CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
hrydgard

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: hrydgard/ppsspp
 Path: blob/master/ext/libkirk/kirk_engine.c
Views: 1401
1
/*

2
  Draan proudly presents:

3
  

4
  With huge help from community:

5
  coyotebean, Davee, hitchhikr, kgsws, liquidzigong, Mathieulh, Proxima, SilverSpring

6
  

7
  ******************** KIRK-ENGINE ********************

8
  An Open-Source implementation of KIRK (PSP crypto engine) algorithms and keys.

9
  Includes also additional routines for hash forging.

10
  

11
  ********************

12
  

13
  This program is free software: you can redistribute it and/or modify

14
  it under the terms of the GNU General Public License as published by

15
  the Free Software Foundation, either version 3 of the License, or

16
  (at your option) any later version.

17


18
  This program is distributed in the hope that it will be useful,

19
  but WITHOUT ANY WARRANTY; without even the implied warranty of

20
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

21
  GNU General Public License for more details.

22


23
  You should have received a copy of the GNU General Public License

24
  along with this program.  If not, see <http://www.gnu.org/licenses/>.

25
*/

26


27
#include <stdio.h>

28
#include <stdlib.h>

29
#include <string.h>

30
#include <time.h>

31
#include "kirk_engine.h"

32
#include "AES.h"

33
#include "SHA1.h"

34


35
/* ------------------------- KEY VAULT ------------------------- */

36
unsigned char keyvault[0x80][0x10] =

37
{

38
    {0x2C, 0x92, 0xE5, 0x90, 0x2B, 0x86, 0xC1, 0x06, 0xB7, 0x2E, 0xEA, 0x6C, 0xD4, 0xEC, 0x72, 0x48},

39
    {0x05, 0x8D, 0xC8, 0x0B, 0x33, 0xA5, 0xBF, 0x9D, 0x56, 0x98, 0xFA, 0xE0, 0xD3, 0x71, 0x5E, 0x1F},

40
    {0xB8, 0x13, 0xC3, 0x5E, 0xC6, 0x44, 0x41, 0xE3, 0xDC, 0x3C, 0x16, 0xF5, 0xB4, 0x5E, 0x64, 0x84},

41
    {0x98, 0x02, 0xC4, 0xE6, 0xEC, 0x9E, 0x9E, 0x2F, 0xFC, 0x63, 0x4C, 0xE4, 0x2F, 0xBB, 0x46, 0x68},

42
    {0x99, 0x24, 0x4C, 0xD2, 0x58, 0xF5, 0x1B, 0xCB, 0xB0, 0x61, 0x9C, 0xA7, 0x38, 0x30, 0x07, 0x5F},

43
    {0x02, 0x25, 0xD7, 0xBA, 0x63, 0xEC, 0xB9, 0x4A, 0x9D, 0x23, 0x76, 0x01, 0xB3, 0xF6, 0xAC, 0x17},

44
    {0x60, 0x99, 0xF2, 0x81, 0x70, 0x56, 0x0E, 0x5F, 0x74, 0x7C, 0xB5, 0x20, 0xC0, 0xCD, 0xC2, 0x3C},

45
    {0x76, 0x36, 0x8B, 0x43, 0x8F, 0x77, 0xD8, 0x7E, 0xFE, 0x5F, 0xB6, 0x11, 0x59, 0x39, 0x88, 0x5C},

46
    {0x14, 0xA1, 0x15, 0xEB, 0x43, 0x4A, 0x1B, 0xA4, 0x90, 0x5E, 0x03, 0xB6, 0x17, 0xA1, 0x5C, 0x04},

47
    {0xE6, 0x58, 0x03, 0xD9, 0xA7, 0x1A, 0xA8, 0x7F, 0x05, 0x9D, 0x22, 0x9D, 0xAF, 0x54, 0x53, 0xD0},

48
    {0xBA, 0x34, 0x80, 0xB4, 0x28, 0xA7, 0xCA, 0x5F, 0x21, 0x64, 0x12, 0xF7, 0x0F, 0xBB, 0x73, 0x23},

49
    {0x72, 0xAD, 0x35, 0xAC, 0x9A, 0xC3, 0x13, 0x0A, 0x77, 0x8C, 0xB1, 0x9D, 0x88, 0x55, 0x0B, 0x0C},

50
    {0x84, 0x85, 0xC8, 0x48, 0x75, 0x08, 0x43, 0xBC, 0x9B, 0x9A, 0xEC, 0xA7, 0x9C, 0x7F, 0x60, 0x18},

51
    {0xB5, 0xB1, 0x6E, 0xDE, 0x23, 0xA9, 0x7B, 0x0E, 0xA1, 0x7C, 0xDB, 0xA2, 0xDC, 0xDE, 0xC4, 0x6E},

52
    {0xC8, 0x71, 0xFD, 0xB3, 0xBC, 0xC5, 0xD2, 0xF2, 0xE2, 0xD7, 0x72, 0x9D, 0xDF, 0x82, 0x68, 0x82},

53
    {0x0A, 0xBB, 0x33, 0x6C, 0x96, 0xD4, 0xCD, 0xD8, 0xCB, 0x5F, 0x4B, 0xE0, 0xBA, 0xDB, 0x9E, 0x03},

54
    {0x32, 0x29, 0x5B, 0xD5, 0xEA, 0xF7, 0xA3, 0x42, 0x16, 0xC8, 0x8E, 0x48, 0xFF, 0x50, 0xD3, 0x71},

55
    {0x46, 0xF2, 0x5E, 0x8E, 0x4D, 0x2A, 0xA5, 0x40, 0x73, 0x0B, 0xC4, 0x6E, 0x47, 0xEE, 0x6F, 0x0A},

56
    {0x5D, 0xC7, 0x11, 0x39, 0xD0, 0x19, 0x38, 0xBC, 0x02, 0x7F, 0xDD, 0xDC, 0xB0, 0x83, 0x7D, 0x9D},

57
    {0x51, 0xDD, 0x65, 0xF0, 0x71, 0xA4, 0xE5, 0xEA, 0x6A, 0xAF, 0x12, 0x19, 0x41, 0x29, 0xB8, 0xF4},

58
    {0x03, 0x76, 0x3C, 0x68, 0x65, 0xC6, 0x9B, 0x0F, 0xFE, 0x8F, 0xD8, 0xEE, 0xA4, 0x36, 0x16, 0xA0},

59
    {0x7D, 0x50, 0xB8, 0x5C, 0xAF, 0x67, 0x69, 0xF0, 0xE5, 0x4A, 0xA8, 0x09, 0x8B, 0x0E, 0xBE, 0x1C},

60
    {0x72, 0x68, 0x4B, 0x32, 0xAC, 0x3B, 0x33, 0x2F, 0x2A, 0x7A, 0xFC, 0x9E, 0x14, 0xD5, 0x6F, 0x6B},

61
    {0x20, 0x1D, 0x31, 0x96, 0x4A, 0xD9, 0x9F, 0xBF, 0x32, 0xD5, 0xD6, 0x1C, 0x49, 0x1B, 0xD9, 0xFC},

62
    {0xF8, 0xD8, 0x44, 0x63, 0xD6, 0x10, 0xD1, 0x2A, 0x44, 0x8E, 0x96, 0x90, 0xA6, 0xBB, 0x0B, 0xAD},

63
    {0x5C, 0xD4, 0x05, 0x7F, 0xA1, 0x30, 0x60, 0x44, 0x0A, 0xD9, 0xB6, 0x74, 0x5F, 0x24, 0x4F, 0x4E},

64
    {0xF4, 0x8A, 0xD6, 0x78, 0x59, 0x9C, 0x22, 0xC1, 0xD4, 0x11, 0x93, 0x3D, 0xF8, 0x45, 0xB8, 0x93},

65
    {0xCA, 0xE7, 0xD2, 0x87, 0xA2, 0xEC, 0xC1, 0xCD, 0x94, 0x54, 0x2B, 0x5E, 0x1D, 0x94, 0x88, 0xB2},

