1 /*****************************************************************************
2 * drms.c: DRMS
3 *****************************************************************************
4 * Copyright (C) 2004 VideoLAN
5 * $Id: drms.c,v 1.1 2005/07/22 01:14:52 twistedddx Exp $
6 *
7 * Authors: Jon Lech Johansen <jon-vl@nanocrew.net>
8 * Sam Hocevar <sam@zoy.org>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
23 *****************************************************************************/
24
25 #include <stdlib.h> /* malloc(), free() */
26
27 #ifndef _WIN32
28 #include "config.h"
29 #endif
30 #include "mp4ffint.h"
31
32 #ifdef ITUNES_DRM
33
34 #ifdef _WIN32
35 # include <io.h>
36 # include <stdio.h>
37 # include <sys/stat.h>
38 # define PATH_MAX MAX_PATH
39 #else
40 # include <stdio.h>
41 #endif
42
43 #ifdef HAVE_ERRNO_H
44 # include <errno.h>
45 #endif
46
47 #ifdef _WIN32
48 # include <tchar.h>
49 # include <shlobj.h>
50 # include <windows.h>
51 #endif
52
53 #ifdef HAVE_SYS_STAT_H
54 # include <sys/stat.h>
55 #endif
56 #ifdef HAVE_SYS_TYPES_H
57 # include <sys/types.h>
58 #endif
59
60 /* In Solaris (and perhaps others) PATH_MAX is in limits.h. */
61 #ifdef HAVE_LIMITS_H
62 # include <limits.h>
63 #endif
64
65 #ifdef HAVE_IOKIT_IOKITLIB_H
66 # include <mach/mach.h>
67 # include <IOKit/IOKitLib.h>
68 # include <CoreFoundation/CFNumber.h>
69 #endif
70
71 #ifdef HAVE_SYSFS_LIBSYSFS_H
72 # include <sysfs/libsysfs.h>
73 #endif
74
75 #include "drms.h"
76 #include "drmstables.h"
77
78 /*****************************************************************************
79 * aes_s: AES keys structure
80 *****************************************************************************
81 * This structure stores a set of keys usable for encryption and decryption
82 * with the AES/Rijndael algorithm.
83 *****************************************************************************/
84 struct aes_s
85 {
86 uint32_t pp_enc_keys[ AES_KEY_COUNT + 1 ][ 4 ];
87 uint32_t pp_dec_keys[ AES_KEY_COUNT + 1 ][ 4 ];
88 };
89
90 /*****************************************************************************
91 * md5_s: MD5 message structure
92 *****************************************************************************
93 * This structure stores the static information needed to compute an MD5
94 * hash. It has an extra data buffer to allow non-aligned writes.
95 *****************************************************************************/
96 struct md5_s
97 {
98 uint64_t i_bits; /* Total written bits */
99 uint32_t p_digest[4]; /* The MD5 digest */
100 uint32_t p_data[16]; /* Buffer to cache non-aligned writes */
101 };
102
103 /*****************************************************************************
104 * shuffle_s: shuffle structure
105 *****************************************************************************
106 * This structure stores the static information needed to shuffle data using
107 * a custom algorithm.
108 *****************************************************************************/
109 struct shuffle_s
110 {
111 uint32_t p_commands[ 20 ];
112 uint32_t p_bordel[ 16 ];
113 };
114
115 /*****************************************************************************
116 * drms_s: DRMS structure
117 *****************************************************************************
118 * This structure stores the static information needed to decrypt DRMS data.
119 *****************************************************************************/
120 struct drms_s
121 {
122 uint32_t i_user;
123 uint32_t i_key;
124 uint8_t p_iviv[ 16 ];
125 uint8_t *p_name;
126
127 uint32_t p_key[ 4 ];
128 struct aes_s aes;
129
130 char psz_homedir[ PATH_MAX ];
131 };
132
133 /*****************************************************************************
134 * Local prototypes
135 *****************************************************************************/
136 static void InitAES ( struct aes_s *, uint32_t * );
137 static void DecryptAES ( struct aes_s *, uint32_t *, const uint32_t * );
138
139 static void InitMD5 ( struct md5_s * );
140 static void AddMD5 ( struct md5_s *, const uint8_t *, uint32_t );
141 static void EndMD5 ( struct md5_s * );
142 static void Digest ( struct md5_s *, uint32_t * );
143
144 static void InitShuffle ( struct shuffle_s *, uint32_t * );
145 static void DoShuffle ( struct shuffle_s *, uint32_t *, uint32_t );
146
147 static int GetSystemKey ( uint32_t *, uint32_t );
148 static int WriteUserKey ( void *, uint32_t * );
149 static int ReadUserKey ( void *, uint32_t * );
150 static int GetUserKey ( void *, uint32_t * );
151
152 static int GetSCIData ( char *, uint32_t **, uint32_t * );
153 static int HashSystemInfo ( uint32_t * );
154 static int GetiPodID ( int64_t * );
155
156 #ifdef WORDS_BIGENDIAN
157 /*****************************************************************************
158 * Reverse: reverse byte order
159 *****************************************************************************/
Reverse(uint32_t * p_buffer,int n)160 static __inline void Reverse( uint32_t *p_buffer, int n )
161 {
162 int i;
163
164 for( i = 0; i < n; i++ )
165 {
166 p_buffer[ i ] = GetDWLE(&p_buffer[ i ]);
167 }
168 }
169 # define REVERSE( p, n ) Reverse( p, n )
