1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright (C) 2004 VideoLAN
7 * Authors: Jon Lech Johansen <jon-vl@nanocrew.net>
8 * Sam Hocevar <sam@zoy.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
23 *****************************************************************************/
25 #include <stdlib.h> /* malloc(), free() */
46 # if !defined( UNDER_CE )
54 #ifdef HAVE_SYS_STAT_H
55 # include <sys/stat.h>
57 #ifdef HAVE_SYS_TYPES_H
58 # include <sys/types.h>
61 /* In Solaris (and perhaps others) PATH_MAX is in limits.h. */
67 # include <mach/mach.h>
68 # include <IOKit/IOKitLib.h>
69 # include <CoreFoundation/CFNumber.h>
72 #ifdef HAVE_SYSFS_LIBSYSFS_H
73 # include <sysfs/libsysfs.h>
77 #include "drmstables.h"
79 #if !defined( UNDER_CE )
80 /*****************************************************************************
81 * aes_s: AES keys structure
82 *****************************************************************************
83 * This structure stores a set of keys usable for encryption and decryption
84 * with the AES/Rijndael algorithm.
85 *****************************************************************************/
88 uint32_t pp_enc_keys[ AES_KEY_COUNT + 1 ][ 4 ];
89 uint32_t pp_dec_keys[ AES_KEY_COUNT + 1 ][ 4 ];
93 # define Digest DigestMD5
95 /*****************************************************************************
96 * md5_s: MD5 message structure
97 *****************************************************************************
98 * This structure stores the static information needed to compute an MD5
99 * hash. It has an extra data buffer to allow non-aligned writes.
100 *****************************************************************************/
103 uint64_t i_bits; /* Total written bits */
104 uint32_t p_digest[4]; /* The MD5 digest */
105 uint32_t p_data[16]; /* Buffer to cache non-aligned writes */
109 /*****************************************************************************
110 * shuffle_s: shuffle structure
111 *****************************************************************************
112 * This structure stores the static information needed to shuffle data using
113 * a custom algorithm.
114 *****************************************************************************/
118 uint32_t p_commands[ 20 ];
119 uint32_t p_bordel[ 16 ];
122 #define SWAP( a, b ) { (a) ^= (b); (b) ^= (a); (a) ^= (b); }
124 /*****************************************************************************
125 * drms_s: DRMS structure
126 *****************************************************************************
127 * This structure stores the static information needed to decrypt DRMS data.
128 *****************************************************************************/
133 uint8_t p_iviv[ 16 ];
139 char psz_homedir[ PATH_MAX ];
142 /*****************************************************************************
144 *****************************************************************************/
145 static void InitAES ( struct aes_s *, uint32_t * );
146 static void DecryptAES ( struct aes_s *, uint32_t *, const uint32_t * );
149 static void InitMD5 ( struct md5_s * );
150 static void AddMD5 ( struct md5_s *, const uint8_t *, uint32_t );
151 static void EndMD5 ( struct md5_s * );
152 static void Digest ( struct md5_s *, uint32_t * );
155 static void InitShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
156 static void DoShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
158 static uint32_t FirstPass ( uint32_t * );
159 static void SecondPass ( uint32_t *, uint32_t );
160 static void ThirdPass ( uint32_t * );
161 static void FourthPass ( uint32_t * );
162 static void TinyShuffle1 ( uint32_t * );
163 static void TinyShuffle2 ( uint32_t * );
164 static void TinyShuffle3 ( uint32_t * );
165 static void TinyShuffle4 ( uint32_t * );
166 static void TinyShuffle5 ( uint32_t * );
167 static void TinyShuffle6 ( uint32_t * );
168 static void TinyShuffle7 ( uint32_t * );
169 static void TinyShuffle8 ( uint32_t * );
170 static void DoExtShuffle ( uint32_t * );
172 static int GetSystemKey ( uint32_t *, vlc_bool_t );
173 static int WriteUserKey ( void *, uint32_t * );
174 static int ReadUserKey ( void *, uint32_t * );
175 static int GetUserKey ( void *, uint32_t * );
177 static int GetSCIData ( char *, uint32_t **, uint32_t * );
178 static int HashSystemInfo ( uint32_t * );
179 static int GetiPodID ( int64_t * );
181 #ifdef WORDS_BIGENDIAN
182 /*****************************************************************************
183 * Reverse: reverse byte order
184 *****************************************************************************/
185 static inline void Reverse( uint32_t *p_buffer, int n )
189 for( i = 0; i < n; i++ )
191 p_buffer[ i ] = GetDWLE(&p_buffer[ i ]);
194 # define REVERSE( p, n ) Reverse( p, n )
196 # define REVERSE( p, n )
199 /*****************************************************************************
200 * BlockXOR: XOR two 128 bit blocks
201 *****************************************************************************/
202 static inline void BlockXOR( uint32_t *p_dest, uint32_t *p_s1, uint32_t *p_s2 )
206 for( i = 0; i < 4; i++ )
208 p_dest[ i ] = p_s1[ i ] ^ p_s2[ i ];
212 /*****************************************************************************
213 * drms_alloc: allocate a DRMS structure
214 *****************************************************************************/
215 void *drms_alloc( char *psz_homedir )
217 struct drms_s *p_drms;
219 p_drms = malloc( sizeof(struct drms_s) );
226 memset( p_drms, 0, sizeof(struct drms_s) );
228 strncpy( p_drms->psz_homedir, psz_homedir, PATH_MAX );
229 p_drms->psz_homedir[ PATH_MAX - 1 ] = '\0';
231 return (void *)p_drms;
234 /*****************************************************************************
235 * drms_free: free a previously allocated DRMS structure
236 *****************************************************************************/
237 void drms_free( void *_p_drms )
239 struct drms_s *p_drms = (struct drms_s *)_p_drms;
241 if( p_drms->p_name != NULL )
243 free( (void *)p_drms->p_name );
249 /*****************************************************************************
250 * drms_decrypt: unscramble a chunk of data
251 *****************************************************************************/
252 void drms_decrypt( void *_p_drms, uint32_t *p_buffer, uint32_t i_bytes )
254 struct drms_s *p_drms = (struct drms_s *)_p_drms;
256 unsigned int i_blocks;
258 /* AES is a block cypher, round down the byte count */
259 i_blocks = i_bytes / 16;
260 i_bytes = i_blocks * 16;
262 /* Initialise the key */
263 memcpy( p_key, p_drms->p_key, 16 );
270 REVERSE( p_buffer, 4 );
