1 #include "rar.hpp"
2
3 #ifndef SFX_MODULE
4 extern uint CRCTab[256];
5 #endif
6
7 #define NROUNDS 32
8
9 #define rol(x,n,xsize) (((x)<<(n)) | ((x)>>(xsize-(n))))
10 #define ror(x,n,xsize) (((x)>>(n)) | ((x)<<(xsize-(n))))
11
12 #define substLong(t) ( (uint)SubstTable[(uint)t&255] | \
13 ((uint)SubstTable[(int)(t>> 8)&255]<< 8) | \
14 ((uint)SubstTable[(int)(t>>16)&255]<<16) | \
15 ((uint)SubstTable[(int)(t>>24)&255]<<24) )
16
17 CryptKeyCacheItem CryptData::Cache[4];
18 int CryptData::CachePos=0;
19
20
21 #ifndef SFX_MODULE
22 static byte InitSubstTable[256]={
23 215, 19,149, 35, 73,197,192,205,249, 28, 16,119, 48,221, 2, 42,
24 232, 1,177,233, 14, 88,219, 25,223,195,244, 90, 87,239,153,137,
25 255,199,147, 70, 92, 66,246, 13,216, 40, 62, 29,217,230, 86, 6,
26 71, 24,171,196,101,113,218,123, 93, 91,163,178,202, 67, 44,235,
27 107,250, 75,234, 49,167,125,211, 83,114,157,144, 32,193,143, 36,
28 158,124,247,187, 89,214,141, 47,121,228, 61,130,213,194,174,251,
29 97,110, 54,229,115, 57,152, 94,105,243,212, 55,209,245, 63, 11,
30 164,200, 31,156, 81,176,227, 21, 76, 99,139,188,127, 17,248, 51,
31 207,120,189,210, 8,226, 41, 72,183,203,135,165,166, 60, 98, 7,
32 122, 38,155,170, 69,172,252,238, 39,134, 59,128,236, 27,240, 80,
33 131, 3, 85,206,145, 79,154,142,159,220,201,133, 74, 64, 20,129,
34 224,185,138,103,173,182, 43, 34,254, 82,198,151,231,180, 58, 10,
35 118, 26,102, 12, 50,132, 22,191,136,111,162,179, 45, 4,148,108,
36 161, 56, 78,126,242,222, 15,175,146, 23, 33,241,181,190, 77,225,
37 0, 46,169,186, 68, 95,237, 65, 53,208,253,168, 9, 18,100, 52,
38 116,184,160, 96,109, 37, 30,106,140,104,150, 5,204,117,112, 84
39 };
40 #endif
41
42
43
DecryptBlock(byte * Buf,size_t Size)44 void CryptData::DecryptBlock(byte *Buf,size_t Size)
45 {
46 rin.blockDecrypt(Buf,Size,Buf);
47 }
48
49
50 #ifndef SFX_MODULE
EncryptBlock20(byte * Buf)51 void CryptData::EncryptBlock20(byte *Buf)
52 {
53 uint A,B,C,D,T,TA,TB;
54 #if defined(BIG_ENDIAN) || !defined(PRESENT_INT32) || !defined(ALLOW_NOT_ALIGNED_INT)
55 A=((uint)Buf[0]|((uint)Buf[1]<<8)|((uint)Buf[2]<<16)|((uint)Buf[3]<<24))^Key[0];
56 B=((uint)Buf[4]|((uint)Buf[5]<<8)|((uint)Buf[6]<<16)|((uint)Buf[7]<<24))^Key[1];
57 C=((uint)Buf[8]|((uint)Buf[9]<<8)|((uint)Buf[10]<<16)|((uint)Buf[11]<<24))^Key[2];
58 D=((uint)Buf[12]|((uint)Buf[13]<<8)|((uint)Buf[14]<<16)|((uint)Buf[15]<<24))^Key[3];
59 #else
60 uint32 *BufPtr=(uint32 *)Buf;
61 A=BufPtr[0]^Key[0];
62 B=BufPtr[1]^Key[1];
63 C=BufPtr[2]^Key[2];
64 D=BufPtr[3]^Key[3];
65 #endif
66 for(int I=0;I<NROUNDS;I++)
67 {
68 T=((C+rol(D,11,32))^Key[I&3]);