170 #else
171 # define REVERSE( p, n )
172 #endif
173
174 /*****************************************************************************
175 * BlockXOR: XOR two 128 bit blocks
176 *****************************************************************************/
BlockXOR(uint32_t * p_dest,uint32_t * p_s1,uint32_t * p_s2)177 static __inline void BlockXOR( uint32_t *p_dest, uint32_t *p_s1, uint32_t *p_s2 )
178 {
179 int i;
180
181 for( i = 0; i < 4; i++ )
182 {
183 p_dest[ i ] = p_s1[ i ] ^ p_s2[ i ];
184 }
185 }
186
187 /*****************************************************************************
188 * drms_alloc: allocate a DRMS structure
189 *****************************************************************************/
drms_alloc(char * psz_homedir)190 void *drms_alloc( char *psz_homedir )
191 {
192 struct drms_s *p_drms;
193
194 p_drms = malloc( sizeof(struct drms_s) );
195
196 if( p_drms == NULL )
197 {
198 return NULL;
199 }
200
201 memset( p_drms, 0, sizeof(struct drms_s) );
202
203 strncpy( p_drms->psz_homedir, psz_homedir, PATH_MAX );
204 p_drms->psz_homedir[ PATH_MAX - 1 ] = '\0';
205
206 return (void *)p_drms;
207 }
208
209 /*****************************************************************************
210 * drms_free: free a previously allocated DRMS structure
211 *****************************************************************************/
drms_free(void * _p_drms)212 void drms_free( void *_p_drms )
213 {
214 struct drms_s *p_drms = (struct drms_s *)_p_drms;
215
216 if( p_drms->p_name != NULL )
217 {
218 free( (void *)p_drms->p_name );
219 }
220
221 free( p_drms );
222 }
223
224 /*****************************************************************************
225 * drms_decrypt: unscramble a chunk of data
226 *****************************************************************************/
drms_decrypt(void * _p_drms,uint32_t * p_buffer,uint32_t i_bytes)227 void drms_decrypt( void *_p_drms, uint32_t *p_buffer, uint32_t i_bytes )
228 {
229 struct drms_s *p_drms = (struct drms_s *)_p_drms;
230 uint32_t p_key[ 4 ];
231 unsigned int i_blocks;
232
233 /* AES is a block cypher, round down the byte count */
234 i_blocks = i_bytes / 16;
235 i_bytes = i_blocks * 16;
236
237 /* Initialise the key */
238 memcpy( p_key, p_drms->p_key, 16 );
239
240 /* Unscramble */
241 while( i_blocks-- )
242 {
243 uint32_t p_tmp[ 4 ];
244
245 REVERSE( p_buffer, 4 );
246 DecryptAES( &p_drms->aes, p_tmp, p_buffer );
247 BlockXOR( p_tmp, p_key, p_tmp );
248
249 /* Use the previous scrambled data as the key for next block */
250 memcpy( p_key, p_buffer, 16 );
251
252 /* Copy unscrambled data back to the buffer */
253 memcpy( p_buffer, p_tmp, 16 );
254 REVERSE( p_buffer, 4 );
255
256 p_buffer += 4;
257 }
258 }
259
260 /*****************************************************************************
261 * drms_init: initialise a DRMS structure
262 *****************************************************************************/
drms_init(void * _p_drms,uint32_t i_type,uint8_t * p_info,uint32_t i_len)263 int drms_init( void *_p_drms, uint32_t i_type,
264 uint8_t *p_info, uint32_t i_len )
265 {
266 struct drms_s *p_drms = (struct drms_s *)_p_drms;
267 int i_ret = 0;
268
269 switch( i_type )
270 {
271 case FOURCC_user:
272 if( i_len < sizeof(p_drms->i_user) )
273 {
274 i_ret = -1;
275 break;
276 }
277
278 p_drms->i_user = U32_AT( p_info );
279 break;
280
281 case FOURCC_key:
282 if( i_len < sizeof(p_drms->i_key) )
283 {
284 i_ret = -1;
285 break;
286 }
287
288 p_drms->i_key = U32_AT( p_info );
289 break;
290
291 case FOURCC_iviv:
292 if( i_len < sizeof(p_drms->p_key) )
293 {
294 i_ret = -1;
295 break;
296 }
297
298 memcpy( p_drms->p_iviv, p_info, 16 );
299 break;
300
301 case FOURCC_name:
302 p_drms->p_name = strdup( p_info );
303
304 if( p_drms->p_name == NULL )
305 {
306 i_ret = -1;
307 }
308 break;
309
310 case FOURCC_priv:
311 {
312 uint32_t p_priv[ 64 ];
313 struct md5_s md5;
314
315 if( i_len < 64 )
316 {
317 i_ret = -1;
318 break;
319 }
320
321 InitMD5( &md5 );
322 AddMD5( &md5, p_drms->p_name, strlen( p_drms->p_name ) );
323 AddMD5( &md5, p_drms->p_iviv, 16 );
324 EndMD5( &md5 );
325
326 if( GetUserKey( p_drms, p_drms->p_key ) )
327 {
328 i_ret = -1;
329 break;
330 }
331
332 InitAES( &p_drms->aes, p_drms->p_key );
333
334 memcpy( p_priv, p_info, 64 );
335 memcpy( p_drms->p_key, md5.p_digest, 16 );
336 drms_decrypt( p_drms, p_priv, 64 );
337 REVERSE( p_priv, 64 );
338
339 if( p_priv[ 0 ] != 0x6e757469 ) /* itun */
340 {
341 i_ret = -1;
342 break;
343 }
344
345 InitAES( &p_drms->aes, p_priv + 6 );
346 memcpy( p_drms->p_key, p_priv + 12, 16 );
347
348 free( (void *)p_drms->p_name );
349 p_drms->p_name = NULL;
350 }
351 break;
352 }
353
354 return i_ret;
355 }
356
357 /* The following functions are local */
358
359 /*****************************************************************************
360 * InitAES: initialise AES/Rijndael encryption/decryption tables
361 *****************************************************************************
362 * The Advanced Encryption Standard (AES) is described in RFC 3268
363 *****************************************************************************/