271 DecryptAES( &p_drms->aes, p_tmp, p_buffer );
272 BlockXOR( p_tmp, p_key, p_tmp );
274 /* Use the previous scrambled data as the key for next block */
275 memcpy( p_key, p_buffer, 16 );
277 /* Copy unscrambled data back to the buffer */
278 memcpy( p_buffer, p_tmp, 16 );
279 REVERSE( p_buffer, 4 );
285 /*****************************************************************************
286 * drms_init: initialise a DRMS structure
287 *****************************************************************************/
288 int drms_init( void *_p_drms, uint32_t i_type,
289 uint8_t *p_info, uint32_t i_len )
291 struct drms_s *p_drms = (struct drms_s *)_p_drms;
297 if( i_len < sizeof(p_drms->i_user) )
303 p_drms->i_user = U32_AT( p_info );
307 if( i_len < sizeof(p_drms->i_key) )
313 p_drms->i_key = U32_AT( p_info );
317 if( i_len < sizeof(p_drms->p_key) )
323 memcpy( p_drms->p_iviv, p_info, 16 );
327 p_drms->p_name = strdup( p_info );
329 if( p_drms->p_name == NULL )
337 uint32_t p_priv[ 64 ];
347 AddMD5( &md5, p_drms->p_name, strlen( p_drms->p_name ) );
348 AddMD5( &md5, p_drms->p_iviv, 16 );
351 if( p_drms->i_user == 0 && p_drms->i_key == 0 )
353 static char const p_secret[] = "tr1-th3n.y00_by3";
354 memcpy( p_drms->p_key, p_secret, 16 );
355 REVERSE( p_drms->p_key, 4 );
359 if( GetUserKey( p_drms, p_drms->p_key ) )
366 InitAES( &p_drms->aes, p_drms->p_key );
368 memcpy( p_priv, p_info, 64 );
369 memcpy( p_drms->p_key, md5.p_digest, 16 );
370 drms_decrypt( p_drms, p_priv, 64 );
371 REVERSE( p_priv, 64 );
373 if( p_priv[ 0 ] != 0x6e757469 ) /* itun */
379 InitAES( &p_drms->aes, p_priv + 6 );
380 memcpy( p_drms->p_key, p_priv + 12, 16 );
382 free( (void *)p_drms->p_name );
383 p_drms->p_name = NULL;
391 /* The following functions are local */
393 /*****************************************************************************
394 * InitAES: initialise AES/Rijndael encryption/decryption tables
395 *****************************************************************************
396 * The Advanced Encryption Standard (AES) is described in RFC 3268
397 *****************************************************************************/
398 static void InitAES( struct aes_s *p_aes, uint32_t *p_key )
401 uint32_t i_key, i_seed;
403 memset( p_aes->pp_enc_keys[1], 0, 16 );
404 memcpy( p_aes->pp_enc_keys[0], p_key, 16 );
406 /* Generate the key tables */
407 i_seed = p_aes->pp_enc_keys[ 0 ][ 3 ];
409 for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ )
413 i_seed = AES_ROR( i_seed, 8 );
415 j = p_aes_table[ i_key ];
417 j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ]
418 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 )
419 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 )
420 ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 );
422 j ^= p_aes->pp_enc_keys[ i_key ][ 0 ];
423 p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j;
424 j ^= p_aes->pp_enc_keys[ i_key ][ 1 ];
425 p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j;
426 j ^= p_aes->pp_enc_keys[ i_key ][ 2 ];
427 p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j;
428 j ^= p_aes->pp_enc_keys[ i_key ][ 3 ];
429 p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j;
434 memcpy( p_aes->pp_dec_keys[ 0 ],
435 p_aes->pp_enc_keys[ 0 ], 16 );
437 for( i = 1; i < AES_KEY_COUNT; i++ )
439 for( t = 0; t < 4; t++ )
441 uint32_t j, k, l, m, n;
443 j = p_aes->pp_enc_keys[ i ][ t ];
445 k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1);
446 l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1);
447 m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1);
451 n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 );
453 p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n;
458 /*****************************************************************************
459 * DecryptAES: decrypt an AES/Rijndael 128 bit block
460 *****************************************************************************/
461 static void DecryptAES( struct aes_s *p_aes,
462 uint32_t *p_dest, const uint32_t *p_src )
464 uint32_t p_wtxt[ 4 ]; /* Working cyphertext */
466 unsigned int i_round, t;
468 for( t = 0; t < 4; t++ )
470 /* FIXME: are there any endianness issues here? */
471 p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ];
475 for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ )
477 for( t = 0; t < 4; t++ )
479 p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt );
482 for( t = 0; t < 4; t++ )
484 p_wtxt[ t ] = p_tmp[ t ]
485 ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ];
489 /* Final round (9) */
490 for( t = 0; t < 4; t++ )
492 p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt );
493 p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ];
498 /*****************************************************************************
499 * InitMD5: initialise an MD5 message
500 *****************************************************************************
501 * The MD5 message-digest algorithm is described in RFC 1321
502 *****************************************************************************/
503 static void InitMD5( struct md5_s *p_md5 )
505 p_md5->p_digest[ 0 ] = 0x67452301;
506 p_md5->p_digest[ 1 ] = 0xefcdab89;
507 p_md5->p_digest[ 2 ] = 0x98badcfe;
508 p_md5->p_digest[ 3 ] = 0x10325476;
510 memset( p_md5->p_data, 0, 64 );
514 /*****************************************************************************
515 * AddMD5: add i_len bytes to an MD5 message
516 *****************************************************************************/
517 static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len )
519 unsigned int i_current; /* Current bytes in the spare buffer */
520 unsigned int i_offset = 0;
522 i_current = (p_md5->i_bits / 8) & 63;
524 p_md5->i_bits += 8 * i_len;
526 /* If we can complete our spare buffer to 64 bytes, do it and add the
527 * resulting buffer to the MD5 message */
528 if( i_len >= (64 - i_current) )
530 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src,
532 Digest( p_md5, p_md5->p_data );
534 i_offset += (64 - i_current);
535 i_len -= (64 - i_current);
539 /* Add as many entire 64 bytes blocks as we can to the MD5 message */
542 uint32_t p_tmp[ 16 ];
543 memcpy( p_tmp, p_src + i_offset, 64 );
544 Digest( p_md5, p_tmp );
549 /* Copy our remaining data to the message's spare buffer */
550 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );
553 /*****************************************************************************
554 * EndMD5: finish an MD5 message
555 *****************************************************************************
556 * This function adds adequate padding to the end of the message, and appends
557 * the bit count so that we end at a block boundary.