66
    {0xDE, 0x26, 0xD3, 0x7A, 0x39, 0x95, 0x6C, 0x2A, 0xD8, 0xC3, 0xA6, 0xAF, 0x21, 0xEB, 0xB3, 0x01},

67
    {0x7C, 0xB6, 0x8B, 0x4D, 0xA3, 0x8D, 0x1D, 0xD9, 0x32, 0x67, 0x9C, 0xA9, 0x9F, 0xFB, 0x28, 0x52},

68
    {0xA0, 0xB5, 0x56, 0xB4, 0x69, 0xAB, 0x36, 0x8F, 0x36, 0xDE, 0xC9, 0x09, 0x2E, 0xCB, 0x41, 0xB1},

69
    {0x93, 0x9D, 0xE1, 0x9B, 0x72, 0x5F, 0xEE, 0xE2, 0x45, 0x2A, 0xBC, 0x17, 0x06, 0xD1, 0x47, 0x69},

70
    {0xA4, 0xA4, 0xE6, 0x21, 0x38, 0x2E, 0xF1, 0xAF, 0x7B, 0x17, 0x7A, 0xE8, 0x42, 0xAD, 0x00, 0x31},

71
    {0xC3, 0x7F, 0x13, 0xE8, 0xCF, 0x84, 0xDB, 0x34, 0x74, 0x7B, 0xC3, 0xA0, 0xF1, 0x9D, 0x3A, 0x73},

72
    {0x2B, 0xF7, 0x83, 0x8A, 0xD8, 0x98, 0xE9, 0x5F, 0xA5, 0xF9, 0x01, 0xDA, 0x61, 0xFE, 0x35, 0xBB},

73
    {0xC7, 0x04, 0x62, 0x1E, 0x71, 0x4A, 0x66, 0xEA, 0x62, 0xE0, 0x4B, 0x20, 0x3D, 0xB8, 0xC2, 0xE5},

74
    {0xC9, 0x33, 0x85, 0x9A, 0xAB, 0x00, 0xCD, 0xCE, 0x4D, 0x8B, 0x8E, 0x9F, 0x3D, 0xE6, 0xC0, 0x0F},

75
    {0x18, 0x42, 0x56, 0x1F, 0x2B, 0x5F, 0x34, 0xE3, 0x51, 0x3E, 0xB7, 0x89, 0x77, 0x43, 0x1A, 0x65},

76
    {0xDC, 0xB0, 0xA0, 0x06, 0x5A, 0x50, 0xA1, 0x4E, 0x59, 0xAC, 0x97, 0x3F, 0x17, 0x58, 0xA3, 0xA3},

77
    {0xC4, 0xDB, 0xAE, 0x83, 0xE2, 0x9C, 0xF2, 0x54, 0xA3, 0xDD, 0x37, 0x4E, 0x80, 0x7B, 0xF4, 0x25},

78
    {0xBF, 0xAE, 0xEB, 0x49, 0x82, 0x65, 0xC5, 0x7C, 0x64, 0xB8, 0xC1, 0x7E, 0x19, 0x06, 0x44, 0x09},

79
    {0x79, 0x7C, 0xEC, 0xC3, 0xB3, 0xEE, 0x0A, 0xC0, 0x3B, 0xD8, 0xE6, 0xC1, 0xE0, 0xA8, 0xB1, 0xA4},

80
    {0x75, 0x34, 0xFE, 0x0B, 0xD6, 0xD0, 0xC2, 0x8D, 0x68, 0xD4, 0xE0, 0x2A, 0xE7, 0xD5, 0xD1, 0x55},

81
    {0xFA, 0xB3, 0x53, 0x26, 0x97, 0x4F, 0x4E, 0xDF, 0xE4, 0xC3, 0xA8, 0x14, 0xC3, 0x2F, 0x0F, 0x88},

82
    {0xEC, 0x97, 0xB3, 0x86, 0xB4, 0x33, 0xC6, 0xBF, 0x4E, 0x53, 0x9D, 0x95, 0xEB, 0xB9, 0x79, 0xE4},

83
    {0xB3, 0x20, 0xA2, 0x04, 0xCF, 0x48, 0x06, 0x29, 0xB5, 0xDD, 0x8E, 0xFC, 0x98, 0xD4, 0x17, 0x7B},

84
    {0x5D, 0xFC, 0x0D, 0x4F, 0x2C, 0x39, 0xDA, 0x68, 0x4A, 0x33, 0x74, 0xED, 0x49, 0x58, 0xA7, 0x3A},

85
    {0xD7, 0x5A, 0x54, 0x22, 0xCE, 0xD9, 0xA3, 0xD6, 0x2B, 0x55, 0x7D, 0x8D, 0xE8, 0xBE, 0xC7, 0xEC},

86
    {0x6B, 0x4A, 0xEE, 0x43, 0x45, 0xAE, 0x70, 0x07, 0xCF, 0x8D, 0xCF, 0x4E, 0x4A, 0xE9, 0x3C, 0xFA},

87
    {0x2B, 0x52, 0x2F, 0x66, 0x4C, 0x2D, 0x11, 0x4C, 0xFE, 0x61, 0x31, 0x8C, 0x56, 0x78, 0x4E, 0xA6},

88
    {0x3A, 0xA3, 0x4E, 0x44, 0xC6, 0x6F, 0xAF, 0x7B, 0xFA, 0xE5, 0x53, 0x27, 0xEF, 0xCF, 0xCC, 0x24},

89
    {0x2B, 0x5C, 0x78, 0xBF, 0xC3, 0x8E, 0x49, 0x9D, 0x41, 0xC3, 0x3C, 0x5C, 0x7B, 0x27, 0x96, 0xCE},

90
    {0xF3, 0x7E, 0xEA, 0xD2, 0xC0, 0xC8, 0x23, 0x1D, 0xA9, 0x9B, 0xFA, 0x49, 0x5D, 0xB7, 0x08, 0x1B},

91
    {0x70, 0x8D, 0x4E, 0x6F, 0xD1, 0xF6, 0x6F, 0x1D, 0x1E, 0x1F, 0xCB, 0x02, 0xF9, 0xB3, 0x99, 0x26},

92
    {0x0F, 0x67, 0x16, 0xE1, 0x80, 0x69, 0x9C, 0x51, 0xFC, 0xC7, 0xAD, 0x6E, 0x4F, 0xB8, 0x46, 0xC9},

93
    {0x56, 0x0A, 0x49, 0x4A, 0x84, 0x4C, 0x8E, 0xD9, 0x82, 0xEE, 0x0B, 0x6D, 0xC5, 0x7D, 0x20, 0x8D},

94
    {0x12, 0x46, 0x8D, 0x7E, 0x1C, 0x42, 0x20, 0x9B, 0xBA, 0x54, 0x26, 0x83, 0x5E, 0xB0, 0x33, 0x03},

95
    {0xC4, 0x3B, 0xB6, 0xD6, 0x53, 0xEE, 0x67, 0x49, 0x3E, 0xA9, 0x5F, 0xBC, 0x0C, 0xED, 0x6F, 0x8A},

96
    {0x2C, 0xC3, 0xCF, 0x8C, 0x28, 0x78, 0xA5, 0xA6, 0x63, 0xE2, 0xAF, 0x2D, 0x71, 0x5E, 0x86, 0xBA},

97
    {0x83, 0x3D, 0xA7, 0x0C, 0xED, 0x6A, 0x20, 0x12, 0xD1, 0x96, 0xE6, 0xFE, 0x5C, 0x4D, 0x37, 0xC5},

98
    {0xC7, 0x43, 0xD0, 0x67, 0x42, 0xEE, 0x90, 0xB8, 0xCA, 0x75, 0x50, 0x35, 0x20, 0xAD, 0xBC, 0xCE},

99
    {0x8A, 0xE3, 0x66, 0x3F, 0x8D, 0x9E, 0x82, 0xA1, 0xED, 0xE6, 0x8C, 0x9C, 0xE8, 0x25, 0x6D, 0xAA},

