aacs.c 4.35 KB
Newer Older
cRTrn13's avatar
cRTrn13 committed
1 2

#include <stdio.h>
cRTrn13's avatar
cRTrn13 committed
3
#include <malloc.h>
cRTrn13's avatar
openssl  
cRTrn13 committed
4
#include <string.h>
cRTrn13's avatar
cRTrn13 committed
5 6

#include "aacs.h"
7
#include "crypto.h"
cRTrn13's avatar
cRTrn13 committed
8
#include "mmc.h"
cRTrn13's avatar
cRTrn13 committed
9
#include "../util/macro.h"
10
#include "../file/file.h"
cRTrn13's avatar
cRTrn13 committed
11

cRTrn13's avatar
cRTrn13 committed
12
int _calc_pk(AACS_KEYS *aacs);
cRTrn13's avatar
keyfile  
cRTrn13 committed
13
int _calc_mk(AACS_KEYS *aacs, const char *path);
cRTrn13's avatar
cRTrn13 committed
14 15
int _calc_vuk(AACS_KEYS *aacs, const char *path);
int _calc_uks(AACS_KEYS *aacs, const char *path);
cRTrn13's avatar
openssl  
cRTrn13 committed
16
int _validate_pk(uint8_t *pk, uint8_t *cvalue, uint8_t *uv, uint8_t *vd, uint8_t *mk);
cRTrn13's avatar
keyfile  
cRTrn13 committed
17
int _verify_ts(uint8_t *buf, size_t size);
18

cRTrn13's avatar
keyfile  
cRTrn13 committed
19 20 21 22 23
int _calc_mk(AACS_KEYS *aacs, const char *path)
{
    int a, num_uvs = 0;
    char f_name[100];
    size_t len;
cRTrn13's avatar
cRTrn13 committed
24
    uint8_t *buf = NULL, *rec, *uvs, *key_pos, *pks;
cRTrn13's avatar
cRTrn13 committed
25
    uint16_t num_pks;
cRTrn13's avatar
keyfile  
cRTrn13 committed
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
    MKB *mkb = NULL;

    snprintf(f_name, 100, "%s/AACS/MKB_RO.inf", path);

    mkb = mkb_open(f_name);

    uvs = mkb_subdiff_records(mkb, &len);
    rec = uvs;
    while (rec < buf + len) {
        if (rec[0] & 0xc0)
            break;
        rec += 5;
        num_uvs++;
    }

    rec = mkb_cvalues(mkb, &len);
cRTrn13's avatar
cRTrn13 committed
42
    pks = configfile_record(aacs->kf, KF_PK_ARRAY, &num_pks, NULL);
cRTrn13's avatar
cRTrn13 committed
43 44
    key_pos = pks;
    while (key_pos < pks + num_pks * 16) {
cRTrn13's avatar
keyfile  
cRTrn13 committed
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61
        memcpy(aacs->pk, key_pos, 16);

        for (a = 0; a < num_uvs; a++)
            if (_validate_pk(aacs->pk, rec + a * 16, uvs + 1 + a * 5, mkb_mk_dv(mkb), aacs->mk)) {
                mkb_close(mkb);
                X_FREE(buf);
                return 1;
            }

        key_pos += 16;
    }

    mkb_close(mkb);
    X_FREE(buf);

    return 0;
}
62

cRTrn13's avatar
cRTrn13 committed
63
int _calc_vuk(AACS_KEYS *aacs, const char *path)
cRTrn13's avatar
openssl  
cRTrn13 committed
64 65 66 67
{
    int a;
    AES_KEY aes;
    uint8_t vid[16];
cRTrn13's avatar
cRTrn13 committed
68
    MMC* mmc = NULL;
cRTrn13's avatar
openssl  
cRTrn13 committed
69

cRTrn13's avatar
cRTrn13 committed
70
    if ((mmc = mmc_open(path,
cRTrn13's avatar
cRTrn13 committed
71 72 73 74
            configfile_record(aacs->kf, KF_HOST_PRIV_KEY, NULL, NULL),
            configfile_record(aacs->kf, KF_HOST_CERT, NULL, NULL),
            configfile_record(aacs->kf, KF_HOST_NONCE, NULL, NULL),
            configfile_record(aacs->kf, KF_HOST_KEY_POINT, NULL, NULL)))) {
cRTrn13's avatar
cRTrn13 committed
75 76 77
        if (mmc_read_vid(mmc)) {
            AES_set_decrypt_key(aacs->mk, 128, &aes);
            AES_decrypt(vid, aacs->vuk, &aes);
cRTrn13's avatar
openssl  
cRTrn13 committed
78 79

            for (a = 0; a < 16; a++) {
cRTrn13's avatar
cRTrn13 committed
80
                aacs->vuk[a] ^= vid[a];
cRTrn13's avatar
openssl  
cRTrn13 committed
81
            }
cRTrn13's avatar
cRTrn13 committed
82 83

            mmc_close(mmc);
cRTrn13's avatar
openssl  
cRTrn13 committed
84 85 86 87

            return 1;
        }

cRTrn13's avatar
cRTrn13 committed
88 89
        mmc_close(mmc);
    }
cRTrn13's avatar
openssl  
cRTrn13 committed
90 91 92 93

    return 0;
}

cRTrn13's avatar
cRTrn13 committed
94
int _calc_uks(AACS_KEYS *aacs, const char *path)
cRTrn13's avatar
openssl  
cRTrn13 committed
95 96
{
    AES_KEY aes;
97
    FILE_H *fp = NULL;
cRTrn13's avatar
openssl  
cRTrn13 committed
98 99 100 101 102 103
    unsigned char buf[16];
    char f_name[100];
    off_t f_pos;

    snprintf(f_name, 100, "/%s/AACS/Unit_Key_RO.inf", path);

