/src/ffmpeg/libavformat/asfcrypt.c

Source (jump to first uncovered line)
/*
 * ASF decryption
 * Copyright (c) 2007 Reimar Doeffinger
 * This is a rewrite of code contained in freeme/freeme2
 *
 * This file is part of FFmpeg.
 *
 * FFmpeg is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * FFmpeg is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with FFmpeg; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#include <stddef.h>
#include "libavutil/bswap.h"
#include "libavutil/des.h"
#include "libavutil/intreadwrite.h"
#include "libavutil/mem.h"
#include "libavutil/rc4.h"
#include "asfcrypt.h"

/**
 * @brief find multiplicative inverse modulo 2 ^ 32
 * @param v number to invert, must be odd!
 * @return number so that result * v = 1 (mod 2^32)
 */
static uint32_t inverse(uint32_t v)
{
    // v ^ 3 gives the inverse (mod 16), could also be implemented
    // as table etc. (only lowest 4 bits matter!)
    uint32_t inverse = v * v * v;
    // uses a fixpoint-iteration that doubles the number
    // of correct lowest bits each time
    inverse *= 2 - v * inverse;
    inverse *= 2 - v * inverse;
    inverse *= 2 - v * inverse;
    return inverse;
}

/**
 * @brief read keys from keybuf into keys
 * @param keybuf buffer containing the keys
 * @param keys output key array containing the keys for encryption in
 *             native endianness
 */
static void multiswap_init(const uint8_t keybuf[48], uint32_t keys[12])
{
    int i;
    for (i = 0; i < 12; i++)
        keys[i] = AV_RL32(keybuf + (i << 2)) | 1;
}

/**
 * @brief invert the keys so that encryption become decryption keys and
 *        the other way round.
 * @param keys key array of ints to invert
 */
static void multiswap_invert_keys(uint32_t keys[12])
{
    int i;
    for (i = 0; i < 5; i++)
        keys[i] = inverse(keys[i]);
    for (i = 6; i < 11; i++)
        keys[i] = inverse(keys[i]);
}

static uint32_t multiswap_step(const uint32_t keys[6], uint32_t v)
{
    int i;
    v *= keys[0];
    for (i = 1; i < 5; i++) {
        v  = (v >> 16) | (v << 16);
        v *= keys[i];
    }
    v += keys[5];
    return v;
}

static uint32_t multiswap_inv_step(const uint32_t keys[6], uint32_t v)
{
    int i;
    v -= keys[5];
    for (i = 4; i > 0; i--) {
        v *= keys[i];
        v  = (v >> 16) | (v << 16);
    }
    v *= keys[0];
    return v;
}

/**
 * @brief "MultiSwap" encryption
 * @param keys 32 bit numbers in machine endianness,
 *             0-4 and 6-10 must be inverted from decryption
 * @param key another key, this one must be the same for the decryption
 * @param data data to encrypt
 * @return encrypted data
 */
static uint64_t multiswap_enc(const uint32_t keys[12],
                              uint64_t key, uint64_t data)
{
    uint32_t a = data;
    uint32_t b = data >> 32;
    uint32_t c;
    uint32_t tmp;
    a  += key;
    tmp = multiswap_step(keys, a);
    b  += tmp;
    c   = (key >> 32) + tmp;
    tmp = multiswap_step(keys + 6, b);
    c  += tmp;
    return ((uint64_t)c << 32) | tmp;
}

/**
 * @brief "MultiSwap" decryption
 * @param keys 32 bit numbers in machine endianness,
 *             0-4 and 6-10 must be inverted from encryption
 * @param key another key, this one must be the same as for the encryption
 * @param data data to decrypt
 * @return decrypted data
 */
static uint64_t multiswap_dec(const uint32_t keys[12],
                              uint64_t key, uint64_t data)
{
    uint32_t a;
    uint32_t b;
    uint32_t c   = data >> 32;
    uint32_t tmp = data;
    c  -= tmp;
    b   = multiswap_inv_step(keys + 6, tmp);
    tmp = c - (key >> 32);
    b  -= tmp;
    a   = multiswap_inv_step(keys, tmp);
    a  -= key;
    return ((uint64_t)b << 32) | a;
}

void ff_asfcrypt_dec(const uint8_t key[20], uint8_t *data, int len)
{
    struct AVDES *des;
    struct AVRC4 *rc4;
    int num_qwords      = len >> 3;
    uint8_t *qwords     = data;
    uint64_t rc4buff[8] = { 0 };
    uint64_t packetkey;
    uint32_t ms_keys[12];
    uint64_t ms_state;
    int i;
    if (len < 16) {
        for (i = 0; i < len; i++)
            data[i] ^= key[i];
        return;
    }
    des = av_des_alloc();
    rc4 = av_rc4_alloc();
    if (!des || !rc4) {
        av_freep(&des);
        av_freep(&rc4);
        return;
    }

