Decryption woes... - BlitzCoder.net

-=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- (c) WidthPadding Industries 1987 0\|421\|0 -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=-
Socoder -> On Topic -> Decryption woes...
Wed, 19 Oct 2011, 14:33
Afr0	I'm using an ARC4 implementation to en/decrypt my packets, but the last character of the packet I'm decrypting is never decrypted!! :@ Why? // This source code is property of Atalasoft, Inc. (www.atalasoft.com) // No warrantees expressed or implied. // You are free to use this in your own code, provided that you // leave this notice in place. // Change History: // December 11, 2009 - Initial version, Steve Hawley using System; using System.Collections.Generic; using System.IO; namespace TSO_LoginServer.Network.Encryption { /// <summary> /// From: https://www.atalasoft.com/cs/blogs/stevehawley/archive/2009/12/11/rc4-in-c.aspx /// </summary> public class ARC4 { private byte[] _S; int _x, _y; public ARC4() { } public ARC4(byte[] key) : this(key, key.Length) { } public ARC4(byte[] key, int length) { SetKey(key, length); } public void SetKey(byte[] key) { SetKey(key, key.Length); } public void SetKey(byte[] key, int length) { if (_S == null) _S = new byte[256]; if (key == null) throw new ArgumentNullException("key"); if (length < 1 \|\| length > key.Length) throw new ArgumentOutOfRangeException("length"); for (int i = 0; i < 256; i++) _S[i] = (byte)i; for (int i = 0, j = 0; i < 256; i++) { j = (j + key[i % length] + _S[i]) & 0xff; byte temp = _S[i]; _S[i] = _S[j]; _S[j] = temp; } Reset(); } public void Reset() { _x = _y = 0; } private byte GetNextMask() { _x = (_x + 1) & 0xff; _y = (_y + _S[_x]) & 0xff; byte temp = _S[_x]; _S[_x] = _S[_y]; _S[_y] = temp; return _S[(_S[_x] + _S[_y]) & 0xff]; } public IEnumerable<byte> Process(IEnumerable<byte> data) { if (data == null) throw new ArgumentNullException("data"); if (_S == null) throw new Exception("Need to call SetKey before calling Process"); foreach (byte b in data) yield return (byte)(b ^ GetNextMask()); } public void ProcessInPlace(byte[] data) { ProcessInPlace(data, 0, data.Length); } public void ProcessInPlace(byte[] data, int index, int length) { if (data == null) throw new ArgumentNullException("data"); if (_S == null) throw new Exception("Need to call SetKey before calling ProcessInPlace"); if (index < 0 \|\| index >= data.Length) throw new ArgumentOutOfRangeException("index"); if (length <= 0 \|\| index + length > data.Length) throw new ArgumentOutOfRangeException("length"); for (int i = 0; i < length; i++) data[i + index] = (byte)(data[i + index] ^ GetNextMask()); } public byte[] Process(byte[] data) { return Process(data, 0, data.Length); } public byte[] Process(byte[] data, int index, int length) { if (data == null) throw new ArgumentNullException("data"); if (_S == null) throw new Exception("Need to call SetKey before calling Process"); if (index < 0 \|\| index >= data.Length) throw new ArgumentOutOfRangeException("index"); if (length <= 0 \|\| index + length > data.Length) throw new ArgumentOutOfRangeException("length"); byte[] output = new byte[length]; for (int i = 0; i < length; i++) output[i] = (byte)(data[i + index] ^ GetNextMask()); return output; } public void Process(Stream data, Stream output) { if (_S == null) throw new Exception("Need to call SetKey before calling Process"); int databyte; while ((databyte = data.ReadByte()) >= 0) output.WriteByte((byte)(databyte ^ GetNextMask())); } public void Process(Stream data, Stream output, long length) { if (length <= 0 \|\| data.Position + length > data.Length) throw new ArgumentOutOfRangeException("length"); if (_S == null) throw new Exception("Need to call SetKey before calling Process"); for (long i = 0; i < length; i++) { int databyte = data.ReadByte(); if (databyte < 0) throw new EndOfStreamException("unexpected end of stream processing RC4"); output.WriteByte((byte)(databyte ^ GetNextMask())); } } } } --v Client: public void SendCharacterInfoRequest(string TimeStamp) { PacketStream Packet = new PacketStream(0x05, 0); //If this timestamp is newer than the server's timestamp, it means //the client doesn't have a charactercache. If it's older, it means //the cache needs to be updated. If it matches, the server sends an //empty responsepacket. //Packet.WriteString(TimeStamp); Packet.WriteByte((byte)(TimeStamp.Length + 1)); Packet.WriteBytes(Encoding.ASCII.GetBytes(TimeStamp)); byte[] PacketData = Packet.ToArray(); Send(FinalizePacket(0x05, PacketData)); } /// <summary> /// Writes a packet's header and encrypts the contents of the packet (not the header). /// </summary> /// <param name="PacketID">The ID of the packet.</param> /// <param name="PacketData">The packet's contents.</param> /// <returns>The finalized packet!</returns> private byte[] FinalizePacket(byte PacketID, byte[] PacketData) { MemoryStream FinalizedPacket = new MemoryStream(); BinaryWriter PacketWriter = new BinaryWriter(FinalizedPacket); //ARC4 Encryptor = new ARC4(m_Enc.SRP.SessionKey.GetBytes(32)); ARC4 Encryptor = new ARC4(Encoding.ASCII.GetBytes(m_Password)); byte[] EncryptedBuffer = Encryptor.Process(PacketData); PacketWriter.Write(PacketID); //The length of the encrypted data can be longer or smaller than the original length, //so write the length of the encrypted data. PacketWriter.Write((byte)EncryptedBuffer.Length); PacketWriter.Flush(); PacketWriter.Write(EncryptedBuffer); PacketWriter.Flush(); byte[] ReturnPacket = FinalizedPacket.ToArray(); PacketWriter.Close(); return ReturnPacket; } --v Server: public static void HandleCharacterInfoRequest(PacketStream P, LoginClient Client) { byte PacketLength = (byte)P.ReadByte(); //P.DecryptStream(Client.ClientEncryptor.SRP.SessionKey.GetBytes(32)); P.DecryptStream(Encoding.ASCII.GetBytes(Client.Password), PacketLength); Logger.LogDebug("Received CharacterInfoRequest!"); byte Length = (byte)P.ReadByte(); byte[] StrBuf = new byte[Length]; P.Read(StrBuf, 0, Length/* - 1/); string Test = Encoding.ASCII.GetString(StrBuf); DateTime TimeStamp = DateTime.Parse(Encoding.ASCII.GetString(StrBuf)); Database.CheckCharacterTimestamp(Client.ClientEncryptor.SRP.Username, Client, TimeStamp); } --v /// <summary> /// Decrypts the data in this PacketStream. /// ASSUMES THAT THE ID AND PACKETLENGTH (IF /// IT EXISTS) HAS BEEN READ! /// Please note that the stream will NOT be /// resizeable after calling this method. /// </summary> /// <param name="Secret">The server's secret.</param> public void DecryptStream(byte[] Secret, byte Length) { byte[] EncryptedData = new byte[Length]; ARC4 Decrypter = new ARC4(Secret); Read(EncryptedData, 0, Length); byte[] DecryptedData = Decrypter.Process(EncryptedData); m_Reader.Close(); m_BaseStream = new MemoryStream(DecryptedData); m_Reader = new BinaryReader(m_BaseStream); } --v The variable Test in HandleCharacterInfoRequest() always ends up with a value similar to: "2011.10.19 10:\0" Edit: Jay, we need an MMO forum at Socoder!* -=-=- Afr0 Games Project Dollhouse on Github - Please fork!
Thu, 20 Oct 2011, 04:18
spinal	With only one member seemingly interested in MMO's, you might be talking to yourself a lot in that forum section. /offtopic -=-=- Check out my excellent homepage!
Sat, 22 Oct 2011, 10:17
Afr0	I think I finally found a way to handle this; Client encrypts the first packet (which includes a randomly generated key) with a public key known to the server. Server decrypts packet, and then en/decrypts further messages using the key. Instead of using a third-party implementation, I'm now using CryptoStream which is available natively in .NET. I realize that anyone can disassemble the client to get the public key used to encrypt the encryption-key, but they'd still have to intercept the first packet, and by then it'd be too late because the encryption-key is generated randomly for each session. -=-=- Afr0 Games Project Dollhouse on Github - Please fork!
