use std::{fs::write, io::Cursor, time::{SystemTime, UNIX_EPOCH}}; use binrw::{binrw, helpers::until_eof, BinRead, BinResult, BinWrite}; use physis::blowfish::Blowfish; use tokio::{io::{AsyncWriteExt, WriteHalf}, net::TcpStream}; pub(crate) fn read_bool_from + std::cmp::PartialEq>(x: T) -> bool { x == T::from(1u8) } pub(crate) fn write_bool_as>(x: &bool) -> T { if *x { T::from(1u8) } else { T::from(0u8) } } pub(crate) fn read_string(byte_stream: Vec) -> String { let str = String::from_utf8(byte_stream).unwrap(); str.trim_matches(char::from(0)).to_string() // trim \0 from the end of strings } #[binrw] #[brw(repr = u16)] #[derive(Debug)] enum ConnectionType { None = 0x0, Zone = 0x1, Chat = 0x2, Lobby = 0x3, } #[binrw] #[derive(Debug, Clone)] struct IPCSegment { unk: u32 } #[binrw::parser(reader, endian)] pub(crate) fn decrypt(size: u32, encryption_key: Option<&[u8]>) -> BinResult where for<'a> T: BinRead = ()> + 'a { let Some(encryption_key) = encryption_key else { panic!("This segment type is encrypted and no key was provided!"); }; let size = size - 16; // 16 = header size let mut data = Vec::new(); data.resize(size as usize, 0x0); reader.read_exact(&mut data)?; let blowfish = Blowfish::new(encryption_key); let decrypted_data = blowfish.decrypt(&data).unwrap(); let mut cursor = Cursor::new(&decrypted_data); T::read_options(&mut cursor, endian, ()) } #[binrw] #[br(import(size: u32, encryption_key: Option<&[u8]>))] #[derive(Debug, Clone)] enum SegmentType { // Client->Server Packets #[brw(magic = 0x9u32)] InitializeEncryption { #[brw(pad_before = 36)] // empty #[br(count = 64)] #[br(map = read_string)] #[bw(ignore)] phrase: String, #[brw(pad_after = 512)] // empty key: [u8; 4], }, #[brw(magic = 0x3u32)] IPC { #[br(parse_with = decrypt, args(size, encryption_key))] #[bw(ignore)] data: IPCSegment, }, // Server->Client Packets #[brw(magic = 0x0Au32)] InitializationEncryptionResponse { #[br(count = 0x280)] data: Vec }, } #[binrw] #[derive(Debug)] struct PacketHeader { unk1: u64, unk2: u64, timestamp: u64, size: u32, connection_type: ConnectionType, segment_count: u16, unk3: u8, #[br(map = read_bool_from::)] #[bw(map = write_bool_as::)] compressed: bool, unk4: u16, unk5: u32, // iolite says the size after oodle decompression } #[binrw] #[br(import(encryption_key: Option<&[u8]>))] #[derive(Debug, Clone)] struct PacketSegment { #[bw(calc = self.calc_size())] size: u32, source_actor: u32, target_actor: u32, #[br(args(size, encryption_key))] segment_type: SegmentType, } impl PacketSegment { fn calc_size(&self) -> u32 { let header = std::mem::size_of::() * 4; return header as u32 + match &self.segment_type { SegmentType::InitializeEncryption { .. } => 616, SegmentType::InitializationEncryptionResponse { .. } => 640, SegmentType::IPC { .. } => todo!(), }; } } #[binrw] #[br(import(encryption_key: Option<&[u8]>))] #[derive(Debug)] struct Packet { header: PacketHeader, #[br(count = header.segment_count, args { inner: (encryption_key,) })] segments: Vec, } fn dump(msg: &str, data: &[u8]) { write("packet.bin", data); panic!("{msg} Dumped to packet.bin."); } async fn send_packet(socket: &mut WriteHalf, segments: &[PacketSegment]) { let timestamp: u64 = SystemTime::now() .duration_since(UNIX_EPOCH) .expect("Failed to get UNIX timestamp!") .as_millis() .try_into() .unwrap(); let mut total_segment_size = 0; for segment in segments { total_segment_size += segment.calc_size(); } let header = PacketHeader { unk1: 0, unk2: 0, timestamp, size: std::mem::size_of::() as u32 + total_segment_size, connection_type: ConnectionType::Lobby, segment_count: segments.len() as u16, unk3: 0, compressed: false, unk4: 0, unk5: 0, }; let packet = Packet { header, segments: segments.to_vec(), }; let mut cursor = Cursor::new(Vec::new()); packet.write_le(&mut cursor); let buffer = cursor.into_inner(); tracing::info!("Wrote response packet to outpacket.bin"); write("outpacket.bin", &buffer); socket .write(&buffer) .await .expect("Failed to write packet!"); } // temporary pub struct State { pub client_key: Option<[u8; 16]> } pub async fn parse_packet(socket: &mut WriteHalf, data: &[u8], state: &mut State) { let mut cursor = Cursor::new(data); match Packet::read_le_args(&mut cursor, (state.client_key.as_ref().map(|s: &[u8; 16]| s.as_slice()),)) { Ok(packet) => { println!("{:#?}", packet); if packet.header.size as usize != data.len() { dump( "Packet size mismatch between what we're given and the header!", data, ); } for segment in &packet.segments { match &segment.segment_type { SegmentType::InitializeEncryption { phrase, key } => { // Generate an encryption key for this client state.client_key = Some(generate_encryption_key(key, phrase)); let blowfish = Blowfish::new(&state.client_key.unwrap()); let mut data = blowfish.encrypt(&0xE0003C2Au32.to_le_bytes()).unwrap(); data.resize(0x280, 0); let response_packet = PacketSegment { source_actor: 0, target_actor: 0, segment_type: SegmentType::InitializationEncryptionResponse { data }, }; send_packet(socket, &[response_packet]).await; }, SegmentType::InitializationEncryptionResponse { .. } => panic!("The server is recieving a response packet!"), SegmentType::IPC { .. } => { // decrypt }, } } }, Err(err) => { println!("{err}"); dump("Failed to parse packet!", data); }, } } const GAME_VERSION: u16 = 7000; pub fn generate_encryption_key(key: &[u8], phrase: &str) -> [u8; 16] { let mut base_key = vec![0x78, 0x56, 0x34, 0x12]; base_key.extend_from_slice(&key); base_key.extend_from_slice(&GAME_VERSION.to_le_bytes()); base_key.extend_from_slice(&[0; 2]); // padding (possibly for game version?) base_key.extend_from_slice(&phrase.as_bytes()); md5::compute(&base_key).0 } #[cfg(test)] mod tests { use super::*; #[test] fn test_encryption_key() { let key = generate_encryption_key([0x00, 0x00, 0x00, 0x00], "foobar"); assert_eq!(key, [169, 78, 235, 31, 57, 151, 26, 74, 250, 196, 1, 120, 206, 173, 202, 48]); } }