Mercurial > mplayer.hg
comparison libmpdvdkit2/css.c @ 9333:f0f0f176d298
sync with libdvdcss 1.2.5 (including u8->uint8_t and whitespace cosmetics...)
patch by Andreas Hess <jaska@gmx.net>
author | arpi |
---|---|
date | Sat, 08 Feb 2003 00:22:39 +0000 |
parents | 0211de3039eb |
children | f23c35ce0d16 |
comparison
equal
deleted
inserted
replaced
9332:a604236b0dd6 | 9333:f0f0f176d298 |
---|---|
12 * - DVD CSS ioctls example program by Andrew T. Veliath <andrewtv@usa.net> | 12 * - DVD CSS ioctls example program by Andrew T. Veliath <andrewtv@usa.net> |
13 * - The Divide and conquer attack by Frank A. Stevenson <frank@funcom.com> | 13 * - The Divide and conquer attack by Frank A. Stevenson <frank@funcom.com> |
14 * - DeCSSPlus by Ethan Hawke | 14 * - DeCSSPlus by Ethan Hawke |
15 * - DecVOB | 15 * - DecVOB |
16 * see http://www.lemuria.org/DeCSS/ by Tom Vogt for more information. | 16 * see http://www.lemuria.org/DeCSS/ by Tom Vogt for more information. |
17 * | 17 * |
18 * This program is free software; you can redistribute it and/or modify | 18 * This program is free software; you can redistribute it and/or modify |
19 * it under the terms of the GNU General Public License as published by | 19 * it under the terms of the GNU General Public License as published by |
20 * the Free Software Foundation; either version 2 of the License, or | 20 * the Free Software Foundation; either version 2 of the License, or |
21 * (at your option) any later version. | 21 * (at your option) any later version. |
22 * | 22 * |
40 #include <string.h> | 40 #include <string.h> |
41 #include <sys/types.h> | 41 #include <sys/types.h> |
42 #include <sys/stat.h> | 42 #include <sys/stat.h> |
43 #include <fcntl.h> | 43 #include <fcntl.h> |
44 #include <unistd.h> | 44 #include <unistd.h> |
45 #include <limits.h> | |
45 | 46 |
46 #include "dvdcss.h" | 47 #include "dvdcss.h" |
47 | 48 |
48 #include "common.h" | 49 #include "common.h" |
49 #include "css.h" | 50 #include "css.h" |
56 * Local prototypes | 57 * Local prototypes |
57 *****************************************************************************/ | 58 *****************************************************************************/ |
58 static int GetBusKey ( dvdcss_t ); | 59 static int GetBusKey ( dvdcss_t ); |
59 static int GetASF ( dvdcss_t ); | 60 static int GetASF ( dvdcss_t ); |
60 | 61 |
61 static void CryptKey ( int, int, u8 const *, u8 * ); | 62 static void CryptKey ( int, int, uint8_t const *, uint8_t * ); |
62 static void DecryptKey ( u8, u8 const *, u8 const *, u8 * ); | 63 static void DecryptKey ( uint8_t, |
63 | 64 uint8_t const *, uint8_t const *, uint8_t * ); |
64 static int DecryptDiscKey ( u8 const *, dvd_key_t ); | 65 |
65 static int CrackDiscKey ( dvdcss_t, u8 * ); | 66 static int DecryptDiscKey ( uint8_t const *, dvd_key_t ); |
67 static int CrackDiscKey ( dvdcss_t, uint8_t * ); | |
66 | 68 |
67 static void DecryptTitleKey ( dvd_key_t, dvd_key_t ); | 69 static void DecryptTitleKey ( dvd_key_t, dvd_key_t ); |
68 static int RecoverTitleKey ( int, u8 const *, u8 const *, u8 const *, u8 * ); | 70 static int RecoverTitleKey ( int, uint8_t const *, |
71 uint8_t const *, uint8_t const *, uint8_t * ); | |
69 static int CrackTitleKey ( dvdcss_t, int, int, dvd_key_t ); | 72 static int CrackTitleKey ( dvdcss_t, int, int, dvd_key_t ); |
70 | 73 |
71 static int AttackPattern ( u8 const[], int, u8 * ); | 74 static int AttackPattern ( uint8_t const[], int, uint8_t * ); |
72 #if 0 | 75 #if 0 |
73 static int AttackPadding ( u8 const[], int, u8 * ); | 76 static int AttackPadding ( uint8_t const[], int, uint8_t * ); |
74 #endif | 77 #endif |
75 | 78 |
76 /***************************************************************************** | 79 /***************************************************************************** |
77 * _dvdcss_test: check if the disc is encrypted or not | 80 * _dvdcss_test: check if the disc is encrypted or not |
78 *****************************************************************************/ | 81 *****************************************************************************/ |
115 ***************************************************************************** | 118 ***************************************************************************** |
116 * It simulates the mutual authentication between logical unit and host, | 119 * It simulates the mutual authentication between logical unit and host, |
117 * and stops when a session key (called bus key) has been established. | 120 * and stops when a session key (called bus key) has been established. |
118 * Always do the full auth sequence. Some drives seem to lie and always | 121 * Always do the full auth sequence. Some drives seem to lie and always |
119 * respond with ASF=1. For instance the old DVD roms on Compaq Armada says | 122 * respond with ASF=1. For instance the old DVD roms on Compaq Armada says |
120 * that ASF=1 from the start and then later fail with a 'read of scrambled | 123 * that ASF=1 from the start and then later fail with a 'read of scrambled |
121 * block without authentication' error. | 124 * block without authentication' error. |
122 *****************************************************************************/ | 125 *****************************************************************************/ |
123 static int GetBusKey( dvdcss_t dvdcss ) | 126 static int GetBusKey( dvdcss_t dvdcss ) |
124 { | 127 { |
125 u8 p_buffer[10]; | 128 uint8_t p_buffer[10]; |
126 u8 p_challenge[2*KEY_SIZE]; | 129 uint8_t p_challenge[2*KEY_SIZE]; |
127 dvd_key_t p_key1; | 130 dvd_key_t p_key1; |
128 dvd_key_t p_key2; | 131 dvd_key_t p_key2; |
129 dvd_key_t p_key_check; | 132 dvd_key_t p_key_check; |
130 u8 i_variant = 0; | 133 uint8_t i_variant = 0; |
131 char psz_warning[80]; | 134 char psz_warning[80]; |
132 int i_ret = -1; | 135 int i_ret = -1; |