InitAES(struct aes_s * p_aes,uint32_t * p_key)364 static void InitAES( struct aes_s *p_aes, uint32_t *p_key )
365 {
366 unsigned int i, t;
367 uint32_t i_key, i_seed;
368
369 memset( p_aes->pp_enc_keys[1], 0, 16 );
370 memcpy( p_aes->pp_enc_keys[0], p_key, 16 );
371
372 /* Generate the key tables */
373 i_seed = p_aes->pp_enc_keys[ 0 ][ 3 ];
374
375 for( i_key = 0; i_key < AES_KEY_COUNT; i_key++ )
376 {
377 uint32_t j;
378
379 i_seed = AES_ROR( i_seed, 8 );
380
381 j = p_aes_table[ i_key ];
382
383 j ^= p_aes_encrypt[ (i_seed >> 24) & 0xff ]
384 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 16) & 0xff ], 8 )
385 ^ AES_ROR( p_aes_encrypt[ (i_seed >> 8) & 0xff ], 16 )
386 ^ AES_ROR( p_aes_encrypt[ i_seed & 0xff ], 24 );
387
388 j ^= p_aes->pp_enc_keys[ i_key ][ 0 ];
389 p_aes->pp_enc_keys[ i_key + 1 ][ 0 ] = j;
390 j ^= p_aes->pp_enc_keys[ i_key ][ 1 ];
391 p_aes->pp_enc_keys[ i_key + 1 ][ 1 ] = j;
392 j ^= p_aes->pp_enc_keys[ i_key ][ 2 ];
393 p_aes->pp_enc_keys[ i_key + 1 ][ 2 ] = j;
394 j ^= p_aes->pp_enc_keys[ i_key ][ 3 ];
395 p_aes->pp_enc_keys[ i_key + 1 ][ 3 ] = j;
396
397 i_seed = j;
398 }
399
400 memcpy( p_aes->pp_dec_keys[ 0 ],
401 p_aes->pp_enc_keys[ 0 ], 16 );
402
403 for( i = 1; i < AES_KEY_COUNT; i++ )
404 {
405 for( t = 0; t < 4; t++ )
406 {
407 uint32_t j, k, l, m, n;
408
409 j = p_aes->pp_enc_keys[ i ][ t ];
410
411 k = (((j >> 7) & 0x01010101) * 27) ^ ((j & 0xff7f7f7f) << 1);
412 l = (((k >> 7) & 0x01010101) * 27) ^ ((k & 0xff7f7f7f) << 1);
413 m = (((l >> 7) & 0x01010101) * 27) ^ ((l & 0xff7f7f7f) << 1);
414
415 j ^= m;
416
417 n = AES_ROR( l ^ j, 16 ) ^ AES_ROR( k ^ j, 8 ) ^ AES_ROR( j, 24 );
418
419 p_aes->pp_dec_keys[ i ][ t ] = k ^ l ^ m ^ n;
420 }
421 }
422 }
423
424 /*****************************************************************************
425 * DecryptAES: decrypt an AES/Rijndael 128 bit block
426 *****************************************************************************/
DecryptAES(struct aes_s * p_aes,uint32_t * p_dest,const uint32_t * p_src)427 static void DecryptAES( struct aes_s *p_aes,
428 uint32_t *p_dest, const uint32_t *p_src )
429 {
430 uint32_t p_wtxt[ 4 ]; /* Working cyphertext */
431 uint32_t p_tmp[ 4 ];
432 unsigned int i_round, t;
433
434 for( t = 0; t < 4; t++ )
435 {
436 /* FIXME: are there any endianness issues here? */
437 p_wtxt[ t ] = p_src[ t ] ^ p_aes->pp_enc_keys[ AES_KEY_COUNT ][ t ];
438 }
439
440 /* Rounds 0 - 8 */
441 for( i_round = 0; i_round < (AES_KEY_COUNT - 1); i_round++ )
442 {
443 for( t = 0; t < 4; t++ )
444 {
445 p_tmp[ t ] = AES_XOR_ROR( p_aes_itable, p_wtxt );
446 }
447
448 for( t = 0; t < 4; t++ )
449 {
450 p_wtxt[ t ] = p_tmp[ t ]
451 ^ p_aes->pp_dec_keys[ (AES_KEY_COUNT - 1) - i_round ][ t ];
452 }
453 }
454
455 /* Final round (9) */
456 for( t = 0; t < 4; t++ )
457 {
458 p_dest[ t ] = AES_XOR_ROR( p_aes_decrypt, p_wtxt );
459 p_dest[ t ] ^= p_aes->pp_dec_keys[ 0 ][ t ];
460 }
461 }
462
463 /*****************************************************************************
464 * InitMD5: initialise an MD5 message
465 *****************************************************************************
466 * The MD5 message-digest algorithm is described in RFC 1321
467 *****************************************************************************/
InitMD5(struct md5_s * p_md5)468 static void InitMD5( struct md5_s *p_md5 )
469 {
470 p_md5->p_digest[ 0 ] = 0x67452301;
471 p_md5->p_digest[ 1 ] = 0xefcdab89;
472 p_md5->p_digest[ 2 ] = 0x98badcfe;
473 p_md5->p_digest[ 3 ] = 0x10325476;
474
475 memset( p_md5->p_data, 0, 64 );
476 p_md5->i_bits = 0;
477 }
478
479 /*****************************************************************************
480 * AddMD5: add i_len bytes to an MD5 message
481 *****************************************************************************/
AddMD5(struct md5_s * p_md5,const uint8_t * p_src,uint32_t i_len)482 static void AddMD5( struct md5_s *p_md5, const uint8_t *p_src, uint32_t i_len )
483 {
484 unsigned int i_current; /* Current bytes in the spare buffer */
485 unsigned int i_offset = 0;
486
487 i_current = (p_md5->i_bits / 8) & 63;
488
489 p_md5->i_bits += 8 * i_len;
490
491 /* If we can complete our spare buffer to 64 bytes, do it and add the
492 * resulting buffer to the MD5 message */
493 if( i_len >= (64 - i_current) )
494 {
495 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src,
496 (64 - i_current) );
497 Digest( p_md5, p_md5->p_data );
498
499 i_offset += (64 - i_current);
500 i_len -= (64 - i_current);
501 i_current = 0;
502 }
503
504 /* Add as many entire 64 bytes blocks as we can to the MD5 message */
505 while( i_len >= 64 )
506 {
507 uint32_t p_tmp[ 16 ];
508 memcpy( p_tmp, p_src + i_offset, 64 );
509 Digest( p_md5, p_tmp );
510 i_offset += 64;
511 i_len -= 64;
512 }
513
514 /* Copy our remaining data to the message's spare buffer */
515 memcpy( ((uint8_t *)p_md5->p_data) + i_current, p_src + i_offset, i_len );
516 }
517
518 /*****************************************************************************
519 * EndMD5: finish an MD5 message
520 *****************************************************************************
521 * This function adds adequate padding to the end of the message, and appends
522 * the bit count so that we end at a block boundary.
