1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright (C) 2004 the VideoLAN team
7 * Authors: Jon Lech Johansen <jon-vl@nanocrew.net>
8 * Sam Hocevar <sam@zoy.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
23 *****************************************************************************/
25 #include <stdlib.h> /* malloc(), free() */
47 # if !defined( UNDER_CE )
55 #ifdef HAVE_SYS_STAT_H
56 # include <sys/stat.h>
58 #ifdef HAVE_SYS_TYPES_H
59 # include <sys/types.h>
62 /* In Solaris (and perhaps others) PATH_MAX is in limits.h. */
68 # include <mach/mach.h>
69 # include <IOKit/IOKitLib.h>
70 # include <CoreFoundation/CFNumber.h>
73 #ifdef HAVE_SYSFS_LIBSYSFS_H
74 # include <sysfs/libsysfs.h>
78 #include "drmstables.h"
80 #if !defined( UNDER_CE )
81 /*****************************************************************************
82 * aes_s: AES keys structure
83 *****************************************************************************
84 * This structure stores a set of keys usable for encryption and decryption
85 * with the AES/Rijndael algorithm.
86 *****************************************************************************/
89 uint32_t pp_enc_keys[ AES_KEY_COUNT + 1 ][ 4 ];
90 uint32_t pp_dec_keys[ AES_KEY_COUNT + 1 ][ 4 ];
94 # define Digest DigestMD5
96 /*****************************************************************************
97 * md5_s: MD5 message structure
98 *****************************************************************************
99 * This structure stores the static information needed to compute an MD5
100 * hash. It has an extra data buffer to allow non-aligned writes.
101 *****************************************************************************/
104 uint64_t i_bits; /* Total written bits */
105 uint32_t p_digest[4]; /* The MD5 digest */
106 uint32_t p_data[16]; /* Buffer to cache non-aligned writes */
110 /*****************************************************************************
111 * shuffle_s: shuffle structure
112 *****************************************************************************
113 * This structure stores the static information needed to shuffle data using
114 * a custom algorithm.
115 *****************************************************************************/
119 uint32_t p_commands[ 20 ];
120 uint32_t p_bordel[ 16 ];
123 #define SWAP( a, b ) { (a) ^= (b); (b) ^= (a); (a) ^= (b); }
125 /*****************************************************************************
126 * drms_s: DRMS structure
127 *****************************************************************************
128 * This structure stores the static information needed to decrypt DRMS data.
129 *****************************************************************************/
134 uint8_t p_iviv[ 16 ];
140 char psz_homedir[ PATH_MAX ];
143 /*****************************************************************************
145 *****************************************************************************/
146 static void InitAES ( struct aes_s *, uint32_t * );
147 static void DecryptAES ( struct aes_s *, uint32_t *, const uint32_t * );
150 static void InitMD5 ( struct md5_s * );
151 static void AddMD5 ( struct md5_s *, const uint8_t *, uint32_t );
152 static void EndMD5 ( struct md5_s * );
153 static void Digest ( struct md5_s *, uint32_t * );
156 static void InitShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
157 static void DoShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
159 static uint32_t FirstPass ( uint32_t * );
160 static void SecondPass ( uint32_t *, uint32_t );
161 static void ThirdPass ( uint32_t * );
162 static void FourthPass ( uint32_t * );
163 static void TinyShuffle1 ( uint32_t * );
164 static void TinyShuffle2 ( uint32_t * );
165 static void TinyShuffle3 ( uint32_t * );
166 static void TinyShuffle4 ( uint32_t * );
167 static void TinyShuffle5 ( uint32_t * );
168 static void TinyShuffle6 ( uint32_t * );
169 static void TinyShuffle7 ( uint32_t * );
170 static void TinyShuffle8 ( uint32_t * );
171 static void DoExtShuffle ( uint32_t * );
173 static int GetSystemKey ( uint32_t *, vlc_bool_t );
174 static int WriteUserKey ( void *, uint32_t * );
175 static int ReadUserKey ( void *, uint32_t * );
176 static int GetUserKey ( void *, uint32_t * );
178 static int GetSCIData ( char *, uint32_t **, uint32_t * );
179 static int HashSystemInfo ( uint32_t * );
180 static int GetiPodID ( int64_t * );
182 #ifdef WORDS_BIGENDIAN
183 /*****************************************************************************
184 * Reverse: reverse byte order
185 *****************************************************************************/
186 static inline void Reverse( uint32_t *p_buffer, int n )
190 for( i = 0; i < n; i++ )
192 p_buffer[ i ] = GetDWLE(&p_buffer[ i ]);
195 # define REVERSE( p, n ) Reverse( p, n )
197 # define REVERSE( p, n )
200 /*****************************************************************************
201 * BlockXOR: XOR two 128 bit blocks
202 *****************************************************************************/
203 static inline void BlockXOR( uint32_t *p_dest, uint32_t *p_s1, uint32_t *p_s2 )
207 for( i = 0; i < 4; i++ )
209 p_dest[ i ] = p_s1[ i ] ^ p_s2[ i ];
213 /*****************************************************************************
214 * drms_alloc: allocate a DRMS structure
215 *****************************************************************************/
216 void *drms_alloc( char *psz_homedir )
218 struct drms_s *p_drms;
220 p_drms = malloc( sizeof(struct drms_s) );
227 memset( p_drms, 0, sizeof(struct drms_s) );
229 strncpy( p_drms->psz_homedir, psz_homedir, PATH_MAX );
230 p_drms->psz_homedir[ PATH_MAX - 1 ] = '\0';
232 return (void *)p_drms;
235 /*****************************************************************************
236 * drms_free: free a previously allocated DRMS structure
237 *****************************************************************************/
238 void drms_free( void *_p_drms )
240 struct drms_s *p_drms = (struct drms_s *)_p_drms;
242 if( p_drms->p_name != NULL )
244 free( (void *)p_drms->p_name );
250 /*****************************************************************************
251 * drms_decrypt: unscramble a chunk of data
252 *****************************************************************************/
253 void drms_decrypt( void *_p_drms, uint32_t *p_buffer, uint32_t i_bytes )
255 struct drms_s *p_drms = (struct drms_s *)_p_drms;
257 unsigned int i_blocks;
259 /* AES is a block cypher, round down the byte count */
260 i_blocks = i_bytes / 16;
261 i_bytes = i_blocks * 16;
263 /* Initialise the key */
264 memcpy( p_key, p_drms->p_key, 16 );
271 REVERSE( p_buffer, 4 );
272 DecryptAES( &p_drms->aes, p_tmp, p_buffer );
273 BlockXOR( p_tmp, p_key, p_tmp );
275 /* Use the previous scrambled data as the key for next block */
276 memcpy( p_key, p_buffer, 16 );
278 /* Copy unscrambled data back to the buffer */
279 memcpy( p_buffer, p_tmp, 16 );
280 REVERSE( p_buffer, 4 );
286 /*****************************************************************************
287 * drms_init: initialise a DRMS structure
288 *****************************************************************************
292 * -2: invalid argument
293 * -3: could not get system key
294 * -4: could not get SCI data
295 * -5: no user key found in SCI data
296 * -6: invalid user key
297 *****************************************************************************/
298 int drms_init( void *_p_drms, uint32_t i_type,
299 uint8_t *p_info, uint32_t i_len )
301 struct drms_s *p_drms = (struct drms_s *)_p_drms;
307 if( i_len < sizeof(p_drms->i_user) )
313 p_drms->i_user = U32_AT( p_info );
317 if( i_len < sizeof(p_drms->i_key) )
323 p_drms->i_key = U32_AT( p_info );
327 if( i_len < sizeof(p_drms->p_key) )
333 memcpy( p_drms->p_iviv, p_info, 16 );
337 p_drms->p_name = (uint8_t*) strdup( (char *)p_info );
339 if( p_drms->p_name == NULL )
347 uint32_t p_priv[ 64 ];
357 AddMD5( &md5, p_drms->p_name, strlen( (char *)p_drms->p_name ) );
358 AddMD5( &md5, p_drms->p_iviv, 16 );
361 if( p_drms->i_user == 0 && p_drms->i_key == 0 )
363 static char const p_secret[] = "tr1-th3n.y00_by3";
364 memcpy( p_drms->p_key, p_secret, 16 );
365 REVERSE( p_drms->p_key, 4 );
369 i_ret = GetUserKey( p_drms, p_drms->p_key );
376 InitAES( &p_drms->aes, p_drms->p_key );
378 memcpy( p_priv, p_info, 64 );
379 memcpy( p_drms->p_key, md5.p_digest, 16 );
380 drms_decrypt( p_drms, p_priv, 64 );
381 REVERSE( p_priv, 64 );
383 if( p_priv[ 0 ] != 0x6e757469 ) /* itun */
389 InitAES( &p_drms->aes, p_priv + 6 );
390 memcpy( p_drms->p_key, p_priv + 12, 16 );
392 free( (void *)p_drms->p_name );
393 p_drms->p_name = NULL;
401 /* The following functions are local */
403 /*****************************************************************************
404 * InitAES: initialise AES/Rijndael encryption/decryption tables
405 *****************************************************************************
406 * The Advanced Encryption Standard (AES) is described in RFC 3268
407 *****************************************************************************/
408 static void InitAES( struct aes_s *p_aes, uint32_t *p_key )
411 uint32_t i_key, i_seed;
413 memset( p_aes->pp_enc_keys[1], 0, 16 );
414 memcpy( p_aes->pp_enc_keys[0], p_key, 16 );
416 /* Generate the key tables */
417 i_seed = p_aes->pp_enc_keys[ 0 ][ 3 ];
419 for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ )
423 i_seed = AES_ROR( i_seed, 8 );
425 j = p_aes_table[ i_key ];
427 j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ]
428 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 )
429 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 )
430 ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 );
432 j ^= p_aes->pp_enc_keys[ i_key ][ 0 ];
433 p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j;
434 j ^= p_aes->pp_enc_keys[ i_key ][ 1 ];
435 p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j;
436 j ^= p_aes->pp_enc_keys[ i_key ][ 2 ];
437 p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j;
438 j ^= p_aes->pp_enc_keys[ i_key ][ 3 ];
439 p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j;
444 memcpy( p_aes->pp_dec_keys[ 0 ],
445 p_aes->pp_enc_keys[ 0 ], 16 );
447 for( i = 1; i < AES_KEY_COUNT; i++ )
449 for( t = 0; t < 4; t++ )
451 uint32_t j, k, l, m, n;
453 j = p_aes->pp_enc_keys[ i ][ t ];
455 k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1);
456 l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1);
457 m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1);
461 n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 );
463 p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n;
468 /*****************************************************************************
469 * DecryptAES: decrypt an AES/Rijndael 128 bit block
470 *****************************************************************************/
471 static void DecryptAES( struct aes_s *p_aes,
472 uint32_t *p_dest, const uint32_t *p_src )
474 uint32_t p_wtxt[ 4 ]; /* Working cyphertext */
476 unsigned int i_round, t;
478 for( t = 0; t < 4; t++ )
480 /* FIXME: are there any endianness issues here? */
481 p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ];
485 for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ )
487 for( t = 0; t < 4; t++ )
489 p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt );
492 for( t = 0; t < 4; t++ )
494 p_wtxt[ t ] = p_tmp[ t ]
495 ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ];
499 /* Final round (9) */
500 for( t = 0; t < 4; t++ )
502 p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt );
503 p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ];
508 /*****************************************************************************
509 * InitMD5: initialise an MD5 message
510 *****************************************************************************
511 * The MD5 message-digest algorithm is described in RFC 1321
512 *****************************************************************************/
513 static void InitMD5( struct md5_s *p_md5 )
515 p_md5->p_digest[ 0 ] = 0x67452301;
516 p_md5->p_digest[ 1 ] = 0xefcdab89;
517 p_md5->p_digest[ 2 ] = 0x98badcfe;
518 p_md5->p_digest[ 3 ] = 0x10325476;
520 memset( p_md5->p_data, 0, 64 );
524 /*****************************************************************************
525 * AddMD5: add i_len bytes to an MD5 message
526 *****************************************************************************/
527 static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len )
529 unsigned int i_current; /* Current bytes in the spare buffer */
530 unsigned int i_offset = 0;
532 i_current = (p_md5->i_bits / 8) & 63;
534 p_md5->i_bits += 8 * i_len;
536 /* If we can complete our spare buffer to 64 bytes, do it and add the
537 * resulting buffer to the MD5 message */
538 if( i_len >= (64 - i_current) )
540 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src,
542 Digest( p_md5, p_md5->p_data );
544 i_offset += (64 - i_current);
545 i_len -= (64 - i_current);
549 /* Add as many entire 64 bytes blocks as we can to the MD5 message */
552 uint32_t p_tmp[ 16 ];
553 memcpy( p_tmp, p_src + i_offset, 64 );
554 Digest( p_md5, p_tmp );
559 /* Copy our remaining data to the message's spare buffer */
560 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );
563 /*****************************************************************************
564 * EndMD5: finish an MD5 message
565 *****************************************************************************
566 * This function adds adequate padding to the end of the message, and appends
567 * the bit count so that we end at a block boundary.
568 *****************************************************************************/
569 static void EndMD5( struct md5_s *p_md5 )
571 unsigned int i_current;
573 i_current = (p_md5->i_bits / 8) & 63;
575 /* Append 0x80 to our buffer. No boundary check because the temporary
576 * buffer cannot be full, otherwise AddMD5 would have emptied it. */
577 ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80;
579 /* If less than 8 bytes are available at the end of the block, complete
580 * this 64 bytes block with zeros and add it to the message. We'll add
581 * our length at the end of the next block. */
584 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) );
585 Digest( p_md5, p_md5->p_data );
589 /* Fill the unused space in our last block with zeroes and put the
590 * message length at the end. */
591 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) );
592 p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff;
593 p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32);
594 REVERSE( &p_md5->p_data[ 14 ], 2 );
596 Digest( p_md5, p_md5->p_data );
599 #define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))
600 #define F2( x, y, z ) F1((z), (x), (y))
601 #define F3( x, y, z ) ((x) ^ (y) ^ (z))
602 #define F4( x, y, z ) ((y) ^ ((x) | ~(z)))
604 #define MD5_DO( f, w, x, y, z, data, s ) \
605 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
607 /*****************************************************************************
608 * Digest: update the MD5 digest with 64 bytes of data
609 *****************************************************************************/
610 static void Digest( struct md5_s *p_md5, uint32_t *p_input )
614 REVERSE( p_input, 16 );
616 a = p_md5->p_digest[ 0 ];
617 b = p_md5->p_digest[ 1 ];
618 c = p_md5->p_digest[ 2 ];
619 d = p_md5->p_digest[ 3 ];
621 MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 );
622 MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 );
623 MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 );
624 MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 );
625 MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 );
626 MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 );
627 MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 );
628 MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 );
629 MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 );
630 MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 );
631 MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 );
632 MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 );
633 MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 );
634 MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 );
635 MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 );
636 MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 );
638 MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 );
639 MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 );
640 MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 );
641 MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 );
642 MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 );
643 MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 );
644 MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 );
645 MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 );
646 MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 );
647 MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 );
648 MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 );
649 MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 );
650 MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 );
651 MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 );
652 MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 );
653 MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 );
655 MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 );
656 MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 );
657 MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 );
658 MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 );
659 MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 );
660 MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 );
661 MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 );
662 MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 );
663 MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 );
664 MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 );
665 MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 );
666 MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 );
667 MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 );
668 MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 );
669 MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 );
670 MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 );
672 MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 );
673 MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 );
674 MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 );
675 MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 );
676 MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 );
677 MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 );
678 MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 );
679 MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 );
680 MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 );
681 MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 );
682 MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 );
683 MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 );
684 MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 );
685 MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 );
686 MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 );
687 MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 );
689 p_md5->p_digest[ 0 ] += a;
690 p_md5->p_digest[ 1 ] += b;
691 p_md5->p_digest[ 2 ] += c;
692 p_md5->p_digest[ 3 ] += d;
696 /*****************************************************************************
697 * InitShuffle: initialise a shuffle structure
698 *****************************************************************************
699 * This function initialises tables in the p_shuffle structure that will be
700 * used later by DoShuffle. The only external parameter is p_sys_key.
701 *****************************************************************************/
702 static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key,
705 char p_secret1[] = "Tv!*";
706 static char const p_secret2[] = "____v8rhvsaAvOKM____FfUH%798=[;."
707 "____f8677680a634____ba87fnOIf)(*";
710 p_shuffle->i_version = i_version;
712 /* Fill p_commands using the key and a secret seed */
713 for( i = 0; i < 20; i++ )
719 AddMD5( &md5, (const uint8_t *)p_sys_key, 16 );
720 AddMD5( &md5, (const uint8_t *)p_secret1, 4 );
725 REVERSE( md5.p_digest, 1 );
726 i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024;
728 p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash;
731 /* Fill p_bordel with completely meaningless initial values. */
732 memcpy( p_shuffle->p_bordel, p_secret2, 64 );
733 for( i = 0; i < 4; i++ )
735 p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i);
736 REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 );
740 /*****************************************************************************
741 * DoShuffle: shuffle buffer
742 *****************************************************************************
743 * This is so ugly and uses so many MD5 checksums that it is most certainly
744 * one-way, though why it needs to be so complicated is beyond me.
745 *****************************************************************************/
746 static void DoShuffle( struct shuffle_s *p_shuffle,
747 uint32_t *p_buffer, uint32_t i_size )
750 uint32_t p_big_bordel[ 16 ];
751 uint32_t *p_bordel = p_shuffle->p_bordel;
754 static uint32_t i_secret = 0;
756 static uint32_t p_secret3[] =
758 0xAAAAAAAA, 0x01757700, 0x00554580, 0x01724500, 0x00424580,
759 0x01427700, 0x00000080, 0xC1D59D01, 0x80144981, 0x815C8901,
760 0x80544981, 0x81D45D01, 0x00000080, 0x81A3BB03, 0x00A2AA82,
761 0x01A3BB03, 0x0022A282, 0x813BA202, 0x00000080, 0x6D575737,
762 0x4A5275A5, 0x6D525725, 0x4A5254A5, 0x6B725437, 0x00000080,
763 0xD5DDB938, 0x5455A092, 0x5D95A013, 0x4415A192, 0xC5DD393A,
764 0x00000080, 0x55555555
767 static char p_secret4[] =
768 "pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq.";
772 REVERSE( p_secret3, sizeof(p_secret3)/sizeof(p_secret3[ 0 ]) );
773 for( ; p_secret4[ i_secret ] != '\0'; i_secret++ )
775 #define ROT13(c) (((c)>='A'&&(c)<='Z')?(((c)-'A'+13)%26)+'A':\
776 ((c)>='a'&&(c)<='z')?(((c)-'a'+13)%26)+'a':c)
777 p_secret4[ i_secret ] = ROT13(p_secret4[ i_secret ]);
779 i_secret++; /* include zero terminator */
782 /* Using the MD5 hash of a memory block is probably not one-way enough
783 * for the iTunes people. This function randomises p_bordel depending on
784 * the values in p_commands to make things even more messy in p_bordel. */
785 for( i = 0; i < 20; i++ )
787 uint8_t i_command, i_index;
789 if( !p_shuffle->p_commands[ i ] )
794 i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8;
795 i_index = p_shuffle->p_commands[ i ] & 0xff;
800 p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ]
801 + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ];
804 p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ];
807 p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ];
810 p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ];
815 if( p_shuffle->i_version == 0x01000300 )
817 DoExtShuffle( p_bordel );
820 /* Convert our newly randomised p_bordel to big endianness and take
823 for( i = 0; i < 16; i++ )
825 p_big_bordel[ i ] = U32_AT(p_bordel + i);
827 AddMD5( &md5, (const uint8_t *)p_big_bordel, 64 );
828 if( p_shuffle->i_version == 0x01000300 )
830 AddMD5( &md5, (const uint8_t *)p_secret3, sizeof(p_secret3) );
831 AddMD5( &md5, (const uint8_t *)p_secret4, i_secret );
835 /* XOR our buffer with the computed checksum */
836 for( i = 0; i < i_size; i++ )
838 p_buffer[ i ] ^= md5.p_digest[ i ];
842 /*****************************************************************************
843 * DoExtShuffle: extended shuffle
844 *****************************************************************************
845 * This is even uglier.
846 *****************************************************************************/
847 static void DoExtShuffle( uint32_t * p_bordel )
851 i_ret = FirstPass( p_bordel );
853 SecondPass( p_bordel, i_ret );
855 ThirdPass( p_bordel );
857 FourthPass( p_bordel );
860 static uint32_t FirstPass( uint32_t * p_bordel )
862 uint32_t i, i_cmd, i_ret = 5;
864 TinyShuffle1( p_bordel );
870 p_bordel[ 1 ] += 0x10000000;
871 p_bordel[ 3 ] += 0x12777;
873 if( (p_bordel[ 10 ] & 1) && i_ret )
876 p_bordel[ 1 ] -= p_bordel[ 2 ];
877 p_bordel[ 11 ] += p_bordel[ 12 ];
881 if( (p_bordel[ 1 ] + p_bordel[ 2 ]) >= 0x7D0 )
883 switch( ((p_bordel[ 3 ] ^ 0x567F) >> 2) & 7 )
886 for( i = 0; i < 3; i++ )
888 if( p_bordel[ i + 10 ] > 0x4E20 )
890 p_bordel[ i + 1 ] += p_bordel[ i + 2 ];
895 p_bordel[ 1 ] -= p_bordel[ 2 ];
898 p_bordel[ 11 ] += p_bordel[ 12 ];
901 p_bordel[ 3 ] ^= p_bordel[ 4 ];
904 p_bordel[ 13 ] &= p_bordel[ 14 ];
907 p_bordel[ 0 ] |= p_bordel[ 1 ];
919 for( i = 0, i_cmd = 0; i < 16; i++ )
921 if( p_bordel[ i ] < p_bordel[ i_cmd ] )
927 if( i_ret && i_cmd != 5 )
935 p_bordel[ 8 ] &= p_bordel[ 6 ] >> 1;
939 for( i = 0; i < 3; i++ )
942 if( p_bordel[ 11 ] & 5 )
944 p_bordel[ 8 ] += p_bordel[ 9 ];
954 i_cmd = (p_bordel[ 15 ] + 0x93) >> 3;
955 if( p_bordel[ 15 ] & 0x100 )
964 while( p_bordel[ 11 ] & 1 )
966 p_bordel[ 11 ] >>= 1;
971 p_bordel[ 14 ] -= 0x19FE;
983 i_cmd = ((p_bordel[ 3 ] + p_bordel[ 4 ] + 10) >> 1) - p_bordel[ 4 ];
991 p_bordel[ 14 ] >>= 1;
1000 p_bordel[ 15 ] &= 0x55;
1003 p_bordel[ 2 ] &= 0xB62FC;
1009 TinyShuffle2( p_bordel );
1014 static void SecondPass( uint32_t * p_bordel, uint32_t i_tmp )
1016 uint32_t i, i_cmd, i_jc = 5;
1018 TinyShuffle3( p_bordel );
1020 for( i = 0, i_cmd = 0; i < 16; i++ )
1022 if( p_bordel[ i ] > p_bordel[ i_cmd ] )
1031 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1037 if( (p_bordel[ 9 ] & 0x7777) == 0x3333 )
1044 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1053 p_bordel[ 1 ] -= p_bordel[ 5 ];
1054 for( i = 0; i < 3; i++ )
1056 switch( p_bordel[ 1 ] & 3 )
1065 p_bordel[ 13 ] &= 0xFEFEFEF7;
1068 p_bordel[ 8 ] |= 0x80080011;
1080 p_bordel[ 15 ] ^= 0x18547EFF;
1086 switch( ( p_bordel[ 12 ] + p_bordel[ 13 ] + p_bordel[ 6 ] ) % 5 )
