📄 drms.c
字号:
for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ ) { uint32_t j; i_seed = AES_ROR( i_seed, 8 ); j = p_aes_table[ i_key ]; j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ] ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 ) ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 ) ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 ); j ^= p_aes->pp_enc_keys[ i_key ][ 0 ]; p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j; j ^= p_aes->pp_enc_keys[ i_key ][ 1 ]; p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j; j ^= p_aes->pp_enc_keys[ i_key ][ 2 ]; p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j; j ^= p_aes->pp_enc_keys[ i_key ][ 3 ]; p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j; i_seed = j; } memcpy( p_aes->pp_dec_keys[ 0 ], p_aes->pp_enc_keys[ 0 ], 16 ); for( i = 1; i < AES_KEY_COUNT; i++ ) { for( t = 0; t < 4; t++ ) { uint32_t j, k, l, m, n; j = p_aes->pp_enc_keys[ i ][ t ]; k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1); l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1); m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1); j ^= m; n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 ); p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n; } }}/***************************************************************************** * DecryptAES: decrypt an AES/Rijndael 128 bit block *****************************************************************************/static void DecryptAES( struct aes_s *p_aes, uint32_t *p_dest, const uint32_t *p_src ){ uint32_t p_wtxt[ 4 ]; /* Working cyphertext */ uint32_t p_tmp[ 4 ]; unsigned int i_round, t; for( t = 0; t < 4; t++ ) { /* FIXME: are there any endianness issues here? */ p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ]; } /* Rounds 0 - 8 */ for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ ) { for( t = 0; t < 4; t++ ) { p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt ); } for( t = 0; t < 4; t++ ) { p_wtxt[ t ] = p_tmp[ t ] ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ]; } } /* Final round (9) */ for( t = 0; t < 4; t++ ) { p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt ); p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ]; }}#ifndef __VLC__/***************************************************************************** * InitMD5: initialise an MD5 message ***************************************************************************** * The MD5 message-digest algorithm is described in RFC 1321 *****************************************************************************/static void InitMD5( struct md5_s *p_md5 ){ p_md5->p_digest[ 0 ] = 0x67452301; p_md5->p_digest[ 1 ] = 0xefcdab89; p_md5->p_digest[ 2 ] = 0x98badcfe; p_md5->p_digest[ 3 ] = 0x10325476; memset( p_md5->p_data, 0, 64 ); p_md5->i_bits = 0;}/***************************************************************************** * AddMD5: add i_len bytes to an MD5 message *****************************************************************************/static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len ){ unsigned int i_current; /* Current bytes in the spare buffer */ unsigned int i_offset = 0; i_current = (p_md5->i_bits / 8) & 63; p_md5->i_bits += 8 * i_len; /* If we can complete our spare buffer to 64 bytes, do it and add the * resulting buffer to the MD5 message */ if( i_len >= (64 - i_current) ) { memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src, (64 - i_current) ); Digest( p_md5, p_md5->p_data ); i_offset += (64 - i_current); i_len -= (64 - i_current); i_current = 0; } /* Add as many entire 64 bytes blocks as we can to the MD5 message */ while( i_len >= 64 ) { uint32_t p_tmp[ 16 ]; memcpy( p_tmp, p_src + i_offset, 64 ); Digest( p_md5, p_tmp ); i_offset += 64; i_len -= 64; } /* Copy our remaining data to the message's spare buffer */ memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );}/***************************************************************************** * EndMD5: finish an MD5 message ***************************************************************************** * This function adds adequate padding to the end of the message, and appends * the bit count so that we end at a block boundary. *****************************************************************************/static void EndMD5( struct md5_s *p_md5 ){ unsigned int i_current; i_current = (p_md5->i_bits / 8) & 63; /* Append 0x80 to our buffer. No boundary check because the temporary * buffer cannot be full, otherwise AddMD5 would have emptied it. */ ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80; /* If less than 8 bytes are available at the end of the block, complete * this 64 bytes block with zeros and add it to the message. We'll add * our length at the end of the next block. */ if( i_current > 56 ) { memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) ); Digest( p_md5, p_md5->p_data ); i_current = 0; } /* Fill the unused space in our last block with zeroes and put the * message length at the end. */ memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) ); p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff; p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32); REVERSE( &p_md5->p_data[ 14 ], 2 ); Digest( p_md5, p_md5->p_data );}#define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))#define F2( x, y, z ) F1((z), (x), (y))#define F3( x, y, z ) ((x) ^ (y) ^ (z))#define F4( x, y, z ) ((y) ^ ((x) | ~(z)))#define MD5_DO( f, w, x, y, z, data, s ) \ ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )/***************************************************************************** * Digest: update the MD5 digest with 64 bytes of data *****************************************************************************/static void Digest( struct md5_s *p_md5, uint32_t *p_input ){ uint32_t a, b, c, d; REVERSE( p_input, 16 ); a = p_md5->p_digest[ 0 ]; b = p_md5->p_digest[ 1 ]; c = p_md5->p_digest[ 2 ]; d = p_md5->p_digest[ 3 ]; MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 ); MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 ); MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 ); MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 ); MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 ); MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 ); MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 ); MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 ); MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 ); MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 ); MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 ); MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 ); MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 ); MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 ); MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 ); MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 ); MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 ); MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 ); MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 ); MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 ); MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 ); MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 ); MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 ); MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 ); MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 ); MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 ); MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 ); MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 ); MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 ); MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 ); MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 ); MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 ); MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 ); MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 ); MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 ); MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 ); MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 ); MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 ); MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 ); MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 ); MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 ); MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 ); MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 ); MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 ); MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 ); MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 ); MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 ); MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 ); MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 ); MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 ); MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 ); MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 ); MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 ); MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 ); MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 ); MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 ); MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 ); MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 ); MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 ); MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 ); MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 ); MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 ); MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 ); MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 ); p_md5->p_digest[ 0 ] += a; p_md5->p_digest[ 1 ] += b; p_md5->p_digest[ 2 ] += c; p_md5->p_digest[ 3 ] += d;}#endif/***************************************************************************** * InitShuffle: initialise a shuffle structure ***************************************************************************** * This function initialises tables in the p_shuffle structure that will be * used later by DoShuffle. The only external parameter is p_sys_key. *****************************************************************************/static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key, uint32_t i_version ){ char p_secret1[] = "Tv!*"; static char const p_secret2[] = "____v8rhvsaAvOKM____FfUH%798=[;." "____f8677680a634____ba87fnOIf)(*"; unsigned int i; p_shuffle->i_version = i_version; /* Fill p_commands using the key and a secret seed */ for( i = 0; i < 20; i++ ) { struct md5_s md5; int32_t i_hash; InitMD5( &md5 ); AddMD5( &md5, (const uint8_t *)p_sys_key, 16 ); AddMD5( &md5, (const uint8_t *)p_secret1, 4 ); EndMD5( &md5 ); p_secret1[ 3 ]++; REVERSE( md5.p_digest, 1 ); i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024; p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash; } /* Fill p_bordel with completely meaningless initial values. */ memcpy( p_shuffle->p_bordel, p_secret2, 64 ); for( i = 0; i < 4; i++ ) { p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i); REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 ); }}/***************************************************************************** * DoShuffle: shuffle buffer ***************************************************************************** * This is so ugly and uses so many MD5 checksums that it is most certainly * one-way, though why it needs to be so complicated is beyond me. *****************************************************************************/static void DoShuffle( struct shuffle_s *p_shuffle, uint32_t *p_buffer, uint32_t i_size ){ struct md5_s md5; uint32_t p_big_bordel[ 16 ]; uint32_t *p_bordel = p_shuffle->p_bordel; unsigned int i; static uint32_t i_secret = 0; static uint32_t p_secret3[] = { 0xAAAAAAAA, 0x01757700, 0x00554580, 0x01724500, 0x00424580, 0x01427700, 0x00000080, 0xC1D59D01, 0x80144981, 0x815C8901, 0x80544981, 0x81D45D01, 0x00000080, 0x81A3BB03, 0x00A2AA82, 0x01A3BB03, 0x0022A282, 0x813BA202, 0x00000080, 0x6D575737, 0x4A5275A5, 0x6D525725, 0x4A5254A5, 0x6B725437, 0x00000080, 0xD5DDB938, 0x5455A092, 0x5D95A013, 0x4415A192, 0xC5DD393A, 0x00000080, 0x55555555 }; static char p_secret4[] = "pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq."; if( i_secret == 0 ) { REVERSE( p_secret3, sizeof(p_secret3)/sizeof(p_secret3[ 0 ]) ); for( ; p_secret4[ i_secret ] != '\0'; i_secret++ ) {#define ROT13(c) (((c)>='A'&&(c)<='Z')?(((c)-'A'+13)%26)+'A':\ ((c)>='a'&&(c)<='z')?(((c)-'a'+13)%26)+'a':c) p_secret4[ i_secret ] = ROT13(p_secret4[ i_secret ]); } i_secret++; /* include zero terminator */ } /* Using the MD5 hash of a memory block is probably not one-way enough * for the iTunes people. This function randomises p_bordel depending on * the values in p_commands to make things even more messy in p_bordel. */ for( i = 0; i < 20; i++ ) { uint8_t i_command, i_index; if( !p_shuffle->p_commands[ i ] ) { continue; } i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8; i_index = p_shuffle->p_commands[ i ] & 0xff; switch( i_command ) { case 0x3: p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ] + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ]; break; case 0x2: p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ]; break; case 0x1: p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ]; break; default: p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ]; break; } } if( p_shuffle->i_version == 0x01000300 ) { DoExtShuffle( p_bordel ); } /* Convert our newly randomised p_bordel to big endianness and take * its MD5 hash. */ InitMD5( &md5 ); for( i = 0; i < 16; i++ ) { p_big_bordel[ i ] = U32_AT(p_bordel + i); } AddMD5( &md5, (const uint8_t *)p_big_bordel, 64 ); if( p_shuffle->i_version == 0x01000300 ) { AddMD5( &md5, (const uint8_t *)p_secret3, sizeof(p_secret3) ); AddMD5( &md5, (const uint8_t *)p_secret4, i_secret ); } EndMD5( &md5 ); /* XOR our buffer with the computed checksum */ for( i = 0; i < i_size; i++ )⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -