-
-
KCTF2019Q4 第七题 东北奇闻
-
发表于: 2019-12-15 19:17 3258
-
1. apk的java层没做啥, 直接看native的showAssist
package com.zhuotong.kctfq4;
public class MainActivity extends AppC0mpatActivity {
protected void onCreate(Bundle arg4) {
super.onCreate(arg4);
this.setContentView(0x7F0A001C);
this.findViewById(0x7F070042).setOnClickListener(new View$OnClickListener(this.findViewById(0x7F070054), arg4) {
public void onClick(View arg3) {
if(this.val$ed.getText() == null || (TextUtils.isEmpty(this.val$ed.getText().toString())) || (MainActivity.this.showAssist(this.val$savedInstanceState))) {
Toast.makeText(MainActivity.this, "null", 1).show();
}
}
});
}
}
package androidx.appcompat.app;
public class AppC0mpatActivity extends AppCompatActivity {
static {
System.loadLibrary("native-lib");
}
public native boolean showAssist(Bundle arg1);
}2. native-lib
JNI_OnLoad -> RegisterNatives -> check
.text:0001A8E2 LDR R0, =(x_method_showAssist - 0x1A8EC)
.text:0001A8E4 MOV R2, R10
.text:0001A8E6 LDR R1, =(g_sz_AppC0mpatActivity - 0x1A8EE)
.text:0001A8E8 ADD R0, PC ; x_method_showAssist
.text:0001A8EA ADD R1, PC ; g_sz_AppC0mpatActivity
.text:0001A8EC LDMIA.W R0, {R3,R5,R6}
.text:0001A8F0 MOV R0, R9 ; a1
.text:0001A8F2 STMIA R2!, {R3,R5,R6}
.text:0001A8F4 BL FindClass
.text:00019F80 x_showAssist
.text:0001A4BE BL GetStringUTFChars
.text:0001A4C2 BL x_checkcheck函数
cast加密 set_key: key是固定的字符串"findViewById(I)L", 长度为16 encrypt: ctx.round是12, 改了几个sbox(S1,S2,S3,S4) cast加密后还有个加密, 是一一映射, 不用管是干嘛的, 写个脚本直接把映射关系抠出来 .text:00019B04 LDR R1, =(g_sz_sig_findViewById - 0x19B10) .text:00019B06 MOV R0, R10 .text:00019B08 MOVS R2, #0x10 .text:00019B0A MOV R4, R8 .text:00019B0C ADD R1, PC ; findViewById(I)L .text:00019B0E BL x_cast_set_key ; fn(&ctx, key, key_len) .text:00019B1A CMP.W R8, #0x19 ... .text:00019B2A ADD.W R1, R9, R8,LSL#3 .text:00019B2E MOV.W R0, R8,LSL#3 .text:00019B32 LDR R2, [R5,R0] .text:00019B34 ADD R0, R5 .text:00019B36 LDR R0, [R0,#4] .text:00019B38 STR R0, [R1,#4] .text:00019B3A MOV R0, R10 .text:00019B3C STR R2, [R1] .text:00019B3E BL x_cast_encrypt ; fn(&ctx, buf) .text:00009CB0 x_cast_encrypt // 处理S1,S2,S3,S4 ... // 开始加密 .text:0000DBC4 .text:0000DF18 x_map .data:0002D010 S1 .data:0002D410 S2 .data:0002D810 S3 .data:0002DC10 S4
3. ida调试脚本
adb root
adb shell /data/local/tmp/android_server
adb forward tcp:23946 tcp:23946
ida加载so, 在showAssist处下断, 执行脚本
import idaapi
import idautils
from idautils import *
from idc import *
from idaapi import *
def x_delete_all_breakpoints():
print('old bp count: %s' % GetBptQty())
ary_bp = []
bp_count = GetBptQty()
for i in range(bp_count):
ary_bp.append(GetBptEA(i))
for i in range(bp_count):
print('delete old bp: %x' % ary_bp[i])
DelBpt(ary_bp[i])
return
def x_continue_process():
GetDebuggerEvent(WFNE_SUSP | WFNE_CONT, -1)
return
def x_skip_call():
SetRegValue(GetRegValue('PC') + 4, 'PC')
return
def x_step_over():
StepOver()
GetDebuggerEvent(WFNE_SUSP, -1)
return
def x_arm_address(ea):
ea &= ~1
return ea
def dbg_read_string(ea):
s = ''
while True:
ch = DbgByte(ea)
if ch == 0:
break
s += chr(ch)
ea += 1
return s
def ida_main():
print('script start')
# echo 0 > /proc/sys/kernel/randomize_va_space
package_name = 'com.zhuotong.kctfq4'
activity_name = '%s/com.zhuotong.kctfq4.MainActivity' % package_name
Exec('adb shell am start -D -n %s' % activity_name)
processes = ida_idd.procinfo_vec_t()
process_count = ida_dbg.get_processes(processes)
pid = 0
for i in range(process_count):
process_name = str(processes[i].name)
if process_name.find(package_name) != -1:
pid = processes[i].pid
break
AttachProcess(pid, -1)
GetDebuggerEvent(WFNE_SUSP, -1)
ResumeProcess()
Exec('adb forward tcp:8700 jdwp:%s' % pid)
Exec('start jdb -connect com.sun.jdi.SocketAttach:hostname=127.0.0.1,port=8700')
GetDebuggerEvent(WFNE_SUSP, -1)
print('script end')
return
def print_byte_array(ary):
s = ''
for i in range(len(ary)):
s += '0x%02X, ' % ary[i]
if (i + 1) % 16 == 0:
s += '\n'
print s
return
def ida_main2():
print('script start')
ary = [0] * 256
# .text:0000DEEE BLX R5
# .text:0000DEF0 STRB.W R0, [R9,#7]
# set bp at 0000DEF0
for i in range(256):
SetRegValue(0x0000DEEE, 'PC')
SetRegValue(i, 'R0')
x_continue_process()
ary[i] = GetRegValue('R0')
print_byte_array(ary)
print('script end')
return
ida_main()
4. 代码
cast.cpp, 来自pycrypto的cast.c, 修改了S1,S2,S3,S4
#include "stdafx.h"
#include "cast.h"
#define BLOCK_SIZE 8
#define KEY_SIZE 0
/* adjust these according to your compiler/platform. On some machines
uint32 will have to be a long. It's OK if uint32 is more than 32 bits. */
/* this struct probably belongs in cast.h */
/* these are the eight 32*256 S-boxes */
static const uint32 S1[256] = {
0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004,
0x00010404, 0x00000004, 0x00010000, 0x00000400, 0x01010400,
0x01010404, 0x00000400, 0x01000404, 0x01010004, 0x01000000,
0x00000004, 0x00000404, 0x01000400, 0x01000400, 0x00010400,