1089 p_bordel[ 12 ] -= 1;
1092 p_bordel[ 12 ] -= 1;
1093 p_bordel[ 13 ] += 1;
1096 p_bordel[ 13 ] += 4;
1099 p_bordel[ 12 ] -= 1;
1106 i = 3; /* Restart the whole loop */
1111 TinyShuffle4( p_bordel );
1115 TinyShuffle5( p_bordel );
1117 switch( ( p_bordel[ 2 ] * 2 + 15 ) % 5 )
1120 if( ( p_bordel[ 3 ] + i_tmp ) <=
1121 ( p_bordel[ 1 ] + p_bordel[ 15 ] ) )
1127 p_bordel[ 10 ] -= 0x13;
1130 p_bordel[ 5 ] >>= 2;
1134 if( !( p_bordel[ 2 ] & 1 ) || i_jc == 0 )
1140 p_bordel[ 2 ] += 0x13;
1141 p_bordel[ 12 ] += 1;
1144 p_bordel[ 2 ] &= 0x10076000;
1147 static void ThirdPass( uint32_t * p_bordel )
1151 i_cmd = ((p_bordel[ 7 ] + p_bordel[ 14 ] + 10) >> 1) - p_bordel[ 14 ];
1157 p_bordel[ 1 ] <<= 1;
1158 p_bordel[ 2 ] <<= 2;
1159 p_bordel[ 3 ] <<= 3;
1162 p_bordel[ i_cmd + 3 ] &= 0x5EDE36B;
1163 p_bordel[ 5 ] += p_bordel[ 8 ];
1164 p_bordel[ 4 ] += p_bordel[ 7 ];
1165 p_bordel[ 3 ] += p_bordel[ 6 ];
1166 p_bordel[ 2 ] += p_bordel[ 5 ];
1169 p_bordel[ 1 ] += p_bordel[ 4 ];
1170 p_bordel[ 0 ] += p_bordel[ 3 ];
1171 TinyShuffle6( p_bordel );
1172 return; /* jc = 4 */
1174 if( (p_bordel[ 11 ] & p_bordel[ 2 ]) > 0x211B )
1183 p_bordel[ 9 ] ^= p_bordel[ 2 ];
1186 p_bordel[ 2 ] ^= (p_bordel[ 1 ] & p_bordel[ 13 ]);
1189 p_bordel[ 0 ] -= p_bordel[ 11 ] & p_bordel[ 15 ];
1190 return; /* jc = 4 */
1192 p_bordel[ 6 ] >>= (p_bordel[ 14 ] & 3);
1196 SWAP( p_bordel[ 0 ], p_bordel[ 10 ] );
1198 TinyShuffle6( p_bordel );
1200 return; /* jc = 5 */
1203 static void FourthPass( uint32_t * p_bordel )
1207 TinyShuffle7( p_bordel );
1209 switch( p_bordel[ 5 ] % 5)
1215 p_bordel[ 11 ] ^= (p_bordel[ 3 ] + p_bordel[ 6 ] + p_bordel[ 8 ]);
1218 for( i = 4; i < 15 && (p_bordel[ i ] & 5) == 0; i++ )
1220 SWAP( p_bordel[ i ], p_bordel[ 15 - i ] );
1224 p_bordel[ 12 ] -= 1;
1225 p_bordel[ 13 ] += 1;
1226 p_bordel[ 2 ] -= 0x64;
1227 p_bordel[ 3 ] += 0x64;
1228 TinyShuffle8( p_bordel );
1232 for( i = 0, j = 0; i < 16; i++ )
1234 if( p_bordel[ i ] > p_bordel[ j ] )
1240 switch( p_bordel[ j ] % 100 )
1243 SWAP( p_bordel[ 0 ], p_bordel[ j ] );
1246 p_bordel[ 1 ] >>= 1;
1247 p_bordel[ 2 ] <<= 1;
1248 p_bordel[ 14 ] >>= 3;
1249 p_bordel[ 15 ] <<= 4;
1252 p_bordel[ j ] += p_bordel[ 13 ];
1255 p_bordel[ 1 ] += 0x20E;
1256 p_bordel[ 5 ] += 0x223D;
1257 p_bordel[ 13 ] -= 0x576;
1258 p_bordel[ 15 ] += 0x576;
1261 p_bordel[ 2 ] -= 0x64;
1262 p_bordel[ 3 ] += 0x64;
1263 p_bordel[ 12 ] -= 1;
1264 p_bordel[ 13 ] += 1;
1268 p_bordel[ j ] += p_bordel[ 13 ];
1272 TinyShuffle8( p_bordel );
1275 /*****************************************************************************
1276 * TinyShuffle[12345678]: tiny shuffle subroutines
1277 *****************************************************************************
1278 * These standalone functions are little helpers for the shuffling process.
1279 *****************************************************************************/
1280 static void TinyShuffle1( uint32_t * p_bordel )
1282 uint32_t i_cmd = (p_bordel[ 5 ] + 10) >> 2;
1284 if( p_bordel[ 5 ] > 0x7D0 )
1298 if( p_bordel[ 4 ] & 5 )
1300 p_bordel[ 1 ] ^= 0x4D;
1304 p_bordel[ 12 ] += 5;
1309 static void TinyShuffle2( uint32_t * p_bordel )
1313 for( i = 0, j = 0; i < 16; i++ )
1315 if( (p_bordel[ i ] & 0x777) > (p_bordel[ j ] & 0x777) )
1323 for( ; j < 15; j++ )
1325 p_bordel[ j ] += p_bordel[ j + 1 ];
1330 p_bordel[ 2 ] &= 0xB62FC;
1334 static void TinyShuffle3( uint32_t * p_bordel )
1336 uint32_t i_cmd = p_bordel[ 6 ] + 0x194B;
1338 if( p_bordel[ 6 ] > 0x2710 )
1346 p_bordel[ 3 ] += 0x19FE;
1349 p_bordel[ 7 ] -= p_bordel[ 3 ] >> 2;
1352 p_bordel[ 5 ] ^= 0x248A;
1357 static void TinyShuffle4( uint32_t * p_bordel )
1361 for( i = 0, j = 0; i < 16; i++ )
1363 if( p_bordel[ i ] < p_bordel[ j ] )
1369 if( (p_bordel[ j ] % (j + 1)) > 10 )
1372 p_bordel[ 2 ] += 0x13;
1373 p_bordel[ 12 ] += 1;
1377 static void TinyShuffle5( uint32_t * p_bordel )
1381 p_bordel[ 2 ] &= 0x7F3F;
1383 for( i = 0; i < 5; i++ )
1385 switch( ( p_bordel[ 2 ] + 10 + i ) % 5 )
1388 p_bordel[ 12 ] &= p_bordel[ 2 ];
1391 p_bordel[ 3 ] ^= p_bordel[ 15 ];
1394 p_bordel[ 15 ] += 0x576;
1397 p_bordel[ 7 ] -= 0x2D;
1400 p_bordel[ 1 ] <<= 1;
1406 static void TinyShuffle6( uint32_t * p_bordel )
1410 for( i = 0; i < 8; i++ )
1412 j = p_bordel[ 3 ] & 0x7514 ? 5 : 7;
1413 SWAP( p_bordel[ i ], p_bordel[ i + j ] );
1417 static void TinyShuffle7( uint32_t * p_bordel )
1421 i = (((p_bordel[ 9 ] + p_bordel[ 15 ] + 12) >> 2) - p_bordel[ 4 ]) & 7;
1425 SWAP( p_bordel[ i ], p_bordel[ i + 3 ] );
1428 SWAP( p_bordel[ 1 ], p_bordel[ 10 ] );
1431 static void TinyShuffle8( uint32_t * p_bordel )
1435 i = (p_bordel[ 0 ] & p_bordel[ 6 ]) & 0xF;
1437 switch( p_bordel[ i ] % 1000 )
1440 if( (p_bordel[ i ] & 0x777) > (p_bordel[ 7 ] & 0x5555) )
1442 p_bordel[ i ] ^= p_bordel[ 5 ] & p_bordel[ 3 ];
1446 p_bordel[ 15 ] &= 0x5555;
1449 p_bordel[ i ] ^= p_bordel[ 15 ];
1452 SWAP( p_bordel[ 0 ], p_bordel[ 3 ] );
