int main(int argc , char * argv[]) { unsigned char key[16]={ 0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88, 0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88 }; unsigned char vector[16]={ 0x1f,0x32,0x43,0x51,0x56,0x98,0xaf,0xed, 0xab,0xc8,0x21,0x45,0x63,0x72,0xac,0xfc }; unsigned char buff[4096]; int rd_fd,wr_fd, rdsz; AesCtx context; AesSetKey( &context , AES_KEY_128BIT,BLOCKMODE_CRT, key , vector ); rd_fd = open(“test.dat”, O_RDONLY); 14 wr_fd = open(“test.encoded”,O_WRONLY | O_CREAT); setmode(rd_fd,O_BINARY); setmode(wr_fd,O_BINARY); while( (rdsz = read(rd_fd, buff ,4096)) > 0 ) { // before last block , the block size should always be the multiply of 16 // the last block should be handled if the size is not a multiply of 16 AesEncryptCRT(&context , buff, buff, rdsz ); rdsz = AesRoundSize( rdsz, 16); write( wr_fd , buff , rdsz ); } close(rd_fd); close(wr_fd); }
const QByteArray Wad::Content( quint16 i ) { if( tmdData.isEmpty() || tikData.isEmpty() ) { Err( "Can't decryte data without a TMD and ticket" ); return QByteArray(); } Ticket ticket( tikData ); Tmd t( tmdData ); if( partsEnc.size() != t.Count() || i >= partsEnc.size() ) { Err( "I dont know whats going on some number is out of range and i dont like it" ); return QByteArray(); } QByteArray encData = partsEnc.at( i ); AesSetKey( ticket.DecryptedKey() ); QByteArray decData = AesDecrypt( t.Index( i ), encData ); decData.resize( t.Size( i ) ); QByteArray realHash = GetSha1( decData ); if( realHash != t.Hash( i ) ) { Err( QString( "hash doesnt match for content %1" ).arg( i ) ); return QByteArray(); } return decData; }
void bench_aes(int show) { Aes enc; double start, total, persec; int i; #ifdef HAVE_CAVIUM if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) printf("aes init cavium failed\n"); #endif AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); start = current_time(1); for(i = 0; i < numBlocks; i++) AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); total = current_time(0) - start; persec = 1 / total * numBlocks; #ifdef BENCH_EMBEDDED /* since using kB, convert to MB/s */ persec = persec / 1024; #endif if (show) printf("AES %d %s took %5.3f seconds, %6.2f MB/s\n", numBlocks, blockType, total, persec); #ifdef HAVE_CAVIUM AesFreeCavium(&enc); #endif }
/* AES Key Set, may have iv, will have direction */ int CRYPT_AES_KeySet(CRYPT_AES_CTX* aes, const unsigned char* key, unsigned int keyLen, const unsigned char* iv, int dir) { typedef char aes_test[sizeof(CRYPT_AES_CTX) >= sizeof(Aes) ? 1 : -1]; (void)sizeof(aes_test); if (aes == NULL || key == NULL) return BAD_FUNC_ARG; return AesSetKey((Aes*)aes, key, keyLen, iv, dir); }
int aes_test() { Aes enc; Aes dec; const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb }; byte key[] = "0123456789abcdef "; /* align */ byte iv[] = "1234567890abcdef "; /* align */ byte cipher[AES_BLOCK_SIZE]; byte plain [AES_BLOCK_SIZE]; AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); if (memcmp(plain, msg, AES_BLOCK_SIZE)) return -60; if (memcmp(cipher, verify, AES_BLOCK_SIZE)) return -61; return 0; }
void bench_aes() { Aes enc; double start, total, persec; int i; AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); start = current_time(); for(i = 0; i < megs; i++) AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); total = current_time() - start; persec = 1 / total * megs; printf("AES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, persec); }
Wad::Wad( const QList< QByteArray > &stuff, bool encrypted ) { ok = false; if( stuff.size() < 3 ) { Err( "Cant treate a wad with < 3 items" ); return; } tmdData = stuff.at( 0 ); tikData = stuff.at( 1 ); Ticket ticket( tikData ); Tmd t( tmdData ); quint16 cnt = stuff.size() - 2; if( cnt != t.Count() ) { Err( "The number of items given doesnt match the number in the tmd" ); return; } for( quint16 i = 0; i < cnt; i++ ) { QByteArray encData; if( encrypted ) { encData = stuff.at( i + 2 ); } else { QByteArray decDataPadded = PaddedByteArray( stuff.at( i + 2 ), 0x40 ); //doing this here in case there is some other object that is using the AES that would change the key on us AesSetKey( ticket.DecryptedKey() ); encData = AesEncrypt( t.Index( i ), decDataPadded ); } partsEnc << encData; } ok = true; }