100
    {0x7F, 0xC9, 0x6F, 0x0B, 0xB1, 0x48, 0x5C, 0xA5, 0x5D, 0xD3, 0x64, 0xB7, 0x7A, 0xF5, 0xE4, 0xEA},

101
    {0x91, 0xB7, 0x65, 0x78, 0x8B, 0xCB, 0x8B, 0xD4, 0x02, 0xED, 0x55, 0x3A, 0x66, 0x62, 0xD0, 0xAD},

102
    {0x28, 0x24, 0xF9, 0x10, 0x1B, 0x8D, 0x0F, 0x7B, 0x6E, 0xB2, 0x63, 0xB5, 0xB5, 0x5B, 0x2E, 0xBB},

103
    {0x30, 0xE2, 0x57, 0x5D, 0xE0, 0xA2, 0x49, 0xCE, 0xE8, 0xCF, 0x2B, 0x5E, 0x4D, 0x9F, 0x52, 0xC7},

104
    {0x5E, 0xE5, 0x04, 0x39, 0x62, 0x32, 0x02, 0xFA, 0x85, 0x39, 0x3F, 0x72, 0xBB, 0x77, 0xFD, 0x1A},

105
    {0xF8, 0x81, 0x74, 0xB1, 0xBD, 0xE9, 0xBF, 0xDD, 0x45, 0xE2, 0xF5, 0x55, 0x89, 0xCF, 0x46, 0xAB},

106
    {0x7D, 0xF4, 0x92, 0x65, 0xE3, 0xFA, 0xD6, 0x78, 0xD6, 0xFE, 0x78, 0xAD, 0xBB, 0x3D, 0xFB, 0x63},

107
    {0x74, 0x7F, 0xD6, 0x2D, 0xC7, 0xA1, 0xCA, 0x96, 0xE2, 0x7A, 0xCE, 0xFF, 0xAA, 0x72, 0x3F, 0xF7},

108
    {0x1E, 0x58, 0xEB, 0xD0, 0x65, 0xBB, 0xF1, 0x68, 0xC5, 0xBD, 0xF7, 0x46, 0xBA, 0x7B, 0xE1, 0x00},

109
    {0x24, 0x34, 0x7D, 0xAF, 0x5E, 0x4B, 0x35, 0x72, 0x7A, 0x52, 0x27, 0x6B, 0xA0, 0x54, 0x74, 0xDB},

110
    {0x09, 0xB1, 0xC7, 0x05, 0xC3, 0x5F, 0x53, 0x66, 0x77, 0xC0, 0xEB, 0x36, 0x77, 0xDF, 0x83, 0x07},

111
    {0xCC, 0xBE, 0x61, 0x5C, 0x05, 0xA2, 0x00, 0x33, 0x37, 0x8E, 0x59, 0x64, 0xA7, 0xDD, 0x70, 0x3D},

112
    {0x0D, 0x47, 0x50, 0xBB, 0xFC, 0xB0, 0x02, 0x81, 0x30, 0xE1, 0x84, 0xDE, 0xA8, 0xD4, 0x84, 0x13},

113
    {0x0C, 0xFD, 0x67, 0x9A, 0xF9, 0xB4, 0x72, 0x4F, 0xD7, 0x8D, 0xD6, 0xE9, 0x96, 0x42, 0x28, 0x8B},

114
    {0x7A, 0xD3, 0x1A, 0x8B, 0x4B, 0xEF, 0xC2, 0xC2, 0xB3, 0x99, 0x01, 0xA9, 0xFE, 0x76, 0xB9, 0x87},

115
    {0xBE, 0x78, 0x78, 0x17, 0xC7, 0xF1, 0x6F, 0x1A, 0xE0, 0xEF, 0x3B, 0xDE, 0x4C, 0xC2, 0xD7, 0x86},

116
    {0x7C, 0xD8, 0xB8, 0x91, 0x91, 0x0A, 0x43, 0x14, 0xD0, 0x53, 0x3D, 0xD8, 0x4C, 0x45, 0xBE, 0x16},

117
    {0x32, 0x72, 0x2C, 0x88, 0x07, 0xCF, 0x35, 0x7D, 0x4A, 0x2F, 0x51, 0x19, 0x44, 0xAE, 0x68, 0xDA},

118
    {0x7E, 0x6B, 0xBF, 0xF6, 0xF6, 0x87, 0xB8, 0x98, 0xEE, 0xB5, 0x1B, 0x32, 0x16, 0xE4, 0x6E, 0x5D},

119
    {0x08, 0xEA, 0x5A, 0x83, 0x49, 0xB5, 0x9D, 0xB5, 0x3E, 0x07, 0x79, 0xB1, 0x9A, 0x59, 0xA3, 0x54},

120
    {0xF3, 0x12, 0x81, 0xBF, 0xE6, 0x9F, 0x51, 0xD1, 0x64, 0x08, 0x25, 0x21, 0xFF, 0xBB, 0x22, 0x61},

121
    {0xAF, 0xFE, 0x8E, 0xB1, 0x3D, 0xD1, 0x7E, 0xD8, 0x0A, 0x61, 0x24, 0x1C, 0x95, 0x92, 0x56, 0xB6},

122
    {0x92, 0xCD, 0xB4, 0xC2, 0x5B, 0xF2, 0x35, 0x5A, 0x23, 0x09, 0xE8, 0x19, 0xC9, 0x14, 0x42, 0x35},

123
    {0xE1, 0xC6, 0x5B, 0x22, 0x6B, 0xE1, 0xDA, 0x02, 0xBA, 0x18, 0xFA, 0x21, 0x34, 0x9E, 0xF9, 0x6D},

124
    {0x14, 0xEC, 0x76, 0xCE, 0x97, 0xF3, 0x8A, 0x0A, 0x34, 0x50, 0x6C, 0x53, 0x9A, 0x5C, 0x9A, 0xB4},

125
    {0x1C, 0x9B, 0xC4, 0x90, 0xE3, 0x06, 0x64, 0x81, 0xFA, 0x59, 0xFD, 0xB6, 0x00, 0xBB, 0x28, 0x70},

126
    {0x43, 0xA5, 0xCA, 0xCC, 0x0D, 0x6C, 0x2D, 0x3F, 0x2B, 0xD9, 0x89, 0x67, 0x6B, 0x3F, 0x7F, 0x57},

127
    {0x00, 0xEF, 0xFD, 0x18, 0x08, 0xA4, 0x05, 0x89, 0x3C, 0x38, 0xFB, 0x25, 0x72, 0x70, 0x61, 0x06},

128
    {0xEE, 0xAF, 0x49, 0xE0, 0x09, 0x87, 0x9B, 0xEF, 0xAA, 0xD6, 0x32, 0x6A, 0x32, 0x13, 0xC4, 0x29},

129
    {0x8D, 0x26, 0xB9, 0x0F, 0x43, 0x1D, 0xBB, 0x08, 0xDB, 0x1D, 0xDA, 0xC5, 0xB5, 0x2C, 0x92, 0xED},

130
    {0x57, 0x7C, 0x30, 0x60, 0xAE, 0x6E, 0xBE, 0xAE, 0x3A, 0xAB, 0x18, 0x19, 0xC5, 0x71, 0x68, 0x0B},

131
    {0x11, 0x5A, 0x5D, 0x20, 0xD5, 0x3A, 0x8D, 0xD3, 0x9C, 0xC5, 0xAF, 0x41, 0x0F, 0x0F, 0x18, 0x6F},

132
    {0x0D, 0x4D, 0x51, 0xAB, 0x23, 0x79, 0xBF, 0x80, 0x3A, 0xBF, 0xB9, 0x0E, 0x75, 0xFC, 0x14, 0xBF},

133
    {0x99, 0x93, 0xDA, 0x3E, 0x7D, 0x2E, 0x5B, 0x15, 0xF2, 0x52, 0xA4, 0xE6, 0x6B, 0xB8, 0x5A, 0x98},

