1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright (C) 2004 VideoLAN
7 * Authors: Jon Lech Johansen <jon-vl@nanocrew.net>
8 * Sam Hocevar <sam@zoy.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
23 *****************************************************************************/
25 #include <stdlib.h> /* malloc(), free() */
45 #ifdef HAVE_SYS_STAT_H
46 # include <sys/stat.h>
48 #ifdef HAVE_SYS_TYPES_H
49 # include <sys/types.h>
52 /* In Solaris (and perhaps others) PATH_MAX is in limits.h. */
58 # include <mach/mach.h>
59 # include <IOKit/IOKitLib.h>
60 # include <CoreFoundation/CFNumber.h>
63 #ifdef HAVE_SYSFS_LIBSYSFS_H
64 # include <sysfs/libsysfs.h>
68 #include "drmstables.h"
72 /*****************************************************************************
73 * aes_s: AES keys structure
74 *****************************************************************************
75 * This structure stores a set of keys usable for encryption and decryption
76 * with the AES/Rijndael algorithm.
77 *****************************************************************************/
80 uint32_t pp_enc_keys[ AES_KEY_COUNT + 1 ][ 4 ];
81 uint32_t pp_dec_keys[ AES_KEY_COUNT + 1 ][ 4 ];
84 /*****************************************************************************
85 * md5_s: MD5 message structure
86 *****************************************************************************
87 * This structure stores the static information needed to compute an MD5
88 * hash. It has an extra data buffer to allow non-aligned writes.
89 *****************************************************************************/
92 uint64_t i_bits; /* Total written bits */
93 uint32_t p_digest[4]; /* The MD5 digest */
94 uint32_t p_data[16]; /* Buffer to cache non-aligned writes */
97 /*****************************************************************************
98 * shuffle_s: shuffle structure
99 *****************************************************************************
100 * This structure stores the static information needed to shuffle data using
101 * a custom algorithm.
102 *****************************************************************************/
106 uint32_t p_commands[ 20 ];
107 uint32_t p_bordel[ 16 ];
110 #define SWAP( a, b ) { (a) ^= (b); (b) ^= (a); (a) ^= (b); }
112 /*****************************************************************************
113 * drms_s: DRMS structure
114 *****************************************************************************
115 * This structure stores the static information needed to decrypt DRMS data.
116 *****************************************************************************/
121 uint8_t p_iviv[ 16 ];
127 char psz_homedir[ PATH_MAX ];
130 /*****************************************************************************
132 *****************************************************************************/
133 static void InitAES ( struct aes_s *, uint32_t * );
134 static void DecryptAES ( struct aes_s *, uint32_t *, const uint32_t * );
136 static void InitMD5 ( struct md5_s * );
137 static void AddMD5 ( struct md5_s *, const uint8_t *, uint32_t );
138 static void EndMD5 ( struct md5_s * );
139 static void Digest ( struct md5_s *, uint32_t * );
141 static void InitShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
142 static void DoShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
144 static uint32_t FirstPass ( uint32_t * );
145 static void SecondPass ( uint32_t *, uint32_t );
146 static void ThirdPass ( uint32_t * );
147 static void FourthPass ( uint32_t * );
148 static void TinyShuffle1 ( uint32_t * );
149 static void TinyShuffle2 ( uint32_t * );
150 static void TinyShuffle3 ( uint32_t * );
151 static void TinyShuffle4 ( uint32_t * );
152 static void TinyShuffle5 ( uint32_t * );
153 static void TinyShuffle6 ( uint32_t * );
154 static void TinyShuffle7 ( uint32_t * );
155 static void TinyShuffle8 ( uint32_t * );
156 static void DoExtShuffle ( uint32_t * );
158 static int GetSystemKey ( uint32_t *, vlc_bool_t );
159 static int WriteUserKey ( void *, uint32_t * );
160 static int ReadUserKey ( void *, uint32_t * );
161 static int GetUserKey ( void *, uint32_t * );
163 static int GetSCIData ( char *, uint32_t **, uint32_t * );
164 static int HashSystemInfo ( uint32_t * );
165 static int GetiPodID ( int64_t * );
167 #ifdef WORDS_BIGENDIAN
168 /*****************************************************************************
169 * Reverse: reverse byte order
170 *****************************************************************************/
171 static inline void Reverse( uint32_t *p_buffer, int n )
175 for( i = 0; i < n; i++ )
177 p_buffer[ i ] = GetDWLE(&p_buffer[ i ]);
180 # define REVERSE( p, n ) Reverse( p, n )
182 # define REVERSE( p, n )
185 /*****************************************************************************
186 * BlockXOR: XOR two 128 bit blocks
187 *****************************************************************************/
188 static inline void BlockXOR( uint32_t *p_dest, uint32_t *p_s1, uint32_t *p_s2 )
192 for( i = 0; i < 4; i++ )
194 p_dest[ i ] = p_s1[ i ] ^ p_s2[ i ];
198 /*****************************************************************************
199 * drms_alloc: allocate a DRMS structure
200 *****************************************************************************/
201 void *drms_alloc( char *psz_homedir )
203 struct drms_s *p_drms;
205 p_drms = malloc( sizeof(struct drms_s) );
212 memset( p_drms, 0, sizeof(struct drms_s) );
214 strncpy( p_drms->psz_homedir, psz_homedir, PATH_MAX );
215 p_drms->psz_homedir[ PATH_MAX - 1 ] = '\0';
217 return (void *)p_drms;
220 /*****************************************************************************
221 * drms_free: free a previously allocated DRMS structure
222 *****************************************************************************/
223 void drms_free( void *_p_drms )
225 struct drms_s *p_drms = (struct drms_s *)_p_drms;
227 if( p_drms->p_name != NULL )
229 free( (void *)p_drms->p_name );
235 /*****************************************************************************
236 * drms_decrypt: unscramble a chunk of data
237 *****************************************************************************/
238 void drms_decrypt( void *_p_drms, uint32_t *p_buffer, uint32_t i_bytes )
240 struct drms_s *p_drms = (struct drms_s *)_p_drms;
242 unsigned int i_blocks;
244 /* AES is a block cypher, round down the byte count */
245 i_blocks = i_bytes / 16;
246 i_bytes = i_blocks * 16;
248 /* Initialise the key */
249 memcpy( p_key, p_drms->p_key, 16 );