/* check mcapi aes direct */ static int check_aesdirect(void) { CRYPT_AES_CTX mcAes; Aes defAes; int ret; byte out1[CRYPT_AES_BLOCK_SIZE]; byte out2[16]; /* one block at a time */ strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); strncpy((char*)iv, "1234567890abcdef", 16); /* 128 direct encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); if (ret != 0) { printf("mcapi aes-128 direct encrypt failed\n"); return -1; } AesEncryptDirect(&defAes, out2, ourData); if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-128 direct encrypt cmp failed\n"); return -1; } /* 128 direct decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); if (ret != 0) { printf("mcapi aes-128 direct decrypt failed\n"); return -1; } AesDecryptDirect(&defAes, out1, out1); if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-128 direct decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-128 direct decrypt orig cmp failed\n"); return -1; } /* 192 direct encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); if (ret != 0) { printf("mcapi aes-192 direct encrypt failed\n"); return -1; } AesEncryptDirect(&defAes, out2, ourData); if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-192 direct encrypt cmp failed\n"); return -1; } /* 192 direct decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); if (ret != 0) { printf("mcapi aes-192 direct decrypt failed\n"); return -1; } AesDecryptDirect(&defAes, out1, out1); if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-192 direct decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-192 direct decrypt orig cmp failed\n"); return -1; } /* 256 direct encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); if (ret != 0) { printf("mcapi aes-256 direct encrypt failed\n"); return -1; } AesEncryptDirect(&defAes, out2, ourData); if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-256 direct encrypt cmp failed\n"); return -1; } /* 256 direct decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); if (ret != 0) { printf("mcapi aes-256 direct decrypt failed\n"); return -1; } AesDecryptDirect(&defAes, out1, out1); if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-256 direct decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { printf("mcapi aes-256 direct decrypt orig cmp failed\n"); return -1; } printf("aes-direct mcapi test passed\n"); return 0; }
/* check mcapi aes ctr */ static int check_aesctr(void) { CRYPT_AES_CTX mcAes; Aes defAes; int ret; byte out1[AES_TEST_SIZE]; byte out2[AES_TEST_SIZE]; strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); strncpy((char*)iv, "1234567890abcdef", 16); /* 128 ctr encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-128 ctr encrypt failed\n"); return -1; } AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 ctr encrypt cmp failed\n"); return -1; } /* 128 ctr decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-128 ctr decrypt failed\n"); return -1; } if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 ctr decrypt orig cmp failed\n"); return -1; } /* 192 ctr encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-192 ctr encrypt failed\n"); return -1; } AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 ctr encrypt cmp failed\n"); return -1; } /* 192 ctr decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-192 ctr decrypt failed\n"); return -1; } if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 ctr decrypt orig cmp failed\n"); return -1; } /* 256 ctr encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-256 ctr encrypt failed\n"); return -1; } AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 ctr encrypt cmp failed\n"); return -1; } /* 256 ctr decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-256 ctr decrypt failed\n"); return -1; } if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 ctr decrypt orig cmp failed\n"); return -1; } printf("aes-ctr mcapi test passed\n"); return 0; }
