1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright (C) 2004 the VideoLAN team
7 * Authors: Jon Lech Johansen <jon-vl@nanocrew.net>
8 * Sam Hocevar <sam@zoy.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
23 *****************************************************************************/
25 #include <stdlib.h> /* malloc(), free() */
46 # if !defined( UNDER_CE )
54 #ifdef HAVE_SYS_STAT_H
55 # include <sys/stat.h>
57 #ifdef HAVE_SYS_TYPES_H
58 # include <sys/types.h>
61 /* In Solaris (and perhaps others) PATH_MAX is in limits.h. */
67 # include <mach/mach.h>
68 # include <IOKit/IOKitLib.h>
69 # include <CoreFoundation/CFNumber.h>
72 #ifdef HAVE_SYSFS_LIBSYSFS_H
73 # include <sysfs/libsysfs.h>
77 #include "drmstables.h"
79 #if !defined( UNDER_CE )
80 /*****************************************************************************
81 * aes_s: AES keys structure
82 *****************************************************************************
83 * This structure stores a set of keys usable for encryption and decryption
84 * with the AES/Rijndael algorithm.
85 *****************************************************************************/
88 uint32_t pp_enc_keys[ AES_KEY_COUNT + 1 ][ 4 ];
89 uint32_t pp_dec_keys[ AES_KEY_COUNT + 1 ][ 4 ];
93 # define Digest DigestMD5
95 /*****************************************************************************
96 * md5_s: MD5 message structure
97 *****************************************************************************
98 * This structure stores the static information needed to compute an MD5
99 * hash. It has an extra data buffer to allow non-aligned writes.
100 *****************************************************************************/
103 uint64_t i_bits; /* Total written bits */
104 uint32_t p_digest[4]; /* The MD5 digest */
105 uint32_t p_data[16]; /* Buffer to cache non-aligned writes */
109 /*****************************************************************************
110 * shuffle_s: shuffle structure
111 *****************************************************************************
112 * This structure stores the static information needed to shuffle data using
113 * a custom algorithm.
114 *****************************************************************************/
118 uint32_t p_commands[ 20 ];
119 uint32_t p_bordel[ 16 ];
122 #define SWAP( a, b ) { (a) ^= (b); (b) ^= (a); (a) ^= (b); }
124 /*****************************************************************************
125 * drms_s: DRMS structure
126 *****************************************************************************
127 * This structure stores the static information needed to decrypt DRMS data.
128 *****************************************************************************/
133 uint8_t p_iviv[ 16 ];
139 char psz_homedir[ PATH_MAX ];
142 /*****************************************************************************
144 *****************************************************************************/
145 static void InitAES ( struct aes_s *, uint32_t * );
146 static void DecryptAES ( struct aes_s *, uint32_t *, const uint32_t * );
149 static void InitMD5 ( struct md5_s * );
150 static void AddMD5 ( struct md5_s *, const uint8_t *, uint32_t );
151 static void EndMD5 ( struct md5_s * );
152 static void Digest ( struct md5_s *, uint32_t * );
155 static void InitShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
156 static void DoShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
158 static uint32_t FirstPass ( uint32_t * );
159 static void SecondPass ( uint32_t *, uint32_t );
160 static void ThirdPass ( uint32_t * );
161 static void FourthPass ( uint32_t * );
162 static void TinyShuffle1 ( uint32_t * );
163 static void TinyShuffle2 ( uint32_t * );
164 static void TinyShuffle3 ( uint32_t * );
165 static void TinyShuffle4 ( uint32_t * );
166 static void TinyShuffle5 ( uint32_t * );
167 static void TinyShuffle6 ( uint32_t * );
168 static void TinyShuffle7 ( uint32_t * );
169 static void TinyShuffle8 ( uint32_t * );
170 static void DoExtShuffle ( uint32_t * );
172 static int GetSystemKey ( uint32_t *, vlc_bool_t );
173 static int WriteUserKey ( void *, uint32_t * );
174 static int ReadUserKey ( void *, uint32_t * );
175 static int GetUserKey ( void *, uint32_t * );
177 static int GetSCIData ( char *, uint32_t **, uint32_t * );
178 static int HashSystemInfo ( uint32_t * );
179 static int GetiPodID ( int64_t * );
181 #ifdef WORDS_BIGENDIAN
182 /*****************************************************************************
183 * Reverse: reverse byte order
184 *****************************************************************************/
185 static inline void Reverse( uint32_t *p_buffer, int n )
189 for( i = 0; i < n; i++ )
191 p_buffer[ i ] = GetDWLE(&p_buffer[ i ]);
194 # define REVERSE( p, n ) Reverse( p, n )
196 # define REVERSE( p, n )
199 /*****************************************************************************
200 * BlockXOR: XOR two 128 bit blocks
201 *****************************************************************************/
202 static inline void BlockXOR( uint32_t *p_dest, uint32_t *p_s1, uint32_t *p_s2 )
206 for( i = 0; i < 4; i++ )
208 p_dest[ i ] = p_s1[ i ] ^ p_s2[ i ];
212 /*****************************************************************************
213 * drms_alloc: allocate a DRMS structure
214 *****************************************************************************/
215 void *drms_alloc( char *psz_homedir )
217 struct drms_s *p_drms;
219 p_drms = malloc( sizeof(struct drms_s) );
226 memset( p_drms, 0, sizeof(struct drms_s) );
228 strncpy( p_drms->psz_homedir, psz_homedir, PATH_MAX );
229 p_drms->psz_homedir[ PATH_MAX - 1 ] = '\0';
231 return (void *)p_drms;
234 /*****************************************************************************
235 * drms_free: free a previously allocated DRMS structure
236 *****************************************************************************/
237 void drms_free( void *_p_drms )
239 struct drms_s *p_drms = (struct drms_s *)_p_drms;
241 if( p_drms->p_name != NULL )
243 free( (void *)p_drms->p_name );
249 /*****************************************************************************
250 * drms_decrypt: unscramble a chunk of data
251 *****************************************************************************/
252 void drms_decrypt( void *_p_drms, uint32_t *p_buffer, uint32_t i_bytes )
254 struct drms_s *p_drms = (struct drms_s *)_p_drms;
256 unsigned int i_blocks;
258 /* AES is a block cypher, round down the byte count */
259 i_blocks = i_bytes / 16;
260 i_bytes = i_blocks * 16;
262 /* Initialise the key */
263 memcpy( p_key, p_drms->p_key, 16 );
270 REVERSE( p_buffer, 4 );
271 DecryptAES( &p_drms->aes, p_tmp, p_buffer );
272 BlockXOR( p_tmp, p_key, p_tmp );