256 REVERSE( p_buffer, 4 );
257 DecryptAES( &p_drms->aes, p_tmp, p_buffer );
258 BlockXOR( p_tmp, p_key, p_tmp );
260 /* Use the previous scrambled data as the key for next block */
261 memcpy( p_key, p_buffer, 16 );
263 /* Copy unscrambled data back to the buffer */
264 memcpy( p_buffer, p_tmp, 16 );
265 REVERSE( p_buffer, 4 );
271 /*****************************************************************************
272 * drms_init: initialise a DRMS structure
273 *****************************************************************************/
274 int drms_init( void *_p_drms, uint32_t i_type,
275 uint8_t *p_info, uint32_t i_len )
277 struct drms_s *p_drms = (struct drms_s *)_p_drms;
283 if( i_len < sizeof(p_drms->i_user) )
289 p_drms->i_user = U32_AT( p_info );
293 if( i_len < sizeof(p_drms->i_key) )
299 p_drms->i_key = U32_AT( p_info );
303 if( i_len < sizeof(p_drms->p_key) )
309 memcpy( p_drms->p_iviv, p_info, 16 );
313 p_drms->p_name = strdup( p_info );
315 if( p_drms->p_name == NULL )
323 uint32_t p_priv[ 64 ];
333 AddMD5( &md5, p_drms->p_name, strlen( p_drms->p_name ) );
334 AddMD5( &md5, p_drms->p_iviv, 16 );
337 if( GetUserKey( p_drms, p_drms->p_key ) )
343 InitAES( &p_drms->aes, p_drms->p_key );
345 memcpy( p_priv, p_info, 64 );
346 memcpy( p_drms->p_key, md5.p_digest, 16 );
347 drms_decrypt( p_drms, p_priv, 64 );
348 REVERSE( p_priv, 64 );
350 if( p_priv[ 0 ] != 0x6e757469 ) /* itun */
356 InitAES( &p_drms->aes, p_priv + 6 );
357 memcpy( p_drms->p_key, p_priv + 12, 16 );
359 free( (void *)p_drms->p_name );
360 p_drms->p_name = NULL;
368 /* The following functions are local */
370 /*****************************************************************************
371 * InitAES: initialise AES/Rijndael encryption/decryption tables
372 *****************************************************************************
373 * The Advanced Encryption Standard (AES) is described in RFC 3268
374 *****************************************************************************/
375 static void InitAES( struct aes_s *p_aes, uint32_t *p_key )
378 uint32_t i_key, i_seed;
380 memset( p_aes->pp_enc_keys[1], 0, 16 );
381 memcpy( p_aes->pp_enc_keys[0], p_key, 16 );
383 /* Generate the key tables */
384 i_seed = p_aes->pp_enc_keys[ 0 ][ 3 ];
386 for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ )
390 i_seed = AES_ROR( i_seed, 8 );
392 j = p_aes_table[ i_key ];
394 j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ]
395 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 )
396 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 )
397 ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 );
399 j ^= p_aes->pp_enc_keys[ i_key ][ 0 ];
400 p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j;
401 j ^= p_aes->pp_enc_keys[ i_key ][ 1 ];
402 p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j;
403 j ^= p_aes->pp_enc_keys[ i_key ][ 2 ];
404 p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j;
405 j ^= p_aes->pp_enc_keys[ i_key ][ 3 ];
406 p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j;
411 memcpy( p_aes->pp_dec_keys[ 0 ],
412 p_aes->pp_enc_keys[ 0 ], 16 );
414 for( i = 1; i < AES_KEY_COUNT; i++ )
416 for( t = 0; t < 4; t++ )
418 uint32_t j, k, l, m, n;
420 j = p_aes->pp_enc_keys[ i ][ t ];
422 k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1);
423 l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1);
424 m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1);
428 n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 );
430 p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n;
435 /*****************************************************************************
436 * DecryptAES: decrypt an AES/Rijndael 128 bit block
437 *****************************************************************************/
438 static void DecryptAES( struct aes_s *p_aes,
439 uint32_t *p_dest, const uint32_t *p_src )
441 uint32_t p_wtxt[ 4 ]; /* Working cyphertext */
443 unsigned int i_round, t;
445 for( t = 0; t < 4; t++ )
447 /* FIXME: are there any endianness issues here? */
448 p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ];
452 for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ )
454 for( t = 0; t < 4; t++ )
456 p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt );
459 for( t = 0; t < 4; t++ )
461 p_wtxt[ t ] = p_tmp[ t ]
462 ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ];
466 /* Final round (9) */
467 for( t = 0; t < 4; t++ )
469 p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt );
470 p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ];
474 /*****************************************************************************
475 * InitMD5: initialise an MD5 message
476 *****************************************************************************
477 * The MD5 message-digest algorithm is described in RFC 1321
478 *****************************************************************************/
479 static void InitMD5( struct md5_s *p_md5 )
481 p_md5->p_digest[ 0 ] = 0x67452301;
482 p_md5->p_digest[ 1 ] = 0xefcdab89;
483 p_md5->p_digest[ 2 ] = 0x98badcfe;
484 p_md5->p_digest[ 3 ] = 0x10325476;
486 memset( p_md5->p_data, 0, 64 );
490 /*****************************************************************************
491 * AddMD5: add i_len bytes to an MD5 message
492 *****************************************************************************/
493 static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len )
495 unsigned int i_current; /* Current bytes in the spare buffer */
496 unsigned int i_offset = 0;
498 i_current = (p_md5->i_bits / 8) & 63;
500 p_md5->i_bits += 8 * i_len;
502 /* If we can complete our spare buffer to 64 bytes, do it and add the
503 * resulting buffer to the MD5 message */
504 if( i_len >= (64 - i_current) )
506 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src,
508 Digest( p_md5, p_md5->p_data );
510 i_offset += (64 - i_current);
511 i_len -= (64 - i_current);
515 /* Add as many entire 64 bytes blocks as we can to the MD5 message */
518 uint32_t p_tmp[ 16 ];
519 memcpy( p_tmp, p_src + i_offset, 64 );
520 Digest( p_md5, p_tmp );
525 /* Copy our remaining data to the message's spare buffer */
526 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );
529 /*****************************************************************************
530 * EndMD5: finish an MD5 message
531 *****************************************************************************
532 * This function adds adequate padding to the end of the message, and appends
533 * the bit count so that we end at a block boundary.
