/** * Return a newly allocated counter-mode AES128 cipher implementation, * using the 128-bit key <b>key</b> and the 128-bit IV <b>iv</b>. */ aes_cnt_cipher_t* aes_new_cipher(const char *key, const char *iv) { aes_cnt_cipher_t* result = tor_malloc_zero(sizeof(aes_cnt_cipher_t)); aes_set_key(result, key, 128); aes_set_iv(result, iv); return result; }
/** * Return a newly allocated counter-mode AES128 cipher implementation, * using the 128-bit key <b>key</b> and the 128-bit IV <b>iv</b>. */ aes_cnt_cipher_t* aes_new_cipher(const uint8_t *key, const uint8_t *iv, int bits) { aes_cnt_cipher_t* result = tor_malloc_zero(sizeof(aes_cnt_cipher_t)); aes_set_key(result, key, bits); aes_set_iv(result, iv); return result; }
int srtp_encrypt(struct srtp *srtp, struct mbuf *mb) { struct srtp_stream *strm; struct rtp_header hdr; struct comp *comp; size_t start; uint64_t ix; int err; if (!srtp || !mb) return EINVAL; comp = &srtp->rtp; start = mb->pos; err = rtp_hdr_decode(&hdr, mb); if (err) return err; err = stream_get_seq(&strm, srtp, hdr.ssrc, hdr.seq); if (err) return err; /* Roll-Over Counter (ROC) */ if (seq_diff(strm->s_l, hdr.seq) <= -32768) { strm->roc++; strm->s_l = 0; } ix = 65536ULL * strm->roc + hdr.seq; if (comp->aes) { union vect128 iv; uint8_t *p = mbuf_buf(mb); srtp_iv_calc(&iv, &comp->k_s, strm->ssrc, ix); aes_set_iv(comp->aes, iv.u8); err = aes_encr(comp->aes, p, p, mbuf_get_left(mb)); if (err) return err; } if (comp->hmac) { const size_t tag_start = mb->end; uint8_t tag[SHA_DIGEST_LENGTH]; mb->pos = tag_start; err = mbuf_write_u32(mb, htonl(strm->roc)); if (err) return err; mb->pos = start; err = hmac_digest(comp->hmac, tag, sizeof(tag), mbuf_buf(mb), mbuf_get_left(mb)); if (err) return err; mb->pos = mb->end = tag_start; err = mbuf_write_mem(mb, tag, comp->tag_len); if (err) return err; } if (hdr.seq > strm->s_l) strm->s_l = hdr.seq; mb->pos = start; return 0; }
int srtp_decrypt(struct srtp *srtp, struct mbuf *mb) { struct srtp_stream *strm; struct rtp_header hdr; struct comp *comp; uint64_t ix; size_t start; int diff; int err; if (!srtp || !mb) return EINVAL; comp = &srtp->rtp; start = mb->pos; err = rtp_hdr_decode(&hdr, mb); if (err) return err; err = stream_get_seq(&strm, srtp, hdr.ssrc, hdr.seq); if (err) return err; diff = seq_diff(strm->s_l, hdr.seq); if (diff > 32768) return ETIMEDOUT; /* Roll-Over Counter (ROC) */ if (diff <= -32768) { strm->roc++; strm->s_l = 0; } ix = srtp_get_index(strm->roc, strm->s_l, hdr.seq); if (comp->hmac) { uint8_t tag_calc[SHA_DIGEST_LENGTH]; uint8_t tag_pkt[SHA_DIGEST_LENGTH]; size_t pld_start, tag_start; if (mbuf_get_left(mb) < comp->tag_len) return EBADMSG; pld_start = mb->pos; tag_start = mb->end - comp->tag_len; mb->pos = tag_start; err = mbuf_read_mem(mb, tag_pkt, comp->tag_len); if (err) return err; mb->pos = mb->end = tag_start; err = mbuf_write_u32(mb, htonl(strm->roc)); if (err) return err; mb->pos = start; err = hmac_digest(comp->hmac, tag_calc, sizeof(tag_calc), mbuf_buf(mb), mbuf_get_left(mb)); if (err) return err; mb->pos = pld_start; mb->end = tag_start; if (0 != memcmp(tag_calc, tag_pkt, comp->tag_len)) return EAUTH; /* * 3.3.2. Replay Protection * * Secure replay protection is only possible when * integrity protection is present. */ if (!srtp_replay_check(&strm->replay_rtp, ix)) return EALREADY; } if (comp->aes) { union vect128 iv; uint8_t *p = mbuf_buf(mb); srtp_iv_calc(&iv, &comp->k_s, strm->ssrc, ix); aes_set_iv(comp->aes, iv.u8); err = aes_decr(comp->aes, p, p, mbuf_get_left(mb)); if (err) return err; } if (hdr.seq > strm->s_l) strm->s_l = hdr.seq; mb->pos = start; return 0; }
s32 wad_install(FIL *fil) { u16 i; u32 br; struct wadheader hdr __attribute__((aligned(32))); f_lseek(fil, 0); ASSERT(!f_read(fil, &hdr, sizeof(hdr), &br)); ASSERT(br == sizeof(hdr)); u32 offset = 0; static u8 key[16] __attribute__((aligned(64))) = {0,}; static u8 iv[16] __attribute__((aligned(64))) = {0,}; ASSERT(hdr.hdr_size == 0x20); offset += ALIGN(hdr.hdr_size, 0x40); offset += ALIGN(hdr.certs_size, 0x40); struct tik *tik = memalign(32, hdr.tik_size); ASSERT(tik); f_lseek(fil, offset); ASSERT(!f_read(fil, tik, hdr.tik_size, &br)); ASSERT(br == hdr.tik_size); offset += ALIGN(hdr.tik_size, 0x40); struct tmd *tmd = memalign(32, hdr.tmd_size); ASSERT(tmd); f_lseek(fil, offset); ASSERT(!f_read(fil, tmd, hdr.tmd_size, &br)); ASSERT(br == hdr.tmd_size); offset += ALIGN(hdr.tmd_size, 0x40); hexdump(tik, hdr.tik_size); hexdump(tmd, hdr.tmd_size); otp_init(); // Get the title key aes_reset(); aes_set_key(otp.common_key); memcpy(iv, &tik->title_id, 8); aes_set_iv(iv); printf("common:\n"); hexdump(otp.common_key, 16); printf("iv:\n"); hexdump(iv, 16); printf("ctk:\n"); hexdump(tik->cipher_title_key, 16); memcpy(iv, tik->cipher_title_key, 16); aes_decrypt(iv, key, 1, 0); memset(iv, 0, 16); printf("title key:\n"); hexdump(key, 16); printf("es_addtitle: %d\n", es_addtitle(tmd, tik)); printf("num contents: %d\n", tmd->num_contents); printf("%08x %08x\n", tmd, tik); for(i = 0; i < tmd->num_contents; i++) { #ifdef MSPACES u8 *content = mspace_memalign(mem2space, 32, ALIGN(tmd->contents[i].size, 0x40)); #else u8 *content = (void *)0x91000000;//memalign(32, ALIGN(tmd->contents[i].size, 0x40)); #endif ASSERT(content); f_lseek(fil, offset); printf("read content --> %08x size %08x", content, (u32) tmd->contents[i].size); ASSERT(!f_read(fil, content, ALIGN(tmd->contents[i].size, 0x40), &br)); printf("done\n"); ASSERT(br == ALIGN(tmd->contents[i].size, 0x40)); memcpy(iv, &tmd->contents[i].index, 2); aes_reset(); aes_set_key(key); aes_set_iv(iv); printf("an IV:\n"); hexdump(iv, 16); aes_decrypt(content, content, ALIGN(tmd->contents[i].size, 0x40) / 16, 0); printf("decrypted "); ASSERT(!es_addtitlecontent(tmd, tmd->contents[i].index, content, tmd->contents[i].size)); offset += ALIGN(tmd->contents[i].size, 0x40); #ifdef MSPACES mspace_free(mem2space, content); #else //free(content); #endif } free(tmd); free(tik); return 0; }