274 /* Use the previous scrambled data as the key for next block */
275 memcpy( p_key, p_buffer, 16 );
277 /* Copy unscrambled data back to the buffer */
278 memcpy( p_buffer, p_tmp, 16 );
279 REVERSE( p_buffer, 4 );
285 /*****************************************************************************
286 * drms_init: initialise a DRMS structure
287 *****************************************************************************
291 * -2: invalid argument
292 * -3: failed to get user key
293 * -4: invalid user key
294 *****************************************************************************/
295 int drms_init( void *_p_drms, uint32_t i_type,
296 uint8_t *p_info, uint32_t i_len )
298 struct drms_s *p_drms = (struct drms_s *)_p_drms;
304 if( i_len < sizeof(p_drms->i_user) )
310 p_drms->i_user = U32_AT( p_info );
314 if( i_len < sizeof(p_drms->i_key) )
320 p_drms->i_key = U32_AT( p_info );
324 if( i_len < sizeof(p_drms->p_key) )
330 memcpy( p_drms->p_iviv, p_info, 16 );
334 p_drms->p_name = strdup( p_info );
336 if( p_drms->p_name == NULL )
344 uint32_t p_priv[ 64 ];
354 AddMD5( &md5, p_drms->p_name, strlen( p_drms->p_name ) );
355 AddMD5( &md5, p_drms->p_iviv, 16 );
358 if( p_drms->i_user == 0 && p_drms->i_key == 0 )
360 static char const p_secret[] = "tr1-th3n.y00_by3";
361 memcpy( p_drms->p_key, p_secret, 16 );
362 REVERSE( p_drms->p_key, 4 );
366 if( GetUserKey( p_drms, p_drms->p_key ) )
373 InitAES( &p_drms->aes, p_drms->p_key );
375 memcpy( p_priv, p_info, 64 );
376 memcpy( p_drms->p_key, md5.p_digest, 16 );
377 drms_decrypt( p_drms, p_priv, 64 );
378 REVERSE( p_priv, 64 );
380 if( p_priv[ 0 ] != 0x6e757469 ) /* itun */
386 InitAES( &p_drms->aes, p_priv + 6 );
387 memcpy( p_drms->p_key, p_priv + 12, 16 );
389 free( (void *)p_drms->p_name );
390 p_drms->p_name = NULL;
398 /* The following functions are local */
400 /*****************************************************************************
401 * InitAES: initialise AES/Rijndael encryption/decryption tables
402 *****************************************************************************
403 * The Advanced Encryption Standard (AES) is described in RFC 3268
404 *****************************************************************************/
405 static void InitAES( struct aes_s *p_aes, uint32_t *p_key )
408 uint32_t i_key, i_seed;
410 memset( p_aes->pp_enc_keys[1], 0, 16 );
411 memcpy( p_aes->pp_enc_keys[0], p_key, 16 );
413 /* Generate the key tables */
414 i_seed = p_aes->pp_enc_keys[ 0 ][ 3 ];
416 for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ )
420 i_seed = AES_ROR( i_seed, 8 );
422 j = p_aes_table[ i_key ];
424 j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ]
425 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 )
426 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 )
427 ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 );
429 j ^= p_aes->pp_enc_keys[ i_key ][ 0 ];
430 p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j;
431 j ^= p_aes->pp_enc_keys[ i_key ][ 1 ];
432 p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j;
433 j ^= p_aes->pp_enc_keys[ i_key ][ 2 ];
434 p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j;
435 j ^= p_aes->pp_enc_keys[ i_key ][ 3 ];
436 p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j;
441 memcpy( p_aes->pp_dec_keys[ 0 ],
442 p_aes->pp_enc_keys[ 0 ], 16 );
444 for( i = 1; i < AES_KEY_COUNT; i++ )
446 for( t = 0; t < 4; t++ )
448 uint32_t j, k, l, m, n;
450 j = p_aes->pp_enc_keys[ i ][ t ];
452 k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1);
453 l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1);
454 m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1);
458 n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 );
460 p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n;
465 /*****************************************************************************
466 * DecryptAES: decrypt an AES/Rijndael 128 bit block
467 *****************************************************************************/
468 static void DecryptAES( struct aes_s *p_aes,
469 uint32_t *p_dest, const uint32_t *p_src )
471 uint32_t p_wtxt[ 4 ]; /* Working cyphertext */
473 unsigned int i_round, t;
475 for( t = 0; t < 4; t++ )
477 /* FIXME: are there any endianness issues here? */
478 p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ];
482 for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ )
484 for( t = 0; t < 4; t++ )
486 p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt );
489 for( t = 0; t < 4; t++ )
491 p_wtxt[ t ] = p_tmp[ t ]
492 ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ];
496 /* Final round (9) */
497 for( t = 0; t < 4; t++ )
499 p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt );
500 p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ];
505 /*****************************************************************************
506 * InitMD5: initialise an MD5 message
507 *****************************************************************************
508 * The MD5 message-digest algorithm is described in RFC 1321
509 *****************************************************************************/
510 static void InitMD5( struct md5_s *p_md5 )
512 p_md5->p_digest[ 0 ] = 0x67452301;
513 p_md5->p_digest[ 1 ] = 0xefcdab89;
514 p_md5->p_digest[ 2 ] = 0x98badcfe;
515 p_md5->p_digest[ 3 ] = 0x10325476;
517 memset( p_md5->p_data, 0, 64 );
521 /*****************************************************************************
522 * AddMD5: add i_len bytes to an MD5 message
523 *****************************************************************************/
524 static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len )
526 unsigned int i_current; /* Current bytes in the spare buffer */
527 unsigned int i_offset = 0;
529 i_current = (p_md5->i_bits / 8) & 63;
531 p_md5->i_bits += 8 * i_len;
533 /* If we can complete our spare buffer to 64 bytes, do it and add the
534 * resulting buffer to the MD5 message */
535 if( i_len >= (64 - i_current) )
537 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src,
539 Digest( p_md5, p_md5->p_data );
541 i_offset += (64 - i_current);
542 i_len -= (64 - i_current);
546 /* Add as many entire 64 bytes blocks as we can to the MD5 message */
549 uint32_t p_tmp[ 16 ];
550 memcpy( p_tmp, p_src + i_offset, 64 );
551 Digest( p_md5, p_tmp );
556 /* Copy our remaining data to the message's spare buffer */
557 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );
560 /*****************************************************************************
561 * EndMD5: finish an MD5 message
562 *****************************************************************************
563 * This function adds adequate padding to the end of the message, and appends
564 * the bit count so that we end at a block boundary.
