09-07-2024, 10:28 AM
Hi there,
I'm developing a game ripping tool for Windows and Linux.
So far works smooth, but the latest Pixel Game Maker MV switched from 16 bytes key to 32 bytes key (unfortunately the link points to the FOSS repo, which lacks the source for the decryption part).
The key is stored in Resources/data/info.json by the key "key", and it is base64 encoded. Once decoded, it needs some bitshuffling to get the actual Twofish encryption key used with decrypting the assets. For the 16 bytes long key, that shuffling goes like this, see decrypt_key.
Now as far as I can tell, the 32 bytes long key just uses a different bitshuffling, but otherwise it also results in a 16 bytes long Twofish key (because it still ciphers in 16 bytes blocks and the iv is the same for sure). I might be wrong about this, because it is possible to use twofish with a 32 bytes long encryption key.
I already support the legacy XOR encryption and the Twofish encryption with 16 bytes long keys for PGMMV, it would be great if I could add support for the latest variant too.
I attach a ZIP with the decrypted PNG, a PNG encrypted with the 16 bytes key, and the same PNG encrypted with the 32 bytes key. If it helps, I can also attach the executables for disassembly. The key is in the filename, decode it using base64. The source code for the 16 bytes long variant can be found here (look for case 2), and the Twofish iv is 0xA0,0x47,0xE9,0x3D,0x23,0x0A,0x4C,0x62,0xA7,0x44,0xB1,0xA4,0xEE,0x85,0x7F,0xBA. Note that the encrypted files have a 4 bytes long header and they are padded to be multiple of 16 bytes.
If anybody has any info on these new 32 bytes long info.json keys, that would be much appreciated! So far no matter how much I searched, I come up empty handed.
(FYI the tool supports a lot of other game engines as well, with key autodetection of course, for example Godot, RPG Maker MZ, WolfRPG, Ren'Py, etc.)
I'm developing a game ripping tool for Windows and Linux.
So far works smooth, but the latest Pixel Game Maker MV switched from 16 bytes key to 32 bytes key (unfortunately the link points to the FOSS repo, which lacks the source for the decryption part).
The key is stored in Resources/data/info.json by the key "key", and it is base64 encoded. Once decoded, it needs some bitshuffling to get the actual Twofish encryption key used with decrypting the assets. For the 16 bytes long key, that shuffling goes like this, see decrypt_key.
Now as far as I can tell, the 32 bytes long key just uses a different bitshuffling, but otherwise it also results in a 16 bytes long Twofish key (because it still ciphers in 16 bytes blocks and the iv is the same for sure). I might be wrong about this, because it is possible to use twofish with a 32 bytes long encryption key.
I already support the legacy XOR encryption and the Twofish encryption with 16 bytes long keys for PGMMV, it would be great if I could add support for the latest variant too.
I attach a ZIP with the decrypted PNG, a PNG encrypted with the 16 bytes key, and the same PNG encrypted with the 32 bytes key. If it helps, I can also attach the executables for disassembly. The key is in the filename, decode it using base64. The source code for the 16 bytes long variant can be found here (look for case 2), and the Twofish iv is 0xA0,0x47,0xE9,0x3D,0x23,0x0A,0x4C,0x62,0xA7,0x44,0xB1,0xA4,0xEE,0x85,0x7F,0xBA. Note that the encrypted files have a 4 bytes long header and they are padded to be multiple of 16 bytes.
If anybody has any info on these new 32 bytes long info.json keys, that would be much appreciated! So far no matter how much I searched, I come up empty handed.
(FYI the tool supports a lot of other game engines as well, with key autodetection of course, for example Godot, RPG Maker MZ, WolfRPG, Ren'Py, etc.)