static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, byte side) { #ifdef BUILD_ARC4 word32 sz = specs->key_size; if (specs->bulk_cipher_algorithm == rc4) { if (side == CLIENT_END) { Arc4SetKey(&enc->arc4, keys->client_write_key, sz); Arc4SetKey(&dec->arc4, keys->server_write_key, sz); } else { Arc4SetKey(&enc->arc4, keys->server_write_key, sz); Arc4SetKey(&dec->arc4, keys->client_write_key, sz); } } #endif #ifdef BUILD_HC128 if (specs->bulk_cipher_algorithm == hc128) { if (side == CLIENT_END) { Hc128_SetKey(&enc->hc128, keys->client_write_key, keys->client_write_IV); Hc128_SetKey(&dec->hc128, keys->server_write_key, keys->server_write_IV); } else { Hc128_SetKey(&enc->hc128, keys->server_write_key, keys->server_write_IV); Hc128_SetKey(&dec->hc128, keys->client_write_key, keys->client_write_IV); } } #endif #ifdef BUILD_RABBIT if (specs->bulk_cipher_algorithm == rabbit) { if (side == CLIENT_END) { RabbitSetKey(&enc->rabbit, keys->client_write_key, keys->client_write_IV); RabbitSetKey(&dec->rabbit, keys->server_write_key, keys->server_write_IV); } else { RabbitSetKey(&enc->rabbit, keys->server_write_key, keys->server_write_IV); RabbitSetKey(&dec->rabbit, keys->client_write_key, keys->client_write_IV); } } #endif #ifdef BUILD_DES3 if (specs->bulk_cipher_algorithm == triple_des) { if (side == CLIENT_END) { Des3_SetKey(&enc->des3, keys->client_write_key, keys->client_write_IV, DES_ENCRYPTION); Des3_SetKey(&dec->des3, keys->server_write_key, keys->server_write_IV, DES_DECRYPTION); } else { Des3_SetKey(&enc->des3, keys->server_write_key, keys->server_write_IV, DES_ENCRYPTION); Des3_SetKey(&dec->des3, keys->client_write_key, keys->client_write_IV, DES_DECRYPTION); } } #endif #ifdef BUILD_AES if (specs->bulk_cipher_algorithm == aes) { if (side == CLIENT_END) { AesSetKey(&enc->aes, keys->client_write_key, specs->key_size, keys->client_write_IV, AES_ENCRYPTION); AesSetKey(&dec->aes, keys->server_write_key, specs->key_size, keys->server_write_IV, AES_DECRYPTION); } else { AesSetKey(&enc->aes, keys->server_write_key, specs->key_size, keys->server_write_IV, AES_ENCRYPTION); AesSetKey(&dec->aes, keys->client_write_key, specs->key_size, keys->client_write_IV, AES_DECRYPTION); } } #endif keys->sequence_number = 0; keys->peer_sequence_number = 0; keys->encryptionOn = 0; return 0; }
static int SetKeys(SSL* ssl) { #ifdef BUILD_ARC4 word32 sz = ssl->specs.key_size; if (ssl->specs.bulk_cipher_algorithm == rc4) { if (ssl->options.side == CLIENT_END) { Arc4SetKey(&ssl->encrypt.arc4, ssl->keys.client_write_key, sz); Arc4SetKey(&ssl->decrypt.arc4, ssl->keys.server_write_key, sz); } else { Arc4SetKey(&ssl->encrypt.arc4, ssl->keys.server_write_key, sz); Arc4SetKey(&ssl->decrypt.arc4, ssl->keys.client_write_key, sz); } } #endif #ifdef BUILD_HC128 if (ssl->specs.bulk_cipher_algorithm == hc128) { if (ssl->options.side == CLIENT_END) { Hc128_SetKey(&ssl->encrypt.hc128, ssl->keys.client_write_key, ssl->keys.client_write_IV); Hc128_SetKey(&ssl->decrypt.hc128, ssl->keys.server_write_key, ssl->keys.server_write_IV); } else { Hc128_SetKey(&ssl->encrypt.hc128, ssl->keys.server_write_key, ssl->keys.server_write_IV); Hc128_SetKey(&ssl->decrypt.hc128, ssl->keys.client_write_key, ssl->keys.client_write_IV); } } #endif #ifdef BUILD_RABBIT if (ssl->specs.bulk_cipher_algorithm == rabbit) { if (ssl->options.side == CLIENT_END) { RabbitSetKey(&ssl->encrypt.rabbit, ssl->keys.client_write_key, ssl->keys.client_write_IV); RabbitSetKey(&ssl->decrypt.rabbit, ssl->keys.server_write_key, ssl->keys.server_write_IV); } else { RabbitSetKey(&ssl->encrypt.rabbit, ssl->keys.server_write_key, ssl->keys.server_write_IV); RabbitSetKey(&ssl->decrypt.rabbit, ssl->keys.client_write_key, ssl->keys.client_write_IV); } } #endif #ifdef BUILD_DES3 if (ssl->specs.bulk_cipher_algorithm == triple_des) { if (ssl->options.side == CLIENT_END) { Des3_SetKey(&ssl->encrypt.des3, ssl->keys.client_write_key, ssl->keys.client_write_IV, DES_ENCRYPTION); Des3_SetKey(&ssl->decrypt.des3, ssl->keys.server_write_key, ssl->keys.server_write_IV, DES_DECRYPTION); } else { Des3_SetKey(&ssl->encrypt.des3, ssl->keys.server_write_key, ssl->keys.server_write_IV, DES_ENCRYPTION); Des3_SetKey(&ssl->decrypt.des3, ssl->keys.client_write_key, ssl->keys.client_write_IV, DES_DECRYPTION); } } #endif #ifdef BUILD_AES if (ssl->specs.bulk_cipher_algorithm == aes) { if (ssl->options.side == CLIENT_END) { AesSetKey(&ssl->encrypt.aes, ssl->keys.client_write_key, ssl->specs.key_size, ssl->keys.client_write_IV, AES_ENCRYPTION); AesSetKey(&ssl->decrypt.aes, ssl->keys.server_write_key, ssl->specs.key_size, ssl->keys.server_write_IV, AES_DECRYPTION); } else { AesSetKey(&ssl->encrypt.aes, ssl->keys.server_write_key, ssl->specs.key_size, ssl->keys.server_write_IV, AES_ENCRYPTION); AesSetKey(&ssl->decrypt.aes, ssl->keys.client_write_key, ssl->specs.key_size, ssl->keys.client_write_IV, AES_DECRYPTION); } } #endif ssl->keys.sequence_number = 0; ssl->keys.peer_sequence_number = 0; ssl->keys.encryptionOn = 0; return 0; }
static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, byte side, void* heap, RNG* rng) { #ifdef BUILD_ARC4 word32 sz = specs->key_size; if (specs->bulk_cipher_algorithm == rc4) { enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); if (enc->arc4 == NULL) return MEMORY_E; dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); if (dec->arc4 == NULL) return MEMORY_E; if (side == CLIENT_END) { Arc4SetKey(enc->arc4, keys->client_write_key, sz); Arc4SetKey(dec->arc4, keys->server_write_key, sz); } else { Arc4SetKey(enc->arc4, keys->server_write_key, sz); Arc4SetKey(dec->arc4, keys->client_write_key, sz); } } #endif #ifdef HAVE_HC128 if (specs->bulk_cipher_algorithm == hc128) { enc->hc128 = (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); if (enc->hc128 == NULL) return MEMORY_E; dec->hc128 = (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); if (dec->hc128 == NULL) return MEMORY_E; if (side == CLIENT_END) { Hc128_SetKey(enc->hc128, keys->client_write_key, keys->client_write_IV); Hc128_SetKey(dec->hc128, keys->server_write_key, keys->server_write_IV); } else { Hc128_SetKey(enc->hc128, keys->server_write_key, keys->server_write_IV); Hc128_SetKey(dec->hc128, keys->client_write_key, keys->client_write_IV); } } #endif #ifdef BUILD_RABBIT if (specs->bulk_cipher_algorithm == rabbit) { enc->rabbit = (Rabbit*)XMALLOC(sizeof(Rabbit),heap,DYNAMIC_TYPE_CIPHER); if (enc->rabbit == NULL) return MEMORY_E; dec->rabbit = (Rabbit*)XMALLOC(sizeof(Rabbit),heap,DYNAMIC_TYPE_CIPHER); if (dec->rabbit == NULL) return MEMORY_E; if (side == CLIENT_END) { RabbitSetKey(enc->rabbit, keys->client_write_key, keys->client_write_IV); RabbitSetKey(dec->rabbit, keys->server_write_key, keys->server_write_IV); } else { RabbitSetKey(enc->rabbit, keys->server_write_key, keys->server_write_IV); RabbitSetKey(dec->rabbit, keys->client_write_key, keys->client_write_IV); } } #endif #ifdef BUILD_DES3 if (specs->bulk_cipher_algorithm == triple_des) { enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); if (enc->des3 == NULL) return MEMORY_E; dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); if (dec->des3 == NULL) return MEMORY_E; if (side == CLIENT_END) { Des3_SetKey(enc->des3, keys->client_write_key, keys->client_write_IV, DES_ENCRYPTION); Des3_SetKey(dec->des3, keys->server_write_key, keys->server_write_IV, DES_DECRYPTION); } else { Des3_SetKey(enc->des3, keys->server_write_key, keys->server_write_IV, DES_ENCRYPTION); Des3_SetKey(dec->des3, keys->client_write_key, keys->client_write_IV, DES_DECRYPTION); } } #endif #ifdef BUILD_AES if (specs->bulk_cipher_algorithm == aes) { enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); if (enc->aes == NULL) return MEMORY_E; dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); if (dec->aes == NULL) return MEMORY_E; if (side == CLIENT_END) { AesSetKey(enc->aes, keys->client_write_key, specs->key_size, keys->client_write_IV, AES_ENCRYPTION); AesSetKey(dec->aes, keys->server_write_key, specs->key_size, keys->server_write_IV, AES_DECRYPTION); } else { AesSetKey(enc->aes, keys->server_write_key, specs->key_size, keys->server_write_IV, AES_ENCRYPTION); AesSetKey(dec->aes, keys->client_write_key, specs->key_size, keys->client_write_IV, AES_DECRYPTION); } } #endif #ifdef BUILD_AESGCM if (specs->bulk_cipher_algorithm == aes_gcm) { byte iv[AES_GCM_EXP_IV_SZ]; enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); if (enc->aes == NULL) return MEMORY_E; dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); if (dec->aes == NULL) return MEMORY_E; /* Initialize the AES-GCM explicit IV to a random number. */ RNG_GenerateBlock(rng, iv, sizeof(iv)); AesGcmSetExpIV(enc->aes, iv); if (side == CLIENT_END) { AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size, keys->client_write_IV); AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size, keys->server_write_IV); } else { AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size, keys->server_write_IV); AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size, keys->client_write_IV); } } #endif keys->sequence_number = 0; keys->peer_sequence_number = 0; keys->encryptionOn = 0; (void)rng; return 0; }
/********************* Defination of aes_test() ***************************/ int aes_test(void) { Aes enc; Aes dec; /* Defination of input string to be used AES Enryption */ const byte msg[] = { /*length must be a multiple of 128 bits £¨16 bytes£©*/ 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, }; const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb, }; byte key[] = "0123456789abcdef"; /* align Must be 128 bits */ byte iv[] = "1234567890abcdef"; /* align Must be 128 bits */ byte cipher[AES_BLOCK_SIZE * 8]; byte plain [AES_BLOCK_SIZE * 8]; AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); /* Encryption process */ AesCbcEncrypt(&enc, cipher, msg, sizeof(msg)); /* Printf cipher text */ printf("The Cipher Text is: "); for(int i=0;i<sizeof(msg);i++) { printf("-%x",cipher[i]); /* Print Cipher Text after encryption */ } printf("\r\n"); printf("\r\n"); /* Decryption process */ AesCbcDecrypt(&dec, plain, cipher, sizeof(cipher)); /* Print plain text */ printf("The Plain Text is: "); for(int i=0;i<sizeof(msg);i++) { printf("-%x",plain[i]); /* Print Plain Text after decryption */ } printf("\r\n"); printf("\r\n"); /* Compare cipher text, generated from encryption, with verify[] predefined */ if (memcmp(cipher, verify, sizeof(msg))) return -1; /* Compare plain text£¬generated from decryption, with msg[] defined */ if (memcmp(plain, msg, sizeof(msg))) return 1; return 0; }
Wad::Wad( const QByteArray &stuff ) { ok = false; if( !stuff.size() )//prevent error text when it isnt required return; if( stuff.size() < 0x80 )//less than this and there is definitely nothing there { Err( "Size is < 0x80" ); return; } QByteArray copy = stuff; QBuffer b( © ); b.open( QIODevice::ReadOnly ); quint32 tmp; if(b.read( (char*)&tmp, 4 ) != 4) { b.close(); Err( "Can't read header size" ); return; } if( qFromBigEndian( tmp ) != 0x20 ) { b.close(); hexdump(stuff, 0, 0x10); Err( "Bad header size" ); return; } b.read( (char*)&tmp, 4 ); tmp = qFromBigEndian( tmp ); if( tmp != 0x49730000 && tmp != 0x69620000 && tmp != 0x426b0000 ) { b.close(); hexdump( stuff, 0, 0x40 ); Err( "Bad file magic word" ); return; } quint32 certSize; quint32 tikSize; quint32 tmdSize; quint32 appSize; quint32 footerSize; b.read( (char*)&certSize, 4 ); certSize = qFromBigEndian( certSize ); b.seek( 0x10 ); b.read( (char*)&tikSize, 4 ); tikSize = qFromBigEndian( tikSize ); b.read( (char*)&tmdSize, 