565 *****************************************************************************/
566 static void EndMD5( struct md5_s *p_md5 )
568 unsigned int i_current;
570 i_current = (p_md5->i_bits / 8) & 63;
572 /* Append 0x80 to our buffer. No boundary check because the temporary
573 * buffer cannot be full, otherwise AddMD5 would have emptied it. */
574 ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80;
576 /* If less than 8 bytes are available at the end of the block, complete
577 * this 64 bytes block with zeros and add it to the message. We'll add
578 * our length at the end of the next block. */
581 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) );
582 Digest( p_md5, p_md5->p_data );
586 /* Fill the unused space in our last block with zeroes and put the
587 * message length at the end. */
588 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) );
589 p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff;
590 p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32);
591 REVERSE( &p_md5->p_data[ 14 ], 2 );
593 Digest( p_md5, p_md5->p_data );
596 #define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))
597 #define F2( x, y, z ) F1((z), (x), (y))
598 #define F3( x, y, z ) ((x) ^ (y) ^ (z))
599 #define F4( x, y, z ) ((y) ^ ((x) | ~(z)))
601 #define MD5_DO( f, w, x, y, z, data, s ) \
602 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
604 /*****************************************************************************
605 * Digest: update the MD5 digest with 64 bytes of data
606 *****************************************************************************/
607 static void Digest( struct md5_s *p_md5, uint32_t *p_input )
611 REVERSE( p_input, 16 );
613 a = p_md5->p_digest[ 0 ];
614 b = p_md5->p_digest[ 1 ];
615 c = p_md5->p_digest[ 2 ];
616 d = p_md5->p_digest[ 3 ];
618 MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 );
619 MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 );
620 MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 );
621 MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 );
622 MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 );
623 MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 );
624 MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 );
625 MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 );
626 MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 );
627 MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 );
628 MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 );
629 MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 );
630 MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 );
631 MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 );
632 MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 );
633 MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 );
635 MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 );
636 MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 );
637 MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 );
638 MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 );
639 MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 );
640 MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 );
641 MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 );
642 MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 );
643 MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 );
644 MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 );
645 MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 );
646 MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 );
647 MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 );
648 MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 );
649 MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 );
650 MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 );
652 MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 );
653 MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 );
654 MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 );
655 MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 );
656 MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 );
657 MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 );
658 MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 );
659 MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 );
660 MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 );
661 MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 );
662 MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 );
663 MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 );
664 MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 );
665 MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 );
666 MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 );
667 MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 );
669 MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 );
670 MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 );
671 MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 );
672 MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 );
673 MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 );
674 MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 );
675 MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 );
676 MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 );
677 MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 );
678 MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 );
679 MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 );
680 MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 );
681 MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 );
682 MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 );
683 MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 );
684 MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 );
686 p_md5->p_digest[ 0 ] += a;
687 p_md5->p_digest[ 1 ] += b;
688 p_md5->p_digest[ 2 ] += c;
689 p_md5->p_digest[ 3 ] += d;
693 /*****************************************************************************
694 * InitShuffle: initialise a shuffle structure
695 *****************************************************************************
696 * This function initialises tables in the p_shuffle structure that will be
697 * used later by DoShuffle. The only external parameter is p_sys_key.
698 *****************************************************************************/
699 static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key,
702 char p_secret1[] = "Tv!*";
703 static char const p_secret2[] = "v8rhvsaAvOKMFfUH%798=[;."
704 "f8677680a634ba87fnOIf)(*";
707 p_shuffle->i_version = i_version;
709 /* Fill p_commands using the key and a secret seed */
710 for( i = 0; i < 20; i++ )
716 AddMD5( &md5, (uint8_t *)p_sys_key, 16 );
717 AddMD5( &md5, (uint8_t *)p_secret1, 4 );
722 REVERSE( md5.p_digest, 1 );
723 i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024;
725 p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash;
728 /* Fill p_bordel with completely meaningless initial values. */
729 for( i = 0; i < 4; i++ )
731 p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i);
732 memcpy( p_shuffle->p_bordel + 4 * i + 1, p_secret2 + 12 * i, 12 );
733 REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 );
737 /*****************************************************************************
738 * DoShuffle: shuffle buffer
739 *****************************************************************************
740 * This is so ugly and uses so many MD5 checksums that it is most certainly
741 * one-way, though why it needs to be so complicated is beyond me.