534 *****************************************************************************/
535 static void EndMD5( struct md5_s *p_md5 )
537 unsigned int i_current;
539 i_current = (p_md5->i_bits / 8) & 63;
541 /* Append 0x80 to our buffer. No boundary check because the temporary
542 * buffer cannot be full, otherwise AddMD5 would have emptied it. */
543 ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80;
545 /* If less than 8 bytes are available at the end of the block, complete
546 * this 64 bytes block with zeros and add it to the message. We'll add
547 * our length at the end of the next block. */
550 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) );
551 Digest( p_md5, p_md5->p_data );
555 /* Fill the unused space in our last block with zeroes and put the
556 * message length at the end. */
557 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) );
558 p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff;
559 p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32);
560 REVERSE( &p_md5->p_data[ 14 ], 2 );
562 Digest( p_md5, p_md5->p_data );
565 #define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))
566 #define F2( x, y, z ) F1((z), (x), (y))
567 #define F3( x, y, z ) ((x) ^ (y) ^ (z))
568 #define F4( x, y, z ) ((y) ^ ((x) | ~(z)))
570 #define MD5_DO( f, w, x, y, z, data, s ) \
571 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
573 /*****************************************************************************
574 * Digest: update the MD5 digest with 64 bytes of data
575 *****************************************************************************/
576 static void Digest( struct md5_s *p_md5, uint32_t *p_input )
580 REVERSE( p_input, 16 );
582 a = p_md5->p_digest[ 0 ];
583 b = p_md5->p_digest[ 1 ];
584 c = p_md5->p_digest[ 2 ];
585 d = p_md5->p_digest[ 3 ];
587 MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 );
588 MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 );
589 MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 );
590 MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 );
591 MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 );
592 MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 );
593 MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 );
594 MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 );
595 MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 );
596 MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 );
597 MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 );
598 MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 );
599 MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 );
600 MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 );
601 MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 );
602 MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 );
604 MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 );
605 MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 );
606 MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 );
607 MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 );
608 MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 );
609 MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 );
610 MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 );
611 MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 );
612 MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 );
613 MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 );
614 MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 );
615 MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 );
616 MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 );
617 MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 );
618 MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 );
619 MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 );
621 MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 );
622 MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 );
623 MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 );
624 MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 );
625 MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 );
626 MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 );
627 MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 );
628 MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 );
629 MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 );
630 MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 );
631 MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 );
632 MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 );
633 MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 );
634 MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 );
635 MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 );
636 MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 );
638 MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 );
639 MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 );
640 MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 );
641 MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 );
642 MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 );
643 MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 );
644 MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 );
645 MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 );
646 MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 );
647 MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 );
648 MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 );
649 MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 );
650 MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 );
651 MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 );
652 MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 );
653 MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 );
655 p_md5->p_digest[ 0 ] += a;
656 p_md5->p_digest[ 1 ] += b;
657 p_md5->p_digest[ 2 ] += c;
658 p_md5->p_digest[ 3 ] += d;
661 /*****************************************************************************
662 * InitShuffle: initialise a shuffle structure
663 *****************************************************************************
664 * This function initialises tables in the p_shuffle structure that will be
665 * used later by DoShuffle. The only external parameter is p_sys_key.
666 *****************************************************************************/
667 static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key,
670 char p_secret1[] = "Tv!*";
671 static char const p_secret2[] = "v8rhvsaAvOKMFfUH%798=[;."
672 "f8677680a634ba87fnOIf)(*";
675 p_shuffle->i_version = i_version;
677 /* Fill p_commands using the key and a secret seed */
678 for( i = 0; i < 20; i++ )
684 AddMD5( &md5, (uint8_t *)p_sys_key, 16 );
685 AddMD5( &md5, (uint8_t *)p_secret1, 4 );
690 REVERSE( md5.p_digest, 1 );
691 i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024;
693 p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash;
696 /* Fill p_bordel with completely meaningless initial values. */
697 for( i = 0; i < 4; i++ )
699 p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i);
700 memcpy( p_shuffle->p_bordel + 4 * i + 1, p_secret2 + 12 * i, 12 );
701 REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 );
705 /*****************************************************************************
706 * DoShuffle: shuffle buffer
707 *****************************************************************************
708 * This is so ugly and uses so many MD5 checksums that it is most certainly
709 * one-way, though why it needs to be so complicated is beyond me.