0x00010400, 0x01010000, 0x01010000, 0x01000404, 0x00010004,
0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404,
0x00010404, 0x01000000, 0x00010000, 0x01010404, 0x00000004,
0x01010000, 0x01010400, 0x01000000, 0x01000000, 0x00000400,
0x01010004, 0x00010000, 0x00010400, 0x01000004, 0x00000400,
0x00000004, 0x01000404, 0x00010404, 0x01010404, 0x00010004,
0x01010000, 0x01000404, 0x01000004, 0x00000404, 0x00010404,
0x01010400, 0x00000404, 0x01000400, 0x01000400, 0x00000000,
0x00010004, 0x00010400, 0x00000000, 0x01010004, 0x80108020,
0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020,
0x80100020, 0x80008020, 0x80000020, 0x80108020, 0x80108000,
0x80000000, 0x80008000, 0x00100000, 0x00000020, 0x80100020,
0x00108000, 0x00100020, 0x80008020, 0x00000000, 0x80000000,
0x00008000, 0x00108020, 0x80100000, 0x00100020, 0x80000020,
0x00000000, 0x00108000, 0x00008020, 0x80108000, 0x80100000,
0x00008020, 0x00000000, 0x00108020, 0x80100020, 0x00100000,
0x80008020, 0x80100000, 0x80108000, 0x00008000, 0x80100000,
0x80008000, 0x00000020, 0x80108020, 0x00108020, 0x00000020,
0x00008000, 0x80000000, 0x00008020, 0x80108000, 0x00100000,
0x80000020, 0x00100020, 0x80008020, 0x80000020, 0x00100020,
0x00108000, 0x00000000, 0x80008000, 0x00008020, 0x80000000,
0x80100020, 0x80108020, 0x00108000, 0x00000208, 0x08020200,
0x00000000, 0x08020008, 0x08000200, 0x00000000, 0x00020208,
0x08000200, 0x00020008, 0x08000008, 0x08000008, 0x00020000,
0x08020208, 0x00020008, 0x08020000, 0x00000208, 0x08000000,
0x00000008, 0x08020200, 0x00000200, 0x00020200, 0x08020000,
0x08020008, 0x00020208, 0x08000208, 0x00020200, 0x00020000,
0x08000208, 0x00000008, 0x08020208, 0x00000200, 0x08000000,
0x08020200, 0x08000000, 0x00020008, 0x00000208, 0x00020000,
0x08020200, 0x08000200, 0x00000000, 0x00000200, 0x00020008,
0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000,
0x08020008, 0x08000208, 0x00020000, 0x08000000, 0x08020208,
0x00000008, 0x00020208, 0x00020200, 0x08000008, 0x08020000,
0x08000208, 0x00000208, 0x08020000, 0x00020208, 0x00000008,
0x08020008, 0x00020200, 0x00802001, 0x00002081, 0x00002081,
0x00000080, 0x00802080, 0x00800081, 0x00800001, 0x00002001,
0x00000000, 0x00802000, 0x00802000, 0x00802081, 0x00000081,
0x00000000, 0x00800080, 0x00800001, 0x00000001, 0x00002000,
0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001,
0x00002080, 0x00800081, 0x00000001, 0x00002080, 0x00800080,
0x00002000, 0x00802080, 0x00802081, 0x00000081, 0x00800080,
0x00800001, 0x00802000, 0x00802081, 0x00000081, 0x00000000,
0x00000000, 0x00802000, 0x00002080, 0x00800080, 0x00800081,
0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080,
0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001,
0x00002001, 0x00802080, 0x00800081, 0x00002001, 0x00002080,
0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002000,
0x00802080 };
static const uint32 S2[256] = {
0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000,
0x00000100, 0x40000000, 0x02080000, 0x40080100, 0x00080000,
0x02000100, 0x40080100, 0x42000100, 0x42080000, 0x00080100,
0x40000000, 0x02000000, 0x40080000, 0x40080000, 0x00000000,
0x40000100, 0x42080100, 0x42080100, 0x02000100, 0x42080000,
0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000,
0x42000000, 0x00080100, 0x00080000, 0x42000100, 0x00000100,
0x02000000, 0x40000000, 0x02080000, 0x42000100, 0x40080100,
0x02000100, 0x40000000, 0x42080000, 0x02080100, 0x40080100,
0x00000100, 0x02000000, 0x42080000, 0x42080100, 0x00080100,
0x42000000, 0x42080100, 0x02080000, 0x00000000, 0x40080000,
0x42000000, 0x00080100, 0x02000100, 0x40000100, 0x00080000,
0x00000000, 0x40080000, 0x02080100, 0x40000100, 0x20000010,
0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010,
0x20404010, 0x00400000, 0x20004000, 0x00404010, 0x00400000,
0x20000010, 0x00400010, 0x20004000, 0x20000000, 0x00004010,
0x00000000, 0x00400010, 0x20004010, 0x00004000, 0x00404000,
0x20004010, 0x00000010, 0x20400010, 0x20400010, 0x00000000,
0x00404010, 0x20404000, 0x00004010, 0x00404000, 0x20404000,
0x20000000, 0x20004000, 0x00000010, 0x20400010, 0x00404000,
0x20404010, 0x00400000, 0x00004010, 0x20000010, 0x00400000,
0x20004000, 0x20000000, 0x00004010, 0x20000010, 0x20404010,
0x00404000, 0x20400000, 0x00404010, 0x20404000, 0x00000000,
0x20400010, 0x00000010, 0x00004000, 0x20400000, 0x00404010,
0x00004000, 0x00400010, 0x20004010, 0x00000000, 0x20404000,
0x20000000, 0x00400010, 0x20004010, 0x00200000, 0x04200002,
0x04000802, 0x00000000, 0x00000800, 0x04000802, 0x00200802,
0x04200800, 0x04200802, 0x00200000, 0x00000000, 0x04000002,
0x00000002, 0x04000000, 0x04200002, 0x00000802, 0x04000800,
0x00200802, 0x00200002, 0x04000800, 0x04000002, 0x04200000,
0x04200800, 0x00200002, 0x04200000, 0x00000800, 0x00000802,
0x04200802, 0x00200800, 0x00000002, 0x04000000, 0x00200800,
0x04000000, 0x00200800, 0x00200000, 0x04000802, 0x04000802,