104 105
    if ((fp = file_open(f_name, "rb"))) {
        file_read(fp, buf, 4);
cRTrn13's avatar
openssl  
cRTrn13 committed
106 107 108

        f_pos = MKINT_BE32(buf) + 48;

109 110
        file_seek(fp, f_pos, SEEK_SET);
        file_read(fp, buf, 16);
cRTrn13's avatar
openssl  
cRTrn13 committed
111

cRTrn13's avatar
cRTrn13 committed
112
        AES_set_decrypt_key(aacs->vuk, 128, &aes);
cRTrn13's avatar
openssl  
cRTrn13 committed
113 114
        AES_decrypt(buf, aacs->uks, &aes);

115
        file_close(fp);
cRTrn13's avatar
openssl  
cRTrn13 committed
116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145

        return 1;
    }

    return 0;
}

int _validate_pk(uint8_t *pk, uint8_t *cvalue, uint8_t *uv, uint8_t *vd, uint8_t *mk)
{
    int a;
    AES_KEY aes;
    uint8_t dec_vd[16];

    AES_set_decrypt_key(pk, 128, &aes);
    AES_decrypt(cvalue, mk, &aes);

    for (a = 0; a < 4; a++) {
        mk[a + 12] ^= uv[a];
    }

    AES_set_decrypt_key(mk, 128, &aes);
    AES_decrypt(vd, dec_vd, &aes);

    if (!memcmp(dec_vd, "\x01\x23\x45\x67\x89\xAB\xCD\xEF", 8)) {
        return 1;
    }

    return 0;
}

cRTrn13's avatar
cRTrn13 committed
146
AACS_KEYS *aacs_open(const char *path, const char *configfile_path)
cRTrn13's avatar
cRTrn13 committed
147
{
cRTrn13's avatar
cRTrn13 committed
148
    AACS_KEYS *aacs = malloc(sizeof(AACS_KEYS));
149

cRTrn13's avatar
cRTrn13 committed
150
    aacs->kf = NULL;
cRTrn13's avatar
cRTrn13 committed
151
    if ((aacs->kf = configfile_open(configfile_path))) {
cRTrn13's avatar
cRTrn13 committed
152 153 154 155
        _calc_pk(aacs);
        _calc_mk(aacs, path);
        _calc_vuk(aacs, path);
        _calc_uks(aacs, path);
cRTrn13's avatar
keyfile  
cRTrn13 committed
156

cRTrn13's avatar
cRTrn13 committed
157 158
        return aacs;
    }
cRTrn13's avatar
cRTrn13 committed
159

cRTrn13's avatar
cRTrn13 committed
160
    return NULL;
cRTrn13's avatar
cRTrn13 committed
161 162
}

cRTrn13's avatar
cRTrn13 committed
163
void aacs_close(AACS_KEYS *aacs)
cRTrn13's avatar
cRTrn13 committed
164
{
cRTrn13's avatar
cRTrn13 committed
165
    configfile_close(aacs->kf);
cRTrn13's avatar
cRTrn13 committed
166

cRTrn13's avatar
cRTrn13 committed
167 168 169
    X_FREE(aacs);
}

cRTrn13's avatar
cRTrn13 committed
170
int aacs_decrypt_unit(AACS_KEYS *aacs, uint8_t *buf, uint32_t len)
171
{
cRTrn13's avatar
cRTrn13 committed
172 173 174 175 176 177 178
    if (len % 6144) {
        AES_cbc_encrypt(buf, buf, len, &aacs->aes, aacs->iv, 0);

        return 1;
    } else {
        int a;
        uint8_t key[16], iv[] = { 0x0b, 0xa0, 0xf8, 0xdd, 0xfe, 0xa6, 0x1f, 0xb3, 0xd8, 0xdf, 0x9f, 0x56, 0x6a, 0x05, 0x0f, 0x78 };
179

cRTrn13's avatar
cRTrn13 committed
180
        memcpy(aacs->iv, iv, 16);
181

cRTrn13's avatar
cRTrn13 committed
182 183
        AES_set_encrypt_key(aacs->uks, 128, &aacs->aes);
        AES_encrypt(buf, key, &aacs->aes);
184

cRTrn13's avatar
cRTrn13 committed
185 186 187
        for (a = 0; a < 16; a++) {
            key[a] ^= buf[a];
        }
cRTrn13's avatar
cRTrn13 committed
188

cRTrn13's avatar
cRTrn13 committed
189 190
        AES_set_decrypt_key(key, 128, &aacs->aes);
        AES_cbc_encrypt(buf + 16, buf + 16, 6144 - 16, &aacs->aes, iv, 0);
cRTrn13's avatar
cRTrn13 committed
191 192 193 194 195

        return 1;
    }

    return 0;
196
}