1 #define MODULE_LOG_PREFIX "gbox"
6 #include "minilzo/minilzo.h"
7 #include "oscam-string.h"
10 uint16_t gbox_get_caid(uint32_t caprovid
)
12 if ((caprovid
>> 24) == 0x05)
15 { return caprovid
>> 16; }
18 uint32_t gbox_get_provid(uint32_t caprovid
)
22 switch(caprovid
>> 24)
25 provid
= caprovid
& 0xFFFFFF;
28 case 0x0D: // Cryptoworx
29 provid
= (caprovid
>> 8) & 0xFF;
33 provid
= caprovid
& 0xFFFF;
39 uint32_t gbox_get_caprovid(uint16_t caid
, uint32_t prid
)
41 uint32_t caprovid
= 0;
46 caprovid
= (caid
>> 8) << 24 | (prid
& 0xFFFFFF);
49 case 0x0D: // Cryptoworks
50 caprovid
= (caid
>> 8) << 24 | (caid
& 0xFF) << 16 | ((prid
<< 8) & 0xFF00);
54 caprovid
= (caid
>> 8) << 24 | (caid
& 0xFF) << 16;
58 caprovid
= (caid
>> 8) << 24 | (caid
& 0xFF) << 16 | (prid
& 0xFFFF);
64 static void gbox_convert_pw(uint8_t *password
, uint32_t pw
)
67 for(i
= 3; i
>= 0; i
--)
69 password
[3 - i
] = (pw
>> (8 * i
)) & 0xff;
73 uint32_t gbox_get_checksum(uint8_t *buf
, uint16_t buflen
)
83 for(counter
= 1; counter
< (buflen
/ 4) - 4; counter
++)
85 checksum
[3] ^= buf
[counter
* 4];
86 checksum
[2] ^= buf
[counter
* 4 + 1];
87 checksum
[1] ^= buf
[counter
* 4 + 2];
88 checksum
[0] ^= buf
[counter
* 4 + 3];
91 return checksum
[3] << 24 | checksum
[2] << 16 | checksum
[1] << 8 | checksum
[0];
94 ////////////////////////////////////////////////////////////////////////////////
95 // GBOX BUFFER ENCRYPTION/DECRYPTION (thanks to dvbcrypt@gmail.com)
96 ////////////////////////////////////////////////////////////////////////////////
98 static uint8_t Lookup_Table
[0x40] =
100 0x25, 0x38, 0xD4, 0xCD, 0x17, 0x7A, 0x5E, 0x6C, 0x52, 0x42, 0xFE, 0x68, 0xAB, 0x3F, 0xF7, 0xBE,
101 0x47, 0x57, 0x71, 0xB0, 0x23, 0xC1, 0x26, 0x6C, 0x41, 0xCE, 0x94, 0x37, 0x45, 0x04, 0xA2, 0xEA,
102 0x07, 0x58, 0x35, 0x55, 0x08, 0x2A, 0x0F, 0xE7, 0xAC, 0x76, 0xF0, 0xC1, 0xE6, 0x09, 0x10, 0xDD,
103 0xC5, 0x8D, 0x2E, 0xD9, 0x03, 0x9C, 0x3D, 0x2C, 0x4D, 0x41, 0x0C, 0x5E, 0xDE, 0xE4, 0x90, 0xAE
106 static void gbox_encrypt8(uint8_t *buffer
, uint8_t *pass
)
112 for(passcounter
= 0; passcounter
< 4; passcounter
++)
114 for(bufcounter
= 7; bufcounter
>= 0; bufcounter
--)
117 pass
[3] = (pass
[3] / 2) + (pass
[2] & 1) * 0x80;
118 pass
[2] = (pass
[2] / 2) + (pass
[1] & 1) * 0x80;
119 pass
[1] = (pass
[1] / 2) + (pass
[0] & 1) * 0x80;
120 pass
[0] = (pass
[0] / 2) + (temp
& 1) * 0x80;
121 buffer
[(bufcounter
+ 1) & 7] = buffer
[(bufcounter
+ 1) & 7 ] - Lookup_Table
[(buffer
[bufcounter
] >> 2) & 0x3F ];
122 buffer
[(bufcounter
+ 1) & 7] = Lookup_Table
[(buffer
[bufcounter
] - pass
[(bufcounter
+ 1) & 3]) & 0x3F ] ^ buffer
[(bufcounter
+ 1) & 7 ];
123 buffer
[(bufcounter
+ 1) & 7] = buffer
[(bufcounter
+ 1) & 7 ] - pass
[(bufcounter
& 3)];
128 static void gbox_decrypt8(uint8_t *buffer
, uint8_t *pass
)
134 for(passcounter
= 3; passcounter
>= 0; passcounter
--)
136 for(bufcounter
= 0; bufcounter
<= 7; bufcounter
++)
138 buffer
[(bufcounter
+ 1) & 7] = pass
[bufcounter
& 3] + buffer
[(bufcounter
+ 1) & 7];
139 temp
= buffer
[bufcounter
] - pass
[(bufcounter
+ 1) & 3];
140 buffer
[(bufcounter
+ 1) & 7] = Lookup_Table
[temp
& 0x3F] ^ buffer
[(bufcounter
+ 1) & 7];
141 temp
= buffer
[bufcounter
] >> 2;
142 buffer
[(bufcounter
+ 1) & 7] = Lookup_Table
[temp
& 0x3F] + buffer
[(bufcounter
+ 1) & 7];
143 temp
= pass
[0] & 0x80;
144 pass
[0] = ((pass
[1] & 0x80) >> 7) + (pass
[0] << 1);
145 pass
[1] = ((pass