742 *****************************************************************************/
743 static void DoShuffle( struct shuffle_s *p_shuffle,
744 uint32_t *p_buffer, uint32_t i_size )
747 uint32_t p_big_bordel[ 16 ];
748 uint32_t *p_bordel = p_shuffle->p_bordel;
751 static uint32_t i_secret = 0;
753 static uint32_t p_secret1[] =
755 0xAAAAAAAA, 0x01757700, 0x00554580, 0x01724500, 0x00424580,
756 0x01427700, 0x00000080, 0xC1D59D01, 0x80144981, 0x815C8901,
757 0x80544981, 0x81D45D01, 0x00000080, 0x81A3BB03, 0x00A2AA82,
758 0x01A3BB03, 0x0022A282, 0x813BA202, 0x00000080, 0x6D575737,
759 0x4A5275A5, 0x6D525725, 0x4A5254A5, 0x6B725437, 0x00000080,
760 0xD5DDB938, 0x5455A092, 0x5D95A013, 0x4415A192, 0xC5DD393A,
761 0x00000080, 0x55555555
764 static char p_secret2[] =
765 "pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq.";
769 REVERSE( p_secret1, sizeof(p_secret1)/sizeof(p_secret1[ 0 ]) );
770 for( ; p_secret2[ i_secret ] != '\0'; i_secret++ )
772 #define ROT13(c) (((c)>='A'&&(c)<='Z')?(((c)-'A'+13)%26)+'A':\
773 ((c)>='a'&&(c)<='z')?(((c)-'a'+13)%26)+'a':c)
774 p_secret2[ i_secret ] = ROT13(p_secret2[ i_secret ]);
776 i_secret++; /* include zero terminator */
779 /* Using the MD5 hash of a memory block is probably not one-way enough
780 * for the iTunes people. This function randomises p_bordel depending on
781 * the values in p_commands to make things even more messy in p_bordel. */
782 for( i = 0; i < 20; i++ )
784 uint8_t i_command, i_index;
786 if( !p_shuffle->p_commands[ i ] )
791 i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8;
792 i_index = p_shuffle->p_commands[ i ] & 0xff;
797 p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ]
798 + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ];
801 p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ];
804 p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ];
807 p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ];
812 if( p_shuffle->i_version == 0x01000300 )
814 DoExtShuffle( p_bordel );
817 /* Convert our newly randomised p_bordel to big endianness and take
820 for( i = 0; i < 16; i++ )
822 p_big_bordel[ i ] = U32_AT(p_bordel + i);
824 AddMD5( &md5, (uint8_t *)p_big_bordel, 64 );
825 if( p_shuffle->i_version == 0x01000300 )
827 AddMD5( &md5, (uint8_t *)p_secret1, sizeof(p_secret1) );
828 AddMD5( &md5, (uint8_t *)p_secret2, i_secret );
832 /* XOR our buffer with the computed checksum */
833 for( i = 0; i < i_size; i++ )
835 p_buffer[ i ] ^= md5.p_digest[ i ];
839 /*****************************************************************************
840 * DoExtShuffle: extended shuffle
841 *****************************************************************************
842 * This is even uglier.
843 *****************************************************************************/
844 static void DoExtShuffle( uint32_t * p_bordel )
848 i_ret = FirstPass( p_bordel );
850 SecondPass( p_bordel, i_ret );
852 ThirdPass( p_bordel );
854 FourthPass( p_bordel );
857 static uint32_t FirstPass( uint32_t * p_bordel )
859 uint32_t i, i_cmd, i_ret = 5;
861 TinyShuffle1( p_bordel );
867 p_bordel[ 1 ] += 0x10000000;
868 p_bordel[ 3 ] += 0x12777;
870 if( (p_bordel[ 10 ] & 1) && i_ret )
873 p_bordel[ 1 ] -= p_bordel[ 2 ];
874 p_bordel[ 11 ] += p_bordel[ 12 ];
878 if( (p_bordel[ 1 ] + p_bordel[ 2 ]) >= 0x7D0 )
880 switch( ((p_bordel[ 3 ] ^ 0x567F) >> 2) & 7 )
883 for( i = 0; i < 3; i++ )
885 if( p_bordel[ i + 10 ] > 0x4E20 )
887 p_bordel[ i + 1 ] += p_bordel[ i + 2 ];
892 p_bordel[ 1 ] -= p_bordel[ 2 ];
895 p_bordel[ 11 ] += p_bordel[ 12 ];
898 p_bordel[ 3 ] ^= p_bordel[ 4 ];
901 p_bordel[ 13 ] &= p_bordel[ 14 ];
904 p_bordel[ 0 ] |= p_bordel[ 1 ];
916 for( i = 0, i_cmd = 0; i < 16; i++ )
918 if( p_bordel[ i ] < p_bordel[ i_cmd ] )
924 if( i_ret && i_cmd != 5 )
932 p_bordel[ 8 ] &= p_bordel[ 6 ] >> 1;
936 for( i = 0; i < 3; i++ )
939 if( p_bordel[ 11 ] & 5 )
941 p_bordel[ 8 ] += p_bordel[ 9 ];
951 i_cmd = (p_bordel[ 15 ] + 0x93) >> 3;
952 if( p_bordel[ 15 ] & 0x100 )
961 while( p_bordel[ 11 ] & 1 )
963 p_bordel[ 11 ] >>= 1;
968 p_bordel[ 14 ] -= 0x19FE;
980 i_cmd = ((p_bordel[ 3 ] + p_bordel[ 4 ] + 10) >> 1) - p_bordel[ 4 ];
988 p_bordel[ 14 ] >>= 1;
997 p_bordel[ 15 ] &= 0x55;
1000 p_bordel[ 2 ] &= 0xB62FC;
1006 TinyShuffle2( p_bordel );
1011 static void SecondPass( uint32_t * p_bordel, uint32_t i_tmp )
1013 uint32_t i, i_cmd, i_jc = 5;
1015 TinyShuffle3( p_bordel );
1017 for( i = 0, i_cmd = 0; i < 16; i++ )
1019 if( p_bordel[ i ] > p_bordel[ i_cmd ] )
1028 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1034 if( (p_bordel[ 9 ] & 0x7777) == 0x3333 )
