TLOU net-patch.bin crypto tools

net_decrypt.py

import hmac
import hashlib
import sys
import blowfish # pip install blowfish

def decrypt_and_verify(file_name):
    cipher = blowfish.Cipher(b'(SH[@2>r62%5+QKpy|g6')
    h = hmac.new(b'xM;6X%/p^L/:}-5QoA+K8:F*M!~sb(WK<E%6sW_un0a[7Gm6,()kHoXY+yI/s;Ba', 
      digestmod=hashlib.sha1)
    with open(file_name, 'rb') as fp:
        data_size = int.from_bytes(fp.read(4), byteorder='big')
        data_hash = fp.read(0x14)
        data = fp.read()
        plaintext = b"".join(cipher.decrypt_ecb(data))
        with open(file_name.split('.crypt')[0], 'wb') as op:
          op.write(plaintext[:data_size])
        h.update(plaintext)
        print(f"Computed Hash: {h.hexdigest()}")
        print(f"Stored Hash:   {data_hash.hex()}")
        if h.digest() == data_hash:
          print("Hash check: OK")
        else:
          print("Hash check: failed")
        

if __name__ == "__main__":
    file_name = sys.argv[1]
    decrypt_and_verify(file_name)

net_encrypt.py

import hmac
import hashlib
import sys
import blowfish # pip install blowfish

def encrypt_and_sign(file_name):
    cipher = blowfish.Cipher(b'(SH[@2>r62%5+QKpy|g6')
    h = hmac.new(b'xM;6X%/p^L/:}-5QoA+K8:F*M!~sb(WK<E%6sW_un0a[7Gm6,()kHoXY+yI/s;Ba', 
      digestmod=hashlib.sha1)
    with open(file_name, 'rb') as fp:
        fp.seek(0,2)
        data_size = fp.tell()
        fp.seek(0)
        data = fp.read()
        npad = ((data_size + 0x7) & ~0x7) - data_size
        data += b'\0' * npad
        h.update(data)
        ciphertext = b"".join(cipher.encrypt_ecb(data))
        with open(file_name + ".crypt", "wb") as op:
          op.write(int.to_bytes(data_size, 4, byteorder='big'))
          op.write(h.digest())
          op.write(ciphertext)
          print(file_name + ".crypt written")


if __name__ == "__main__":
    file_name = sys.argv[1]
    encrypt_and_sign(file_name)