523 *****************************************************************************/
EndMD5(struct md5_s * p_md5)524 static void EndMD5( struct md5_s *p_md5 )
525 {
526 unsigned int i_current;
527
528 i_current = (p_md5->i_bits / 8) & 63;
529
530 /* Append 0x80 to our buffer. No boundary check because the temporary
531 * buffer cannot be full, otherwise AddMD5 would have emptied it. */
532 ((uint8_t *)p_md5->p_data)[ i_current++ ] = 0x80;
533
534 /* If less than 8 bytes are available at the end of the block, complete
535 * this 64 bytes block with zeros and add it to the message. We'll add
536 * our length at the end of the next block. */
537 if( i_current > 56 )
538 {
539 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (64 - i_current) );
540 Digest( p_md5, p_md5->p_data );
541 i_current = 0;
542 }
543
544 /* Fill the unused space in our last block with zeroes and put the
545 * message length at the end. */
546 memset( ((uint8_t *)p_md5->p_data) + i_current, 0, (56 - i_current) );
547 p_md5->p_data[ 14 ] = p_md5->i_bits & 0xffffffff;
548 p_md5->p_data[ 15 ] = (p_md5->i_bits >> 32);
549 REVERSE( &p_md5->p_data[ 14 ], 2 );
550
551 Digest( p_md5, p_md5->p_data );
552 }
553
554 #define F1( x, y, z ) ((z) ^ ((x) & ((y) ^ (z))))
555 #define F2( x, y, z ) F1((z), (x), (y))
556 #define F3( x, y, z ) ((x) ^ (y) ^ (z))
557 #define F4( x, y, z ) ((y) ^ ((x) | ~(z)))
558
559 #define MD5_DO( f, w, x, y, z, data, s ) \
560 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
561
562 /*****************************************************************************
563 * Digest: update the MD5 digest with 64 bytes of data
564 *****************************************************************************/
Digest(struct md5_s * p_md5,uint32_t * p_input)565 static void Digest( struct md5_s *p_md5, uint32_t *p_input )
566 {
567 uint32_t a, b, c, d;
568
569 REVERSE( p_input, 16 );
570
571 a = p_md5->p_digest[ 0 ];
572 b = p_md5->p_digest[ 1 ];
573 c = p_md5->p_digest[ 2 ];
574 d = p_md5->p_digest[ 3 ];
575
576 MD5_DO( F1, a, b, c, d, p_input[ 0 ] + 0xd76aa478, 7 );
577 MD5_DO( F1, d, a, b, c, p_input[ 1 ] + 0xe8c7b756, 12 );
578 MD5_DO( F1, c, d, a, b, p_input[ 2 ] + 0x242070db, 17 );
579 MD5_DO( F1, b, c, d, a, p_input[ 3 ] + 0xc1bdceee, 22 );
580 MD5_DO( F1, a, b, c, d, p_input[ 4 ] + 0xf57c0faf, 7 );
581 MD5_DO( F1, d, a, b, c, p_input[ 5 ] + 0x4787c62a, 12 );
582 MD5_DO( F1, c, d, a, b, p_input[ 6 ] + 0xa8304613, 17 );
583 MD5_DO( F1, b, c, d, a, p_input[ 7 ] + 0xfd469501, 22 );
584 MD5_DO( F1, a, b, c, d, p_input[ 8 ] + 0x698098d8, 7 );
585 MD5_DO( F1, d, a, b, c, p_input[ 9 ] + 0x8b44f7af, 12 );
586 MD5_DO( F1, c, d, a, b, p_input[ 10 ] + 0xffff5bb1, 17 );
587 MD5_DO( F1, b, c, d, a, p_input[ 11 ] + 0x895cd7be, 22 );
588 MD5_DO( F1, a, b, c, d, p_input[ 12 ] + 0x6b901122, 7 );
589 MD5_DO( F1, d, a, b, c, p_input[ 13 ] + 0xfd987193, 12 );
590 MD5_DO( F1, c, d, a, b, p_input[ 14 ] + 0xa679438e, 17 );
591 MD5_DO( F1, b, c, d, a, p_input[ 15 ] + 0x49b40821, 22 );
592
593 MD5_DO( F2, a, b, c, d, p_input[ 1 ] + 0xf61e2562, 5 );
594 MD5_DO( F2, d, a, b, c, p_input[ 6 ] + 0xc040b340, 9 );
595 MD5_DO( F2, c, d, a, b, p_input[ 11 ] + 0x265e5a51, 14 );
596 MD5_DO( F2, b, c, d, a, p_input[ 0 ] + 0xe9b6c7aa, 20 );
597 MD5_DO( F2, a, b, c, d, p_input[ 5 ] + 0xd62f105d, 5 );
598 MD5_DO( F2, d, a, b, c, p_input[ 10 ] + 0x02441453, 9 );
599 MD5_DO( F2, c, d, a, b, p_input[ 15 ] + 0xd8a1e681, 14 );
600 MD5_DO( F2, b, c, d, a, p_input[ 4 ] + 0xe7d3fbc8, 20 );
601 MD5_DO( F2, a, b, c, d, p_input[ 9 ] + 0x21e1cde6, 5 );
602 MD5_DO( F2, d, a, b, c, p_input[ 14 ] + 0xc33707d6, 9 );
603 MD5_DO( F2, c, d, a, b, p_input[ 3 ] + 0xf4d50d87, 14 );
604 MD5_DO( F2, b, c, d, a, p_input[ 8 ] + 0x455a14ed, 20 );
605 MD5_DO( F2, a, b, c, d, p_input[ 13 ] + 0xa9e3e905, 5 );
606 MD5_DO( F2, d, a, b, c, p_input[ 2 ] + 0xfcefa3f8, 9 );
607 MD5_DO( F2, c, d, a, b, p_input[ 7 ] + 0x676f02d9, 14 );
608 MD5_DO( F2, b, c, d, a, p_input[ 12 ] + 0x8d2a4c8a, 20 );
609
610 MD5_DO( F3, a, b, c, d, p_input[ 5 ] + 0xfffa3942, 4 );
611 MD5_DO( F3, d, a, b, c, p_input[ 8 ] + 0x8771f681, 11 );
612 MD5_DO( F3, c, d, a, b, p_input[ 11 ] + 0x6d9d6122, 16 );
613 MD5_DO( F3, b, c, d, a, p_input[ 14 ] + 0xfde5380c, 23 );
614 MD5_DO( F3, a, b, c, d, p_input[ 1 ] + 0xa4beea44, 4 );
615 MD5_DO( F3, d, a, b, c, p_input[ 4 ] + 0x4bdecfa9, 11 );
616 MD5_DO( F3, c, d, a, b, p_input[ 7 ] + 0xf6bb4b60, 16 );
617 MD5_DO( F3, b, c, d, a, p_input[ 10 ] + 0xbebfbc70, 23 );
618 MD5_DO( F3, a, b, c, d, p_input[ 13 ] + 0x289b7ec6, 4 );
619 MD5_DO( F3, d, a, b, c, p_input[ 0 ] + 0xeaa127fa, 11 );
620 MD5_DO( F3, c, d, a, b, p_input[ 3 ] + 0xd4ef3085, 16 );
621 MD5_DO( F3, b, c, d, a, p_input[ 6 ] + 0x04881d05, 23 );
622 MD5_DO( F3, a, b, c, d, p_input[ 9 ] + 0xd9d4d039, 4 );
623 MD5_DO( F3, d, a, b, c, p_input[ 12 ] + 0xe6db99e5, 11 );
624 MD5_DO( F3, c, d, a, b, p_input[ 15 ] + 0x1fa27cf8, 16 );
625 MD5_DO( F3, b, c, d, a, p_input[ 2 ] + 0xc4ac5665, 23 );
626
627 MD5_DO( F4, a, b, c, d, p_input[ 0 ] + 0xf4292244, 6 );
628 MD5_DO( F4, d, a, b, c, p_input[ 7 ] + 0x432aff97, 10 );
629 MD5_DO( F4, c, d, a, b, p_input[ 14 ] + 0xab9423a7, 15 );
630 MD5_DO( F4, b, c, d, a, p_input[ 5 ] + 0xfc93a039, 21 );
631 MD5_DO( F4, a, b, c, d, p_input[ 12 ] + 0x655b59c3, 6 );
632 MD5_DO( F4, d, a, b, c, p_input[ 3 ] + 0x8f0ccc92, 10 );
633 MD5_DO( F4, c, d, a, b, p_input[ 10 ] + 0xffeff47d, 15 );
634 MD5_DO( F4, b, c, d, a, p_input[ 1 ] + 0x85845dd1, 21 );
635 MD5_DO( F4, a, b, c, d, p_input[ 8 ] + 0x6fa87e4f, 6 );
636 MD5_DO( F4, d, a, b, c, p_input[ 15 ] + 0xfe2ce6e0, 10 );
637 MD5_DO( F4, c, d, a, b, p_input[ 6 ] + 0xa3014314, 15 );
638 MD5_DO( F4, b, c, d, a, p_input[ 13 ] + 0x4e0811a1, 21 );
639 MD5_DO( F4, a, b, c, d, p_input[ 4 ] + 0xf7537e82, 6 );
640 MD5_DO( F4, d, a, b, c, p_input[ 11 ] + 0xbd3af235, 10 );
641 MD5_DO( F4, c, d, a, b, p_input[ 2 ] + 0x2ad7d2bb, 15 );
642 MD5_DO( F4, b, c, d, a, p_input[ 9 ] + 0xeb86d391, 21 );
643
644 p_md5->p_digest[ 0 ] += a;
645 p_md5->p_digest[ 1 ] += b;
646 p_md5->p_digest[ 2 ] += c;
647 p_md5->p_digest[ 3 ] += d;
648 }
649
650 /*****************************************************************************
651 * InitShuffle: initialise a shuffle structure
652 *****************************************************************************
653 * This function initialises tables in the p_shuffle structure that will be
654 * used later by DoShuffle. The only external parameter is p_sys_key.
655 *****************************************************************************/
InitShuffle(struct shuffle_s * p_shuffle,uint32_t * p_sys_key)656 static void InitShuffle( struct shuffle_s *p_shuffle, uint32_t *p_sys_key )
657 {
658 char p_secret1[] = "Tv!*";
659 static char const p_secret2[] = "v8rhvsaAvOKMFfUH%798=[;."
660 "f8677680a634ba87fnOIf)(*";
661 unsigned int i;
662
663 /* Fill p_commands using the key and a secret seed */
664 for( i = 0; i < 20; i++ )
665 {
666 struct md5_s md5;
667 int32_t i_hash;
668
669 InitMD5( &md5 );
670 AddMD5( &md5, (uint8_t *)p_sys_key, 16 );
671 AddMD5( &md5, (uint8_t *)p_secret1, 4 );
672 EndMD5( &md5 );
673
674 p_secret1[ 3 ]++;
675
676 REVERSE( md5.p_digest, 1 );
677 i_hash = ((int32_t)U32_AT(md5.p_digest)) % 1024;
678
679 p_shuffle->p_commands[ i ] = i_hash < 0 ? i_hash * -1 : i_hash;
680 }
681
682 /* Fill p_bordel with completely meaningless initial values. */
683 for( i = 0; i < 4; i++ )
684 {
685 p_shuffle->p_bordel[ 4 * i ] = U32_AT(p_sys_key + i);
686 memcpy( p_shuffle->p_bordel + 4 * i + 1, p_secret2 + 12 * i, 12 );
687 REVERSE( p_shuffle->p_bordel + 4 * i + 1, 3 );
688 }
689 }
690
691 /*****************************************************************************
692 * DoShuffle: shuffle buffer
693 *****************************************************************************
694 * This is so ugly and uses so many MD5 checksums that it is most certainly
695 * one-way, though why it needs to be so complicated is beyond me.
696 *****************************************************************************/
DoShuffle(struct shuffle_s * p_shuffle,uint32_t * p_buffer,uint32_t i_size)697 static void DoShuffle( struct shuffle_s *p_shuffle,
698 uint32_t *p_buffer, uint32_t i_size )
699 {
700 struct md5_s md5;
701 uint32_t p_big_bordel[ 16 ];
702 uint32_t *p_bordel = p_shuffle->p_bordel;
703 unsigned int i;
704
705 /* Using the MD5 hash of a memory block is probably not one-way enough
706 * for the iTunes people. This function randomises p_bordel depending on
707 * the values in p_commands to make things even more messy in p_bordel. */
708 for( i = 0; i < 20; i++ )
709 {
710 uint8_t i_command, i_index;
711
712 if( !p_shuffle->p_commands[ i ] )
713 {
714 continue;
715 }
716
717 i_command = (p_shuffle->p_commands[ i ] & 0x300) >> 8;
718 i_index = p_shuffle->p_commands[ i ] & 0xff;
719
720 switch( i_command )
721 {
722 case 0x3:
723 p_bordel[ i_index & 0xf ] = p_bordel[ i_index >> 4 ]
724 + p_bordel[ ((i_index + 0x10) >> 4) & 0xf ];
725 break;
726 case 0x2:
727 p_bordel[ i_index >> 4 ] ^= p_shuffle_xor[ 0xff - i_index ];
728 break;
729 case 0x1:
730 p_bordel[ i_index >> 4 ] -= p_shuffle_sub[ 0xff - i_index ];
731 break;
732 default:
733 p_bordel[ i_index >> 4 ] += p_shuffle_add[ 0xff - i_index ];
734 break;
735 }
736 }
737
738 /* Convert our newly randomised p_bordel to big endianness and take
739 * its MD5 hash. */
740 InitMD5( &md5 );
741 for( i = 0; i < 16; i++ )
742 {
743 p_big_bordel[ i ] = U32_AT(p_bordel + i);
744 }
745 AddMD5( &md5, (uint8_t *)p_big_bordel, 64 );
746 EndMD5( &md5 );
747
748 /* XOR our buffer with the computed checksum */
749 for( i = 0; i < i_size; i++ )
750 {
751 p_buffer[ i ] ^= md5.p_digest[ i ];
752 }
753 }
754
755 /*****************************************************************************
756 * GetSystemKey: get the system key
757 *****************************************************************************
758 * Compute the system key from various system information, see HashSystemInfo.
