forked from Hay1tsme/artemis
adding encryption support for ongeki
This commit is contained in:
parent
238e39f415
commit
090b3148d8
@ -35,3 +35,6 @@ version:
|
|||||||
card_maker: 1.30.01
|
card_maker: 1.30.01
|
||||||
7:
|
7:
|
||||||
card_maker: 1.35.03
|
card_maker: 1.35.03
|
||||||
|
|
||||||
|
crypto:
|
||||||
|
encrypted_only: False
|
||||||
@ -48,9 +48,30 @@ class OngekiCardMakerVersionConfig:
|
|||||||
self.__config, "ongeki", "version", default={}
|
self.__config, "ongeki", "version", default={}
|
||||||
).get(version)
|
).get(version)
|
||||||
|
|
||||||
|
class OngekiCryptoConfig:
|
||||||
|
def __init__(self, parent_config: "OngekiConfig") -> None:
|
||||||
|
self.__config = parent_config
|
||||||
|
|
||||||
|
@property
|
||||||
|
def keys(self) -> Dict:
|
||||||
|
"""
|
||||||
|
in the form of:
|
||||||
|
internal_version: [key, iv]
|
||||||
|
all values are hex strings
|
||||||
|
"""
|
||||||
|
return CoreConfig.get_config_field(
|
||||||
|
self.__config, "ongeki", "crypto", "keys", default={}
|
||||||
|
)
|
||||||
|
|
||||||
|
@property
|
||||||
|
def encrypted_only(self) -> bool:
|
||||||
|
return CoreConfig.get_config_field(
|
||||||
|
self.__config, "ongeki", "crypto", "encrypted_only", default=False
|
||||||
|
)
|
||||||
|
|
||||||
class OngekiConfig(dict):
|
class OngekiConfig(dict):
|
||||||
def __init__(self) -> None:
|
def __init__(self) -> None:
|
||||||
self.server = OngekiServerConfig(self)
|
self.server = OngekiServerConfig(self)
|
||||||
self.gachas = OngekiGachaConfig(self)
|
self.gachas = OngekiGachaConfig(self)
|
||||||
self.version = OngekiCardMakerVersionConfig(self)
|
self.version = OngekiCardMakerVersionConfig(self)
|
||||||
|
self.crypto = OngekiCryptoConfig(self)
|
||||||
|
|||||||
@ -7,6 +7,10 @@ import logging
|
|||||||
import coloredlogs
|
import coloredlogs
|
||||||
import zlib
|
import zlib
|
||||||
from logging.handlers import TimedRotatingFileHandler
|
from logging.handlers import TimedRotatingFileHandler
|
||||||
|
from Crypto.Cipher import AES
|
||||||
|
from Crypto.Util.Padding import pad
|
||||||
|
from Crypto.Protocol.KDF import PBKDF2
|
||||||
|
from Crypto.Hash import SHA1
|
||||||
from os import path
|
from os import path
|
||||||
from typing import Tuple
|
from typing import Tuple
|
||||||
|
|
||||||
@ -28,6 +32,7 @@ class OngekiServlet:
|
|||||||
def __init__(self, core_cfg: CoreConfig, cfg_dir: str) -> None:
|
def __init__(self, core_cfg: CoreConfig, cfg_dir: str) -> None:
|
||||||
self.core_cfg = core_cfg
|
self.core_cfg = core_cfg
|
||||||
self.game_cfg = OngekiConfig()
|
self.game_cfg = OngekiConfig()
|
||||||
|
self.hash_table: Dict[Dict[str, str]] = {}
|
||||||
if path.exists(f"{cfg_dir}/{OngekiConstants.CONFIG_NAME}"):
|
if path.exists(f"{cfg_dir}/{OngekiConstants.CONFIG_NAME}"):
|
||||||
self.game_cfg.update(
|
self.game_cfg.update(
|
||||||
yaml.safe_load(open(f"{cfg_dir}/{OngekiConstants.CONFIG_NAME}"))
|
yaml.safe_load(open(f"{cfg_dir}/{OngekiConstants.CONFIG_NAME}"))
|
||||||
@ -45,6 +50,8 @@ class OngekiServlet:
|
|||||||
]
|
]
|
||||||
|
|
||||||
self.logger = logging.getLogger("ongeki")
|
self.logger = logging.getLogger("ongeki")
|
||||||
|
|
||||||
|
if not hasattr(self.logger, "inited"):
|
||||||
log_fmt_str = "[%(asctime)s] Ongeki | %(levelname)s | %(message)s"
|
log_fmt_str = "[%(asctime)s] Ongeki | %(levelname)s | %(message)s"
|
||||||
log_fmt = logging.Formatter(log_fmt_str)
|
log_fmt = logging.Formatter(log_fmt_str)
|
||||||
fileHandler = TimedRotatingFileHandler(
|
fileHandler = TimedRotatingFileHandler(
|
||||||
@ -66,6 +73,37 @@ class OngekiServlet:
|
|||||||
coloredlogs.install(
|
coloredlogs.install(
|
||||||
level=self.game_cfg.server.loglevel, logger=self.logger, fmt=log_fmt_str
|
level=self.game_cfg.server.loglevel, logger=self.logger, fmt=log_fmt_str
|
||||||
)
|
)
|
||||||
|
self.logger.inited = True
|
||||||
|
|
||||||
|
for version, keys in self.game_cfg.crypto.keys.items():
|
||||||
|
if len(keys) < 3:
|
||||||
|
continue
|
||||||
|
|
||||||
|
self.hash_table[version] = {}
|
||||||
|
|
||||||
|
method_list = [
|