4 ); tmdSize = qFromBigEndian( tmdSize ); b.read( (char*)&appSize, 4 ); appSize = qFromBigEndian( appSize ); b.read( (char*)&footerSize, 4 ); footerSize = qFromBigEndian( footerSize ); b.close();//close the buffer, the rest of the data can be checked without it //sanity check this thing quint32 s = stuff.size(); if( s < ( RU( certSize, 0x40 ) + RU( tikSize, 0x40 ) + RU( tmdSize, 0x40 ) + RU( appSize, 0x40 ) + RU( footerSize, 0x40 ) ) ) { Err( "Total size is less than the combined sizes of all the parts that it is supposed to contain" ); return; } quint32 pos = 0x40; certData = stuff.mid( pos, certSize ); pos += RU( certSize, 0x4 ); tikData = stuff.mid( pos, tikSize ); pos += RU( tikSize, 0x40 ); tmdData = stuff.mid( pos, tmdSize ); pos += RU( tmdSize, 0x40 ); Ticket ticket( tikData ); Tmd t( tmdData ); //the constructor for Ticket may have fixed a bad key index. replace the data just incase it did tikData = ticket.Data(); //hexdump( tikData ); //hexdump( tmdData ); if( ticket.Tid() != t.Tid() ) qWarning() << "wad contains 2 different TIDs"; quint32 cnt = t.Count(); //qDebug() << "Wad contains" << hex << cnt << "contents"; //another quick sanity check quint32 totalSize = 0; for( quint32 i = 0; i < cnt; i++ ) totalSize += t.Size( i ); if( totalSize > appSize ) { Err( "Size of all the apps in the tmd is greater than the size in the wad header" ); return; } //read all the contents, check the hash, and remember the data ( still encrypted ) for( quint32 i = 0; i < cnt; i++ ) { quint32 s = RU( t.Size( i ), 0x40 ); //qDebug() << "content" << i << "is at" << hex << pos // << "with size" << s; QByteArray encData = stuff.mid( pos, s ); pos += s; //doing this here in case there is some other object that //is using the AES that would change the key on us AesSetKey( ticket.DecryptedKey() ); QByteArray decData = AesDecrypt( t.Index( i ), encData ); decData.resize( t.Size( i ) ); QByteArray realHash = GetSha1( decData ); if( realHash != t.Hash( i ) ) { Err( QString( "hash doesnt match for content %1" ).arg( i ) ); } partsEnc << encData; } //wtf? some VC titles have a full banner as the footer? maybe somebody's wad packer is busted //QByteArray footer = stuff.mid( pos, stuff.size() - pos ); //qDebug() << "footer"; //hexdump( footer ); ok = true; }
Wad::Wad( QDir dir ) { ok = false; QFileInfoList tmds = dir.entryInfoList( QStringList() << "*.tmd" << "tmd.*", QDir::Files ); if( tmds.isEmpty() ) { Err( "TMD not found" ); return; } tmdData = ReadFile( tmds.at( 0 ).absoluteFilePath() ); if( tmdData.isEmpty() ) return; QFileInfoList tiks = dir.entryInfoList( QStringList() << "*.tik" << "cetk", QDir::Files ); if( tiks.isEmpty() ) { Err( "Ticket not found" ); return; } tikData = ReadFile( tiks.at( 0 ).absoluteFilePath() ); if( tikData.isEmpty() ) return; Tmd t( tmdData ); Ticket ticket( tikData ); //make sure to only add the tmd & ticket without all the cert mumbo jumbo tmdData = t.Data(); tikData = ticket.Data(); t = Tmd( tmdData ); ticket = Ticket( tikData ); quint16 cnt = t.Count(); bool tmdChanged = false; for( quint16 i = 0; i < cnt; i++ ) { QByteArray appD = ReadFile( dir.absoluteFilePath( t.Cid( i ) + ".app" ) ); if( appD.isEmpty() ) { Err( t.Cid( i ) + ".app not found" ); return; } if( (quint32)appD.size() != t.Size( i ) ) { t.SetSize( i, appD.size() ); tmdChanged = true; } QByteArray realHash = GetSha1( appD ); if( t.Hash( i ) != realHash ) { t.SetHash( i, realHash ); tmdChanged = true; } AesSetKey( ticket.DecryptedKey() ); appD = PaddedByteArray( appD, 0x40 ); QByteArray encData = AesEncrypt( t.Index( i ), appD ); partsEnc << encData; } //if something in the tmd changed, fakesign it if( tmdChanged ) { if( !t.FakeSign() ) { Err( "Error signing the wad" ); return; } else { tmdData = t.Data(); } } QFileInfoList certs = dir.entryInfoList( QStringList() << "*.cert", QDir::Files ); if( !certs.isEmpty() ) { certData = ReadFile( certs.at( 0 ).absoluteFilePath() ); } ok = true; }