710 *****************************************************************************/
711 static void DoShuffle( struct shuffle_s *p_shuffle,
712 uint32_t *p_buffer, uint32_t i_size )
715 uint32_t p_big_bordel[ 16 ];
716 uint32_t *p_bordel = p_shuffle->p_bordel;
719 static uint32_t i_secret = 0;
721 static uint32_t p_secret1[] =
723 0xAAAAAAAA, 0x01757700, 0x00554580, 0x01724500, 0x00424580,
724 0x01427700, 0x00000080, 0xC1D59D01, 0x80144981, 0x815C8901,
725 0x80544981, 0x81D45D01, 0x00000080, 0x81A3BB03, 0x00A2AA82,
726 0x01A3BB03, 0x0022A282, 0x813BA202, 0x00000080, 0x6D575737,
727 0x4A5275A5, 0x6D525725, 0x4A5254A5, 0x6B725437, 0x00000080,
728 0xD5DDB938, 0x5455A092, 0x5D95A013, 0x4415A192, 0xC5DD393A,
729 0x00000080, 0x55555555
732 static char p_secret2[] =
733 "pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq.";
737 REVERSE( p_secret1, sizeof(p_secret1)/sizeof(p_secret1[ 0 ]) );
738 for( ; p_secret2[ i_secret ] != '\0'; i_secret++ )
740 #define ROT13(c) (((c)>='A'&&(c)<='Z')?(((c)-'A'+13)%26)+'A':\
741 ((c)>='a'&&(c)<='z')?(((c)-'a'+13)%26)+'a':c)
742 p_secret2[ i_secret ] = ROT13(p_secret2[ i_secret ]);
744 i_secret++; /* include zero terminator */
747 /* Using the MD5 hash of a memory block is probably not one-way enough
748 * for the iTunes people. This function randomises p_bordel depending on
749 * the values in p_commands to make things even more messy in p_bordel. */
750 for( i = 0; i < 20; i++ )
752 uint8_t i_command, i_index;
754 if( !p_shuffle->p_commands[ i ] )
759 i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8;
760 i_index = p_shuffle->p_commands[ i ] & 0xff;
765 p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ]
766 + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ];
769 p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ];
772 p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ];
775 p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ];
780 if( p_shuffle->i_version == 0x01000300 )
782 DoExtShuffle( p_bordel );
785 /* Convert our newly randomised p_bordel to big endianness and take
788 for( i = 0; i < 16; i++ )
790 p_big_bordel[ i ] = U32_AT(p_bordel + i);
792 AddMD5( &md5, (uint8_t *)p_big_bordel, 64 );
793 if( p_shuffle->i_version == 0x01000300 )
795 AddMD5( &md5, (uint8_t *)p_secret1, sizeof(p_secret1) );
796 AddMD5( &md5, (uint8_t *)p_secret2, i_secret );
800 /* XOR our buffer with the computed checksum */
801 for( i = 0; i < i_size; i++ )
803 p_buffer[ i ] ^= md5.p_digest[ i ];
807 /*****************************************************************************
808 * DoExtShuffle: extended shuffle
809 *****************************************************************************
810 * This is even uglier.
811 *****************************************************************************/
812 static void DoExtShuffle( uint32_t * p_bordel )
816 i_ret = FirstPass( p_bordel );
818 SecondPass( p_bordel, i_ret );
820 ThirdPass( p_bordel );
822 FourthPass( p_bordel );
825 static uint32_t FirstPass( uint32_t * p_bordel )
827 uint32_t i, i_cmd, i_ret = 5;
829 TinyShuffle1( p_bordel );
835 p_bordel[ 1 ] += 0x10000000;
836 p_bordel[ 3 ] += 0x12777;
838 if( (p_bordel[ 10 ] & 1) && i_ret )
841 p_bordel[ 1 ] -= p_bordel[ 2 ];
842 p_bordel[ 11 ] += p_bordel[ 12 ];
846 if( (p_bordel[ 1 ] + p_bordel[ 2 ]) >= 0x7D0 )
848 switch( ((p_bordel[ 3 ] ^ 0x567F) >> 2) & 7 )
851 for( i = 0; i < 3; i++ )
853 if( p_bordel[ i + 10 ] > 0x4E20 )
855 p_bordel[ i + 1 ] += p_bordel[ i + 2 ];
860 p_bordel[ 1 ] -= p_bordel[ 2 ];
863 p_bordel[ 11 ] += p_bordel[ 12 ];
866 p_bordel[ 3 ] ^= p_bordel[ 4 ];
869 p_bordel[ 13 ] &= p_bordel[ 14 ];
872 p_bordel[ 0 ] |= p_bordel[ 1 ];
884 for( i = 0, i_cmd = 0; i < 16; i++ )
886 if( p_bordel[ i ] < p_bordel[ i_cmd ] )
892 if( i_ret && i_cmd != 5 )
900 p_bordel[ 8 ] &= p_bordel[ 6 ] >> 1;
904 for( i = 0; i < 3; i++ )
907 if( p_bordel[ 11 ] & 5 )
909 p_bordel[ 8 ] += p_bordel[ 9 ];
919 i_cmd = (p_bordel[ 15 ] + 0x93) >> 3;
920 if( p_bordel[ 15 ] & 0x100 )
929 while( p_bordel[ 11 ] & 1 )
931 p_bordel[ 11 ] >>= 1;
936 p_bordel[ 14 ] -= 0x19FE;
948 i_cmd = ((p_bordel[ 3 ] + p_bordel[ 4 ] + 10) >> 1) - p_bordel[ 4 ];
956 p_bordel[ 14 ] >>= 1;
965 p_bordel[ 15 ] &= 0x55;
968 p_bordel[ 2 ] &= 0xB62FC;
974 TinyShuffle2( p_bordel );
979 static void SecondPass( uint32_t * p_bordel, uint32_t i_tmp )
981 uint32_t i, i_cmd, i_jc = 5;
983 TinyShuffle3( p_bordel );
985 for( i = 0, i_cmd = 0; i < 16; i++ )
987 if( p_bordel[ i ] > p_bordel[ i_cmd ] )
996 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1002 if( (p_bordel[ 9 ] & 0x7777) == 0x3333 )
1009 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1018 p_bordel[ 1 ] -= p_bordel[ 5 ];
1019 for( i = 0; i < 3; i++ )
1021 switch( p_bordel[ 1 ] & 3 )
1030 p_bordel[ 13 ] &= 0xFEFEFEF7;
1033 p_bordel[ 8 ] |= 0x80080011;
1045 p_bordel[ 15 ] ^= 0x18547EFF;
1051 switch( ( p_bordel[ 12 ] + p_bordel[ 13 ] + p_bordel[ 6 ] ) % 5 )
1054 p_bordel[ 12 ] -= 1;
1057 p_bordel[ 12 ] -= 1;
1058 p_bordel[ 13 ] += 1;
1061 p_bordel[ 13 ] += 4;
1064 p_bordel[ 12 ] -= 1;
1071 i = 3; /* Restart the whole loop */
1076 TinyShuffle4( p_bordel );
1080 TinyShuffle5( p_bordel );
1082 switch( ( p_bordel[ 2 ] * 2 + 15 ) % 5 )
1085 if( ( p_bordel[ 3 ] + i_tmp ) <=
1086 ( p_bordel[ 1 ] + p_bordel[ 15 ] ) )
1092 p_bordel[ 10 ] -= 0x13;
1095 p_bordel[ 5 ] >>= 2;
1099 if( !( p_bordel[ 2 ] & 1 ) || i_jc == 0 )
1105 p_bordel[ 2 ] += 0x13;
1106 p_bordel[ 12 ] += 1;
1109 p_bordel[ 2 ] &= 0x10076000;
1112 static void ThirdPass( uint32_t * p_bordel )
1116 i_cmd = ((p_bordel[ 7 ] + p_bordel[ 14 ] + 10) >> 1) - p_bordel[ 14 ];
1122 p_bordel[ 1 ] <<= 1;
1123 p_bordel[ 2 ] <<= 2;
1124 p_bordel[ 3 ] <<= 3;
1127 p_bordel[ i_cmd + 3 ] &= 0x5EDE36B;
1128 p_bordel[ 5 ] += p_bordel[ 8 ];
1129 p_bordel[ 4 ] += p_bordel[ 7 ];
1130 p_bordel[ 3 ] += p_bordel[ 6 ];
1131 p_bordel[ 2 ] += p_bordel[ 5 ];
1134 p_bordel[ 1 ] += p_bordel[ 4 ];
1135 p_bordel[ 0 ] += p_bordel[ 3 ];
1136 TinyShuffle6( p_bordel );
1137 return; /* jc = 4 */
1139 if( (p_bordel[ 11 ] & p_bordel[ 2 ]) > 0x211B )
1148 p_bordel[ 9 ] ^= p_bordel[ 2 ];
1151 p_bordel[ 2 ] ^= (p_bordel[ 1 ] & p_bordel[ 13 ]);
1154 p_bordel[ 0 ] -= p_bordel[ 11 ] & p_bordel[ 15 ];
1155 return; /* jc = 4 */
1157 p_bordel[ 6 ] >>= (p_bordel[ 14 ] & 3);
1161 SWAP( p_bordel[ 0 ], p_bordel[ 10 ] );
1163 TinyShuffle6( p_bordel );
1165 return; /* jc = 5 */
1168 static void FourthPass( uint32_t * p_bordel )
1172 TinyShuffle7( p_bordel );
1174 switch( p_bordel[ 5 ] % 5)
1180 p_bordel[ 11 ] ^= (p_bordel[ 3 ] + p_bordel[ 6 ] + p_bordel[ 8 ]);
1183 for( i = 4; i < 15 && (p_bordel[ i ] & 5) == 0; i++ )
1185 SWAP( p_bordel[ i ], p_bordel[ 15 - i ] );
1189 p_bordel[ 12 ] -= 1;
1190 p_bordel[ 13 ] += 1;
1191 p_bordel[ 2 ] -= 0x64;
1192 p_bordel[ 3 ] += 0x64;
1193 TinyShuffle8( p_bordel );
1197 for( i = 0, j = 0; i < 16; i++ )
1199 if( p_bordel[ i ] > p_bordel[ j ] )
1205 switch( p_bordel[ j ] % 100 )
1208 SWAP( p_bordel[ 0 ], p_bordel[ j ] );
1211 p_bordel[ 1 ] >>= 1;
1212 p_bordel[ 2 ] <<= 1;
1213 p_bordel[ 14 ] >>= 3;
1214 p_bordel[ 15 ] <<= 4;
1217 p_bordel[ j ] += p_bordel[ 13 ];
1220 p_bordel[ 1 ] += 0x20E;
1221 p_bordel[ 5 ] += 0x223D;
1222 p_bordel[ 13 ] -= 0x576;
1223 p_bordel[ 15 ] += 0x576;
1226 p_bordel[ 2 ] -= 0x64;
1227 p_bordel[ 3 ] += 0x64;
1228 p_bordel[ 12 ] -= 1;
1229 p_bordel[ 13 ] += 1;
1233 p_bordel[ j ] += p_bordel[ 13 ];
1237 TinyShuffle8( p_bordel );
1240 /*****************************************************************************
1241 * TinyShuffle[12345678]: tiny shuffle subroutines
1242 *****************************************************************************
1243 * These standalone functions are little helpers for the shuffling process.
1244 *****************************************************************************/
1245 static void TinyShuffle1( uint32_t * p_bordel )
1247 uint32_t i_cmd = (p_bordel[ 5 ] + 10) >> 2;
1249 if( p_bordel[ 5 ] > 0x7D0 )
1263 if( p_bordel[ 4 ] & 5 )
1265 p_bordel[ 1 ] ^= 0x4D;
1269 p_bordel[ 12 ] += 5;
1274 static void TinyShuffle2( uint32_t * p_bordel )
1278 for( i = 0, j = 0; i < 16; i++ )
1280 if( (p_bordel[ i ] & 0x777) > (p_bordel[ j ] & 0x777) )
1288 for( ; j < 15; j++ )
1290 p_bordel[ j ] += p_bordel[ j + 1 ];
1295 p_bordel[ 2 ] &= 0xB62FC;
1299 static void TinyShuffle3( uint32_t * p_bordel )
1301 uint32_t i_cmd = p_bordel[ 6 ] + 0x194B;
1303 if( p_bordel[ 6 ] > 0x2710 )
1311 p_bordel[ 3 ] += 0x19FE;
1314 p_bordel[ 7 ] -= p_bordel[ 3 ] >> 2;
1317 p_bordel[ 5 ] ^= 0x248A;
1322 static void TinyShuffle4( uint32_t * p_bordel )
1326 for( i = 0, j = 0; i < 16; i++ )
1328 if( p_bordel[ i ] < p_bordel[ j ] )
1334 if( (p_bordel[ j ] % (j + 1)) > 10 )
1337 p_bordel[ 2 ] += 0x13;
1338 p_bordel[ 12 ] += 1;
1342 static void TinyShuffle5( uint32_t * p_bordel )
1346 p_bordel[ 2 ] &= 0x7F3F;
1348 for( i = 0; i < 5; i++ )
1350 switch( ( p_bordel[ 2 ] + 10 + i ) % 5 )
1353 p_bordel[ 12 ] &= p_bordel[ 2 ];
1356 p_bordel[ 3 ] ^= p_bordel[ 15 ];
1359 p_bordel[ 15 ] += 0x576;
1362 p_bordel[ 7 ] -= 0x2D;
1365 p_bordel[ 1 ] <<= 1;
1371 static void TinyShuffle6( uint32_t * p_bordel )
1375 for( i = 0; i < 8; i++ )
