def channel_encrypt_request(self, msg): message = msg_base.Message(msg_base.MsgHdr, msg_base.ChannelEncryptRequest) message.parse(msg) if message.body.protocol_version != 1: raise ProtocolError('Unexpected channel encryption protocol') if message.body.universe != EUniverse.Public: raise ProtocolError('Unexpected universe in encryption request') session_key = CryptoUtil.create_session_key() crypted_key = CryptoUtil.rsa_encrypt(session_key) key_crc = binascii.crc32(crypted_key) & 0xFFFFFFFF response = msg_base.Message(msg_base.MsgHdr, msg_base.ChannelEncryptResponse, EMsg.ChannelEncryptResponse) response.body.protocol_version = 1 response.body.key_size = len(crypted_key) response.payload = crypted_key + struct.pack('II', key_crc, 0) self.send_message(response) encrypt_result = self.client.wait_for_message(EMsg.ChannelEncryptResult) if encrypt_result.body.result != EResult.OK: raise ProtocolError('Unable to negotiate channel encryption') self.netfilter = NetEncryption(session_key) self.client.handle_connected()
def initialize(self): if self.type == 'CDN': return True self.session_key = CryptoUtil.create_session_key() crypted_key = CryptoUtil.rsa_encrypt(self.session_key) url = "http://%s:%s/initsession/" % (self.host, self.port) payload = dict(sessionkey = crypted_key) if self.app_ticket: payload['appticket'] = CryptoUtil.symmetric_encrypt(self.app_ticket, self.session_key) else: payload['anonymoususer'] = 1 payload['steamid'] = self.steamid.steamid r = self.session.post(url, payload) if r.status_code != 200: return False sessionkv = vdf.loads(r.content)['response'] self.csid = sessionkv['csid'] self.session_id = int(sessionkv['sessionid']) & 0xFFFFFFFFFFFFFFFF self.req_counter = int(sessionkv['req-counter']) return True
def process_chunk(chunk, depot_key): decrypted_chunk = CryptoUtil.symmetric_decrypt(chunk, depot_key) if decrypted_chunk[:2] == 'VZ': filter = lzma._decode_filter_properties(lzma.FILTER_LZMA1, decrypted_chunk[7:12]) lzmadec = lzma.LZMADecompressor(lzma.FORMAT_RAW, None, [filter]) return lzmadec.decompress(decrypted_chunk[12:len(decrypted_chunk)-10]) else: zip_buffer = StringIO.StringIO(decrypted_chunk) with zipfile.ZipFile(zip_buffer, 'r') as zip: return zip.read(zip.namelist()[0])
def auth_appticket(self, depotid, app_ticket): if depotid in self.depots: return True crypted_ticket = CryptoUtil.symmetric_encrypt(app_ticket, self.session_key) (url, headers) = self._make_request_url('authdepot') payload = dict(appticket = crypted_ticket) r = self.session.post(url, payload, headers=headers) if r.status_code != 200: return False self.depots.append(depotid) return True
def decrypt_filenames(self, depot_key): if not self.metadata.filenames_encrypted: return True for mapping in self.payload.mappings: filename = base64.b64decode(mapping.filename) try: filename = CryptoUtil.symmetric_decrypt(filename, depot_key) except Exception: print("Unable to decrypt filename for depot manifest") return False mapping.filename = filename.rstrip(' \t\r\n\0') self.metadata.filenames_encrypted = False return True
def process_outgoing(self, data): return CryptoUtil.symmetric_encrypt(data, self.key)
def process_incoming(self, data): return CryptoUtil.symmetric_decrypt(data, self.key)