how to get GI5.1 key from file "26236578.blk"?

[Deiloproxide]

I found this blk file in the content "Genshin Impact\Genshin Impact Game\YuanShen_Data\StreamingAssets\VideoAssets".

I opened it in a text editor and saw many text pieces very similar to the "version.json" , but some of them were encrypted.

We can easily get some of its key in the older version of GI , but this method gets hard in the latest 5.1 version because the text seem to become falling apart. I can only recognise the video number like 5004 , 168 and "HCXY"(花车巡游 in Chinese) in the later text but I insist that it must includes 5.1 version key.

I have ever to use "fildder" to catch packs between server and client, some people said there is "FinishedParentQuestUpdateNotify" in the pack, however I have looked over all of the caught packs and cannot find this tag. It may be also encrypted!

So,what encrypt methods it could be so that it includes so many text pieces?
What can we do to get this file key to decrypt it?
And how can I get the original of the caught packs?

I have tried for the key for a few days (maybe a week long), and I feel so helpless now. I m a Nahida-lover and I really want to remain this "HCXY" video for my kawaii NahiWife. Why fk mihoyo set too many fk encrypts behind games?

[Deiloproxide]

Oh, I have knew this. You can decrypted it in "Assetstudio".
But, Emmm...it doesn't include any later key pieces.
The DDL of 5.1 main activity getting nearer, I'm concerned about whether we can catch the HCXY key in such limited time (about 3 days leave).
I didn't want the new version of Nahida's birthday cutscene become buried in this project, and I must do something.

[ZzDaniel]

I'm trying something similar. Keeping an eye on it

[Deiloproxide]

@ZzDaniel
Oh , it's packet capture (pcap) , not catch pack , haha! (Because I'm a Chinese coder.)
I have ran some capture project and got these pcap file.
However it is still encrypted according https://sdl.moe/post/magic-sniffer/
Next , we should deal with it first.
For this , I have stayed over until 1:30 am for about a week , and I feel exhausted now.

2024-11-05-09-43-45.json

2024-11-05-09-44-45.json

2024-11-05-09-45-07.json

Are there some experts can analyze these json?

[Deiloproxide]

@ToaHartor
@ZzDaniel
Yesterday night ,I called my friends to do this together and get some progress.
He wrote a program to analyze the xor key.
Finally , we got the xor key first 500 bytes (except unrecognizable place replaced by "xx")
(He said maybe it is enough.)
Next step is to get cmd id. (I really didn't know what it is.)
Different kinds of server (like mihoyo national server and hoyoverse international servers) has different cmd id.

[ToaHartor]

CMDID tells you which packet corresponds to which action in the game, so that it uses the right protobuf structure to decode the packet. However if you are sure the packet you have is the right one (from here it's either FinishedParentQuestNotify or FinishedParentQuestUpdateNotify), you might not even need it as the only interesting thing is the body, which can be decoded without a known structure, knowing the key is usually a uint64.

[Deiloproxide]

@ToaHartor
Oh ! my cooperators got the 5.1 HCXY (Nahida Birthday Activity) key. (but 5.1 other video key he didn't get yet , only these two videos.)

{
"encAudio": true,
"version": "5.1",
"videoGroups": [
{
"version": "15015",
"videos": [
"Cs_Natlan_LQ150150801_TLZL_Girl",
"Cs_Natlan_LQ150150801_TLZL_Boy",
"Cs_Fontaine_AQ40241601_SCBW_P1_Boy",
"Cs_Fontaine_AQ40241601_SCBW_P1_Girl",
"Cs_Fontaine_AQ40241601_SCBW_P2",
"ping_Girl",
"ping_Boy",
"Cs_Fontaine_AQ40241601_SCBW_P3_Boy",
"Cs_Fontaine_AQ40241601_SCBW_P3_Girl",
"Cs_Fontaine_AQ40241601_SCBW_P4",
"Cs_Fontaine_AQ40241601_SCBW_P5_Boy",
"Cs_Fontaine_AQ40241601_SCBW_P6",
"Cs_Fontaine_AQ40241601_SCBW_P5_Girl"
]
},
{
"key": 9362292576596351,
"version": "40168",
"videos": [
"Cs_Sumeru_EQ401681801_HCXY_Boy",
"Cs_Sumeru_EQ401681801_HCXY_Girl"
]
},
{
"version": "5012",
"videos": [
"Cs_Natlan_AQ50120901_MVBT"
]
},
{
"version": "5011",
"videos": [
"Cs_Natlan_AQ50113101_BSSU_Boy",
"Cs_Natlan_AQ50113101_BSSU_Girl"
]
},
{
"version": "5013",
"videos": [
"Cs_Natlan_AQ50131101_AWFN_Boy",
"Cs_Natlan_AQ50131101_AWFN_Girl"
]
}
]
}

Pls update the version.json
However , the activity has been end , but we can still download the video assets at #104 .

[lrastar]

Why is there still an error when decrypting "Cs_Sumeru_EQ401681801_HCXY_Girl"?
Is my .json file filled in incorrectly?
(Sorry for the machine translation)

[Deiloproxide]

为什么解密 “Cs_Sumeru_EQ401681801_HCXY_Girl” 时仍然报错？我的 .json 文件填写错误吗？ （抱歉机器翻译）

@lrastar

Oh ! It's json compiling error , pls check your json bracket format before you run the program.

There are six brackets at the json end.
I copied it from my json , and I finally decrypted it.
(And I only copied the content between a pair of brackets.)
versions.json

Plus , you needn't translate it . I can understand both Chinese and English , haha ! (Because I'm a Chinese coder.)

[ToaHartor]

Thank you for your hard work ! The key will be added once all keys for this version are found, but it can still be added manually to versions.json for those who want to decrypt the newer files. Btw, if you were able to write a small guide detailing the process to retrieve a key, it would greatly help the search to get the keys (and since I no longer play the game, I don't really keep in touch with all the changes so I'm not aware of the new solutions, but I know people who still play that could help retrieving them).

[moux23333]

这里提醒一下，CN和OS的cmdid都是一样的，没有区别，区别在于版本号，比如5.0.0 5.1.0互不相同。
顺带一提，cmdid在解析数据包可能并不是必需的，因为前些版本的key都是在没有proto和cmdid的情况下进行抓包并解析。
关于5.1.0的其他所有key我会在这几天内提交pr。

[moux23333]

blk中早在2.7以后就不存在任何key了，全部交由服务器发包解密，blk仅负责归类

[Hitachi-Momoka]

今天5.2更新包出了，发现的更新内容会删除纳西妲生日的过场动画，建议备份起来。

[Hitachi-Momoka]

Why is there still an error when decrypting "Cs_Sumeru_EQ401681801_HCXY_Girl"? Is my .json file filled in incorrectly? (Sorry for the machine translation)

试了一下，纳西妲生日过场动画是可以正常解出来的。

[Deiloproxide]

今天5.2更新包出了，发现的更新内容会删除纳西妲生日的过场动画，建议备份起来。
@Hitachi-Momoka
We can still download the usm video assets at #104 , someone has uploaded them.

[ToaHartor]

Closing this issue as 5.1 keys have been added, however I'll pin this issue in order to allow people to find the process more quickly. Thank you for your work !