_name}" ) @classmethod @@ -226,31 +240,39 @@ class ChuniServlet(BaseServlet): if all(c in string.hexdigits for c in endpoint) and len(endpoint) == 32: # If we get a 32 character long hex string, it's a hash and we're - # doing encrypted. The likelyhood of false positives is low but + # doing encrypted. The likelihood of false positives is low but # technically not 0 + + if game_code == "SDGS": + crypto_cfg_key = f"{internal_ver}_int" + hash_table_key = f"{internal_ver}_int" + else: + crypto_cfg_key = internal_ver + hash_table_key = internal_ver + if internal_ver < ChuniConstants.VER_CHUNITHM_NEW: endpoint = request.headers.get("User-Agent").split("#")[0] else: - if internal_ver not in self.hash_table: + if hash_table_key not in self.hash_table: self.logger.error( f"v{version} does not support encryption or no keys entered" ) return Response(zlib.compress(b'{"stat": "0"}')) - elif endpoint.lower() not in self.hash_table[internal_ver]: + elif endpoint.lower() not in self.hash_table[hash_table_key]: self.logger.error( f"No hash found for v{version} endpoint {endpoint}" ) return Response(zlib.compress(b'{"stat": "0"}')) - endpoint = self.hash_table[internal_ver][endpoint.lower()] + endpoint = self.hash_table[hash_table_key][endpoint.lower()] try: crypt = AES.new( - bytes.fromhex(self.game_cfg.crypto.keys[internal_ver][0]), + bytes.fromhex(self.game_cfg.crypto.keys[crypto_cfg_key][0]), AES.MODE_CBC, - bytes.fromhex(self.game_cfg.crypto.keys[internal_ver][1]), + bytes.fromhex(self.game_cfg.crypto.keys[crypto_cfg_key][1]), ) req_raw = crypt.decrypt(req_raw) From 243d40cfd84d14cba581c7dcc65303b1c0e818dc Mon Sep 17 00:00:00 2001 From: beerpsi Date: Tue, 18 Jun 2024 09:39:14 +0700 Subject: [PATCH 3/3] Add changelog and docs --- changelog.md | 4 ++++ docs/game_specific_info.md | 8 +++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/changelog.md b/changelog.md index 3f8c6ba..a2447e3 100644 --- a/changelog.md +++ b/changelog.md @@ -1,6 +1,10 @@ # Changelog Documenting updates to ARTEMiS, to be updated every time the master branch is pushed to. +## 20240616 +### CHUNITHM ++ Support network encryption for Export/International versions + ## 20240530 ### DIVA + Fix reader for when dificulty is not a int diff --git a/docs/game_specific_info.md b/docs/game_specific_info.md index a8e63c5..8e56322 100644 --- a/docs/game_specific_info.md +++ b/docs/game_specific_info.md @@ -87,13 +87,19 @@ Config file is located in `config/chuni.yaml`. | `crypto` | This option is used to enable the TLS Encryption | -**If you would like to use network encryption, the following will be required underneath but key, iv and hash are required:** +If you would like to use network encryption, add the keys to the `keys` section under `crypto`, where the key +is the version ID for Japanese (SDHD) versions and `"{versionID}_int"` for Export (SDGS) versions, and the value +is an array containing `[key, iv, salt, iter_count]` in order. + +`iter_count` is optional for all Japanese (SDHD) versions but may be required for some Export (SDGS) versions. +You will receive an error in the logs if it needs to be specified. ```yaml crypto: encrypted_only: False keys: 13: ["0000000000000000000000000000000000000000000000000000000000000000", "00000000000000000000000000000000", "0000000000000000"] + "13_int": ["0000000000000000000000000000000000000000000000000000000000000000", "00000000000000000000000000000000", "0000000000000000", 42] ``` ### Database upgrade