1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright (C) 2004 VideoLAN
7 * Authors: Jon Lech Johansen <jon-vl@nanocrew.net>
8 * Sam Hocevar <sam@zoy.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
23 *****************************************************************************/
25 #include <stdlib.h> /* malloc(), free() */
46 # if !defined( UNDER_CE )
54 #ifdef HAVE_SYS_STAT_H
55 # include <sys/stat.h>
57 #ifdef HAVE_SYS_TYPES_H
58 # include <sys/types.h>
61 /* In Solaris (and perhaps others) PATH_MAX is in limits.h. */
67 # include <mach/mach.h>
68 # include <IOKit/IOKitLib.h>
69 # include <CoreFoundation/CFNumber.h>
72 #ifdef HAVE_SYSFS_LIBSYSFS_H
73 # include <sysfs/libsysfs.h>
77 #include "drmstables.h"
79 #if !defined( UNDER_CE )
80 /*****************************************************************************
81 * aes_s: AES keys structure
82 *****************************************************************************
83 * This structure stores a set of keys usable for encryption and decryption
84 * with the AES/Rijndael algorithm.
85 *****************************************************************************/
88 uint32_t pp_enc_keys[ AES_KEY_COUNT + 1 ][ 4 ];
89 uint32_t pp_dec_keys[ AES_KEY_COUNT + 1 ][ 4 ];
93 /*****************************************************************************
94 * md5_s: MD5 message structure
95 *****************************************************************************
96 * This structure stores the static information needed to compute an MD5
97 * hash. It has an extra data buffer to allow non-aligned writes.
98 *****************************************************************************/
101 uint64_t i_bits; /* Total written bits */
102 uint32_t p_digest[4]; /* The MD5 digest */
103 uint32_t p_data[16]; /* Buffer to cache non-aligned writes */
107 /*****************************************************************************
108 * shuffle_s: shuffle structure
109 *****************************************************************************
110 * This structure stores the static information needed to shuffle data using
111 * a custom algorithm.
112 *****************************************************************************/
116 uint32_t p_commands[ 20 ];
117 uint32_t p_bordel[ 16 ];
120 #define SWAP( a, b ) { (a) ^= (b); (b) ^= (a); (a) ^= (b); }
122 /*****************************************************************************
123 * drms_s: DRMS structure
124 *****************************************************************************
125 * This structure stores the static information needed to decrypt DRMS data.
126 *****************************************************************************/
131 uint8_t p_iviv[ 16 ];
137 char psz_homedir[ PATH_MAX ];
140 /*****************************************************************************
142 *****************************************************************************/
143 static void InitAES ( struct aes_s *, uint32_t * );
144 static void DecryptAES ( struct aes_s *, uint32_t *, const uint32_t * );
147 static void InitMD5 ( struct md5_s * );
148 static void AddMD5 ( struct md5_s *, const uint8_t *, uint32_t );
149 static void EndMD5 ( struct md5_s * );
150 static void Digest ( struct md5_s *, uint32_t * );
153 static void InitShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
154 static void DoShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
156 static uint32_t FirstPass ( uint32_t * );
157 static void SecondPass ( uint32_t *, uint32_t );
158 static void ThirdPass ( uint32_t * );
159 static void FourthPass ( uint32_t * );
160 static void TinyShuffle1 ( uint32_t * );
161 static void TinyShuffle2 ( uint32_t * );
162 static void TinyShuffle3 ( uint32_t * );
163 static void TinyShuffle4 ( uint32_t * );
164 static void TinyShuffle5 ( uint32_t * );
165 static void TinyShuffle6 ( uint32_t * );
166 static void TinyShuffle7 ( uint32_t * );
167 static void TinyShuffle8 ( uint32_t * );
168 static void DoExtShuffle ( uint32_t * );
170 static int GetSystemKey ( uint32_t *, vlc_bool_t );
171 static int WriteUserKey ( void *, uint32_t * );
172 static int ReadUserKey ( void *, uint32_t * );
173 static int GetUserKey ( void *, uint32_t * );
175 static int GetSCIData ( char *, uint32_t **, uint32_t * );
176 static int HashSystemInfo ( uint32_t * );
177 static int GetiPodID ( int64_t * );
179 #ifdef WORDS_BIGENDIAN
180 /*****************************************************************************
181 * Reverse: reverse byte order
182 *****************************************************************************/
183 static inline void Reverse( uint32_t *p_buffer, int n )
187 for( i = 0; i < n; i++ )
189 p_buffer[ i ] = GetDWLE(&p_buffer[ i ]);
192 # define REVERSE( p, n ) Reverse( p, n )
194 # define REVERSE( p, n )
197 /*****************************************************************************
198 * BlockXOR: XOR two 128 bit blocks
199 *****************************************************************************/
200 static inline void BlockXOR( uint32_t *p_dest, uint32_t *p_s1, uint32_t *p_s2 )
204 for( i = 0; i < 4; i++ )
206 p_dest[ i ] = p_s1[ i ] ^ p_s2[ i ];
210 /*****************************************************************************
211 * drms_alloc: allocate a DRMS structure
212 *****************************************************************************/
213 void *drms_alloc( char *psz_homedir )
215 struct drms_s *p_drms;
217 p_drms = malloc( sizeof(struct drms_s) );
224 memset( p_drms, 0, sizeof(struct drms_s) );
226 strncpy( p_drms->psz_homedir, psz_homedir, PATH_MAX );
227 p_drms->psz_homedir[ PATH_MAX - 1 ] = '\0';
229 return (void *)p_drms;
232 /*****************************************************************************
233 * drms_free: free a previously allocated DRMS structure
234 *****************************************************************************/
235 void drms_free( void *_p_drms )
237 struct drms_s *p_drms = (struct drms_s *)_p_drms;
239 if( p_drms->p_name != NULL )
241 free( (void *)p_drms->p_name );
247 /*****************************************************************************
248 * drms_decrypt: unscramble a chunk of data
249 *****************************************************************************/
250 void drms_decrypt( void *_p_drms, uint32_t *p_buffer, uint32_t i_bytes )
252 struct drms_s *p_drms = (struct drms_s *)_p_drms;
254 unsigned int i_blocks;
256 /* AES is a block cypher, round down the byte count */
257 i_blocks = i_bytes / 16;
258 i_bytes = i_blocks * 16;
260 /* Initialise the key */
261 memcpy( p_key, p_drms->p_key, 16 );
268 REVERSE( p_buffer, 4 );
269 DecryptAES( &p_drms->aes, p_tmp, p_buffer );