759 *****************************************************************************/
GetSystemKey(uint32_t * p_sys_key,uint32_t b_ipod)760 static int GetSystemKey( uint32_t *p_sys_key, uint32_t b_ipod )
761 {
762 static char const p_secret1[ 8 ] = "YuaFlafu";
763 static char const p_secret2[ 8 ] = "zPif98ga";
764 struct md5_s md5;
765 int64_t i_ipod_id;
766 uint32_t p_system_hash[ 4 ];
767
768 /* Compute the MD5 hash of our system info */
769 if( ( !b_ipod && HashSystemInfo( p_system_hash ) ) ||
770 ( b_ipod && GetiPodID( &i_ipod_id ) ) )
771 {
772 return -1;
773 }
774
775 /* Combine our system info hash with additional secret data. The resulting
776 * MD5 hash will be our system key. */
777 InitMD5( &md5 );
778 AddMD5( &md5, p_secret1, 8 );
779
780 if( !b_ipod )
781 {
782 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
783 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
784 AddMD5( &md5, (uint8_t *)p_system_hash, 6 );
785 AddMD5( &md5, p_secret2, 8 );
786 }
787 else
788 {
789 i_ipod_id = U64_AT(&i_ipod_id);
790 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
791 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
792 AddMD5( &md5, (uint8_t *)&i_ipod_id, sizeof(i_ipod_id) );
793 }
794
795 EndMD5( &md5 );
796
797 memcpy( p_sys_key, md5.p_digest, 16 );
798
799 return 0;
800 }
801
802 #ifdef _WIN32
803 # define DRMS_DIRNAME "drms"
804 #else
805 # define DRMS_DIRNAME ".drms"
806 #endif
807
808 /*****************************************************************************
809 * WriteUserKey: write the user key to hard disk
810 *****************************************************************************
811 * Write the user key to the hard disk so that it can be reused later or used
812 * on operating systems other than Win32.
813 *****************************************************************************/
WriteUserKey(void * _p_drms,uint32_t * p_user_key)814 static int WriteUserKey( void *_p_drms, uint32_t *p_user_key )
815 {
816 struct drms_s *p_drms = (struct drms_s *)_p_drms;
817 FILE *file;
818 int i_ret = -1;
819 char psz_path[ PATH_MAX ];
820
821 sprintf( psz_path, /* PATH_MAX - 1, */
822 "%s/" DRMS_DIRNAME, p_drms->psz_homedir );
823
824 #if defined( HAVE_ERRNO_H )
825 # if defined( _WIN32 )
826 if( !mkdir( psz_path ) || errno == EEXIST )
827 # else
828 if( !mkdir( psz_path, 0755 ) || errno == EEXIST )
829 # endif
830 #else
831 if( !mkdir( psz_path ) )
832 #endif
833 {
834 sprintf( psz_path, /*PATH_MAX - 1,*/ "%s/" DRMS_DIRNAME "/%08X.%03d",
835 p_drms->psz_homedir, p_drms->i_user, p_drms->i_key );
836
837 file = fopen( psz_path, "w" );
838 if( file != NULL )
839 {
840 i_ret = fwrite( p_user_key, sizeof(uint32_t),
841 4, file ) == 4 ? 0 : -1;
842 fclose( file );
843 }
844 }
845
846 return i_ret;
847 }
848
849 /*****************************************************************************
850 * ReadUserKey: read the user key from hard disk
851 *****************************************************************************
852 * Retrieve the user key from the hard disk if available.
853 *****************************************************************************/
ReadUserKey(void * _p_drms,uint32_t * p_user_key)854 static int ReadUserKey( void *_p_drms, uint32_t *p_user_key )
855 {
856 struct drms_s *p_drms = (struct drms_s *)_p_drms;
857 FILE *file;
858 int i_ret = -1;
859 char psz_path[ PATH_MAX ];
860
861 sprintf( psz_path, /*PATH_MAX - 1,*/
862 "%s/" DRMS_DIRNAME "/%08X.%03d", p_drms->psz_homedir,
863 p_drms->i_user, p_drms->i_key );
864
865 file = fopen( psz_path, "r" );
866 if( file != NULL )
867 {
868 i_ret = fread( p_user_key, sizeof(uint32_t),
869 4, file ) == 4 ? 0 : -1;
870 fclose( file );
871 }
872
873 return i_ret;
874 }
875
876 /*****************************************************************************
877 * GetUserKey: get the user key
878 *****************************************************************************
879 * Retrieve the user key from the hard disk if available, otherwise generate
880 * it from the system key. If the key could be successfully generated, write
881 * it to the hard disk for future use.
882 *****************************************************************************/
GetUserKey(void * _p_drms,uint32_t * p_user_key)883 static int GetUserKey( void *_p_drms, uint32_t *p_user_key )
884 {
885 static char const p_secret[] = "mUfnpognadfgf873";
886 struct drms_s *p_drms = (struct drms_s *)_p_drms;
887 struct aes_s aes;
888 struct shuffle_s shuffle;
889 uint32_t i, y;
890 uint32_t *p_sci_data;
891 uint32_t i_user, i_key;
892 uint32_t p_sys_key[ 4 ];
893 uint32_t i_sci_size, i_blocks, i_remaining;
894 uint32_t *p_sci0, *p_sci1, *p_buffer;
895 uint32_t p_sci_key[ 4 ];
896 char *psz_ipod;
897 int i_ret = -1;
898
899 if( !ReadUserKey( p_drms, p_user_key ) )
900 {
901 REVERSE( p_user_key, 4 );
902 return 0;
903 }
904
905 psz_ipod = getenv( "IPOD" );
906
907 if( GetSystemKey( p_sys_key, psz_ipod ? 1 : 0 ) )
908 {
909 return -1;
910 }
911
912 if( GetSCIData( psz_ipod, &p_sci_data, &i_sci_size ) )
913 {
914 return -1;
915 }
916
917 /* Phase 1: unscramble the SCI data using the system key and shuffle
918 * it using DoShuffle(). */
919
