Sje.jhh: Difference between revisions

From Hard Drop Tetris Wiki

Jump to: navigation, search
Line 59: Line 59:


== Content encyption ==
== Content encyption ==
Seems text content files are encrypted too.
Text content files are encrypted too.
Encyption is same as index encryption, but "TOJ" password is used instead of "1111".
Encyption is same as index encryption, but "TOJ" password is used instead of "1111".

Revision as of 00:04, 5 January 2010

Game resource archive used by TOJ.


File format

  • 4 bytes - index section offset
  • 4 bytes - index section length
  • [data section]
  • [index section (encrypted)]

Index section format

  • 4 bytes - number of entries
  • 4 bytes - unknown
  • string - path
  • 4 bytes - unknown
  • string - entry 1 filename
  • 4 bytes - entry 1 offset
  • 4 bytes - entry 1 length
  • 4 bytes - unknown
  • string - entry 2 filename
  • 4 bytes - entry 2 offset
  • 4 bytes - entry 2 length
  • 4 bytes - unknown
  • string - entry 3 filename

...

  • 4 bytes - unknown
  • string - last entry filename
  • 4 bytes - last entry offset
  • 4 bytes - last entry length

I just got idea that unknowns might be version numbers of files, but I need to check if it's true.

Index Encyption

Rc4 stream cipher is used.

Encryption/decryption is done with advapi32 Crypt functions with following key and settings:

password = "1111";
CryptAcquireContext(&hCryptProv, NULL, MS_DEF_PROV, PROV_RSA_FULL, 0);
CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &hHash);
CryptHashData(hHash, (BYTE *) password, strlen(password), 0);
CryptDeriveKey(hCryptProv, CALG_RC4, hHash, 4, &hKey);

First bytes of keystream are:

BA 38 72 06 03 1D 16 65
77 D3 28 EE 9D 12 40 44
8A DB B7 00 1B 3D C5 93
81 16 E2 21 62 8D 34 8A
70 28 30 A3 41 C5 F9 25
B0 AA 84 2A 34 3F BC 45
2F 8E 7B 7F D3 9D 75 DB
3D 33 3E 71 2F DD ...

Content encyption

Text content files are encrypted too. Encyption is same as index encryption, but "TOJ" password is used instead of "1111".