0x04200002, 0x04200002, 0x00000002, 0x00200002, 0x04000000,
0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802,
0x04200800, 0x00000802, 0x04000002, 0x04200802, 0x04200000,
0x00200800, 0x00000000, 0x00000002, 0x04200802, 0x00000000,
0x00200802, 0x04200000, 0x00000800, 0x04000002, 0x04000800,
0x00000800, 0x00200002, 0x10001040, 0x00001000, 0x00040000,
0x10041040, 0x10000000, 0x10001040, 0x00000040, 0x10000000,
0x00040040, 0x10040000, 0x10041040, 0x00041000, 0x10041000,
0x00041040, 0x00001000, 0x00000040, 0x10040000, 0x10000040,
0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040,
0x10041000, 0x00001040, 0x00000000, 0x00000000, 0x10040040,
0x10000040, 0x10001000, 0x00041040, 0x00040000, 0x00041040,
0x00040000, 0x10041000, 0x00001000, 0x00000040, 0x10040040,
0x00001000, 0x00041040, 0x10001000, 0x00000040, 0x10000040,
0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040,
0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000,
0x10001000, 0x10001040, 0x00000000, 0x10041040, 0x00041000,
0x00041000, 0x00001040, 0x00001040, 0x00040040, 0x10000000,
0x10041000 };
static const uint32 S3[256] = {
0x00000063, 0x0000007C, 0x00000077, 0x0000007B, 0x000000F2,
0x0000006B, 0x0000006F, 0x000000C5, 0x00000030, 0x00000001,
0x00000067, 0x0000002B, 0x000000FE, 0x000000D7, 0x000000AB,
0x00000076, 0x000000CA, 0x00000082, 0x000000C9, 0x0000007D,
0x000000FA, 0x00000059, 0x00000047, 0x000000F0, 0x000000AD,
0x000000D4, 0x000000A2, 0x000000AF, 0x0000009C, 0x000000A4,
0x00000072, 0x000000C0, 0x000000B7, 0x000000FD, 0x00000093,
0x00000026, 0x00000036, 0x0000003F, 0x000000F7, 0x000000CC,
0x00000034, 0x000000A5, 0x000000E5, 0x000000F1, 0x00000071,
0x000000D8, 0x00000031, 0x00000015, 0x00000004, 0x000000C7,
0x00000023, 0x000000C3, 0x00000018, 0x00000096, 0x00000005,
0x0000009A, 0x00000007, 0x00000012, 0x00000080, 0x000000E2,
0x000000EB, 0x00000027, 0x000000B2, 0x00000075, 0x00000009,
0x00000083, 0x0000002C, 0x0000001A, 0x0000001B, 0x0000006E,
0x0000005A, 0x000000A0, 0x00000052, 0x0000003B, 0x000000D6,
0x000000B3, 0x00000029, 0x000000E3, 0x0000002F, 0x00000084,
0x00000053, 0x000000D1, 0x00000000, 0x000000ED, 0x00000020,
0x000000FC, 0x000000B1, 0x0000005B, 0x0000006A, 0x000000CB,
0x000000BE, 0x00000039, 0x0000004A, 0x0000004C, 0x00000058,
0x000000CF, 0x000000D0, 0x000000EF, 0x000000AA, 0x000000FB,
0x00000043, 0x0000004D, 0x00000033, 0x00000085, 0x00000045,
0x000000F9, 0x00000002, 0x0000007F, 0x00000050, 0x0000003C,
0x0000009F, 0x000000A8, 0x00000051, 0x000000A3, 0x00000040,
0x0000008F, 0x00000092, 0x0000009D, 0x00000038, 0x000000F5,
0x000000BC, 0x000000B6, 0x000000DA, 0x00000021, 0x00000010,
0x000000FF, 0x000000F3, 0x000000D2, 0x000000CD, 0x0000000C,
0x00000013, 0x000000EC, 0x0000005F, 0x00000097, 0x00000044,
0x00000017, 0x000000C4, 0x000000A7, 0x0000007E, 0x0000003D,
0x00000064, 0x0000005D, 0x00000019, 0x00000073, 0x00000060,
0x00000081, 0x0000004F, 0x000000DC, 0x00000022, 0x0000002A,
0x00000090, 0x00000088, 0x00000046, 0x000000EE, 0x000000B8,
0x00000014, 0x000000DE, 0x0000005E, 0x0000000B, 0x000000DB,
0x000000E0, 0x00000032, 0x0000003A, 0x0000000A, 0x00000049,
0x00000006, 0x00000024, 0x0000005C, 0x000000C2, 0x000000D3,
0x000000AC, 0x00000062, 0x00000091, 0x00000095, 0x000000E4,
0x00000079, 0x000000E7, 0x000000C8, 0x00000037, 0x0000006D,
0x0000008D, 0x000000D5, 0x0000004E, 0x000000A9, 0x0000006C,
0x00000056, 0x000000F4, 0x000000EA, 0x00000065, 0x0000007A,
0x000000AE, 0x00000008, 0x000000BA, 0x00000078, 0x00000025,
0x0000002E, 0x0000001C, 0x000000A6, 0x000000B4, 0x000000C6,
0x000000E8, 0x000000DD, 0x00000074, 0x0000001F, 0x0000004B,
0x000000BD, 0x0000008B, 0x0000008A, 0x00000070, 0x0000003E,
0x000000B5, 0x00000066, 0x00000048, 0x00000003, 0x000000F6,
0x0000000E, 0x00000061, 0x00000035, 0x00000057, 0x000000B9,
0x00000086, 0x000000C1, 0x0000001D, 0x0000009E, 0x000000E1,
0x000000F8, 0x00000098, 0x00000011, 0x00000069, 0x000000D9,
0x0000008E, 0x00000094, 0x0000009B, 0x0000001E, 0x00000087,
0x000000E9, 0x000000CE, 0x00000055, 0x00000028, 0x000000DF,
0x0000008C, 0x000000A1, 0x00000089, 0x0000000D, 0x000000BF,
0x000000E6, 0x00000042, 0x00000068, 0x00000041, 0x00000099,
0x0000002D, 0x0000000F, 0x000000B0, 0x00000054, 0x000000BB,
0x00000016 };
static const uint32 S4[256] = {
0x00000052, 0x00000009, 0x0000006A, 0x000000D5, 0x00000030,
0x00000036, 0x000000A5, 0x00000038, 0x000000BF, 0x00000040,
0x000000A3, 0x0000009E, 0x00000081, 0x000000F3, 0x000000D7,
0x000000FB, 0x0000007C, 0x000000E3, 0x00000039, 0x00000082,
0x0000009B, 0x0000002F, 0x000000FF, 0x00000087, 0x00000034,
0x0000008E, 0x00000043, 0x00000044, 0x000000C4, 0x000000DE,
0x000000E9, 0x000000CB, 0x00000054, 0x0000007B, 0x00000094,
0x00000032, 0x000000A6, 0x000000C2, 0x00000023, 0x0000003D,
0x000000EE, 0x0000004C, 0x00000095, 0x0000000B, 0x00000042,
0x000000FA, 0x000000C3, 0x0000004E, 0x00000008, 0x0000002E,
0x000000A1, 0x00000066, 0x00000028, 0x000000D9, 0x00000024,