    av_rc4_init(rc4, key, 12 * 8, 1);
    av_rc4_crypt(rc4, (uint8_t *)rc4buff, NULL, sizeof(rc4buff), NULL, 1);
    multiswap_init((uint8_t *)rc4buff, ms_keys);

    packetkey  = AV_RN64(&qwords[num_qwords * 8 - 8]);
    packetkey ^= rc4buff[7];
    av_des_init(des, key + 12, 64, 1);
    av_des_crypt(des, (uint8_t *)&packetkey, (uint8_t *)&packetkey, 1, NULL, 1);
    packetkey ^= rc4buff[6];

    av_rc4_init(rc4, (uint8_t *)&packetkey, 64, 1);
    av_rc4_crypt(rc4, data, data, len, NULL, 1);

    ms_state = 0;
    for (i = 0; i < num_qwords - 1; i++, qwords += 8)
        ms_state = multiswap_enc(ms_keys, ms_state, AV_RL64(qwords));
    multiswap_invert_keys(ms_keys);
    packetkey = (packetkey << 32) | (packetkey >> 32);
    packetkey = av_le2ne64(packetkey);
    packetkey = multiswap_dec(ms_keys, ms_state, packetkey);
    AV_WL64(qwords, packetkey);

    av_free(rc4);
    av_free(des);
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* ASF decryption
3		* Copyright (c) 2007 Reimar Doeffinger
4		* This is a rewrite of code contained in freeme/freeme2
5		*
6		* This file is part of FFmpeg.
7		*
8		* FFmpeg is free software; you can redistribute it and/or
9		* modify it under the terms of the GNU Lesser General Public
10		* License as published by the Free Software Foundation; either
11		* version 2.1 of the License, or (at your option) any later version.
12		*
13		* FFmpeg is distributed in the hope that it will be useful,
14		* but WITHOUT ANY WARRANTY; without even the implied warranty of
15		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16		* Lesser General Public License for more details.
17		*
18		* You should have received a copy of the GNU Lesser General Public
19		* License along with FFmpeg; if not, write to the Free Software
20		* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21		*/
22
23		#include <stddef.h>
24		#include "libavutil/bswap.h"
25		#include "libavutil/des.h"
26		#include "libavutil/intreadwrite.h"
27		#include "libavutil/mem.h"
28		#include "libavutil/rc4.h"
29		#include "asfcrypt.h"
30
31		/**
32		* @brief find multiplicative inverse modulo 2 ^ 32
33		* @param v number to invert, must be odd!
34		* @return number so that result * v = 1 (mod 2^32)
35		*/
36		static uint32_t inverse(uint32_t v)
37	0	{
38		// v ^ 3 gives the inverse (mod 16), could also be implemented
39		// as table etc. (only lowest 4 bits matter!)
40	0	uint32_t inverse = v * v * v;
41		// uses a fixpoint-iteration that doubles the number
42		// of correct lowest bits each time
43	0	inverse = 2 - v inverse;
44	0	inverse = 2 - v inverse;
45	0	inverse = 2 - v inverse;
46	0	return inverse;
47	0	}
48
49		/**
50		* @brief read keys from keybuf into keys
51		* @param keybuf buffer containing the keys
52		* @param keys output key array containing the keys for encryption in
53		* native endianness
54		*/
55		static void multiswap_init(const uint8_t keybuf[48], uint32_t keys[12])
56	0	{
57	0	int i;
58	0	for (i = 0; i < 12; i++)
59	0	keys[i] = AV_RL32(keybuf + (i << 2)) \| 1;
60	0	}
61
62		/**
63		* @brief invert the keys so that encryption become decryption keys and
64		* the other way round.
65		* @param keys key array of ints to invert
66		*/
67		static void multiswap_invert_keys(uint32_t keys[12])
68	0	{
69	0	int i;
70	0	for (i = 0; i < 5; i++)
71	0	keys[i] = inverse(keys[i]);
72	0	for (i = 6; i < 11; i++)
73	0	keys[i] = inverse(keys[i]);
74	0	}
75
76		static uint32_t multiswap_step(const uint32_t keys[6], uint32_t v)
