501 lines
10 KiB
C
501 lines
10 KiB
C
#include "globals.h"
|
|
#include "module-newcamd-des.h"
|
|
#include "oscam-string.h"
|
|
|
|
#define CRYPT 0
|
|
#define HASH 1
|
|
|
|
extern const int32_t CWS_NETMSGSIZE;
|
|
|
|
static const uint8_t PC2[8][6] =
|
|
{
|
|
{ 14, 17, 11, 24, 1, 5 },
|
|
{ 3, 28, 15, 6, 21, 10 },
|
|
{ 23, 19, 12, 4, 26, 8 },
|
|
{ 16, 7, 27, 20, 13, 2 },
|
|
{ 41, 52, 31, 37, 47, 55 },
|
|
{ 30, 40, 51, 45, 33, 48 },
|
|
{ 44, 49, 39, 56, 34, 53 },
|
|
{ 46, 42, 50, 36, 29, 32 }
|
|
};
|
|
|
|
|
|
static const uint8_t E[8][6] =
|
|
{
|
|
{ 32, 1, 2, 3, 4, 5 },
|
|
{ 4, 5, 6, 7, 8, 9 },
|
|
{ 8, 9, 10, 11, 12, 13 },
|
|
{ 12, 13, 14, 15, 16, 17 },
|
|
{ 16, 17, 18, 19, 20, 21 },
|
|
{ 20, 21, 22, 23, 24, 25 },
|
|
{ 24, 25, 26, 27, 28, 29 },
|
|
{ 28, 29, 30, 31, 32, 1 }
|
|
};
|
|
|
|
static const uint8_t P[32] =
|
|
{
|
|
16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
|
|
2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
|
|
};
|
|
|
|
static const uint8_t SBOXES[4][64] =
|
|
{
|
|
{
|
|
0x2e, 0xe0, 0xc4, 0xbf, 0x4d, 0x27, 0x11, 0xc4,
|
|
0x72, 0x4e, 0xaf, 0x72, 0xbb, 0xdd, 0x68, 0x11,
|
|
0x83, 0x5a, 0x5a, 0x06, 0x36, 0xfc, 0xfc, 0xab,
|
|
0xd5, 0x39, 0x09, 0x95, 0xe0, 0x83, 0x97, 0x68,
|
|
0x44, 0xbf, 0x21, 0x8c, 0x1e, 0xc8, 0xb8, 0x72,
|
|
0xad, 0x14, 0xd6, 0xe9, 0x72, 0x21, 0x8b, 0xd7,
|
|
0xff, 0x65, 0x9c, 0xfb, 0xc9, 0x03, 0x57, 0x9e,
|
|
0x63, 0xaa, 0x3a, 0x40, 0x05, 0x56, 0xe0, 0x3d
|
|
},
|
|
{
|
|
0xcf, 0xa3, 0x11, 0xfd, 0xa8, 0x44, 0xfe, 0x27,
|
|
0x96, 0x7f, 0x2b, 0xc2, 0x63, 0x98, 0x84, 0x5e,
|
|
0x09, 0x6c, 0xd7, 0x10, 0x32, 0xd1, 0x4d, 0xea,
|
|
0xec, 0x06, 0x70, 0xb9, 0x55, 0x3b, 0xba, 0x85,
|
|
0x90, 0x4d, 0xee, 0x38, 0xf7, 0x2a, 0x5b, 0xc1,
|
|
0x2a, 0x93, 0x84, 0x5f, 0xcd, 0xf4, 0x31, 0xa2,
|
|
0x75, 0xbb, 0x08, 0xe6, 0x4c, 0x17, 0xa6, 0x7c,
|
|
0x19, 0x60, 0xd3, 0x05, 0xb2, 0x8e, 0x6f, 0xd9
|
|
},
|
|
{
|
|
0x4a, 0xdd, 0xb0, 0x07, 0x29, 0xb0, 0xee, 0x79,
|
|
0xf6, 0x43, 0x03, 0x94, 0x8f, 0x16, 0xd5, 0xaa,
|
|
0x31, 0xe2, 0xcd, 0x38, 0x9c, 0x55, 0x77, 0xce,
|
|
0x5b, 0x2c, 0xa4, 0xfb, 0x62, 0x8f, 0x18, 0x61,
|
|
0x1d, 0x61, 0x46, 0xba, 0xb4, 0xdd, 0xd9, 0x80,
|
|
0xc8, 0x16, 0x3f, 0x49, 0x73, 0xa8, 0xe0, 0x77,
|
|
0xab, 0x94, 0xf1, 0x5f, 0x62, 0x0e, 0x8c, 0xf3,
|
|
0x05, 0xeb, 0x5a, 0x25, 0x9e, 0x32, 0x27, 0xcc
|
|
},
|
|
{
|
|
0xd7, 0x1d, 0x2d, 0xf8, 0x8e, 0xdb, 0x43, 0x85,
|
|
0x60, 0xa6, 0xf6, 0x3f, 0xb9, 0x70, 0x1a, 0x43,
|