558 *****************************************************************************/
559 static void EndMD5( struct md5_s *p_md5 )
561 unsigned int i_current;
563 i_current = (p_md5->i_bits / 8) & 63;
565 /* Append 0x80 to our buffer. No boundary check because the temporary
566 * buffer cannot be full, otherwise AddMD5 would have emptied it. */
567 ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80;
569 /* If less than 8 bytes are available at the end of the block, complete
570 * this 64 bytes block with zeros and add it to the message. We'll add
571 * our length at the end of the next block. */
574 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) );
575 Digest( p_md5, p_md5->p_data );
579 /* Fill the unused space in our last block with zeroes and put the
580 * message length at the end. */
581 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) );
582 p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff;
583 p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32);
584 REVERSE( &p_md5->p_data[ 14 ], 2 );
586 Digest( p_md5, p_md5->p_data );
589 #define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))
590 #define F2( x, y, z ) F1((z), (x), (y))
591 #define F3( x, y, z ) ((x) ^ (y) ^ (z))
592 #define F4( x, y, z ) ((y) ^ ((x) | ~(z)))
594 #define MD5_DO( f, w, x, y, z, data, s ) \
595 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
597 /*****************************************************************************
598 * Digest: update the MD5 digest with 64 bytes of data
599 *****************************************************************************/
600 static void Digest( struct md5_s *p_md5, uint32_t *p_input )
604 REVERSE( p_input, 16 );
606 a = p_md5->p_digest[ 0 ];
607 b = p_md5->p_digest[ 1 ];
608 c = p_md5->p_digest[ 2 ];
609 d = p_md5->p_digest[ 3 ];
611 MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 );
612 MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 );
613 MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 );
614 MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 );
615 MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 );
616 MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 );
617 MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 );
618 MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 );
619 MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 );
620 MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 );
621 MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 );
622 MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 );
623 MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 );
624 MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 );
625 MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 );
626 MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 );
628 MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 );
629 MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 );
630 MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 );
631 MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 );
632 MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 );
633 MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 );
634 MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 );
635 MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 );
636 MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 );
637 MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 );
638 MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 );
639 MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 );
640 MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 );
641 MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 );
642 MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 );
643 MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 );
645 MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 );
646 MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 );
647 MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 );
648 MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 );
649 MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 );
650 MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 );
651 MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 );
652 MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 );
653 MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 );
654 MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 );
655 MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 );
656 MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 );
657 MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 );
658 MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 );
659 MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 );
660 MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 );
662 MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 );
663 MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 );
664 MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 );
665 MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 );
666 MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 );
667 MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 );
668 MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 );
669 MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 );
670 MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 );
671 MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 );
672 MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 );
673 MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 );
674 MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 );
675 MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 );
676 MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 );
677 MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 );
679 p_md5->p_digest[ 0 ] += a;
680 p_md5->p_digest[ 1 ] += b;
681 p_md5->p_digest[ 2 ] += c;
682 p_md5->p_digest[ 3 ] += d;
686 /*****************************************************************************
687 * InitShuffle: initialise a shuffle structure
688 *****************************************************************************
689 * This function initialises tables in the p_shuffle structure that will be
690 * used later by DoShuffle. The only external parameter is p_sys_key.
691 *****************************************************************************/
692 static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key,
695 char p_secret1[] = "Tv!*";
696 static char const p_secret2[] = "v8rhvsaAvOKMFfUH%798=[;."
697 "f8677680a634ba87fnOIf)(*";
700 p_shuffle->i_version = i_version;
702 /* Fill p_commands using the key and a secret seed */
703 for( i = 0; i < 20; i++ )
709 AddMD5( &md5, (uint8_t *)p_sys_key, 16 );
710 AddMD5( &md5, (uint8_t *)p_secret1, 4 );
715 REVERSE( md5.p_digest, 1 );
716 i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024;
718 p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash;
721 /* Fill p_bordel with completely meaningless initial values. */
722 for( i = 0; i < 4; i++ )
724 p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i);
725 memcpy( p_shuffle->p_bordel + 4 * i + 1, p_secret2 + 12 * i, 12 );
726 REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 );
730 /*****************************************************************************
731 * DoShuffle: shuffle buffer
732 *****************************************************************************
733 * This is so ugly and uses so many MD5 checksums that it is most certainly
734 * one-way, though why it needs to be so complicated is beyond me.
