Sunday, December 28, 2014

Abiathar Confidential - GameMaps with VeriMaps Signature Format

Abiathar, as of v2.2, includes the VeriMaps feature, which alters the format of the emitted GameMaps file to some degree. I am describing its format here so that any other editors or tools can read and write the modified format correctly.


First, if a GameMaps file is an Abiathar VeriMaps file, its first eight bytes are "FleexRSA". (If that signature isn't there, no special considerations are necessary for 100% compatibility with Abiathar.) The signature is immediately followed (there's no null terminator after "FleexRSA") by the name of the signer, which is ended with a null. After that is the 128-byte RSA signature.

Before parsing any level data, read the entire rest of the file (starting immediately after the signature) into a buffer. Append the name of the signer to this string:

https://dl.dropboxusercontent.com/u/3771470/Abiathar/VeriMaps/

And add ".acert" to the end to get the URL of the user's public key. (You can test for connection using "VeriMaps.txt" in that directory, which should contain the string "Abiathar".) The first line of that file is the user's distinction/title or "NUL" if they have no distinction. The second line is the XML representation of a .NET RSAParameters object that can be created like this:

Dim sFile As New IO.StreamReader(Path)
Dim distinction = sFile.ReadLine
Dim rsa = Security.Cryptography.RSA.Create()
rsa.FromXmlString(sFile.ReadToEnd)
sFile.Close()
Dim rsaParams = rsa.ExportParameters(False)

Compute the SHA-512 hash of the GameMaps file data. Compare it to the signed version that came with the file using this function:

Public Function CheckSignature(SignedHash As Byte(), _
 Hash As Byte(), Cert As RSAParameters) As Boolean

 Dim rsa As New RSACryptoServiceProvider
 rsa.ImportParameters(Cert)
 Dim deform As New RSAPKCS1SignatureDeformatter(rsa)
 deform.SetHashAlgorithm("SHA512")
 Return deform.VerifySignature(Hash, SignedHash)
End Function

To create signed VeriMaps files, use an ASIGN (signing certificate) file provided by the user. The first line is the user's name; the second is the XML RSAParameters with private key data included. After writing the main GameMaps data region, calculate its hash and sign it using RSAPKCS1SignatureFormatter.

No comments:

Post a Comment