|
0xa1, 0xc4, 0x92, 0x57, 0x38, 0x62, 0xe5, 0xbc,
|
|
0x5b, 0x01, 0x0c, 0xea, 0xc4, 0x9e, 0x7f, 0x29,
|
|
0x7a, 0x23, 0xb6, 0x1f, 0x49, 0xe0, 0x10, 0x76,
|
|
0x9c, 0x4a, 0xcb, 0xa1, 0xe7, 0x8d, 0x2d, 0xd8,
|
|
0x0f, 0xf9, 0x61, 0xc4, 0xa3, 0x95, 0xde, 0x0b,
|
|
0xf5, 0x3c, 0x32, 0x57, 0x58, 0x62, 0x84, 0xbe
|
|
}
|
|
};
|
|
|
|
static const uint8_t PC1[][8] =
|
|
{
|
|
{57, 49, 41, 33, 25, 17, 9, 1},
|
|
{58, 50, 42, 34, 26, 18, 10, 2},
|
|
{59, 51, 43, 35, 27, 19, 11, 3},
|
|
{60, 52, 44, 36, 63, 55, 47, 39},
|
|
{31, 23, 15, 7, 62, 54, 46, 38},
|
|
{30, 22, 14, 6, 61, 53, 45, 37},
|
|
{29, 21, 13, 5, 28, 20, 12, 4}
|
|
};
|
|
|
|
void doPC1(uint8_t data[])
|
|
{
|
|
uint8_t buf[8];
|
|
uint8_t i, j;
|
|
|
|
memset(buf, 0, 8);
|
|
|
|
for(j = 0; j < 7; j++)
|
|
{
|
|
for(i = 0; i < 8; i++)
|
|
{
|
|
uint8_t lookup = PC1[j][i];
|
|
buf[j] |= ((data[(lookup >> 3)] >> (8 - (lookup & 7))) & 1) << (7 - i);
|
|
}
|
|
}
|
|
|
|
memcpy(data, buf, 8);
|
|
}
|
|
|
|
static void doIp(uint8_t data[])
|
|
{
|
|
uint8_t j, k;
|
|
uint8_t val;
|
|
uint8_t buf[8];
|
|
uint8_t *p;
|
|
uint8_t i = 8;
|
|
memset(buf, 0, sizeof(buf));
|
|
|
|
for(i = 0; i < 8; i++)
|
|
{
|
|
val = data[i];
|
|
p = &buf[3];
|
|
j = 4;
|
|
|
|
do
|
|
{
|
|
for(k = 0; k <= 4; k += 4)
|
|
{
|
|
p[k] >>= 1;
|
|
if(val & 1) { p[k] |= 0x80; }
|
|
val >>= 1;
|
|
}
|
|
p--;
|
|
}
|
|
while(--j);
|
|
}
|
|
|
|
memcpy(data, buf, 8);
|
|
}
|
|
|
|
static void doIp_1(uint8_t data[])
|
|
{
|
|
uint8_t j, k;
|
|
uint8_t r = 0;
|
|
uint8_t buf[8];
|
|
uint8_t *p;
|
|
uint8_t i = 8;
|
|
|
|
for(i = 0; i < 8; i++)
|
|
{
|
|
p = &data[3];
|
|
j = 4;
|
|
|
|
do
|
|
{
|
|
for(k = 0; k <= 4; k += 4)
|
|
{
|
|
r >>= 1;
|
|
if(p[k] & 1) { r |= 0x80; }
|
|
p[k] >>= 1;
|
|
}
|
|
p--;
|
|
}
|
|
while(--j);
|
|
buf[i] = r;
|
|
}
|
|
|
|
memcpy(data, buf, 8);
|
|
}
|
|
|
|
static void makeK(uint8_t *left, uint8_t *right, uint8_t *K)
|
|
{
|
|
uint8_t i, j;
|
|
uint8_t bit, val;
|
|
uint8_t *p;
|
|
|
|
for(i = 0; i < 8; i++)
|
|
{
|
|
val = 0;
|
|
for(j = 0; j < 6; j++)
|
|
{
|
|
bit = PC2[i][j];
|
|
if(bit < 29)
|
|
{
|
|
bit = 28 - bit;
|
|
p = left;
|
|
}
|
|
else
|
|
{
|
|
bit = 56 - bit;
|
|
p = right;
|
|
}
|
|
val <<= 1;
|
|
if(p[bit >> 3] & (1 << (bit & 7))) { val |= 1; }
|
|
}
|
|
*K = val;
|
|
K++;
|
|
}
|
|
}
|
|
|
|
static void rightRot(uint8_t key[]) {
|
|
uint8_t carry = (key[0] & 1) ? 0x08 : 0;
|
|
key[0] = (key[0] >> 1) | ((key[1] & 1) ? 0x80 : 0);