920 /* Skip the first 4 bytes (some sort of header). Decrypt the rest. */
921 i_blocks = (i_sci_size - 4) / 16;
922 i_remaining = (i_sci_size - 4) - (i_blocks * 16);
923 p_buffer = p_sci_data + 1;
924
925 /* Decrypt and shuffle our data at the same time */
926 InitAES( &aes, p_sys_key );
927 REVERSE( p_sys_key, 4 );
928 InitShuffle( &shuffle, p_sys_key );
929
930 memcpy( p_sci_key, p_secret, 16 );
931 REVERSE( p_sci_key, 4 );
932
933 while( i_blocks-- )
934 {
935 uint32_t p_tmp[ 4 ];
936
937 REVERSE( p_buffer, 4 );
938 DecryptAES( &aes, p_tmp, p_buffer );
939 BlockXOR( p_tmp, p_sci_key, p_tmp );
940
941 /* Use the previous scrambled data as the key for next block */
942 memcpy( p_sci_key, p_buffer, 16 );
943
944 /* Shuffle the decrypted data using a custom routine */
945 DoShuffle( &shuffle, p_tmp, 4 );
946
947 /* Copy this block back to p_buffer */
948 memcpy( p_buffer, p_tmp, 16 );
949
950 p_buffer += 4;
951 }
952
953 if( i_remaining >= 4 )
954 {
955 i_remaining /= 4;
956 REVERSE( p_buffer, i_remaining );
957 DoShuffle( &shuffle, p_buffer, i_remaining );
958 }
959
960 /* Phase 2: look for the user key in the generated data. I must admit I
961 * do not understand what is going on here, because it almost
962 * looks like we are browsing data that makes sense, even though
963 * the DoShuffle() part made it completely meaningless. */
964
965 y = 0;
966 REVERSE( p_sci_data + 5, 1 );
967 i = U32_AT( p_sci_data + 5 );
968 i_sci_size -= 22 * sizeof(uint32_t);
969 p_sci1 = p_sci_data + 22;
970 p_sci0 = NULL;
971
972 while( i_sci_size >= 20 && i > 0 )
973 {
974 if( p_sci0 == NULL )
975 {
976 i_sci_size -= 18 * sizeof(uint32_t);
977 if( i_sci_size < 20 )
978 {
979 break;
980 }
981
982 p_sci0 = p_sci1;
983 REVERSE( p_sci1 + 17, 1 );
984 y = U32_AT( p_sci1 + 17 );
985 p_sci1 += 18;
986 }
987
988 if( !y )
989 {
990 i--;
991 p_sci0 = NULL;
992 continue;
993 }
994
995 i_user = U32_AT( p_sci0 );
996 i_key = U32_AT( p_sci1 );
997 REVERSE( &i_user, 1 );
998 REVERSE( &i_key, 1 );
999 if( i_user == p_drms->i_user && ( ( i_key == p_drms->i_key ) ||
1000 ( !p_drms->i_key && ( p_sci1 == (p_sci0 + 18) ) ) ) )
1001 {
1002 memcpy( p_user_key, p_sci1 + 1, 16 );
1003 REVERSE( p_sci1 + 1, 4 );
1004 WriteUserKey( p_drms, p_sci1 + 1 );
1005 i_ret = 0;
1006 break;
1007 }
1008
1009 y--;
1010 p_sci1 += 5;
1011 i_sci_size -= 5 * sizeof(uint32_t);
1012 }
1013
1014 free( p_sci_data );
1015
1016 return i_ret;
1017 }
1018
1019 /*****************************************************************************
1020 * GetSCIData: get SCI data from "SC Info.sidb"
1021 *****************************************************************************
1022 * Read SCI data from "\Apple Computer\iTunes\SC Info\SC Info.sidb"
1023 *****************************************************************************/
GetSCIData(char * psz_ipod,uint32_t ** pp_sci,uint32_t * pi_sci_size)1024 static int GetSCIData( char *psz_ipod, uint32_t **pp_sci,
1025 uint32_t *pi_sci_size )
1026 {
1027 FILE *file;
1028 char *psz_path = NULL;
1029 char p_tmp[ PATH_MAX ];
1030 int i_ret = -1;
1031
1032 if( psz_ipod == NULL )
1033 {
1034 //TODO: fix this at some point
1035 #ifdef FORFUTUREADDION_WIN32
1036 char *p_filename = "\\Apple Computer\\iTunes\\SC Info\\SC Info.sidb";
1037 typedef HRESULT (WINAPI *SHGETFOLDERPATH)( HWND, int, HANDLE, DWORD,
1038 LPSTR );
1039 HINSTANCE shfolder_dll = NULL;
1040 SHGETFOLDERPATH dSHGetFolderPath = NULL;
1041
1042 if( ( shfolder_dll = LoadLibrary( _T("SHFolder.dll") ) ) != NULL )
1043 {
1044 dSHGetFolderPath =
1045 (SHGETFOLDERPATH)GetProcAddress( shfolder_dll,
1046 _T("SHGetFolderPathA") );
1047 }
1048
1049 if( dSHGetFolderPath != NULL &&
1050 SUCCEEDED( dSHGetFolderPath( NULL, /*CSIDL_COMMON_APPDATA*/ 0x0023,
1051 NULL, 0, p_tmp ) ) )
1052 {
1053 strncat( p_tmp, p_filename, min( strlen( p_filename ),
1054 (sizeof(p_tmp)/sizeof(p_tmp[0]) - 1) -
1055 strlen( p_tmp ) ) );
1056 psz_path = p_tmp;
1057 }
1058
1059 if( shfolder_dll != NULL )
1060 {
1061 FreeLibrary( shfolder_dll );
1062 }
1063 #endif
1064 }
1065 else
1066 {
1067 #define ISCINFO "iSCInfo"
1068 if( strstr( psz_ipod, ISCINFO ) == NULL )
1069 {
1070 sprintf( p_tmp, /*sizeof(p_tmp)/sizeof(p_tmp[0]) - 1,*/
1071 "%s/iPod_Control/iTunes/" ISCINFO, psz_ipod );
1072 psz_path = p_tmp;
1073 }
1074 else
1075 {
1076 psz_path = psz_ipod;
1077 }
1078 }
1079
1080 if( psz_path == NULL )
1081 {
1082 return -1;
1083 }
1084
1085 file = fopen( psz_path, "r" );
1086 if( file != NULL )
1087 {
1088 struct stat st;
1089
1090 if( !fstat( fileno( file ), &st ) )
1091 {
1092 *pp_sci = malloc( st.st_size );
1093 if( *pp_sci != NULL )
1094 {
1095 if( fread( *pp_sci, 1, st.st_size,
1096 file ) == (size_t)st.st_size )
1097 {
1098 *pi_sci_size = st.st_size;
1099 i_ret = 0;
1100 }
1101 else
1102 {
1103 free( (void *)*pp_sci );
1104 *pp_sci = NULL;
1105 }
1106 }
1107 }
1108
1109 fclose( file );
1110 }
1111
1112 return i_ret;
1113 }
1114
1115 /*****************************************************************************
1116 * HashSystemInfo: hash system information
1117 *****************************************************************************
1118 * This function computes the MD5 hash of the C: hard drive serial number,
1119 * BIOS version, CPU type and Windows version.