0x000000B2, 0x00000076, 0x0000005B, 0x000000A2, 0x00000049,
0x0000006D, 0x0000008B, 0x000000D1, 0x00000025, 0x00000072,
0x000000F8, 0x000000F6, 0x00000064, 0x00000086, 0x00000068,
0x00000098, 0x00000016, 0x000000D4, 0x000000A4, 0x0000005C,
0x000000CC, 0x0000005D, 0x00000065, 0x000000B6, 0x00000092,
0x0000006C, 0x00000070, 0x00000048, 0x00000050, 0x000000FD,
0x000000ED, 0x000000B9, 0x000000DA, 0x0000005E, 0x00000015,
0x00000046, 0x00000057, 0x000000A7, 0x0000008D, 0x0000009D,
0x00000084, 0x00000090, 0x000000D8, 0x000000AB, 0x00000000,
0x0000008C, 0x000000BC, 0x000000D3, 0x0000000A, 0x000000F7,
0x000000E4, 0x00000058, 0x00000005, 0x000000B8, 0x000000B3,
0x00000045, 0x00000006, 0x000000D0, 0x0000002C, 0x0000001E,
0x0000008F, 0x000000CA, 0x0000003F, 0x0000000F, 0x00000002,
0x000000C1, 0x000000AF, 0x000000BD, 0x00000003, 0x00000001,
0x00000013, 0x0000008A, 0x0000006B, 0x0000003A, 0x00000091,
0x00000011, 0x00000041, 0x0000004F, 0x00000067, 0x000000DC,
0x000000EA, 0x00000097, 0x000000F2, 0x000000CF, 0x000000CE,
0x000000F0, 0x000000B4, 0x000000E6, 0x00000073, 0x00000096,
0x000000AC, 0x00000074, 0x00000022, 0x000000E7, 0x000000AD,
0x00000035, 0x00000085, 0x000000E2, 0x000000F9, 0x00000037,
0x000000E8, 0x0000001C, 0x00000075, 0x000000DF, 0x0000006E,
0x00000047, 0x000000F1, 0x0000001A, 0x00000071, 0x0000001D,
0x00000029, 0x000000C5, 0x00000089, 0x0000006F, 0x000000B7,
0x00000062, 0x0000000E, 0x000000AA, 0x00000018, 0x000000BE,
0x0000001B, 0x000000FC, 0x00000056, 0x0000003E, 0x0000004B,
0x000000C6, 0x000000D2, 0x00000079, 0x00000020, 0x0000009A,
0x000000DB, 0x000000C0, 0x000000FE, 0x00000078, 0x000000CD,
0x0000005A, 0x000000F4, 0x0000001F, 0x000000DD, 0x000000A8,
0x00000033, 0x00000088, 0x00000007, 0x000000C7, 0x00000031,
0x000000B1, 0x00000012, 0x00000010, 0x00000059, 0x00000027,
0x00000080, 0x000000EC, 0x0000005F, 0x00000060, 0x00000051,
0x0000007F, 0x000000A9, 0x00000019, 0x000000B5, 0x0000004A,
0x0000000D, 0x0000002D, 0x000000E5, 0x0000007A, 0x0000009F,
0x00000093, 0x000000C9, 0x0000009C, 0x000000EF, 0x000000A0,
0x000000E0, 0x0000003B, 0x0000004D, 0x000000AE, 0x0000002A,
0x000000F5, 0x000000B0, 0x000000C8, 0x000000EB, 0x000000BB,
0x0000003C, 0x00000083, 0x00000053, 0x00000099, 0x00000061,
0x00000017, 0x0000002B, 0x00000004, 0x0000007E, 0x000000BA,
0x00000077, 0x000000D6, 0x00000026, 0x000000E1, 0x00000069,
0x00000014, 0x00000063, 0x00000055, 0x00000021, 0x0000000C,
0x0000007D };
static const uint32 S5[256] = {
0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff,
0x1dd358f5, 0x44dd9d44, 0x1731167f, 0x08fbf1fa, 0xe7f511cc,
0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a,
0x69befd7a, 0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180,
0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff, 0x5f480a01,
0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb,
0x8dba1cfe, 0x41a99b02, 0x1a550a04, 0xba8f65cb, 0x7251f4e7,
0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a,
0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88,
0x8709e6b0, 0xd7e07156, 0x4e29fea7, 0x6366e52d, 0x02d1c000,
0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02,
0xd642a0c9, 0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec,
0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981, 0x5c1ff900,
0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976,
0x90c79505, 0xb0a8a774, 0xef55a1ff, 0xe59ca2c2, 0xa6b62d27,
0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655,
0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980,
0x524755f4, 0x03b63cc9, 0x0cc844b2, 0xbcf3f0aa, 0x87ac36e9,
0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da,
0x01c94910, 0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284,
0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1, 0x136e05db,
0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf,
0xb6f589de, 0xec2941da, 0x26e46695, 0xb7566419, 0xf654efc5,
0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd,
0x9e0885f9, 0x68cb3e47, 0x086c010f, 0xa21de820, 0xd18b69de,
0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d,
0xb0d70eba, 0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4,
0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be, 0x580a249f,
0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715,
0x646c6bd7, 0x44904db3, 0x66b4f0a3, 0xc0f1648a, 0x697ed5af,
0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840,
0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8,
0xc1092910, 0x8bc95fc6, 0x7d869cf4, 0x134f616f, 0x2e77118d,
0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010,
0xaf462ba2, 0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487,
0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7, 0x445f7382,
0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3,
0x20936079, 0x459b80a5, 0xbe60e2db, 0xa9c23101, 0xeba5315c,
0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e,