|
|
key[1] = (key[1] >> 1) | ((key[2] & 1) ? 0x80 : 0);
|
|
key[2] = (key[2] >> 1) | ((key[3] & 1) ? 0x80 : 0);
|
|
key[3] = (key[3] >> 1) | carry;
|
|
}
|
|
|
|
static void rightRotKeys(uint8_t left[], uint8_t right[])
|
|
{
|
|
rightRot(left);
|
|
rightRot(right);
|
|
}
|
|
|
|
static void leftRot(uint8_t key[])
|
|
{
|
|
uint8_t carry = key[3] >> 3;
|
|
key[3] = 0x0F & ((key[3] << 1) | !!(key[2] & 0x80));
|
|
key[2] = (key[2] << 1) | !!(key[1] & 0x80);
|
|
key[1] = (key[1] << 1) | !!(key[0] & 0x80);
|
|
key[0] = (key[0] << 1) | carry;
|
|
}
|
|
|
|
static void leftRotKeys(uint8_t left[], uint8_t right[])
|
|
{
|
|
leftRot(left);
|
|
leftRot(right);
|
|
}
|
|
|
|
static void desCore(uint8_t data[], uint8_t K[], uint8_t result[])
|
|
{
|
|
uint8_t i, j;
|
|
uint8_t bit, val;
|
|
|
|
memset(result, 0, 4);
|
|
|
|
for(i = 0; i < 8; i++)
|
|
{
|
|
val = 0;
|
|
for(j = 0; j < 6; j++)
|
|
{
|
|
bit = 32 - E[i][j];
|
|
val <<= 1;
|
|
if(data[3 - (bit >> 3)] & (1 << (bit & 7))) { val |= 1; }
|
|
}
|
|
val ^= K[i];
|
|
val = SBOXES[i & 3][val];
|
|
if(i > 3)
|
|
{
|
|
val >>= 4;
|
|
}
|
|
val &= 0x0f;
|
|
result[i >> 1] |= (i & 1) ? val : (val << 4);
|
|
}
|
|
}
|
|
|
|
static void permut32(uint8_t data[])
|
|
{
|
|
uint8_t i, j;
|
|
uint8_t bit;
|
|
uint8_t r[4] = {0}; // init to keep Valgrind happy
|
|
uint8_t *p;
|
|
|
|
for(i = 0; i < 32; i++)
|
|
{
|
|
bit = 32 - P[i];
|
|
p = r;
|
|
for(j = 0; j < 3; j++)
|
|
{
|
|
*p = (*p << 1) | ((p[1] & 0x80) ? 1 : 0);
|
|
p++;
|
|
}
|
|
*p <<= 1;
|
|
if(data[3 - (bit >> 3)] & (1 << (bit & 7))) { *p |= 1; }
|
|
}
|
|
|
|
memcpy(data, r, 4);
|
|
}
|
|
|
|
static void swap(uint8_t left[], uint8_t right[])
|
|
{
|
|
uint8_t x[4];
|
|
|
|
memcpy(x, right, 4);
|
|
memcpy(right, left, 4);
|
|
memcpy(left, x, 4);
|
|
}
|
|
|
|
static void desRound(uint8_t left[], uint8_t right[], uint8_t data[], uint8_t mode, uint8_t k8)
|
|
{
|
|
uint8_t i;
|
|
uint8_t K[8];
|
|
uint8_t r[4];
|
|
uint8_t tempr[4];
|
|
unsigned short temp;
|
|
|
|
memcpy(tempr, data + 4, 4);
|
|
|
|
/* Viaccess */
|
|
temp = (short)k8 * (short)tempr[0] + (short)k8 + (short)tempr[0];
|
|
tempr[0] = (temp & 0xff) - ((temp >> 8) & 0xff);
|
|
if((temp & 0xff) - (temp >> 8) < 0)
|
|
{ tempr[0]++; }
|
|
|
|
makeK(left, right, K);
|
|
desCore(tempr, K, r);
|
|
permut32(r);
|
|
|
|
if(mode & DES_HASH)
|
|
{
|
|
i = r[0];
|
|
r[0] = r[1];
|
|
r[1] = i;
|
|
}
|
|
|
|
for(i = 0; i < 4; i++)