270 BlockXOR( p_tmp, p_key, p_tmp );
272 /* Use the previous scrambled data as the key for next block */
273 memcpy( p_key, p_buffer, 16 );
275 /* Copy unscrambled data back to the buffer */
276 memcpy( p_buffer, p_tmp, 16 );
277 REVERSE( p_buffer, 4 );
283 /*****************************************************************************
284 * drms_init: initialise a DRMS structure
285 *****************************************************************************/
286 int drms_init( void *_p_drms, uint32_t i_type,
287 uint8_t *p_info, uint32_t i_len )
289 struct drms_s *p_drms = (struct drms_s *)_p_drms;
295 if( i_len < sizeof(p_drms->i_user) )
301 p_drms->i_user = U32_AT( p_info );
305 if( i_len < sizeof(p_drms->i_key) )
311 p_drms->i_key = U32_AT( p_info );
315 if( i_len < sizeof(p_drms->p_key) )
321 memcpy( p_drms->p_iviv, p_info, 16 );
325 p_drms->p_name = strdup( p_info );
327 if( p_drms->p_name == NULL )
335 uint32_t p_priv[ 64 ];
345 AddMD5( &md5, p_drms->p_name, strlen( p_drms->p_name ) );
346 AddMD5( &md5, p_drms->p_iviv, 16 );
349 if( p_drms->i_user == 0 && p_drms->i_key == 0 )
351 static char const p_secret[] = "tr1-th3n.y00_by3";
352 memcpy( p_drms->p_key, p_secret, 16 );
353 REVERSE( p_drms->p_key, 4 );
357 if( GetUserKey( p_drms, p_drms->p_key ) )
364 InitAES( &p_drms->aes, p_drms->p_key );
366 memcpy( p_priv, p_info, 64 );
367 memcpy( p_drms->p_key, md5.p_digest, 16 );
368 drms_decrypt( p_drms, p_priv, 64 );
369 REVERSE( p_priv, 64 );
371 if( p_priv[ 0 ] != 0x6e757469 ) /* itun */
377 InitAES( &p_drms->aes, p_priv + 6 );
378 memcpy( p_drms->p_key, p_priv + 12, 16 );
380 free( (void *)p_drms->p_name );
381 p_drms->p_name = NULL;
389 /* The following functions are local */
391 /*****************************************************************************
392 * InitAES: initialise AES/Rijndael encryption/decryption tables
393 *****************************************************************************
394 * The Advanced Encryption Standard (AES) is described in RFC 3268
395 *****************************************************************************/
396 static void InitAES( struct aes_s *p_aes, uint32_t *p_key )
399 uint32_t i_key, i_seed;
401 memset( p_aes->pp_enc_keys[1], 0, 16 );
402 memcpy( p_aes->pp_enc_keys[0], p_key, 16 );
404 /* Generate the key tables */
405 i_seed = p_aes->pp_enc_keys[ 0 ][ 3 ];
407 for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ )
411 i_seed = AES_ROR( i_seed, 8 );
413 j = p_aes_table[ i_key ];
415 j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ]
416 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 )
417 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 )
418 ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 );
420 j ^= p_aes->pp_enc_keys[ i_key ][ 0 ];
421 p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j;
422 j ^= p_aes->pp_enc_keys[ i_key ][ 1 ];
423 p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j;
424 j ^= p_aes->pp_enc_keys[ i_key ][ 2 ];
425 p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j;
426 j ^= p_aes->pp_enc_keys[ i_key ][ 3 ];
427 p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j;
432 memcpy( p_aes->pp_dec_keys[ 0 ],
433 p_aes->pp_enc_keys[ 0 ], 16 );
435 for( i = 1; i < AES_KEY_COUNT; i++ )
437 for( t = 0; t < 4; t++ )
439 uint32_t j, k, l, m, n;
441 j = p_aes->pp_enc_keys[ i ][ t ];
443 k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1);
444 l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1);
445 m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1);
449 n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 );
451 p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n;
456 /*****************************************************************************
457 * DecryptAES: decrypt an AES/Rijndael 128 bit block
458 *****************************************************************************/
459 static void DecryptAES( struct aes_s *p_aes,
460 uint32_t *p_dest, const uint32_t *p_src )
462 uint32_t p_wtxt[ 4 ]; /* Working cyphertext */
464 unsigned int i_round, t;
466 for( t = 0; t < 4; t++ )
468 /* FIXME: are there any endianness issues here? */
469 p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ];
473 for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ )
475 for( t = 0; t < 4; t++ )
477 p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt );
480 for( t = 0; t < 4; t++ )
482 p_wtxt[ t ] = p_tmp[ t ]
483 ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ];
487 /* Final round (9) */
488 for( t = 0; t < 4; t++ )
490 p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt );
491 p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ];
496 /*****************************************************************************
497 * InitMD5: initialise an MD5 message
498 *****************************************************************************
499 * The MD5 message-digest algorithm is described in RFC 1321
500 *****************************************************************************/
501 static void InitMD5( struct md5_s *p_md5 )
503 p_md5->p_digest[ 0 ] = 0x67452301;
504 p_md5->p_digest[ 1 ] = 0xefcdab89;
505 p_md5->p_digest[ 2 ] = 0x98badcfe;
506 p_md5->p_digest[ 3 ] = 0x10325476;
508 memset( p_md5->p_data, 0, 64 );
512 /*****************************************************************************
513 * AddMD5: add i_len bytes to an MD5 message
514 *****************************************************************************/
515 static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len )
517 unsigned int i_current; /* Current bytes in the spare buffer */
518 unsigned int i_offset = 0;
520 i_current = (p_md5->i_bits / 8) & 63;
522 p_md5->i_bits += 8 * i_len;
524 /* If we can complete our spare buffer to 64 bytes, do it and add the
525 * resulting buffer to the MD5 message */
526 if( i_len >= (64 - i_current) )
528 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src,
530 Digest( p_md5, p_md5->p_data );
532 i_offset += (64 - i_current);
533 i_len -= (64 - i_current);
537 /* Add as many entire 64 bytes blocks as we can to the MD5 message */
540 uint32_t p_tmp[ 16 ];
541 memcpy( p_tmp, p_src + i_offset, 64 );
542 Digest( p_md5, p_tmp );
547 /* Copy our remaining data to the message's spare buffer */
548 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );
551 /*****************************************************************************
552 * EndMD5: finish an MD5 message
553 *****************************************************************************
554 * This function adds adequate padding to the end of the message, and appends
555 * the bit count so that we end at a block boundary.