||||||
|
method
|
||||||
|
for method in dir(self.versions[version])
|
||||||
|
if not method.startswith("__")
|
||||||
|
]
|
||||||
|
for method in method_list:
|
||||||
|
method_fixed = inflection.camelize(method)[6:-7]
|
||||||
|
# number of iterations is 64 on Bright Memory
|
||||||
|
iter_count = 64
|
||||||
|
hash = PBKDF2(
|
||||||
|
method_fixed,
|
||||||
|
bytes.fromhex(keys[2]),
|
||||||
|
128,
|
||||||
|
count=iter_count,
|
||||||
|
hmac_hash_module=SHA1,
|
||||||
|
)
|
||||||
|
|
||||||
|
hashed_name = hash.hex()[:32] # truncate unused bytes like the game does
|
||||||
|
self.hash_table[version][hashed_name] = method_fixed
|
||||||
|
|
||||||
|
self.logger.debug(
|
||||||
|
f"Hashed v{version} method {method_fixed} with {bytes.fromhex(keys[2])} to get {hash.hex()[:32]}"
|
||||||
|
)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_allnet_info(
|
def get_allnet_info(
|
||||||
@ -100,6 +138,7 @@ class OngekiServlet:
|
|||||||
|
|
||||||
req_raw = request.content.getvalue()
|
req_raw = request.content.getvalue()
|
||||||
url_split = url_path.split("/")
|
url_split = url_path.split("/")
|
||||||
|
encrtped = False
|
||||||
internal_ver = 0
|
internal_ver = 0
|
||||||
endpoint = url_split[len(url_split) - 1]
|
endpoint = url_split[len(url_split) - 1]
|
||||||
client_ip = Utils.get_ip_addr(request)
|
client_ip = Utils.get_ip_addr(request)
|
||||||
@ -125,8 +164,45 @@ class OngekiServlet:
|
|||||||
# If we get a 32 character long hex string, it's a hash and we're
|
# If we get a 32 character long hex string, it's a hash and we're
|
||||||
# doing encrypted. The likelyhood of false positives is low but
|
# doing encrypted. The likelyhood of false positives is low but
|
||||||
# technically not 0
|
# technically not 0
|
||||||
self.logger.error("Encryption not supported at this time")
|
if internal_ver not in self.hash_table:
|
||||||
return b""
|
self.logger.error(
|
||||||
|
f"v{version} does not support encryption or no keys entered"
|
||||||
|
)
|
||||||
|
return zlib.compress(b'{"stat": "0"}')
|
||||||
|
|
||||||
|
elif endpoint.lower() not in self.hash_table[internal_ver]:
|
||||||
|
self.logger.error(
|
||||||
|
f"No hash found for v{version} endpoint {endpoint}"
|
||||||
|
)
|
||||||
|
return zlib.compress(b'{"stat": "0"}')
|
||||||
|
|
||||||
|
endpoint = self.hash_table[internal_ver][endpoint.lower()]
|
||||||
|
|
||||||
|
try:
|
||||||
|
crypt = AES.new(
|
||||||
|
bytes.fromhex(self.game_cfg.crypto.keys[internal_ver][0]),
|
||||||
|
AES.MODE_CBC,
|
||||||
|
bytes.fromhex(self.game_cfg.crypto.keys[internal_ver][1]),
|
||||||
|
)
|
||||||
|
|
||||||
|
req_raw = crypt.decrypt(req_raw)
|
||||||
|
|
||||||
|
except Exception as e:
|
||||||
|
self.logger.error(
|
||||||
|
f"Failed to decrypt v{version} request to {endpoint} -> {e}"
|
||||||
|
)
|
||||||
|
return zlib.compress(b'{"stat": "0"}')
|
||||||
|
|
||||||
|
encrtped = True
|
||||||
|
|
||||||
|
if (
|
||||||
|
not encrtped
|
||||||
|
and self.game_cfg.crypto.encrypted_only
|
||||||
|
):
|
||||||
|
self.logger.error(
|
||||||
|
f"Unencrypted v{version} {endpoint} request, but config is set to encrypted only: {req_raw}"
|
||||||
|
)
|
||||||
|
return zlib.compress(b'{"stat": "0"}')
|
||||||
|
|
||||||
try:
|
try:
|
||||||
unzip = zlib.decompress(req_raw)
|
unzip = zlib.decompress(req_raw)
|
||||||
@ -163,4 +239,17 @@ class OngekiServlet:
|
|||||||
|
|
||||||
self.logger.debug(f"Response {resp}")
|
self.logger.debug(f"Response {resp}")
|
||||||
|
|
||||||
return zlib.compress(json.dumps(resp, ensure_ascii=False).encode("utf-8"))
|
zipped = zlib.compress(json.dumps(resp, ensure_ascii=False).encode("utf-8"))
|
||||||
|
|
||||||
|
if not encrtped:
|
||||||
|
return zipped
|
||||||
|
|
||||||
|
padded = pad(zipped, 16)
|
||||||
|
|
||||||
|
crypt = AES.new(
|
||||||
|
bytes.fromhex(self.game_cfg.crypto.keys[internal_ver][0]),
|
||||||
|
AES.MODE_CBC,
|
||||||
|
bytes.fromhex(self.game_cfg.crypto.keys[internal_ver][1]),
|
||||||
|
)
|
||||||
|
|
||||||
|
return crypt.encrypt(padded)
|
||||||
Loading…
Reference in New Issue
Block a user