• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

7.70 RSA / XTEA encryption

Nothxbye

Nothxbye

Banned User
Joined
Jan 22, 2012
Messages
1,124
Reaction score
173
I just wondering if someone from otclient developers like Summ or LordHepipud trying to fix RSA / XTEA encryption for 7.70 support. Personally i noticed it's too hard for me and i want otclient developers response here, what they think about it or maybe it's almost done. Please answer.
 
I would like an answer, I want to make my own client for my server with otclient
 
Answer to what? 7.7 is supported for a long time by now.
 
Summ said:
Answer to what? 7.7 is supported for a long time by now.
Click to expand...
@Summ helllo .. i know maybe this has been asked for a long time...

im having trouble to log into my server with otclient
i have changed protocol to 610(of my server) and (cipsoft client) where i can change that in otclient? to make compatible with my server?
also i have changed the rsa in const.lua but when i try to log in with otclient this message keep appearing i know had to be something in rsa i need to change rsa somewhere else? :
[Warning - Protocol::RSA_decrypt] Not valid packet size (IP: xxx.86.161.123)

regards
 
@Summ

This still seem relevant with the latest OTC build, though using this login-server.
Cip client 7.70 logs in without problems.
With OTC I get to charlist, then upon trying to enter with a char the client will load indefinitely with this error output in console:
Code: 
Startup done :]
ERROR: invalid decrypted network message
C++ stack traceback:
	[C++]: Protocol::xteaDecrypt
	./otclient(Protocol::xteaDecrypt(stdext::shared_object_ptr<InputMessage> const&)+0x234) [0x7ced52]
	./otclient(Protocol::internalRecvData(unsigned char*, unsigned short)+0x240) [0x7cf0ba]
	./otclient(std::_Function_handler<void (unsigned char*, unsigned short), std::_Bind<std::_Mem_fn<void (Protocol::*)(unsigned char*, unsigned short)> (stdext::shared_object_ptr<Protocol>, std::_Placeholder<1>, std::_Placeholder<2>)> >::_M_invoke(std::_Any_data const&, unsigned char*, unsigned short)+0x47) [0x7d045b]
	./otclient(Connection::onRecv(boost::system::error_code const&, unsigned long)+0x6a) [0x7c25d0]
	./otclient(boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> >::operator()(boost::system::error_code const&, unsigned long, int)+0x2fb) [0x7cb827]
	./otclient(boost::asio::detail::reactive_socket_recv_op<boost::asio::mutable_buffers_1, boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> > >::do_complete(boost::asio::detail::task_io_service*, boost::asio::detail::task_io_service_operation*, boost::system::error_code const&, unsigned long)+0x101) [0x7cb949]
	./otclient(boost::asio::detail::task_io_service::poll(boost::system::error_code&)+0x320) [0x7c5dbe]
	./otclient(Connection::poll()+0x50) [0x7bfd48]
ERROR: failed to decrypt message
C++ stack traceback:
	[C++]: Protocol::internalRecvData
	./otclient(Protocol::internalRecvData(unsigned char*, unsigned short)+0x283) [0x7cf0fd]
	./otclient(std::_Function_handler<void (unsigned char*, unsigned short), std::_Bind<std::_Mem_fn<void (Protocol::*)(unsigned char*, unsigned short)> (stdext::shared_object_ptr<Protocol>, std::_Placeholder<1>, std::_Placeholder<2>)> >::_M_invoke(std::_Any_data const&, unsigned char*, unsigned short)+0x47) [0x7d045b]
	./otclient(Connection::onRecv(boost::system::error_code const&, unsigned long)+0x6a) [0x7c25d0]
	./otclient(boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> >::operator()(boost::system::error_code const&, unsigned long, int)+0x2fb) [0x7cb827]
	./otclient(boost::asio::detail::reactive_socket_recv_op<boost::asio::mutable_buffers_1, boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> > >::do_complete(boost::asio::detail::task_io_service*, boost::asio::detail::task_io_service_operation*, boost::system::error_code const&, unsigned long)+0x101) [0x7cb949]
	./otclient(boost::asio::detail::task_io_service::poll(boost::system::error_code&)+0x320) [0x7c5dbe]
	./otclient(Connection::poll()+0x50) [0x7bfd48]
	./otclient(Application::poll()+0x9) [0x72a79d]
Exiting application..

Any relevant information/ideas/suggestions greatly appreciated (I'll gladly try to work on it on my own, but because I don't know any relatively low-level language like C/C++ yet, any clues beyond "some kind of issue with xteaDecrypt" would be very helpful!)

