dfe - widberg/fmtk GitHub Wiki
The dfe file found in the root game directory is used by SecuROM, the copy protection the game uses. It is purportedly an encrypted archive of game data that is only accessible upon successfully authenticating ownership of the game.
The game itself does not appear to open the dfe file. SecuLauncher.exe has a string %s\data_dfe_%08x%08x%08x%08x which matches the Tron: Evolution Mod Documentation on SecuROM's dfe files but no files of this form are ever created. The game will launch and run fine without this file.
SecuLauncher.exe contains signatures for zinflate_lengthStarts, zinflate_distanceStarts, and TEA encryption/decryption, which matches the claims of Hanzhiyun's (汉之云的) "CD-free", a victory for pirates?. It has the same decryption algorithm as on the TEA Wikipedia page including the same constants. The string "inflate 1.2.2 Copyright 1995-2004 Mark Adler" is also in the binary.
See also: SecuROM
dfe file resources
Hanzhiyun's (汉之云的) "CD-free", a victory for pirates?
Xuan-Yuan Sword: The Cloud of Han
Xuanyuan Sword: Han Zhiyun
The encrypted data of SecuRom is stored in dfe. It is first compressed using zlib, then encrypted using TEA (Tencent QQ (腾讯QQ) uses this algorithm to encrypt local message files), and finally a simple algorithm XOR is used. The dfe in Hanzhiyun contains 194 pieces of data, which totals 16979441 bytes after decompression.
Tron: Evolution Mod Documentation SecuROM
Check what SecuROM does with these files. They could just be useless garbage as they also seem to appear in different games with the exact same size.
neolurk wiki SecuROM
The dfe or dfa file are used to decrypt game data.
SecuRom Italian Error 9000
Error initializing DFE
Red Alert 3 Forum Error 9000
SecuRom Technical Information & Features
Data Files
SecuROMTM (version 7 or higher) also offers a security feature for data files. DFE (Data File Encryption) gives you the
opportunity to wrap several data files into one DFE container. These files then can only be accessed if the encrypted
executable file has been launched successfully.
Decryption
WIP Decryption notes. Since the file is never actually opened this is very hard to debug. Finding the keys statically is hard because of all the obfuscation used around the function calls.
int __cdecl xor_decrypt(unsigned int key, unsigned char *c) {
*c ^= key + BYTE1(key) + BYTE2(key) + HIBYTE(key);
key = __ROR4__(key, *c);
key += (((((*c << 24) | *c) << 16) | *c) << 8) | *c;
return __ROR4__(key, 1); // return value becomes next key
}
void tea_decrypt(unsigned int key[4], unsigned int in[2], unsigned int out[2]); // decrypt 8 bytes with TEA
void zinflate_wrapper(unsigned char *c, unsigned int decompressed_size, unsigned int compressed_size);
void decrypt_dfe(unsigned int xor_key, unsigned int tea_key[4], unsigned char *c, unsigned int decompressed_size, unsigned int compressed_size, bool is_compressed) {
for (size_t i = 0; i < compressed_size; ++i) {
xor_key = xor_decrypt(xor_key, c + i);
}
for (size_t i = 0; i < compressed_size / 8; ++i) {
tea_decrypt(tea_key, c + i * 8, c + i * 8); // in and out are always the same for an in-place decryption
}
if (is_compressed) {
zinflate_wrapper(c, decompressed_size, compressed_size);
}
}
wsprintf(MultiByteStr, "%s\\data_dfe_%08x%08x%08x%08x", DATA_DFE_PATH, dfe_entry_index, checksum, found, dfe_entry_order);