New Ren'Py save check coding

[WuzzyFuzzy]

small question, how about people who using joiplay to play renpy games that doesn't had android version?

I have not used Joiplay, but my guess is the behavior would be the same (although I could be wrong). If you find out otherwise, please let us know.

 

[Nickpros20]

my solution was this:




In the game file, where you can find the exe. There is a other file "renpy".
Open it, search for the "savetoken.py" open it with the simple texteditor, and then look for this:


def verify_data(data, signatures, check_verifying=True):
"""
Verifies that `data` has been signed by the keys in `signatures`.
"""

for i in signatures.splitlines():
kind, key, sig = decode_line(i)

if kind == "signature":

if key is None:
continue

if check_verifying and key not in verifying_keys:
continue

try:
vk = ecdsa.VerifyingKey.from_der(key)
if vk.verify(sig, data):
return True
except Exception:
continue

return False



chance the last entry to "True" save , restart the game and then your edited save will work. Testet this with the
The Builder [Ep.5 B2] [LewdRobotics]

Yall this works

 

[sakuzuda]

Yall this works

did you use joiplay or playing on pc?

 

[sakuzuda]

my solution was this:




In the game file, where you can find the exe. There is a other file "renpy".
Open it, search for the "savetoken.py" open it with the simple texteditor, and then look for this:


def verify_data(data, signatures, check_verifying=True):
"""
Verifies that `data` has been signed by the keys in `signatures`.
"""

for i in signatures.splitlines():
kind, key, sig = decode_line(i)

if kind == "signature":

if key is None:
continue

if check_verifying and key not in verifying_keys:
continue

try:
vk = ecdsa.VerifyingKey.from_der(key)
if vk.verify(sig, data):
return True
except Exception:
continue

return False



chance the last entry to "True" save , restart the game and then your edited save will work. Testet this with the
The Builder [Ep.5 B2] [LewdRobotics]

idk, man. I didn't found it on renpy folder. and how to read this? I got it after editing the save file...

 

[Pinsel]

Sry, i dont know Joiplay. But in my experience, usualy if ther is no "savetoken.py" then the editet savefile works anyway. And what program did you use for editing the file? I use this:

You must be registered to see the links

Or you could try this:

View attachment 2907053

It is the savefile, wich you have changed. Just "unblock" the file. But of some weird reason it dosent work everytime.

 

[fuckmylifedammit]

im sorry since im kindof a noob but where is the "security_keys.txt" ?... i cant find it in my game directory

 

[Seeps]

im sorry since im kindof a noob but where is the "security_keys.txt" ?... i cant find it in my game directory

I went to "C:\Users\<YOUR USERNAME>\AppData\Roaming\RenPy", searched for "security_keys" and made the adjustment after saving a copy, you know, just in case.

Now that document just says

signing-key
verifying-key

I've had no issues since.

PS: If you can't see your AppData folder, it's because you need to unhide hidden documents. Google it in case you need help, it's quite straightforward.

 

[Iamthegoldengod]

did you use joiplay or playing on pc?

I'm using joiplay and the method didn't work for me (the savetoken.py method). Hopefully there's a workaround for android users soon.

 

[Unkoep]

my solution was this:




In the game folder, where you can find the exe. There is a other folder "renpy".
Open it, search for the "savetoken.py" open it with the simple texteditor, and then look for this:


def verify_data(data, signatures, check_verifying=True):
"""
Verifies that `data` has been signed by the keys in `signatures`.
"""

for i in signatures.splitlines():
kind, key, sig = decode_line(i)

if kind == "signature":

if key is None:
continue

if check_verifying and key not in verifying_keys:
continue

try:
vk = ecdsa.VerifyingKey.from_der(key)
if vk.verify(sig, data):
return True
except Exception:
continue

return False



chance the last entry to "True" save , restart the game and then your edited save will work. Testet this with the
The Builder [Ep.5 B2] [LewdRobotics]

Thanks bro here i thought i had to learn how to code with all these different tutorials and stuff

 

[imzahai]

If the keys are what's bothering, you can solve it in a few steps.
Beware it permanently revokes security keys. Do at your own risk
Buckle-up it might be rocket science for some.

1 - Open the security_keys.txt (%appdata%\roaming\renpy\tokens) and remove both the keys contents (not their header, only the characters string).
2 - Save
3 - make the file read-only (right-click, properties, read-only checkbox, OK).
5 - Run your game and load your savegame
6 - Facepalm (optional)
7 - Enjoy

i will of course have to frequently use option 6, thank you!!

 

[Falkfisch]

my solution was this:




In the game folder, where you can find the exe. There is a other folder "renpy".
Open it, search for the "savetoken.py" open it with the simple texteditor, and then look for this:


def verify_data(data, signatures, check_verifying=True):
"""
Verifies that `data` has been signed by the keys in `signatures`.
"""

for i in signatures.splitlines():
kind, key, sig = decode_line(i)

if kind == "signature":

if key is None:
continue

if check_verifying and key not in verifying_keys:
continue

try:
vk = ecdsa.VerifyingKey.from_der(key)
if vk.verify(sig, data):
return True
except Exception:
continue

return False



chance the last entry to "True" save , restart the game and then your edited save will work. Testet this with the
The Builder [Ep.5 B2] [LewdRobotics]

Can someone please pin this solution to the top?

 

[derfirm]

Can someone please pin this solution to the top?

Respectfully disagree. This solution required access to in-game files/source code, which not always accessable and in some cases it won't work.

 

[Netgear]

... "use the console in order to alter any value without the need to edit the save files".

Console that can be enabled this way. You can even copy past a bit of, like that one, to have a bit more than the console, or use one of the already made file.