735 *****************************************************************************/
736 static void DoShuffle( struct shuffle_s *p_shuffle,
737 uint32_t *p_buffer, uint32_t i_size )
740 uint32_t p_big_bordel[ 16 ];
741 uint32_t *p_bordel = p_shuffle->p_bordel;
744 static uint32_t i_secret = 0;
746 static uint32_t p_secret1[] =
748 0xAAAAAAAA, 0x01757700, 0x00554580, 0x01724500, 0x00424580,
749 0x01427700, 0x00000080, 0xC1D59D01, 0x80144981, 0x815C8901,
750 0x80544981, 0x81D45D01, 0x00000080, 0x81A3BB03, 0x00A2AA82,
751 0x01A3BB03, 0x0022A282, 0x813BA202, 0x00000080, 0x6D575737,
752 0x4A5275A5, 0x6D525725, 0x4A5254A5, 0x6B725437, 0x00000080,
753 0xD5DDB938, 0x5455A092, 0x5D95A013, 0x4415A192, 0xC5DD393A,
754 0x00000080, 0x55555555
757 static char p_secret2[] =
758 "pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq.";
762 REVERSE( p_secret1, sizeof(p_secret1)/sizeof(p_secret1[ 0 ]) );
763 for( ; p_secret2[ i_secret ] != '\0'; i_secret++ )
765 #define ROT13(c) (((c)>='A'&&(c)<='Z')?(((c)-'A'+13)%26)+'A':\
766 ((c)>='a'&&(c)<='z')?(((c)-'a'+13)%26)+'a':c)
767 p_secret2[ i_secret ] = ROT13(p_secret2[ i_secret ]);
769 i_secret++; /* include zero terminator */
772 /* Using the MD5 hash of a memory block is probably not one-way enough
773 * for the iTunes people. This function randomises p_bordel depending on
774 * the values in p_commands to make things even more messy in p_bordel. */
775 for( i = 0; i < 20; i++ )
777 uint8_t i_command, i_index;
779 if( !p_shuffle->p_commands[ i ] )
784 i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8;
785 i_index = p_shuffle->p_commands[ i ] & 0xff;
790 p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ]
791 + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ];
794 p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ];
797 p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ];
800 p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ];
805 if( p_shuffle->i_version == 0x01000300 )
807 DoExtShuffle( p_bordel );
810 /* Convert our newly randomised p_bordel to big endianness and take
813 for( i = 0; i < 16; i++ )
815 p_big_bordel[ i ] = U32_AT(p_bordel + i);
817 AddMD5( &md5, (uint8_t *)p_big_bordel, 64 );
818 if( p_shuffle->i_version == 0x01000300 )
820 AddMD5( &md5, (uint8_t *)p_secret1, sizeof(p_secret1) );
821 AddMD5( &md5, (uint8_t *)p_secret2, i_secret );
825 /* XOR our buffer with the computed checksum */
826 for( i = 0; i < i_size; i++ )
828 p_buffer[ i ] ^= md5.p_digest[ i ];
832 /*****************************************************************************
833 * DoExtShuffle: extended shuffle
834 *****************************************************************************
835 * This is even uglier.
836 *****************************************************************************/
837 static void DoExtShuffle( uint32_t * p_bordel )
841 i_ret = FirstPass( p_bordel );
843 SecondPass( p_bordel, i_ret );
845 ThirdPass( p_bordel );
847 FourthPass( p_bordel );
850 static uint32_t FirstPass( uint32_t * p_bordel )
852 uint32_t i, i_cmd, i_ret = 5;
854 TinyShuffle1( p_bordel );
860 p_bordel[ 1 ] += 0x10000000;
861 p_bordel[ 3 ] += 0x12777;
863 if( (p_bordel[ 10 ] & 1) && i_ret )
866 p_bordel[ 1 ] -= p_bordel[ 2 ];
867 p_bordel[ 11 ] += p_bordel[ 12 ];
871 if( (p_bordel[ 1 ] + p_bordel[ 2 ]) >= 0x7D0 )
873 switch( ((p_bordel[ 3 ] ^ 0x567F) >> 2) & 7 )
876 for( i = 0; i < 3; i++ )
878 if( p_bordel[ i + 10 ] > 0x4E20 )
880 p_bordel[ i + 1 ] += p_bordel[ i + 2 ];
885 p_bordel[ 1 ] -= p_bordel[ 2 ];
888 p_bordel[ 11 ] += p_bordel[ 12 ];
891 p_bordel[ 3 ] ^= p_bordel[ 4 ];
894 p_bordel[ 13 ] &= p_bordel[ 14 ];
897 p_bordel[ 0 ] |= p_bordel[ 1 ];
909 for( i = 0, i_cmd = 0; i < 16; i++ )
911 if( p_bordel[ i ] < p_bordel[ i_cmd ] )
917 if( i_ret && i_cmd != 5 )
925 p_bordel[ 8 ] &= p_bordel[ 6 ] >> 1;
929 for( i = 0; i < 3; i++ )
932 if( p_bordel[ 11 ] & 5 )
934 p_bordel[ 8 ] += p_bordel[ 9 ];
944 i_cmd = (p_bordel[ 15 ] + 0x93) >> 3;
945 if( p_bordel[ 15 ] & 0x100 )
954 while( p_bordel[ 11 ] & 1 )
956 p_bordel[ 11 ] >>= 1;
961 p_bordel[ 14 ] -= 0x19FE;
973 i_cmd = ((p_bordel[ 3 ] + p_bordel[ 4 ] + 10) >> 1) - p_bordel[ 4 ];
981 p_bordel[ 14 ] >>= 1;
990 p_bordel[ 15 ] &= 0x55;
993 p_bordel[ 2 ] &= 0xB62FC;
999 TinyShuffle2( p_bordel );
1004 static void SecondPass( uint32_t * p_bordel, uint32_t i_tmp )
1006 uint32_t i, i_cmd, i_jc = 5;
1008 TinyShuffle3( p_bordel );
1010 for( i = 0, i_cmd = 0; i < 16; i++ )
1012 if( p_bordel[ i ] > p_bordel[ i_cmd ] )
1021 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1027 if( (p_bordel[ 9 ] & 0x7777) == 0x3333 )