1377 j = p_bordel[ 3 ] & 0x7514 ? 5 : 7;
1378 SWAP( p_bordel[ i ], p_bordel[ i + j ] );
1382 static void TinyShuffle7( uint32_t * p_bordel )
1386 i = (((p_bordel[ 9 ] + p_bordel[ 15 ] + 12) >> 2) - p_bordel[ 4 ]) & 7;
1390 SWAP( p_bordel[ i ], p_bordel[ i + 3 ] );
1393 SWAP( p_bordel[ 1 ], p_bordel[ 10 ] );
1396 static void TinyShuffle8( uint32_t * p_bordel )
1400 i = (p_bordel[ 0 ] & p_bordel[ 6 ]) & 0xF;
1402 switch( p_bordel[ i ] % 1000 )
1405 if( (p_bordel[ i ] & 0x777) > (p_bordel[ 7 ] & 0x5555) )
1407 p_bordel[ i ] ^= p_bordel[ 5 ] & p_bordel[ 3 ];
1411 p_bordel[ 15 ] &= 0x5555;
1414 p_bordel[ i ] ^= p_bordel[ 15 ];
1417 SWAP( p_bordel[ 0 ], p_bordel[ 3 ] );
1418 SWAP( p_bordel[ 1 ], p_bordel[ 6 ] );
1419 SWAP( p_bordel[ 3 ], p_bordel[ 6 ] );
1420 SWAP( p_bordel[ 4 ], p_bordel[ 9 ] );
1421 SWAP( p_bordel[ 5 ], p_bordel[ 8 ] );
1422 SWAP( p_bordel[ 6 ], p_bordel[ 7 ] );
1423 SWAP( p_bordel[ 13 ], p_bordel[ 14 ] );
1426 p_bordel[ i ] += p_bordel[ 1 ] ^ 0x80080011;
1427 p_bordel[ i ] += p_bordel[ 2 ] ^ 0xBEEFDEAD;
1428 p_bordel[ i ] += p_bordel[ 3 ] ^ 0x8765F444;
1429 p_bordel[ i ] += p_bordel[ 4 ] ^ 0x78145326;
1432 p_bordel[ 12 ] -= p_bordel[ i ];
1433 p_bordel[ 13 ] += p_bordel[ i ];
1436 p_bordel[ i ] += p_bordel[ 1 ];
1437 p_bordel[ i ] -= p_bordel[ 7 ];
1438 p_bordel[ i ] -= p_bordel[ 8 ];
1439 p_bordel[ i ] += p_bordel[ 9 ];
1440 p_bordel[ i ] += p_bordel[ 13 ];
1444 p_bordel[ i + 1 ] >>= 1;
1445 p_bordel[ i + 2 ] <<= 4;
1446 p_bordel[ i + 3 ] >>= 3;
1449 p_bordel[ 1 ] += 0x20E;
1450 p_bordel[ 5 ] += 0x223D;
1451 p_bordel[ 13 ] -= 0x576;
1452 p_bordel[ 15 ] += 0x576;
1455 if( (p_bordel[ i ] ^ 0x8765F441) < 0x2710 )
1457 SWAP( p_bordel[ 0 ], p_bordel[ 1 ] );
1461 SWAP( p_bordel[ 1 ], p_bordel[ 11 ] );
1467 /*****************************************************************************
1468 * GetSystemKey: get the system key
1469 *****************************************************************************
1470 * Compute the system key from various system information, see HashSystemInfo.
1471 *****************************************************************************/
1472 static int GetSystemKey( uint32_t *p_sys_key, vlc_bool_t b_ipod )
1474 static char const p_secret1[ 8 ] = "YuaFlafu";
1475 static char const p_secret2[ 8 ] = "zPif98ga";
1478 uint32_t p_system_hash[ 4 ];
1480 /* Compute the MD5 hash of our system info */
1481 if( ( !b_ipod && HashSystemInfo( p_system_hash ) ) ||
1482 ( b_ipod && GetiPodID( &i_ipod_id ) ) )
1487 /* Combine our system info hash with additional secret data. The resulting
1488 * MD5 hash will be our system key. */
1490 AddMD5( &md5, p_secret1, 8 );
1494 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1495 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1496 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1497 AddMD5( &md5, p_secret2, 8 );
1501 i_ipod_id = U64_AT(&i_ipod_id);
1502 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1503 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1504 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1509 memcpy( p_sys_key, md5.p_digest, 16 );
1515 # define DRMS_DIRNAME "drms"
1517 # define DRMS_DIRNAME ".drms"
1520 /*****************************************************************************
1521 * WriteUserKey: write the user key to hard disk
1522 *****************************************************************************
1523 * Write the user key to the hard disk so that it can be reused later or used
1524 * on operating systems other than Win32.
1525 *****************************************************************************/
1526 static int WriteUserKey( void *_p_drms, uint32_t *p_user_key )
1528 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1531 char psz_path[ PATH_MAX ];
1533 snprintf( psz_path, PATH_MAX - 1,
1534 "%s/" DRMS_DIRNAME, p_drms->psz_homedir );
1536 #if defined( HAVE_ERRNO_H )
1537 # if defined( WIN32 )
1538 if( !mkdir( psz_path ) || errno == EEXIST )
1540 if( !mkdir( psz_path, 0755 ) || errno == EEXIST )
1543 if( !mkdir( psz_path ) )
1546 snprintf( psz_path, PATH_MAX - 1, "%s/" DRMS_DIRNAME "/%08X.%03d",
1547 p_drms->psz_homedir, p_drms->i_user, p_drms->i_key );
1549 file = fopen( psz_path, "wb" );
1552 i_ret = fwrite( p_user_key, sizeof(uint32_t),
1553 4, file ) == 4 ? 0 : -1;
1561 /*****************************************************************************
1562 * ReadUserKey: read the user key from hard disk
1563 *****************************************************************************
1564 * Retrieve the user key from the hard disk if available.