1041 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1050 p_bordel[ 1 ] -= p_bordel[ 5 ];
1051 for( i = 0; i < 3; i++ )
1053 switch( p_bordel[ 1 ] & 3 )
1062 p_bordel[ 13 ] &= 0xFEFEFEF7;
1065 p_bordel[ 8 ] |= 0x80080011;
1077 p_bordel[ 15 ] ^= 0x18547EFF;
1083 switch( ( p_bordel[ 12 ] + p_bordel[ 13 ] + p_bordel[ 6 ] ) % 5 )
1086 p_bordel[ 12 ] -= 1;
1089 p_bordel[ 12 ] -= 1;
1090 p_bordel[ 13 ] += 1;
1093 p_bordel[ 13 ] += 4;
1096 p_bordel[ 12 ] -= 1;
1103 i = 3; /* Restart the whole loop */
1108 TinyShuffle4( p_bordel );
1112 TinyShuffle5( p_bordel );
1114 switch( ( p_bordel[ 2 ] * 2 + 15 ) % 5 )
1117 if( ( p_bordel[ 3 ] + i_tmp ) <=
1118 ( p_bordel[ 1 ] + p_bordel[ 15 ] ) )
1124 p_bordel[ 10 ] -= 0x13;
1127 p_bordel[ 5 ] >>= 2;
1131 if( !( p_bordel[ 2 ] & 1 ) || i_jc == 0 )
1137 p_bordel[ 2 ] += 0x13;
1138 p_bordel[ 12 ] += 1;
1141 p_bordel[ 2 ] &= 0x10076000;
1144 static void ThirdPass( uint32_t * p_bordel )
1148 i_cmd = ((p_bordel[ 7 ] + p_bordel[ 14 ] + 10) >> 1) - p_bordel[ 14 ];
1154 p_bordel[ 1 ] <<= 1;
1155 p_bordel[ 2 ] <<= 2;
1156 p_bordel[ 3 ] <<= 3;
1159 p_bordel[ i_cmd + 3 ] &= 0x5EDE36B;
1160 p_bordel[ 5 ] += p_bordel[ 8 ];
1161 p_bordel[ 4 ] += p_bordel[ 7 ];
1162 p_bordel[ 3 ] += p_bordel[ 6 ];
1163 p_bordel[ 2 ] += p_bordel[ 5 ];
1166 p_bordel[ 1 ] += p_bordel[ 4 ];
1167 p_bordel[ 0 ] += p_bordel[ 3 ];
1168 TinyShuffle6( p_bordel );
1169 return; /* jc = 4 */
1171 if( (p_bordel[ 11 ] & p_bordel[ 2 ]) > 0x211B )
1180 p_bordel[ 9 ] ^= p_bordel[ 2 ];
1183 p_bordel[ 2 ] ^= (p_bordel[ 1 ] & p_bordel[ 13 ]);
1186 p_bordel[ 0 ] -= p_bordel[ 11 ] & p_bordel[ 15 ];
1187 return; /* jc = 4 */
1189 p_bordel[ 6 ] >>= (p_bordel[ 14 ] & 3);
1193 SWAP( p_bordel[ 0 ], p_bordel[ 10 ] );
1195 TinyShuffle6( p_bordel );
1197 return; /* jc = 5 */
1200 static void FourthPass( uint32_t * p_bordel )
1204 TinyShuffle7( p_bordel );
1206 switch( p_bordel[ 5 ] % 5)
1212 p_bordel[ 11 ] ^= (p_bordel[ 3 ] + p_bordel[ 6 ] + p_bordel[ 8 ]);
1215 for( i = 4; i < 15 && (p_bordel[ i ] & 5) == 0; i++ )
1217 SWAP( p_bordel[ i ], p_bordel[ 15 - i ] );
1221 p_bordel[ 12 ] -= 1;
1222 p_bordel[ 13 ] += 1;
1223 p_bordel[ 2 ] -= 0x64;
1224 p_bordel[ 3 ] += 0x64;
1225 TinyShuffle8( p_bordel );
1229 for( i = 0, j = 0; i < 16; i++ )
1231 if( p_bordel[ i ] > p_bordel[ j ] )
1237 switch( p_bordel[ j ] % 100 )
1240 SWAP( p_bordel[ 0 ], p_bordel[ j ] );
1243 p_bordel[ 1 ] >>= 1;
1244 p_bordel[ 2 ] <<= 1;
1245 p_bordel[ 14 ] >>= 3;
1246 p_bordel[ 15 ] <<= 4;
1249 p_bordel[ j ] += p_bordel[ 13 ];
1252 p_bordel[ 1 ] += 0x20E;
1253 p_bordel[ 5 ] += 0x223D;
1254 p_bordel[ 13 ] -= 0x576;
1255 p_bordel[ 15 ] += 0x576;
1258 p_bordel[ 2 ] -= 0x64;
1259 p_bordel[ 3 ] += 0x64;
1260 p_bordel[ 12 ] -= 1;
1261 p_bordel[ 13 ] += 1;
1265 p_bordel[ j ] += p_bordel[ 13 ];
1269 TinyShuffle8( p_bordel );
1272 /*****************************************************************************
1273 * TinyShuffle[12345678]: tiny shuffle subroutines
1274 *****************************************************************************
1275 * These standalone functions are little helpers for the shuffling process.
1276 *****************************************************************************/
1277 static void TinyShuffle1( uint32_t * p_bordel )
1279 uint32_t i_cmd = (p_bordel[ 5 ] + 10) >> 2;
1281 if( p_bordel[ 5 ] > 0x7D0 )
1295 if( p_bordel[ 4 ] & 5 )
1297 p_bordel[ 1 ] ^= 0x4D;
1301 p_bordel[ 12 ] += 5;
1306 static void TinyShuffle2( uint32_t * p_bordel )
1310 for( i = 0, j = 0; i < 16; i++ )
1312 if( (p_bordel[ i ] & 0x777) > (p_bordel[ j ] & 0x777) )
1320 for( ; j < 15; j++ )
1322 p_bordel[ j ] += p_bordel[ j + 1 ];
1327 p_bordel[ 2 ] &= 0xB62FC;
1331 static void TinyShuffle3( uint32_t * p_bordel )
1333 uint32_t i_cmd = p_bordel[ 6 ] + 0x194B;
1335 if( p_bordel[ 6 ] > 0x2710 )
1343 p_bordel[ 3 ] += 0x19FE;
1346 p_bordel[ 7 ] -= p_bordel[ 3 ] >> 2;
1349 p_bordel[ 5 ] ^= 0x248A;
1354 static void TinyShuffle4( uint32_t * p_bordel )
1358 for( i = 0, j = 0; i < 16; i++ )
1360 if( p_bordel[ i ] < p_bordel[ j ] )
1366 if( (p_bordel[ j ] % (j + 1)) > 10 )
1369 p_bordel[ 2 ] += 0x13;
1370 p_bordel[ 12 ] += 1;
1374 static void TinyShuffle5( uint32_t * p_bordel )
1378 p_bordel[ 2 ] &= 0x7F3F;
1380 for( i = 0; i < 5; i++ )
1382 switch( ( p_bordel[ 2 ] + 10 + i ) % 5 )
1385 p_bordel[ 12 ] &= p_bordel[ 2 ];
1388 p_bordel[ 3 ] ^= p_bordel[ 15 ];
1391 p_bordel[ 15 ] += 0x576;
1394 p_bordel[ 7 ] -= 0x2D;
1397 p_bordel[ 1 ] <<= 1;
1403 static void TinyShuffle6( uint32_t * p_bordel )
1407 for( i = 0; i < 8; i++ )