556 *****************************************************************************/
557 static void EndMD5( struct md5_s *p_md5 )
559 unsigned int i_current;
561 i_current = (p_md5->i_bits / 8) & 63;
563 /* Append 0x80 to our buffer. No boundary check because the temporary
564 * buffer cannot be full, otherwise AddMD5 would have emptied it. */
565 ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80;
567 /* If less than 8 bytes are available at the end of the block, complete
568 * this 64 bytes block with zeros and add it to the message. We'll add
569 * our length at the end of the next block. */
572 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) );
573 Digest( p_md5, p_md5->p_data );
577 /* Fill the unused space in our last block with zeroes and put the
578 * message length at the end. */
579 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) );
580 p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff;
581 p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32);
582 REVERSE( &p_md5->p_data[ 14 ], 2 );
584 Digest( p_md5, p_md5->p_data );
587 #define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))
588 #define F2( x, y, z ) F1((z), (x), (y))
589 #define F3( x, y, z ) ((x) ^ (y) ^ (z))
590 #define F4( x, y, z ) ((y) ^ ((x) | ~(z)))
592 #define MD5_DO( f, w, x, y, z, data, s ) \
593 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
595 /*****************************************************************************
596 * Digest: update the MD5 digest with 64 bytes of data
597 *****************************************************************************/
598 static void Digest( struct md5_s *p_md5, uint32_t *p_input )
602 REVERSE( p_input, 16 );
604 a = p_md5->p_digest[ 0 ];
605 b = p_md5->p_digest[ 1 ];
606 c = p_md5->p_digest[ 2 ];
607 d = p_md5->p_digest[ 3 ];
609 MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 );
610 MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 );
611 MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 );
612 MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 );
613 MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 );
614 MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 );
615 MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 );
616 MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 );
617 MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 );
618 MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 );
619 MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 );
620 MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 );
621 MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 );
622 MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 );
623 MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 );
624 MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 );
626 MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 );
627 MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 );
628 MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 );
629 MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 );
630 MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 );
631 MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 );
632 MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 );
633 MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 );
634 MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 );
635 MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 );
636 MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 );
637 MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 );
638 MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 );
639 MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 );
640 MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 );
641 MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 );
643 MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 );
644 MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 );
645 MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 );
646 MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 );
647 MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 );
648 MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 );
649 MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 );
650 MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 );
651 MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 );
652 MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 );
653 MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 );
654 MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 );
655 MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 );
656 MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 );
657 MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 );
658 MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 );
660 MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 );
661 MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 );
662 MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 );
663 MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 );
664 MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 );
665 MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 );
666 MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 );
667 MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 );
668 MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 );
669 MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 );
670 MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 );
671 MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 );
672 MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 );
673 MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 );
674 MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 );
675 MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 );
677 p_md5->p_digest[ 0 ] += a;
678 p_md5->p_digest[ 1 ] += b;
679 p_md5->p_digest[ 2 ] += c;
680 p_md5->p_digest[ 3 ] += d;
684 /*****************************************************************************
685 * InitShuffle: initialise a shuffle structure
686 *****************************************************************************
687 * This function initialises tables in the p_shuffle structure that will be
688 * used later by DoShuffle. The only external parameter is p_sys_key.
689 *****************************************************************************/
690 static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key,
693 char p_secret1[] = "Tv!*";
694 static char const p_secret2[] = "v8rhvsaAvOKMFfUH%798=[;."
695 "f8677680a634ba87fnOIf)(*";
698 p_shuffle->i_version = i_version;
700 /* Fill p_commands using the key and a secret seed */
701 for( i = 0; i < 20; i++ )
707 AddMD5( &md5, (uint8_t *)p_sys_key, 16 );
708 AddMD5( &md5, (uint8_t *)p_secret1, 4 );
713 REVERSE( md5.p_digest, 1 );
714 i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024;
716 p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash;
719 /* Fill p_bordel with completely meaningless initial values. */
720 for( i = 0; i < 4; i++ )
722 p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i);
723 memcpy( p_shuffle->p_bordel + 4 * i + 1, p_secret2 + 12 * i, 12 );
724 REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 );
728 /*****************************************************************************
729 * DoShuffle: shuffle buffer
730 *****************************************************************************
731 * This is so ugly and uses so many MD5 checksums that it is most certainly
732 * one-way, though why it needs to be so complicated is beyond me.
