Difference between revisions of "Cryptography"

From GTAMods Wiki
Jump to navigation Jump to search
(AES: config, algo, key info)
m (Example)
Line 110: Line 110:
 
<source lang="c">AES_set_decrypt_key(key, 256, context);
 
<source lang="c">AES_set_decrypt_key(key, 256, context);
  
for (i = 0; i < data_size & ~16; i++) {
+
for (i = 0; i < data_size & ~15; i++) {
 
     void *p = (void *) (data_offset + i*16); // the pointer to the current block
 
     void *p = (void *) (data_offset + i*16); // the pointer to the current block
 
     for (j = 1; j <= 16; j++)                // 16 (pointless) repetitions
 
     for (j = 1; j <= 16; j++)                // 16 (pointless) repetitions

Revision as of 15:27, 15 February 2009

This article explains the Cryptography present in GTA IV.

Hashing Algorithms

GTA IV relies on many different hash algorithms work its operation, each for a different purpose. GTA IV's new usage of hashing has allowed it to explore a more binary focused way of hiding data in files, and strings away from plain site.

SHA1

The SHA1 hashing algorithm is used when comparing the files in versions 1.0 and 1.0.1. This check was later removed in 1.0.2.

This section is incomplete. You can help by fixing and expanding it.

CRC32

The Cyclic Redundancy Check 32 bit hashing algorithm is used in the GXT file to match text codes with their counterparts. A C++ implementation of GTA IV's CRC32 hashing algorithm can be displayed as follows:

unsigned int CRC32(char* text)
{
	size_t textLen = strlen(text);
	int i = 0;
	unsigned int retHash = 0;
	if(text[0] == '"')
		i = 1;
	for(i;i<textLen;i++)
	{
		char ctext = textLen[i];
		if(ctext == '"')
			break;
		if(ctext - 65 > 25)
		{
			if(ctext == '\\')
				ctext = '/';
		}
		else ctext += 32;
		retHash = (1025 * (retHash + ctext) >> 6) ^ 1025 * (retHash + ctext);
	}
	return 32769 * (9 * retHash ^ (9 * retHash >> 11));
}

As you can see it differs from most common hashing algorithms in the way it handles text (by not including " or \ characters). Also usually entry name strings in GXT text archives are stored in upper case, so it may be useful to convert them before creating the hash.

One At A Time Hash

The One At A Time hashing function was originally created by Bob Jenkins. A C++ implementation can be found here and at Wikipedia.

unsigned int oneAtATimeHash(char* inpStr)
{
	unsigned int value = 0,temp = 0;
	for(size_t i=0;i<strlen(inpStr);i++)
	{
		char ctext = tolower(inpStr[i]);
		temp = hashchr;
		temp += value;
		value = temp << 10;
		temp += value;
		value = temp >> 6;
		value ^= temp;
	}
	temp = value << 3;
	temp += value;
	unsigned int temp2 = temp >> 11;
	temp = temp2 ^ temp;
	temp2 = temp << 15;
	value = temp2 + temp;
	if(value < 2) value += 2;
	return value;
}

Encryption Algorithms

AES

The encryption algorithm used for RPF, IMG and SCO files is the Advanced Encryption Standard (AES) in the following configuration:

  • block size: 128 bit (16 byte)
  • key size: 256 bit (32 byte)
  • cypher mode: electronic code book (ECB)
  • repetitions: 16 times

That means all encrypted data (the cyphertext) can be split up into 16 byte blocks and decrypted independently. Decryption is done by executing the AES-128 decrypt routine 16x on each data block. If the last block is smaller than 16 byte, it is left unencrypted in Rockstar's archives.

Key

The 256 bit key necessary to decrypt the cyphertext can be retrieved from gtaiv.exe at the following offsets:

Game Version Offset
1.0 US 0xA94204
1.0.1 US 0xB607C4
1.0.2 US 0xB56BC4
1.0.0.1 RUS 0xB5B65C
1.0.1.1 RUS 0xB569F4

The key is the same for all game versions on the PC and even the XBOX 360. You may want to use the following SHA1 hash to verify the correctness of the retrieved key:

DE A3 75 EF 1E 6E F2 22 3A 12 21 C2 C5 75 C4 7B F1 7E FA 5E

NOTE: This is not the cypher key!

It is recommended to leave modified archives unencrypted.

Example

Program code to decrypt data from GTA IV could look like this:

AES_set_decrypt_key(key, 256, context);

for (i = 0; i < data_size & ~15; i++) {
    void *p = (void *) (data_offset + i*16); // the pointer to the current block
    for (j = 1; j <= 16; j++)                // 16 (pointless) repetitions
        AES_decrypt_block(p, p, context);
}

See also: Decryption routine in Spark IV (C#)

Legal Issues

This section is incomplete. You can help by fixing and expanding it.

External Links

Links to detailed explanations of the several hash and encryption algorithms on wikipedia: