1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright (C) 2004 VideoLAN
7 * Authors: Jon Lech Johansen <jon-vl@nanocrew.net>
8 * Sam Hocevar <sam@zoy.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
23 *****************************************************************************/
25 #include <stdlib.h> /* malloc(), free() */
50 #ifdef HAVE_SYS_STAT_H
51 # include <sys/stat.h>
53 #ifdef HAVE_SYS_TYPES_H
54 # include <sys/types.h>
57 /* In Solaris (and perhaps others) PATH_MAX is in limits.h. */
63 # include <mach/mach.h>
64 # include <IOKit/IOKitLib.h>
65 # include <CoreFoundation/CFNumber.h>
68 #ifdef HAVE_SYSFS_LIBSYSFS_H
69 # include <sysfs/libsysfs.h>
73 #include "drmstables.h"
75 /*****************************************************************************
76 * aes_s: AES keys structure
77 *****************************************************************************
78 * This structure stores a set of keys usable for encryption and decryption
79 * with the AES/Rijndael algorithm.
80 *****************************************************************************/
83 uint32_t pp_enc_keys[ AES_KEY_COUNT + 1 ][ 4 ];
84 uint32_t pp_dec_keys[ AES_KEY_COUNT + 1 ][ 4 ];
87 /*****************************************************************************
88 * md5_s: MD5 message structure
89 *****************************************************************************
90 * This structure stores the static information needed to compute an MD5
91 * hash. It has an extra data buffer to allow non-aligned writes.
92 *****************************************************************************/
95 uint64_t i_bits; /* Total written bits */
96 uint32_t p_digest[4]; /* The MD5 digest */
97 uint32_t p_data[16]; /* Buffer to cache non-aligned writes */
100 /*****************************************************************************
101 * shuffle_s: shuffle structure
102 *****************************************************************************
103 * This structure stores the static information needed to shuffle data using
104 * a custom algorithm.
105 *****************************************************************************/
109 uint32_t p_commands[ 20 ];
110 uint32_t p_bordel[ 16 ];
113 #define SWAP( a, b ) { (a) ^= (b); (b) ^= (a); (a) ^= (b); }
115 /*****************************************************************************
116 * drms_s: DRMS structure
117 *****************************************************************************
118 * This structure stores the static information needed to decrypt DRMS data.
119 *****************************************************************************/
124 uint8_t p_iviv[ 16 ];
130 char psz_homedir[ PATH_MAX ];
133 /*****************************************************************************
135 *****************************************************************************/
136 static void InitAES ( struct aes_s *, uint32_t * );
137 static void DecryptAES ( struct aes_s *, uint32_t *, const uint32_t * );
139 static void InitMD5 ( struct md5_s * );
140 static void AddMD5 ( struct md5_s *, const uint8_t *, uint32_t );
141 static void EndMD5 ( struct md5_s * );
142 static void Digest ( struct md5_s *, uint32_t * );
144 static void InitShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
145 static void DoShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
147 static uint32_t FirstPass ( uint32_t * );
148 static void SecondPass ( uint32_t *, uint32_t );
149 static void ThirdPass ( uint32_t * );
150 static void FourthPass ( uint32_t * );
151 static void TinyShuffle1 ( uint32_t * );
152 static void TinyShuffle2 ( uint32_t * );
153 static void TinyShuffle3 ( uint32_t * );
154 static void TinyShuffle4 ( uint32_t * );
155 static void TinyShuffle5 ( uint32_t * );
156 static void TinyShuffle6 ( uint32_t * );
157 static void TinyShuffle7 ( uint32_t * );
158 static void TinyShuffle8 ( uint32_t * );
159 static void DoExtShuffle ( uint32_t * );
161 static int GetSystemKey ( uint32_t *, vlc_bool_t );
162 static int WriteUserKey ( void *, uint32_t * );
163 static int ReadUserKey ( void *, uint32_t * );
164 static int GetUserKey ( void *, uint32_t * );
166 static int GetSCIData ( char *, uint32_t **, uint32_t * );
167 static int HashSystemInfo ( uint32_t * );
168 static int GetiPodID ( int64_t * );
170 #ifdef WORDS_BIGENDIAN
171 /*****************************************************************************
172 * Reverse: reverse byte order
173 *****************************************************************************/
174 static inline void Reverse( uint32_t *p_buffer, int n )
178 for( i = 0; i < n; i++ )
180 p_buffer[ i ] = GetDWLE(&p_buffer[ i ]);
183 # define REVERSE( p, n ) Reverse( p, n )
185 # define REVERSE( p, n )
188 /*****************************************************************************
189 * BlockXOR: XOR two 128 bit blocks
190 *****************************************************************************/
191 static inline void BlockXOR( uint32_t *p_dest, uint32_t *p_s1, uint32_t *p_s2 )
195 for( i = 0; i < 4; i++ )
197 p_dest[ i ] = p_s1[ i ] ^ p_s2[ i ];
201 /*****************************************************************************
202 * drms_alloc: allocate a DRMS structure
203 *****************************************************************************/
204 void *drms_alloc( char *psz_homedir )
206 struct drms_s *p_drms;
208 p_drms = malloc( sizeof(struct drms_s) );
215 memset( p_drms, 0, sizeof(struct drms_s) );
217 strncpy( p_drms->psz_homedir, psz_homedir, PATH_MAX );
218 p_drms->psz_homedir[ PATH_MAX - 1 ] = '\0';
220 return (void *)p_drms;
223 /*****************************************************************************
224 * drms_free: free a previously allocated DRMS structure
225 *****************************************************************************/
226 void drms_free( void *_p_drms )
228 struct drms_s *p_drms = (struct drms_s *)_p_drms;
230 if( p_drms->p_name != NULL )
232 free( (void *)p_drms->p_name );
238 /*****************************************************************************
239 * drms_decrypt: unscramble a chunk of data
240 *****************************************************************************/
241 void drms_decrypt( void *_p_drms, uint32_t *p_buffer, uint32_t i_bytes )
243 struct drms_s *p_drms = (struct drms_s *)_p_drms;
245 unsigned int i_blocks;
247 /* AES is a block cypher, round down the byte count */
248 i_blocks = i_bytes / 16;
249 i_bytes = i_blocks * 16;
251 /* Initialise the key */
252 memcpy( p_key, p_drms->p_key, 16 );
259 REVERSE( p_buffer, 4 );
260 DecryptAES( &p_drms->aes, p_tmp, p_buffer );
261 BlockXOR( p_tmp, p_key, p_tmp );
263 /* Use the previous scrambled data as the key for next block */
264 memcpy( p_key, p_buffer, 16 );
266 /* Copy unscrambled data back to the buffer */
267 memcpy( p_buffer, p_tmp, 16 );
268 REVERSE( p_buffer, 4 );
274 /*****************************************************************************
275 * drms_init: initialise a DRMS structure
276 *****************************************************************************/
277 int drms_init( void *_p_drms, uint32_t i_type,
278 uint8_t *p_info, uint32_t i_len )
280 struct drms_s *p_drms = (struct drms_s *)_p_drms;
286 if( i_len < sizeof(p_drms->i_user) )
292 p_drms->i_user = U32_AT( p_info );
296 if( i_len < sizeof(p_drms->i_key) )
302 p_drms->i_key = U32_AT( p_info );
306 if( i_len < sizeof(p_drms->p_key) )
312 memcpy( p_drms->p_iviv, p_info, 16 );
316 p_drms->p_name = strdup( p_info );
318 if( p_drms->p_name == NULL )
326 uint32_t p_priv[ 64 ];
336 AddMD5( &md5, p_drms->p_name, strlen( p_drms->p_name ) );
337 AddMD5( &md5, p_drms->p_iviv, 16 );
340 if( p_drms->i_user == 0 && p_drms->i_key == 0 )
342 static char const p_secret[] = "tr1-th3n.y00_by3";
343 memcpy( p_drms->p_key, p_secret, 16 );
344 REVERSE( p_drms->p_key, 4 );
348 if( GetUserKey( p_drms, p_drms->p_key ) )
355 InitAES( &p_drms->aes, p_drms->p_key );
357 memcpy( p_priv, p_info, 64 );
358 memcpy( p_drms->p_key, md5.p_digest, 16 );
359 drms_decrypt( p_drms, p_priv, 64 );
360 REVERSE( p_priv, 64 );
362 if( p_priv[ 0 ] != 0x6e757469 ) /* itun */
368 InitAES( &p_drms->aes, p_priv + 6 );
369 memcpy( p_drms->p_key, p_priv + 12, 16 );
371 free( (void *)p_drms->p_name );
372 p_drms->p_name = NULL;
380 /* The following functions are local */
382 /*****************************************************************************
383 * InitAES: initialise AES/Rijndael encryption/decryption tables
384 *****************************************************************************
385 * The Advanced Encryption Standard (AES) is described in RFC 3268
386 *****************************************************************************/
387 static void InitAES( struct aes_s *p_aes, uint32_t *p_key )
390 uint32_t i_key, i_seed;
392 memset( p_aes->pp_enc_keys[1], 0, 16 );
393 memcpy( p_aes->pp_enc_keys[0], p_key, 16 );
395 /* Generate the key tables */
396 i_seed = p_aes->pp_enc_keys[ 0 ][ 3 ];
398 for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ )
402 i_seed = AES_ROR( i_seed, 8 );
404 j = p_aes_table[ i_key ];
406 j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ]
407 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 )
408 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 )
409 ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 );
411 j ^= p_aes->pp_enc_keys[ i_key ][ 0 ];
412 p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j;
413 j ^= p_aes->pp_enc_keys[ i_key ][ 1 ];
414 p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j;
415 j ^= p_aes->pp_enc_keys[ i_key ][ 2 ];
416 p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j;
417 j ^= p_aes->pp_enc_keys[ i_key ][ 3 ];
418 p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j;
423 memcpy( p_aes->pp_dec_keys[ 0 ],
424 p_aes->pp_enc_keys[ 0 ], 16 );
426 for( i = 1; i < AES_KEY_COUNT; i++ )
428 for( t = 0; t < 4; t++ )
430 uint32_t j, k, l, m, n;
432 j = p_aes->pp_enc_keys[ i ][ t ];
434 k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1);
435 l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1);
436 m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1);
440 n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 );
442 p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n;
447 /*****************************************************************************
448 * DecryptAES: decrypt an AES/Rijndael 128 bit block
449 *****************************************************************************/
450 static void DecryptAES( struct aes_s *p_aes,
451 uint32_t *p_dest, const uint32_t *p_src )
453 uint32_t p_wtxt[ 4 ]; /* Working cyphertext */
455 unsigned int i_round, t;
457 for( t = 0; t < 4; t++ )
459 /* FIXME: are there any endianness issues here? */
460 p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ];
464 for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ )
466 for( t = 0; t < 4; t++ )
468 p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt );
471 for( t = 0; t < 4; t++ )
473 p_wtxt[ t ] = p_tmp[ t ]
474 ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ];
478 /* Final round (9) */
479 for( t = 0; t < 4; t++ )
481 p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt );
482 p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ];
486 /*****************************************************************************
487 * InitMD5: initialise an MD5 message
488 *****************************************************************************
489 * The MD5 message-digest algorithm is described in RFC 1321
490 *****************************************************************************/
491 static void InitMD5( struct md5_s *p_md5 )
493 p_md5->p_digest[ 0 ] = 0x67452301;
494 p_md5->p_digest[ 1 ] = 0xefcdab89;
495 p_md5->p_digest[ 2 ] = 0x98badcfe;
496 p_md5->p_digest[ 3 ] = 0x10325476;
498 memset( p_md5->p_data, 0, 64 );
502 /*****************************************************************************
503 * AddMD5: add i_len bytes to an MD5 message
504 *****************************************************************************/
505 static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len )
507 unsigned int i_current; /* Current bytes in the spare buffer */
508 unsigned int i_offset = 0;
510 i_current = (p_md5->i_bits / 8) & 63;
512 p_md5->i_bits += 8 * i_len;
514 /* If we can complete our spare buffer to 64 bytes, do it and add the
515 * resulting buffer to the MD5 message */
516 if( i_len >= (64 - i_current) )
518 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src,
520 Digest( p_md5, p_md5->p_data );
522 i_offset += (64 - i_current);
523 i_len -= (64 - i_current);
527 /* Add as many entire 64 bytes blocks as we can to the MD5 message */
530 uint32_t p_tmp[ 16 ];
531 memcpy( p_tmp, p_src + i_offset, 64 );
532 Digest( p_md5, p_tmp );
537 /* Copy our remaining data to the message's spare buffer */
538 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );
541 /*****************************************************************************
542 * EndMD5: finish an MD5 message
543 *****************************************************************************
544 * This function adds adequate padding to the end of the message, and appends
545 * the bit count so that we end at a block boundary.
546 *****************************************************************************/
547 static void EndMD5( struct md5_s *p_md5 )
549 unsigned int i_current;
551 i_current = (p_md5->i_bits / 8) & 63;
553 /* Append 0x80 to our buffer. No boundary check because the temporary
554 * buffer cannot be full, otherwise AddMD5 would have emptied it. */
555 ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80;
557 /* If less than 8 bytes are available at the end of the block, complete
558 * this 64 bytes block with zeros and add it to the message. We'll add
559 * our length at the end of the next block. */
562 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) );
563 Digest( p_md5, p_md5->p_data );
567 /* Fill the unused space in our last block with zeroes and put the
568 * message length at the end. */
569 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) );
570 p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff;
571 p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32);
572 REVERSE( &p_md5->p_data[ 14 ], 2 );
574 Digest( p_md5, p_md5->p_data );
577 #define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))
578 #define F2( x, y, z ) F1((z), (x), (y))
579 #define F3( x, y, z ) ((x) ^ (y) ^ (z))
580 #define F4( x, y, z ) ((y) ^ ((x) | ~(z)))
582 #define MD5_DO( f, w, x, y, z, data, s ) \
583 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
585 /*****************************************************************************
586 * Digest: update the MD5 digest with 64 bytes of data
587 *****************************************************************************/
588 static void Digest( struct md5_s *p_md5, uint32_t *p_input )
592 REVERSE( p_input, 16 );
594 a = p_md5->p_digest[ 0 ];
595 b = p_md5->p_digest[ 1 ];
596 c = p_md5->p_digest[ 2 ];
597 d = p_md5->p_digest[ 3 ];
599 MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 );
600 MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 );
601 MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 );
602 MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 );
603 MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 );
604 MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 );
605 MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 );
606 MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 );
607 MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 );
608 MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 );
609 MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 );
610 MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 );
611 MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 );
612 MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 );
613 MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 );
614 MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 );
616 MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 );
617 MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 );
618 MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 );
619 MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 );
620 MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 );
621 MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 );
622 MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 );
623 MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 );
624 MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 );
625 MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 );
626 MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 );
627 MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 );
628 MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 );
629 MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 );
630 MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 );
631 MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 );
633 MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 );
634 MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 );
635 MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 );
636 MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 );
637 MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 );
638 MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 );
639 MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 );
640 MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 );
641 MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 );
642 MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 );
643 MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 );
644 MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 );
645 MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 );
646 MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 );
647 MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 );
648 MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 );
650 MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 );
651 MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 );
652 MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 );
653 MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 );
654 MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 );
655 MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 );
656 MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 );
657 MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 );
658 MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 );
659 MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 );
660 MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 );
661 MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 );
662 MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 );
663 MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 );
664 MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 );
665 MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 );
667 p_md5->p_digest[ 0 ] += a;
668 p_md5->p_digest[ 1 ] += b;
669 p_md5->p_digest[ 2 ] += c;
670 p_md5->p_digest[ 3 ] += d;
673 /*****************************************************************************
674 * InitShuffle: initialise a shuffle structure
675 *****************************************************************************
676 * This function initialises tables in the p_shuffle structure that will be
677 * used later by DoShuffle. The only external parameter is p_sys_key.
678 *****************************************************************************/
679 static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key,
682 char p_secret1[] = "Tv!*";
683 static char const p_secret2[] = "v8rhvsaAvOKMFfUH%798=[;."
684 "f8677680a634ba87fnOIf)(*";
687 p_shuffle->i_version = i_version;
689 /* Fill p_commands using the key and a secret seed */
690 for( i = 0; i < 20; i++ )
696 AddMD5( &md5, (uint8_t *)p_sys_key, 16 );
697 AddMD5( &md5, (uint8_t *)p_secret1, 4 );
702 REVERSE( md5.p_digest, 1 );
703 i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024;
705 p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash;
708 /* Fill p_bordel with completely meaningless initial values. */
709 for( i = 0; i < 4; i++ )
711 p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i);
712 memcpy( p_shuffle->p_bordel + 4 * i + 1, p_secret2 + 12 * i, 12 );
713 REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 );
717 /*****************************************************************************
718 * DoShuffle: shuffle buffer
719 *****************************************************************************
720 * This is so ugly and uses so many MD5 checksums that it is most certainly
721 * one-way, though why it needs to be so complicated is beyond me.
722 *****************************************************************************/
723 static void DoShuffle( struct shuffle_s *p_shuffle,
724 uint32_t *p_buffer, uint32_t i_size )
727 uint32_t p_big_bordel[ 16 ];
728 uint32_t *p_bordel = p_shuffle->p_bordel;
731 static uint32_t i_secret = 0;
733 static uint32_t p_secret1[] =
735 0xAAAAAAAA, 0x01757700, 0x00554580, 0x01724500, 0x00424580,
736 0x01427700, 0x00000080, 0xC1D59D01, 0x80144981, 0x815C8901,
737 0x80544981, 0x81D45D01, 0x00000080, 0x81A3BB03, 0x00A2AA82,
738 0x01A3BB03, 0x0022A282, 0x813BA202, 0x00000080, 0x6D575737,
739 0x4A5275A5, 0x6D525725, 0x4A5254A5, 0x6B725437, 0x00000080,
740 0xD5DDB938, 0x5455A092, 0x5D95A013, 0x4415A192, 0xC5DD393A,
741 0x00000080, 0x55555555
744 static char p_secret2[] =
745 "pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq.";
749 REVERSE( p_secret1, sizeof(p_secret1)/sizeof(p_secret1[ 0 ]) );
750 for( ; p_secret2[ i_secret ] != '\0'; i_secret++ )
752 #define ROT13(c) (((c)>='A'&&(c)<='Z')?(((c)-'A'+13)%26)+'A':\
753 ((c)>='a'&&(c)<='z')?(((c)-'a'+13)%26)+'a':c)
754 p_secret2[ i_secret ] = ROT13(p_secret2[ i_secret ]);
756 i_secret++; /* include zero terminator */
759 /* Using the MD5 hash of a memory block is probably not one-way enough
760 * for the iTunes people. This function randomises p_bordel depending on
761 * the values in p_commands to make things even more messy in p_bordel. */
762 for( i = 0; i < 20; i++ )
764 uint8_t i_command, i_index;
766 if( !p_shuffle->p_commands[ i ] )
771 i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8;
772 i_index = p_shuffle->p_commands[ i ] & 0xff;
777 p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ]
778 + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ];
781 p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ];
784 p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ];
787 p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ];
792 if( p_shuffle->i_version == 0x01000300 )
794 DoExtShuffle( p_bordel );
797 /* Convert our newly randomised p_bordel to big endianness and take
800 for( i = 0; i < 16; i++ )
802 p_big_bordel[ i ] = U32_AT(p_bordel + i);
804 AddMD5( &md5, (uint8_t *)p_big_bordel, 64 );
805 if( p_shuffle->i_version == 0x01000300 )
807 AddMD5( &md5, (uint8_t *)p_secret1, sizeof(p_secret1) );
808 AddMD5( &md5, (uint8_t *)p_secret2, i_secret );
812 /* XOR our buffer with the computed checksum */
813 for( i = 0; i < i_size; i++ )
815 p_buffer[ i ] ^= md5.p_digest[ i ];
819 /*****************************************************************************
820 * DoExtShuffle: extended shuffle
821 *****************************************************************************
822 * This is even uglier.
823 *****************************************************************************/
824 static void DoExtShuffle( uint32_t * p_bordel )
828 i_ret = FirstPass( p_bordel );
830 SecondPass( p_bordel, i_ret );
832 ThirdPass( p_bordel );
834 FourthPass( p_bordel );
837 static uint32_t FirstPass( uint32_t * p_bordel )
839 uint32_t i, i_cmd, i_ret = 5;
841 TinyShuffle1( p_bordel );
847 p_bordel[ 1 ] += 0x10000000;
848 p_bordel[ 3 ] += 0x12777;
850 if( (p_bordel[ 10 ] & 1) && i_ret )
853 p_bordel[ 1 ] -= p_bordel[ 2 ];
854 p_bordel[ 11 ] += p_bordel[ 12 ];
858 if( (p_bordel[ 1 ] + p_bordel[ 2 ]) >= 0x7D0 )
860 switch( ((p_bordel[ 3 ] ^ 0x567F) >> 2) & 7 )
863 for( i = 0; i < 3; i++ )
865 if( p_bordel[ i + 10 ] > 0x4E20 )
867 p_bordel[ i + 1 ] += p_bordel[ i + 2 ];
872 p_bordel[ 1 ] -= p_bordel[ 2 ];
875 p_bordel[ 11 ] += p_bordel[ 12 ];
878 p_bordel[ 3 ] ^= p_bordel[ 4 ];
881 p_bordel[ 13 ] &= p_bordel[ 14 ];
884 p_bordel[ 0 ] |= p_bordel[ 1 ];
896 for( i = 0, i_cmd = 0; i < 16; i++ )
898 if( p_bordel[ i ] < p_bordel[ i_cmd ] )
904 if( i_ret && i_cmd != 5 )
912 p_bordel[ 8 ] &= p_bordel[ 6 ] >> 1;
916 for( i = 0; i < 3; i++ )
919 if( p_bordel[ 11 ] & 5 )
921 p_bordel[ 8 ] += p_bordel[ 9 ];
931 i_cmd = (p_bordel[ 15 ] + 0x93) >> 3;
932 if( p_bordel[ 15 ] & 0x100 )
941 while( p_bordel[ 11 ] & 1 )
943 p_bordel[ 11 ] >>= 1;
948 p_bordel[ 14 ] -= 0x19FE;
960 i_cmd = ((p_bordel[ 3 ] + p_bordel[ 4 ] + 10) >> 1) - p_bordel[ 4 ];
968 p_bordel[ 14 ] >>= 1;
977 p_bordel[ 15 ] &= 0x55;
980 p_bordel[ 2 ] &= 0xB62FC;
986 TinyShuffle2( p_bordel );
991 static void SecondPass( uint32_t * p_bordel, uint32_t i_tmp )
993 uint32_t i, i_cmd, i_jc = 5;
995 TinyShuffle3( p_bordel );
997 for( i = 0, i_cmd = 0; i < 16; i++ )
999 if( p_bordel[ i ] > p_bordel[ i_cmd ] )
1008 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1014 if( (p_bordel[ 9 ] & 0x7777) == 0x3333 )
1021 if( p_bordel[ 1 ] < p_bordel[ 8 ] )
1030 p_bordel[ 1 ] -= p_bordel[ 5 ];
1031 for( i = 0; i < 3; i++ )
1033 switch( p_bordel[ 1 ] & 3 )
1042 p_bordel[ 13 ] &= 0xFEFEFEF7;
1045 p_bordel[ 8 ] |= 0x80080011;
1057 p_bordel[ 15 ] ^= 0x18547EFF;
1063 switch( ( p_bordel[ 12 ] + p_bordel[ 13 ] + p_bordel[ 6 ] ) % 5 )
1066 p_bordel[ 12 ] -= 1;
1069 p_bordel[ 12 ] -= 1;
1070 p_bordel[ 13 ] += 1;
1073 p_bordel[ 13 ] += 4;
1076 p_bordel[ 12 ] -= 1;
1083 i = 3; /* Restart the whole loop */
1088 TinyShuffle4( p_bordel );
1092 TinyShuffle5( p_bordel );
1094 switch( ( p_bordel[ 2 ] * 2 + 15 ) % 5 )
1097 if( ( p_bordel[ 3 ] + i_tmp ) <=
1098 ( p_bordel[ 1 ] + p_bordel[ 15 ] ) )
1104 p_bordel[ 10 ] -= 0x13;
1107 p_bordel[ 5 ] >>= 2;
1111 if( !( p_bordel[ 2 ] & 1 ) || i_jc == 0 )
1117 p_bordel[ 2 ] += 0x13;
1118 p_bordel[ 12 ] += 1;
1121 p_bordel[ 2 ] &= 0x10076000;
1124 static void ThirdPass( uint32_t * p_bordel )
1128 i_cmd = ((p_bordel[ 7 ] + p_bordel[ 14 ] + 10) >> 1) - p_bordel[ 14 ];
1134 p_bordel[ 1 ] <<= 1;
1135 p_bordel[ 2 ] <<= 2;
1136 p_bordel[ 3 ] <<= 3;
1139 p_bordel[ i_cmd + 3 ] &= 0x5EDE36B;
1140 p_bordel[ 5 ] += p_bordel[ 8 ];
1141 p_bordel[ 4 ] += p_bordel[ 7 ];
1142 p_bordel[ 3 ] += p_bordel[ 6 ];
1143 p_bordel[ 2 ] += p_bordel[ 5 ];
1146 p_bordel[ 1 ] += p_bordel[ 4 ];
1147 p_bordel[ 0 ] += p_bordel[ 3 ];
1148 TinyShuffle6( p_bordel );
1149 return; /* jc = 4 */
1151 if( (p_bordel[ 11 ] & p_bordel[ 2 ]) > 0x211B )
1160 p_bordel[ 9 ] ^= p_bordel[ 2 ];
1163 p_bordel[ 2 ] ^= (p_bordel[ 1 ] & p_bordel[ 13 ]);
1166 p_bordel[ 0 ] -= p_bordel[ 11 ] & p_bordel[ 15 ];
1167 return; /* jc = 4 */
1169 p_bordel[ 6 ] >>= (p_bordel[ 14 ] & 3);
1173 SWAP( p_bordel[ 0 ], p_bordel[ 10 ] );
1175 TinyShuffle6( p_bordel );
1177 return; /* jc = 5 */
1180 static void FourthPass( uint32_t * p_bordel )
1184 TinyShuffle7( p_bordel );
1186 switch( p_bordel[ 5 ] % 5)
1192 p_bordel[ 11 ] ^= (p_bordel[ 3 ] + p_bordel[ 6 ] + p_bordel[ 8 ]);
1195 for( i = 4; i < 15 && (p_bordel[ i ] & 5) == 0; i++ )
1197 SWAP( p_bordel[ i ], p_bordel[ 15 - i ] );
1201 p_bordel[ 12 ] -= 1;
1202 p_bordel[ 13 ] += 1;
1203 p_bordel[ 2 ] -= 0x64;
1204 p_bordel[ 3 ] += 0x64;
1205 TinyShuffle8( p_bordel );
1209 for( i = 0, j = 0; i < 16; i++ )
1211 if( p_bordel[ i ] > p_bordel[ j ] )
1217 switch( p_bordel[ j ] % 100 )
1220 SWAP( p_bordel[ 0 ], p_bordel[ j ] );
1223 p_bordel[ 1 ] >>= 1;
1224 p_bordel[ 2 ] <<= 1;
1225 p_bordel[ 14 ] >>= 3;
1226 p_bordel[ 15 ] <<= 4;
1229 p_bordel[ j ] += p_bordel[ 13 ];
1232 p_bordel[ 1 ] += 0x20E;
1233 p_bordel[ 5 ] += 0x223D;
1234 p_bordel[ 13 ] -= 0x576;
1235 p_bordel[ 15 ] += 0x576;
1238 p_bordel[ 2 ] -= 0x64;
1239 p_bordel[ 3 ] += 0x64;
1240 p_bordel[ 12 ] -= 1;
1241 p_bordel[ 13 ] += 1;
1245 p_bordel[ j ] += p_bordel[ 13 ];
1249 TinyShuffle8( p_bordel );
1252 /*****************************************************************************
1253 * TinyShuffle[12345678]: tiny shuffle subroutines
1254 *****************************************************************************
1255 * These standalone functions are little helpers for the shuffling process.
1256 *****************************************************************************/
1257 static void TinyShuffle1( uint32_t * p_bordel )
1259 uint32_t i_cmd = (p_bordel[ 5 ] + 10) >> 2;
1261 if( p_bordel[ 5 ] > 0x7D0 )
1275 if( p_bordel[ 4 ] & 5 )
1277 p_bordel[ 1 ] ^= 0x4D;
1281 p_bordel[ 12 ] += 5;
1286 static void TinyShuffle2( uint32_t * p_bordel )
1290 for( i = 0, j = 0; i < 16; i++ )
1292 if( (p_bordel[ i ] & 0x777) > (p_bordel[ j ] & 0x777) )
1300 for( ; j < 15; j++ )
1302 p_bordel[ j ] += p_bordel[ j + 1 ];
1307 p_bordel[ 2 ] &= 0xB62FC;
1311 static void TinyShuffle3( uint32_t * p_bordel )
1313 uint32_t i_cmd = p_bordel[ 6 ] + 0x194B;
1315 if( p_bordel[ 6 ] > 0x2710 )
1323 p_bordel[ 3 ] += 0x19FE;
1326 p_bordel[ 7 ] -= p_bordel[ 3 ] >> 2;
1329 p_bordel[ 5 ] ^= 0x248A;
1334 static void TinyShuffle4( uint32_t * p_bordel )
1338 for( i = 0, j = 0; i < 16; i++ )
1340 if( p_bordel[ i ] < p_bordel[ j ] )
1346 if( (p_bordel[ j ] % (j + 1)) > 10 )
1349 p_bordel[ 2 ] += 0x13;
1350 p_bordel[ 12 ] += 1;
1354 static void TinyShuffle5( uint32_t * p_bordel )
1358 p_bordel[ 2 ] &= 0x7F3F;
1360 for( i = 0; i < 5; i++ )
1362 switch( ( p_bordel[ 2 ] + 10 + i ) % 5 )
1365 p_bordel[ 12 ] &= p_bordel[ 2 ];
1368 p_bordel[ 3 ] ^= p_bordel[ 15 ];
1371 p_bordel[ 15 ] += 0x576;
1374 p_bordel[ 7 ] -= 0x2D;
1377 p_bordel[ 1 ] <<= 1;
1383 static void TinyShuffle6( uint32_t * p_bordel )
1387 for( i = 0; i < 8; i++ )
1389 j = p_bordel[ 3 ] & 0x7514 ? 5 : 7;