0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e,
0x75922283, 0x784d6b17, 0x58ebb16e, 0x44094f85, 0x3f481d87,
0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a,
0x2b092801, 0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0,
0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad, 0x6cf6e479,
0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3,
0xa09c7f70, 0x5346aba0, 0x5ce96c28, 0xe176eda3, 0x6bac307f,
0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a,
0xeeb9491d, 0x34010718, 0xbb30cab8, 0xe822fe15, 0x88570983,
0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08,
0xefe9e7d4 };
static const uint32 S6[256] = {
0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7,
0x016843b4, 0xeced5cbc, 0x325553ac, 0xbf9f0960, 0xdfa1e2ed,
0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732,
0x8989b138, 0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e,
0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367, 0xa3149619,
0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f,
0xa888614a, 0x2900af98, 0x01665991, 0xe1992863, 0xc8f30c60,
0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072,
0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c,
0x4c7f4448, 0xdab5d440, 0x6dba0ec3, 0x083919a7, 0x9fbaeed9,
0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a,
0xba7dd9cd, 0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d,
0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8, 0x284caf89,
0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906,
0xefe8c36e, 0xf890cdd9, 0x80226dae, 0xc340a4a3, 0xdf7e9c09,
0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54,
0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc,
0xcf222ebf, 0x25ac6f48, 0xa9a99387, 0x53bddb65, 0xe76ffbe7,
0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d,
0xc8087dfc, 0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0,
0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf, 0x5f04456d,
0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5,
0xe2220abe, 0xd2916ebf, 0x4ec75b95, 0x24f2c3c0, 0x42d15d99,
0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af,
0x692573e4, 0xe9a9d848, 0xf3160289, 0x3a62ef1d, 0xa787e238,
0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407,
0x592af950, 0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa,
0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f, 0x89dff0bb,
0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585,
0xdc049441, 0xc8098f9b, 0x7dede786, 0xc39a3373, 0x42410005,
0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be,
0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a,
0x1f8fb214, 0xd372cf08, 0xcc3c4a13, 0x8cf63166, 0x061c87be,
0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb,
0x3fc06976, 0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459,
0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0, 0x3007cd3e,
0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241,
0x8809286c, 0xf592d891, 0x08a930f6, 0x957ef305, 0xb7fbffbd,
0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da,
0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123,
0x257f0c3d, 0x9348af49, 0x361400bc, 0xe8816f4a, 0x3814f200,
0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a,
0x54f4a084, 0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab,
0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25, 0x653d7e6a,
0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76,
0x0404a8c8, 0xb8e5a121, 0xb81a928a, 0x60ed5869, 0x97c55b96,
0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1,
0xf544edeb, 0xb0e93524, 0xbebb8fbd, 0xa2d762cf, 0x49c92f54,
0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd,
0xd675cf2f };
static const uint32 S7[256] = {
0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f,
0xab9bc912, 0xde6008a1, 0x2028da1f, 0x0227bce7, 0x4d642916,
0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2,
0xb28707de, 0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd,
0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43, 0x4d495001,
0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4,
0x1286becf, 0xb6eacb19, 0x2660c200, 0x7565bde4, 0x64241f7a,
0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2,
0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a,
0xeb12ff82, 0xe3486911, 0xd34d7516, 0x4e7b3aff, 0x5f43671b,
0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0,
0xcb3a6c88, 0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e,
0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816, 0x0a961288,
0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745,
0xcf19df58, 0xbec3f756, 0xc06eba30, 0x07211b24, 0x45c28829,
0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a,
0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f,
0xaff60ff4, 0xea2c4e6d, 0x16e39264, 0x92544a8b, 0x009b4fc3,
0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9,