134
    {0xF4, 0x28, 0x30, 0xA5, 0xFB, 0x0D, 0x8D, 0x76, 0x0E, 0xA6, 0x71, 0xC2, 0x2B, 0xDE, 0x66, 0x9D},

135
    {0xFB, 0x5F, 0xEB, 0x7F, 0xC7, 0xDC, 0xDD, 0x69, 0x37, 0x01, 0x97, 0x9B, 0x29, 0x03, 0x5C, 0x47},

136
    {0x02, 0x32, 0x6A, 0xE7, 0xD3, 0x96, 0xCE, 0x7F, 0x1C, 0x41, 0x9D, 0xD6, 0x52, 0x07, 0xED, 0x09},

137
    {0x9C, 0x9B, 0x13, 0x72, 0xF8, 0xC6, 0x40, 0xCF, 0x1C, 0x62, 0xF5, 0xD5, 0x92, 0xDD, 0xB5, 0x82},

138
    {0x03, 0xB3, 0x02, 0xE8, 0x5F, 0xF3, 0x81, 0xB1, 0x3B, 0x8D, 0xAA, 0x2A, 0x90, 0xFF, 0x5E, 0x61},

139
    {0xBC, 0xD7, 0xF9, 0xD3, 0x2F, 0xAC, 0xF8, 0x47, 0xC0, 0xFB, 0x4D, 0x2F, 0x30, 0x9A, 0xBD, 0xA6},

140
    {0xF5, 0x55, 0x96, 0xE9, 0x7F, 0xAF, 0x86, 0x7F, 0xAC, 0xB3, 0x3A, 0xE6, 0x9C, 0x8B, 0x6F, 0x93},

141
    {0xEE, 0x29, 0x70, 0x93, 0xF9, 0x4E, 0x44, 0x59, 0x44, 0x17, 0x1F, 0x8E, 0x86, 0xE1, 0x70, 0xFC},

142
    {0xE4, 0x34, 0x52, 0x0C, 0xF0, 0x88, 0xCF, 0xC8, 0xCD, 0x78, 0x1B, 0x6C, 0xCF, 0x8C, 0x48, 0xC4},

143
    {0xC1, 0xBF, 0x66, 0x81, 0x8E, 0xF9, 0x53, 0xF2, 0xE1, 0x26, 0x6B, 0x6F, 0x55, 0x0C, 0xC9, 0xCD},

144
    {0x56, 0x0F, 0xFF, 0x8F, 0x3C, 0x96, 0x49, 0x14, 0x45, 0x16, 0xF1, 0xBC, 0xBF, 0xCE, 0xA3, 0x0C},

145
    {0x24, 0x08, 0xDC, 0x75, 0x37, 0x60, 0xA2, 0x9F, 0x05, 0x54, 0xB5, 0xF2, 0x43, 0x85, 0x73, 0x99},

146
    {0xDD, 0xD5, 0xB5, 0x6A, 0x59, 0xC5, 0x5A, 0xE8, 0x3B, 0x96, 0x67, 0xC7, 0x5C, 0x2A, 0xE2, 0xDC},

147
    {0xAA, 0x68, 0x67, 0x72, 0xE0, 0x2D, 0x44, 0xD5, 0xCD, 0xBB, 0x65, 0x04, 0xBC, 0xD5, 0xBF, 0x4E},

148
    {0x1F, 0x17, 0xF0, 0x14, 0xE7, 0x77, 0xA2, 0xFE, 0x4B, 0x13, 0x6B, 0x56, 0xCD, 0x7E, 0xF7, 0xE9},

149
    {0xC9, 0x35, 0x48, 0xCF, 0x55, 0x8D, 0x75, 0x03, 0x89, 0x6B, 0x2E, 0xEB, 0x61, 0x8C, 0xA9, 0x02},

150
    {0xDE, 0x34, 0xC5, 0x41, 0xE7, 0xCA, 0x86, 0xE8, 0xBE, 0xA7, 0xC3, 0x1C, 0xEC, 0xE4, 0x36, 0x0F},

151
    {0xDD, 0xE5, 0xFF, 0x55, 0x1B, 0x74, 0xF6, 0xF4, 0xE0, 0x16, 0xD7, 0xAB, 0x22, 0x31, 0x1B, 0x6A},

152
    {0xB0, 0xE9, 0x35, 0x21, 0x33, 0x3F, 0xD7, 0xBA, 0xB4, 0x76, 0x2C, 0xCB, 0x4D, 0x80, 0x08, 0xD8},

153
    {0x38, 0x14, 0x69, 0xC4, 0xC3, 0xF9, 0x1B, 0x96, 0x33, 0x63, 0x8E, 0x4D, 0x5F, 0x3D, 0xF0, 0x29},

154
    {0xFA, 0x48, 0x6A, 0xD9, 0x8E, 0x67, 0x16, 0xEF, 0x6A, 0xB0, 0x87, 0xF5, 0x89, 0x45, 0x7F, 0x2A},

155
    {0x32, 0x1A, 0x09, 0x12, 0x50, 0x14, 0x8A, 0x3E, 0x96, 0x3D, 0xEA, 0x02, 0x59, 0x32, 0xE1, 0x8F},

156
    {0x4B, 0x00, 0xBE, 0x29, 0xBC, 0xB0, 0x28, 0x64, 0xCE, 0xFD, 0x43, 0xA9, 0x6F, 0xD9, 0x5C, 0xED},

157
    {0x57, 0x7D, 0xC4, 0xFF, 0x02, 0x44, 0xE2, 0x80, 0x91, 0xF4, 0xCA, 0x0A, 0x75, 0x69, 0xFD, 0xA8},

158
    {0x83, 0x53, 0x36, 0xC6, 0x18, 0x03, 0xE4, 0x3E, 0x4E, 0xB3, 0x0F, 0x6B, 0x6E, 0x79, 0x9B, 0x7A},

159
    {0x5C, 0x92, 0x65, 0xFD, 0x7B, 0x59, 0x6A, 0xA3, 0x7A, 0x2F, 0x50, 0x9D, 0x85, 0xE9, 0x27, 0xF8},

160
    {0x9A, 0x39, 0xFB, 0x89, 0xDF, 0x55, 0xB2, 0x60, 0x14, 0x24, 0xCE, 0xA6, 0xD9, 0x65, 0x0A, 0x9D},

161
    {0x8B, 0x75, 0xBE, 0x91, 0xA8, 0xC7, 0x5A, 0xD2, 0xD7, 0xA5, 0x94, 0xA0, 0x1C, 0xBB, 0x95, 0x91},

162
    {0x95, 0xC2, 0x1B, 0x8D, 0x05, 0xAC, 0xF5, 0xEC, 0x5A, 0xEE, 0x77, 0x81, 0x23, 0x95, 0xC4, 0xD7},

163
    {0xB9, 0xA4, 0x61, 0x64, 0x36, 0x33, 0xFA, 0x5D, 0x94, 0x88, 0xE2, 0xD3, 0x28, 0x1E, 0x01, 0xA2},

164
    {0xB8, 0xB0, 0x84, 0xFB, 0x9F, 0x4C, 0xFA, 0xF7, 0x30, 0xFE, 0x73, 0x25, 0xA2, 0xAB, 0x89, 0x7D},

165
    {0x5F, 0x8C, 0x17, 0x9F, 0xC1, 0xB2, 0x1D, 0xF1, 0xF6, 0x36, 0x7A, 0x9C, 0xF7, 0xD3, 0xD4, 0x7C},

166
};

167


168
u8 kirk1_key[]  = {0x98, 0xC9, 0x40, 0x97, 0x5C, 0x1D, 0x10, 0xE8, 0x7F, 0xE6, 0x0E, 0xA3, 0xFD, 0x03, 0xA8, 0xBA};

169
u8 kirk16_key[] = {0x47, 0x5E, 0x09, 0xF4, 0xA2, 0x37, 0xDA, 0x9B, 0xEF, 0xFF, 0x3B, 0xC0, 0x77, 0x14, 0x3D, 0x8A};