Wed, 26 Oct 2011, 15:20
Afr0	Right, so after a lot of tweaking I finally got something working... Client sends the user's password hashed with the username as a salt. Packet also contains encryption key (which is currently unencrypted, simply because I haven't been bothered to determine the best way to encrypt it yet); private void SendLoginRequest2() { //Variable length... PacketStream Packet = new PacketStream(0x00, 0); Packet.WriteByte(0x00); SaltedHash Hash = new SaltedHash(new SHA512Managed(), m_Username.Length); byte[] HashBuf = new byte[Encoding.ASCII.GetBytes(m_Password).Length + Encoding.ASCII.GetBytes(m_Username).Length]; MemoryStream MemStream = new MemoryStream(); PasswordDeriveBytes Pwd = new PasswordDeriveBytes(Encoding.ASCII.GetBytes(m_Password), Encoding.ASCII.GetBytes("SALT"), "SHA1", 10); EncKey = Pwd.GetBytes(8); MemStream.WriteByte((byte)m_Username.Length); MemStream.Write(Encoding.ASCII.GetBytes(m_Username), 0, Encoding.ASCII.GetBytes(m_Username).Length); HashBuf = Hash.ComputePasswordHash(m_Username, m_Password); m_Hash = HashBuf; MemStream.WriteByte((byte)HashBuf.Length); MemStream.Write(HashBuf, 0, HashBuf.Length); MemStream.WriteByte((byte)EncKey.Length); MemStream.Write(EncKey, 0, EncKey.Length); Packet.WriteByte((byte)(2 + MemStream.ToArray().Length + 4)); Packet.WriteBytes(MemStream.ToArray()); //TODO: Change this to write a global client version. Packet.WriteByte(0x00); //Version 1 Packet.WriteByte(0x00); //Version 2 Packet.WriteByte(0x00); //Version 3 Packet.WriteByte(0x01); //Version 4 Send(Packet.ToArray()); } --v Server checks the hash, and if it matches it just sends out a tiny confirmation-packet containing 0x00 (in addition to the PacketID). Client sends a CharacterInfoRequest packet. This packet is encrypted, which it can be since the server now has the key; public void SendCharacterInfoRequest(string TimeStamp) { PacketStream Packet = new PacketStream(0x05, 0); //If this timestamp is newer than the server's timestamp, it means //the client doesn't have a charactercache. If it's older, it means //the cache needs to be updated. If it matches, the server sends an //empty responsepacket. //Packet.WriteString(TimeStamp); Packet.WriteByte((byte)TimeStamp.Length); Packet.WriteBytes(Encoding.ASCII.GetBytes(TimeStamp)); byte[] PacketData = Packet.ToArray(); Send(FinalizePacket(0x05, PacketData)); } /// <summary> /// Writes a packet's header and encrypts the contents of the packet (not the header). /// </summary> /// <param name="PacketID">The ID of the packet.</param> /// <param name="PacketData">The packet's contents.</param> /// <returns>The finalized packet!</returns> private byte[] FinalizePacket(byte PacketID, byte[] PacketData) { MemoryStream FinalizedPacket = new MemoryStream(); BinaryWriter PacketWriter = new BinaryWriter(FinalizedPacket); PasswordDeriveBytes Pwd = new PasswordDeriveBytes(Encoding.ASCII.GetBytes(m_Password), Encoding.ASCII.GetBytes("SALT"), "SHA1", 10); MemoryStream TempStream = new MemoryStream(); CryptoStream EncryptedStream = new CryptoStream(TempStream, CryptoService.CreateEncryptor(EncKey, Encoding.ASCII.GetBytes("@1B2c3D4e5F6g7H8")), CryptoStreamMode.Write); EncryptedStream.Write(PacketData, 0, PacketData.Length); EncryptedStream.FlushFinalBlock(); PacketWriter.Write(PacketID); //The length of the encrypted data can be longer or smaller than the original length, //so write the length of the encrypted data. PacketWriter.Write((byte)(3 + TempStream.Length)); PacketWriter.Flush(); //Also write the length of the unencrypted data. PacketWriter.Write((byte)PacketData.Length); PacketWriter.Flush(); PacketWriter.Write(TempStream.ToArray()); PacketWriter.Flush(); byte[] ReturnPacket = FinalizedPacket.ToArray(); PacketWriter.Close(); return ReturnPacket; } --v Server decrypts packet using the same function as the client; /// <summary> /// Decrypts the data in this PacketStream. /// WARNING: ASSUMES THAT THE 3-BYTE HEADER /// HAS BEEN READ (ID, LENGTH, DECRYPTEDLENGTH)! /// </summary> /// <param name="Key">The client's en/decryptionkey.</param> /// <param name="Service">The client's DESCryptoServiceProvider instance.</param> /// <param name="UnencryptedLength">The packet's unencrypted length (third byte in the header).</param> public void DecryptPacket(byte[] Key, DESCryptoServiceProvider Service, byte UnencryptedLength) { CryptoStream CStream = new CryptoStream(m_BaseStream, Service.CreateDecryptor(Key, Encoding.ASCII.GetBytes("@1B2c3D4e5F6g7H8")), CryptoStreamMode.Read); byte[] DecodedBuffer = new byte[UnencryptedLength]; CStream.Read(DecodedBuffer, 0, DecodedBuffer.Length); m_BaseStream = new MemoryStream(DecodedBuffer); } --v Server then reads the decrypted timestamp and fetches the number of characters and character IDs from the DB. If the number of characters is < 1, it just sends an empty, encrypted responsepacket (containing the number of characters, which is 0) (all communication is now encrypted, btw). If the number of characters is > 1, it gets the IDs for all the existing characters. Then it fetches the information for all the characters with the matching IDs, which includes a timestamp. If the client's timestamp is newer, then all the information about all the characters is sent to the client. If the client's timestamp is older, it means that the client's cache was outdated, so all the information is sent. Otherwise the timestamp matched, so nothing needs to be updated. The idea here is that all the information about all characters is sent at once, such that the timestamps for all characters will always be equal. -=-=- Afr0 Games Project Dollhouse on Github - Please fork!