1390 SWAP( p_bordel[ i ], p_bordel[ i + j ] );
1394 static void TinyShuffle7( uint32_t * p_bordel )
1398 i = (((p_bordel[ 9 ] + p_bordel[ 15 ] + 12) >> 2) - p_bordel[ 4 ]) & 7;
1402 SWAP( p_bordel[ i ], p_bordel[ i + 3 ] );
1405 SWAP( p_bordel[ 1 ], p_bordel[ 10 ] );
1408 static void TinyShuffle8( uint32_t * p_bordel )
1412 i = (p_bordel[ 0 ] & p_bordel[ 6 ]) & 0xF;
1414 switch( p_bordel[ i ] % 1000 )
1417 if( (p_bordel[ i ] & 0x777) > (p_bordel[ 7 ] & 0x5555) )
1419 p_bordel[ i ] ^= p_bordel[ 5 ] & p_bordel[ 3 ];
1423 p_bordel[ 15 ] &= 0x5555;
1426 p_bordel[ i ] ^= p_bordel[ 15 ];
1429 SWAP( p_bordel[ 0 ], p_bordel[ 3 ] );
1430 SWAP( p_bordel[ 1 ], p_bordel[ 6 ] );
1431 SWAP( p_bordel[ 3 ], p_bordel[ 6 ] );
1432 SWAP( p_bordel[ 4 ], p_bordel[ 9 ] );
1433 SWAP( p_bordel[ 5 ], p_bordel[ 8 ] );
1434 SWAP( p_bordel[ 6 ], p_bordel[ 7 ] );
1435 SWAP( p_bordel[ 13 ], p_bordel[ 14 ] );
1438 p_bordel[ i ] += p_bordel[ 1 ] ^ 0x80080011;
1439 p_bordel[ i ] += p_bordel[ 2 ] ^ 0xBEEFDEAD;
1440 p_bordel[ i ] += p_bordel[ 3 ] ^ 0x8765F444;
1441 p_bordel[ i ] += p_bordel[ 4 ] ^ 0x78145326;
1444 p_bordel[ 12 ] -= p_bordel[ i ];
1445 p_bordel[ 13 ] += p_bordel[ i ];
1448 p_bordel[ i ] += p_bordel[ 1 ];
1449 p_bordel[ i ] -= p_bordel[ 7 ];
1450 p_bordel[ i ] -= p_bordel[ 8 ];
1451 p_bordel[ i ] += p_bordel[ 9 ];
1452 p_bordel[ i ] += p_bordel[ 13 ];
1456 p_bordel[ i + 1 ] >>= 1;
1457 p_bordel[ i + 2 ] <<= 4;
1458 p_bordel[ i + 3 ] >>= 3;
1461 p_bordel[ 1 ] += 0x20E;
1462 p_bordel[ 5 ] += 0x223D;
1463 p_bordel[ 13 ] -= 0x576;
1464 p_bordel[ 15 ] += 0x576;
1467 if( (p_bordel[ i ] ^ 0x8765F441) < 0x2710 )
1469 SWAP( p_bordel[ 0 ], p_bordel[ 1 ] );
1473 SWAP( p_bordel[ 1 ], p_bordel[ 11 ] );
1479 /*****************************************************************************
1480 * GetSystemKey: get the system key
1481 *****************************************************************************
1482 * Compute the system key from various system information, see HashSystemInfo.
1483 *****************************************************************************/
1484 static int GetSystemKey( uint32_t *p_sys_key, vlc_bool_t b_ipod )
1486 static char const p_secret1[ 8 ] = "YuaFlafu";
1487 static char const p_secret2[ 8 ] = "zPif98ga";
1490 uint32_t p_system_hash[ 4 ];
1492 /* Compute the MD5 hash of our system info */
1493 if( ( !b_ipod && HashSystemInfo( p_system_hash ) ) ||
1494 ( b_ipod && GetiPodID( &i_ipod_id ) ) )
1499 /* Combine our system info hash with additional secret data. The resulting
1500 * MD5 hash will be our system key. */
1502 AddMD5( &md5, p_secret1, 8 );
1506 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1507 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1508 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
1509 AddMD5( &md5, p_secret2, 8 );
1513 i_ipod_id = U64_AT(&i_ipod_id);
1514 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1515 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1516 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
1521 memcpy( p_sys_key, md5.p_digest, 16 );
1527 # define DRMS_DIRNAME "drms"
1529 # define DRMS_DIRNAME ".drms"
1532 /*****************************************************************************
1533 * WriteUserKey: write the user key to hard disk
1534 *****************************************************************************
1535 * Write the user key to the hard disk so that it can be reused later or used
1536 * on operating systems other than Win32.
1537 *****************************************************************************/
1538 static int WriteUserKey( void *_p_drms, uint32_t *p_user_key )
1540 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1543 char psz_path[ PATH_MAX ];
1545 snprintf( psz_path, PATH_MAX - 1,
1546 "%s/" DRMS_DIRNAME, p_drms->psz_homedir );
1548 #if defined( HAVE_ERRNO_H )
1549 # if defined( WIN32 )
1550 if( !mkdir( psz_path ) || errno == EEXIST )
1552 if( !mkdir( psz_path, 0755 ) || errno == EEXIST )
1555 if( !mkdir( psz_path ) )
1558 snprintf( psz_path, PATH_MAX - 1, "%s/" DRMS_DIRNAME "/%08X.%03d",
1559 p_drms->psz_homedir, p_drms->i_user, p_drms->i_key );
1561 file = fopen( psz_path, "wb" );
1564 i_ret = fwrite( p_user_key, sizeof(uint32_t),
1565 4, file ) == 4 ? 0 : -1;
1573 /*****************************************************************************
1574 * ReadUserKey: read the user key from hard disk
1575 *****************************************************************************
1576 * Retrieve the user key from the hard disk if available.