1409 j = p_bordel[ 3 ] & 0x7514 ? 5 : 7;
1410 SWAP( p_bordel[ i ], p_bordel[ i + j ] );
1414 static void TinyShuffle7( uint32_t * p_bordel )
1418 i = (((p_bordel[ 9 ] + p_bordel[ 15 ] + 12) >> 2) - p_bordel[ 4 ]) & 7;
1422 SWAP( p_bordel[ i ], p_bordel[ i + 3 ] );
1425 SWAP( p_bordel[ 1 ], p_bordel[ 10 ] );
1428 static void TinyShuffle8( uint32_t * p_bordel )
1432 i = (p_bordel[ 0 ] & p_bordel[ 6 ]) & 0xF;
1434 switch( p_bordel[ i ] % 1000 )
1437 if( (p_bordel[ i ] & 0x777) > (p_bordel[ 7 ] & 0x5555) )
1439 p_bordel[ i ] ^= p_bordel[ 5 ] & p_bordel[ 3 ];
1443 p_bordel[ 15 ] &= 0x5555;
1446 p_bordel[ i ] ^= p_bordel[ 15 ];
1449 SWAP( p_bordel[ 0 ], p_bordel[ 3 ] );
1450 SWAP( p_bordel[ 1 ], p_bordel[ 6 ] );
1451 SWAP( p_bordel[ 3 ], p_bordel[ 6 ] );
1452 SWAP( p_bordel[ 4 ], p_bordel[ 9 ] );
1453 SWAP( p_bordel[ 5 ], p_bordel[ 8 ] );
1454 SWAP( p_bordel[ 6 ], p_bordel[ 7 ] );
1455 SWAP( p_bordel[ 13 ], p_bordel[ 14 ] );
1458 p_bordel[ i ] += p_bordel[ 1 ] ^ 0x80080011;
1459 p_bordel[ i ] += p_bordel[ 2 ] ^ 0xBEEFDEAD;
1460 p_bordel[ i ] += p_bordel[ 3 ] ^ 0x8765F444;
1461 p_bordel[ i ] += p_bordel[ 4 ] ^ 0x78145326;
1464 p_bordel[ 12 ] -= p_bordel[ i ];
1465 p_bordel[ 13 ] += p_bordel[ i ];
1468 p_bordel[ i ] += p_bordel[ 1 ];
1469 p_bordel[ i ] -= p_bordel[ 7 ];
1470 p_bordel[ i ] -= p_bordel[ 8 ];
1471 p_bordel[ i ] += p_bordel[ 9 ];
1472 p_bordel[ i ] += p_bordel[ 13 ];
1476 p_bordel[ i + 1 ] >>= 1;
1477 p_bordel[ i + 2 ] <<= 4;
1478 p_bordel[ i + 3 ] >>= 3;
1481 p_bordel[ 1 ] += 0x20E;
1482 p_bordel[ 5 ] += 0x223D;
1483 p_bordel[ 13 ] -= 0x576;
1484 p_bordel[ 15 ] += 0x576;
1487 if( (p_bordel[ i ] ^ 0x8765F441) < 0x2710 )
1489 SWAP( p_bordel[ 0 ], p_bordel[ 1 ] );
1493 SWAP( p_bordel[ 1 ], p_bordel[ 11 ] );
1499 /*****************************************************************************
1500 * GetSystemKey: get the system key
1501 *****************************************************************************
1502 * Compute the system key from various system information, see HashSystemInfo.
1503 *****************************************************************************/
1504 static int GetSystemKey( uint32_t *p_sys_key, vlc_bool_t b_ipod )
1506 static char const p_secret1[ 8 ] = "YuaFlafu";
1507 static char const p_secret2[ 8 ] = "zPif98ga";
1510 uint32_t p_system_hash[ 4 ];
1512 /* Compute the MD5 hash of our system info */
1513 if( ( !b_ipod && HashSystemInfo( p_system_hash ) ) ||
1514 ( b_ipod && GetiPodID( &i_ipod_id ) ) )
1519 /* Combine our system info hash with additional secret data. The resulting
1520 * MD5 hash will be our system key. */
1522 AddMD5( &md5, p_secret1, 8 );
1526 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1527 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1528 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1529 AddMD5( &md5, p_secret2, 8 );
1533 i_ipod_id = U64_AT(&i_ipod_id);
1534 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1535 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1536 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1541 memcpy( p_sys_key, md5.p_digest, 16 );
1547 # define DRMS_DIRNAME "drms"
1549 # define DRMS_DIRNAME ".drms"
1552 /*****************************************************************************
1553 * WriteUserKey: write the user key to hard disk
1554 *****************************************************************************
1555 * Write the user key to the hard disk so that it can be reused later or used
1556 * on operating systems other than Win32.
1557 *****************************************************************************/
1558 static int WriteUserKey( void *_p_drms, uint32_t *p_user_key )
1560 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1563 char psz_path[ PATH_MAX ];
1565 snprintf( psz_path, PATH_MAX - 1,
1566 "%s/" DRMS_DIRNAME, p_drms->psz_homedir );
1568 #if defined( HAVE_ERRNO_H )
1569 # if defined( WIN32 )
1570 if( !mkdir( psz_path ) || errno == EEXIST )
1572 if( !mkdir( psz_path, 0755 ) || errno == EEXIST )
1575 if( !mkdir( psz_path ) )
1578 snprintf( psz_path, PATH_MAX - 1, "%s/" DRMS_DIRNAME "/%08X.%03d",
1579 p_drms->psz_homedir, p_drms->i_user, p_drms->i_key );
1581 file = fopen( psz_path, "wb" );
1584 i_ret = fwrite( p_user_key, sizeof(uint32_t),
1585 4, file ) == 4 ? 0 : -1;
1593 /*****************************************************************************
1594 * ReadUserKey: read the user key from hard disk
1595 *****************************************************************************
1596 * Retrieve the user key from the hard disk if available.