133 int i; | 136 int i; |
134 | 137 |
135 _dvdcss_debug( dvdcss, "requesting AGID" ); | 138 _dvdcss_debug( dvdcss, "requesting AGID" ); |
136 i_ret = ioctl_ReportAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); | 139 i_ret = ioctl_ReportAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); |
137 | 140 |
138 /* We might have to reset hung authentication processes in the drive | 141 /* We might have to reset hung authentication processes in the drive |
139 by invalidating the corresponding AGID'. As long as we haven't got | 142 by invalidating the corresponding AGID'. As long as we haven't got |
140 an AGID, invalidate one (in sequence) and try again. */ | 143 an AGID, invalidate one (in sequence) and try again. */ |
141 for( i = 0; i_ret == -1 && i < 4 ; ++i ) | 144 for( i = 0; i_ret == -1 && i < 4 ; ++i ) |
142 { | 145 { |
143 sprintf( psz_warning, | 146 sprintf( psz_warning, |
216 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); | 219 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); |
217 return -1; | 220 return -1; |
218 } | 221 } |
219 | 222 |
220 /* Get challenge from LU */ | 223 /* Get challenge from LU */ |
221 if( ioctl_ReportChallenge( dvdcss->i_fd, | 224 if( ioctl_ReportChallenge( dvdcss->i_fd, |
222 &dvdcss->css.i_agid, p_buffer ) < 0 ) | 225 &dvdcss->css.i_agid, p_buffer ) < 0 ) |
223 { | 226 { |
224 _dvdcss_error( dvdcss, "ioctl ReportKeyChallenge failed" ); | 227 _dvdcss_error( dvdcss, "ioctl ReportKeyChallenge failed" ); |
225 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); | 228 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); |
226 return -1; | 229 return -1; |
258 | 261 |
259 return 0; | 262 return 0; |
260 } | 263 } |
261 | 264 |
262 /***************************************************************************** | 265 /***************************************************************************** |
263 * PrintKey : debug function that dumps a key value | 266 * PrintKey : debug function that dumps a key value |
264 *****************************************************************************/ | 267 *****************************************************************************/ |
265 static void PrintKey( dvdcss_t dvdcss, char *prefix, u8 const *data ) | 268 static void PrintKey( dvdcss_t dvdcss, char *prefix, uint8_t const *data ) |
266 { | 269 { |
267 char psz_output[80]; | 270 char psz_output[80]; |
268 | 271 |
269 sprintf( psz_output, "%s%02x:%02x:%02x:%02x:%02x", prefix, | 272 sprintf( psz_output, "%s%02x:%02x:%02x:%02x:%02x", prefix, |
270 data[0], data[1], data[2], data[3], data[4] ); | 273 data[0], data[1], data[2], data[3], data[4] ); |
280 int _dvdcss_title ( dvdcss_t dvdcss, int i_block ) | 283 int _dvdcss_title ( dvdcss_t dvdcss, int i_block ) |
281 { | 284 { |
282 dvd_title_t *p_title; | 285 dvd_title_t *p_title; |
283 dvd_title_t *p_newtitle; | 286 dvd_title_t *p_newtitle; |
284 dvd_key_t p_title_key; | 287 dvd_key_t p_title_key; |
285 int i_ret=-1; | 288 int i_fd, i_ret = -1, b_cache = 0; |
286 char* key_file=NULL; | |
287 | 289 |
288 if( ! dvdcss->b_scrambled ) | 290 if( ! dvdcss->b_scrambled ) |
289 { | 291 { |
290 return 0; | 292 return 0; |
291 } | 293 } |
305 /* We've already cracked this key, nothing to do */ | 307 /* We've already cracked this key, nothing to do */ |
306 memcpy( dvdcss->css.p_title_key, p_title->p_key, sizeof(dvd_key_t) ); | 308 memcpy( dvdcss->css.p_title_key, p_title->p_key, sizeof(dvd_key_t) ); |
307 return 0; | 309 return 0; |
308 } | 310 } |
309 | 311 |
310 /* check teh CSS Key cache, if available: */ | 312 /* Check whether the key is in our disk cache */ |
311 if(dvdcss->psz_cache){ | 313 if( dvdcss->psz_cachefile[0] ) |
312 int fd; | 314 { |
313 key_file=malloc(strlen(dvdcss->psz_cache)+12+4); | 315 /* XXX: be careful, we use sprintf and not snprintf */ |
314 sprintf(key_file,"%s/%.10x",dvdcss->psz_cache,i_block); | 316 sprintf( dvdcss->psz_block, "%.10x", i_block ); |
315 if ( (fd=open( key_file,O_RDONLY ) ) > 0 ){ | 317 i_fd = open( dvdcss->psz_cachefile, O_RDONLY ); |
316 if(read(fd, p_title_key, 5)==5){ | 318 b_cache = 1; |
317 // success! | 319 |
318 free(key_file); key_file=NULL; | 320 if( i_fd >= 0 ) |
319 i_ret=1; | 321 { |
320 _dvdcss_debug( dvdcss, "key found in cache" ); | 322 if( read( i_fd, p_title_key, 5 ) == 5 ) |
321 } | 323 { |
322 close(fd); | 324 _dvdcss_debug( dvdcss, "key found in cache" ); |
323 } | 325 /* Don't try to save it again */ |
326 b_cache = 0; | |
327 i_ret = 1; | |
328 } | |
329 close( i_fd ); | |
330 } | |
324 } | 331 } |
325 | 332 |
326 /* Crack or decrypt CSS title key for current VTS */ | 333 /* Crack or decrypt CSS title key for current VTS */ |
327 if(i_ret<0) i_ret = _dvdcss_titlekey( dvdcss, i_block, p_title_key ); | |
328 | |
329 if( i_ret < 0 ) | 334 if( i_ret < 0 ) |
330 { | 335 { |
331 _dvdcss_error( dvdcss, "fatal error in vts css key" ); | 336 i_ret = _dvdcss_titlekey( dvdcss, i_block, p_title_key ); |
332 return i_ret; | 337 |
333 } | 338 if( i_ret < 0 ) |
334 else if( i_ret == 0 ) | 339 { |
335 { | 340 _dvdcss_error( dvdcss, "fatal error in vts css key" ); |
336 _dvdcss_debug( dvdcss, "unencrypted title" ); | 341 return i_ret; |
337 /* Still store this in the cache, so we don't need to check again. */ | 342 } |
338 } | 343 |
339 | 344 if( i_ret == 0 ) |
340 /* store in key-cache */ | 345 { |
341 if(key_file){ | 346 _dvdcss_debug( dvdcss, "unencrypted title" ); |
342 int fd; | 347 /* We cache this anyway, so we don't need to check again. */ |
343 if ( (fd=open( key_file,O_RDWR|O_CREAT|O_EXCL,0644 ) ) > 0 ){ | 348 } |
344 write(fd, p_title_key, 5); | 349 } |
345 close(fd); | 350 |
346 } | 351 /* Key is valid, we store it on disk. */ |
347 free(key_file); | 352 if( b_cache ) |
353 { | |
354 i_fd = open( dvdcss->psz_cachefile, O_RDWR|O_CREAT|O_EXCL, 0644 ); | |
355 if( i_fd >= 0 ) | |
356 { | |
357 write( i_fd, p_title_key, 5 ); | |