1034 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1043 p_bordel[ 1 ] -= p_bordel[ 5 ];
1044 for( i = 0; i < 3; i++ )
1046 switch( p_bordel[ 1 ] & 3 )
1055 p_bordel[ 13 ] &= 0xFEFEFEF7;
1058 p_bordel[ 8 ] |= 0x80080011;
1070 p_bordel[ 15 ] ^= 0x18547EFF;
1076 switch( ( p_bordel[ 12 ] + p_bordel[ 13 ] + p_bordel[ 6 ] ) % 5 )
1079 p_bordel[ 12 ] -= 1;
1082 p_bordel[ 12 ] -= 1;
1083 p_bordel[ 13 ] += 1;
1086 p_bordel[ 13 ] += 4;
1089 p_bordel[ 12 ] -= 1;
1096 i = 3; /* Restart the whole loop */
1101 TinyShuffle4( p_bordel );
1105 TinyShuffle5( p_bordel );
1107 switch( ( p_bordel[ 2 ] * 2 + 15 ) % 5 )
1110 if( ( p_bordel[ 3 ] + i_tmp ) <=
1111 ( p_bordel[ 1 ] + p_bordel[ 15 ] ) )
1117 p_bordel[ 10 ] -= 0x13;
1120 p_bordel[ 5 ] >>= 2;
1124 if( !( p_bordel[ 2 ] & 1 ) || i_jc == 0 )
1130 p_bordel[ 2 ] += 0x13;
1131 p_bordel[ 12 ] += 1;
1134 p_bordel[ 2 ] &= 0x10076000;
1137 static void ThirdPass( uint32_t * p_bordel )
1141 i_cmd = ((p_bordel[ 7 ] + p_bordel[ 14 ] + 10) >> 1) - p_bordel[ 14 ];
1147 p_bordel[ 1 ] <<= 1;
1148 p_bordel[ 2 ] <<= 2;
1149 p_bordel[ 3 ] <<= 3;
1152 p_bordel[ i_cmd + 3 ] &= 0x5EDE36B;
1153 p_bordel[ 5 ] += p_bordel[ 8 ];
1154 p_bordel[ 4 ] += p_bordel[ 7 ];
1155 p_bordel[ 3 ] += p_bordel[ 6 ];
1156 p_bordel[ 2 ] += p_bordel[ 5 ];
1159 p_bordel[ 1 ] += p_bordel[ 4 ];
1160 p_bordel[ 0 ] += p_bordel[ 3 ];
1161 TinyShuffle6( p_bordel );
1162 return; /* jc = 4 */
1164 if( (p_bordel[ 11 ] & p_bordel[ 2 ]) > 0x211B )
1173 p_bordel[ 9 ] ^= p_bordel[ 2 ];
1176 p_bordel[ 2 ] ^= (p_bordel[ 1 ] & p_bordel[ 13 ]);
1179 p_bordel[ 0 ] -= p_bordel[ 11 ] & p_bordel[ 15 ];
1180 return; /* jc = 4 */
1182 p_bordel[ 6 ] >>= (p_bordel[ 14 ] & 3);
1186 SWAP( p_bordel[ 0 ], p_bordel[ 10 ] );
1188 TinyShuffle6( p_bordel );
1190 return; /* jc = 5 */
1193 static void FourthPass( uint32_t * p_bordel )
1197 TinyShuffle7( p_bordel );
1199 switch( p_bordel[ 5 ] % 5)
1205 p_bordel[ 11 ] ^= (p_bordel[ 3 ] + p_bordel[ 6 ] + p_bordel[ 8 ]);
1208 for( i = 4; i < 15 && (p_bordel[ i ] & 5) == 0; i++ )
1210 SWAP( p_bordel[ i ], p_bordel[ 15 - i ] );
1214 p_bordel[ 12 ] -= 1;
1215 p_bordel[ 13 ] += 1;
1216 p_bordel[ 2 ] -= 0x64;
1217 p_bordel[ 3 ] += 0x64;
1218 TinyShuffle8( p_bordel );
1222 for( i = 0, j = 0; i < 16; i++ )
1224 if( p_bordel[ i ] > p_bordel[ j ] )
1230 switch( p_bordel[ j ] % 100 )
1233 SWAP( p_bordel[ 0 ], p_bordel[ j ] );
1236 p_bordel[ 1 ] >>= 1;
1237 p_bordel[ 2 ] <<= 1;
1238 p_bordel[ 14 ] >>= 3;
1239 p_bordel[ 15 ] <<= 4;
1242 p_bordel[ j ] += p_bordel[ 13 ];
1245 p_bordel[ 1 ] += 0x20E;
1246 p_bordel[ 5 ] += 0x223D;
1247 p_bordel[ 13 ] -= 0x576;
1248 p_bordel[ 15 ] += 0x576;
1251 p_bordel[ 2 ] -= 0x64;
1252 p_bordel[ 3 ] += 0x64;
1253 p_bordel[ 12 ] -= 1;
1254 p_bordel[ 13 ] += 1;
1258 p_bordel[ j ] += p_bordel[ 13 ];
1262 TinyShuffle8( p_bordel );
1265 /*****************************************************************************
1266 * TinyShuffle[12345678]: tiny shuffle subroutines
1267 *****************************************************************************
1268 * These standalone functions are little helpers for the shuffling process.
1269 *****************************************************************************/
1270 static void TinyShuffle1( uint32_t * p_bordel )
1272 uint32_t i_cmd = (p_bordel[ 5 ] + 10) >> 2;
1274 if( p_bordel[ 5 ] > 0x7D0 )
1288 if( p_bordel[ 4 ] & 5 )
1290 p_bordel[ 1 ] ^= 0x4D;
1294 p_bordel[ 12 ] += 5;
1299 static void TinyShuffle2( uint32_t * p_bordel )
1303 for( i = 0, j = 0; i < 16; i++ )
1305 if( (p_bordel[ i ] & 0x777) > (p_bordel[ j ] & 0x777) )
1313 for( ; j < 15; j++ )
1315 p_bordel[ j ] += p_bordel[ j + 1 ];
1320 p_bordel[ 2 ] &= 0xB62FC;
1324 static void TinyShuffle3( uint32_t * p_bordel )
1326 uint32_t i_cmd = p_bordel[ 6 ] + 0x194B;
1328 if( p_bordel[ 6 ] > 0x2710 )
1336 p_bordel[ 3 ] += 0x19FE;
1339 p_bordel[ 7 ] -= p_bordel[ 3 ] >> 2;
1342 p_bordel[ 5 ] ^= 0x248A;
1347 static void TinyShuffle4( uint32_t * p_bordel )
1351 for( i = 0, j = 0; i < 16; i++ )
1353 if( p_bordel[ i ] < p_bordel[ j ] )
1359 if( (p_bordel[ j ] % (j + 1)) > 10 )
1362 p_bordel[ 2 ] += 0x13;
1363 p_bordel[ 12 ] += 1;
1367 static void TinyShuffle5( uint32_t * p_bordel )
1371 p_bordel[ 2 ] &= 0x7F3F;
1373 for( i = 0; i < 5; i++ )
1375 switch( ( p_bordel[ 2 ] + 10 + i ) % 5 )
1378 p_bordel[ 12 ] &= p_bordel[ 2 ];
1381 p_bordel[ 3 ] ^= p_bordel[ 15 ];
1384 p_bordel[ 15 ] += 0x576;
1387 p_bordel[ 7 ] -= 0x2D;
1390 p_bordel[ 1 ] <<= 1;
1396 static void TinyShuffle6( uint32_t * p_bordel )
1400 for( i = 0; i < 8; i++ )