1577 *****************************************************************************/
1578 static int ReadUserKey( void *_p_drms, uint32_t *p_user_key )
1580 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1583 char psz_path[ PATH_MAX ];
1585 snprintf( psz_path, PATH_MAX - 1,
1586 "%s/" DRMS_DIRNAME "/%08X.%03d", p_drms->psz_homedir,
1587 p_drms->i_user, p_drms->i_key );
1589 file = fopen( psz_path, "rb" );
1592 i_ret = fread( p_user_key, sizeof(uint32_t),
1593 4, file ) == 4 ? 0 : -1;
1600 /*****************************************************************************
1601 * GetUserKey: get the user key
1602 *****************************************************************************
1603 * Retrieve the user key from the hard disk if available, otherwise generate
1604 * it from the system key. If the key could be successfully generated, write
1605 * it to the hard disk for future use.
1606 *****************************************************************************/
1607 static int GetUserKey( void *_p_drms, uint32_t *p_user_key )
1609 static char const p_secret[] = "mUfnpognadfgf873";
1610 struct drms_s *p_drms = (struct drms_s *)_p_drms;
1612 struct shuffle_s shuffle;
1614 uint32_t *p_sci_data;
1615 uint32_t i_user, i_key;
1616 uint32_t p_sys_key[ 4 ];
1617 uint32_t i_sci_size, i_blocks, i_remaining;
1618 uint32_t *p_sci0, *p_sci1, *p_buffer;
1619 uint32_t p_sci_key[ 4 ];
1623 if( !ReadUserKey( p_drms, p_user_key ) )
1625 REVERSE( p_user_key, 4 );
1629 psz_ipod = getenv( "IPOD" );
1631 if( GetSystemKey( p_sys_key, psz_ipod ? VLC_TRUE : VLC_FALSE ) )
1636 if( GetSCIData( psz_ipod, &p_sci_data, &i_sci_size ) )
1641 /* Phase 1: unscramble the SCI data using the system key and shuffle
1642 * it using DoShuffle(). */
1644 /* Skip the first 4 bytes (some sort of header). Decrypt the rest. */
1645 i_blocks = (i_sci_size - 4) / 16;
1646 i_remaining = (i_sci_size - 4) - (i_blocks * 16);
1647 p_buffer = p_sci_data + 1;
1649 /* Decrypt and shuffle our data at the same time */
1650 InitAES( &aes, p_sys_key );
1651 REVERSE( p_sys_key, 4 );
1652 REVERSE( p_sci_data, 1 );
1653 InitShuffle( &shuffle, p_sys_key, p_sci_data[ 0 ] );
1655 memcpy( p_sci_key, p_secret, 16 );
1656 REVERSE( p_sci_key, 4 );
1660 uint32_t p_tmp[ 4 ];
1662 REVERSE( p_buffer, 4 );
1663 DecryptAES( &aes, p_tmp, p_buffer );
1664 BlockXOR( p_tmp, p_sci_key, p_tmp );
1666 /* Use the previous scrambled data as the key for next block */
1667 memcpy( p_sci_key, p_buffer, 16 );
1669 /* Shuffle the decrypted data using a custom routine */
1670 DoShuffle( &shuffle, p_tmp, 4 );
1672 /* Copy this block back to p_buffer */
1673 memcpy( p_buffer, p_tmp, 16 );
1678 if( i_remaining >= 4 )
1681 REVERSE( p_buffer, i_remaining );
1682 DoShuffle( &shuffle, p_buffer, i_remaining );
1685 /* Phase 2: look for the user key in the generated data. I must admit I
1686 * do not understand what is going on here, because it almost
1687 * looks like we are browsing data that makes sense, even though
1688 * the DoShuffle() part made it completely meaningless. */
1691 REVERSE( p_sci_data + 5, 1 );
1692 i = U32_AT( p_sci_data + 5 );
1693 i_sci_size -= 22 * sizeof(uint32_t);
1694 p_sci1 = p_sci_data + 22;
1697 while( i_sci_size >= 20 && i > 0 )
1699 if( p_sci0 == NULL )
1701 i_sci_size -= 18 * sizeof(uint32_t);
1702 if( i_sci_size < 20 )
1708 REVERSE( p_sci1 + 17, 1 );
1709 y = U32_AT( p_sci1 + 17 );
1720 i_user = U32_AT( p_sci0 );
1721 i_key = U32_AT( p_sci1 );
1722 REVERSE( &i_user, 1 );
1723 REVERSE( &i_key, 1 );
1724 if( i_user == p_drms->i_user && ( ( i_key == p_drms->i_key ) ||
1725 ( !p_drms->i_key && ( p_sci1 == (p_sci0 + 18) ) ) ) )
1727 memcpy( p_user_key, p_sci1 + 1, 16 );
1728 REVERSE( p_sci1 + 1, 4 );
1729 WriteUserKey( p_drms, p_sci1 + 1 );
1736 i_sci_size -= 5 * sizeof(uint32_t);
1744 /*****************************************************************************
1745 * GetSCIData: get SCI data from "SC Info.sidb"
1746 *****************************************************************************
1747 * Read SCI data from "\Apple Computer\iTunes\SC Info\SC Info.sidb"
1748 *****************************************************************************/
1749 static int GetSCIData( char *psz_ipod, uint32_t **pp_sci,
1750 uint32_t *pi_sci_size )
1753 char *psz_path = NULL;
1754 char p_tmp[ PATH_MAX ];
1757 if( psz_ipod == NULL )
1760 char *p_filename = "\\Apple Computer\\iTunes\\SC Info\\SC Info.sidb";
1761 typedef HRESULT (WINAPI *SHGETFOLDERPATH)( HWND, int, HANDLE, DWORD,
1763 HINSTANCE shfolder_dll = NULL;
1764 SHGETFOLDERPATH dSHGetFolderPath = NULL;
1766 if( ( shfolder_dll = LoadLibrary( _T("SHFolder.dll") ) ) != NULL )
1769 (SHGETFOLDERPATH)GetProcAddress( shfolder_dll,
1770 _T("SHGetFolderPathA") );
1773 if( dSHGetFolderPath != NULL &&
1774 SUCCEEDED( dSHGetFolderPath( NULL, CSIDL_COMMON_APPDATA,
1775 NULL, 0, p_tmp ) ) )
1777 strncat( p_tmp, p_filename, min( strlen( p_filename ),
1778 (sizeof(p_tmp)/sizeof(p_tmp[0]) - 1) -
1779 strlen( p_tmp ) ) );
1783 if( shfolder_dll != NULL )
1785 FreeLibrary( shfolder_dll );
1791 #define ISCINFO "iSCInfo"
1792 if( strstr( psz_ipod, ISCINFO ) == NULL )
1794 snprintf( p_tmp, sizeof(p_tmp)/sizeof(p_tmp[0]) - 1,
1795 "%s/iPod_Control/iTunes/" ISCINFO "2", psz_ipod );
1800 psz_path = psz_ipod;
1804 if( psz_path == NULL )
1809 file = fopen( psz_path, "rb" );
1814 if( !fstat( fileno( file ), &st ) && st.st_size >= 4 )
1816 *pp_sci = malloc( st.st_size );
1817 if( *pp_sci != NULL )
1819 if( fread( *pp_sci, 1, st.st_size,
1820 file ) == (size_t)st.st_size )
1822 *pi_sci_size = st.st_size;
1827 free( (void *)*pp_sci );
1839 /*****************************************************************************
1840 * HashSystemInfo: hash system information
1841 *****************************************************************************
1842 * This function computes the MD5 hash of the C: hard drive serial number,
1843 * BIOS version, CPU type and Windows version.