170


171
/* ECC Curves for Kirk 1 and Kirk 0x11 */

172
// Common Curve paramters p and a

173
static u8 ec_p[20] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};

174
static u8 ec_a[20] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC}; // mon

175


176
// Kirk 0xC,0xD,0x10,0x11,(likely 0x12)- Unique curve parameters for b, N, and base point G for Kirk 0xC,0xD,0x10,0x11,(likely 0x12) service

177
// Since public key is variable, it is not specified here

178
static u8 ec_b2[20] = {0xA6, 0x8B, 0xED, 0xC3, 0x34, 0x18, 0x02, 0x9C, 0x1D, 0x3C, 0xE3, 0x3B, 0x9A, 0x32, 0x1F, 0xCC, 0xBB, 0x9E, 0x0F, 0x0B};// mon

179
static u8 ec_N2[21] = {0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xB5, 0xAE, 0x3C, 0x52, 0x3E, 0x63, 0x94, 0x4F, 0x21, 0x27};

180
static u8 Gx2[20] = {0x12, 0x8E, 0xC4, 0x25, 0x64, 0x87, 0xFD, 0x8F, 0xDF, 0x64, 0xE2, 0x43, 0x7B, 0xC0, 0xA1, 0xF6, 0xD5, 0xAF, 0xDE, 0x2C };

181
static u8 Gy2[20] = {0x59, 0x58, 0x55, 0x7E, 0xB1, 0xDB, 0x00, 0x12, 0x60, 0x42, 0x55, 0x24, 0xDB, 0xC3, 0x79, 0xD5, 0xAC, 0x5F, 0x4A, 0xDF };

182


183
// KIRK 1 - Unique curve parameters for b, N, and base point G

184
// Since public key is hard coded, it is also included

185


186
static u8 ec_b1[20] = {0x65, 0xD1, 0x48, 0x8C, 0x03, 0x59, 0xE2, 0x34, 0xAD, 0xC9, 0x5B, 0xD3, 0x90, 0x80, 0x14, 0xBD, 0x91, 0xA5, 0x25, 0xF9};

187
static u8 ec_N1[21] = {0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0xB5, 0xC6, 0x17, 0xF2, 0x90, 0xEA, 0xE1, 0xDB, 0xAD, 0x8F};

188
static u8 Gx1[20] = {0x22, 0x59, 0xAC, 0xEE, 0x15, 0x48, 0x9C, 0xB0, 0x96, 0xA8, 0x82, 0xF0, 0xAE, 0x1C, 0xF9, 0xFD, 0x8E, 0xE5, 0xF8, 0xFA };

189
static u8 Gy1[20] = {0x60, 0x43, 0x58, 0x45, 0x6D, 0x0A, 0x1C, 0xB2, 0x90, 0x8D, 0xE9, 0x0F, 0x27, 0xD7, 0x5C, 0x82, 0xBE, 0xC1, 0x08, 0xC0 };

190


191
static u8 Px1[20] = {0xED, 0x9C, 0xE5, 0x82, 0x34, 0xE6, 0x1A, 0x53, 0xC6, 0x85, 0xD6, 0x4D, 0x51, 0xD0, 0x23, 0x6B, 0xC3, 0xB5, 0xD4, 0xB9 };

192
static u8 Py1[20] = {0x04, 0x9D, 0xF1, 0xA0, 0x75, 0xC0, 0xE0, 0x4F, 0xB3, 0x44, 0x85, 0x8B, 0x61, 0xB7, 0x9B, 0x69, 0xA6, 0x3D, 0x2C, 0x39 };

193


194
/* ------------------------- KEY VAULT END ------------------------- */

195


196
/* ------------------------- INTERNAL STUFF ------------------------- */

197
typedef struct blah

198
{

199
  u8 fuseid[8]; //0

200
  u8 mesh[0x40];  //0x8

201
} kirk16_data; //0x48

202
 

203
typedef struct header_keys

204
{

205
  u8 AES[16];

206
  u8 CMAC[16];

207
}header_keys;  //small struct for temporary keeping AES & CMAC key from CMD1 header

208


209


210
u32 g_fuse90;  // This is to match FuseID HW at BC100090 and BC100094

211
u32 g_fuse94;

212


213
AES_ctx aes_kirk1; //global

214
u8 PRNG_DATA[0x14];

215


216
char is_kirk_initialized; //"init" emulation

217


218
/* ------------------------- INTERNAL STUFF END ------------------------- */

219


220


221
/* ------------------------- IMPLEMENTATION ------------------------- */

222


223
int kirk_CMD0(u8* outbuff, u8* inbuff, int size, int generate_trash)

224
{

225
  KIRK_CMD1_HEADER* header = (KIRK_CMD1_HEADER*)outbuff;

226
  header_keys *keys = (header_keys *)outbuff; //0-15 AES key, 16-31 CMAC key

227
  int chk_size;

228
  AES_ctx k1;

229
  AES_ctx cmac_key;

230
  u8 cmac_header_hash[16];

231
  u8 cmac_data_hash[16];

232
    

233
  if(is_kirk_initialized == 0) return KIRK_NOT_INITIALIZED;

234


235
  memcpy(outbuff, inbuff, size);

236
   

237
  if(header->mode != KIRK_MODE_CMD1) return KIRK_INVALID_MODE;

238
  

239
  //FILL PREDATA WITH RANDOM DATA

240
  if(generate_trash) kirk_CMD14(outbuff+sizeof(KIRK_CMD1_HEADER), header->data_offset);

241
  

242
  //Make sure data is 16 aligned

243
  chk_size = header->data_size;

244
  if(chk_size % 16) chk_size += 16 - (chk_size % 16);

245
  

246
  //ENCRYPT DATA

247
  AES_set_key(&k1, keys->AES, 128);

248
  AES_cbc_encrypt(&k1, inbuff+sizeof(KIRK_CMD1_HEADER)+header->data_offset, (u8*)outbuff+sizeof(KIRK_CMD1_HEADER)+header->data_offset, chk_size);

249
  

250
  //CMAC HASHES

251
  AES_set_key(&cmac_key, keys->CMAC, 128);

252
  AES_CMAC(&cmac_key, outbuff+0x60, 0x30, cmac_header_hash);

253
  AES_CMAC(&cmac_key, outbuff+0x60, 0x30 + chk_size + header->data_offset, cmac_data_hash);

254
  

255
  memcpy(header->CMAC_header_hash, cmac_header_hash, 16);

256
  memcpy(header->CMAC_data_hash, cmac_data_hash, 16);

257
  

258
  //ENCRYPT KEYS

259
  AES_cbc_encrypt(&aes_kirk1, inbuff, outbuff, 16*2);

260
  return KIRK_OPERATION_SUCCESS;

261
}

262


263
int kirk_CMD1(u8* outbuff, u8* inbuff, int size)

264
{

265
  KIRK_CMD1_HEADER* header = (KIRK_CMD1_HEADER*)inbuff;

266
  header_keys keys; //0-15 AES key, 16-31 CMAC key

267
  AES_ctx k1;

268
	

269
	if(size < 0x90) return KIRK_INVALID_SIZE;

270
  if(is_kirk_initialized == 0) return KIRK_NOT_INITIALIZED;

271
  if(header->mode != KIRK_MODE_CMD1) return KIRK_INVALID_MODE;

272
  

273
  AES_cbc_decrypt(&aes_kirk1, inbuff, (u8*)&keys, 16*2); //decrypt AES & CMAC key to temp buffer

274
  

275
  if(header->ecdsa_hash == 1)

276
  {

277
  	SHA_CTX sha;

278
  	KIRK_CMD1_ECDSA_HEADER* eheader = (KIRK_CMD1_ECDSA_HEADER*) inbuff;

279
  	u8 kirk1_pub[40];

280
  	u8 header_hash[20];u8 data_hash[20];

281
  	ecdsa_set_curve(ec_p,ec_a,ec_b1,ec_N1,Gx1,Gy1);

282
  	memcpy(kirk1_pub,Px1,20);

283
  	memcpy(kirk1_pub+20,Py1,20);