1120 *****************************************************************************/
HashSystemInfo(uint32_t * p_system_hash)1121 static int HashSystemInfo( uint32_t *p_system_hash )
1122 {
1123 struct md5_s md5;
1124 int i_ret = 0;
1125
1126 #ifdef _WIN32
1127 HKEY i_key;
1128 unsigned int i;
1129 DWORD i_size;
1130 DWORD i_serial;
1131 LPBYTE p_reg_buf;
1132
1133 static LPCTSTR p_reg_keys[ 3 ][ 2 ] =
1134 {
1135 {
1136 _T("HARDWARE\\DESCRIPTION\\System"),
1137 _T("SystemBiosVersion")
1138 },
1139
1140 {
1141 _T("HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"),
1142 _T("ProcessorNameString")
1143 },
1144
1145 {
1146 _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion"),
1147 _T("ProductId")
1148 }
1149 };
1150
1151 InitMD5( &md5 );
1152
1153 AddMD5( &md5, "cache-control", 13 );
1154 AddMD5( &md5, "Ethernet", 8 );
1155
1156 GetVolumeInformation( _T("C:\\"), NULL, 0, &i_serial,
1157 NULL, NULL, NULL, 0 );
1158 AddMD5( &md5, (uint8_t *)&i_serial, 4 );
1159
1160 for( i = 0; i < sizeof(p_reg_keys) / sizeof(p_reg_keys[ 0 ]); i++ )
1161 {
1162 if( RegOpenKeyEx( HKEY_LOCAL_MACHINE, p_reg_keys[ i ][ 0 ],
1163 0, KEY_READ, &i_key ) != ERROR_SUCCESS )
1164 {
1165 continue;
1166 }
1167
1168 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1169 NULL, NULL, NULL, &i_size ) != ERROR_SUCCESS )
1170 {
1171 RegCloseKey( i_key );
1172 continue;
1173 }
1174
1175 p_reg_buf = malloc( i_size );
1176
1177 if( p_reg_buf != NULL )
1178 {
1179 if( RegQueryValueEx( i_key, p_reg_keys[ i ][ 1 ],
1180 NULL, NULL, p_reg_buf,
1181 &i_size ) == ERROR_SUCCESS )
1182 {
1183 AddMD5( &md5, (uint8_t *)p_reg_buf, i_size );
1184 }
1185
1186 free( p_reg_buf );
1187 }
1188
1189 RegCloseKey( i_key );
1190 }
1191
1192 #else
1193 InitMD5( &md5 );
1194 i_ret = -1;
1195 #endif
1196
1197 EndMD5( &md5 );
1198 memcpy( p_system_hash, md5.p_digest, 16 );
1199
1200 return i_ret;
1201 }
1202
1203 /*****************************************************************************
1204 * GetiPodID: Get iPod ID
1205 *****************************************************************************
1206 * This function gets the iPod ID.
1207 *****************************************************************************/
GetiPodID(int64_t * p_ipod_id)1208 static int GetiPodID( int64_t *p_ipod_id )
1209 {
1210 int i_ret = -1;
1211
1212 #define PROD_NAME "iPod"
1213 #define VENDOR_NAME "Apple Computer, Inc."
1214
1215 char *psz_ipod_id = getenv( "IPODID" );
1216 if( psz_ipod_id != NULL )
1217 {
1218 #ifndef _WIN32
1219 *p_ipod_id = strtoll( psz_ipod_id, NULL, 16 );
1220 #else
1221 *p_ipod_id = strtol( psz_ipod_id, NULL, 16 );
1222 #endif
1223 return 0;
1224 }
1225
1226 #ifdef HAVE_IOKIT_IOKITLIB_H
1227 CFTypeRef value;
1228 mach_port_t port;
1229 io_object_t device;
1230 io_iterator_t iterator;
1231 CFMutableDictionaryRef matching_dic;
1232
1233 if( IOMasterPort( MACH_PORT_NULL, &port ) == KERN_SUCCESS )
1234 {
1235 if( ( matching_dic = IOServiceMatching( "IOFireWireUnit" ) ) != NULL )
1236 {
1237 CFDictionarySetValue( matching_dic,
1238 CFSTR("FireWire Vendor Name"),
1239 CFSTR(VENDOR_NAME) );
1240 CFDictionarySetValue( matching_dic,
1241 CFSTR("FireWire Product Name"),
1242 CFSTR(PROD_NAME) );
1243
1244 if( IOServiceGetMatchingServices( port, matching_dic,
1245 &iterator ) == KERN_SUCCESS )
1246 {
1247 while( ( device = IOIteratorNext( iterator ) ) != NULL )
1248 {
1249 value = IORegistryEntryCreateCFProperty( device,
1250 CFSTR("GUID"), kCFAllocatorDefault, kNilOptions );
1251
1252 if( value != NULL )
1253 {
1254 if( CFGetTypeID( value ) == CFNumberGetTypeID() )
1255 {
1256 int64_t i_ipod_id;
1257 CFNumberGetValue( (CFNumberRef)value,
1258 kCFNumberLongLongType,
1259 &i_ipod_id );
1260 *p_ipod_id = i_ipod_id;
1261 i_ret = 0;
1262 }
1263
1264 CFRelease( value );
1265 }
1266
1267 IOObjectRelease( device );
1268
1269 if( !i_ret ) break;
1270 }
1271
1272 IOObjectRelease( iterator );
1273 }
1274 }
1275
1276 mach_port_deallocate( mach_task_self(), port );
1277 }
1278
1279 #elif HAVE_SYSFS_LIBSYSFS_H
1280 struct sysfs_bus *bus = NULL;
1281 struct dlist *devlist = NULL;
1282 struct dlist *attributes = NULL;
1283 struct sysfs_device *curdev = NULL;
1284 struct sysfs_attribute *curattr = NULL;
1285
1286 bus = sysfs_open_bus( "ieee1394" );
1287 if( bus != NULL )
1288 {
1289 devlist = sysfs_get_bus_devices( bus );
1290 if( devlist != NULL )
1291 {
1292 dlist_for_each_data( devlist, curdev, struct sysfs_device )
1293 {
1294 attributes = sysfs_get_device_attributes( curdev );
1295 if( attributes != NULL )
1296 {
1297 dlist_for_each_data( attributes, curattr,
1298 struct sysfs_attribute )
1299 {
1300 if( ( strcmp( curattr->name, "model_name" ) == 0 ) &&
1301 ( strncmp( curattr->value, PROD_NAME,
1302 sizeof(PROD_NAME) ) == 0 ) )
1303 {
1304 *p_ipod_id = strtoll( curdev->name, NULL, 16 );
1305 i_ret = 0;
1306 break;
1307 }
1308 }
1309 }
1310
1311 if( !i_ret ) break;
1312 }
1313 }
1314
1315 sysfs_close_bus( bus );
1316 }
1317 #endif
1318
1319 return i_ret;
1320 }
1321
1322 #endif
1323