[Question] About Rsa

[Ezzz-dev]

I am curious, I am really not a C# programmer but I am trying to accomplish the usage of Rsa by using your code in 7.72 in general.

I am doing it like this:

`public static void Parse(Connection connection) { var message = connection.InMessage;

    if (message.GetByte() != 0x01)
    {
        Console.WriteLine("Invalid first packet.");
        connection.Close();
        return;
    }

    var clientOS = message.GetUShort();
    var version = message.GetUShort();

    message.SkipBytes(12);

    Rsa.DecryptAndReplace(message.Buffer, message.Position, message.Length);

    connection.SymmetricKey[0] = message.GetUInt();
    connection.SymmetricKey[1] = message.GetUInt();
    connection.SymmetricKey[2] = message.GetUInt();
    connection.SymmetricKey[3] = message.GetUInt();

    var accountNumber = message.GetUInt();
    var password = message.GetString();

    SendDisconnectLogin(connection, "hello world");
}`

But the result of the Rsa decrypted packet is always invalid, in C++ I can manage and debug this with ease but with C# I cannot. Maybe I am doing something wrong? The Rsa numbers are the same as yours and I am using OTC with stock RSA to test it.

[mtanksl]

Hello Mr. Mujica,

I suspect that before reading the four symmetric keys, you need to skip a single byte. Something like:

...

var clientOS = message.GetUShort();
var version = message.GetUShort();

message.SkipBytes(12);

Rsa.DecryptAndReplace(message.Buffer, message.Position);

message.SkipBytes(1); // Skip one more byte

connection.SymmetricKey[0] = message.GetUInt();
connection.SymmetricKey[1] = message.GetUInt();
connection.SymmetricKey[2] = message.GetUInt();
connection.SymmetricKey[3] = message.GetUInt();

...

Best regards,

[Ezzz-dev]

Even while doing it like this, the returned decrypted data is always random bytes, it is never the correct decrypted data. Even the first byte to skip is never 0, it is always a random value.

[mtanksl]

Can you share the message.Buffer bytes? In Tibia 8.6 it is around 149 bytes length.

Use this to convert the byte array to a string:

public static string Print(this byte[] bytes)
{
    StringBuilder builder = new StringBuilder();
    foreach (var b in bytes)
    {
        builder.Append(b.ToString("X2") + " ");
    }
    return builder.ToString();
}

[Ezzz-dev]

145 91 00 01 02 00 04 03 33 5A 9D 43 BE 52 98 43 E7 DD C5 56 42 1A FC EF C4 EF 62 9A 68 CF DB 02 B1 59 9B C1 25 41 47 87 16 12 ED 7D 32 52 92 0A A9 F0 46 27 AB 8C EB 5C F2 9B 58 A1 D9 B0 CE D7 B6 4F 1D 26 31 D4 8D A8 71 15 94 70 6D 3E A2 BC 1E 90 45 2A 20 88 3B ED FF C5 B5 AC B5 F8 7A 9A A5 F1 C2 8B AB 37 95 EB 11 55 85 23 28 19 FF 6A E6 FC 15 03 68 45 40 28 EA 14 2C 58 93 08 F2 2D B7 5E 0D 48 71 0B 29 42 42 62 C5 60 18 D1 56 93 57 21 C2 B4 00 

my buffer is 16k of length but I am only using what is received from the end-stream (what is printed here). Can you maybe give me guidance in Discord so it is easier?

[mtanksl]

That is odd... 145 is not a valid byte hex number. Anyway, I ignored it during some parse tests. I tried to find out what had gone wrong. I could not. In the mean time, I've added two RSA examples in the source code (mtanksl.OpenTibia.Tests.RsaTests), one for the official Tibia 8.6 client (LoginPacketTibia860) and other for the official Tibia 7.72 client (LoginPacketTibia772).

You are using a custom Tibia client, are the sources available? I'm not sure what could've gone wrong, maybe the public key is different, maybe the algorithm is slightly different, maybe some weird endianness.

Oh, maybe try taking only the first 128 bytes for RSA:

Rsa.DecryptAndReplace(message.Buffer, message.Position, 128);

[Ezzz-dev]

Your reply helped me indeed. I am very dumb at times. The issue was this line:

Rsa.DecryptAndReplace(message.Buffer, message.Position);

It had to be like this:

Rsa.DecryptAndReplace(message.Buffer, message.Position, message.Length - message.Position);

[mtanksl]

Excellent, If it worked, success. If there are any other questions I can help you with, feel free to ask.

Best regards,