358 close( i_fd ); | |
359 } | |
348 } | 360 } |
349 | 361 |
350 /* Find our spot in the list */ | 362 /* Find our spot in the list */ |
351 p_newtitle = NULL; | 363 p_newtitle = NULL; |
352 p_title = dvdcss->p_titles; | 364 p_title = dvdcss->p_titles; |
383 | 395 |
384 /***************************************************************************** | 396 /***************************************************************************** |
385 * _dvdcss_disckey: get disc key. | 397 * _dvdcss_disckey: get disc key. |
386 ***************************************************************************** | 398 ***************************************************************************** |
387 * This function should only be called if DVD ioctls are present. | 399 * This function should only be called if DVD ioctls are present. |
388 * It will set dvdcss->i_method = DVDCSS_METHOD_TITLE if it fails to find | 400 * It will set dvdcss->i_method = DVDCSS_METHOD_TITLE if it fails to find |
389 * a valid disc key. | 401 * a valid disc key. |
390 * Two decryption methods are offered: | 402 * Two decryption methods are offered: |
391 * -disc key hash crack, | 403 * -disc key hash crack, |
392 * -decryption with player keys if they are available. | 404 * -decryption with player keys if they are available. |
393 *****************************************************************************/ | 405 *****************************************************************************/ |
410 } | 422 } |
411 | 423 |
412 /* This should have invaidated the AGID and got us ASF=1. */ | 424 /* This should have invaidated the AGID and got us ASF=1. */ |
413 if( GetASF( dvdcss ) != 1 ) | 425 if( GetASF( dvdcss ) != 1 ) |
414 { | 426 { |
415 /* Region mismatch (or region not set) is the most likely source. */ | 427 /* Region mismatch (or region not set) is the most likely source. */ |
416 _dvdcss_error( dvdcss, | 428 _dvdcss_error( dvdcss, |
417 "ASF not 1 after reading disc key (region mismatch?)" ); | 429 "ASF not 1 after reading disc key (region mismatch?)" ); |
418 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); | 430 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); |
419 return -1; | 431 return -1; |
420 } | 432 } |
476 /***************************************************************************** | 488 /***************************************************************************** |
477 * _dvdcss_titlekey: get title key. | 489 * _dvdcss_titlekey: get title key. |
478 *****************************************************************************/ | 490 *****************************************************************************/ |
479 int _dvdcss_titlekey( dvdcss_t dvdcss, int i_pos, dvd_key_t p_title_key ) | 491 int _dvdcss_titlekey( dvdcss_t dvdcss, int i_pos, dvd_key_t p_title_key ) |
480 { | 492 { |
481 static u8 p_garbage[ 2048 ]; /* static because we never read it */ | 493 static uint8_t p_garbage[ 2048 ]; /* static because we never read it */ |
482 u8 p_key[KEY_SIZE]; | 494 uint8_t p_key[ KEY_SIZE ]; |
483 int i, i_ret = 0; | 495 int i, i_ret = 0; |
484 | 496 |
485 if( dvdcss->b_ioctls && ( dvdcss->i_method == DVDCSS_METHOD_KEY || | 497 if( dvdcss->b_ioctls && ( dvdcss->i_method == DVDCSS_METHOD_KEY || |
486 dvdcss->i_method == DVDCSS_METHOD_DISC ) ) | 498 dvdcss->i_method == DVDCSS_METHOD_DISC ) ) |
487 { | 499 { |
488 /* We have a decrypted Disc key and the ioctls are available, | 500 /* We have a decrypted Disc key and the ioctls are available, |
489 * read the title key and decrypt it. | 501 * read the title key and decrypt it. |
490 */ | 502 */ |
515 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); | 527 ioctl_InvalidateAgid( dvdcss->i_fd, &dvdcss->css.i_agid ); |
516 i_ret = -1; | 528 i_ret = -1; |
517 break; | 529 break; |
518 | 530 |
519 case 0: | 531 case 0: |
520 /* This might either be a title that has no key, | 532 /* This might either be a title that has no key, |
521 * or we encountered a region error. */ | 533 * or we encountered a region error. */ |
522 _dvdcss_debug( dvdcss, "lost ASF reqesting title key" ); | 534 _dvdcss_debug( dvdcss, "lost ASF reqesting title key" ); |
523 break; | 535 break; |
524 | 536 |
525 case 1: | 537 case 1: |
589 * _dvdcss_unscramble: does the actual descrambling of data | 601 * _dvdcss_unscramble: does the actual descrambling of data |
590 ***************************************************************************** | 602 ***************************************************************************** |
591 * sec : sector to unscramble | 603 * sec : sector to unscramble |
592 * key : title key for this sector | 604 * key : title key for this sector |
593 *****************************************************************************/ | 605 *****************************************************************************/ |
594 int _dvdcss_unscramble( dvd_key_t p_key, u8 *p_sec ) | 606 int _dvdcss_unscramble( dvd_key_t p_key, uint8_t *p_sec ) |
595 { | 607 { |
596 unsigned int i_t1, i_t2, i_t3, i_t4, i_t5, i_t6; | 608 unsigned int i_t1, i_t2, i_t3, i_t4, i_t5, i_t6; |
597 u8 *p_end = p_sec + 0x800; | 609 uint8_t *p_end = p_sec + 0x800; |
598 | 610 |
599 /* PES_scrambling_control */ | 611 /* PES_scrambling_control */ |
600 if( p_sec[0x14] & 0x30) | 612 if( p_sec[0x14] & 0x30) |
601 { | 613 { |
602 i_t1 = (p_key[0] ^ p_sec[0x54]) | 0x100; | 614 i_t1 = (p_key[0] ^ p_sec[0x54]) | 0x100; |
668 * Used during authentication and disc key negociation in GetBusKey. | 680 * Used during authentication and disc key negociation in GetBusKey. |
669 * i_key_type : 0->key1, 1->key2, 2->buskey. | 681 * i_key_type : 0->key1, 1->key2, 2->buskey. |
670 * i_variant : between 0 and 31. | 682 * i_variant : between 0 and 31. |
671 *****************************************************************************/ | 683 *****************************************************************************/ |