733 *****************************************************************************/
734 static void DoShuffle( struct shuffle_s *p_shuffle,
735 uint32_t *p_buffer, uint32_t i_size )
738 uint32_t p_big_bordel[ 16 ];
739 uint32_t *p_bordel = p_shuffle->p_bordel;
742 static uint32_t i_secret = 0;
744 static uint32_t p_secret1[] =
746 0xAAAAAAAA, 0x01757700, 0x00554580, 0x01724500, 0x00424580,
747 0x01427700, 0x00000080, 0xC1D59D01, 0x80144981, 0x815C8901,
748 0x80544981, 0x81D45D01, 0x00000080, 0x81A3BB03, 0x00A2AA82,
749 0x01A3BB03, 0x0022A282, 0x813BA202, 0x00000080, 0x6D575737,
750 0x4A5275A5, 0x6D525725, 0x4A5254A5, 0x6B725437, 0x00000080,
751 0xD5DDB938, 0x5455A092, 0x5D95A013, 0x4415A192, 0xC5DD393A,
752 0x00000080, 0x55555555
755 static char p_secret2[] =
756 "pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq.";
760 REVERSE( p_secret1, sizeof(p_secret1)/sizeof(p_secret1[ 0 ]) );
761 for( ; p_secret2[ i_secret ] != '\0'; i_secret++ )
763 #define ROT13(c) (((c)>='A'&&(c)<='Z')?(((c)-'A'+13)%26)+'A':\
764 ((c)>='a'&&(c)<='z')?(((c)-'a'+13)%26)+'a':c)
765 p_secret2[ i_secret ] = ROT13(p_secret2[ i_secret ]);
767 i_secret++; /* include zero terminator */
770 /* Using the MD5 hash of a memory block is probably not one-way enough
771 * for the iTunes people. This function randomises p_bordel depending on
772 * the values in p_commands to make things even more messy in p_bordel. */
773 for( i = 0; i < 20; i++ )
775 uint8_t i_command, i_index;
777 if( !p_shuffle->p_commands[ i ] )
782 i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8;
783 i_index = p_shuffle->p_commands[ i ] & 0xff;
788 p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ]
789 + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ];
792 p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ];
795 p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ];
798 p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ];
803 if( p_shuffle->i_version == 0x01000300 )
805 DoExtShuffle( p_bordel );
808 /* Convert our newly randomised p_bordel to big endianness and take
811 for( i = 0; i < 16; i++ )
813 p_big_bordel[ i ] = U32_AT(p_bordel + i);
815 AddMD5( &md5, (uint8_t *)p_big_bordel, 64 );
816 if( p_shuffle->i_version == 0x01000300 )
818 AddMD5( &md5, (uint8_t *)p_secret1, sizeof(p_secret1) );
819 AddMD5( &md5, (uint8_t *)p_secret2, i_secret );
823 /* XOR our buffer with the computed checksum */
824 for( i = 0; i < i_size; i++ )
826 p_buffer[ i ] ^= md5.p_digest[ i ];
830 /*****************************************************************************
831 * DoExtShuffle: extended shuffle
832 *****************************************************************************
833 * This is even uglier.
834 *****************************************************************************/
835 static void DoExtShuffle( uint32_t * p_bordel )
839 i_ret = FirstPass( p_bordel );
841 SecondPass( p_bordel, i_ret );
843 ThirdPass( p_bordel );
845 FourthPass( p_bordel );
848 static uint32_t FirstPass( uint32_t * p_bordel )
850 uint32_t i, i_cmd, i_ret = 5;
852 TinyShuffle1( p_bordel );
858 p_bordel[ 1 ] += 0x10000000;
859 p_bordel[ 3 ] += 0x12777;
861 if( (p_bordel[ 10 ] & 1) && i_ret )
864 p_bordel[ 1 ] -= p_bordel[ 2 ];
865 p_bordel[ 11 ] += p_bordel[ 12 ];
869 if( (p_bordel[ 1 ] + p_bordel[ 2 ]) >= 0x7D0 )
871 switch( ((p_bordel[ 3 ] ^ 0x567F) >> 2) & 7 )
874 for( i = 0; i < 3; i++ )
876 if( p_bordel[ i + 10 ] > 0x4E20 )
878 p_bordel[ i + 1 ] += p_bordel[ i + 2 ];
883 p_bordel[ 1 ] -= p_bordel[ 2 ];
886 p_bordel[ 11 ] += p_bordel[ 12 ];
889 p_bordel[ 3 ] ^= p_bordel[ 4 ];
892 p_bordel[ 13 ] &= p_bordel[ 14 ];
895 p_bordel[ 0 ] |= p_bordel[ 1 ];
907 for( i = 0, i_cmd = 0; i < 16; i++ )
909 if( p_bordel[ i ] < p_bordel[ i_cmd ] )
915 if( i_ret && i_cmd != 5 )
923 p_bordel[ 8 ] &= p_bordel[ 6 ] >> 1;
927 for( i = 0; i < 3; i++ )
930 if( p_bordel[ 11 ] & 5 )
932 p_bordel[ 8 ] += p_bordel[ 9 ];
942 i_cmd = (p_bordel[ 15 ] + 0x93) >> 3;
943 if( p_bordel[ 15 ] & 0x100 )
952 while( p_bordel[ 11 ] & 1 )
954 p_bordel[ 11 ] >>= 1;
959 p_bordel[ 14 ] -= 0x19FE;
971 i_cmd = ((p_bordel[ 3 ] + p_bordel[ 4 ] + 10) >> 1) - p_bordel[ 4 ];
979 p_bordel[ 14 ] >>= 1;
988 p_bordel[ 15 ] &= 0x55;
991 p_bordel[ 2 ] &= 0xB62FC;
997 TinyShuffle2( p_bordel );
1002 static void SecondPass( uint32_t * p_bordel, uint32_t i_tmp )
1004 uint32_t i, i_cmd, i_jc = 5;
1006 TinyShuffle3( p_bordel );
1008 for( i = 0, i_cmd = 0; i < 16; i++ )
1010 if( p_bordel[ i ] > p_bordel[ i_cmd ] )
1019 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1025 if( (p_bordel[ 9 ] & 0x7777) == 0x3333 )