1597 *****************************************************************************/
1598 static int ReadUserKey( void *_p_drms, uint32_t *p_user_key )
1600 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1603 char psz_path[ PATH_MAX ];
1605 snprintf( psz_path, PATH_MAX - 1,
1606 "%s/" DRMS_DIRNAME "/%08X.%03d", p_drms->psz_homedir,
1607 p_drms->i_user, p_drms->i_key );
1609 file = fopen( psz_path, "rb" );
1612 i_ret = fread( p_user_key, sizeof(uint32_t),
1613 4, file ) == 4 ? 0 : -1;
1620 /*****************************************************************************
1621 * GetUserKey: get the user key
1622 *****************************************************************************
1623 * Retrieve the user key from the hard disk if available, otherwise generate
1624 * it from the system key. If the key could be successfully generated, write
1625 * it to the hard disk for future use.
1626 *****************************************************************************/
1627 static int GetUserKey( void *_p_drms, uint32_t *p_user_key )
1629 static char const p_secret[] = "mUfnpognadfgf873";
1630 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1632 struct shuffle_s shuffle;
1634 uint32_t *p_sci_data;
1635 uint32_t i_user, i_key;
1636 uint32_t p_sys_key[ 4 ];
1637 uint32_t i_sci_size, i_blocks, i_remaining;
1638 uint32_t *p_sci0, *p_sci1, *p_buffer;
1639 uint32_t p_sci_key[ 4 ];
1643 if( !ReadUserKey( p_drms, p_user_key ) )
1645 REVERSE( p_user_key, 4 );
1649 psz_ipod = getenv( "IPOD" );
1651 if( GetSystemKey( p_sys_key, psz_ipod ? VLC_TRUE : VLC_FALSE ) )
1656 if( GetSCIData( psz_ipod, &p_sci_data, &i_sci_size ) )
1661 /* Phase 1: unscramble the SCI data using the system key and shuffle
1662 * it using DoShuffle(). */
1664 /* Skip the first 4 bytes (some sort of header). Decrypt the rest. */
1665 i_blocks = (i_sci_size - 4) / 16;
1666 i_remaining = (i_sci_size - 4) - (i_blocks * 16);
1667 p_buffer = p_sci_data + 1;
1669 /* Decrypt and shuffle our data at the same time */
1670 InitAES( &aes, p_sys_key );
1671 REVERSE( p_sys_key, 4 );
1672 REVERSE( p_sci_data, 1 );
1673 InitShuffle( &shuffle, p_sys_key, p_sci_data[ 0 ] );
1675 memcpy( p_sci_key, p_secret, 16 );
1676 REVERSE( p_sci_key, 4 );
1680 uint32_t p_tmp[ 4 ];
1682 REVERSE( p_buffer, 4 );
1683 DecryptAES( &aes, p_tmp, p_buffer );
1684 BlockXOR( p_tmp, p_sci_key, p_tmp );
1686 /* Use the previous scrambled data as the key for next block */
1687 memcpy( p_sci_key, p_buffer, 16 );
1689 /* Shuffle the decrypted data using a custom routine */
1690 DoShuffle( &shuffle, p_tmp, 4 );
1692 /* Copy this block back to p_buffer */
1693 memcpy( p_buffer, p_tmp, 16 );
1698 if( i_remaining >= 4 )
1701 REVERSE( p_buffer, i_remaining );
1702 DoShuffle( &shuffle, p_buffer, i_remaining );
1705 /* Phase 2: look for the user key in the generated data. I must admit I
1706 * do not understand what is going on here, because it almost
1707 * looks like we are browsing data that makes sense, even though
1708 * the DoShuffle() part made it completely meaningless. */
1711 REVERSE( p_sci_data + 5, 1 );
1712 i = U32_AT( p_sci_data + 5 );
1713 i_sci_size -= 22 * sizeof(uint32_t);
1714 p_sci1 = p_sci_data + 22;
1717 while( i_sci_size >= 20 && i > 0 )
1719 if( p_sci0 == NULL )
1721 i_sci_size -= 18 * sizeof(uint32_t);
1722 if( i_sci_size < 20 )
1728 REVERSE( p_sci1 + 17, 1 );
1729 y = U32_AT( p_sci1 + 17 );
1740 i_user = U32_AT( p_sci0 );
1741 i_key = U32_AT( p_sci1 );
1742 REVERSE( &i_user, 1 );
1743 REVERSE( &i_key, 1 );
1744 if( i_user == p_drms->i_user && ( ( i_key == p_drms->i_key ) ||
1745 ( !p_drms->i_key && ( p_sci1 == (p_sci0 + 18) ) ) ) )
1747 memcpy( p_user_key, p_sci1 + 1, 16 );
1748 REVERSE( p_sci1 + 1, 4 );
1749 WriteUserKey( p_drms, p_sci1 + 1 );
1756 i_sci_size -= 5 * sizeof(uint32_t);
1764 /*****************************************************************************
1765 * GetSCIData: get SCI data from "SC Info.sidb"
1766 *****************************************************************************
1767 * Read SCI data from "\Apple Computer\iTunes\SC Info\SC Info.sidb"
1768 *****************************************************************************/
1769 static int GetSCIData( char *psz_ipod, uint32_t **pp_sci,
1770 uint32_t *pi_sci_size )
1773 char *psz_path = NULL;
1774 char p_tmp[ PATH_MAX ];
1777 if( psz_ipod == NULL )
1780 char *p_filename = "\\Apple Computer\\iTunes\\SC Info\\SC Info.sidb";
1781 typedef HRESULT (WINAPI *SHGETFOLDERPATH)( HWND, int, HANDLE, DWORD,
1783 HINSTANCE shfolder_dll = NULL;
1784 SHGETFOLDERPATH dSHGetFolderPath = NULL;
1786 if( ( shfolder_dll = LoadLibrary( _T("SHFolder.dll") ) ) != NULL )
1789 (SHGETFOLDERPATH)GetProcAddress( shfolder_dll,
1790 _T("SHGetFolderPathA") );
1793 if( dSHGetFolderPath != NULL &&
1794 SUCCEEDED( dSHGetFolderPath( NULL, CSIDL_COMMON_APPDATA,
1795 NULL, 0, p_tmp ) ) )
1797 strncat( p_tmp, p_filename, min( strlen( p_filename ),
1798 (sizeof(p_tmp)/sizeof(p_tmp[0]) - 1) -
1799 strlen( p_tmp ) ) );
1803 if( shfolder_dll != NULL )
1805 FreeLibrary( shfolder_dll );
1811 #define ISCINFO "iSCInfo"
1812 if( strstr( psz_ipod, ISCINFO ) == NULL )
1814 snprintf( p_tmp, sizeof(p_tmp)/sizeof(p_tmp[0]) - 1,
1815 "%s/iPod_Control/iTunes/" ISCINFO "2", psz_ipod );
1820 psz_path = psz_ipod;
1824 if( psz_path == NULL )
1829 file = fopen( psz_path, "rb" );
1834 if( !fstat( fileno( file ), &st ) && st.st_size >= 4 )
1836 *pp_sci = malloc( st.st_size );
1837 if( *pp_sci != NULL )
1839 if( fread( *pp_sci, 1, st.st_size,
1840 file ) == (size_t)st.st_size )
1842 *pi_sci_size = st.st_size;
1847 free( (void *)*pp_sci );
1859 /*****************************************************************************
1860 * HashSystemInfo: hash system information
1861 *****************************************************************************
1862 * This function computes the MD5 hash of the C: hard drive serial number,
1863 * BIOS version, CPU type and Windows version.
