EncryptionVersion getVersion()
{
uint m1lo = peHeader.readUInt32(0x900);
uint m1hi = peHeader.readUInt32(0x904);
uint m2lo = mcKey.readUInt32(0x8C0);
uint m2hi = mcKey.readUInt32(0x8C4);
foreach (var info in encryptionInfos_McKey8C0h)
{
if (info.MagicLo == m2lo && info.MagicHi == m2hi)
{
return(info.Version);
}
}
foreach (var info in encryptionInfos_Rva900h)
{
if (info.MagicLo == m1lo && info.MagicHi == m1hi)
{
return(info.Version);
}
}
Log.w("Could not detect MC version. Magic1: {0:X8} {1:X8}, Magic2: {2:X8} {3:X8}", m1lo, m1hi, m2lo, m2hi);
return(EncryptionVersion.Unknown);
}
void decryptResources()
{
uint resourceRva = peHeader.getRva1(0x0E10, mcKey.readUInt32(0x00A0));
uint resourceSize = peHeader.readUInt32(0x0E14) ^ mcKey.readUInt32(0x00AA);
if (resourceRva == 0 || resourceSize == 0)
{
return;
}
if (resourceRva != peImage.Cor20Header.resources.virtualAddress ||
resourceSize != peImage.Cor20Header.resources.size)
{
Log.w("Invalid resource RVA and size found");
}
Log.v("Decrypting resources @ RVA {0:X8}, {1} bytes", resourceRva, resourceSize);
int resourceOffset = (int)peImage.rvaToOffset(resourceRva);
for (int i = 0; i < resourceSize; i++)
{
fileData[resourceOffset + i] ^= mcKey[i % 0x2000];
}
}
void decryptResources(byte[] fileData, PeImage peImage, PeHeader peHeader, McHeader mcHeader)
{
uint resourceRva = peHeader.getRva1(0x0E10, mcHeader.readUInt32(0x00A0));
uint resourceSize = peHeader.readUInt32(0x0E14) ^ mcHeader.readUInt32(0x00AA);
if (resourceRva == 0 || resourceSize == 0)
return;
if (resourceRva != peImage.Cor20Header.resources.virtualAddress ||
resourceSize != peImage.Cor20Header.resources.size) {
Log.w("Invalid resource RVA and size found");
}
Log.v("Decrypting resources @ RVA {0:X8}, {1} bytes", resourceRva, resourceSize);
int resourceOffset = (int)peImage.rvaToOffset(resourceRva);
for (int i = 0; i < resourceSize; i++)
fileData[resourceOffset + i] ^= mcHeader[i % 0x2000];
}
