#include "des.h"
unsigned char via26_key[] = {
0x12, 0xCE, 0x62, 0x7A, 0xF6, 0x1A, 0x52, 0x1A,
0x94, 0xFA, 0xD6, 0x04, 0xB6, 0x18, 0xA4, 0x86,
0x10, 0x1E, 0x18, 0xA6, 0x00, 0x5A, 0x24, 0x14
};
static unsigned char xortable[] = { 0xD3, 0xBE, 0x5F, 0x43, 0x29, 0xDA, 0xFF, 0xC9 };
static unsigned char cw1xortable[] = { 0xB6, 0x67, 0x8B, 0x8C, 0x82, 0xA2, 0x6B, 0x4E };
unsigned char masktable[256]={
0xCB,0x90,0xB6,0xF5,0x44,0xB4,0x3A,0x32,0x66,0x48,0x1D,0xB5,0xAC,0xA1,0x12,0x9F,
0xB9,0xF7,0x0E,0x34,0xEF,0xE1,0x68,0xD3,0x83,0x2D,0x41,0xCF,0xBC,0x0A,0x55,0xBD,
0xA3,0x99,0xC3,0xD2,0x85,0xC4,0xE8,0x74,0xC5,0x51,0x82,0x58,0x70,0x19,0x9E,0x3B,
0x39,0xAD,0x07,0x9A,0x13,0xC7,0xD0,0xAF,0x92,0x30,0x06,0x2F,0xC8,0x5B,0x42,0xC1,
0x94,0x1A,0x3E,0x86,0x04,0xA0,0xB2,0x9D,0x09,0xF8,0x8E,0x84,0xED,0x6E,0x87,0xFC,
0x7B,0x29,0x59,0x77,0x9C,0x1E,0xDC,0xF3,0x2B,0x52,0xF9,0x3D,0xF4,0xA9,0xD8,0xDB,
0x7D,0xCC,0x78,0xDE,0xA2,0xA5,0x08,0xCD,0x16,0x71,0x80,0xB8,0x7F,0xFD,0x4D,0xF6,
0x2C,0x69,0xDF,0xF1,0x27,0x8B,0xFB,0x53,0x62,0x9B,0xE5,0x50,0x96,0x60,0xB0,0x6C,
0x6A,0xEE,0x2A,0x18,0x4B,0x24,0x43,0x4E,0xE6,0xAE,0xF2,0x75,0xE2,0xD7,0x4A,0xEA,
0x01,0xEC,0x38,0xFA,0x40,0xEB,0x7C,0xE0,0xA6,0x21,0x33,0x79,0x54,0x47,0x2E,0x0F,
0x45,0x0D,0x64,0x20,0xD4,0x65,0x98,0xBA,0xD6,0x5D,0xBB,0xB7,0x0C,0x31,0x89,0x37,
0x7E,0xD1,0x46,0xC6,0x05,0x0B,0x02,0xAB,0x6B,0x10,0xA7,0xAA,0x1C,0x1F,0xE3,0xF0,
0xFE,0x3F,0xE4,0x22,0x25,0x28,0xB3,0x35,0x3C,0xCE,0xE9,0x00,0x61,0x67,0xC9,0x1B,
0x36,0xB1,0x23,0x17,0xA4,0xDD,0xA8,0x8D,0x5E,0xFF,0xE7,0x5F,0x56,0xD5,0x63,0x72,
0x97,0x15,0x8C,0xBE,0xC2,0x7A,0x88,0xDA,0x26,0xCA,0x8F,0x95,0x91,0x4C,0x81,0x14,
0xBF,0x73,0x8A,0x57,0x5C,0x03,0x6F,0x11,0x49,0x5A,0x93,0x76,0x4F,0x6D,0xC0,0xD9
};
unsigned char permtable[]={ 0x06, 0x04, 0x00, 0x01, 0x03, 0x07, 0x02, 0x05 };
void show8(char *txt, unsigned char *data)
{
int i;
printf("%s:", txt);
for(i = 0; i < 8; i++) printf(" %02X", data[i]);
printf("\n");
}
unsigned char des32_permtable[32]={
0x01,0x03,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
};
unsigned char des32_masktable1[256]={
0x29,0xE0,0x0A,0x12,0x3D,0x6D,0x31,0x47,0xD2,0x30,0x07,0x8B,0x8E,0x94,0xBC,0xCF
,0xE3,0x6C,0x4F,0x80,0x1F,0x2F,0xBA,0x74,0xF4,0xD3,0x7B,0x86,0x2B,0x4D,0xE7,0xF3
,0xBD,0x23,0x9D,0x4C,0x7F,0x36,0xD1,0x5E,0xDA,0x03,0x79,0x3E,0x13,0x71,0x66,0x2C
,0xCC,0x14,0xA5,0x4B,0x2D,0x3A,0x0B,0x40,0x61,0xF9,0xED,0x82,0x1D,0xA1,0x00,0x0D