|
|
{
|
|
*data ^= r[i];
|
|
data++;
|
|
}
|
|
|
|
swap(data - 4, data);
|
|
}
|
|
|
|
void nc_des(uint8_t key[], uint8_t mode, uint8_t data[])
|
|
{
|
|
uint8_t i;
|
|
uint8_t left[8];
|
|
uint8_t right[8];
|
|
uint8_t *p = left;
|
|
|
|
short DESShift = (mode & DES_RIGHT) ? 0x8103 : 0xc081;
|
|
|
|
for(i = 3; i > 0; i--)
|
|
{
|
|
*p = (key[i - 1] << 4) | (key[i] >> 4);
|
|
p++;
|
|
}
|
|
left[3] = key[0] >> 4;
|
|
right[0] = key[6];
|
|
right[1] = key[5];
|
|
right[2] = key[4];
|
|
right[3] = key[3] & 0x0f;
|
|
|
|
if(mode & DES_IP) { doIp(data); }
|
|
|
|
do
|
|
{
|
|
if(!(mode & DES_RIGHT))
|
|
{
|
|
leftRotKeys(left, right);
|
|
if(!(DESShift & 0x8000)) { leftRotKeys(left, right); }
|
|
}
|
|
desRound(left, right, data, mode, key[7]);
|
|
|
|
if(mode & DES_RIGHT)
|
|
{
|
|
rightRotKeys(left, right);
|
|
if(!(DESShift & 0x8000)) { rightRotKeys(left, right); }
|
|
}
|
|
DESShift <<= 1;
|
|
}
|
|
while(DESShift);
|
|
|
|
swap(data, data + 4);
|
|
if(mode & DES_IP_1) { doIp_1(data); }
|
|
|
|
}
|
|
|
|
/*------------------------------------------------------------------------*/
|
|
static void des_key_parity_adjust(uint8_t *key, uint8_t len)
|
|
{
|
|
uint8_t i, j, parity;
|
|
|
|
for(i = 0; i < len; i++)
|
|
{
|
|
parity = 1;
|
|
for(j = 1; j < 8; j++) if((key[i] >> j) & 0x1) { parity = ~parity & 0x01; }
|
|
key[i] |= parity;
|
|
}
|
|
}
|
|
|
|
static uint8_t *des_key_spread(uint8_t *normal, uint8_t *spread)
|
|
{
|
|
spread[ 0] = normal[ 0] & 0xfe;
|
|
spread[ 1] = ((normal[ 0] << 7) | (normal[ 1] >> 1)) & 0xfe;
|
|
spread[ 2] = ((normal[ 1] << 6) | (normal[ 2] >> 2)) & 0xfe;
|
|
spread[ 3] = ((normal[ 2] << 5) | (normal[ 3] >> 3)) & 0xfe;
|
|
spread[ 4] = ((normal[ 3] << 4) | (normal[ 4] >> 4)) & 0xfe;
|
|
spread[ 5] = ((normal[ 4] << 3) | (normal[ 5] >> 5)) & 0xfe;
|
|
spread[ 6] = ((normal[ 5] << 2) | (normal[ 6] >> 6)) & 0xfe;
|
|
spread[ 7] = normal[ 6] << 1;
|
|
spread[ 8] = normal[ 7] & 0xfe;
|
|
spread[ 9] = ((normal[ 7] << 7) | (normal[ 8] >> 1)) & 0xfe;
|
|
spread[10] = ((normal[ 8] << 6) | (normal[ 9] >> 2)) & 0xfe;
|
|
spread[11] = ((normal[ 9] << 5) | (normal[10] >> 3)) & 0xfe;
|
|
spread[12] = ((normal[10] << 4) | (normal[11] >> 4)) & 0xfe;
|
|
spread[13] = ((normal[11] << 3) | (normal[12] >> 5)) & 0xfe;
|
|
spread[14] = ((normal[12] << 2) | (normal[13] >> 6)) & 0xfe;
|
|
spread[15] = normal[13] << 1;
|
|
|
|
des_key_parity_adjust(spread, 16);
|
|
return spread;
