aacs.c 2.79 KB
Newer Older
cRTrn13's avatar
cRTrn13 committed
1 2

#include <stdio.h>
cRTrn13's avatar
cRTrn13 committed
3
#include <malloc.h>
cRTrn13's avatar
openssl  
cRTrn13 committed
4 5
#include <string.h>
#include <openssl/aes.h>
cRTrn13's avatar
cRTrn13 committed
6 7

#include "aacs.h"
8
#include "crypto.h"
cRTrn13's avatar
cRTrn13 committed
9
#include "mmc.h"
cRTrn13's avatar
cRTrn13 committed
10
#include "../util/macro.h"
11
#include "../file/file.h"
cRTrn13's avatar
cRTrn13 committed
12

cRTrn13's avatar
cRTrn13 committed
13 14 15 16
int _calc_pk(AACS_KEYS *aacs);
int _calc_mk(AACS_KEYS *aacs);
int _calc_vuk(AACS_KEYS *aacs, const char *path);
int _calc_uks(AACS_KEYS *aacs, const char *path);
cRTrn13's avatar
openssl  
cRTrn13 committed
17
int _validate_pk(uint8_t *pk, uint8_t *cvalue, uint8_t *uv, uint8_t *vd, uint8_t *mk);
18 19 20
int _verify_ts(uint8_t *buf);


cRTrn13's avatar
cRTrn13 committed
21
int _calc_vuk(AACS_KEYS *aacs, const char *path)
cRTrn13's avatar
openssl  
cRTrn13 committed
22 23 24 25
{
    int a;
    AES_KEY aes;
    uint8_t vid[16];
cRTrn13's avatar
cRTrn13 committed
26
    MMC* mmc = NULL;
cRTrn13's avatar
openssl  
cRTrn13 committed
27

cRTrn13's avatar
cRTrn13 committed
28 29 30 31
    if ((mmc = mmc_open(path, aacs->host_priv_key, aacs->host_cert, aacs->host_nonce, aacs->host_key_point))) {
        if (mmc_read_vid(mmc)) {
            AES_set_decrypt_key(aacs->mk, 128, &aes);
            AES_decrypt(vid, aacs->vuk, &aes);
cRTrn13's avatar
openssl  
cRTrn13 committed
32 33

            for (a = 0; a < 16; a++) {
cRTrn13's avatar
cRTrn13 committed
34
                aacs->vuk[a] ^= vid[a];
cRTrn13's avatar
openssl  
cRTrn13 committed
35
            }
cRTrn13's avatar
cRTrn13 committed
36 37

            mmc_close(mmc);
cRTrn13's avatar
openssl  
cRTrn13 committed
38 39 40 41

            return 1;
        }

cRTrn13's avatar
cRTrn13 committed
42 43
        mmc_close(mmc);
    }
cRTrn13's avatar
openssl  
cRTrn13 committed
44 45 46 47

    return 0;
}

cRTrn13's avatar
cRTrn13 committed
48
int _calc_uks(AACS_KEYS *aacs, const char *path)
cRTrn13's avatar
openssl  
cRTrn13 committed
49 50
{
    AES_KEY aes;
51
    FILE_H *fp = NULL;
cRTrn13's avatar
openssl  
cRTrn13 committed
52 53 54 55 56 57
    unsigned char buf[16];
    char f_name[100];
    off_t f_pos;

    snprintf(f_name, 100, "/%s/AACS/Unit_Key_RO.inf", path);

58 59
    if ((fp = file_open(f_name, "rb"))) {
        file_read(fp, buf, 4);
cRTrn13's avatar
openssl  
cRTrn13 committed
60 61 62

        f_pos = MKINT_BE32(buf) + 48;

63 64
        file_seek(fp, f_pos, SEEK_SET);
        file_read(fp, buf, 16);
cRTrn13's avatar
openssl  
cRTrn13 committed
65

cRTrn13's avatar
cRTrn13 committed
66
        AES_set_decrypt_key(aacs->vuk, 128, &aes);
cRTrn13's avatar
openssl  
cRTrn13 committed
67 68
        AES_decrypt(buf, aacs->uks, &aes);

69
        file_close(fp);
cRTrn13's avatar
openssl  
cRTrn13 committed
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99

        return 1;
    }

    return 0;
}

int _validate_pk(uint8_t *pk, uint8_t *cvalue, uint8_t *uv, uint8_t *vd, uint8_t *mk)
{
    int a;
    AES_KEY aes;
    uint8_t dec_vd[16];

    AES_set_decrypt_key(pk, 128, &aes);
    AES_decrypt(cvalue, mk, &aes);

    for (a = 0; a < 4; a++) {
        mk[a + 12] ^= uv[a];
    }

    AES_set_decrypt_key(mk, 128, &aes);
    AES_decrypt(vd, dec_vd, &aes);

    if (!memcmp(dec_vd, "\x01\x23\x45\x67\x89\xAB\xCD\xEF", 8)) {
        return 1;
    }

    return 0;
}

cRTrn13's avatar
cRTrn13 committed
100
AACS_KEYS *aacs_open(const char *path)
cRTrn13's avatar
cRTrn13 committed
101
{
cRTrn13's avatar
cRTrn13 committed
102
    AACS_KEYS *aacs = malloc(sizeof(AACS_KEYS));
103 104

    // perform aacs waterfall
cRTrn13's avatar
cRTrn13 committed
105 106 107 108
    _calc_pk(aacs);
    _calc_mk(aacs);
    _calc_vuk(aacs, path);
    _calc_uks(aacs, path);
cRTrn13's avatar
cRTrn13 committed
109 110

    return aacs;
cRTrn13's avatar
cRTrn13 committed
111 112
}

cRTrn13's avatar
cRTrn13 committed
113
void aacs_close(AACS_KEYS *aacs)
cRTrn13's avatar
cRTrn13 committed
114 115 116 117
{
    X_FREE(aacs);
}

cRTrn13's avatar
cRTrn13 committed
118
int aacs_decrypt_unit(AACS_KEYS *aacs, uint8_t *buf)
119
{
cRTrn13's avatar
openssl  
cRTrn13 committed
120 121
    int a;
    AES_KEY aes;
122 123
    uint8_t seed[16], iv[] = { 0x0b, 0xa0, 0xf8, 0xdd, 0xfe, 0xa6, 0x1f, 0xb3, 0xd8, 0xdf, 0x9f, 0x56, 0x6a, 0x05, 0x0f, 0x78 };

cRTrn13's avatar
openssl  
cRTrn13 committed
124 125
    AES_set_encrypt_key(aacs->uks, 128, &aes);
    AES_encrypt(buf, seed, &aes);
126

cRTrn13's avatar
openssl  
cRTrn13 committed
127
    for (a = 0; a < 16; a++) {
128
        seed[a] ^= buf[a];
cRTrn13's avatar
openssl  
cRTrn13 committed
129
    }
130

cRTrn13's avatar
openssl  
cRTrn13 committed
131 132
    AES_set_decrypt_key( seed, 128, &aes );
    AES_cbc_encrypt(buf + 16,buf + 16, 6144 - 16, &aes, iv, 0);
cRTrn13's avatar
cRTrn13 committed
133 134

    return 1;
135
}