1402 j = p_bordel[ 3 ] & 0x7514 ? 5 : 7;
1403 SWAP( p_bordel[ i ], p_bordel[ i + j ] );
1407 static void TinyShuffle7( uint32_t * p_bordel )
1411 i = (((p_bordel[ 9 ] + p_bordel[ 15 ] + 12) >> 2) - p_bordel[ 4 ]) & 7;
1415 SWAP( p_bordel[ i ], p_bordel[ i + 3 ] );
1418 SWAP( p_bordel[ 1 ], p_bordel[ 10 ] );
1421 static void TinyShuffle8( uint32_t * p_bordel )
1425 i = (p_bordel[ 0 ] & p_bordel[ 6 ]) & 0xF;
1427 switch( p_bordel[ i ] % 1000 )
1430 if( (p_bordel[ i ] & 0x777) > (p_bordel[ 7 ] & 0x5555) )
1432 p_bordel[ i ] ^= p_bordel[ 5 ] & p_bordel[ 3 ];
1436 p_bordel[ 15 ] &= 0x5555;
1439 p_bordel[ i ] ^= p_bordel[ 15 ];
1442 SWAP( p_bordel[ 0 ], p_bordel[ 3 ] );
1443 SWAP( p_bordel[ 1 ], p_bordel[ 6 ] );
1444 SWAP( p_bordel[ 3 ], p_bordel[ 6 ] );
1445 SWAP( p_bordel[ 4 ], p_bordel[ 9 ] );
1446 SWAP( p_bordel[ 5 ], p_bordel[ 8 ] );
1447 SWAP( p_bordel[ 6 ], p_bordel[ 7 ] );
1448 SWAP( p_bordel[ 13 ], p_bordel[ 14 ] );
1451 p_bordel[ i ] += p_bordel[ 1 ] ^ 0x80080011;
1452 p_bordel[ i ] += p_bordel[ 2 ] ^ 0xBEEFDEAD;
1453 p_bordel[ i ] += p_bordel[ 3 ] ^ 0x8765F444;
1454 p_bordel[ i ] += p_bordel[ 4 ] ^ 0x78145326;
1457 p_bordel[ 12 ] -= p_bordel[ i ];
1458 p_bordel[ 13 ] += p_bordel[ i ];
1461 p_bordel[ i ] += p_bordel[ 1 ];
1462 p_bordel[ i ] -= p_bordel[ 7 ];
1463 p_bordel[ i ] -= p_bordel[ 8 ];
1464 p_bordel[ i ] += p_bordel[ 9 ];
1465 p_bordel[ i ] += p_bordel[ 13 ];
1469 p_bordel[ i + 1 ] >>= 1;
1470 p_bordel[ i + 2 ] <<= 4;
1471 p_bordel[ i + 3 ] >>= 3;
1474 p_bordel[ 1 ] += 0x20E;
1475 p_bordel[ 5 ] += 0x223D;
1476 p_bordel[ 13 ] -= 0x576;
1477 p_bordel[ 15 ] += 0x576;
1480 if( (p_bordel[ i ] ^ 0x8765F441) < 0x2710 )
1482 SWAP( p_bordel[ 0 ], p_bordel[ 1 ] );
1486 SWAP( p_bordel[ 1 ], p_bordel[ 11 ] );
1492 /*****************************************************************************
1493 * GetSystemKey: get the system key
1494 *****************************************************************************
1495 * Compute the system key from various system information, see HashSystemInfo.
1496 *****************************************************************************/
1497 static int GetSystemKey( uint32_t *p_sys_key, vlc_bool_t b_ipod )
1499 static char const p_secret1[ 8 ] = "YuaFlafu";
1500 static char const p_secret2[ 8 ] = "zPif98ga";
1503 uint32_t p_system_hash[ 4 ];
1505 /* Compute the MD5 hash of our system info */
1506 if( ( !b_ipod && HashSystemInfo( p_system_hash ) ) ||
1507 ( b_ipod && GetiPodID( &i_ipod_id ) ) )
1512 /* Combine our system info hash with additional secret data. The resulting
1513 * MD5 hash will be our system key. */
1515 AddMD5( &md5, p_secret1, 8 );
1519 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1520 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1521 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1522 AddMD5( &md5, p_secret2, 8 );
1526 i_ipod_id = U64_AT(&i_ipod_id);
1527 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1528 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1529 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1534 memcpy( p_sys_key, md5.p_digest, 16 );
1540 # define DRMS_DIRNAME "drms"
1542 # define DRMS_DIRNAME ".drms"
1545 /*****************************************************************************
1546 * WriteUserKey: write the user key to hard disk
1547 *****************************************************************************
1548 * Write the user key to the hard disk so that it can be reused later or used
1549 * on operating systems other than Win32.
1550 *****************************************************************************/
1551 static int WriteUserKey( void *_p_drms, uint32_t *p_user_key )
1553 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1556 char psz_path[ PATH_MAX ];
1558 snprintf( psz_path, PATH_MAX - 1,
1559 "%s/" DRMS_DIRNAME, p_drms->psz_homedir );
1561 #if defined( HAVE_ERRNO_H )
1562 # if defined( WIN32 )
1563 if( !mkdir( psz_path ) || errno == EEXIST )
1565 if( !mkdir( psz_path, 0755 ) || errno == EEXIST )
1568 if( !mkdir( psz_path ) )
1571 snprintf( psz_path, PATH_MAX - 1, "%s/" DRMS_DIRNAME "/%08X.%03d",
1572 p_drms->psz_homedir, p_drms->i_user, p_drms->i_key );
1574 file = fopen( psz_path, "wb" );
1577 i_ret = fwrite( p_user_key, sizeof(uint32_t),
1578 4, file ) == 4 ? 0 : -1;
1586 /*****************************************************************************
1587 * ReadUserKey: read the user key from hard disk
1588 *****************************************************************************
1589 * Retrieve the user key from the hard disk if available.
