trunk/java/com/l2jserver/util/crypt/LoginCrypt.java

@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2004-2014 L2J Server
+ * 
+ * This file is part of L2J Server.
+ * 
+ * L2J Server is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * L2J Server is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.l2jserver.util.crypt;
+
+import java.io.IOException;
+
+import com.l2jserver.util.Rnd;
+
+/**
+ * @author KenM
+ */
+public class LoginCrypt
+{
+	private static final byte[] STATIC_BLOWFISH_KEY =
+	{
+		(byte) 0x6b,
+		(byte) 0x60,
+		(byte) 0xcb,
+		(byte) 0x5b,
+		(byte) 0x82,
+		(byte) 0xce,
+		(byte) 0x90,
+		(byte) 0xb1,
+		(byte) 0xcc,
+		(byte) 0x2b,
+		(byte) 0x6c,
+		(byte) 0x55,
+		(byte) 0x6c,
+		(byte) 0x6c,
+		(byte) 0x6c,
+		(byte) 0x6c
+	};
+	
+	private static final NewCrypt _STATIC_CRYPT = new NewCrypt(STATIC_BLOWFISH_KEY);
+	private NewCrypt _crypt = null;
+	private boolean _static = true;
+	
+	/**
+	 * Method to initialize the the blowfish cipher with dynamic key.
+	 * @param key the blowfish key to initialize the dynamic blowfish cipher with
+	 */
+	public void setKey(byte[] key)
+	{
+		_crypt = new NewCrypt(key);
+	}
+	
+	/**
+	 * Method to decrypt an incoming login client packet.
+	 * @param raw array with encrypted data
+	 * @param offset offset where the encrypted data is located
+	 * @param size number of bytes of encrypted data
+	 * @return true when checksum could be verified, false otherwise
+	 * @throws IOException the size is not multiple of blowfishs block size or the raw array can't hold size bytes starting at offset due to it's size
+	 */
+	public boolean decrypt(byte[] raw, final int offset, final int size) throws IOException
+	{
+		if ((size % 8) != 0)
+		{
+			throw new IOException("size have to be multiple of 8");
+		}
+		if ((offset + size) > raw.length)
+		{
+			throw new IOException("raw array too short for size starting from offset");
+		}
+		
+		_crypt.decrypt(raw, offset, size);
+		return NewCrypt.verifyChecksum(raw, offset, size);
+	}
+	
+	/**
+	 * Method to encrypt an outgoing packet to login client.<br>
+	 * Performs padding and resizing of data array.
+	 * @param raw array with plain data
+	 * @param offset offset where the plain data is located
+	 * @param size number of bytes of plain data
+	 * @return the new array size
+	 * @throws IOException packet is too long to make padding and add verification data
+	 */
+	public int encrypt(byte[] raw, final int offset, int size) throws IOException
+	{
+		// reserve checksum
+		size += 4;
+		
+		if (_static)
+		{
+			// reserve for XOR "key"
+			size += 4;
+			
+			// padding
+			size += 8 - (size % 8);
+			if ((offset + size) > raw.length)
+			{
+				throw new IOException("packet too long");
+			}
+			NewCrypt.encXORPass(raw, offset, size, Rnd.nextInt());
+			_STATIC_CRYPT.crypt(raw, offset, size);
+			_static = false;
+		}
+		else
+		{
+			// padding
+			size += 8 - (size % 8);
+			if ((offset + size) > raw.length)
+			{
+				throw new IOException("packet too long");
+			}
+			NewCrypt.appendChecksum(raw, offset, size);
+			_crypt.crypt(raw, offset, size);
+		}
+		return size;
+	}
+}