672 static void CryptKey( int i_key_type, int i_variant, | 684 static void CryptKey( int i_key_type, int i_variant, |
673 u8 const *p_challenge, u8 *p_key ) | 685 uint8_t const *p_challenge, uint8_t *p_key ) |
674 { | 686 { |
675 /* Permutation table for challenge */ | 687 /* Permutation table for challenge */ |
676 u8 pp_perm_challenge[3][10] = | 688 uint8_t pp_perm_challenge[3][10] = |
677 { { 1, 3, 0, 7, 5, 2, 9, 6, 4, 8 }, | 689 { { 1, 3, 0, 7, 5, 2, 9, 6, 4, 8 }, |
678 { 6, 1, 9, 3, 8, 5, 7, 4, 0, 2 }, | 690 { 6, 1, 9, 3, 8, 5, 7, 4, 0, 2 }, |
679 { 4, 0, 3, 5, 7, 2, 8, 6, 1, 9 } }; | 691 { 4, 0, 3, 5, 7, 2, 8, 6, 1, 9 } }; |
680 | 692 |
681 /* Permutation table for variant table for key2 and buskey */ | 693 /* Permutation table for variant table for key2 and buskey */ |
682 u8 pp_perm_variant[2][32] = | 694 uint8_t pp_perm_variant[2][32] = |
683 { { 0x0a, 0x08, 0x0e, 0x0c, 0x0b, 0x09, 0x0f, 0x0d, | 695 { { 0x0a, 0x08, 0x0e, 0x0c, 0x0b, 0x09, 0x0f, 0x0d, |
684 0x1a, 0x18, 0x1e, 0x1c, 0x1b, 0x19, 0x1f, 0x1d, | 696 0x1a, 0x18, 0x1e, 0x1c, 0x1b, 0x19, 0x1f, 0x1d, |
685 0x02, 0x00, 0x06, 0x04, 0x03, 0x01, 0x07, 0x05, | 697 0x02, 0x00, 0x06, 0x04, 0x03, 0x01, 0x07, 0x05, |
686 0x12, 0x10, 0x16, 0x14, 0x13, 0x11, 0x17, 0x15 }, | 698 0x12, 0x10, 0x16, 0x14, 0x13, 0x11, 0x17, 0x15 }, |
687 { 0x12, 0x1a, 0x16, 0x1e, 0x02, 0x0a, 0x06, 0x0e, | 699 { 0x12, 0x1a, 0x16, 0x1e, 0x02, 0x0a, 0x06, 0x0e, |
688 0x10, 0x18, 0x14, 0x1c, 0x00, 0x08, 0x04, 0x0c, | 700 0x10, 0x18, 0x14, 0x1c, 0x00, 0x08, 0x04, 0x0c, |
689 0x13, 0x1b, 0x17, 0x1f, 0x03, 0x0b, 0x07, 0x0f, | 701 0x13, 0x1b, 0x17, 0x1f, 0x03, 0x0b, 0x07, 0x0f, |
690 0x11, 0x19, 0x15, 0x1d, 0x01, 0x09, 0x05, 0x0d } }; | 702 0x11, 0x19, 0x15, 0x1d, 0x01, 0x09, 0x05, 0x0d } }; |
691 | 703 |
692 u8 p_variants[32] = | 704 uint8_t p_variants[32] = |
693 { 0xB7, 0x74, 0x85, 0xD0, 0xCC, 0xDB, 0xCA, 0x73, | 705 { 0xB7, 0x74, 0x85, 0xD0, 0xCC, 0xDB, 0xCA, 0x73, |
694 0x03, 0xFE, 0x31, 0x03, 0x52, 0xE0, 0xB7, 0x42, | 706 0x03, 0xFE, 0x31, 0x03, 0x52, 0xE0, 0xB7, 0x42, |
695 0x63, 0x16, 0xF2, 0x2A, 0x79, 0x52, 0xFF, 0x1B, | 707 0x63, 0x16, 0xF2, 0x2A, 0x79, 0x52, 0xFF, 0x1B, |
696 0x7A, 0x11, 0xCA, 0x1A, 0x9B, 0x40, 0xAD, 0x01 }; | 708 0x7A, 0x11, 0xCA, 0x1A, 0x9B, 0x40, 0xAD, 0x01 }; |
697 | 709 |
698 /* The "secret" key */ | 710 /* The "secret" key */ |
699 u8 p_secret[5] = { 0x55, 0xD6, 0xC4, 0xC5, 0x28 }; | 711 uint8_t p_secret[5] = { 0x55, 0xD6, 0xC4, 0xC5, 0x28 }; |
700 | 712 |
701 u8 p_bits[30], p_scratch[10], p_tmp1[5], p_tmp2[5]; | 713 uint8_t p_bits[30], p_scratch[10], p_tmp1[5], p_tmp2[5]; |
702 u8 i_lfsr0_o; /* 1 bit used */ | 714 uint8_t i_lfsr0_o; /* 1 bit used */ |
703 u8 i_lfsr1_o; /* 1 bit used */ | 715 uint8_t i_lfsr1_o; /* 1 bit used */ |
704 u32 i_lfsr0, i_lfsr1; | 716 uint8_t i_css_variant, i_cse, i_index, i_combined, i_carry; |
705 u8 i_css_variant, i_cse, i_index, i_combined, i_carry; | 717 uint8_t i_val = 0; |
706 u8 i_val = 0; | 718 uint32_t i_lfsr0, i_lfsr1; |
707 int i_term = 0; | 719 int i_term = 0; |
708 int i_bit; | 720 int i_bit; |
709 int i; | 721 int i; |
710 | 722 |
711 for (i = 9; i >= 0; --i) | 723 for (i = 9; i >= 0; --i) |
712 p_scratch[i] = p_challenge[pp_perm_challenge[i_key_type][i]]; | 724 p_scratch[i] = p_challenge[pp_perm_challenge[i_key_type][i]]; |
713 | 725 |
714 i_css_variant = ( i_key_type == 0 ) ? i_variant : | 726 i_css_variant = ( i_key_type == 0 ) ? i_variant : |
862 } | 874 } |
863 | 875 |
864 /***************************************************************************** | 876 /***************************************************************************** |
865 * DecryptKey: decrypt p_crypted with p_key. | 877 * DecryptKey: decrypt p_crypted with p_key. |
866 ***************************************************************************** | 878 ***************************************************************************** |
867 * Used to decrypt the disc key, with a player key, after requesting it | 879 * Used to decrypt the disc key, with a player key, after requesting it |
868 * in _dvdcss_disckey and to decrypt title keys, with a disc key, requested | 880 * in _dvdcss_disckey and to decrypt title keys, with a disc key, requested |
869 * in _dvdcss_titlekey. | 881 * in _dvdcss_titlekey. |
870 * The player keys and the resulting disc key are only used as KEKs | 882 * The player keys and the resulting disc key are only used as KEKs |
871 * (key encryption keys). | 883 * (key encryption keys). |
872 * Decryption is slightly dependant on the type of key: | 884 * Decryption is slightly dependant on the type of key: |
873 * -for disc key, invert is 0x00, | 885 * -for disc key, invert is 0x00, |
874 * -for title key, invert if 0xff. | 886 * -for title key, invert if 0xff. |
875 *****************************************************************************/ | 887 *****************************************************************************/ |
876 static void DecryptKey( u8 invert, u8 const *p_key, | 888 static void DecryptKey( uint8_t invert, uint8_t const *p_key, |
877 u8 const *p_crypted, u8 *p_result ) | 889 uint8_t const *p_crypted, uint8_t *p_result ) |
878 { | 890 { |
879 unsigned int i_lfsr1_lo; | 891 unsigned int i_lfsr1_lo; |
880 unsigned int i_lfsr1_hi; | 892 unsigned int i_lfsr1_hi; |
881 unsigned int i_lfsr0; | 893 unsigned int i_lfsr0; |
882 unsigned int i_combined; | 894 unsigned int i_combined; |
883 u8 o_lfsr0; | 895 uint8_t o_lfsr0; |
884 u8 o_lfsr1; | 896 uint8_t o_lfsr1; |
885 u8 k[5]; | 897 uint8_t k[5]; |
886 int i; | 898 int i; |
887 | 899 |
888 i_lfsr1_lo = p_key[0] | 0x100; | 900 i_lfsr1_lo = p_key[0] | 0x100; |
889 i_lfsr1_hi = p_key[1]; | 901 i_lfsr1_hi = p_key[1]; |
890 | 902 |
935 * Decryption of the disc key with player keys if they are available. | 947 * Decryption of the disc key with player keys if they are available. |
