This project provides a custom implementation of RSA signature verification in SC2, enabling secure message validation through RSA signatures. RSA signatures work by encrypting a hash of the message with a private key, allowing the recipient to verify its authenticity by decrypting it with the corresponding public key.
The project includes:
-
BigNum Library: An arbitrary-precision arithmetic library (specifically written for SC2) to handle large integers beyond the 32-bit limit.
-
SHA1 Library: A hashing library (also specifically tailored for SC2) to provide the necessary functionality for message hashing in RSA signature verification.
-
Python Signing Tool: Generates RSA key pairs, signs messages, and outputs a Base64-encoded string for use in SC2.
-
Clone the repository:
git clone https://github.com/R-P-S/SC2-RSA.git cd SC2-RSA -
Requirements:
-
Python 3
If Python is not installed, download and install it here.
-
-
Install Required Python Package
pip install https://github.com/R-P-S/SC2-RSA/archive/master.zipThis command installs all necessary Python dependencies for the signing tool.
-
Initial Run of the Python Signing Tool
$ sc2signerThe tool will guide you through the setup. On the first run, you’ll be asked to select an RSA key size:
-
Select 1024 or 2048 bits. A 1024-bit key is recommended for optimal performance. If you're using a 2048-bit key, set the constant
KEY_SIZE_MULTIPLIERto2inbignum.galaxyor in the trigger library if using the GUI.Once keys are generated, the script saves them to a
.pemfile and copies the public key to your clipboard. Paste this key into thePUBLIC_KEYconstant inrsa.galaxyor, if using the GUI, into thePUBLIC_KEYconstant in the trigger module.
-
-
Signing Messages with the Python Script
- Enter a message and player ID (X-S2-X-XXXXXXX) when prompted.
- The script will ask how many days the signed message should remain valid. If you provide a number of days (e.g.,
7), the tool calculates a Unix timestamp for expiration. It embeds that timestamp in the signed message. If you enter0for days, there is no expiration attached to the signature. - The script outputs a signed message in Base64 format.
-
Verifying Signatures in SC2
Once a signed message is generated, it can be verified in-game. The included example trigger
gt_DecryptSignaturelistens for the chat command (e.g., -m {signed_message}) and verifies the signature by:- Decrypting the RSA signature.
- Comparing it with the expected hash.
-
Key File Location
The RSA key pair is stored in a user-specific directory. Make sure to keep this file secure, as it contains the private key used for signing.
- Windows:
C:\Users\<Username>\AppData\Local\SC2Signer\rsa_keys.pem - macOS:
/Users/<Username>/Library/Application Support/SC2Signer/rsa_keys.pem - Linux:
/home/<Username>/.local/share/SC2Signer/rsa_keys.pem
- Windows:
Python Signing Tool
Example run:
$ sc2signer
Write message: Marine 5
Enter Player Profile ID: SC2E-TEST-ACCOUNT
How many days should the signed message be valid? (0 for no time limit): 0
Verification
In Starcraft 2's chat console:
-m {signed_message}
This project is licensed under the MIT License. See the LICENSE file for more details.