1453 SWAP( p_bordel[ 1 ], p_bordel[ 6 ] );
1454 SWAP( p_bordel[ 3 ], p_bordel[ 6 ] );
1455 SWAP( p_bordel[ 4 ], p_bordel[ 9 ] );
1456 SWAP( p_bordel[ 5 ], p_bordel[ 8 ] );
1457 SWAP( p_bordel[ 6 ], p_bordel[ 7 ] );
1458 SWAP( p_bordel[ 13 ], p_bordel[ 14 ] );
1461 p_bordel[ i ] += p_bordel[ 1 ] ^ 0x80080011;
1462 p_bordel[ i ] += p_bordel[ 2 ] ^ 0xBEEFDEAD;
1463 p_bordel[ i ] += p_bordel[ 3 ] ^ 0x8765F444;
1464 p_bordel[ i ] += p_bordel[ 4 ] ^ 0x78145326;
1467 p_bordel[ 12 ] -= p_bordel[ i ];
1468 p_bordel[ 13 ] += p_bordel[ i ];
1471 p_bordel[ i ] += p_bordel[ 1 ];
1472 p_bordel[ i ] -= p_bordel[ 7 ];
1473 p_bordel[ i ] -= p_bordel[ 8 ];
1474 p_bordel[ i ] += p_bordel[ 9 ];
1475 p_bordel[ i ] += p_bordel[ 13 ];
1479 p_bordel[ i + 1 ] >>= 1;
1480 p_bordel[ i + 2 ] <<= 4;
1481 p_bordel[ i + 3 ] >>= 3;
1484 p_bordel[ 1 ] += 0x20E;
1485 p_bordel[ 5 ] += 0x223D;
1486 p_bordel[ 13 ] -= 0x576;
1487 p_bordel[ 15 ] += 0x576;
1490 if( (p_bordel[ i ] ^ 0x8765F441) < 0x2710 )
1492 SWAP( p_bordel[ 0 ], p_bordel[ 1 ] );
1496 SWAP( p_bordel[ 1 ], p_bordel[ 11 ] );
1502 /*****************************************************************************
1503 * GetSystemKey: get the system key
1504 *****************************************************************************
1505 * Compute the system key from various system information, see HashSystemInfo.
1506 *****************************************************************************/
1507 static int GetSystemKey( uint32_t *p_sys_key, vlc_bool_t b_ipod )
1509 static char const p_secret5[ 8 ] = "YuaFlafu";
1510 static char const p_secret6[ 8 ] = "zPif98ga";
1513 uint32_t p_system_hash[ 4 ];
1515 /* Compute the MD5 hash of our system info */
1516 if( ( !b_ipod && HashSystemInfo( p_system_hash ) ) ||
1517 ( b_ipod && GetiPodID( &i_ipod_id ) ) )
1522 /* Combine our system info hash with additional secret data. The resulting
1523 * MD5 hash will be our system key. */
1525 AddMD5( &md5, (const uint8_t*)p_secret5, 8 );
1529 AddMD5( &md5, (const uint8_t *)p_system_hash, 6 );
1530 AddMD5( &md5, (const uint8_t *)p_system_hash, 6 );
1531 AddMD5( &md5, (const uint8_t *)p_system_hash, 6 );
1532 AddMD5( &md5, (const uint8_t *)p_secret6, 8 );
1536 i_ipod_id = U64_AT(&i_ipod_id);
1537 AddMD5( &md5, (const uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1538 AddMD5( &md5, (const uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1539 AddMD5( &md5, (const uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1544 memcpy( p_sys_key, md5.p_digest, 16 );
1550 # define DRMS_DIRNAME "drms"
1552 # define DRMS_DIRNAME ".drms"
1555 /*****************************************************************************
1556 * WriteUserKey: write the user key to hard disk
1557 *****************************************************************************
1558 * Write the user key to the hard disk so that it can be reused later or used
1559 * on operating systems other than Win32.
1560 *****************************************************************************/
1561 static int WriteUserKey( void *_p_drms, uint32_t *p_user_key )
1563 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1566 char psz_path[ PATH_MAX ];
1568 snprintf( psz_path, PATH_MAX - 1,
1569 "%s/" DRMS_DIRNAME, p_drms->psz_homedir );
1571 #if defined( HAVE_ERRNO_H )
1572 # if defined( WIN32 )
1573 if( !mkdir( psz_path ) || errno == EEXIST )
1575 if( !mkdir( psz_path, 0755 ) || errno == EEXIST )
1578 if( !mkdir( psz_path ) )
1581 snprintf( psz_path, PATH_MAX - 1, "%s/" DRMS_DIRNAME "/%08X.%03d",
1582 p_drms->psz_homedir, p_drms->i_user, p_drms->i_key );
1584 file = utf8_fopen( psz_path, "wb" );
1587 i_ret = fwrite( p_user_key, sizeof(uint32_t),
1588 4, file ) == 4 ? 0 : -1;
1596 /*****************************************************************************
1597 * ReadUserKey: read the user key from hard disk
1598 *****************************************************************************
1599 * Retrieve the user key from the hard disk if available.
1600 *****************************************************************************/
1601 static int ReadUserKey( void *_p_drms, uint32_t *p_user_key )
1603 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1606 char psz_path[ PATH_MAX ];
1608 snprintf( psz_path, PATH_MAX - 1,
1609 "%s/" DRMS_DIRNAME "/%08X.%03d", p_drms->psz_homedir,
1610 p_drms->i_user, p_drms->i_key );
1612 file = utf8_fopen( psz_path, "rb" );
1615 i_ret = fread( p_user_key, sizeof(uint32_t),
1616 4, file ) == 4 ? 0 : -1;
1623 /*****************************************************************************
1624 * GetUserKey: get the user key
1625 *****************************************************************************
1626 * Retrieve the user key from the hard disk if available, otherwise generate
1627 * it from the system key. If the key could be successfully generated, write
1628 * it to the hard disk for future use.