0xbe838688, 0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d,
0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28, 0xda6d0c74,
0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f,
0xeed82b29, 0x1d382fe3, 0x0c4fb99a, 0xbb325778, 0x3ec6d97b,
0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32,
0xebd4e7be, 0xbe8b9d2d, 0x7979fb06, 0xe7225308, 0x8b75cf77,
0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0,
0x5dda0033, 0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a,
0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a, 0x2711fd60,
0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476,
0x488dcf25, 0x36c9d566, 0x28e74e41, 0xc2610aca, 0x3d49a9cf,
0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509,
0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887,
0x2b9f4fd5, 0x625aba82, 0x6a017962, 0x2ec01b9c, 0x15488aa9,
0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9,
0x3453dc1e, 0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07,
0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c, 0x66626c1c,
0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae,
0x9ea294fb, 0x52cf564c, 0x9883fe66, 0x2ec40581, 0x763953c3,
0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285,
0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f,
0x3d321c5d, 0xc3f5e194, 0x4b269301, 0xc79f022f, 0x3c997e7e,
0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f,
0xc61e45be, 0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567,
0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767, 0x1814386b,
0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390,
0x5479f8e6, 0x1cb8d647, 0x97fd61a9, 0xea7759f4, 0x2d57539d,
0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc,
0x3d40f021, 0xc3c0bdae, 0x4958c24c, 0x518f36b2, 0x84b1d370,
0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b,
0x954b8aa3 };
static const uint32 S8[256] = {
0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7,
0xe6c1121b, 0x0e241600, 0x052ce8b5, 0x11a9cfb0, 0xe5952f11,
0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a,
0x37ddddfc, 0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940,
0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd, 0x0b15a15d,
0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7,
0x72df191b, 0x7580330d, 0x94074251, 0x5c7dcdfa, 0xabbe6d63,
0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2,
0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022,
0xce949ad4, 0xb84769ad, 0x965bd862, 0x82f3d055, 0x66fb9767,
0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e,
0x647a78fc, 0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6,
0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c, 0xbbd35049,
0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548,
0x58cb7e07, 0x3b74ef2e, 0x522fffb1, 0xd24708cc, 0x1c7e27cd,
0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039,
0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd,
0xc18910b1, 0xe11dbf7b, 0x06cd1af8, 0x7170c608, 0x2d5e3354,
0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34,
0x77d51b42, 0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564,
0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5, 0xe6459788,
0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b,
0x24259fd7, 0xf8bef472, 0x835ffcb8, 0x6df4c1f2, 0x96f5b195,
0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187,
0xea7a6e98, 0x7cd16efc, 0x1436876c, 0xf1544107, 0xbedeee14,
0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d,
0x151682eb, 0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f,
0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054, 0xb6f2cf3b,
0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5,
0xbae7dfdc, 0x42cbda70, 0xcd7dae0a, 0x57e85b7a, 0xd53f5af6,
0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc,
0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4,
0xc5c8b37e, 0x0d809ea2, 0x398feb7c, 0x132a4f94, 0x43b7950e,
0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289,
0xacf3ebc3, 0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4,
0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4, 0xe87b40e4,
0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694,
0x38d7e5b2, 0x57720101, 0x730edebc, 0x5b643113, 0x94917e4f,
0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f,
0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f,
0xad1163ed, 0xea7b5965, 0x1a00726e, 0x11403092, 0x00da6d77,
0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8,
0xcee7d28a, 0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37,
0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c, 0xaa12e4f2,
0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b,
0x67cdb156, 0x350d8384, 0x5938fa0f, 0x42399ef3, 0x36997b07,
0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82,
0x0d2059d1, 0xa466bb1e, 0xf8da0a82, 0x04f19130, 0xba6e4ec0,
0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283,
0xea8bf59e };
/* fetch a uint32 from an array of uint8s (with a given offset) */
#define fetch(ptr, base) (((((( ptr[base]<< 8 ) | ptr[base+1] )<< 8 ) | ptr[base+2] )<< 8 ) | ptr[base+3])
/* this is the round function f(D, Km, Kr) */
static uint32 castfunc(uint32 D, uint32 Kmi, uint8 Kri, int type)
{
uint32 I, f;
short Ia, Ib, Ic, Id;
switch (type) {
case 0:
I = (Kmi + D);
break;
case 1:
I = (Kmi ^ D);
break;
default:
case 2:
I = (Kmi - D);
break;
}
I &= 0xFFFFFFFF;
I = (I << Kri) | (I >> (32 - Kri));
Ia = (I >> 24) & 0xFF;
Ib = (I >> 16) & 0xFF;
Ic = (I >> 8) & 0xFF;
Id = (I) & 0xFF;
switch (type) {
case 0:
f = ((S1[Ia] ^ S2[Ib]) - S3[Ic]) + S4[Id];
break;
case 1:
f = ((S1[Ia] - S2[Ib]) + S3[Ic]) ^ S4[Id];
break;
default:
case 2:
f = ((S1[Ia] + S2[Ib]) ^ S3[Ic]) - S4[Id];
break;
}
return f;
}
/* encrypts/decrypts one block of data according to the key schedule
pointed to by `key'. Encrypts if decrypt=0, otherwise decrypts. */
void castcrypt(block_state *key, uint8 *block, int decrypt)
{
uint32 L, R, tmp, f;
uint32 Kmi;
uint8 Kri;
short functype, round;
L = fetch(block, 0);
R = fetch(block, 4);
/* printf("L0 = %08x R0 = %08x\n", L, R); */
for (round = 0; round < key->rounds; round++) {
if (!decrypt) {
Kmi = key->Km[round];
Kri = key->Kr[round];
functype = round % 3;
}
else {
Kmi = key->Km[(key->rounds) - round - 1];
Kri = key->Kr[(key->rounds) - round - 1];
functype = (((key->rounds) - round - 1) % 3);
}
f = castfunc(R, Kmi, Kri, functype);
tmp = L;
L = R;
R = tmp ^ f;
//printf("L%d = %08x R%d = %08x\n", round+1, L, round+1, R);
}
block[0] = (R & 0xFF000000) >> 24;
block[1] = (R & 0x00FF0000) >> 16;
block[2] = (R & 0x0000FF00) >> 8;
block[3] = (R & 0x000000FF);
block[4] = (L & 0xFF000000) >> 24;
block[5] = (L & 0x00FF0000) >> 16;
block[6] = (L & 0x0000FF00) >> 8;
block[7] = (L & 0x000000FF);
}
/* fetch a uint8 from an array of uint32s */
#define b(a,n) (((a)[n/4] >> (24-((n&3)*8))) & 0xFF)
/* key schedule round functions */
#define XZRound(T, F, ki1, ki2, ki3, ki4, \
si11, si12, si13, si14, si15,\
si25,\
si35,\
si45 ) \
T[0] = F[ki1] ^ S5[si11 ] ^ S6[si12 ] ^ S7[si13 ] ^ S8[si14 ] ^ S7[si15];\
T[1] = F[ki2] ^ S5[b(T, 0)] ^ S6[b(T,2)] ^ S7[b(T, 1)] ^ S8[b(T,3)] ^ S8[si25];\
T[2] = F[ki3] ^ S5[b(T, 7)] ^ S6[b(T,6)] ^ S7[b(T, 5)] ^ S8[b(T,4)] ^ S5[si35];\
T[3] = F[ki4] ^ S5[b(T,10)] ^ S6[b(T,9)] ^ S7[b(T,11)] ^ S8[b(T,8)] ^ S6[si45];
#define zxround() XZRound(z, x, 0, 2, 3, 1, \
b(x,13), b(x,15), b(x,12), b(x,14),\
b(x, 8), b(x,10), b(x, 9), b(x,11))
#define xzround() XZRound(x, z, 2, 0, 1, 3, \
b(z,5), b(z,7), b(z,4), b(z,6), \
b(z,0), b(z,2), b(z,1), b(z,3))
#define Kround(T, base, F,\
i11, i12, i13, i14, i15,\
i21, i22, i23, i24, i25,\
i31, i32, i33, i34, i35,\
i41, i42, i43, i44, i45)\
T[base+0] = S5[b(F,i11)] ^ S6[b(F,i12)] ^ S7[b(F,i13)] ^ S8[b(F,i14)] ^ S5[b(F,i15)];\
T[base+1] = S5[b(F,i21)] ^ S6[b(F,i22)] ^ S7[b(F,i23)] ^ S8[b(F,i24)] ^ S6[b(F,i25)];\
T[base+2] = S5[b(F,i31)] ^ S6[b(F,i32)] ^ S7[b(F,i33)] ^ S8[b(F,i34)] ^ S7[b(F,i35)];\
T[base+3] = S5[b(F,i41)] ^ S6[b(F,i42)] ^ S7[b(F,i43)] ^ S8[b(F,i44)] ^ S8[b(F,i45)];
/* generates sixteen 32-bit subkeys based on a 4x32-bit input key;
modifies the input key *in as well. */
static void schedulekeys_half(uint32 *in, uint32 *keys)
{
uint32 x[4], z[4];
x[0] = in[0];
x[1] = in[1];
x[2] = in[2];
x[3] = in[3];
zxround();
Kround(keys, 0, z,
8, 9, 7, 6, 2,
10, 11, 5, 4, 6,
12, 13, 3, 2, 9,
14, 15, 1, 0, 12);
xzround();
Kround(keys, 4, x,
3, 2, 12, 13, 8,
1, 0, 14, 15, 13,
7, 6, 8, 9, 3,
5, 4, 10, 11, 7);
zxround();
Kround(keys, 8, z,
3, 2, 12, 13, 9,
1, 0, 14, 15, 12,
7, 6, 8, 9, 2,
5, 4, 10, 11, 6);
xzround();
Kround(keys, 12, x,
8, 9, 7, 6, 3,
10, 11, 5, 4, 7,
12, 13, 3, 2, 8,
14, 15, 1, 0, 13);
in[0] = x[0];
in[1] = x[1];
in[2] = x[2];
in[3] = x[3];
}
/* generates a key schedule from an input key */
void castschedulekeys(block_state *schedule, uint8 *key, int keybytes)
{
uint32 x[4];
uint8 paddedkey[16];
uint32 Kr_wide[16];
int i;
for (i = 0; i < keybytes; i++)
paddedkey[i] = key[i];
for (; i < 16; i++)
paddedkey[i] = 0;
if (keybytes <= 10)
schedule->rounds = 12;
else
schedule->rounds = 16;
x[0] = fetch(paddedkey, 0);
x[1] = fetch(paddedkey, 4);
x[2] = fetch(paddedkey, 8);
x[3] = fetch(paddedkey, 12);
schedulekeys_half(x, schedule->Km);
schedulekeys_half(x, Kr_wide);
for (i = 0; i < 16; i++) {
/* The Kr[] subkeys are used for 32-bit circular shifts,
so we only need to keep them modulo 32 */
schedule->Kr[i] = (uint8)(Kr_wide[i] & 0x1F);
}
}
cast.h
#pragma once
typedef uint32_t uint32;
typedef uint8_t uint8;
typedef struct {
/* masking and rotate keys */
uint32 Km[16];
uint8 Kr[16];
/* number of rounds (depends on original unpadded keylength) */
int rounds;
} block_state;
void castschedulekeys(block_state *schedule, uint8 *key, int keybytes);
void castcrypt(block_state *key, uint8 *block, int decrypt);test.cpp