1032 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1041 p_bordel[ 1 ] -= p_bordel[ 5 ];
1042 for( i = 0; i < 3; i++ )
1044 switch( p_bordel[ 1 ] & 3 )
1053 p_bordel[ 13 ] &= 0xFEFEFEF7;
1056 p_bordel[ 8 ] |= 0x80080011;
1068 p_bordel[ 15 ] ^= 0x18547EFF;
1074 switch( ( p_bordel[ 12 ] + p_bordel[ 13 ] + p_bordel[ 6 ] ) % 5 )
1077 p_bordel[ 12 ] -= 1;
1080 p_bordel[ 12 ] -= 1;
1081 p_bordel[ 13 ] += 1;
1084 p_bordel[ 13 ] += 4;
1087 p_bordel[ 12 ] -= 1;
1094 i = 3; /* Restart the whole loop */
1099 TinyShuffle4( p_bordel );
1103 TinyShuffle5( p_bordel );
1105 switch( ( p_bordel[ 2 ] * 2 + 15 ) % 5 )
1108 if( ( p_bordel[ 3 ] + i_tmp ) <=
1109 ( p_bordel[ 1 ] + p_bordel[ 15 ] ) )
1115 p_bordel[ 10 ] -= 0x13;
1118 p_bordel[ 5 ] >>= 2;
1122 if( !( p_bordel[ 2 ] & 1 ) || i_jc == 0 )
1128 p_bordel[ 2 ] += 0x13;
1129 p_bordel[ 12 ] += 1;
1132 p_bordel[ 2 ] &= 0x10076000;
1135 static void ThirdPass( uint32_t * p_bordel )
1139 i_cmd = ((p_bordel[ 7 ] + p_bordel[ 14 ] + 10) >> 1) - p_bordel[ 14 ];
1145 p_bordel[ 1 ] <<= 1;
1146 p_bordel[ 2 ] <<= 2;
1147 p_bordel[ 3 ] <<= 3;
1150 p_bordel[ i_cmd + 3 ] &= 0x5EDE36B;
1151 p_bordel[ 5 ] += p_bordel[ 8 ];
1152 p_bordel[ 4 ] += p_bordel[ 7 ];
1153 p_bordel[ 3 ] += p_bordel[ 6 ];
1154 p_bordel[ 2 ] += p_bordel[ 5 ];
1157 p_bordel[ 1 ] += p_bordel[ 4 ];
1158 p_bordel[ 0 ] += p_bordel[ 3 ];
1159 TinyShuffle6( p_bordel );
1160 return; /* jc = 4 */
1162 if( (p_bordel[ 11 ] & p_bordel[ 2 ]) > 0x211B )
1171 p_bordel[ 9 ] ^= p_bordel[ 2 ];
1174 p_bordel[ 2 ] ^= (p_bordel[ 1 ] & p_bordel[ 13 ]);
1177 p_bordel[ 0 ] -= p_bordel[ 11 ] & p_bordel[ 15 ];
1178 return; /* jc = 4 */
1180 p_bordel[ 6 ] >>= (p_bordel[ 14 ] & 3);
1184 SWAP( p_bordel[ 0 ], p_bordel[ 10 ] );
1186 TinyShuffle6( p_bordel );
1188 return; /* jc = 5 */
1191 static void FourthPass( uint32_t * p_bordel )
1195 TinyShuffle7( p_bordel );
1197 switch( p_bordel[ 5 ] % 5)
1203 p_bordel[ 11 ] ^= (p_bordel[ 3 ] + p_bordel[ 6 ] + p_bordel[ 8 ]);
1206 for( i = 4; i < 15 && (p_bordel[ i ] & 5) == 0; i++ )
1208 SWAP( p_bordel[ i ], p_bordel[ 15 - i ] );
1212 p_bordel[ 12 ] -= 1;
1213 p_bordel[ 13 ] += 1;
1214 p_bordel[ 2 ] -= 0x64;
1215 p_bordel[ 3 ] += 0x64;
1216 TinyShuffle8( p_bordel );
1220 for( i = 0, j = 0; i < 16; i++ )
1222 if( p_bordel[ i ] > p_bordel[ j ] )
1228 switch( p_bordel[ j ] % 100 )
1231 SWAP( p_bordel[ 0 ], p_bordel[ j ] );
1234 p_bordel[ 1 ] >>= 1;
1235 p_bordel[ 2 ] <<= 1;
1236 p_bordel[ 14 ] >>= 3;
1237 p_bordel[ 15 ] <<= 4;
1240 p_bordel[ j ] += p_bordel[ 13 ];
1243 p_bordel[ 1 ] += 0x20E;
1244 p_bordel[ 5 ] += 0x223D;
1245 p_bordel[ 13 ] -= 0x576;
1246 p_bordel[ 15 ] += 0x576;
1249 p_bordel[ 2 ] -= 0x64;
1250 p_bordel[ 3 ] += 0x64;
1251 p_bordel[ 12 ] -= 1;
1252 p_bordel[ 13 ] += 1;
1256 p_bordel[ j ] += p_bordel[ 13 ];
1260 TinyShuffle8( p_bordel );
1263 /*****************************************************************************
1264 * TinyShuffle[12345678]: tiny shuffle subroutines
1265 *****************************************************************************
1266 * These standalone functions are little helpers for the shuffling process.
1267 *****************************************************************************/
1268 static void TinyShuffle1( uint32_t * p_bordel )
1270 uint32_t i_cmd = (p_bordel[ 5 ] + 10) >> 2;
1272 if( p_bordel[ 5 ] > 0x7D0 )
1286 if( p_bordel[ 4 ] & 5 )
1288 p_bordel[ 1 ] ^= 0x4D;
1292 p_bordel[ 12 ] += 5;
1297 static void TinyShuffle2( uint32_t * p_bordel )
1301 for( i = 0, j = 0; i < 16; i++ )
1303 if( (p_bordel[ i ] & 0x777) > (p_bordel[ j ] & 0x777) )
1311 for( ; j < 15; j++ )
1313 p_bordel[ j ] += p_bordel[ j + 1 ];
1318 p_bordel[ 2 ] &= 0xB62FC;
1322 static void TinyShuffle3( uint32_t * p_bordel )
1324 uint32_t i_cmd = p_bordel[ 6 ] + 0x194B;
1326 if( p_bordel[ 6 ] > 0x2710 )
1334 p_bordel[ 3 ] += 0x19FE;
1337 p_bordel[ 7 ] -= p_bordel[ 3 ] >> 2;
1340 p_bordel[ 5 ] ^= 0x248A;
1345 static void TinyShuffle4( uint32_t * p_bordel )
1349 for( i = 0, j = 0; i < 16; i++ )
1351 if( p_bordel[ i ] < p_bordel[ j ] )
1357 if( (p_bordel[ j ] % (j + 1)) > 10 )
1360 p_bordel[ 2 ] += 0x13;
1361 p_bordel[ 12 ] += 1;
1365 static void TinyShuffle5( uint32_t * p_bordel )
1369 p_bordel[ 2 ] &= 0x7F3F;
1371 for( i = 0; i < 5; i++ )
1373 switch( ( p_bordel[ 2 ] + 10 + i ) % 5 )
1376 p_bordel[ 12 ] &= p_bordel[ 2 ];
1379 p_bordel[ 3 ] ^= p_bordel[ 15 ];
1382 p_bordel[ 15 ] += 0x576;
1385 p_bordel[ 7 ] -= 0x2D;
1388 p_bordel[ 1 ] <<= 1;
1394 static void TinyShuffle6( uint32_t * p_bordel )
1398 for( i = 0; i < 8; i++ )