Edit: Come to think about it, it probably means there's a mismatch between the public and private keys, right?
Still not sure what to do, though.
I think I need to first of all need to know when the CIPSOFT_RSA and when the OTSERV_RSA keys are used.
Why does my login server and the client have both? Does it use 2 RSA key pairs? Why, and why are they named "CIPSOFT" and "OTSERV" when they're both used when communicating with a single server?
(And why is 128 byte RSA used for encryption in the 21st century anyway? :p)
 
Last edited:
e.e said:
@Summ

This still seem relevant with the latest OTC build, though using this login-server.
Cip client 7.70 logs in without problems.
With OTC I get to charlist, then upon trying to enter with a char the client will load indefinitely with this error output in console:
Code: 
Startup done :]
ERROR: invalid decrypted network message
C++ stack traceback:
    [C++]: Protocol::xteaDecrypt
    ./otclient(Protocol::xteaDecrypt(stdext::shared_object_ptr<InputMessage> const&)+0x234) [0x7ced52]
    ./otclient(Protocol::internalRecvData(unsigned char*, unsigned short)+0x240) [0x7cf0ba]
    ./otclient(std::_Function_handler<void (unsigned char*, unsigned short), std::_Bind<std::_Mem_fn<void (Protocol::*)(unsigned char*, unsigned short)> (stdext::shared_object_ptr<Protocol>, std::_Placeholder<1>, std::_Placeholder<2>)> >::_M_invoke(std::_Any_data const&, unsigned char*, unsigned short)+0x47) [0x7d045b]
    ./otclient(Connection::onRecv(boost::system::error_code const&, unsigned long)+0x6a) [0x7c25d0]
    ./otclient(boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> >::operator()(boost::system::error_code const&, unsigned long, int)+0x2fb) [0x7cb827]
    ./otclient(boost::asio::detail::reactive_socket_recv_op<boost::asio::mutable_buffers_1, boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> > >::do_complete(boost::asio::detail::task_io_service*, boost::asio::detail::task_io_service_operation*, boost::system::error_code const&, unsigned long)+0x101) [0x7cb949]
    ./otclient(boost::asio::detail::task_io_service::poll(boost::system::error_code&)+0x320) [0x7c5dbe]
    ./otclient(Connection::poll()+0x50) [0x7bfd48]
ERROR: failed to decrypt message
C++ stack traceback:
    [C++]: Protocol::internalRecvData
    ./otclient(Protocol::internalRecvData(unsigned char*, unsigned short)+0x283) [0x7cf0fd]
    ./otclient(std::_Function_handler<void (unsigned char*, unsigned short), std::_Bind<std::_Mem_fn<void (Protocol::*)(unsigned char*, unsigned short)> (stdext::shared_object_ptr<Protocol>, std::_Placeholder<1>, std::_Placeholder<2>)> >::_M_invoke(std::_Any_data const&, unsigned char*, unsigned short)+0x47) [0x7d045b]
    ./otclient(Connection::onRecv(boost::system::error_code const&, unsigned long)+0x6a) [0x7c25d0]
    ./otclient(boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> >::operator()(boost::system::error_code const&, unsigned long, int)+0x2fb) [0x7cb827]
    ./otclient(boost::asio::detail::reactive_socket_recv_op<boost::asio::mutable_buffers_1, boost::asio::detail::read_op<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> >, boost::asio::mutable_buffers_1, boost::asio::detail::transfer_all_t, std::_Bind<std::_Mem_fn<void (Connection::*)(boost::system::error_code const&, unsigned long)> (stdext::shared_object_ptr<Connection>, std::_Placeholder<1>, std::_Placeholder<2>)> > >::do_complete(boost::asio::detail::task_io_service*, boost::asio::detail::task_io_service_operation*, boost::system::error_code const&, unsigned long)+0x101) [0x7cb949]
    ./otclient(boost::asio::detail::task_io_service::poll(boost::system::error_code&)+0x320) [0x7c5dbe]
    ./otclient(Connection::poll()+0x50) [0x7bfd48]
    ./otclient(Application::poll()+0x9) [0x72a79d]
Exiting application..

Any relevant information/ideas/suggestions greatly appreciated (I'll gladly try to work on it on my own, but because I don't know any relatively low-level language like C/C++ yet, any clues beyond "some kind of issue with xteaDecrypt" would be very helpful!)

Edit: Come to think about it, it probably means there's a mismatch between the public and private keys, right?
Still not sure what to do, though.
I think I need to first of all need to know when the CIPSOFT_RSA and when the OTSERV_RSA keys are used.
Why does my login server and the client have both? Does it use 2 RSA key pairs? Why, and why are they named "CIPSOFT" and "OTSERV" when they're both used when communicating with a single server?
(And why is 128 byte RSA used for encryption in the 21st century anyway? :p)
Click to expand...