1844 *****************************************************************************/
1845 static int HashSystemInfo( uint32_t *p_system_hash )
1857 static LPCTSTR p_reg_keys[ 3 ][ 2 ] =
1860 _T("HARDWARE\\DESCRIPTION\\System"),
1861 _T("SystemBiosVersion")
1865 _T("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"),
1866 _T("ProcessorNameString")
1870 _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion"),
1877 AddMD5( &md5, "cache-control", 13 );
1878 AddMD5( &md5, "Ethernet", 8 );
1880 GetVolumeInformation( _T("C:\\"), NULL, 0, &i_serial,
1881 NULL, NULL, NULL, 0 );
1882 AddMD5( &md5, (uint8_t *)&i_serial, 4 );
1884 for( i = 0; i < sizeof(p_reg_keys) / sizeof(p_reg_keys[ 0 ]); i++ )
1886 if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, p_reg_keys[ i ][ 0 ],
1887 0, KEY_READ, &i_key ) != ERROR_SUCCESS )
1892 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1893 NULL, NULL, NULL, &i_size ) != ERROR_SUCCESS )
1895 RegCloseKey( i_key );
1899 p_reg_buf = malloc( i_size );
1901 if( p_reg_buf != NULL )
1903 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1904 NULL, NULL, p_reg_buf,
1905 &i_size ) == ERROR_SUCCESS )
1907 AddMD5( &md5, (uint8_t *)p_reg_buf, i_size );
1913 RegCloseKey( i_key );
1922 memcpy( p_system_hash, md5.p_digest, 16 );
1927 /*****************************************************************************
1928 * GetiPodID: Get iPod ID
1929 *****************************************************************************
1930 * This function gets the iPod ID.
1931 *****************************************************************************/
1932 static int GetiPodID( int64_t *p_ipod_id )
1936 #define PROD_NAME "iPod"
1937 #define VENDOR_NAME "Apple Computer, Inc."
1939 char *psz_ipod_id = getenv( "IPODID" );
1940 if( psz_ipod_id != NULL )
1942 *p_ipod_id = strtoll( psz_ipod_id, NULL, 16 );
1950 io_iterator_t iterator;
1951 CFMutableDictionaryRef match_dic;
1952 CFMutableDictionaryRef smatch_dic;
1954 if( IOMasterPort( MACH_PORT_NULL, &port ) == KERN_SUCCESS )
1956 smatch_dic = IOServiceMatching( "IOFireWireUnit" );
1957 match_dic = CFDictionaryCreateMutable( kCFAllocatorDefault, 0,
1958 &kCFTypeDictionaryKeyCallBacks,
1959 &kCFTypeDictionaryValueCallBacks );
1961 if( smatch_dic != NULL && match_dic != NULL )
1963 CFDictionarySetValue( smatch_dic,
1964 CFSTR("FireWire Vendor Name"),
1965 CFSTR(VENDOR_NAME) );
1966 CFDictionarySetValue( smatch_dic,
1967 CFSTR("FireWire Product Name"),
1970 CFDictionarySetValue( match_dic,
1971 CFSTR(kIOPropertyMatchKey),
1974 if( IOServiceGetMatchingServices( port, match_dic,
1975 &iterator ) == KERN_SUCCESS )
1977 while( ( device = IOIteratorNext( iterator ) ) != NULL )
1979 value = IORegistryEntryCreateCFProperty( device,
1980 CFSTR("GUID"), kCFAllocatorDefault, kNilOptions );
1984 if( CFGetTypeID( value ) == CFNumberGetTypeID() )
1987 CFNumberGetValue( (CFNumberRef)value,
1988 kCFNumberLongLongType,
1990 *p_ipod_id = i_ipod_id;
1997 IOObjectRelease( device );
2002 IOObjectRelease( iterator );
2006 mach_port_deallocate( mach_task_self(), port );
2009 #elif HAVE_SYSFS_LIBSYSFS_H
2010 struct sysfs_bus *bus = NULL;
2011 struct dlist *devlist = NULL;
2012 struct dlist *attributes = NULL;
2013 struct sysfs_device *curdev = NULL;
2014 struct sysfs_attribute *curattr = NULL;
2016 bus = sysfs_open_bus( "ieee1394" );
2019 devlist = sysfs_get_bus_devices( bus );
2020 if( devlist != NULL )
2022 dlist_for_each_data( devlist, curdev, struct sysfs_device )
2024 attributes = sysfs_get_device_attributes( curdev );
2025 if( attributes != NULL )
2027 dlist_for_each_data( attributes, curattr,
2028 struct sysfs_attribute )
2030 if( ( strcmp( curattr->name, "model_name" ) == 0 ) &&
2031 ( strncmp( curattr->value, PROD_NAME,
2032 sizeof(PROD_NAME) ) == 0 ) )
2034 *p_ipod_id = strtoll( curdev->name, NULL, 16 );
2045 sysfs_close_bus( bus );