[2] & 0x80) >> 7) + (pass
[1] << 1);
146 pass
[2] = ((pass
[3] & 0x80) >> 7) + (pass
[2] << 1);
147 pass
[3] = (temp
>> 7) + (pass
[3] << 1);
152 static void gbox_decryptB(uint8_t *buffer
, int bufsize
, uint8_t *localkey
)
155 gbox_encrypt8(&buffer
[bufsize
- 9], localkey
);
156 gbox_decrypt8(buffer
, localkey
);
157 for(counter
= bufsize
- 2; counter
>= 0; counter
--)
158 { buffer
[counter
] = buffer
[counter
+ 1] ^ buffer
[counter
]; }
161 static void gbox_encryptB(uint8_t *buffer
, int bufsize
, uint8_t *key
)
164 for(counter
= 0; counter
< (bufsize
- 1); counter
++)
165 { buffer
[counter
] = buffer
[counter
+ 1] ^ buffer
[counter
]; }
166 gbox_encrypt8(buffer
, key
);
167 gbox_decrypt8(&buffer
[bufsize
- 9], key
);
170 static void gbox_encryptA(uint8_t *buffer
, uint8_t *pass
)
175 for(counter
= 0x1F; counter
>= 0; counter
--)
178 pass
[3] = ((pass
[2] & 1) << 7) + (pass
[3] >> 1);
179 pass
[2] = ((pass
[1] & 1) << 7) + (pass
[2] >> 1);
180 pass
[1] = ((pass
[0] & 1) << 7) + (pass
[1] >> 1);
181 pass
[0] = (temp
<< 7) + (pass
[0] >> 1);
182 temp
= (pass
[(counter
+ 1) & 3] ^ buffer
[counter
& 7]) >> 2;
183 buffer
[(counter
+ 1) & 7] = Lookup_Table
[temp
& 0x3F] * 2 + buffer
[(counter
+ 1) & 7 ];
184 temp
= buffer
[counter
& 7] - pass
[(counter
+ 1) & 3];
185 buffer
[(counter
+ 1) & 7] = Lookup_Table
[temp
& 0x3F] ^ buffer
[(counter
+ 1) & 7];
186 buffer
[(counter
+ 1) & 7] = pass
[counter
& 3] + buffer
[(counter
+ 1) & 7];
190 static void gbox_decryptA(uint8_t *buffer
, uint8_t *pass
)
195 for(counter
= 0; counter
<= 0x1F; counter
++)
197 buffer
[(counter
+ 1) & 7] = buffer
[(counter
+ 1) & 7] - pass
[counter
& 3];
198 temp
= buffer
[counter
& 7] - pass
[(counter
+ 1) & 3];
199 buffer
[(counter
+ 1) & 7] = Lookup_Table
[temp
& 0x3F] ^ buffer
[(counter
+ 1) & 7];
200 temp
= (pass
[(counter
+ 1) & 3] ^ buffer
[counter
& 7]) >> 2;
201 buffer
[(counter
+ 1) & 7] = buffer
[(counter
+ 1) & 7] - Lookup_Table
[temp
& 0x3F] * 2;
202 temp
= pass
[0] & 0x80;
203 pass
[0] = ((pass
[1] & 0x80) >> 7) + (pass
[0] << 1);
204 pass
[1] = ((pass
[2] & 0x80) >> 7) + (pass
[1] << 1);
205 pass
[2] = ((pass
[3] & 0x80) >> 7) + (pass
[2] << 1);
206 pass
[3] = (temp
>> 7) + (pass
[3] << 1);
210 void gbox_encrypt(uint8_t *buffer
, int bufsize
, uint32_t key
)
213 gbox_convert_pw(&pass
[0], key
);
214 gbox_encryptA(buffer
, &pass
[0]);
215 gbox_encryptB(buffer
, bufsize
, &pass
[0]);
218 void gbox_decrypt(uint8_t *buffer
, int bufsize
, uint32_t localkey
)
221 gbox_convert_pw(&pass
[0], localkey
);
222 gbox_decryptB(buffer
, bufsize
, &pass
[0]);
223 gbox_decryptA(buffer
, &pass
[0]);
226 void gbox_compress(uint8_t *buf
, int32_t unpacked_len
, int32_t *packed_len
)
231 if(!cs_malloc(&tmp
, 0x40000))
236 if(!cs_malloc(&tmp2
, 0x40000))
242 if(!cs_malloc(&wrkmem
, unpacked_len
* 0x1000))
250 memcpy(tmp2
, buf
+ 12, unpacked_len
);
254 if(lzo1x_1_compress(tmp2
, unpacked_len
, tmp
, &pl
, wrkmem
) != LZO_E_OK
)
255 { cs_log("compression failed!"); }
257 memcpy(buf
+ 12, tmp
, pl
);
265 void gbox_decompress(uint8_t *buf
, int32_t *unpacked_len
)
268 if(!cs_malloc(&tmp
, 0x40000))
272 int len
= *unpacked_len
- 12;
273 *unpacked_len
= 0x40000;
276 if((err
= lzo1x_decompress_safe(buf
+ 12, len
, tmp
, (lzo_uint
*)unpacked_len
, NULL
)) != LZO_E_OK
)
277 { cs_log_dbg(D_READER
, "gbox: decompression failed! errno=%d", err
); }
279 memcpy(buf
+ 12, tmp
, *unpacked_len
);