trunk/java/com/l2jserver/util/crypt/NewCrypt.java

@@ -0,0 +1,220 @@
+/*
+ * Copyright (C) 2004-2014 L2J Server
+ * 
+ * This file is part of L2J Server.
+ * 
+ * L2J Server is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * L2J Server is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.l2jserver.util.crypt;
+
+/**
+ * Class to use a blowfish cipher with ECB processing.<br>
+ * Static methods are present to append/check the checksum of<br>
+ * packets exchanged between the following partners:<br>
+ * Login Server <-> Game Client<br>
+ * Login Server <-> Game Server<br>
+ * Also a static method is provided for the initial xor encryption between Login Server <-> Game Client.
+ */
+public final class NewCrypt
+{
+	private final BlowfishEngine _cipher;
+	
+	/**
+	 * @param blowfishKey
+	 */
+	public NewCrypt(byte[] blowfishKey)
+	{
+		_cipher = new BlowfishEngine();
+		_cipher.init(blowfishKey);
+	}
+	
+	public NewCrypt(String key)
+	{
+		this(key.getBytes());
+	}
+	
+	/**
+	 * Equivalent to calling {@link #verifyChecksum(byte[], int, int)} with parameters (raw, 0, raw.length)
+	 * @param raw data array to be verified
+	 * @return true when the checksum of the data is valid, false otherwise
+	 */
+	public static boolean verifyChecksum(final byte[] raw)
+	{
+		return NewCrypt.verifyChecksum(raw, 0, raw.length);
+	}
+	
+	/**
+	 * Method to verify the checksum of a packet received by login server from game client.<br>
+	 * This is also used for game server <-> login server communication.
+	 * @param raw data array to be verified
+	 * @param offset at which offset to start verifying
+	 * @param size number of bytes to verify
+	 * @return true if the checksum of the data is valid, false otherwise
+	 */
+	public static boolean verifyChecksum(final byte[] raw, final int offset, final int size)
+	{
+		// check if size is multiple of 4 and if there is more then only the checksum
+		if (((size & 3) != 0) || (size <= 4))
+		{
+			return false;
+		}
+		
+		long chksum = 0;
+		int count = size - 4;
+		long check = -1;
+		int i;
+		
+		for (i = offset; i < count; i += 4)
+		{
+			check = raw[i] & 0xff;
+			check |= (raw[i + 1] << 8) & 0xff00;
+			check |= (raw[i + 2] << 0x10) & 0xff0000;
+			check |= (raw[i + 3] << 0x18) & 0xff000000;
+			
+			chksum ^= check;
+		}
+		
+		check = raw[i] & 0xff;
+		check |= (raw[i + 1] << 8) & 0xff00;
+		check |= (raw[i + 2] << 0x10) & 0xff0000;
+		check |= (raw[i + 3] << 0x18) & 0xff000000;
+		
+		return check == chksum;
+	}
+	
+	/**
+	 * Equivalent to calling {@link #appendChecksum(byte[], int, int)} with parameters (raw, 0, raw.length)
+	 * @param raw data array to compute the checksum from
+	 */
+	public static void appendChecksum(final byte[] raw)
+	{
+		NewCrypt.appendChecksum(raw, 0, raw.length);
+	}
+	
+	/**
+	 * Method to append packet checksum at the end of the packet.
+	 * @param raw data array to compute the checksum from
+	 * @param offset offset where to start in the data array
+	 * @param size number of bytes to compute the checksum from
+	 */
+	public static void appendChecksum(final byte[] raw, final int offset, final int size)
+	{
+		long chksum = 0;
+		int count = size - 4;
+		long ecx;
+		int i;
+		
+		for (i = offset; i < count; i += 4)
+		{
+			ecx = raw[i] & 0xff;
+			ecx |= (raw[i + 1] << 8) & 0xff00;
+			ecx |= (raw[i + 2] << 0x10) & 0xff0000;
+			ecx |= (raw[i + 3] << 0x18) & 0xff000000;
+			
+			chksum ^= ecx;
+		}
+		
+		ecx = raw[i] & 0xff;
+		ecx |= (raw[i + 1] << 8) & 0xff00;
+		ecx |= (raw[i + 2] << 0x10) & 0xff0000;
+		ecx |= (raw[i + 3] << 0x18) & 0xff000000;
+		
+		raw[i] = (byte) (chksum & 0xff);
+		raw[i + 1] = (byte) ((chksum >> 0x08) & 0xff);
+		raw[i + 2] = (byte) ((chksum >> 0x10) & 0xff);
+		raw[i + 3] = (byte) ((chksum >> 0x18) & 0xff);
+	}
+	
+	/**
+	 * Packet is first XOR encoded with <code>key</code> then, the last 4 bytes are overwritten with the the XOR "key".<br>
+	 * Thus this assume that there is enough room for the key to fit without overwriting data.
+	 * @param raw The raw bytes to be encrypted
+	 * @param key The 4 bytes (int) XOR key
+	 */
+	public static void encXORPass(byte[] raw, int key)
+	{
+		NewCrypt.encXORPass(raw, 0, raw.length, key);
+	}
+	
+	/**
+	 * Packet is first XOR encoded with <code>key</code> then, the last 4 bytes are overwritten with the the XOR "key".<br>
+	 * Thus this assume that there is enough room for the key to fit without overwriting data.
+	 * @param raw The raw bytes to be encrypted
+	 * @param offset The beginning of the data to be encrypted
+	 * @param size Length of the data to be encrypted
+	 * @param key The 4 bytes (int) XOR key
+	 */
+	static void encXORPass(byte[] raw, final int offset, final int size, int key)
+	{
+		int stop = size - 8;
+		int pos = 4 + offset;
+		int edx;
+		int ecx = key; // Initial xor key
+		
+		while (pos < stop)
+		{
+			edx = (raw[pos] & 0xFF);
+			edx |= (raw[pos + 1] & 0xFF) << 8;
+			edx |= (raw[pos + 2] & 0xFF) << 16;
+			edx |= (raw[pos + 3] & 0xFF) << 24;
+			
+			ecx += edx;
+			
+			edx ^= ecx;
+			
+			raw[pos++] = (byte) (edx & 0xFF);
+			raw[pos++] = (byte) ((edx >> 8) & 0xFF);
+			raw[pos++] = (byte) ((edx >> 16) & 0xFF);
+			raw[pos++] = (byte) ((edx >> 24) & 0xFF);
+		}
+		
+		raw[pos++] = (byte) (ecx & 0xFF);
+		raw[pos++] = (byte) ((ecx >> 8) & 0xFF);
+		raw[pos++] = (byte) ((ecx >> 16) & 0xFF);
+		raw[pos++] = (byte) ((ecx >> 24) & 0xFF);
+	}
+	
+	/**
+	 * Method to decrypt using Blowfish-Blockcipher in ECB mode.<br>
+	 * The results will be directly placed inside {@code raw} array.<br>
+	 * This method does not do any error checking, since the calling code<br>
+	 * should ensure sizes.
+	 * @param raw the data array to be decrypted
+	 * @param offset the offset at which to start decrypting
+	 * @param size the number of bytes to be decrypted
+	 */
+	public void decrypt(byte[] raw, final int offset, final int size)
+	{
+		for (int i = offset; i < (offset + size); i += 8)
+		{
+			_cipher.decryptBlock(raw, i);
+		}
+	}
+	
+	/**
+	 * Method to encrypt using Blowfish-Blockcipher in ECB mode.<br>
+	 * The results will be directly placed inside {@code raw} array.<br>
+	 * This method does not do any error checking, since the calling code should ensure sizes.
+	 * @param raw the data array to be decrypted
+	 * @param offset the offset at which to start decrypting
+	 * @param size the number of bytes to be decrypted
+	 */
+	public void crypt(byte[] raw, final int offset, final int size)
+	{
+		for (int i = offset; i < (offset + size); i += 8)
+		{
+			_cipher.encryptBlock(raw, i);
+		}
+	}
+}