284
  	ecdsa_set_pub(kirk1_pub);

285
		//Hash the Header

286
		SHAInit(&sha);

287
		SHAUpdate(&sha, (u8*)eheader+0x60, 0x30);

288
		SHAFinal(header_hash, &sha);		

289
		

290
	  if(!ecdsa_verify(header_hash,eheader->header_sig_r,eheader->header_sig_s)) {

291
	    return KIRK_HEADER_HASH_INVALID;

292
	  }

293
	  SHAInit(&sha);

294
		SHAUpdate(&sha, (u8*)eheader+0x60, size-0x60);

295
		SHAFinal(data_hash, &sha);  

296
		

297
	  if(!ecdsa_verify(data_hash,eheader->data_sig_r,eheader->data_sig_s)) {

298
	    return KIRK_DATA_HASH_INVALID;

299
	  }

300


301
  } else  {

302
    int ret = kirk_CMD10(inbuff, size);

303
    if(ret != KIRK_OPERATION_SUCCESS) return ret;

304
  }

305
  

306
  AES_set_key(&k1, keys.AES, 128);

307
  AES_cbc_decrypt(&k1, inbuff+sizeof(KIRK_CMD1_HEADER)+header->data_offset, outbuff, header->data_size);  

308
  

309
  return KIRK_OPERATION_SUCCESS;

310
}

311


312
int kirk_CMD4(u8* outbuff, u8* inbuff, int size)

313
{

314
  KIRK_AES128CBC_HEADER *header = (KIRK_AES128CBC_HEADER*)inbuff;

315
  u8* key;

316
  AES_ctx aesKey;

317
  

318
  if(is_kirk_initialized == 0) return KIRK_NOT_INITIALIZED;

319
  if(header->mode != KIRK_MODE_ENCRYPT_CBC) return KIRK_INVALID_MODE;

320
  if(header->data_size == 0) return KIRK_DATA_SIZE_ZERO;

321
  

322
  key = kirk_4_7_get_key(header->keyseed);

323
  if(key == (u8*)KIRK_INVALID_SIZE) return KIRK_INVALID_SIZE;

324
  

325
  //Set the key

326
  AES_set_key(&aesKey, key, 128);

327
  AES_cbc_encrypt(&aesKey, inbuff+sizeof(KIRK_AES128CBC_HEADER), outbuff+sizeof(KIRK_AES128CBC_HEADER), header->data_size);

328
  

329
  return KIRK_OPERATION_SUCCESS;

330
}

331


332
void kirk4(u8* outbuff, const u8* inbuff, size_t size, int keyId)

333
{

334
  AES_ctx aesKey;

335
  u8* key = kirk_4_7_get_key(keyId);

336
  AES_set_key(&aesKey, key, 128);

337
  AES_cbc_encrypt(&aesKey, inbuff, outbuff, (int)size);

338
}

339


340
int kirk_CMD7(u8* outbuff, u8* inbuff, int size)

341
{

342
  KIRK_AES128CBC_HEADER *header = (KIRK_AES128CBC_HEADER*)inbuff;

343
  u8* key;

344
  AES_ctx aesKey;

345
  

346
  if(is_kirk_initialized == 0) return KIRK_NOT_INITIALIZED;

347
  if(header->mode != KIRK_MODE_DECRYPT_CBC) return KIRK_INVALID_MODE;

348
  if(header->data_size == 0) return KIRK_DATA_SIZE_ZERO;

349
  

350
  key = kirk_4_7_get_key(header->keyseed);

351
  if(key == (u8*)KIRK_INVALID_SIZE) return KIRK_INVALID_SIZE;

352
  

353
  //Set the key

354
  AES_set_key(&aesKey, key, 128);

355
  AES_cbc_decrypt(&aesKey, inbuff+sizeof(KIRK_AES128CBC_HEADER), outbuff, header->data_size);

356
  

357
  return KIRK_OPERATION_SUCCESS;

358
}

359


360
void kirk7(u8* outbuff, const u8* inbuff, size_t size, int keyId)

361
{

362
  AES_ctx aesKey;

363
  u8* key = kirk_4_7_get_key(keyId);

364
  AES_set_key(&aesKey, key, 128);

365
  AES_cbc_decrypt(&aesKey, inbuff, outbuff, (int)size);

366
}

367


368
int kirk_CMD10(u8* inbuff, int insize)

369
{

370
  KIRK_CMD1_HEADER* header = (KIRK_CMD1_HEADER*)inbuff;

371
  header_keys keys; //0-15 AES key, 16-31 CMAC key

372
  u8 cmac_header_hash[16];

373
  u8 cmac_data_hash[16];

374
  AES_ctx cmac_key;

375
  int chk_size;

376
  

377
  if(is_kirk_initialized == 0) return KIRK_NOT_INITIALIZED;

378
  if(!(header->mode == KIRK_MODE_CMD1 || header->mode == KIRK_MODE_CMD2 || header->mode == KIRK_MODE_CMD3)) return KIRK_INVALID_MODE;

379
  if(header->data_size == 0) return KIRK_DATA_SIZE_ZERO;

380
  

381
  if(header->mode == KIRK_MODE_CMD1)

382
  {

383
    AES_cbc_decrypt(&aes_kirk1, inbuff, (u8*)&keys, 32); //decrypt AES & CMAC key to temp buffer

384
    AES_set_key(&cmac_key, keys.CMAC, 128);

385
    AES_CMAC(&cmac_key, inbuff+0x60, 0x30, cmac_header_hash);

386
  

387
    //Make sure data is 16 aligned

388
    chk_size = header->data_size;

389
    if(chk_size % 16) chk_size += 16 - (chk_size % 16);

390
    AES_CMAC(&cmac_key, inbuff+0x60, 0x30 + chk_size + header->data_offset, cmac_data_hash);

391
  

392
    if(memcmp(cmac_header_hash, header->CMAC_header_hash, 16) != 0) return KIRK_HEADER_HASH_INVALID;

393
    if(memcmp(cmac_data_hash, header->CMAC_data_hash, 16) != 0) return KIRK_DATA_HASH_INVALID;

394
  

395
    return KIRK_OPERATION_SUCCESS;

396
  }

397
  return KIRK_SIG_CHECK_INVALID; //Checks for cmd 2 & 3 not included right now

398
}

399


400
int kirk_CMD11(u8* outbuff, u8* inbuff, int size)

401
{

402
  KIRK_SHA1_HEADER *header = (KIRK_SHA1_HEADER *)inbuff;

403
  SHA_CTX sha;

404
  if(is_kirk_initialized == 0) return KIRK_NOT_INITIALIZED;

405
  if(header->data_size == 0 || size == 0) return KIRK_DATA_SIZE_ZERO;

406
  

407
	SHAInit(&sha);

408
	SHAUpdate(&sha, inbuff+sizeof(KIRK_SHA1_HEADER), header->data_size);

409
	SHAFinal(outbuff, &sha);

410
  return KIRK_OPERATION_SUCCESS;

411
}

412


413
// Generate an ECDSA Key pair

414
// offset 0 = private key (0x14 len)

415
// offset 0x14 = public key point (0x28 len)

416
int kirk_CMD12(u8 *outbuff, int outsize) {

417
  u8 k[0x15];

418
  KIRK_CMD12_BUFFER * keypair = (KIRK_CMD12_BUFFER *) outbuff;

419


420
  if(outsize != 0x3C) return KIRK_INVALID_SIZE;

421
  ecdsa_set_curve(ec_p,ec_a,ec_b2,ec_N2,Gx2,Gy2);

422
  k[0] = 0;

423
  kirk_CMD14(k+1,0x14);

424
  ec_priv_to_pub(k, (u8*)keypair->public_key.x);

425
  memcpy(keypair->private_key,k+1,0x14);

426
  

427
  return KIRK_OPERATION_SUCCESS;

428
}

429
// Point multiplication

430
// offset 0 = mulitplication value (0x14 len)

431
// offset 0x14 = point to multiply (0x28 len)

432
int kirk_CMD13(u8 * outbuff, int outsize,u8 * inbuff, int insize) {

433
  u8 k[0x15];

434
  KIRK_CMD13_BUFFER * pointmult = (KIRK_CMD13_BUFFER *) inbuff;

435
  k[0]=0;

436
  if(outsize != 0x28) return KIRK_INVALID_SIZE;

437
  if(insize != 0x3C) return KIRK_INVALID_SIZE;

438
  ecdsa_set_curve(ec_p,ec_a,ec_b2,ec_N2,Gx2,Gy2);

439
  ecdsa_set_pub((u8*)pointmult->public_key.x);

440
  memcpy(k+1,pointmult->multiplier,0x14);

441
  ec_pub_mult(k, outbuff);

442
  return KIRK_OPERATION_SUCCESS;

443
}

444


445
int kirk_CMD14(u8 *outbuff, int outsize) {

446
  u8 temp[0x104];

447
  // This was added to mollify valgrind.