1864 *****************************************************************************/
1865 static int HashSystemInfo( uint32_t *p_system_hash )
1877 static LPCTSTR p_reg_keys[ 3 ][ 2 ] =
1880 _T("HARDWARE\\DESCRIPTION\\System"),
1881 _T("SystemBiosVersion")
1885 _T("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"),
1886 _T("ProcessorNameString")
1890 _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion"),
1897 AddMD5( &md5, "cache-control", 13 );
1898 AddMD5( &md5, "Ethernet", 8 );
1900 GetVolumeInformation( _T("C:\\"), NULL, 0, &i_serial,
1901 NULL, NULL, NULL, 0 );
1902 AddMD5( &md5, (uint8_t *)&i_serial, 4 );
1904 for( i = 0; i < sizeof(p_reg_keys) / sizeof(p_reg_keys[ 0 ]); i++ )
1906 if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, p_reg_keys[ i ][ 0 ],
1907 0, KEY_READ, &i_key ) != ERROR_SUCCESS )
1912 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1913 NULL, NULL, NULL, &i_size ) != ERROR_SUCCESS )
1915 RegCloseKey( i_key );
1919 p_reg_buf = malloc( i_size );
1921 if( p_reg_buf != NULL )
1923 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1924 NULL, NULL, p_reg_buf,
1925 &i_size ) == ERROR_SUCCESS )
1927 AddMD5( &md5, (uint8_t *)p_reg_buf, i_size );
1933 RegCloseKey( i_key );
1942 memcpy( p_system_hash, md5.p_digest, 16 );
1947 /*****************************************************************************
1948 * GetiPodID: Get iPod ID
1949 *****************************************************************************
1950 * This function gets the iPod ID.
1951 *****************************************************************************/
1952 static int GetiPodID( int64_t *p_ipod_id )
1956 #define PROD_NAME "iPod"
1957 #define VENDOR_NAME "Apple Computer, Inc."
1959 char *psz_ipod_id = getenv( "IPODID" );
1960 if( psz_ipod_id != NULL )
1962 *p_ipod_id = strtoll( psz_ipod_id, NULL, 16 );
1970 io_iterator_t iterator;
1971 CFMutableDictionaryRef match_dic;
1972 CFMutableDictionaryRef smatch_dic;
1974 if( IOMasterPort( MACH_PORT_NULL, &port ) == KERN_SUCCESS )
1976 smatch_dic = IOServiceMatching( "IOFireWireUnit" );
1977 match_dic = CFDictionaryCreateMutable( kCFAllocatorDefault, 0,
1978 &kCFTypeDictionaryKeyCallBacks,
1979 &kCFTypeDictionaryValueCallBacks );
1981 if( smatch_dic != NULL && match_dic != NULL )
1983 CFDictionarySetValue( smatch_dic,
1984 CFSTR("FireWire Vendor Name"),
1985 CFSTR(VENDOR_NAME) );
1986 CFDictionarySetValue( smatch_dic,
1987 CFSTR("FireWire Product Name"),
1990 CFDictionarySetValue( match_dic,
1991 CFSTR(kIOPropertyMatchKey),
1994 if( IOServiceGetMatchingServices( port, match_dic,
1995 &iterator ) == KERN_SUCCESS )
1997 while( ( device = IOIteratorNext( iterator ) ) != NULL )
1999 value = IORegistryEntryCreateCFProperty( device,
2000 CFSTR("GUID"), kCFAllocatorDefault, kNilOptions );
2004 if( CFGetTypeID( value ) == CFNumberGetTypeID() )
2007 CFNumberGetValue( (CFNumberRef)value,
2008 kCFNumberLongLongType,
2010 *p_ipod_id = i_ipod_id;
2017 IOObjectRelease( device );
2022 IOObjectRelease( iterator );
2026 mach_port_deallocate( mach_task_self(), port );
2029 #elif HAVE_SYSFS_LIBSYSFS_H
2030 struct sysfs_bus *bus = NULL;
2031 struct dlist *devlist = NULL;
2032 struct dlist *attributes = NULL;
2033 struct sysfs_device *curdev = NULL;
2034 struct sysfs_attribute *curattr = NULL;
2036 bus = sysfs_open_bus( "ieee1394" );
2039 devlist = sysfs_get_bus_devices( bus );
2040 if( devlist != NULL )
2042 dlist_for_each_data( devlist, curdev, struct sysfs_device )
2044 attributes = sysfs_get_device_attributes( curdev );
2045 if( attributes != NULL )
2047 dlist_for_each_data( attributes, curattr,
2048 struct sysfs_attribute )
2050 if( ( strcmp( curattr->name, "model_name" ) == 0 ) &&
2051 ( strncmp( curattr->value, PROD_NAME,
2052 sizeof(PROD_NAME) ) == 0 ) )
2054 *p_ipod_id = strtoll( curdev->name, NULL, 16 );
2065 sysfs_close_bus( bus );
2072 #else /* !defined( UNDER_CE ) */
2074 void *drms_alloc( char *psz_homedir ){ return 0; }
2075 void drms_free( void *a ){}
2076 void drms_decrypt( void *a, uint32_t *b, uint32_t c ){}
2077 int drms_init( void *a, uint32_t b, uint8_t *c, uint32_t d ){ return -1; }
2079 #endif /* defined( UNDER_CE ) */