936 * Try to decrypt the disc key from every position with every player key. | 948 * Try to decrypt the disc key from every position with every player key. |
937 * p_struct_disckey: the 2048 byte DVD_STRUCT_DISCKEY data | 949 * p_struct_disckey: the 2048 byte DVD_STRUCT_DISCKEY data |
938 * p_disc_key: result, the 5 byte disc key | 950 * p_disc_key: result, the 5 byte disc key |
939 *****************************************************************************/ | 951 *****************************************************************************/ |
940 static int DecryptDiscKey( u8 const *p_struct_disckey, dvd_key_t p_disc_key ) | 952 static int DecryptDiscKey( uint8_t const *p_struct_disckey, |
941 { | 953 dvd_key_t p_disc_key ) |
942 u8 p_verify[KEY_SIZE]; | 954 { |
943 int i, n = 0; | 955 uint8_t p_verify[KEY_SIZE]; |
944 | 956 unsigned int i, n = 0; |
945 static const dvd_key_t player_keys[] = | 957 |
958 static const dvd_key_t player_keys[] = | |
946 { | 959 { |
947 { 0x01, 0xaf, 0xe3, 0x12, 0x80 }, | 960 { 0x01, 0xaf, 0xe3, 0x12, 0x80 }, |
948 { 0x12, 0x11, 0xca, 0x04, 0x3b }, | 961 { 0x12, 0x11, 0xca, 0x04, 0x3b }, |
949 { 0x14, 0x0c, 0x9e, 0xd0, 0x09 }, | 962 { 0x14, 0x0c, 0x9e, 0xd0, 0x09 }, |
950 { 0x14, 0x71, 0x35, 0xba, 0xe2 }, | 963 { 0x14, 0x71, 0x35, 0xba, 0xe2 }, |
984 { | 997 { |
985 /* Check if player key n is the right key for position i. */ | 998 /* Check if player key n is the right key for position i. */ |
986 DecryptKey( 0, player_keys[n], p_struct_disckey + 5 * i, | 999 DecryptKey( 0, player_keys[n], p_struct_disckey + 5 * i, |
987 p_disc_key ); | 1000 p_disc_key ); |
988 | 1001 |
989 /* The first part in the struct_disckey block is the | 1002 /* The first part in the struct_disckey block is the |
990 * 'disc key' encrypted with it self. Using this we | 1003 * 'disc key' encrypted with it self. Using this we |
991 * can check if we decrypted the correct key. */ | 1004 * can check if we decrypted the correct key. */ |
992 DecryptKey( 0, p_disc_key, p_struct_disckey, p_verify ); | 1005 DecryptKey( 0, p_disc_key, p_struct_disckey, p_verify ); |
993 | 1006 |
994 /* If the position / player key pair worked then return. */ | 1007 /* If the position / player key pair worked then return. */ |
995 if( memcmp( p_disc_key, p_verify, KEY_SIZE ) == 0 ) | 1008 if( memcmp( p_disc_key, p_verify, KEY_SIZE ) == 0 ) |
998 } | 1011 } |
999 } | 1012 } |
1000 n++; | 1013 n++; |
1001 } | 1014 } |
1002 | 1015 |
1003 /* Have tried all combinations of positions and keys, | 1016 /* Have tried all combinations of positions and keys, |
1004 * and we still didn't succeed. */ | 1017 * and we still didn't succeed. */ |
1005 memset( p_disc_key, 0, KEY_SIZE ); | 1018 memset( p_disc_key, 0, KEY_SIZE ); |
1006 return -1; | 1019 return -1; |
1007 } | 1020 } |
1008 | 1021 |
1020 | 1033 |
1021 /***************************************************************************** | 1034 /***************************************************************************** |
1022 * CrackDiscKey: brute force disc key | 1035 * CrackDiscKey: brute force disc key |
1023 * CSS hash reversal function designed by Frank Stevenson | 1036 * CSS hash reversal function designed by Frank Stevenson |
1024 ***************************************************************************** | 1037 ***************************************************************************** |
1025 * This function uses a big amount of memory to crack the disc key from the | 1038 * This function uses a big amount of memory to crack the disc key from the |
1026 * disc key hash, if player keys are not available. | 1039 * disc key hash, if player keys are not available. |
1027 *****************************************************************************/ | 1040 *****************************************************************************/ |
1028 #define K1TABLEWIDTH 10 | 1041 #define K1TABLEWIDTH 10 |
1029 | 1042 |
1030 /* | 1043 /* |
1037 DecryptKey( 0, ckey, hash, key ); | 1050 DecryptKey( 0, ckey, hash, key ); |
1038 | 1051 |
1039 return memcmp( key, ckey, KEY_SIZE ); | 1052 return memcmp( key, ckey, KEY_SIZE ); |
1040 } | 1053 } |
1041 | 1054 |
1042 static int CrackDiscKey( dvdcss_t dvdcss, u8 *p_disc_key ) | 1055 static int CrackDiscKey( dvdcss_t dvdcss, uint8_t *p_disc_key ) |
1043 { | 1056 { |
1044 unsigned char B[5] = { 0,0,0,0,0 }; /* Second Stage of mangle cipher */ | 1057 unsigned char B[5] = { 0,0,0,0,0 }; /* Second Stage of mangle cipher */ |
1045 unsigned char C[5] = { 0,0,0,0,0 }; /* Output Stage of mangle cipher | 1058 unsigned char C[5] = { 0,0,0,0,0 }; /* Output Stage of mangle cipher |
1046 * IntermediateKey */ | 1059 * IntermediateKey */ |
1047 unsigned char k[5] = { 0,0,0,0,0 }; /* Mangling cipher key | 1060 unsigned char k[5] = { 0,0,0,0,0 }; /* Mangling cipher key |
1055 unsigned int nStepA; /* iterator for LFSR1 start state */ | 1068 unsigned int nStepA; /* iterator for LFSR1 start state */ |
1056 unsigned int nStepB; /* iterator for possible B[0] */ | 1069 unsigned int nStepB; /* iterator for possible B[0] */ |
1057 unsigned int nTry; /* iterator for K[1] possibilities */ | 1070 unsigned int nTry; /* iterator for K[1] possibilities */ |
1058 unsigned int nPossibleK1; /* #of possible K[1] values */ | 1071 unsigned int nPossibleK1; /* #of possible K[1] values */ |
1059 unsigned char* K1table; /* Lookup table for possible K[1] */ | 1072 unsigned char* K1table; /* Lookup table for possible K[1] */ |
1060 unsigned int* BigTable; /* LFSR2 startstate indexed by | 1073 unsigned int* BigTable; /* LFSR2 startstate indexed by |
1061 * 1,2,5 output byte */ | 1074 * 1,2,5 output byte */ |
1062 | 1075 |
1063 _dvdcss_debug( dvdcss, "cracking disc key" ); | 1076 _dvdcss_debug( dvdcss, "cracking disc key" ); |
1064 | 1077 |
1065 /* | 1078 /* |