1565 *****************************************************************************/
1566 static int ReadUserKey( void *_p_drms, uint32_t *p_user_key )
1568 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1571 char psz_path[ PATH_MAX ];
1573 snprintf( psz_path, PATH_MAX - 1,
1574 "%s/" DRMS_DIRNAME "/%08X.%03d", p_drms->psz_homedir,
1575 p_drms->i_user, p_drms->i_key );
1577 file = fopen( psz_path, "rb" );
1580 i_ret = fread( p_user_key, sizeof(uint32_t),
1581 4, file ) == 4 ? 0 : -1;
1588 /*****************************************************************************
1589 * GetUserKey: get the user key
1590 *****************************************************************************
1591 * Retrieve the user key from the hard disk if available, otherwise generate
1592 * it from the system key. If the key could be successfully generated, write
1593 * it to the hard disk for future use.
1594 *****************************************************************************/
1595 static int GetUserKey( void *_p_drms, uint32_t *p_user_key )
1597 static char const p_secret[] = "mUfnpognadfgf873";
1598 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1600 struct shuffle_s shuffle;
1602 uint32_t *p_sci_data;
1603 uint32_t i_user, i_key;
1604 uint32_t p_sys_key[ 4 ];
1605 uint32_t i_sci_size, i_blocks, i_remaining;
1606 uint32_t *p_sci0, *p_sci1, *p_buffer;
1607 uint32_t p_sci_key[ 4 ];
1611 if( !ReadUserKey( p_drms, p_user_key ) )
1613 REVERSE( p_user_key, 4 );
1617 psz_ipod = getenv( "IPOD" );
1619 if( GetSystemKey( p_sys_key, psz_ipod ? VLC_TRUE : VLC_FALSE ) )
1624 if( GetSCIData( psz_ipod, &p_sci_data, &i_sci_size ) )
1629 /* Phase 1: unscramble the SCI data using the system key and shuffle
1630 * it using DoShuffle(). */
1632 /* Skip the first 4 bytes (some sort of header). Decrypt the rest. */
1633 i_blocks = (i_sci_size - 4) / 16;
1634 i_remaining = (i_sci_size - 4) - (i_blocks * 16);
1635 p_buffer = p_sci_data + 1;
1637 /* Decrypt and shuffle our data at the same time */
1638 InitAES( &aes, p_sys_key );
1639 REVERSE( p_sys_key, 4 );
1640 InitShuffle( &shuffle, p_sys_key, p_sci_data[ 0 ] );
1642 memcpy( p_sci_key, p_secret, 16 );
1643 REVERSE( p_sci_key, 4 );
1647 uint32_t p_tmp[ 4 ];
1649 REVERSE( p_buffer, 4 );
1650 DecryptAES( &aes, p_tmp, p_buffer );
1651 BlockXOR( p_tmp, p_sci_key, p_tmp );
1653 /* Use the previous scrambled data as the key for next block */
1654 memcpy( p_sci_key, p_buffer, 16 );
1656 /* Shuffle the decrypted data using a custom routine */
1657 DoShuffle( &shuffle, p_tmp, 4 );
1659 /* Copy this block back to p_buffer */
1660 memcpy( p_buffer, p_tmp, 16 );
1665 if( i_remaining >= 4 )
1668 REVERSE( p_buffer, i_remaining );
1669 DoShuffle( &shuffle, p_buffer, i_remaining );
1672 /* Phase 2: look for the user key in the generated data. I must admit I
1673 * do not understand what is going on here, because it almost
1674 * looks like we are browsing data that makes sense, even though
1675 * the DoShuffle() part made it completely meaningless. */
1678 REVERSE( p_sci_data + 5, 1 );
1679 i = U32_AT( p_sci_data + 5 );
1680 i_sci_size -= 22 * sizeof(uint32_t);
1681 p_sci1 = p_sci_data + 22;
1684 while( i_sci_size >= 20 && i > 0 )
1686 if( p_sci0 == NULL )
1688 i_sci_size -= 18 * sizeof(uint32_t);
1689 if( i_sci_size < 20 )
1695 REVERSE( p_sci1 + 17, 1 );
1696 y = U32_AT( p_sci1 + 17 );
1707 i_user = U32_AT( p_sci0 );
1708 i_key = U32_AT( p_sci1 );
1709 REVERSE( &i_user, 1 );
1710 REVERSE( &i_key, 1 );
1711 if( i_user == p_drms->i_user && ( ( i_key == p_drms->i_key ) ||
1712 ( !p_drms->i_key && ( p_sci1 == (p_sci0 + 18) ) ) ) )
1714 memcpy( p_user_key, p_sci1 + 1, 16 );
1715 REVERSE( p_sci1 + 1, 4 );
1716 WriteUserKey( p_drms, p_sci1 + 1 );
1723 i_sci_size -= 5 * sizeof(uint32_t);
1731 /*****************************************************************************
1732 * GetSCIData: get SCI data from "SC Info.sidb"
1733 *****************************************************************************
1734 * Read SCI data from "\Apple Computer\iTunes\SC Info\SC Info.sidb"
1735 *****************************************************************************/
1736 static int GetSCIData( char *psz_ipod, uint32_t **pp_sci,
1737 uint32_t *pi_sci_size )
1740 char *psz_path = NULL;
1741 char p_tmp[ PATH_MAX ];
1744 if( psz_ipod == NULL )
1747 char *p_filename = "\\Apple Computer\\iTunes\\SC Info\\SC Info.sidb";
1748 typedef HRESULT (WINAPI *SHGETFOLDERPATH)( HWND, int, HANDLE, DWORD,
1750 HINSTANCE shfolder_dll = NULL;
1751 SHGETFOLDERPATH dSHGetFolderPath = NULL;
1753 if( ( shfolder_dll = LoadLibrary( _T("SHFolder.dll") ) ) != NULL )
1756 (SHGETFOLDERPATH)GetProcAddress( shfolder_dll,
1757 _T("SHGetFolderPathA") );
1760 if( dSHGetFolderPath != NULL &&
1761 SUCCEEDED( dSHGetFolderPath( NULL, CSIDL_COMMON_APPDATA,
1762 NULL, 0, p_tmp ) ) )
1764 strncat( p_tmp, p_filename, min( strlen( p_filename ),
1765 (sizeof(p_tmp)/sizeof(p_tmp[0]) - 1) -
1766 strlen( p_tmp ) ) );
1770 if( shfolder_dll != NULL )
1772 FreeLibrary( shfolder_dll );
1778 #define ISCINFO "iSCInfo"
1779 if( strstr( psz_ipod, ISCINFO ) == NULL )
1781 snprintf( p_tmp, sizeof(p_tmp)/sizeof(p_tmp[0]) - 1,
1782 "%s/iPod_Control/iTunes/" ISCINFO "2", psz_ipod );
1787 psz_path = psz_ipod;
1791 if( psz_path == NULL )
1796 file = fopen( psz_path, "rb" );
1801 if( !fstat( fileno( file ), &st ) )
1803 *pp_sci = malloc( st.st_size );
1804 if( *pp_sci != NULL )
1806 if( fread( *pp_sci, 1, st.st_size,
1807 file ) == (size_t)st.st_size )
1809 *pi_sci_size = st.st_size;
1814 free( (void *)*pp_sci );
1826 /*****************************************************************************
1827 * HashSystemInfo: hash system information
1828 *****************************************************************************
1829 * This function computes the MD5 hash of the C: hard drive serial number,
1830 * BIOS version, CPU type and Windows version.