1590 *****************************************************************************/
1591 static int ReadUserKey( void *_p_drms, uint32_t *p_user_key )
1593 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1596 char psz_path[ PATH_MAX ];
1598 snprintf( psz_path, PATH_MAX - 1,
1599 "%s/" DRMS_DIRNAME "/%08X.%03d", p_drms->psz_homedir,
1600 p_drms->i_user, p_drms->i_key );
1602 file = fopen( psz_path, "rb" );
1605 i_ret = fread( p_user_key, sizeof(uint32_t),
1606 4, file ) == 4 ? 0 : -1;
1613 /*****************************************************************************
1614 * GetUserKey: get the user key
1615 *****************************************************************************
1616 * Retrieve the user key from the hard disk if available, otherwise generate
1617 * it from the system key. If the key could be successfully generated, write
1618 * it to the hard disk for future use.
1619 *****************************************************************************/
1620 static int GetUserKey( void *_p_drms, uint32_t *p_user_key )
1622 static char const p_secret[] = "mUfnpognadfgf873";
1623 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1625 struct shuffle_s shuffle;
1627 uint32_t *p_sci_data;
1628 uint32_t i_user, i_key;
1629 uint32_t p_sys_key[ 4 ];
1630 uint32_t i_sci_size, i_blocks, i_remaining;
1631 uint32_t *p_sci0, *p_sci1, *p_buffer;
1632 uint32_t p_sci_key[ 4 ];
1636 if( !ReadUserKey( p_drms, p_user_key ) )
1638 REVERSE( p_user_key, 4 );
1642 psz_ipod = getenv( "IPOD" );
1644 if( GetSystemKey( p_sys_key, psz_ipod ? VLC_TRUE : VLC_FALSE ) )
1649 if( GetSCIData( psz_ipod, &p_sci_data, &i_sci_size ) )
1654 /* Phase 1: unscramble the SCI data using the system key and shuffle
1655 * it using DoShuffle(). */
1657 /* Skip the first 4 bytes (some sort of header). Decrypt the rest. */
1658 i_blocks = (i_sci_size - 4) / 16;
1659 i_remaining = (i_sci_size - 4) - (i_blocks * 16);
1660 p_buffer = p_sci_data + 1;
1662 /* Decrypt and shuffle our data at the same time */
1663 InitAES( &aes, p_sys_key );
1664 REVERSE( p_sys_key, 4 );
1665 REVERSE( p_sci_data, 1 );
1666 InitShuffle( &shuffle, p_sys_key, p_sci_data[ 0 ] );
1668 memcpy( p_sci_key, p_secret, 16 );
1669 REVERSE( p_sci_key, 4 );
1673 uint32_t p_tmp[ 4 ];
1675 REVERSE( p_buffer, 4 );
1676 DecryptAES( &aes, p_tmp, p_buffer );
1677 BlockXOR( p_tmp, p_sci_key, p_tmp );
1679 /* Use the previous scrambled data as the key for next block */
1680 memcpy( p_sci_key, p_buffer, 16 );
1682 /* Shuffle the decrypted data using a custom routine */
1683 DoShuffle( &shuffle, p_tmp, 4 );
1685 /* Copy this block back to p_buffer */
1686 memcpy( p_buffer, p_tmp, 16 );
1691 if( i_remaining >= 4 )
1694 REVERSE( p_buffer, i_remaining );
1695 DoShuffle( &shuffle, p_buffer, i_remaining );
1698 /* Phase 2: look for the user key in the generated data. I must admit I
1699 * do not understand what is going on here, because it almost
1700 * looks like we are browsing data that makes sense, even though
1701 * the DoShuffle() part made it completely meaningless. */
1704 REVERSE( p_sci_data + 5, 1 );
1705 i = U32_AT( p_sci_data + 5 );
1706 i_sci_size -= 22 * sizeof(uint32_t);
1707 p_sci1 = p_sci_data + 22;
1710 while( i_sci_size >= 20 && i > 0 )
1712 if( p_sci0 == NULL )
1714 i_sci_size -= 18 * sizeof(uint32_t);
1715 if( i_sci_size < 20 )
1721 REVERSE( p_sci1 + 17, 1 );
1722 y = U32_AT( p_sci1 + 17 );
1733 i_user = U32_AT( p_sci0 );
1734 i_key = U32_AT( p_sci1 );
1735 REVERSE( &i_user, 1 );
1736 REVERSE( &i_key, 1 );
1737 if( i_user == p_drms->i_user && ( ( i_key == p_drms->i_key ) ||
1738 ( !p_drms->i_key && ( p_sci1 == (p_sci0 + 18) ) ) ) )
1740 memcpy( p_user_key, p_sci1 + 1, 16 );
1741 REVERSE( p_sci1 + 1, 4 );
1742 WriteUserKey( p_drms, p_sci1 + 1 );
1749 i_sci_size -= 5 * sizeof(uint32_t);
1757 /*****************************************************************************
1758 * GetSCIData: get SCI data from "SC Info.sidb"
1759 *****************************************************************************
1760 * Read SCI data from "\Apple Computer\iTunes\SC Info\SC Info.sidb"
1761 *****************************************************************************/
1762 static int GetSCIData( char *psz_ipod, uint32_t **pp_sci,
1763 uint32_t *pi_sci_size )
1766 char *psz_path = NULL;
1767 char p_tmp[ PATH_MAX ];
1770 if( psz_ipod == NULL )
1773 char *p_filename = "\\Apple Computer\\iTunes\\SC Info\\SC Info.sidb";
1774 typedef HRESULT (WINAPI *SHGETFOLDERPATH)( HWND, int, HANDLE, DWORD,
1776 HINSTANCE shfolder_dll = NULL;
1777 SHGETFOLDERPATH dSHGetFolderPath = NULL;
1779 if( ( shfolder_dll = LoadLibrary( _T("SHFolder.dll") ) ) != NULL )
1782 (SHGETFOLDERPATH)GetProcAddress( shfolder_dll,
1783 _T("SHGetFolderPathA") );
1786 if( dSHGetFolderPath != NULL &&
1787 SUCCEEDED( dSHGetFolderPath( NULL, CSIDL_COMMON_APPDATA,
1788 NULL, 0, p_tmp ) ) )
1790 strncat( p_tmp, p_filename, min( strlen( p_filename ),
1791 (sizeof(p_tmp)/sizeof(p_tmp[0]) - 1) -
1792 strlen( p_tmp ) ) );
1796 if( shfolder_dll != NULL )
1798 FreeLibrary( shfolder_dll );
1804 #define ISCINFO "iSCInfo"
1805 if( strstr( psz_ipod, ISCINFO ) == NULL )
1807 snprintf( p_tmp, sizeof(p_tmp)/sizeof(p_tmp[0]) - 1,
1808 "%s/iPod_Control/iTunes/" ISCINFO "2", psz_ipod );
1813 psz_path = psz_ipod;
1817 if( psz_path == NULL )
1822 file = fopen( psz_path, "rb" );
1827 if( !fstat( fileno( file ), &st ) && st.st_size >= 4 )
1829 *pp_sci = malloc( st.st_size );
1830 if( *pp_sci != NULL )
1832 if( fread( *pp_sci, 1, st.st_size,
1833 file ) == (size_t)st.st_size )
1835 *pi_sci_size = st.st_size;
1840 free( (void *)*pp_sci );
1852 /*****************************************************************************
1853 * HashSystemInfo: hash system information
1854 *****************************************************************************
1855 * This function computes the MD5 hash of the C: hard drive serial number,
1856 * BIOS version, CPU type and Windows version.
