public
Last active

  • Download Gist
ncfcrypt.c
C
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241
/*
NCF Crypt
=========
 
NCF Crypt is a tiny tool to encrypt or decrypt ncf files so they can be
validated in CFToolbox or to play the game with Steam.
 
Why do we need this tool?
-------------------------
Some games on Steam are encrytped so they can be preloaded even before the game
has been released. After the release Steam decrypts all files but in some cases
flags in the NCF file aren't set properly. That means that even if you have the
decrypted files steam and other tools will recognize them as encrytped just
becaues the NCF file says so. This tool only changes the flags to and does not
decrypt associated files.
 
Usage
-----
Just drag a NCF file on the executable and it will be decrytpted or encrytped.
 
### Advanced
 
ncfcrypt [/S | /E | /D] filenames
 
filenames - one ore more files to be crypted
 
/S - Swaps the encryption flag for each entry (default behavior)
/E - Encrypts all entries
/D - Decrypts all entires
 
It's recommned to backup ncf files if you use /E or /D because mixed
attributes cannot be restored after encryption or decrypting the whole file.
*/
 
#include <Windows.h>
 
// Custom entry for smaller executable size.
#pragma comment(linker, "/entry:Start")
 
// NCF file format:
// http://singularity.us.to/dev/steam/Development.Non-Cache-File-Format.ashx.htm
enum {
FLAG_CONFIG = 1 << 0,
FLAG_LAUNCH = 1 << 1,
FLAG_UNKNOWN1 = 1 << 2,
FLAG_LOCKED = 1 << 3,
FLAG_UNKNOWN2 = 1 << 4,
FLAG_NOCACHE = 1 << 5,
FLAG_BACKUP = 1 << 6,
FLAG_PURGE = 1 << 7,
FLAG_ENCRYPTED = 1 << 8,
FLAG_READONLY = 1 << 9,
FLAG_HIDDEN = 1 << 10,
FLAG_EXECUTABLE = 1 << 11,
FLAG_UNKNOWN3 = 1 << 12,
FLAG_UNKNOWN4 = 1 << 13,
FLAG_FILE = 1 << 14
};
 
typedef struct _FILE_HEADER {
DWORD dwHeaderVersion;
DWORD dwCacheType;
DWORD dwFormatVersion;
DWORD dwApplicationID;
DWORD dwApplicationVersion;
DWORD dwIsMounted;
DWORD dwDummy0;
DWORD dwFileSize;
DWORD dwClusterSize;
DWORD dwClusterCount;
DWORD dwChecksum;
} FILE_HEADER, *PFILE_HEADER;
 
typedef struct _MANIFEST_HEADER {
DWORD dwHeaderVersion;
DWORD dwApplicationID;
DWORD dwApplicationVersion;
DWORD dwNodeCount;
DWORD dwFileCount;
DWORD dwCompressionBlockSize;
DWORD dwBinarySize;
DWORD dwNameSize;
DWORD dwHashTableKeyCount;
DWORD dwNumOfMinimumFootprintFiles;
DWORD dwNumOfUserConfigFiles;
DWORD dwBitmask;
DWORD dwFingerprint;
DWORD dwChecksum;
} MANIFEST_HEADER, *PMANIFEST_HEADER;
 
typedef struct _MANIFEST_NODE {
DWORD dwNameOffset;
DWORD dwCountOrSize;
DWORD dwFileId;
DWORD dwAttributes;
DWORD dwParentIndex;
DWORD dwNextIndex;
DWORD dwChildIndex;
} MANIFEST_NODE, *PMANIFEST_NODE;
 
static BOOL ValidateFileHeader(PFILE_HEADER pFileHeader)
{
DWORD i, dwChecksum = 0;
PBYTE data = (PBYTE)pFileHeader;
 