1234 * Function designed by Frank Stevenson | 1247 * Function designed by Frank Stevenson |
1235 ***************************************************************************** | 1248 ***************************************************************************** |
1236 * Called from Attack* which are in turn called by CrackTitleKey. Given | 1249 * Called from Attack* which are in turn called by CrackTitleKey. Given |
1237 * a guessed(?) plain text and the chiper text. Returns -1 on failure. | 1250 * a guessed(?) plain text and the chiper text. Returns -1 on failure. |
1238 *****************************************************************************/ | 1251 *****************************************************************************/ |
1239 static int RecoverTitleKey( int i_start, u8 const *p_crypted, | 1252 static int RecoverTitleKey( int i_start, uint8_t const *p_crypted, |
1240 u8 const *p_decrypted, | 1253 uint8_t const *p_decrypted, |
1241 u8 const *p_sector_seed, u8 *p_key ) | 1254 uint8_t const *p_sector_seed, uint8_t *p_key ) |
1242 { | 1255 { |
1243 u8 p_buffer[10]; | 1256 uint8_t p_buffer[10]; |
1244 unsigned int i_t1, i_t2, i_t3, i_t4, i_t5, i_t6; | 1257 unsigned int i_t1, i_t2, i_t3, i_t4, i_t5, i_t6; |
1245 unsigned int i_try; | 1258 unsigned int i_try; |
1246 unsigned int i_candidate; | 1259 unsigned int i_candidate; |
1247 unsigned int i, j; | 1260 unsigned int i, j; |
1248 int i_exit = -1; | 1261 int i_exit = -1; |
1365 * The length of the PES packet is located at 0x12-0x13. | 1378 * The length of the PES packet is located at 0x12-0x13. |
1366 * The the copyrigth protection bits are located at 0x14 (bits 0x20 and 0x10). | 1379 * The the copyrigth protection bits are located at 0x14 (bits 0x20 and 0x10). |
1367 * The data of the PES packet begins at 0x15 (if there isn't any PTS/DTS) | 1380 * The data of the PES packet begins at 0x15 (if there isn't any PTS/DTS) |
1368 * or at 0x?? if there are both PTS and DTS's. | 1381 * or at 0x?? if there are both PTS and DTS's. |
1369 * The seed value used with the unscrambling key is the 5 bytes at 0x54-0x58. | 1382 * The seed value used with the unscrambling key is the 5 bytes at 0x54-0x58. |
1370 * The scrabled part of a sector begins at 0x80. | 1383 * The scrabled part of a sector begins at 0x80. |
1371 *****************************************************************************/ | 1384 *****************************************************************************/ |
1372 | 1385 |
1373 /* Statistics */ | 1386 /* Statistics */ |
1374 static int i_tries = 0, i_success = 0; | 1387 static int i_tries = 0, i_success = 0; |
1375 | 1388 |
1379 * This function is called by _dvdcss_titlekey to find a title key, if we've | 1392 * This function is called by _dvdcss_titlekey to find a title key, if we've |
1380 * chosen to crack title key instead of decrypting it with the disc key. | 1393 * chosen to crack title key instead of decrypting it with the disc key. |
1381 * The DVD should have been opened and be in an authenticated state. | 1394 * The DVD should have been opened and be in an authenticated state. |
1382 * i_pos is the starting sector, i_len is the maximum number of sectors to read | 1395 * i_pos is the starting sector, i_len is the maximum number of sectors to read |
1383 *****************************************************************************/ | 1396 *****************************************************************************/ |
1384 static int CrackTitleKey( dvdcss_t dvdcss, int i_pos, int i_len, | 1397 static int CrackTitleKey( dvdcss_t dvdcss, int i_pos, int i_len, |
1385 dvd_key_t p_titlekey ) | 1398 dvd_key_t p_titlekey ) |
1386 { | 1399 { |
1387 u8 p_buf[0x800]; | 1400 uint8_t p_buf[0x800]; |
1388 const u8 p_packstart[4] = { 0x00, 0x00, 0x01, 0xba }; | 1401 const uint8_t p_packstart[4] = { 0x00, 0x00, 0x01, 0xba }; |
1389 int i_reads = 0; | 1402 int i_reads = 0; |
1390 int i_encrypted = 0; | 1403 int i_encrypted = 0; |
1391 int b_stop_scanning = 0; | 1404 int b_stop_scanning = 0; |
1392 int i_ret; | 1405 int i_ret; |
1393 | 1406 |
1394 _dvdcss_debug( dvdcss, "cracking title key" ); | 1407 _dvdcss_debug( dvdcss, "cracking title key" ); |
1395 | 1408 |
1396 i_tries = 0; | 1409 i_tries = 0; |
1397 i_success = 0; | 1410 i_success = 0; |
1404 { | 1417 { |
1405 _dvdcss_error( dvdcss, "seek failed" ); | 1418 _dvdcss_error( dvdcss, "seek failed" ); |
1406 } | 1419 } |
1407 | 1420 |
1408 i_ret = dvdcss_read( dvdcss, p_buf, 1, DVDCSS_NOFLAGS ); | 1421 i_ret = dvdcss_read( dvdcss, p_buf, 1, DVDCSS_NOFLAGS ); |
1409 | 1422 |
1410 /* Either we are at the end of the physical device or the auth | 1423 /* Either we are at the end of the physical device or the auth |
1411 * have failed / were not done and we got a read error. */ | 1424 * have failed / were not done and we got a read error. */ |
1412 if( i_ret <= 0 ) | 1425 if( i_ret <= 0 ) |
1413 { | 1426 { |
1414 if( i_ret == 0 ) | 1427 if( i_ret == 0 ) |
1416 _dvdcss_debug( dvdcss, "read returned 0 (end of device?)" ); | 1429 _dvdcss_debug( dvdcss, "read returned 0 (end of device?)" ); |
1417 } | 1430 } |
1418 break; | 1431 break; |
1419 } | 1432 } |
1420 | 1433 |
1421 /* Stop when we find a non MPEG stream block. | 1434 /* Stop when we find a non MPEG stream block. |
1422 * (We must have reached the end of the stream). | 1435 * (We must have reached the end of the stream). |
1423 * For now, allow all blocks that begin with a start code. */ | 1436 * For now, allow all blocks that begin with a start code. */ |
1424 if( memcmp( p_buf, p_packstart, 3 ) ) | 1437 if( memcmp( p_buf, p_packstart, 3 ) ) |
1425 { | 1438 { |
1426 _dvdcss_debug( dvdcss, "non MPEG block found (end of title)" ); | 1439 _dvdcss_debug( dvdcss, "non MPEG block found (end of title)" ); |
1427 break; | 1440 break; |
1428 } | 1441 } |
1429 | 1442 |
1430 if( p_buf[0x0d] & 0x07 ) | 1443 if( p_buf[0x0d] & 0x07 ) |