1857 *****************************************************************************/
1858 static int HashSystemInfo( uint32_t *p_system_hash )
1870 static LPCTSTR p_reg_keys[ 3 ][ 2 ] =
1873 _T("HARDWARE\\DESCRIPTION\\System"),
1874 _T("SystemBiosVersion")
1878 _T("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"),
1879 _T("ProcessorNameString")
1883 _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion"),
1890 AddMD5( &md5, "cache-control", 13 );
1891 AddMD5( &md5, "Ethernet", 8 );
1893 GetVolumeInformation( _T("C:\\"), NULL, 0, &i_serial,
1894 NULL, NULL, NULL, 0 );
1895 AddMD5( &md5, (uint8_t *)&i_serial, 4 );
1897 for( i = 0; i < sizeof(p_reg_keys) / sizeof(p_reg_keys[ 0 ]); i++ )
1899 if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, p_reg_keys[ i ][ 0 ],
1900 0, KEY_READ, &i_key ) != ERROR_SUCCESS )
1905 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1906 NULL, NULL, NULL, &i_size ) != ERROR_SUCCESS )
1908 RegCloseKey( i_key );
1912 p_reg_buf = malloc( i_size );
1914 if( p_reg_buf != NULL )
1916 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1917 NULL, NULL, p_reg_buf,
1918 &i_size ) == ERROR_SUCCESS )
1920 AddMD5( &md5, (uint8_t *)p_reg_buf, i_size );
1926 RegCloseKey( i_key );
1935 memcpy( p_system_hash, md5.p_digest, 16 );
1940 /*****************************************************************************
1941 * GetiPodID: Get iPod ID
1942 *****************************************************************************
1943 * This function gets the iPod ID.
1944 *****************************************************************************/
1945 static int GetiPodID( int64_t *p_ipod_id )
1949 #define PROD_NAME "iPod"
1950 #define VENDOR_NAME "Apple Computer, Inc."
1952 char *psz_ipod_id = getenv( "IPODID" );
1953 if( psz_ipod_id != NULL )
1955 *p_ipod_id = strtoll( psz_ipod_id, NULL, 16 );
1963 io_iterator_t iterator;
1964 CFMutableDictionaryRef match_dic;
1965 CFMutableDictionaryRef smatch_dic;
1967 if( IOMasterPort( MACH_PORT_NULL, &port ) == KERN_SUCCESS )
1969 smatch_dic = IOServiceMatching( "IOFireWireUnit" );
1970 match_dic = CFDictionaryCreateMutable( kCFAllocatorDefault, 0,
1971 &kCFTypeDictionaryKeyCallBacks,
1972 &kCFTypeDictionaryValueCallBacks );
1974 if( smatch_dic != NULL && match_dic != NULL )
1976 CFDictionarySetValue( smatch_dic,
1977 CFSTR("FireWire Vendor Name"),
1978 CFSTR(VENDOR_NAME) );
1979 CFDictionarySetValue( smatch_dic,
1980 CFSTR("FireWire Product Name"),
1983 CFDictionarySetValue( match_dic,
1984 CFSTR(kIOPropertyMatchKey),
1987 if( IOServiceGetMatchingServices( port, match_dic,
1988 &iterator ) == KERN_SUCCESS )
1990 while( ( device = IOIteratorNext( iterator ) ) != NULL )
1992 value = IORegistryEntryCreateCFProperty( device,
1993 CFSTR("GUID"), kCFAllocatorDefault, kNilOptions );
1997 if( CFGetTypeID( value ) == CFNumberGetTypeID() )
2000 CFNumberGetValue( (CFNumberRef)value,
2001 kCFNumberLongLongType,
2003 *p_ipod_id = i_ipod_id;
2010 IOObjectRelease( device );
2015 IOObjectRelease( iterator );
2019 mach_port_deallocate( mach_task_self(), port );
2022 #elif HAVE_SYSFS_LIBSYSFS_H
2023 struct sysfs_bus *bus = NULL;
2024 struct dlist *devlist = NULL;
2025 struct dlist *attributes = NULL;
2026 struct sysfs_device *curdev = NULL;
2027 struct sysfs_attribute *curattr = NULL;
2029 bus = sysfs_open_bus( "ieee1394" );
2032 devlist = sysfs_get_bus_devices( bus );
2033 if( devlist != NULL )
2035 dlist_for_each_data( devlist, curdev, struct sysfs_device )
2037 attributes = sysfs_get_device_attributes( curdev );
2038 if( attributes != NULL )
2040 dlist_for_each_data( attributes, curattr,
2041 struct sysfs_attribute )
2043 if( ( strcmp( curattr->name, "model_name" ) == 0 ) &&
2044 ( strncmp( curattr->value, PROD_NAME,
2045 sizeof(PROD_NAME) ) == 0 ) )
2047 *p_ipod_id = strtoll( curdev->name, NULL, 16 );
2058 sysfs_close_bus( bus );
2065 #else /* !defined( UNDER_CE ) */
2067 void *drms_alloc( char *psz_homedir ){ return 0; }
2068 void drms_free( void *a ){}
2069 void drms_decrypt( void *a, uint32_t *b, uint32_t c ){}
2070 int drms_init( void *a, uint32_t b, uint8_t *c, uint32_t d ){ return -1; }
2072 #endif /* defined( UNDER_CE ) */