1400 j = p_bordel[ 3 ] & 0x7514 ? 5 : 7;
1401 SWAP( p_bordel[ i ], p_bordel[ i + j ] );
1405 static void TinyShuffle7( uint32_t * p_bordel )
1409 i = (((p_bordel[ 9 ] + p_bordel[ 15 ] + 12) >> 2) - p_bordel[ 4 ]) & 7;
1413 SWAP( p_bordel[ i ], p_bordel[ i + 3 ] );
1416 SWAP( p_bordel[ 1 ], p_bordel[ 10 ] );
1419 static void TinyShuffle8( uint32_t * p_bordel )
1423 i = (p_bordel[ 0 ] & p_bordel[ 6 ]) & 0xF;
1425 switch( p_bordel[ i ] % 1000 )
1428 if( (p_bordel[ i ] & 0x777) > (p_bordel[ 7 ] & 0x5555) )
1430 p_bordel[ i ] ^= p_bordel[ 5 ] & p_bordel[ 3 ];
1434 p_bordel[ 15 ] &= 0x5555;
1437 p_bordel[ i ] ^= p_bordel[ 15 ];
1440 SWAP( p_bordel[ 0 ], p_bordel[ 3 ] );
1441 SWAP( p_bordel[ 1 ], p_bordel[ 6 ] );
1442 SWAP( p_bordel[ 3 ], p_bordel[ 6 ] );
1443 SWAP( p_bordel[ 4 ], p_bordel[ 9 ] );
1444 SWAP( p_bordel[ 5 ], p_bordel[ 8 ] );
1445 SWAP( p_bordel[ 6 ], p_bordel[ 7 ] );
1446 SWAP( p_bordel[ 13 ], p_bordel[ 14 ] );
1449 p_bordel[ i ] += p_bordel[ 1 ] ^ 0x80080011;
1450 p_bordel[ i ] += p_bordel[ 2 ] ^ 0xBEEFDEAD;
1451 p_bordel[ i ] += p_bordel[ 3 ] ^ 0x8765F444;
1452 p_bordel[ i ] += p_bordel[ 4 ] ^ 0x78145326;
1455 p_bordel[ 12 ] -= p_bordel[ i ];
1456 p_bordel[ 13 ] += p_bordel[ i ];
1459 p_bordel[ i ] += p_bordel[ 1 ];
1460 p_bordel[ i ] -= p_bordel[ 7 ];
1461 p_bordel[ i ] -= p_bordel[ 8 ];
1462 p_bordel[ i ] += p_bordel[ 9 ];
1463 p_bordel[ i ] += p_bordel[ 13 ];
1467 p_bordel[ i + 1 ] >>= 1;
1468 p_bordel[ i + 2 ] <<= 4;
1469 p_bordel[ i + 3 ] >>= 3;
1472 p_bordel[ 1 ] += 0x20E;
1473 p_bordel[ 5 ] += 0x223D;
1474 p_bordel[ 13 ] -= 0x576;
1475 p_bordel[ 15 ] += 0x576;
1478 if( (p_bordel[ i ] ^ 0x8765F441) < 0x2710 )
1480 SWAP( p_bordel[ 0 ], p_bordel[ 1 ] );
1484 SWAP( p_bordel[ 1 ], p_bordel[ 11 ] );
1490 /*****************************************************************************
1491 * GetSystemKey: get the system key
1492 *****************************************************************************
1493 * Compute the system key from various system information, see HashSystemInfo.
1494 *****************************************************************************/
1495 static int GetSystemKey( uint32_t *p_sys_key, vlc_bool_t b_ipod )
1497 static char const p_secret1[ 8 ] = "YuaFlafu";
1498 static char const p_secret2[ 8 ] = "zPif98ga";
1501 uint32_t p_system_hash[ 4 ];
1503 /* Compute the MD5 hash of our system info */
1504 if( ( !b_ipod && HashSystemInfo( p_system_hash ) ) ||
1505 ( b_ipod && GetiPodID( &i_ipod_id ) ) )
1510 /* Combine our system info hash with additional secret data. The resulting
1511 * MD5 hash will be our system key. */
1513 AddMD5( &md5, p_secret1, 8 );
1517 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1518 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1519 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1520 AddMD5( &md5, p_secret2, 8 );
1524 i_ipod_id = U64_AT(&i_ipod_id);
1525 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1526 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1527 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1532 memcpy( p_sys_key, md5.p_digest, 16 );
1538 # define DRMS_DIRNAME "drms"
1540 # define DRMS_DIRNAME ".drms"
1543 /*****************************************************************************
1544 * WriteUserKey: write the user key to hard disk
1545 *****************************************************************************
1546 * Write the user key to the hard disk so that it can be reused later or used
1547 * on operating systems other than Win32.
1548 *****************************************************************************/
1549 static int WriteUserKey( void *_p_drms, uint32_t *p_user_key )
1551 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1554 char psz_path[ PATH_MAX ];
1556 snprintf( psz_path, PATH_MAX - 1,
1557 "%s/" DRMS_DIRNAME, p_drms->psz_homedir );
1559 #if defined( HAVE_ERRNO_H )
1560 # if defined( WIN32 )
1561 if( !mkdir( psz_path ) || errno == EEXIST )
1563 if( !mkdir( psz_path, 0755 ) || errno == EEXIST )
1566 if( !mkdir( psz_path ) )
1569 snprintf( psz_path, PATH_MAX - 1, "%s/" DRMS_DIRNAME "/%08X.%03d",
1570 p_drms->psz_homedir, p_drms->i_user, p_drms->i_key );
1572 file = fopen( psz_path, "wb" );
1575 i_ret = fwrite( p_user_key, sizeof(uint32_t),
1576 4, file ) == 4 ? 0 : -1;
1584 /*****************************************************************************
1585 * ReadUserKey: read the user key from hard disk
1586 *****************************************************************************
1587 * Retrieve the user key from the hard disk if available.