,0x7E,0x58,0xC8,0xB8,0xC3,0x9C,0x9A,0x1A,0x9B,0xC9,0xAE,0x3B,0x72,0x19,0x64,0xB0
,0x75,0x83,0x38,0x97,0xE8,0x52,0x93,0xB9,0x1C,0x28,0xCE,0xB3,0x0C,0x04,0x7C,0xD0
,0xD6,0x09,0x9F,0x5B,0x90,0x70,0x91,0x87,0xAA,0x92,0x10,0x89,0xD5,0x59,0x76,0xB4
,0xC2,0x18,0xC0,0xC6,0x8D,0xF8,0xEB,0x34,0x4A,0xCB,0xD8,0x49,0x17,0x22,0x9E,0x51
,0xDC,0xE2,0xAC,0x7A,0x46,0x96,0x5F,0x0F,0x42,0xEE,0x06,0xA4,0x48,0xC5,0xB2,0x54
,0x27,0x50,0x5C,0x63,0x65,0xFB,0x43,0x41,0xBB,0x25,0x08,0x73,0x6E,0xF6,0x6A,0x4E
,0x2E,0xEF,0xE9,0xB7,0xAD,0xF2,0x62,0x69,0x55,0xB1,0x01,0xD7,0x33,0xA3,0xFF,0xE5
,0x57,0xEA,0xA2,0x81,0x84,0x44,0xDF,0x88,0x7D,0xFC,0xF1,0x39,0x35,0x56,0xFE,0x05
,0x68,0x53,0x78,0x99,0xB5,0x6B,0xDB,0x8A,0xA6,0x1E,0x8F,0x02,0x16,0x1B,0xEC,0xD4
,0xA9,0x5D,0xFD,0xD9,0x77,0xAF,0xBE,0x11,0xA7,0x21,0x20,0x3C,0xC1,0xBF,0xB6,0xA8
,0xE6,0x32,0xFA,0xF0,0x6F,0xE4,0x16,0x95,0xF7,0x8C,0x45,0xA0,0x85,0xE1,0x3F,0x37
,0xF5,0x67,0x24,0x15,0xAB,0x60,0x26,0xCA,0x5A,0xC7,0x2A,0x0E,0x98,0xDD,0xCD,0xC4
};
unsigned char des32_masktable2[256]={
0xBE,0x10,0x6C,0xF9,0x25,0x7E,0xF2,0xC7,0x9D,0xDC,0x3E,0x15,0x96,0xBC,0x07,0x7F
,0x50,0x41,0x92,0x48,0x5A,0x63,0x9A,0x24,0xF4,0x0E,0x23,0x33,0x43,0xB7,0xED,0x2D
,0xD9,0x8E,0x30,0xCB,0xBF,0x5D,0x89,0x60,0xA0,0x62,0xC6,0xB1,0x57,0x08,0x4C,0x45
,0x80,0x81,0x67,0x4A,0xF5,0xBB,0x9C,0x02,0xAB,0x90,0xE7,0x3C,0x93,0x36,0x9F,0xBA
,0xCD,0xEA,0x97,0xD7,0x37,0x55,0xE8,0x6A,0x27,0xFC,0x83,0xC5,0xCC,0x5E,0x6D,0xB5
,0x31,0xF6,0x0D,0xF0,0xF7,0x53,0xC0,0x52,0xEF,0xA6,0x94,0x7A,0x18,0x20,0x22,0x7C
,0xE0,0xA8,0x74,0x3D,0xD5,0xEC,0x8D,0x6E,0xDA,0xB6,0x06,0x40,0x04,0x76,0xB3,0x2C
,0x44,0xDE,0x28,0x21,0x42,0x88,0x82,0xFB,0xD4,0xA3,0x87,0xD0,0xF3,0x54,0x4E,0x77
,0x61,0x1D,0x1C,0xB8,0xDF,0x2E,0x00,0x12,0x14,0xE5,0x16,0x69,0x8C,0x0B,0x95,0x7D
,0x85,0x26,0xA5,0x0C,0xB4,0x72,0x70,0xA9,0x35,0xCF,0x05,0x65,0xDB,0xB0,0x29,0x59
,0x71,0xBD,0x39,0xC4,0x3F,0x64,0x1A,0x01,0x0F,0x9E,0x3A,0xF8,0x2A,0x17,0x5B,0xD6
,0x11,0x46,0xEE,0x19,0x86,0xD1,0xC1,0x8A,0x98,0x9B,0xD2,0x56,0xE3,0x75,0x66,0xC9
,0x3B,0xFA,0x8F,0x1F,0x13,0x47,0xC8,0x5F,0xAF,0x6F,0x4D,0xA1,0xAC,0x34,0xE9,0xC3
,0x73,0xCA,0x38,0xDD,0xE6,0xD3,0xA2,0xA4,0x03,0x91,0x8B,0xD8,0x7B,0x1B,0x79,0xA7
,0x51,0x78,0xF1,0x32,0xB9,0x1E,0x2F,0x99,0xFF,0x4F,0x4B,0xFE,0xE4,0xCE,0x58,0xC2
,0xE2,0x09,0x84,0xB2,0xAD,0xEB,0x0A,0xFD,0xE1,0xAA,0x49,0xAE,0x68,0x6B,0x2B,0x5C
};