1431 _dvdcss_debug( dvdcss, "stuffing in pack header" ); | 1444 _dvdcss_debug( dvdcss, "stuffing in pack header" ); |
1432 | 1445 |
1433 /* PES_scrambling_control does not exist in a system_header, | 1446 /* PES_scrambling_control does not exist in a system_header, |
1434 * a padding_stream or a private_stream2 (and others?). */ | 1447 * a padding_stream or a private_stream2 (and others?). */ |
1435 if( p_buf[0x14] & 0x30 && ! ( p_buf[0x11] == 0xbb | 1448 if( p_buf[0x14] & 0x30 && ! ( p_buf[0x11] == 0xbb |
1436 || p_buf[0x11] == 0xbe | 1449 || p_buf[0x11] == 0xbe |
1437 || p_buf[0x11] == 0xbf ) ) | 1450 || p_buf[0x11] == 0xbf ) ) |
1438 { | 1451 { |
1439 i_encrypted++; | 1452 i_encrypted++; |
1440 | 1453 |
1441 if( AttackPattern(p_buf, i_reads, p_titlekey) > 0 ) | 1454 if( AttackPattern(p_buf, i_reads, p_titlekey) > 0 ) |
1453 i_pos++; | 1466 i_pos++; |
1454 i_len--; | 1467 i_len--; |
1455 i_reads++; | 1468 i_reads++; |
1456 | 1469 |
1457 /* Emit a progress indication now and then. */ | 1470 /* Emit a progress indication now and then. */ |
1458 if( !( i_reads & 0xfff ) ) | 1471 if( !( i_reads & 0xfff ) ) |
1459 { | 1472 { |
1460 _dvdcss_debug( dvdcss, "still cracking..." ); | 1473 _dvdcss_debug( dvdcss, "still cracking..." ); |
1461 } | 1474 } |
1462 | 1475 |
1463 /* Stop after 2000 blocks if we haven't seen any encrypted blocks. */ | 1476 /* Stop after 2000 blocks if we haven't seen any encrypted blocks. */ |
1468 if( i_len <= 0 ) | 1481 if( i_len <= 0 ) |
1469 _dvdcss_debug( dvdcss, "end of title reached" ); | 1482 _dvdcss_debug( dvdcss, "end of title reached" ); |
1470 | 1483 |
1471 { /* Print some statistics. */ | 1484 { /* Print some statistics. */ |
1472 char psz_info[128]; | 1485 char psz_info[128]; |
1473 snprintf( psz_info, sizeof(psz_info), | 1486 snprintf( psz_info, sizeof(psz_info), |
1474 "%d of %d attempts successful, %d of %d blocks scrambled", | 1487 "%d of %d attempts successful, %d of %d blocks scrambled", |
1475 i_success, i_tries, i_encrypted, i_reads ); | 1488 i_success, i_tries, i_encrypted, i_reads ); |
1476 _dvdcss_debug( dvdcss, psz_info ); | 1489 _dvdcss_debug( dvdcss, psz_info ); |
1477 } | 1490 } |
1478 | 1491 |
1479 if( i_success > 0 /* b_stop_scanning */ ) | 1492 if( i_success > 0 /* b_stop_scanning */ ) |
1480 { | 1493 { |
1481 _dvdcss_debug( dvdcss, "vts key initialized" ); | 1494 _dvdcss_debug( dvdcss, "vts key initialized" ); |
1482 return 1; | 1495 return 1; |
1483 } | 1496 } |
1484 | 1497 |
1485 if( i_encrypted == 0 && i_reads>0 ) | 1498 if( i_encrypted == 0 && i_reads > 0 ) |
1486 { | 1499 { |
1487 memset( p_titlekey, 0, KEY_SIZE ); | 1500 memset( p_titlekey, 0, KEY_SIZE ); |
1488 _dvdcss_debug( dvdcss, "file was unscrambled" ); | 1501 _dvdcss_debug( dvdcss, "file was unscrambled" ); |
1489 return 0; | 1502 return 0; |
1490 } | 1503 } |
1493 return -1; | 1506 return -1; |
1494 } | 1507 } |
1495 | 1508 |
1496 | 1509 |
1497 /****************************************************************************** | 1510 /****************************************************************************** |
1498 * The original Ethan Hawke (DeCSSPlus) attack (modified). | 1511 * The original Ethan Hawke (DeCSSPlus) attack (modified). |
1499 ****************************************************************************** | 1512 ****************************************************************************** |
1500 * Tries to find a repeating pattern just before the encrypted part starts. | 1513 * Tries to find a repeating pattern just before the encrypted part starts. |
1501 * Then it guesses that the plain text for first encrypted bytes are | 1514 * Then it guesses that the plain text for first encrypted bytes are |
1502 * a contiuation of that pattern. | 1515 * a contiuation of that pattern. |
1503 *****************************************************************************/ | 1516 *****************************************************************************/ |
1504 static int AttackPattern( u8 const p_sec[0x800], int i_pos, u8 *p_key ) | 1517 static int AttackPattern( uint8_t const p_sec[0x800], |
1518 int i_pos, uint8_t *p_key ) | |
1505 { | 1519 { |
1506 unsigned int i_best_plen = 0; | 1520 unsigned int i_best_plen = 0; |
1507 unsigned int i_best_p = 0; | 1521 unsigned int i_best_p = 0; |
1508 unsigned int i, j; | 1522 unsigned int i, j; |
1509 | 1523 |
1540 #if 0 | 1554 #if 0 |
1541 if( res >= 0 ) | 1555 if( res >= 0 ) |
1542 { | 1556 { |
1543 fprintf( stderr, "key is %02x:%02x:%02x:%02x:%02x ", | 1557 fprintf( stderr, "key is %02x:%02x:%02x:%02x:%02x ", |
1544 p_key[0], p_key[1], p_key[2], p_key[3], p_key[4] ); | 1558 p_key[0], p_key[1], p_key[2], p_key[3], p_key[4] ); |
1545 fprintf( stderr, "at block %5d pattern len %3d period %3d %s\n", | 1559 fprintf( stderr, "at block %5d pattern len %3d period %3d %s\n", |
1546 i_pos, i_best_plen, i_best_p, (res>=0?"y":"n") ); | 1560 i_pos, i_best_plen, i_best_p, (res>=0?"y":"n") ); |
1547 } | 1561 } |
1548 #endif | 1562 #endif |
1549 return ( res >= 0 ); | 1563 return ( res >= 0 ); |
1550 } | 1564 } |
1558 * Encrypted Padding_stream attack. | 1572 * Encrypted Padding_stream attack. |
1559 ****************************************************************************** | 1573 ****************************************************************************** |
1560 * DVD specifies that there must only be one type of data in every sector. | 1574 * DVD specifies that there must only be one type of data in every sector. |
1561 * Every sector is one pack and so must obviously be 2048 bytes long. | 1575 * Every sector is one pack and so must obviously be 2048 bytes long. |
1562 * For the last pice of video data before a VOBU boundary there might not | 1576 * For the last pice of video data before a VOBU boundary there might not |
1563 * be exactly the right amount of data to fill a sector. They one has to | 1577 * be exactly the right amount of data to fill a sector. They one has to |
