It makes more sense to return 1 here in case of overflow.
[FFMpeg-mirror/DVCPRO-HD.git] / libavformat / asfcrypt.c
blob74a3dcc431910bcbf6ab30783201e85e164f3d98
1 /*
2 * ASF decryption
3 * Copyright (c) 2007 Reimar Doeffinger
4 * This is a rewrite of code contained in freeme/freeme2
6 * This file is part of FFmpeg.
8 * FFmpeg is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2.1 of the License, or (at your option) any later version.
13 * FFmpeg is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with FFmpeg; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
23 #include "libavutil/common.h"
24 #include "libavutil/intreadwrite.h"
25 #include "libavutil/bswap.h"
26 #include "libavutil/des.h"
27 #include "libavutil/rc4.h"
28 #include "asfcrypt.h"
30 /**
31 * \brief find multiplicative inverse modulo 2 ^ 32
32 * \param v number to invert, must be odd!
33 * \return number so that result * v = 1 (mod 2^32)
35 static uint32_t inverse(uint32_t v) {
36 // v ^ 3 gives the inverse (mod 16), could also be implemented
37 // as table etc. (only lowest 4 bits matter!)
38 uint32_t inverse = v * v * v;
39 // uses a fixpoint-iteration that doubles the number
40 // of correct lowest bits each time
41 inverse *= 2 - v * inverse;
42 inverse *= 2 - v * inverse;
43 inverse *= 2 - v * inverse;
44 return inverse;
47 /**
48 * \brief read keys from keybuf into keys
49 * \param keybuf buffer containing the keys
50 * \param keys output key array containing the keys for encryption in
51 * native endianness
53 static void multiswap_init(const uint8_t keybuf[48], uint32_t keys[12]) {
54 int i;
55 for (i = 0; i < 12; i++)
56 keys[i] = AV_RL32(keybuf + (i << 2)) | 1;
59 /**
60 * \brief invert the keys so that encryption become decryption keys and
61 * the other way round.
62 * \param keys key array of ints to invert
64 static void multiswap_invert_keys(uint32_t keys[12]) {
65 int i;
66 for (i = 0; i < 5; i++)
67 keys[i] = inverse(keys[i]);
68 for (i = 6; i < 11; i++)
69 keys[i] = inverse(keys[i]);
72 static uint32_t multiswap_step(const uint32_t keys[12], uint32_t v) {
73 int i;
74 v *= keys[0];
75 for (i = 1; i < 5; i++) {
76 v = (v >> 16) | (v << 16);
77 v *= keys[i];
79 v += keys[5];
80 return v;
83 static uint32_t multiswap_inv_step(const uint32_t keys[12], uint32_t v) {
84 int i;
85 v -= keys[5];
86 for (i = 4; i > 0; i--) {
87 v *= keys[i];
88 v = (v >> 16) | (v << 16);
90 v *= keys[0];
91 return v;
94 /**
95 * \brief "MultiSwap" encryption
96 * \param keys 32 bit numbers in machine endianness,
97 * 0-4 and 6-10 must be inverted from decryption
98 * \param key another key, this one must be the same for the decryption
99 * \param data data to encrypt
100 * \return encrypted data
102 static uint64_t multiswap_enc(const uint32_t keys[12], uint64_t key, uint64_t data) {
103 uint32_t a = data;
104 uint32_t b = data >> 32;
105 uint32_t c;
106 uint32_t tmp;
107 a += key;
108 tmp = multiswap_step(keys , a);
109 b += tmp;
110 c = (key >> 32) + tmp;
111 tmp = multiswap_step(keys + 6, b);
112 c += tmp;
113 return ((uint64_t)c << 32) | tmp;
117 * \brief "MultiSwap" decryption
118 * \param keys 32 bit numbers in machine endianness,
119 * 0-4 and 6-10 must be inverted from encryption
120 * \param key another key, this one must be the same as for the encryption
121 * \param data data to decrypt
122 * \return decrypted data
124 static uint64_t multiswap_dec(const uint32_t keys[12], uint64_t key, uint64_t data) {
125 uint32_t a;
126 uint32_t b;
127 uint32_t c = data >> 32;
128 uint32_t tmp = data;
129 c -= tmp;
130 b = multiswap_inv_step(keys + 6, tmp);
131 tmp = c - (key >> 32);
132 b -= tmp;
133 a = multiswap_inv_step(keys , tmp);
134 a -= key;
135 return ((uint64_t)b << 32) | a;
138 void ff_asfcrypt_dec(const uint8_t key[20], uint8_t *data, int len) {
139 int num_qwords = len >> 3;
140 uint64_t *qwords = (uint64_t *)data;
141 uint64_t rc4buff[8];
142 uint64_t packetkey;
143 uint32_t ms_keys[12];
144 uint64_t ms_state;
145 int i;
146 if (len < 16) {
147 for (i = 0; i < len; i++)
148 data[i] ^= key[i];
149 return;
152 memset(rc4buff, 0, sizeof(rc4buff));
153 ff_rc4_enc(key, 12, (uint8_t *)rc4buff, sizeof(rc4buff));
154 multiswap_init((uint8_t *)rc4buff, ms_keys);
156 packetkey = qwords[num_qwords - 1];
157 packetkey ^= rc4buff[7];
158 packetkey = be2me_64(packetkey);
159 packetkey = ff_des_encdec(packetkey, AV_RB64(key + 12), 1);
160 packetkey = be2me_64(packetkey);
161 packetkey ^= rc4buff[6];
163 ff_rc4_enc((uint8_t *)&packetkey, 8, data, len);
165 ms_state = 0;
166 for (i = 0; i < num_qwords - 1; i++, qwords++)
167 ms_state = multiswap_enc(ms_keys, ms_state, AV_RL64(qwords));
168 multiswap_invert_keys(ms_keys);
169 packetkey = (packetkey << 32) | (packetkey >> 32);
170 packetkey = le2me_64(packetkey);
171 packetkey = multiswap_dec(ms_keys, ms_state, packetkey);
172 AV_WL64(qwords, packetkey);