|
rlm@1
|
1 // Crypto/Rar20Crypto.cpp
|
|
rlm@1
|
2
|
|
rlm@1
|
3 #include "StdAfx.h"
|
|
rlm@1
|
4
|
|
rlm@1
|
5 extern "C"
|
|
rlm@1
|
6 {
|
|
rlm@1
|
7 #include "../../../C/7zCrc.h"
|
|
rlm@1
|
8 #include "../../../C/CpuArch.h"
|
|
rlm@1
|
9 #include "../../../C/RotateDefs.h"
|
|
rlm@1
|
10 }
|
|
rlm@1
|
11
|
|
rlm@1
|
12 #include "Rar20Crypto.h"
|
|
rlm@1
|
13
|
|
rlm@1
|
14 namespace NCrypto {
|
|
rlm@1
|
15 namespace NRar20 {
|
|
rlm@1
|
16
|
|
rlm@1
|
17 static const int kNumRounds = 32;
|
|
rlm@1
|
18
|
|
rlm@1
|
19 static const Byte InitSubstTable[256] = {
|
|
rlm@1
|
20 215, 19,149, 35, 73,197,192,205,249, 28, 16,119, 48,221, 2, 42,
|
|
rlm@1
|
21 232, 1,177,233, 14, 88,219, 25,223,195,244, 90, 87,239,153,137,
|
|
rlm@1
|
22 255,199,147, 70, 92, 66,246, 13,216, 40, 62, 29,217,230, 86, 6,
|
|
rlm@1
|
23 71, 24,171,196,101,113,218,123, 93, 91,163,178,202, 67, 44,235,
|
|
rlm@1
|
24 107,250, 75,234, 49,167,125,211, 83,114,157,144, 32,193,143, 36,
|
|
rlm@1
|
25 158,124,247,187, 89,214,141, 47,121,228, 61,130,213,194,174,251,
|
|
rlm@1
|
26 97,110, 54,229,115, 57,152, 94,105,243,212, 55,209,245, 63, 11,
|
|
rlm@1
|
27 164,200, 31,156, 81,176,227, 21, 76, 99,139,188,127, 17,248, 51,
|
|
rlm@1
|
28 207,120,189,210, 8,226, 41, 72,183,203,135,165,166, 60, 98, 7,
|
|
rlm@1
|
29 122, 38,155,170, 69,172,252,238, 39,134, 59,128,236, 27,240, 80,
|
|
rlm@1
|
30 131, 3, 85,206,145, 79,154,142,159,220,201,133, 74, 64, 20,129,
|
|
rlm@1
|
31 224,185,138,103,173,182, 43, 34,254, 82,198,151,231,180, 58, 10,
|
|
rlm@1
|
32 118, 26,102, 12, 50,132, 22,191,136,111,162,179, 45, 4,148,108,
|
|
rlm@1
|
33 161, 56, 78,126,242,222, 15,175,146, 23, 33,241,181,190, 77,225,
|
|
rlm@1
|
34 0, 46,169,186, 68, 95,237, 65, 53,208,253,168, 9, 18,100, 52,
|
|
rlm@1
|
35 116,184,160, 96,109, 37, 30,106,140,104,150, 5,204,117,112, 84
|
|
rlm@1
|
36 };
|
|
rlm@1
|
37
|
|
rlm@1
|
38 void CData::UpdateKeys(const Byte *data)
|
|
rlm@1
|
39 {
|
|
rlm@1
|
40 for (int i = 0; i < 16; i += 4)
|
|
rlm@1
|
41 for (int j = 0; j < 4; j++)
|
|
rlm@1
|
42 Keys[j] ^= g_CrcTable[data[i + j]];
|
|
rlm@1
|
43 }
|
|
rlm@1
|
44
|
|
rlm@1
|
45 static void Swap(Byte *b1, Byte *b2)
|
|
rlm@1
|
46 {
|
|
rlm@1
|
47 Byte b = *b1;
|
|
rlm@1
|
48 *b1 = *b2;
|
|
rlm@1
|
49 *b2 = b;
|
|
rlm@1
|
50 }
|
|
rlm@1
|
51
|
|
rlm@1
|
52 void CData::SetPassword(const Byte *password, UInt32 passwordLen)
|
|
rlm@1
|
53 {
|
|
rlm@1
|
54 Keys[0] = 0xD3A3B879L;
|
|
rlm@1
|
55 Keys[1] = 0x3F6D12F7L;
|
|
rlm@1
|
56 Keys[2] = 0x7515A235L;
|
|
rlm@1
|
57 Keys[3] = 0xA4E7F123L;
|
|
rlm@1
|
58
|
|
rlm@1
|
59 Byte psw[256];
|
|
rlm@1
|
60 memset(psw, 0, sizeof(psw));
|
|
rlm@1
|
61 memcpy(psw, password, passwordLen);
|
|
rlm@1
|