trunk/java/com/l2jserver/util/crypt/ScrambledKeyPair.java

@@ -0,0 +1,77 @@
+/*
+ * Copyright (C) 2004-2014 L2J Server
+ * 
+ * This file is part of L2J Server.
+ * 
+ * L2J Server is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * L2J Server is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.l2jserver.util.crypt;
+
+import java.math.BigInteger;
+import java.security.KeyPair;
+import java.security.interfaces.RSAPublicKey;
+import java.util.logging.Logger;
+
+/**
+ *
+ */
+public class ScrambledKeyPair
+{
+	private static Logger _log = Logger.getLogger(ScrambledKeyPair.class.getName());
+	public KeyPair _pair;
+	public byte[] _scrambledModulus;
+	
+	public ScrambledKeyPair(KeyPair pPair)
+	{
+		_pair = pPair;
+		_scrambledModulus = scrambleModulus(((RSAPublicKey) _pair.getPublic()).getModulus());
+	}
+	
+	private byte[] scrambleModulus(BigInteger modulus)
+	{
+		byte[] scrambledMod = modulus.toByteArray();
+		
+		if ((scrambledMod.length == 0x81) && (scrambledMod[0] == 0x00))
+		{
+			byte[] temp = new byte[0x80];
+			System.arraycopy(scrambledMod, 1, temp, 0, 0x80);
+			scrambledMod = temp;
+		}
+		// step 1 : 0x4d-0x50 <-> 0x00-0x04
+		for (int i = 0; i < 4; i++)
+		{
+			byte temp = scrambledMod[0x00 + i];
+			scrambledMod[0x00 + i] = scrambledMod[0x4d + i];
+			scrambledMod[0x4d + i] = temp;
+		}
+		// step 2 : xor first 0x40 bytes with last 0x40 bytes
+		for (int i = 0; i < 0x40; i++)
+		{
+			scrambledMod[i] = (byte) (scrambledMod[i] ^ scrambledMod[0x40 + i]);
+		}
+		// step 3 : xor bytes 0x0d-0x10 with bytes 0x34-0x38
+		for (int i = 0; i < 4; i++)
+		{
+			scrambledMod[0x0d + i] = (byte) (scrambledMod[0x0d + i] ^ scrambledMod[0x34 + i]);
+		}
+		// step 4 : xor last 0x40 bytes with first 0x40 bytes
+		for (int i = 0; i < 0x40; i++)
+		{
+			scrambledMod[0x40 + i] = (byte) (scrambledMod[0x40 + i] ^ scrambledMod[i]);
+		}
+		_log.fine("Modulus was scrambled");
+		
+		return scrambledMod;
+	}
+}