1588 *****************************************************************************/
1589 static int ReadUserKey( void *_p_drms, uint32_t *p_user_key )
1591 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1594 char psz_path[ PATH_MAX ];
1596 snprintf( psz_path, PATH_MAX - 1,
1597 "%s/" DRMS_DIRNAME "/%08X.%03d", p_drms->psz_homedir,
1598 p_drms->i_user, p_drms->i_key );
1600 file = fopen( psz_path, "rb" );
1603 i_ret = fread( p_user_key, sizeof(uint32_t),
1604 4, file ) == 4 ? 0 : -1;
1611 /*****************************************************************************
1612 * GetUserKey: get the user key
1613 *****************************************************************************
1614 * Retrieve the user key from the hard disk if available, otherwise generate
1615 * it from the system key. If the key could be successfully generated, write
1616 * it to the hard disk for future use.
1617 *****************************************************************************/
1618 static int GetUserKey( void *_p_drms, uint32_t *p_user_key )
1620 static char const p_secret[] = "mUfnpognadfgf873";
1621 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1623 struct shuffle_s shuffle;
1625 uint32_t *p_sci_data;
1626 uint32_t i_user, i_key;
1627 uint32_t p_sys_key[ 4 ];
1628 uint32_t i_sci_size, i_blocks, i_remaining;
1629 uint32_t *p_sci0, *p_sci1, *p_buffer;
1630 uint32_t p_sci_key[ 4 ];
1634 if( !ReadUserKey( p_drms, p_user_key ) )
1636 REVERSE( p_user_key, 4 );
1640 psz_ipod = getenv( "IPOD" );
1642 if( GetSystemKey( p_sys_key, psz_ipod ? VLC_TRUE : VLC_FALSE ) )
1647 if( GetSCIData( psz_ipod, &p_sci_data, &i_sci_size ) )
1652 /* Phase 1: unscramble the SCI data using the system key and shuffle
1653 * it using DoShuffle(). */
1655 /* Skip the first 4 bytes (some sort of header). Decrypt the rest. */
1656 i_blocks = (i_sci_size - 4) / 16;
1657 i_remaining = (i_sci_size - 4) - (i_blocks * 16);
1658 p_buffer = p_sci_data + 1;
1660 /* Decrypt and shuffle our data at the same time */
1661 InitAES( &aes, p_sys_key );
1662 REVERSE( p_sys_key, 4 );
1663 REVERSE( p_sci_data, 1 );
1664 InitShuffle( &shuffle, p_sys_key, p_sci_data[ 0 ] );
1666 memcpy( p_sci_key, p_secret, 16 );
1667 REVERSE( p_sci_key, 4 );
1671 uint32_t p_tmp[ 4 ];
1673 REVERSE( p_buffer, 4 );
1674 DecryptAES( &aes, p_tmp, p_buffer );
1675 BlockXOR( p_tmp, p_sci_key, p_tmp );
1677 /* Use the previous scrambled data as the key for next block */
1678 memcpy( p_sci_key, p_buffer, 16 );
1680 /* Shuffle the decrypted data using a custom routine */
1681 DoShuffle( &shuffle, p_tmp, 4 );
1683 /* Copy this block back to p_buffer */
1684 memcpy( p_buffer, p_tmp, 16 );
1689 if( i_remaining >= 4 )
1692 REVERSE( p_buffer, i_remaining );
1693 DoShuffle( &shuffle, p_buffer, i_remaining );
1696 /* Phase 2: look for the user key in the generated data. I must admit I
1697 * do not understand what is going on here, because it almost
1698 * looks like we are browsing data that makes sense, even though
1699 * the DoShuffle() part made it completely meaningless. */
1702 REVERSE( p_sci_data + 5, 1 );
1703 i = U32_AT( p_sci_data + 5 );
1704 i_sci_size -= 22 * sizeof(uint32_t);
1705 p_sci1 = p_sci_data + 22;
1708 while( i_sci_size >= 20 && i > 0 )
1710 if( p_sci0 == NULL )
1712 i_sci_size -= 18 * sizeof(uint32_t);
1713 if( i_sci_size < 20 )
1719 REVERSE( p_sci1 + 17, 1 );
1720 y = U32_AT( p_sci1 + 17 );
1731 i_user = U32_AT( p_sci0 );
1732 i_key = U32_AT( p_sci1 );
1733 REVERSE( &i_user, 1 );
1734 REVERSE( &i_key, 1 );
1735 if( i_user == p_drms->i_user && ( ( i_key == p_drms->i_key ) ||
1736 ( !p_drms->i_key && ( p_sci1 == (p_sci0 + 18) ) ) ) )
1738 memcpy( p_user_key, p_sci1 + 1, 16 );
1739 REVERSE( p_sci1 + 1, 4 );
1740 WriteUserKey( p_drms, p_sci1 + 1 );
1747 i_sci_size -= 5 * sizeof(uint32_t);
1755 /*****************************************************************************
1756 * GetSCIData: get SCI data from "SC Info.sidb"
1757 *****************************************************************************
1758 * Read SCI data from "\Apple Computer\iTunes\SC Info\SC Info.sidb"
1759 *****************************************************************************/
1760 static int GetSCIData( char *psz_ipod, uint32_t **pp_sci,
1761 uint32_t *pi_sci_size )
1764 char *psz_path = NULL;
1765 char p_tmp[ PATH_MAX ];
1768 if( psz_ipod == NULL )
1771 char *p_filename = "\\Apple Computer\\iTunes\\SC Info\\SC Info.sidb";
1772 typedef HRESULT (WINAPI *SHGETFOLDERPATH)( HWND, int, HANDLE, DWORD,
1774 HINSTANCE shfolder_dll = NULL;
1775 SHGETFOLDERPATH dSHGetFolderPath = NULL;
1777 if( ( shfolder_dll = LoadLibrary( _T("SHFolder.dll") ) ) != NULL )
1780 (SHGETFOLDERPATH)GetProcAddress( shfolder_dll,
1781 _T("SHGetFolderPathA") );
1784 if( dSHGetFolderPath != NULL &&
1785 SUCCEEDED( dSHGetFolderPath( NULL, CSIDL_COMMON_APPDATA,
1786 NULL, 0, p_tmp ) ) )
1788 strncat( p_tmp, p_filename, min( strlen( p_filename ),
1789 (sizeof(p_tmp)/sizeof(p_tmp[0]) - 1) -
1790 strlen( p_tmp ) ) );
1794 if( shfolder_dll != NULL )
1796 FreeLibrary( shfolder_dll );
1802 #define ISCINFO "iSCInfo"
1803 if( strstr( psz_ipod, ISCINFO ) == NULL )
1805 snprintf( p_tmp, sizeof(p_tmp)/sizeof(p_tmp[0]) - 1,
1806 "%s/iPod_Control/iTunes/" ISCINFO "2", psz_ipod );
1811 psz_path = psz_ipod;
1815 if( psz_path == NULL )
1820 file = fopen( psz_path, "rb" );
1825 if( !fstat( fileno( file ), &st ) && st.st_size >= 4 )
1827 *pp_sci = malloc( st.st_size );
1828 if( *pp_sci != NULL )
1830 if( fread( *pp_sci, 1, st.st_size,
1831 file ) == (size_t)st.st_size )
1833 *pi_sci_size = st.st_size;
1838 free( (void *)*pp_sci );
1850 /*****************************************************************************
1851 * HashSystemInfo: hash system information
1852 *****************************************************************************
1853 * This function computes the MD5 hash of the C: hard drive serial number,
1854 * BIOS version, CPU type and Windows version.