69 TA=A^substLong(T);
70 T=((D^rol(C,17,32))+Key[I&3]);
71 TB=B^substLong(T);
72 A=C;
73 B=D;
74 C=TA;
75 D=TB;
76 }
77 #if defined(BIG_ENDIAN) || !defined(PRESENT_INT32) || !defined(ALLOW_NOT_ALIGNED_INT)
78 C^=Key[0];
79 Buf[0]=(byte)C;
80 Buf[1]=(byte)(C>>8);
81 Buf[2]=(byte)(C>>16);
82 Buf[3]=(byte)(C>>24);
83 D^=Key[1];
84 Buf[4]=(byte)D;
85 Buf[5]=(byte)(D>>8);
86 Buf[6]=(byte)(D>>16);
87 Buf[7]=(byte)(D>>24);
88 A^=Key[2];
89 Buf[8]=(byte)A;
90 Buf[9]=(byte)(A>>8);
91 Buf[10]=(byte)(A>>16);
92 Buf[11]=(byte)(A>>24);
93 B^=Key[3];
94 Buf[12]=(byte)B;
95 Buf[13]=(byte)(B>>8);
96 Buf[14]=(byte)(B>>16);
97 Buf[15]=(byte)(B>>24);
98 #else
99 BufPtr[0]=C^Key[0];
100 BufPtr[1]=D^Key[1];
101 BufPtr[2]=A^Key[2];
102 BufPtr[3]=B^Key[3];
103 #endif
104 UpdKeys(Buf);
105 }
106
107
DecryptBlock20(byte * Buf)108 void CryptData::DecryptBlock20(byte *Buf)
109 {
110 byte InBuf[16];
111 uint A,B,C,D,T,TA,TB;
112 #if defined(BIG_ENDIAN) || !defined(PRESENT_INT32) || !defined(ALLOW_NOT_ALIGNED_INT)
113 A=((uint)Buf[0]|((uint)Buf[1]<<8)|((uint)Buf[2]<<16)|((uint)Buf[3]<<24))^Key[0];
114 B=((uint)Buf[4]|((uint)Buf[5]<<8)|((uint)Buf[6]<<16)|((uint)Buf[7]<<24))^Key[1];
115 C=((uint)Buf[8]|((uint)Buf[9]<<8)|((uint)Buf[10]<<16)|((uint)Buf[11]<<24))^Key[2];
116 D=((uint)Buf[12]|((uint)Buf[13]<<8)|((uint)Buf[14]<<16)|((uint)Buf[15]<<24))^Key[3];
117 #else
118 uint32 *BufPtr=(uint32 *)Buf;
119 A=BufPtr[0]^Key[0];
120 B=BufPtr[1]^Key[1];
121 C=BufPtr[2]^Key[2];
122 D=BufPtr[3]^Key[3];
123 #endif
124 memcpy(InBuf,Buf,sizeof(InBuf));
125 for(int I=NROUNDS-1;I>=0;I--)
126 {
127 T=((C+rol(D,11,32))^Key[I&3]);
128 TA=A^substLong(T);
129 T=((D^rol(C,17,32))+Key[I&3]);
130 TB=B^substLong(T);
131 A=C;
132 B=D;
133 C=TA;
134 D=TB;
135 }
136 #if defined(BIG_ENDIAN) || !defined(PRESENT_INT32) || !defined(ALLOW_NOT_ALIGNED_INT)
137 C^=Key[0];
138 Buf[0]=(byte)C;
139 Buf[1]=(byte)(C>>8);
140 Buf[2]=(byte)(C>>16);
141 Buf[3]=(byte)(C>>24);
142 D^=Key[1];
143 Buf[4]=(byte)D;
144 Buf[5]=(byte)(D>>8);
145 Buf[6]=(byte)(D>>16);
146 Buf[7]=(byte)(D>>24);
147 A^=Key[2];
148 Buf[8]=(byte)A;
149 Buf[9]=(byte)(A>>8);
150 Buf[10]=(byte)(A>>16);
151 Buf[11]=(byte)(A>>24);
152 B^=Key[3];
153 Buf[12]=(byte)B;
154 Buf[13]=(byte)(B>>8);
155 Buf[14]=(byte)(B>>16);
156 Buf[15]=(byte)(B>>24);
157 #else
158 BufPtr[0]=C^Key[0];
159 BufPtr[1]=D^Key[1];
160 BufPtr[2]=A^Key[2];
161 BufPtr[3]=B^Key[3];
162 #endif
163 UpdKeys(InBuf);
164 }
165
166
UpdKeys(byte * Buf)167 void CryptData::UpdKeys(byte *Buf)
168 {
169 for (int I=0;I<16;I+=4)
170 {
171 Key[0]^=CRCTab[Buf[I]];
172 Key[1]^=CRCTab[Buf[I+1]];
173 Key[2]^=CRCTab[Buf[I+2]];
174 Key[3]^=CRCTab[Buf[I+3]];
175 }
176 }
177
178
Swap(byte * Ch1,byte * Ch2)179 void CryptData::Swap(byte *Ch1,byte *Ch2)
180 {
181 byte Ch=*Ch1;
182 *Ch1=*Ch2;
183 *Ch2=Ch;
184 }
185 #endif
186
187
SetCryptKeys(const wchar * Password,const byte * Salt,bool Encrypt,bool OldOnly,bool HandsOffHash)188 void CryptData::SetCryptKeys(const wchar *Password,const byte *Salt,bool Encrypt,bool OldOnly,bool HandsOffHash)
189 {
190 if (*Password==0)
191 return;
192 if (OldOnly)
193 {
194 #ifndef SFX_MODULE
195 if (CRCTab[1]==0)
196 InitCRC();
197 char Psw[MAXPASSWORD];
198 memset(Psw,0,sizeof(Psw));
199
200 // We need to use ASCII password for older encryption algorithms.
201 WideToChar(Password,Psw,ASIZE(Psw));
202 Psw[ASIZE(Psw)-1]=0;
203
204 size_t PswLength=strlen(Psw);
205
206 SetOldKeys(Psw);
207 Key[0]=0xD3A3B879L;
208 Key[1]=0x3F6D12F7L;
209 Key[2]=0x7515A235L;
210 Key[3]=0xA4E7F123L;
211
212 memcpy(SubstTable,InitSubstTable,sizeof(SubstTable));
213 for (int J=0;J<256;J++)
214 for (size_t I=0;I<PswLength;I+=2)
215 {
216 uint N1=(byte)CRCTab [ (byte(Psw[I]) - J) &0xff];
217 uint N2=(byte)CRCTab [ (byte(Psw[I+1]) + J) &0xff];
218 for (int K=1;N1!=N2;N1=(N1+1)&0xff,K++)
219 Swap(&SubstTable[N1],&SubstTable[(N1+I+K)&0xff]);
220 }
221 for (size_t I=0;I<PswLength;I+=16)
222 EncryptBlock20((byte *)&Psw[I]);
223 #endif
224 return;
225 }
226
227 bool Cached=false;
228 for (uint I=0;I<ASIZE(Cache);I++)
229 if (wcscmp(Cache[I].Password,Password)==0 &&
230 (Salt==NULL && !Cache[I].SaltPresent || Salt!=NULL &&
231 Cache[I].SaltPresent && memcmp(Cache[I].Salt,Salt,SALT_SIZE)==0) &&
232 Cache[I].HandsOffHash==HandsOffHash)
233 {
234 memcpy(AESKey,Cache[I].AESKey,sizeof(AESKey));
235 memcpy(AESInit,Cache[I].AESInit,sizeof(AESInit));
236 Cached=true;
237 break;
238 }
239
240 if (!Cached)
241 {
242 byte RawPsw[2*MAXPASSWORD+SALT_SIZE];
243 WideToRaw(Password,RawPsw);
244 size_t RawLength=2*wcslen(Password);
245 if (Salt!=NULL)
246 {
247 memcpy(RawPsw+RawLength,Salt,SALT_SIZE);
248 RawLength+=SALT_SIZE;
249 }
250 hash_context c;
251 hash_initial(&c);
252
253 const int HashRounds=0x40000;
254 for (int I=0;I<HashRounds;I++)
255 {
256 hash_process( &c, RawPsw, RawLength, HandsOffHash);
257 byte PswNum[3];
258 PswNum[0]=(byte)I;
259 PswNum[1]=(byte)(I>>8);
260 PswNum[2]=(byte)(I>>16);
261 hash_process( &c, PswNum, 3, HandsOffHash);
262 if (I%(HashRounds/16)==0)
263 {
264 hash_context tempc=c;
265 uint32 digest[5];
266 hash_final( &tempc, digest, HandsOffHash);
267 AESInit[I/(HashRounds/16)]=(byte)digest[4];