1831 *****************************************************************************/
1832 static int HashSystemInfo( uint32_t *p_system_hash )
1844 static LPCTSTR p_reg_keys[ 3 ][ 2 ] =
1847 _T("HARDWARE\\DESCRIPTION\\System"),
1848 _T("SystemBiosVersion")
1852 _T("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"),
1853 _T("ProcessorNameString")
1857 _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion"),
1864 AddMD5( &md5, "cache-control", 13 );
1865 AddMD5( &md5, "Ethernet", 8 );
1867 GetVolumeInformation( _T("C:\\"), NULL, 0, &i_serial,
1868 NULL, NULL, NULL, 0 );
1869 AddMD5( &md5, (uint8_t *)&i_serial, 4 );
1871 for( i = 0; i < sizeof(p_reg_keys) / sizeof(p_reg_keys[ 0 ]); i++ )
1873 if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, p_reg_keys[ i ][ 0 ],
1874 0, KEY_READ, &i_key ) != ERROR_SUCCESS )
1879 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1880 NULL, NULL, NULL, &i_size ) != ERROR_SUCCESS )
1882 RegCloseKey( i_key );
1886 p_reg_buf = malloc( i_size );
1888 if( p_reg_buf != NULL )
1890 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1891 NULL, NULL, p_reg_buf,
1892 &i_size ) == ERROR_SUCCESS )
1894 AddMD5( &md5, (uint8_t *)p_reg_buf, i_size );
1900 RegCloseKey( i_key );
1909 memcpy( p_system_hash, md5.p_digest, 16 );
1914 /*****************************************************************************
1915 * GetiPodID: Get iPod ID
1916 *****************************************************************************
1917 * This function gets the iPod ID.
1918 *****************************************************************************/
1919 static int GetiPodID( int64_t *p_ipod_id )
1923 #define PROD_NAME "iPod"
1924 #define VENDOR_NAME "Apple Computer, Inc."
1926 char *psz_ipod_id = getenv( "IPODID" );
1927 if( psz_ipod_id != NULL )
1929 *p_ipod_id = strtoll( psz_ipod_id, NULL, 16 );
1937 io_iterator_t iterator;
1938 CFMutableDictionaryRef matching_dic;
1940 if( IOMasterPort( MACH_PORT_NULL, &port ) == KERN_SUCCESS )
1942 if( ( matching_dic = IOServiceMatching( "IOFireWireUnit" ) ) != NULL )
1944 CFDictionarySetValue( matching_dic,
1945 CFSTR("FireWire Vendor Name"),
1946 CFSTR(VENDOR_NAME) );
1947 CFDictionarySetValue( matching_dic,
1948 CFSTR("FireWire Product Name"),
1951 if( IOServiceGetMatchingServices( port, matching_dic,
1952 &iterator ) == KERN_SUCCESS )
1954 while( ( device = IOIteratorNext( iterator ) ) != NULL )
1956 value = IORegistryEntryCreateCFProperty( device,
1957 CFSTR("GUID"), kCFAllocatorDefault, kNilOptions );
1961 if( CFGetTypeID( value ) == CFNumberGetTypeID() )
1964 CFNumberGetValue( (CFNumberRef)value,
1965 kCFNumberLongLongType,
1967 *p_ipod_id = i_ipod_id;
1974 IOObjectRelease( device );
1979 IOObjectRelease( iterator );
1983 mach_port_deallocate( mach_task_self(), port );
1986 #elif HAVE_SYSFS_LIBSYSFS_H
1987 struct sysfs_bus *bus = NULL;
1988 struct dlist *devlist = NULL;
1989 struct dlist *attributes = NULL;
1990 struct sysfs_device *curdev = NULL;
1991 struct sysfs_attribute *curattr = NULL;
1993 bus = sysfs_open_bus( "ieee1394" );
1996 devlist = sysfs_get_bus_devices( bus );
1997 if( devlist != NULL )
1999 dlist_for_each_data( devlist, curdev, struct sysfs_device )
2001 attributes = sysfs_get_device_attributes( curdev );
2002 if( attributes != NULL )
2004 dlist_for_each_data( attributes, curattr,
2005 struct sysfs_attribute )
2007 if( ( strcmp( curattr->name, "model_name" ) == 0 ) &&
2008 ( strncmp( curattr->value, PROD_NAME,
2009 sizeof(PROD_NAME) ) == 0 ) )
2011 *p_ipod_id = strtoll( curdev->name, NULL, 16 );
2022 sysfs_close_bus( bus );