1855 *****************************************************************************/
1856 static int HashSystemInfo( uint32_t *p_system_hash )
1868 static LPCTSTR p_reg_keys[ 3 ][ 2 ] =
1871 _T("HARDWARE\\DESCRIPTION\\System"),
1872 _T("SystemBiosVersion")
1876 _T("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"),
1877 _T("ProcessorNameString")
1881 _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion"),
1888 AddMD5( &md5, "cache-control", 13 );
1889 AddMD5( &md5, "Ethernet", 8 );
1891 GetVolumeInformation( _T("C:\\"), NULL, 0, &i_serial,
1892 NULL, NULL, NULL, 0 );
1893 AddMD5( &md5, (uint8_t *)&i_serial, 4 );
1895 for( i = 0; i < sizeof(p_reg_keys) / sizeof(p_reg_keys[ 0 ]); i++ )
1897 if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, p_reg_keys[ i ][ 0 ],
1898 0, KEY_READ, &i_key ) != ERROR_SUCCESS )
1903 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1904 NULL, NULL, NULL, &i_size ) != ERROR_SUCCESS )
1906 RegCloseKey( i_key );
1910 p_reg_buf = malloc( i_size );
1912 if( p_reg_buf != NULL )
1914 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1915 NULL, NULL, p_reg_buf,
1916 &i_size ) == ERROR_SUCCESS )
1918 AddMD5( &md5, (uint8_t *)p_reg_buf, i_size );
1924 RegCloseKey( i_key );
1933 memcpy( p_system_hash, md5.p_digest, 16 );
1938 /*****************************************************************************
1939 * GetiPodID: Get iPod ID
1940 *****************************************************************************
1941 * This function gets the iPod ID.
1942 *****************************************************************************/
1943 static int GetiPodID( int64_t *p_ipod_id )
1947 #define PROD_NAME "iPod"
1948 #define VENDOR_NAME "Apple Computer, Inc."
1950 char *psz_ipod_id = getenv( "IPODID" );
1951 if( psz_ipod_id != NULL )
1953 *p_ipod_id = strtoll( psz_ipod_id, NULL, 16 );
1961 io_iterator_t iterator;
1962 CFMutableDictionaryRef match_dic;
1963 CFMutableDictionaryRef smatch_dic;
1965 if( IOMasterPort( MACH_PORT_NULL, &port ) == KERN_SUCCESS )
1967 smatch_dic = IOServiceMatching( "IOFireWireUnit" );
1968 match_dic = CFDictionaryCreateMutable( kCFAllocatorDefault, 0,
1969 &kCFTypeDictionaryKeyCallBacks,
1970 &kCFTypeDictionaryValueCallBacks );
1972 if( smatch_dic != NULL && match_dic != NULL )
1974 CFDictionarySetValue( smatch_dic,
1975 CFSTR("FireWire Vendor Name"),
1976 CFSTR(VENDOR_NAME) );
1977 CFDictionarySetValue( smatch_dic,
1978 CFSTR("FireWire Product Name"),
1981 CFDictionarySetValue( match_dic,
1982 CFSTR(kIOPropertyMatchKey),
1985 if( IOServiceGetMatchingServices( port, match_dic,
1986 &iterator ) == KERN_SUCCESS )
1988 while( ( device = IOIteratorNext( iterator ) ) != NULL )
1990 value = IORegistryEntryCreateCFProperty( device,
1991 CFSTR("GUID"), kCFAllocatorDefault, kNilOptions );
1995 if( CFGetTypeID( value ) == CFNumberGetTypeID() )
1998 CFNumberGetValue( (CFNumberRef)value,
1999 kCFNumberLongLongType,
2001 *p_ipod_id = i_ipod_id;
2008 IOObjectRelease( device );
2013 IOObjectRelease( iterator );
2017 mach_port_deallocate( mach_task_self(), port );
2020 #elif HAVE_SYSFS_LIBSYSFS_H
2021 struct sysfs_bus *bus = NULL;
2022 struct dlist *devlist = NULL;
2023 struct dlist *attributes = NULL;
2024 struct sysfs_device *curdev = NULL;
2025 struct sysfs_attribute *curattr = NULL;
2027 bus = sysfs_open_bus( "ieee1394" );
2030 devlist = sysfs_get_bus_devices( bus );
2031 if( devlist != NULL )
2033 dlist_for_each_data( devlist, curdev, struct sysfs_device )
2035 attributes = sysfs_get_device_attributes( curdev );
2036 if( attributes != NULL )
2038 dlist_for_each_data( attributes, curattr,
2039 struct sysfs_attribute )
2041 if( ( strcmp( curattr->name, "model_name" ) == 0 ) &&
2042 ( strncmp( curattr->value, PROD_NAME,
2043 sizeof(PROD_NAME) ) == 0 ) )
2045 *p_ipod_id = strtoll( curdev->name, NULL, 16 );
2056 sysfs_close_bus( bus );
2063 #else /* !defined( UNDER_CE ) */
2065 void *drms_alloc( char *psz_homedir ){ return 0; }
2066 void drms_free( void *a ){}
2067 void drms_decrypt( void *a, uint32_t *b, uint32_t c ){}
2068 int drms_init( void *a, uint32_t b, uint8_t *c, uint32_t d ){ return -1; }
2070 #endif /* defined( UNDER_CE ) */