Why not enabling the developer console directly in the game's files ? (renpy/common/00library.rpy ?)
From there, you can see the variable in the game and change them with the commande console all in one place.

 

[anne O'nymous]

Why not enabling the developer console directly in the game's files ? (renpy/common/00library.rpy ?)

Firstly because you don't need to enable it directly from the core. Secondly because the developer mode do more than enabling the console. Among other things, it will treat as fatal some errors that, without it, Ren'Py wouldn't care too much about. It will also switch the default background from full black to checked, what will mess with some transition and effect.

 

[JoyfulDancer]

Hello, I have a quick workaround for this
Here is a python script that can use your local tokens and overwrite the save signature to unlock it

How-to-use it

0) Make sure you have python3 installed and it accessible from console + install ecdsa using 'pip install ecdsa'
1) Unpack python script into your test folder.
2) You need to find your save location

You must be registered to see the links

and copy "security_keys.txt" to folder with your script
3) copy savegame (1-11-LT1.save for instance into location with Your script)
4) run script 'python3 repack-savefile.py security_keys.txt 1-11-LT1.save' (where first should be your tokens textfile, second is name of savegame). Path can be absolute or relative - should work in both cases.
5) copy savegame file back to savegame location, override it.
Be Aware! this script override "signature" file in your savegame, please make backup before use it.

Tested on BigBrother and using

You must be registered to see the links

I appear to be somewhat stumped. How does one unpack the python script? Google has proven to be surprisingly unhelpful in finding clear, simple instructions on the matter. Also, do we use the original save game then slap that into the editor? Or do we use the edited save file for this? Apologies for the hassle.

 

[derfirm]

I appear to be somewhat stumped. How does one unpack the python script? Google has proven to be surprisingly unhelpful in finding clear, simple instructions on the matter. Also, do we use the original save game then slap that into the editor? Or do we use the edited save file for this? Apologies for the hassle.

Hello, your question is absolutely normal! I receive a lot of questions and the solution I proposed is not the best. I think in the coming days I will be able to add more detailed information and another more convenient solution without scripts.

You need just to re-sign edited save file

 

[Pinsel]

I appear to be somewhat stumped. How does one unpack the python script? Google has proven to be surprisingly unhelpful in finding clear, simple instructions on the matter. Also, do we use the original save game then slap that into the editor? Or do we use the edited save file for this? Apologies for the hassle.

Well you want the edited save to work. So... Try one of this:

If the keys are what's bothering, you can solve it in a few steps.
Beware it permanently revokes security keys. Do at your own risk
Buckle-up it might be rocket science for some.

1 - Open the security_keys.txt (%appdata%\roaming\renpy\tokens) and remove both the keys contents (not their header, only the characters string).
2 - Save
3 - make the file read-only (right-click, properties, read-only checkbox, OK).
5 - Run your game and load your savegame
6 - Facepalm (optional)
7 - Enjoy

I failed to mention this earlier, but another good tool to manipulate your variables and play around in game without using a save editor is 0x52's Universal Ren'Py mod. It can be found here: Universal Ren'Py mod

Thanks for all the replies.

my solution was this:




In the game folder, where you can find the exe. There is a other folder "renpy".
Open it, search for the "savetoken.py" open it with the simple texteditor, and then look for this:


def verify_data(data, signatures, check_verifying=True):
"""
Verifies that `data` has been signed by the keys in `signatures`.
"""

for i in signatures.splitlines():
kind, key, sig = decode_line(i)

if kind == "signature":

if key is None:
continue

if check_verifying and key not in verifying_keys:
continue

try:
vk = ecdsa.VerifyingKey.from_der(key)
if vk.verify(sig, data):
return True
except Exception:
continue

return False



chance the last entry to "True" save , restart the game and then your edited save will work. Testet this with the
The Builder [Ep.5 B2] [LewdRobotics]

 

[zmeydoom]

There is, but it would totally defeat the security purpose behind the check.




They are aware of this. I mean, they read

You must be registered to see the links

before switching to a new version, right ?




Once again, it would defeat the whole purpose of this check.




... "use the console in order to alter any value without the need to edit the save files".

Console that can be enabled this way. You can even copy past a bit of, like that one, to have a bit more than the console, or use one of the already made file.

In my personal opinion, this whole check is paranoid nonsense. If you are afraid to catch a virus, don't use/Download/etc. But forbid me to do anything in MY HOUSE and on MY PC? HERESY! They want to cover your ass from accusations and lawsuits - their right. But to deprive the user of the right to choose is idiocy. And this is a very mild expression of what I think.

 

[zmeydoom]

Spoiler

You don't have permission to view the spoiler content. Log in or register now.

Thank you))

 

[anne O'nymous]

[...] they want to cover your ass from accusations and lawsuits - their right.

I really would love to see the idiot who would sue PyTom because he was enough of a dumb ass to download a corrupted save file from an unknown source. It's been more than twenty years that justice consider that software developers only have an obligation of means when it come to security, not an obligation of results, and that one is the main responsible for his own computer security. Therefore, even without this security net, the instant your own behavior put you at risk he wouldn't be held responsible.

But to deprive the user of the right to choose is idiocy. And this is a very mild expression of what I think.

You aren't deprived of your right to choose (please, where is this right defined ?) since it's possible to still load a save file that don't come from your computer. It's not Ren'Py fault if you use a third party service that do shit and leave you with a save file that clearly and openly looks corrupted.
Because it's the issue here. If saveEditor was doing its job correctly, there would be no issue. You would say to Ren'Py that you trust the source and it would load the save file. But like saveEditor didn't cared (yet ?) to update its code in order to take the new security feature into consideration, it return you shit that you can't load. And like an idiot you blame the software warning you that it's shit, and not the one who made the shit...