1629 *****************************************************************************/
1630 static int GetUserKey( void *_p_drms, uint32_t *p_user_key )
1632 static char const p_secret7[] = "mUfnpognadfgf873";
1633 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1635 struct shuffle_s shuffle;
1637 uint32_t *p_sci_data = NULL;
1638 uint32_t i_user, i_key;
1639 uint32_t p_sys_key[ 4 ];
1640 uint32_t i_sci_size = 0, i_blocks, i_remaining;
1641 uint32_t *p_sci0, *p_sci1, *p_buffer;
1642 uint32_t p_sci_key[ 4 ];
1646 if( ReadUserKey( p_drms, p_user_key ) == 0 )
1648 REVERSE( p_user_key, 4 );
1652 psz_ipod = getenv( "IPOD" );
1654 if( GetSystemKey( p_sys_key, psz_ipod ? VLC_TRUE : VLC_FALSE ) )
1659 if( GetSCIData( psz_ipod, &p_sci_data, &i_sci_size ) )
1664 /* Phase 1: unscramble the SCI data using the system key and shuffle
1665 * it using DoShuffle(). */
1667 /* Skip the first 4 bytes (some sort of header). Decrypt the rest. */
1668 i_blocks = (i_sci_size - 4) / 16;
1669 i_remaining = (i_sci_size - 4) - (i_blocks * 16);
1670 p_buffer = p_sci_data + 1;
1672 /* Decrypt and shuffle our data at the same time */
1673 InitAES( &aes, p_sys_key );
1674 REVERSE( p_sys_key, 4 );
1675 REVERSE( p_sci_data, 1 );
1676 InitShuffle( &shuffle, p_sys_key, p_sci_data[ 0 ] );
1678 memcpy( p_sci_key, p_secret7, 16 );
1679 REVERSE( p_sci_key, 4 );
1683 uint32_t p_tmp[ 4 ];
1685 REVERSE( p_buffer, 4 );
1686 DecryptAES( &aes, p_tmp, p_buffer );
1687 BlockXOR( p_tmp, p_sci_key, p_tmp );
1689 /* Use the previous scrambled data as the key for next block */
1690 memcpy( p_sci_key, p_buffer, 16 );
1692 /* Shuffle the decrypted data using a custom routine */
1693 DoShuffle( &shuffle, p_tmp, 4 );
1695 /* Copy this block back to p_buffer */
1696 memcpy( p_buffer, p_tmp, 16 );
1701 if( i_remaining >= 4 )
1703 REVERSE( p_buffer, i_remaining / 4 );
1704 DoShuffle( &shuffle, p_buffer, i_remaining / 4 );
1707 /* Phase 2: look for the user key in the generated data. I must admit I
1708 * do not understand what is going on here, because it almost
1709 * looks like we are browsing data that makes sense, even though
1710 * the DoShuffle() part made it completely meaningless. */
1713 REVERSE( p_sci_data + 5, 1 );
1714 i = U32_AT( p_sci_data + 5 );
1715 i_sci_size -= 22 * sizeof(uint32_t);
1716 p_sci1 = p_sci_data + 22;
1719 while( i_sci_size >= 20 && i > 0 )
1721 if( p_sci0 == NULL )
1723 i_sci_size -= 18 * sizeof(uint32_t);
1724 if( i_sci_size < 20 )
1730 REVERSE( p_sci1 + 17, 1 );
1731 y = U32_AT( p_sci1 + 17 );
1742 i_user = U32_AT( p_sci0 );
1743 i_key = U32_AT( p_sci1 );
1744 REVERSE( &i_user, 1 );
1745 REVERSE( &i_key, 1 );
1746 if( i_user == p_drms->i_user && ( ( i_key == p_drms->i_key ) ||
1747 ( !p_drms->i_key && ( p_sci1 == (p_sci0 + 18) ) ) ) )
1749 memcpy( p_user_key, p_sci1 + 1, 16 );
1750 REVERSE( p_sci1 + 1, 4 );
1751 WriteUserKey( p_drms, p_sci1 + 1 );
1758 i_sci_size -= 5 * sizeof(uint32_t);
1766 /*****************************************************************************
1767 * GetSCIData: get SCI data from "SC Info.sidb"
1768 *****************************************************************************
1769 * Read SCI data from "\Apple Computer\iTunes\SC Info\SC Info.sidb"
1770 *****************************************************************************/
1771 static int GetSCIData( char *psz_ipod, uint32_t **pp_sci,
1772 uint32_t *pi_sci_size )
1775 char *psz_path = NULL;
1776 char p_tmp[ 4 * PATH_MAX ];
1779 if( psz_ipod == NULL )
1782 char *p_filename = "\\Apple Computer\\iTunes\\SC Info\\SC Info.sidb";
1783 typedef HRESULT (WINAPI *SHGETFOLDERPATH)( HWND, int, HANDLE, DWORD,
1785 HINSTANCE shfolder_dll = NULL;
1786 SHGETFOLDERPATH dSHGetFolderPath = NULL;
1788 if( ( shfolder_dll = LoadLibrary( _T("SHFolder.dll") ) ) != NULL )
1791 (SHGETFOLDERPATH)GetProcAddress( shfolder_dll,
1792 _T("SHGetFolderPathA") );
1795 if( dSHGetFolderPath != NULL &&
1796 SUCCEEDED( dSHGetFolderPath( NULL, CSIDL_COMMON_APPDATA,
1797 NULL, 0, p_tmp ) ) )
1799 strncat( p_tmp, p_filename, min( strlen( p_filename ),
1800 (sizeof(p_tmp) - 1) - strlen( p_tmp ) ) );
1802 psz_path = FromLocale( p_tmp );
1803 strncpy( p_tmp, psz_path, sizeof( p_tmp ) - 1 );
1804 p_tmp[sizeof( p_tmp ) - 1] = '\0';
1805 LocaleFree( psz_path );
1809 if( shfolder_dll != NULL )
1811 FreeLibrary( shfolder_dll );
1817 #define ISCINFO "iSCInfo"
1818 if( strstr( psz_ipod, ISCINFO ) == NULL )
1820 snprintf( p_tmp, sizeof(p_tmp) - 1,
1821 "%s/iPod_Control/iTunes/" ISCINFO "2", psz_ipod );
1826 psz_path = psz_ipod;
1830 if( psz_path == NULL )
1835 file = utf8_fopen( psz_path, "rb" );
1840 if( !fstat( fileno( file ), &st ) && st.st_size >= 4 )
1842 *pp_sci = malloc( st.st_size );
1843 if( *pp_sci != NULL )
1845 if( fread( *pp_sci, 1, st.st_size,
1846 file ) == (size_t)st.st_size )
1848 *pi_sci_size = st.st_size;
1853 free( (void *)*pp_sci );
1865 /*****************************************************************************
1866 * HashSystemInfo: hash system information
1867 *****************************************************************************
1868 * This function computes the MD5 hash of the C: hard drive serial number,
1869 * BIOS version, CPU type and Windows version.
1870 *****************************************************************************/
1871 static int HashSystemInfo( uint32_t *p_system_hash )
1883 static LPCTSTR p_reg_keys[ 3 ][ 2 ] =
1886 _T("HARDWARE\\DESCRIPTION\\System"),
1887 _T("SystemBiosVersion")
1891 _T("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"),
1892 _T("ProcessorNameString")
1896 _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion"),
1903 AddMD5( &md5, "cache-control", 13 );
1904 AddMD5( &md5, "Ethernet", 8 );
1906 GetVolumeInformation( _T("C:\\"), NULL, 0, &i_serial,
1907 NULL, NULL, NULL, 0 );
1908 AddMD5( &md5, (const uint8_t *)&i_serial, 4 );
1910 for( i = 0; i < sizeof(p_reg_keys) / sizeof(p_reg_keys[ 0 ]); i++ )
1912 if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, p_reg_keys[ i ][ 0 ],
1913 0, KEY_READ, &i_key ) != ERROR_SUCCESS )
1918 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1919 NULL, NULL, NULL, &i_size ) != ERROR_SUCCESS )
1921 RegCloseKey( i_key );
1925 p_reg_buf = malloc( i_size );
1927 if( p_reg_buf != NULL )
1929 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1930 NULL, NULL, p_reg_buf,
1931 &i_size ) == ERROR_SUCCESS )
1933 AddMD5( &md5, (const uint8_t *)p_reg_buf, i_size );
1939 RegCloseKey( i_key );
1948 memcpy( p_system_hash, md5.p_digest, 16 );
1953 /*****************************************************************************
1954 * GetiPodID: Get iPod ID
1955 *****************************************************************************
1956 * This function gets the iPod ID.
1957 *****************************************************************************/
1958 static int GetiPodID( int64_t *p_ipod_id )
1962 #define PROD_NAME "iPod"
1963 #define VENDOR_NAME "Apple Computer, Inc."
1965 char *psz_ipod_id = getenv( "IPODID" );
1966 if( psz_ipod_id != NULL )
1968 *p_ipod_id = strtoll( psz_ipod_id, NULL, 16 );
1976 io_iterator_t iterator;
1977 CFMutableDictionaryRef match_dic;
1978 CFMutableDictionaryRef smatch_dic;
1980 if( IOMasterPort( MACH_PORT_NULL, &port ) == KERN_SUCCESS )
1982 smatch_dic = IOServiceMatching( "IOFireWireUnit" );
1983 match_dic = CFDictionaryCreateMutable( kCFAllocatorDefault, 0,
1984 &kCFTypeDictionaryKeyCallBacks,
1985 &kCFTypeDictionaryValueCallBacks );
1987 if( smatch_dic != NULL && match_dic != NULL )
1989 CFDictionarySetValue( smatch_dic,
1990 CFSTR("FireWire Vendor Name"),
1991 CFSTR(VENDOR_NAME) );
1992 CFDictionarySetValue( smatch_dic,
1993 CFSTR("FireWire Product Name"),
1996 CFDictionarySetValue( match_dic,
1997 CFSTR(kIOPropertyMatchKey),
2000 if( IOServiceGetMatchingServices( port, match_dic,
2001 &iterator ) == KERN_SUCCESS )
2003 while( ( device = IOIteratorNext( iterator ) ) != NULL )
2005 value = IORegistryEntryCreateCFProperty( device,
2006 CFSTR("GUID"), kCFAllocatorDefault, kNilOptions );
2010 if( CFGetTypeID( value ) == CFNumberGetTypeID() )
2013 CFNumberGetValue( (CFNumberRef)value,
2014 kCFNumberLongLongType,
2016 *p_ipod_id = i_ipod_id;
2023 IOObjectRelease( device );
2028 IOObjectRelease( iterator );
2032 mach_port_deallocate( mach_task_self(), port );
2035 #elif HAVE_SYSFS_LIBSYSFS_H
2036 struct sysfs_bus *bus = NULL;
2037 struct dlist *devlist = NULL;
2038 struct dlist *attributes = NULL;
2039 struct sysfs_device *curdev = NULL;
2040 struct sysfs_attribute *curattr = NULL;
2042 bus = sysfs_open_bus( "ieee1394" );
2045 devlist = sysfs_get_bus_devices( bus );
2046 if( devlist != NULL )
2048 dlist_for_each_data( devlist, curdev, struct sysfs_device )
2050 attributes = sysfs_get_device_attributes( curdev );
2051 if( attributes != NULL )
2053 dlist_for_each_data( attributes, curattr,
2054 struct sysfs_attribute )
2056 if( ( strcmp( curattr->name, "model_name" ) == 0 ) &&
2057 ( strncmp( curattr->value, PROD_NAME,
2058 sizeof(PROD_NAME) ) == 0 ) )
2060 *p_ipod_id = strtoll( curdev->name, NULL, 16 );
2071 sysfs_close_bus( bus );
2078 #else /* !defined( UNDER_CE ) */
2080 void *drms_alloc( char *psz_homedir ){ return 0; }
2081 void drms_free( void *a ){}
2082 void drms_decrypt( void *a, uint32_t *b, uint32_t c ){}
2083 int drms_init( void *a, uint32_t b, uint8_t *c, uint32_t d ){ return -1; }
2085 #endif /* defined( UNDER_CE ) */