|
|
}
|
|
|
|
static void des_random_get(uint8_t *buffer, uint8_t len)
|
|
{
|
|
uint8_t idx = 0;
|
|
int randomNo = 0;
|
|
|
|
for(idx = 0; idx < len; idx++)
|
|
{
|
|
if(!(idx % 3)) { randomNo = rand(); }
|
|
buffer[idx] = (randomNo >> ((idx % 3) << 3)) & 0xff;
|
|
}
|
|
}
|
|
|
|
static void EuroDes(uint8_t key[], uint8_t operatingMode, uint8_t data[])
|
|
{
|
|
/* Eurocrypt 3-DES */
|
|
uint8_t mode = (operatingMode == HASH) ? 0 : DES_RIGHT;
|
|
nc_des(key, (uint8_t)(DES_IP | mode), data);
|
|
|
|
mode ^= DES_RIGHT;
|
|
nc_des(key + 8, mode, data);
|
|
|
|
mode ^= DES_RIGHT;
|
|
nc_des(key, (uint8_t)(mode | DES_IP_1), data);
|
|
}
|
|
|
|
int nc_des_encrypt(uint8_t *buffer, int len, uint8_t *deskey)
|
|
{
|
|
uint8_t checksum = 0;
|
|
uint8_t noPadBytes;
|
|
uint8_t padBytes[7];
|
|
char ivec[8];
|
|
short i;
|
|
|
|
if(!deskey) { return len; }
|
|
noPadBytes = (8 - ((len - 1) % 8)) % 8;
|
|
if(len + noPadBytes + 1 >= CWS_NETMSGSIZE - 8) { return -1; }
|
|
des_random_get(padBytes, noPadBytes);
|
|
for(i = 0; i < noPadBytes; i++) { buffer[len++] = padBytes[i]; }
|
|
for(i = 2; i < len; i++) { checksum ^= buffer[i]; }
|
|
buffer[len++] = checksum;
|
|
des_random_get((uint8_t *)ivec, 8);
|
|
memcpy(buffer + len, ivec, 8);
|
|
for(i = 2; i < len; i += 8)
|
|
{
|
|
uint8_t j;
|
|
for(j = 0; j < 8; j++) { buffer[i + j] ^= ivec[j]; }
|
|
EuroDes(deskey, HASH, buffer + i);
|
|
memcpy(ivec, buffer + i, 8);
|
|
}
|
|
len += 8;
|
|
return len;
|
|
}
|
|
|
|
int nc_des_decrypt(uint8_t *buffer, int len, uint8_t *deskey)
|
|
{
|
|
char ivec[8];
|
|
char nextIvec[8];
|
|
int i;
|
|
uint8_t checksum = 0;
|
|
|
|
if(!deskey) { return len; }
|
|
if((len - 2) % 8 || (len - 2) < 16) { return -1; }
|
|
len -= 8;
|
|
memcpy(nextIvec, buffer + len, 8);
|
|
for(i = 2; i < len; i += 8)
|
|
{
|
|
uint8_t j;
|
|
|
|
memcpy(ivec, nextIvec, 8);
|
|
memcpy(nextIvec, buffer + i, 8);
|
|
EuroDes(deskey, CRYPT, buffer + i);
|
|
for(j = 0; j < 8; j++)
|
|
{ buffer[i + j] ^= ivec[j]; }
|
|
}
|
|
for(i = 2; i < len; i++) { checksum ^= buffer[i]; }
|
|
if(checksum) { return -1; }
|
|
return len;
|
|
}
|
|
|
|
void nc_des_login_key_get(uint8_t *key1, uint8_t *key2, int len, uint8_t *des16)
|
|
{
|
|
uint8_t des14[14];
|
|
int i;
|
|
|
|
memcpy(des14, key1, sizeof(des14));
|
|
for(i = 0; i < len; i++) { des14[i % 14] ^= key2[i]; }
|
|
des16 = des_key_spread(des14, des16);
|
|
doPC1(des16);
|
|
doPC1(des16 + 8);
|
|
}
|