448
  memset(temp, 0xAA, sizeof(temp));

449


450
  KIRK_SHA1_HEADER *header = (KIRK_SHA1_HEADER *) temp;

451
  

452
  // Some randomly selected data for a "key" to add to each randomization

453
  static const u8 random_data[0x10] = { 0xA7, 0x2E, 0x4C, 0xB6, 0xC3, 0x34, 0xDF, 0x85, 0x70, 0x01, 0x49, 0xFC, 0xC0, 0x87, 0xC4, 0x77 };

454
  u32 curtime;

455
  //if(outsize != 0x14) return KIRK_INVALID_SIZE; // Need real error code

456
  if(outsize <=0) return KIRK_OPERATION_SUCCESS;

457
    

458
  memcpy(temp+4, PRNG_DATA,0x14);

459
  // This uses the standard C time function for portability.

460
  curtime = (u32)time(0);

461
  temp[0x18] = curtime &0xFF;

462
  temp[0x19] = (curtime>>8) &0xFF;

463
  temp[0x1A] = (curtime>>16) &0xFF;

464
  temp[0x1B] = (curtime>>24) &0xFF;

465
  memcpy(&temp[0x1C], random_data, 0x10);

466
  

467
  // WARNING: These next two lines of comments are no longer accurate since I added the memset above.

468
  // This leaves the remainder of the 0x100 bytes in temp to whatever remains on the stack 

469
  // in an uninitialized state. This should add unpredicableness to the results as well

470
  header->data_size=0x100;

471
  kirk_CMD11(PRNG_DATA, temp, 0x104);

472
  while(outsize)

473
  {

474
    int blockrem= outsize %0x14;

475
    int block = outsize /0x14;

476
    

477
    if(block)

478
    {

479
      memcpy(outbuff, PRNG_DATA, 0x14);

480
      outbuff+=0x14;

481
      outsize -= 0x14;

482
      kirk_CMD14(outbuff, outsize);

483
    } else {

484
      if(blockrem)

485
      {

486
        memcpy(outbuff, PRNG_DATA, blockrem);

487
        outsize -= blockrem;

488
      }

489
    }

490
    

491
  }

492
  return KIRK_OPERATION_SUCCESS;

493
}

494


495
void decrypt_kirk16_private(u8 *dA_out, u8 *dA_enc)

496
{

497
  int i, k;

498
  kirk16_data keydata;

499
  u8 subkey_1[0x10], subkey_2[0x10];

500
  rijndael_ctx aes_ctx;

501


502
  keydata.fuseid[7] = g_fuse90 &0xFF;

503
  keydata.fuseid[6] = (g_fuse90>>8) &0xFF;

504
  keydata.fuseid[5] = (g_fuse90>>16) &0xFF;

505
  keydata.fuseid[4] = (g_fuse90>>24) &0xFF; 

506
  keydata.fuseid[3] = g_fuse94 &0xFF;

507
  keydata.fuseid[2] = (g_fuse94>>8) &0xFF;

508
  keydata.fuseid[1] = (g_fuse94>>16) &0xFF;

509
  keydata.fuseid[0] = (g_fuse94>>24) &0xFF;

510
 

511
  /* set encryption key */

512
  rijndael_set_key(&aes_ctx, kirk16_key, 128);

513
 

514
  /* set the subkeys */

515
  for (i = 0; i < 0x10; i++)

516
  {

517
    /* set to the fuseid */

518
    subkey_2[i] = subkey_1[i] = keydata.fuseid[i % 8];

519
  }

520
 

521
  /* do aes crypto */

522
  for (i = 0; i < 3; i++)

523
  {

524
    /* encrypt + decrypt */

525
    rijndael_encrypt(&aes_ctx, subkey_1, subkey_1);

526
    rijndael_decrypt(&aes_ctx, subkey_2, subkey_2);

527
  }

528
 

529
  /* set new key */

530
  rijndael_set_key(&aes_ctx, subkey_1, 128);

531
 

532
  /* now lets make the key mesh */

533
  for (i = 0; i < 3; i++)

534
  {

535
    /* do encryption in group of 3 */

536
    for (k = 0; k < 3; k++)

537
    {

538
      /* crypto */

539
      rijndael_encrypt(&aes_ctx, subkey_2, subkey_2);

540
    }

541
 

542
    /* copy to out block */

543
    memcpy(&keydata.mesh[i * 0x10], subkey_2, 0x10);

544
  }

545
 

546
  /* set the key to the mesh */

547
  rijndael_set_key(&aes_ctx, &keydata.mesh[0x20], 128);

548
 

549
  /* do the encryption routines for the aes key */

550
  for (i = 0; i < 2; i++)

551
  {

552
    /* encrypt the data */

553
    rijndael_encrypt(&aes_ctx, &keydata.mesh[0x10], &keydata.mesh[0x10]);

554
  }

555
 

556
  /* set the key to that mesh shit */

557
  rijndael_set_key(&aes_ctx, &keydata.mesh[0x10], 128);

558
 

559
  /* cbc decrypt the dA */

560
  AES_cbc_decrypt((AES_ctx *)&aes_ctx, dA_enc, dA_out, 0x20);

561
}

562
 

563
void encrypt_kirk16_private(u8 *dA_out, u8 *dA_dec)

564
{

565
  int i, k;

566
  kirk16_data keydata;

567
  u8 subkey_1[0x10], subkey_2[0x10];

568
  rijndael_ctx aes_ctx;

569
 

570


571
  keydata.fuseid[7] = g_fuse90 &0xFF;

572
  keydata.fuseid[6] = (g_fuse90>>8) &0xFF;

573
  keydata.fuseid[5] = (g_fuse90>>16) &0xFF;

574
  keydata.fuseid[4] = (g_fuse90>>24) &0xFF; 

575
  keydata.fuseid[3] = g_fuse94 &0xFF;

576
  keydata.fuseid[2] = (g_fuse94>>8) &0xFF;

577
  keydata.fuseid[1] = (g_fuse94>>16) &0xFF;

578
  keydata.fuseid[0] = (g_fuse94>>24) &0xFF;

579
  /* set encryption key */

580
  rijndael_set_key(&aes_ctx, kirk16_key, 128);

581
 

582
  /* set the subkeys */

583
  for (i = 0; i < 0x10; i++)

584
  {

585
    /* set to the fuseid */

586
    subkey_2[i] = subkey_1[i] = keydata.fuseid[i % 8];

587
  }

588
 

589
  /* do aes crypto */

590
  for (i = 0; i < 3; i++)

591
  {

592
    /* encrypt + decrypt */

593
    rijndael_encrypt(&aes_ctx, subkey_1, subkey_1);

594
    rijndael_decrypt(&aes_ctx, subkey_2, subkey_2);

595
  }

596
 

597
  /* set new key */

598
  rijndael_set_key(&aes_ctx, subkey_1, 128);

599
 

600
  /* now lets make the key mesh */

601
  for (i = 0; i < 3; i++)

602
  {

603
    /* do encryption in group of 3 */

604
    for (k = 0; k < 3; k++)