static void decode_key(unsigned char *masktable, unsigned char *key)
{
int i, k, j, round;
unsigned char b, tmp, xb, buff[16], *ptr;
for(round = 0, xb = 0xff; round < 4; round++) //OK
{
for(i = 0; i < 16; i++)
{
if((i & 3) == 0) xb++;
tmp = masktable[(i + 15) & 0x0f];
tmp ^= masktable[(i + 1) & 0x0f];
tmp ^= xb;
b = des32_masktable2[tmp];
b++;
masktable[i] ^= b;
}
}
for(i = 0, round = 0, k = 15;i < 16; i++, k--)
{
for(j = 0; j < 4; j++) //OK
{
buff[j] = key[j + 4];
}
round = (round + 12) & 0x0f; //OK
for(j = 0; j < 4; j++) //OK
{
buff[j] ^= masktable[round + j];
}
for(j = 0; j < 4; j++) //OK
{
buff[j] = des32_masktable2[buff[j]] + 1;
}
for(j = 6; j > 3; j--)
{
buff[(j + 2) & 3] ^= buff[(j + 1) & 3]; //OK
tmp = (buff[(j + 1) & 3] **** 4) + (buff[(j + 1) & 3] << 4) + buff[j & 3];
buff[j & 3] = des32_masktable1[tmp] + 1;
}
for(j = 3; j > 0; j--)
{
buff[(j + 2) & 3] ^= buff[(j + 1) & 3];
b = (buff[(j + 1) & 3] << 4) + (buff[(j + 1) & 3] **** 4) + buff[j & 3];
b = des32_masktable2[b];
b++;
buff[j & 3] = b;
}
buff[2] ^= buff[1];
buff[1] ^= buff[0];
for(j = 0; j < 4; j++)
{
key[j] ^= (des32_masktable1[buff[des32_permtable[j]]] + 1);
}
for(j = 3; j >= 0; j--) //OK
{
tmp = masktable[(round + j + 1) & 0x0f];
tmp ^= masktable[(round + j + 15) & 0x0f];
tmp ^= k;
masktable[round + j] ^= des32_masktable2[tmp] + 1;
}
if(i < 15)
{
for(j = 0; j < 4; j++)
{
b = key[j];
key[j] = key[j + 4];
key[j + 4] = b;
}
}
}
}
unsigned char source_023B00[97] = {
0x81, 0x70, 0x5E, 0x00, 0x90, 0x03, 0x02, 0x3B, 0x08, 0xE2, 0x03, 0x3C, 0x35, 0x0B, 0xE2, 0x03,
0x3C, 0x35, 0x0D, 0xE2, 0x03, 0x3C, 0x35, 0x0E, 0xE2, 0x03, 0x3C, 0x35, 0x41, 0xE2, 0x03, 0x3C,
0x35, 0x42, 0xE2, 0x03, 0x3C, 0x35, 0x43, 0xE2, 0x03, 0x3C, 0x35, 0x44, 0xE2, 0x03, 0x3C, 0x35,
0x45, 0xE2, 0x03, 0x3C, 0x35, 0x46, 0xE2, 0x03, 0x3C, 0x35, 0x47, 0xE2, 0x03, 0x3C, 0x35, 0x49,
0xE2, 0x03, 0x3C, 0x35, 0x4A, 0xEA, 0x10, 0x99, 0xE4, 0x66, 0x23, 0x00, 0x52, 0x06, 0xA1, 0x3F,
0xFD, 0xF8, 0x5B, 0xEB, 0x59, 0xDE, 0x35, 0xF0, 0x08, 0x46, 0x31, 0x31, 0x2E, 0xB9, 0x62, 0xC7,
0x76
};
unsigned char source_023B00[97] = {
0x81, 0x70, 0x5E, 0x00, 0x90, 0x03, 0x02, 0x3B, 0x08, 0xE2, 0x03, 0x3C, 0x35, 0x0B, 0xE2, 0x03,
0x3C, 0x35, 0x0D, 0xE2, 0x03, 0x3C, 0x35, 0x0E, 0xE2, 0x03, 0x3C, 0x35, 0x41, 0xE2, 0x03, 0x3C,
0x35, 0x42, 0xE2, 0x03, 0x3C, 0x35, 0x43, 0xE2, 0x03, 0x3C, 0x35, 0x44, 0xE2, 0x03, 0x3C, 0x35,