1564 * pad the pack to 2048 bytes. For just a few bytes this is doen in the | 1578 * pad the pack to 2048 bytes. For just a few bytes this is doen in the |
1565 * header but for any large amount you insert a PES packet from the | 1579 * header but for any large amount you insert a PES packet from the |
1566 * Padding stream. This looks like 0x00 00 01 be xx xx ff ff ... | 1580 * Padding stream. This looks like 0x00 00 01 be xx xx ff ff ... |
1567 * where xx xx is the length of the padding stream. | 1581 * where xx xx is the length of the padding stream. |
1568 *****************************************************************************/ | 1582 *****************************************************************************/ |
1569 static int AttackPadding( u8 const p_sec[0x800], int i_pos, u8 *p_key ) | 1583 static int AttackPadding( uint8_t const p_sec[0x800], |
1584 int i_pos, uint8_t *p_key ) | |
1570 { | 1585 { |
1571 unsigned int i_pes_length; | 1586 unsigned int i_pes_length; |
1572 /*static int i_tries = 0, i_success = 0;*/ | 1587 /*static int i_tries = 0, i_success = 0;*/ |
1573 | 1588 |
1574 i_pes_length = (p_sec[0x12]<<8) | p_sec[0x13]; | 1589 i_pes_length = (p_sec[0x12]<<8) | p_sec[0x13]; |
1575 | 1590 |
1576 /* Coverd by the test below but usfull for debuging. */ | 1591 /* Coverd by the test below but usfull for debuging. */ |
1577 if( i_pes_length == 0x800 - 0x14 ) return 0; | 1592 if( i_pes_length == 0x800 - 0x14 ) return 0; |
1578 | 1593 |
1579 /* There must be room for at least 4? bytes of padding stream, | 1594 /* There must be room for at least 4? bytes of padding stream, |
1580 * and it must be encrypted. | 1595 * and it must be encrypted. |
1581 * sector size - pack/pes header - padding startcode - padding length */ | 1596 * sector size - pack/pes header - padding startcode - padding length */ |
1582 if( ( 0x800 - 0x14 - 4 - 2 - i_pes_length < 4 ) || | 1597 if( ( 0x800 - 0x14 - 4 - 2 - i_pes_length < 4 ) || |
1583 ( p_sec[0x14 + i_pes_length + 0] == 0x00 && | 1598 ( p_sec[0x14 + i_pes_length + 0] == 0x00 && |
1584 p_sec[0x14 + i_pes_length + 1] == 0x00 && | 1599 p_sec[0x14 + i_pes_length + 1] == 0x00 && |
1585 p_sec[0x14 + i_pes_length + 2] == 0x01 ) ) | 1600 p_sec[0x14 + i_pes_length + 2] == 0x01 ) ) |
1586 { | 1601 { |
1587 fprintf( stderr, "plain %d %02x:%02x:%02x:%02x (type %02x sub %02x)\n", | 1602 fprintf( stderr, "plain %d %02x:%02x:%02x:%02x (type %02x sub %02x)\n", |
1588 0x800 - 0x14 - 4 - 2 - i_pes_length, | 1603 0x800 - 0x14 - 4 - 2 - i_pes_length, |
1589 p_sec[0x14 + i_pes_length + 0], | 1604 p_sec[0x14 + i_pes_length + 0], |
1590 p_sec[0x14 + i_pes_length + 1], | 1605 p_sec[0x14 + i_pes_length + 1], |
1591 p_sec[0x14 + i_pes_length + 2], | 1606 p_sec[0x14 + i_pes_length + 2], |
1592 p_sec[0x14 + i_pes_length + 3], | 1607 p_sec[0x14 + i_pes_length + 3], |
1593 p_sec[0x11], p_sec[0x17 + p_sec[0x16]]); | 1608 p_sec[0x11], p_sec[0x17 + p_sec[0x16]]); |
1594 return 0; | 1609 return 0; |
1595 } | 1610 } |
1596 | 1611 |
1597 /* If we are here we know that there is a where in the pack a | 1612 /* If we are here we know that there is a where in the pack a |
1598 encrypted PES header is (startcode + lenght). It's never more | 1613 encrypted PES header is (startcode + lenght). It's never more |
1599 than two packets in the pack, so we 'know' the length. The | 1614 than two packets in the pack, so we 'know' the length. The |
1600 plaintext at offset (0x14 + i_pes_length) will then be | 1615 plaintext at offset (0x14 + i_pes_length) will then be |
1601 00 00 01 e0/bd/be xx xx, in the case of be the following bytes | 1616 00 00 01 e0/bd/be xx xx, in the case of be the following bytes |
1602 are also known. */ | 1617 are also known. */ |
1603 | 1618 |
1604 /* An encrypted SPU PES packet with another encrypted PES packet following. | 1619 /* An encrypted SPU PES packet with another encrypted PES packet following. |
1605 Normaly if the following was a padding stream that would be in plain | 1620 Normaly if the following was a padding stream that would be in plain |
1606 text. So it will be another SPU PES packet. */ | 1621 text. So it will be another SPU PES packet. */ |
1607 if( p_sec[0x11] == 0xbd && | 1622 if( p_sec[0x11] == 0xbd && |
1608 p_sec[0x17 + p_sec[0x16]] >= 0x20 && | 1623 p_sec[0x17 + p_sec[0x16]] >= 0x20 && |
1609 p_sec[0x17 + p_sec[0x16]] <= 0x3f ) | 1624 p_sec[0x17 + p_sec[0x16]] <= 0x3f ) |
1610 { | 1625 { |
1611 i_tries++; | 1626 i_tries++; |
1612 } | 1627 } |
1613 | 1628 |
1614 /* A Video PES packet with another encrypted PES packet following. | 1629 /* A Video PES packet with another encrypted PES packet following. |
1615 * No reason execpt for time stamps to break the data into two packets. | 1630 * No reason execpt for time stamps to break the data into two packets. |
1616 * So it's likely that the following PES packet is a padding stream. */ | 1631 * So it's likely that the following PES packet is a padding stream. */ |
1617 if( p_sec[0x11] == 0xe0 ) | 1632 if( p_sec[0x11] == 0xe0 ) |
1618 { | 1633 { |
1619 i_tries++; | 1634 i_tries++; |
1620 } | 1635 } |
1621 | 1636 |
1622 if( 1 ) | 1637 if( 1 ) |
1623 { | 1638 { |
1624 /*fprintf( stderr, "key is %02x:%02x:%02x:%02x:%02x ", | 1639 /*fprintf( stderr, "key is %02x:%02x:%02x:%02x:%02x ", |
1625 p_key[0], p_key[1], p_key[2], p_key[3], p_key[4] );*/ | 1640 p_key[0], p_key[1], p_key[2], p_key[3], p_key[4] );*/ |
1626 fprintf( stderr, "at block %5d padding len %4d " | 1641 fprintf( stderr, "at block %5d padding len %4d " |
1627 "type %02x sub %02x\n", i_pos, i_pes_length, | 1642 "type %02x sub %02x\n", i_pos, i_pes_length, |
1628 p_sec[0x11], p_sec[0x17 + p_sec[0x16]]); | 1643 p_sec[0x11], p_sec[0x17 + p_sec[0x16]]); |
1629 } | 1644 } |
1630 | 1645 |
1631 return 0; | 1646 return 0; |
1632 } | 1647 } |