605
    {

606
      /* crypto */

607
      rijndael_encrypt(&aes_ctx, subkey_2, subkey_2);

608
    }

609
 

610
    /* copy to out block */

611
    memcpy(&keydata.mesh[i * 0x10], subkey_2, 0x10);

612
  }

613
 

614
  /* set the key to the mesh */

615
  rijndael_set_key(&aes_ctx, &keydata.mesh[0x20], 128);

616
 

617
  /* do the encryption routines for the aes key */

618
  for (i = 0; i < 2; i++)

619
  {

620
    /* encrypt the data */

621
    rijndael_encrypt(&aes_ctx, &keydata.mesh[0x10], &keydata.mesh[0x10]);

622
  }

623
 

624
  /* set the key to that mesh shit */

625
  rijndael_set_key(&aes_ctx, &keydata.mesh[0x10], 128);

626
 

627
  /* cbc encrypt the dA */

628
  AES_cbc_encrypt((AES_ctx *)&aes_ctx, dA_dec, dA_out, 0x20);

629
}

630


631
int kirk_CMD16(u8 * outbuff, int outsize, u8 * inbuff, int insize) {

632
	u8 dec_private[0x20];

633
	KIRK_CMD16_BUFFER * signbuf = (KIRK_CMD16_BUFFER *) inbuff;

634
	ECDSA_SIG * sig = (ECDSA_SIG *) outbuff;

635
	if(insize != 0x34) return KIRK_INVALID_SIZE;

636
	if(outsize != 0x28) return KIRK_INVALID_SIZE;

637
	decrypt_kirk16_private(dec_private,signbuf->enc_private);

638
	// Clear out the padding for safety

639
	memset(&dec_private[0x14], 0, 0xC);

640
	ecdsa_set_curve(ec_p,ec_a,ec_b2,ec_N2,Gx2,Gy2);

641
	ecdsa_set_priv(dec_private);

642
	ecdsa_sign(signbuf->message_hash,sig->r, sig->s);

643
  return KIRK_OPERATION_SUCCESS;

644
}

645


646
// ECDSA Verify

647
// inbuff structure:

648
// 00 = public key (0x28 length)

649
// 28 = message hash (0x14 length)

650
// 3C = signature R (0x14 length)

651
// 50 = signature S (0x14 length)

652
int kirk_CMD17(u8 * inbuff, int insize) {

653
	KIRK_CMD17_BUFFER * sig = (KIRK_CMD17_BUFFER *) inbuff;

654
  if(insize != 0x64) return KIRK_INVALID_SIZE;

655
  ecdsa_set_curve(ec_p,ec_a,ec_b2,ec_N2,Gx2,Gy2);

656
  ecdsa_set_pub(sig->public_key.x);

657
  // ecdsa_verify(u8 *hash, u8 *R, u8 *S)

658
  if(ecdsa_verify(sig->message_hash,sig->signature.r,sig->signature.s)) {

659
    return KIRK_OPERATION_SUCCESS;

660
  } else {

661
    return KIRK_SIG_CHECK_INVALID;

662
  }

663
}

664


665


666


667
int kirk_init()

668
{

669
  return kirk_init2((u8*)"Lazy Dev should have initialized!",33,0xBABEF00D, 0xDEADBEEF );

670
}

671


672
int kirk_init2(u8 * rnd_seed, u32 seed_size, u32 fuseid_90, u32 fuseid_94) {

673
  u8 temp[0x104];

674
  memset(temp, 0xAA, sizeof(temp));

675
  

676
  KIRK_SHA1_HEADER *header = (KIRK_SHA1_HEADER *) temp;

677
  // Another randomly selected data for a "key" to add to each randomization

678
  static const u8 key[0x10] = {0x07, 0xAB, 0xEF, 0xF8, 0x96, 0x8C, 0xF3, 0xD6, 0x14, 0xE0, 0xEB, 0xB2, 0x9D, 0x8B, 0x4E, 0x74};

679
  u32 curtime;

680


681
  //Set PRNG_DATA initially, otherwise use what ever uninitialized data is in the buffer

682
  if(seed_size > 0) {

683
    u8 * seedbuf;

684
    KIRK_SHA1_HEADER *seedheader;

685
    seedbuf=(u8*)malloc(seed_size+4);

686
    memset(seedbuf, 0, seed_size+4);

687
    seedheader = (KIRK_SHA1_HEADER *) seedbuf;

688
    seedheader->data_size = seed_size;

689
    kirk_CMD11(PRNG_DATA, seedbuf, seed_size+4);    

690
    free(seedbuf);

691
  }

692
  memcpy(temp+4, PRNG_DATA,0x14);

693
  // This uses the standard C time function for portability.

694
  curtime=(u32)time(0);

695
  temp[0x18] = curtime &0xFF;

696
  temp[0x19] = (curtime>>8) &0xFF;

697
  temp[0x1A] = (curtime>>16) &0xFF;

698
  temp[0x1B] = (curtime>>24) &0xFF;

699
  memcpy(&temp[0x1C], key, 0x10);

700
  //This leaves the remainder of the 0x100 bytes in temp to whatever remains on the stack 

701
  // in an uninitialized state. This should add unpredicableness to the results as well

702
  header->data_size=0x100;

703
  kirk_CMD11(PRNG_DATA, temp, 0x104); 

704
  

705
  //Set Fuse ID

706
  g_fuse90=fuseid_90;

707
  g_fuse94=fuseid_94;

708
  

709
  //Set KIRK1 main key

710
  AES_set_key(&aes_kirk1, kirk1_key, 128);

711
  

712


713
  is_kirk_initialized = 1;

714
  return 0;

715
}

716
u8* kirk_4_7_get_key(int key_type)

717
{

718
	if((key_type < 0) || (key_type >=0x80)) return (u8*)KIRK_INVALID_SIZE;

719
	return keyvault[key_type];

720
}

721


722
int kirk_CMD1_ex(u8* outbuff, u8* inbuff, int size, KIRK_CMD1_HEADER* header)

723
{

724
  u8* buffer = (u8*)malloc(size);

725
  int ret;

726
  

727
  memcpy(buffer, header, sizeof(KIRK_CMD1_HEADER));

728
  memcpy(buffer+sizeof(KIRK_CMD1_HEADER), inbuff, header->data_size);

729
  

730
  ret = kirk_CMD1(outbuff, buffer, size);

731
  free(buffer);

732
  return ret;

733
}

734


735
int kirk_sceUtilsBufferCopyWithRange(u8* outbuff, int outsize, const u8* inbuff, int insize, int cmd)

736
{

737
  // TODO: propagate const-correctness into all these functions.

738
  switch(cmd)

739
  {

740
    case KIRK_CMD_DECRYPT_PRIVATE: return kirk_CMD1(outbuff, (u8 *)inbuff, insize); break;

741
    case KIRK_CMD_ENCRYPT_IV_0: return kirk_CMD4(outbuff, (u8 *)inbuff, insize); break;

742
    case KIRK_CMD_DECRYPT_IV_0: return kirk_CMD7(outbuff, (u8 *)inbuff, insize); break;

743
    case KIRK_CMD_PRIV_SIGN_CHECK: return kirk_CMD10((u8 *)inbuff, insize); break;

744
    case KIRK_CMD_SHA1_HASH: return kirk_CMD11(outbuff, (u8 *)inbuff, insize); break;

745
    case KIRK_CMD_ECDSA_GEN_KEYS: return kirk_CMD12(outbuff, outsize); break;

746
    case KIRK_CMD_ECDSA_MULTIPLY_POINT: return kirk_CMD13(outbuff, outsize, (u8 *)inbuff, insize); break;

747
    case KIRK_CMD_PRNG: return kirk_CMD14(outbuff, outsize); break;

748
    case KIRK_CMD_ECDSA_SIGN: return kirk_CMD16(outbuff, outsize, (u8 *)inbuff, insize); break;

749
    case KIRK_CMD_ECDSA_VERIFY: return kirk_CMD17((u8 *)inbuff, insize); break;

750
  }

751
  return -1;

752
}

753


754