0x45, 0xE2, 0x03, 0x3C, 0x35, 0x46, 0xE2, 0x03, 0x3C, 0x35, 0x47, 0xE2, 0x03, 0x3C, 0x35, 0x49,
0xE2, 0x03, 0x3C, 0x35, 0x4A, 0xEA, 0x10, 0x99, 0xE4, 0x66, 0x23, 0x00, 0x52, 0x06, 0xA1, 0x3F,
0xFD, 0xF8, 0x5B, 0xEB, 0x59, 0xDE, 0x35, 0xF0, 0x08, 0x46, 0x31, 0x31, 0x2E, 0xB9, 0x62, 0xC7,
0x76
};
unsigned char Crypted_CW[16] = {
0x99, 0xE4, 0x66, 0x23, 0x00, 0x52, 0x06, 0xA1, 0x3F, 0xFD, 0xF8, 0x5B, 0xEB, 0x59, 0xDE, 0x35
};
int via26_decrypt(unsigned char *cw, unsigned char *dcw, unsigned char *key)
{
unsigned char tmp[8], des_key[8], des31_key[8], des32_key[8], *data;
int i, pass;
printf( " Incoming ECM's : \n");
//dump(source_023B00,97);
printf("Key : \n");
// dump(via26_key,0x24);
memcpy(via26_key, key, 8);
doPC1(via26_key);
memcpy(des31_key, key + 8, 8);
doPC1(des31_key);
memcpy(des32_key, key + 16, 8);
doPC1(des32_key);
memcpy(dcw, cw, 16);
for(pass = 0; pass < 2; pass++)
{
data=http://anonymouse.org/cgi-bin/anon-www.cgi/http://sat-elita.net/forum/dcw + pass * 8;
for(i = 0; i < 8; i++) tmp[i] = masktable[data[i]];
for(i = 0; i < 8; i++) data[i] = tmp[permtable[i]];
show8("after mixing", data);
des(des_key, DES_ECS2_CRYPT, data);
show8("after des", data);
xxor(data, 8, data, xortable);
show8("after xxor", data);
des(des31_key, DES_ECS2_DECRYPT, data);
des(des32_key, DES_ECS2_CRYPT, data);
des(des31_key, DES_ECS2_DECRYPT, data);
show8("after 3des", data);
xxor(data, 8, data, xortable);
show8("after xxor", data);
des(des_key, DES_ECS2_DECRYPT, data);
show8("after des", data);
for(i = 0; i < 8; i++) tmp[permtable[i]] = data[i];
for(i = 0; i < 8; i++) data[i] = key[tmp[i]];
show8("after mixing", data);
}
xxor(dcw, 8, dcw, cw1xortable);
xxor(dcw + 8, 8, dcw + 8, cw);
show8("CW1", dcw);
show8("CW2", dcw + 8);
// CW1 : 69 3B 1C C0 BE 2D 93 7E
// CW2 : CC 3A 24 2A 86 B7 0F 4C
}
unsigned char test_cw[16] = {
0x99, 0xE4, 0x66, 0x23, 0x00, 0x52, 0x06, 0xA1, 0x3F, 0xFD, 0xF8, 0x5B, 0xEB, 0x59, 0xDE, 0x35
};
unsigned char encoded_key[] = {
0x8A,0xEE,0x6D,0xBC,0xEA,0x66,0x92,0x4D,
0x10,0x1E,0x19,0xA6,0x00,0x5A,0x25,0x15 };
int main()
{
unsigned char dcw[0x10], key[8 * 3];
show8("encoded key", encoded_key);
decode_key(masktable, encoded_key);
show8("decoded key", encoded_key);
show8("original key", via26_key + 8);
via26_decrypt (test_cw,dcw, via26_key);
printf("CW:");
// dump(dcw,0x10);
// - DCW: 69 3B 1C C0 BE 2D 93 7E CC 3A 24 2A 86 B7 0F 4C
}