// add every single byte to the checksum
for (i = 0; i < sizeof(FILE_HEADER) - sizeof(DWORD); i++) {
dwChecksum += data[i];
}
 
return pFileHeader->dwChecksum == dwChecksum;
}
 
enum {
OPTION_SWAP,
OPTION_ENCRYPT,
OPTION_DECRYPT
};
 
static void Swap(PMANIFEST_NODE rgManifestNodes, UINT dwManifestNodes)
{
DWORD i;
 
for (i = 0; i < dwManifestNodes; i++) {
// folders don't have any flags, do nothing
if (!rgManifestNodes[i].dwAttributes)
continue;
 
if (rgManifestNodes[i].dwAttributes & FLAG_ENCRYPTED)
rgManifestNodes[i].dwAttributes ^= FLAG_ENCRYPTED;
else
rgManifestNodes[i].dwAttributes |= FLAG_ENCRYPTED;
}
}
 
static void Encrypt(PMANIFEST_NODE rgManifestNodes, UINT dwManifestNodes)
{
DWORD i;
 
for (i = 0; i < dwManifestNodes; i++) {
// folders don't have any flags, do nothing
if (!rgManifestNodes[i].dwAttributes)
continue;
 
if (!(rgManifestNodes[i].dwAttributes & FLAG_ENCRYPTED))
rgManifestNodes[i].dwAttributes |= FLAG_ENCRYPTED;
}
}
 
static void Decrypt(PMANIFEST_NODE rgManifestNodes, UINT dwManifestNodes)
{
DWORD i;
 
for (i = 0; i < dwManifestNodes; i++) {
// folders don't have any flags, do nothing
if (!rgManifestNodes[i].dwAttributes)
continue;
 
if (rgManifestNodes[i].dwAttributes & FLAG_ENCRYPTED)
rgManifestNodes[i].dwAttributes ^= FLAG_ENCRYPTED;
}
}
 
static void CryptFile(PCWSTR pszFileName, DWORD dwOption)
{
HANDLE hFile, hFileMapping;
PVOID pBaseAddress;
PBYTE pData;
PFILE_HEADER pFileHeader;
PMANIFEST_HEADER pManifestHeader;
PMANIFEST_NODE grpManifestNodes;
 
// open file
hFile = CreateFileW(pszFileName, GENERIC_READ | GENERIC_WRITE, 0, NULL,
OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (hFile == INVALID_HANDLE_VALUE)
FatalAppExitW(0, L"Opening file failed");
 
// map into memory
hFileMapping = CreateFileMappingW(hFile, NULL, PAGE_READWRITE, 0, 0, NULL);
if (!hFileMapping)
FatalAppExitW(0, L"Cannot map file in memory");
 
pBaseAddress = MapViewOfFile(hFileMapping, FILE_MAP_WRITE, 0, 0, 0);
pData = (PBYTE)pBaseAddress;
 
// FileHeader
pFileHeader = (PFILE_HEADER)pData;
pData += sizeof(FILE_HEADER);
// check if file is a valid ncf file
if (!ValidateFileHeader(pFileHeader))
FatalAppExitW(0, L"File is not a valid ncf");
 
// ManifestHeader
pManifestHeader = (PMANIFEST_HEADER)pData;
pData += sizeof(MANIFEST_HEADER);
 
// ManifestNodes
grpManifestNodes = (PMANIFEST_NODE)pData;
pData += (sizeof(MANIFEST_NODE) * pManifestHeader->dwNodeCount);
 
switch (dwOption) {
case OPTION_SWAP:
Swap(grpManifestNodes, pManifestHeader->dwNodeCount);
break;
case OPTION_ENCRYPT:
Encrypt(grpManifestNodes, pManifestHeader->dwNodeCount);
break;
case OPTION_DECRYPT:
Decrypt(grpManifestNodes, pManifestHeader->dwNodeCount);
break;
}
 
// write and close file
dwOption = UnmapViewOfFile(pBaseAddress);
CloseHandle(hFileMapping);
CloseHandle(hFile);
}
 
int WINAPI Start(void)
{
PWSTR *ppszArgs;
DWORD dwOption, i, iNumArgs;
 
ppszArgs = CommandLineToArgvW(GetCommandLineW(), &iNumArgs);
dwOption = OPTION_SWAP;
 
for (i = 1; i < iNumArgs; i++) {
if (ppszArgs[i][0] == '/') {
switch (ppszArgs[i][1]) {
case 'S': dwOption = OPTION_SWAP; break;
case 'E': dwOption = OPTION_ENCRYPT; break;
case 'D': dwOption = OPTION_DECRYPT; break;
}
} else {
CryptFile(ppszArgs[i], dwOption);
}
}
 
return 0;
}

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.