62 memcpy(SubstTable, InitSubstTable, sizeof(SubstTable));
|
|
rlm@1
|
63
|
|
rlm@1
|
64 for (UInt32 j = 0; j < 256; j++)
|
|
rlm@1
|
65 for (UInt32 i = 0; i < passwordLen; i += 2)
|
|
rlm@1
|
66 {
|
|
rlm@1
|
67 UInt32 n2 = (Byte)g_CrcTable[(psw[i + 1] + j) & 0xFF];
|
|
rlm@1
|
68 UInt32 n1 = (Byte)g_CrcTable[(psw[i] - j) & 0xFF];
|
|
rlm@1
|
69 for (UInt32 k = 1; (n1 & 0xFF) != n2; n1++, k++)
|
|
rlm@1
|
70 Swap(&SubstTable[n1 & 0xFF], &SubstTable[(n1 + i + k) & 0xFF]);
|
|
rlm@1
|
71 }
|
|
rlm@1
|
72 for (UInt32 i = 0; i < passwordLen; i+= 16)
|
|
rlm@1
|
73 EncryptBlock(&psw[i]);
|
|
rlm@1
|
74 }
|
|
rlm@1
|
75
|
|
rlm@1
|
76 void CData::CryptBlock(Byte *buf, bool encrypt)
|
|
rlm@1
|
77 {
|
|
rlm@1
|
78 Byte inBuf[16];
|
|
rlm@1
|
79 UInt32 A, B, C, D, T, TA, TB;
|
|
rlm@1
|
80
|
|
rlm@1
|
81 A = GetUi32(buf + 0) ^ Keys[0];
|
|
rlm@1
|
82 B = GetUi32(buf + 4) ^ Keys[1];
|
|
rlm@1
|
83 C = GetUi32(buf + 8) ^ Keys[2];
|
|
rlm@1
|
84 D = GetUi32(buf + 12) ^ Keys[3];
|
|
rlm@1
|
85
|
|
rlm@1
|
86 if (!encrypt)
|
|
rlm@1
|
87 memcpy(inBuf, buf, sizeof(inBuf));
|
|
rlm@1
|
88
|
|
rlm@1
|
89 for (int i = 0; i < kNumRounds; i++)
|
|
rlm@1
|
90 {
|
|
rlm@1
|
91 UInt32 key = Keys[(encrypt ? i : (kNumRounds - 1 - i)) & 3];
|
|
rlm@1
|
92 T = ((C + rotlFixed(D, 11)) ^ key);
|
|
rlm@1
|
93 TA = A ^ SubstLong(T);
|
|
rlm@1
|
94 T = ((D ^ rotlFixed(C, 17)) + key);
|
|
rlm@1
|
95 TB = B ^ SubstLong(T);
|
|
rlm@1
|
96 A = C;
|
|
rlm@1
|
97 B = D;
|
|
rlm@1
|
98 C = TA;
|
|
rlm@1
|
99 D = TB;
|
|
rlm@1
|
100 }
|
|
rlm@1
|
101
|
|
rlm@1
|
102 SetUi32(buf + 0, C ^ Keys[0]);
|
|
rlm@1
|
103 SetUi32(buf + 4, D ^ Keys[1]);
|
|
rlm@1
|
104 SetUi32(buf + 8, A ^ Keys[2]);
|
|
rlm@1
|
105 SetUi32(buf + 12, B ^ Keys[3]);
|
|
rlm@1
|
106
|
|
rlm@1
|
107 UpdateKeys(encrypt ? buf : inBuf);
|
|
rlm@1
|
108 }
|
|
rlm@1
|
109
|
|
rlm@1
|
110 STDMETHODIMP CDecoder::CryptoSetPassword(const Byte *data, UInt32 size)
|
|
rlm@1
|
111 {
|
|
rlm@1
|
112 _cipher.SetPassword(data, size);
|
|
rlm@1
|
113 return S_OK;
|
|
rlm@1
|
114 }
|
|
rlm@1
|
115
|
|
rlm@1
|
116 STDMETHODIMP CDecoder::Init()
|
|
rlm@1
|
117 {
|
|
rlm@1
|
118 return S_OK;
|
|
rlm@1
|
119 }
|
|
rlm@1
|
120
|
|
rlm@1
|
121 static const UInt32 kBlockSize = 16;
|
|
rlm@1
|
122
|
|
rlm@1
|
123 STDMETHODIMP_(UInt32) CDecoder::Filter(Byte *data, UInt32 size)
|
|
rlm@1
|
124 {
|
|
rlm@1
|
125 if (size == 0)
|
|
rlm@1
|
126 return 0;
|
|
rlm@1
|
127 if (size < kBlockSize)
|
|
rlm@1
|
128 return kBlockSize;
|
|
rlm@1
|
129 UInt32 i;
|
|
rlm@1
|
130 size -= kBlockSize;
|
|
rlm@1
|
131 for (i = 0; i <= size; i += kBlockSize)
|
|
rlm@1
|
132 _cipher.DecryptBlock(data + i);
|
|
rlm@1
|
133 return i;
|
|
rlm@1
|
134 }
|
|
rlm@1
|
135
|
|
rlm@1
|
136 }}
|