CIPSOFT_RSA is used when connecting to Tibia official servers. OTSERV_RSA is used otherwise. I'm pretty sure your login serve uses CIPSOFT_RSA (but correct me if I'm wrong), therefore you should be using CIPSOFT_RSA to connect.

Try to look at modules/gamelib/game.lua, function g_game.chooseRsa(host).
 
Ziker said:
CIPSOFT_RSA is used when connecting to Tibia official servers. OTSERV_RSA is used otherwise. I'm pretty sure your login serve uses CIPSOFT_RSA (but correct me if I'm wrong), therefore you should be using CIPSOFT_RSA to connect.

Try to look at modules/gamelib/game.lua, function g_game.chooseRsa(host).
Click to expand...
Ah, I see.. Thank you.
Code: 
if host:ends('.tibia.com') or host:ends('.cipsoft.com') then
    g_game.setRsa(CIPSOFT_RSA)
But I still don't understand why the loginserver has its own "cipsoft" and "opentibia" keys as well...

And I don't know which it uses, because none of the keys in the loginserver's RSA keys fully matches the RSA key of cip's 7.70 client!
However the only key that seems to matter on the OTC-side is the OTSERV key (and I know why now thanks to you :)) when trying to connect to my serv, and the keys that are nearly identical is the "opentibia" key in the loginserver:
142996239624163995200701773828988955507954033454661532174705160829347375827760388829672133862046006741453928458538592179906264509724520840657286865659281137630979195970404721891201847792002125535401292779123937207447574596692788513647179235335529307251350570728407373705564708871762033017096809910315212884101
Compared to cip's 7.70 client's RSA key which is:
142996239624163995200701773828988955507954033454661532174705160829347375827760388829672133862046006741453928458538592179906264509724520840657286865659265687630979195970404721891201847792002125535401292779123937207447574596692788513647179235335529307251350570728407373705564708871762033017096809910315212883967

And yet only cip's 7.70 RSA key works for OTC to at least show the character list, every other key (including the loginserver's key) results in an immediate response in the GUI
Code: 
Login Error
Your connection has been lost.
Either your network or the server went down. (ERROR 2)
No console errors in this case.
 
e.e said:
Ah, I see.. Thank you.
Code: 
if host:ends('.tibia.com') or host:ends('.cipsoft.com') then
    g_game.setRsa(CIPSOFT_RSA)
But I still don't understand why the loginserver has its own "cipsoft" and "opentibia" keys as well...

And I don't know which it uses, because none of the keys in the loginserver's RSA keys fully matches the RSA key of cip's 7.70 client!
However the only key that seems to matter on the OTC-side is the OTSERV key (and I know why now thanks to you :)) when trying to connect to my serv, and the keys that are nearly identical is the "opentibia" key in the loginserver:
142996239624163995200701773828988955507954033454661532174705160829347375827760388829672133862046006741453928458538592179906264509724520840657286865659281137630979195970404721891201847792002125535401292779123937207447574596692788513647179235335529307251350570728407373705564708871762033017096809910315212884101
Compared to cip's 7.70 client's RSA key which is:
142996239624163995200701773828988955507954033454661532174705160829347375827760388829672133862046006741453928458538592179906264509724520840657286865659265687630979195970404721891201847792002125535401292779123937207447574596692788513647179235335529307251350570728407373705564708871762033017096809910315212883967

And yet only cip's 7.70 RSA key works for OTC to at least show the character list, every other key (including the loginserver's key) results in an immediate response in the GUI
Code: 
Login Error
Your connection has been lost.
Either your network or the server went down. (ERROR 2)
No console errors in this case.
Click to expand...

Well, I see that OpenTibia RSA is commented out in login server, so it uses the pair of cipsoft's RSA keys. If you get through the login stage (so you get character list), that means the RSA key matches between login server and OTC. My bet would be there's something wrong later on, since when you try to login with one of the characters, you connect to game server at this point. There could be a mismatch.
 

Similar threads

D
10.98 64x64 sprites & stuff
Replies
2
Views
456
Dercas
D
N
BLACK - Client protection
Replies
3
Views
641
Erikas Kontenis
Erikas Kontenis
Giorox
Naive Dockerized TFS 1.5
Replies
6
Views
2K
iNux
I
222222
Linux How to build NGINX from source - and optimize it for security and performance. Including TLS.
Replies
0
Views
250
222222
222222
Back
Top