268 }
269 }
270 uint32 digest[5];
271 hash_final( &c, digest, HandsOffHash);
272 for (int I=0;I<4;I++)
273 for (int J=0;J<4;J++)
274 AESKey[I*4+J]=(byte)(digest[I]>>(J*8));
275
276 wcscpy(Cache[CachePos].Password,Password);
277 if ((Cache[CachePos].SaltPresent=(Salt!=NULL))==true)
278 memcpy(Cache[CachePos].Salt,Salt,SALT_SIZE);
279 Cache[CachePos].HandsOffHash=HandsOffHash;
280 memcpy(Cache[CachePos].AESKey,AESKey,sizeof(AESKey));
281 memcpy(Cache[CachePos].AESInit,AESInit,sizeof(AESInit));
282 CachePos=(CachePos+1)%(sizeof(Cache)/sizeof(Cache[0]));
283 }
284 rin.init(Encrypt ? Rijndael::Encrypt : Rijndael::Decrypt,AESKey,AESInit);
285 }
286
287
288 #ifndef SFX_MODULE
SetOldKeys(const char * Password)289 void CryptData::SetOldKeys(const char *Password)
290 {
291 uint PswCRC=CRC(0xffffffff,Password,strlen(Password));
292 OldKey[0]=PswCRC&0xffff;
293 OldKey[1]=(PswCRC>>16)&0xffff;
294 OldKey[2]=OldKey[3]=0;
295 PN1=PN2=PN3=0;
296 byte Ch;
297 while ((Ch=*Password)!=0)
298 {
299 PN1+=Ch;
300 PN2^=Ch;
301 PN3+=Ch;
302 PN3=(byte)rol(PN3,1,8);
303 OldKey[2]^=Ch^CRCTab[Ch];
304 OldKey[3]+=Ch+(CRCTab[Ch]>>16);
305 Password++;
306 }
307 }
308
309
SetAV15Encryption()310 void CryptData::SetAV15Encryption()
311 {
312 OldKey[0]=0x4765;
313 OldKey[1]=0x9021;
314 OldKey[2]=0x7382;
315 OldKey[3]=0x5215;
316 }
317
318
SetCmt13Encryption()319 void CryptData::SetCmt13Encryption()
320 {
321 PN1=0;
322 PN2=7;
323 PN3=77;
324 }
325
326
Crypt(byte * Data,uint Count,int Method)327 void CryptData::Crypt(byte *Data,uint Count,int Method)
328 {
329 if (Method==OLD_DECODE)
330 Decode13(Data,Count);
331 else
332 if (Method==OLD_ENCODE)
333 Encode13(Data,Count);
334 else
335 Crypt15(Data,Count);
336 }
337
338
Encode13(byte * Data,uint Count)339 void CryptData::Encode13(byte *Data,uint Count)
340 {
341 while (Count--)
342 {
343 PN2+=PN3;
344 PN1+=PN2;
345 *Data+=PN1;
346 Data++;
347 }
348 }
349
350
Decode13(byte * Data,uint Count)351 void CryptData::Decode13(byte *Data,uint Count)
352 {
353 while (Count--)
354 {
355 PN2+=PN3;
356 PN1+=PN2;
357 *Data-=PN1;
358 Data++;
359 }
360 }
361
362
Crypt15(byte * Data,uint Count)363 void CryptData::Crypt15(byte *Data,uint Count)
364 {
365 while (Count--)
366 {
367 OldKey[0]+=0x1234;
368 OldKey[1]^=CRCTab[(OldKey[0] & 0x1fe)>>1];
369 OldKey[2]-=CRCTab[(OldKey[0] & 0x1fe)>>1]>>16;
370 OldKey[0]^=OldKey[2];
371 OldKey[3]=ror(OldKey[3]&0xffff,1,16)^OldKey[1];
372 OldKey[3]=ror(OldKey[3]&0xffff,1,16);
373 OldKey[0]^=OldKey[3];
374 *Data^=(byte)(OldKey[0]>>8);
375 Data++;
376 }
377 }
378 #endif
379
380
381