77	0	{
78	0	int i;
79	0	v *= keys[0];
80	0	for (i = 1; i < 5; i++) {
81	0	v = (v >> 16) \| (v << 16);
82	0	v *= keys[i];
83	0	}
84	0	v += keys[5];
85	0	return v;
86	0	}
87
88		static uint32_t multiswap_inv_step(const uint32_t keys[6], uint32_t v)
89	0	{
90	0	int i;
91	0	v -= keys[5];
92	0	for (i = 4; i > 0; i--) {
93	0	v *= keys[i];
94	0	v = (v >> 16) \| (v << 16);
95	0	}
96	0	v *= keys[0];
97	0	return v;
98	0	}
99
100		/**
101		* @brief "MultiSwap" encryption
102		* @param keys 32 bit numbers in machine endianness,
103		* 0-4 and 6-10 must be inverted from decryption
104		* @param key another key, this one must be the same for the decryption
105		* @param data data to encrypt
106		* @return encrypted data
107		*/
108		static uint64_t multiswap_enc(const uint32_t keys[12],
109		uint64_t key, uint64_t data)
110	0	{
111	0	uint32_t a = data;
112	0	uint32_t b = data >> 32;
113	0	uint32_t c;
114	0	uint32_t tmp;
115	0	a += key;
116	0	tmp = multiswap_step(keys, a);
117	0	b += tmp;
118	0	c = (key >> 32) + tmp;
119	0	tmp = multiswap_step(keys + 6, b);
120	0	c += tmp;
121	0	return ((uint64_t)c << 32) \| tmp;
122	0	}
123
124		/**
125		* @brief "MultiSwap" decryption
126		* @param keys 32 bit numbers in machine endianness,
127		* 0-4 and 6-10 must be inverted from encryption
128		* @param key another key, this one must be the same as for the encryption
129		* @param data data to decrypt
130		* @return decrypted data
131		*/
132		static uint64_t multiswap_dec(const uint32_t keys[12],
133		uint64_t key, uint64_t data)
134	0	{
135	0	uint32_t a;
136	0	uint32_t b;
137	0	uint32_t c = data >> 32;
138	0	uint32_t tmp = data;
139	0	c -= tmp;
140	0	b = multiswap_inv_step(keys + 6, tmp);
141	0	tmp = c - (key >> 32);
142	0	b -= tmp;
143	0	a = multiswap_inv_step(keys, tmp);
144	0	a -= key;
145	0	return ((uint64_t)b << 32) \| a;
146	0	}
147
148		void ff_asfcrypt_dec(const uint8_t key[20], uint8_t *data, int len)
149	0	{
150	0	struct AVDES *des;
151	0	struct AVRC4 *rc4;
152	0	int num_qwords = len >> 3;
153	0	uint8_t *qwords = data;
154	0	uint64_t rc4buff[8] = { 0 };
155	0	uint64_t packetkey;
156	0	uint32_t ms_keys[12];
157	0	uint64_t ms_state;
158	0	int i;
159	0	if (len < 16) {
160	0	for (i = 0; i < len; i++)
161	0	data[i] ^= key[i];
162	0	return;
163	0	}
164	0	des = av_des_alloc();
165	0	rc4 = av_rc4_alloc();
166	0	if (!des \|\| !rc4) {
167	0	av_freep(&des);
168	0	av_freep(&rc4);
169	0	return;
170	0	}
171
172	0	av_rc4_init(rc4, key, 12 * 8, 1);
173	0	av_rc4_crypt(rc4, (uint8_t *)rc4buff, NULL, sizeof(rc4buff), NULL, 1);
174	0	multiswap_init((uint8_t *)rc4buff, ms_keys);
175
176	0	packetkey = AV_RN64(&qwords[num_qwords * 8 - 8]);
177	0	packetkey ^= rc4buff[7];
178	0	av_des_init(des, key + 12, 64, 1);
179	0	av_des_crypt(des, (uint8_t )&packetkey, (uint8_t )&packetkey, 1, NULL, 1);
180	0	packetkey ^= rc4buff[6];
181
182	0	av_rc4_init(rc4, (uint8_t *)&packetkey, 64, 1);
183	0	av_rc4_crypt(rc4, data, data, len, NULL, 1);
184
185	0	ms_state = 0;
186	0	for (i = 0; i < num_qwords - 1; i++, qwords += 8)
187	0	ms_state = multiswap_enc(ms_keys, ms_state, AV_RL64(qwords));
188	0	multiswap_invert_keys(ms_keys);
189	0	packetkey = (packetkey << 32) \| (packetkey >> 32);
190	0	packetkey = av_le2ne64(packetkey);
191	0	packetkey = multiswap_dec(ms_keys, ms_state, packetkey);
192	0	AV_WL64(qwords, packetkey);
193
194	0	av_free(rc4);
195	0	av_free(des);
196	0	}

Coverage Report

Created: 2025-08-28 07:12