#include "stdafx.h"
#include "cast.h"
void print_buf(const void *buf, size_t len)
{
const PBYTE pb = (const PBYTE)buf;
for (size_t i = 0; i < len; i++)
{
printf("%02X ", pb[i]);
if (((i + 1) % 16) == 0)
{
printf("\n");
}
}
printf("\n");
}
void test_encrypt()
{
const char *key = "findViewById(I)L";
BYTE ary[256] = {
0x00, 0x02, 0x01, 0x03, 0xA8, 0xAA, 0xA9, 0xAB, 0x54, 0x56, 0x55, 0x57, 0xFC, 0xFE, 0xFD, 0xFF,
0x0A, 0x08, 0x0B, 0x09, 0xA2, 0xA0, 0xA3, 0xA1, 0x5E, 0x5C, 0x5F, 0x5D, 0xF6, 0xF4, 0xF7, 0xF5,
0x05, 0x07, 0x04, 0x06, 0xAD, 0xAF, 0xAC, 0xAE, 0x51, 0x53, 0x50, 0x52, 0xF9, 0xFB, 0xF8, 0xFA,
0x0F, 0x0D, 0x0E, 0x0C, 0xA7, 0xA5, 0xA6, 0xA4, 0x5B, 0x59, 0x5A, 0x58, 0xF3, 0xF1, 0xF2, 0xF0,
0x20, 0x22, 0x21, 0x23, 0x88, 0x8A, 0x89, 0x8B, 0x74, 0x76, 0x75, 0x77, 0xDC, 0xDE, 0xDD, 0xDF,
0x2A, 0x28, 0x2B, 0x29, 0x82, 0x80, 0x83, 0x81, 0x7E, 0x7C, 0x7F, 0x7D, 0xD6, 0xD4, 0xD7, 0xD5,
0x25, 0x27, 0x24, 0x26, 0x8D, 0x8F, 0x8C, 0x8E, 0x71, 0x73, 0x70, 0x72, 0xD9, 0xDB, 0xD8, 0xDA,
0x2F, 0x2D, 0x2E, 0x2C, 0x87, 0x85, 0x86, 0x84, 0x7B, 0x79, 0x7A, 0x78, 0xD3, 0xD1, 0xD2, 0xD0,
0x10, 0x12, 0x11, 0x13, 0xB8, 0xBA, 0xB9, 0xBB, 0x44, 0x46, 0x45, 0x47, 0xEC, 0xEE, 0xED, 0xEF,
0x1A, 0x18, 0x1B, 0x19, 0xB2, 0xB0, 0xB3, 0xB1, 0x4E, 0x4C, 0x4F, 0x4D, 0xE6, 0xE4, 0xE7, 0xE5,
0x15, 0x17, 0x14, 0x16, 0xBD, 0xBF, 0xBC, 0xBE, 0x41, 0x43, 0x40, 0x42, 0xE9, 0xEB, 0xE8, 0xEA,
0x1F, 0x1D, 0x1E, 0x1C, 0xB7, 0xB5, 0xB6, 0xB4, 0x4B, 0x49, 0x4A, 0x48, 0xE3, 0xE1, 0xE2, 0xE0,
0x30, 0x32, 0x31, 0x33, 0x98, 0x9A, 0x99, 0x9B, 0x64, 0x66, 0x65, 0x67, 0xCC, 0xCE, 0xCD, 0xCF,
0x3A, 0x38, 0x3B, 0x39, 0x92, 0x90, 0x93, 0x91, 0x6E, 0x6C, 0x6F, 0x6D, 0xC6, 0xC4, 0xC7, 0xC5,
0x35, 0x37, 0x34, 0x36, 0x9D, 0x9F, 0x9C, 0x9E, 0x61, 0x63, 0x60, 0x62, 0xC9, 0xCB, 0xC8, 0xCA,
0x3F, 0x3D, 0x3E, 0x3C, 0x97, 0x95, 0x96, 0x94, 0x6B, 0x69, 0x6A, 0x68, 0xC3, 0xC1, 0xC2, 0xC0,
};
block_state sched;
castschedulekeys(&sched, (uint8 *)key, strlen(key));
sched.rounds = 12;
BYTE buf[200] = { 0 };
const char *flag = "flag{1111111122222222333333334444444455555555666666667777777788}";
memcpy(buf, flag, strlen(flag));
for (size_t k = 0; k < sizeof(buf); k += 8)
{
PBYTE pb = buf + k;
castcrypt(&sched, pb, 0);
for (size_t i = 0; i < 8; i++)
{
pb[i] = ary[pb[i]];
}
}
print_buf(buf, sizeof(buf));
}
void test_decrypt()
{
const char *key = "findViewById(I)L";
BYTE ary_rev[256] = {
0x00, 0x02, 0x01, 0x03, 0x22, 0x20, 0x23, 0x21, 0x11, 0x13, 0x10, 0x12, 0x33, 0x31, 0x32, 0x30,
0x80, 0x82, 0x81, 0x83, 0xA2, 0xA0, 0xA3, 0xA1, 0x91, 0x93, 0x90, 0x92, 0xB3, 0xB1, 0xB2, 0xB0,
0x40, 0x42, 0x41, 0x43, 0x62, 0x60, 0x63, 0x61, 0x51, 0x53, 0x50, 0x52, 0x73, 0x71, 0x72, 0x70,
0xC0, 0xC2, 0xC1, 0xC3, 0xE2, 0xE0, 0xE3, 0xE1, 0xD1, 0xD3, 0xD0, 0xD2, 0xF3, 0xF1, 0xF2, 0xF0,
0xAA, 0xA8, 0xAB, 0xA9, 0x88, 0x8A, 0x89, 0x8B, 0xBB, 0xB9, 0xBA, 0xB8, 0x99, 0x9B, 0x98, 0x9A,
0x2A, 0x28, 0x2B, 0x29, 0x08, 0x0A, 0x09, 0x0B, 0x3B, 0x39, 0x3A, 0x38, 0x19, 0x1B, 0x18, 0x1A,
0xEA, 0xE8, 0xEB, 0xE9, 0xC8, 0xCA, 0xC9, 0xCB, 0xFB, 0xF9, 0xFA, 0xF8, 0xD9, 0xDB, 0xD8, 0xDA,
0x6A, 0x68, 0x6B, 0x69, 0x48, 0x4A, 0x49, 0x4B, 0x7B, 0x79, 0x7A, 0x78, 0x59, 0x5B, 0x58, 0x5A,
0x55, 0x57, 0x54, 0x56, 0x77, 0x75, 0x76, 0x74, 0x44, 0x46, 0x45, 0x47, 0x66, 0x64, 0x67, 0x65,
0xD5, 0xD7, 0xD4, 0xD6, 0xF7, 0xF5, 0xF6, 0xF4, 0xC4, 0xC6, 0xC5, 0xC7, 0xE6, 0xE4, 0xE7, 0xE5,
0x15, 0x17, 0x14, 0x16, 0x37, 0x35, 0x36, 0x34, 0x04, 0x06, 0x05, 0x07, 0x26, 0x24, 0x27, 0x25,
0x95, 0x97, 0x94, 0x96, 0xB7, 0xB5, 0xB6, 0xB4, 0x84, 0x86, 0x85, 0x87, 0xA6, 0xA4, 0xA7, 0xA5,
0xFF, 0xFD, 0xFE, 0xFC, 0xDD, 0xDF, 0xDC, 0xDE, 0xEE, 0xEC, 0xEF, 0xED, 0xCC, 0xCE, 0xCD, 0xCF,
0x7F, 0x7D, 0x7E, 0x7C, 0x5D, 0x5F, 0x5C, 0x5E, 0x6E, 0x6C, 0x6F, 0x6D, 0x4C, 0x4E, 0x4D, 0x4F,
0xBF, 0xBD, 0xBE, 0xBC, 0x9D, 0x9F, 0x9C, 0x9E, 0xAE, 0xAC, 0xAF, 0xAD, 0x8C, 0x8E, 0x8D, 0x8F,
0x3F, 0x3D, 0x3E, 0x3C, 0x1D, 0x1F, 0x1C, 0x1E, 0x2E, 0x2C, 0x2F, 0x2D, 0x0C, 0x0E, 0x0D, 0x0F,
};
block_state sched;
castschedulekeys(&sched, (uint8 *)key, strlen(key));
sched.rounds = 12;
BYTE buf[200] = { 0 };
string dst = util::hex2bin("68dd8a0f7065609e3106fb2bb1059423e80fb1347318ffeb83b8a074a7e6c9cf");
size_t len = dst.size();
memcpy(buf, dst.c_str(), len);
for (size_t k = 0; k < len; k += 8)
{
PBYTE pb = buf + k;
for (size_t i = 0; i < 8; i++)
{
pb[i] = ary_rev[pb[i]];
}
castcrypt(&sched, pb, 1);
}
printf("%s\n", buf);
}
void print_int(const void *buf, size_t len)
{
const PDWORD pb = (const PDWORD)buf;
for (size_t i = 0; i < len / 4; i++)
{
printf("0x%08X, ", pb[i]);
if (((i + 1) % 16) == 0)
{
printf("\n");
}
}
printf("\n");
}
int main()
{
//test_encrypt();
test_decrypt();
return 0;
}[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
最后于 2019-12-15 19:23
被风间仁编辑
,原因:
赞赏
|
|
|---|---|
|
|
他的文章
- KCTF2022春季赛 第三题 石像病毒 8855
- KCTF2022春季赛 第二题 末日邀请 16176
- KCTF2021秋季赛 第二题 迷失丛林 18803
- KCTF2020秋季赛 第十题 终焉之战 8862
- KCTF2020秋季赛 第九题 命悬一线 6462
赞赏
雪币:
留言:
