valter/umskt-rs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement bink2002

Browse source
This commit is contained in:
Alex Page 2023-06-20 22:09:31 -04:00
parent d86b41e039
commit 6f648b6556
7 changed files with 351 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1 +1,2 @@
/target
/.vscode

13
Cargo.lock generated
View file

@ -229,9 +229,8 @@ checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d"
[[package]]
name = "openssl"
version = "0.10.54"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "69b3f656a17a6cbc115b5c7a40c616947d213ba182135b014d6051b73ab6f019"
version = "0.10.55"
source = "git+https://github.com/anpage/rust-openssl.git#a50639888f80f0a935ec621c328d761428aff32a"
dependencies = [
"bitflags",
"cfg-if",
@ -245,8 +244,7 @@ dependencies = [
[[package]]
name = "openssl-macros"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
source = "git+https://github.com/anpage/rust-openssl.git#a50639888f80f0a935ec621c328d761428aff32a"
dependencies = [
"proc-macro2",
"quote",
@ -255,9 +253,8 @@ dependencies = [
[[package]]
name = "openssl-sys"
version = "0.9.88"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c2ce0f250f34a308dcfdbb351f511359857d4ed2134ba715a4eadd46e1ffd617"
version = "0.9.90"
source = "git+https://github.com/anpage/rust-openssl.git#a50639888f80f0a935ec621c328d761428aff32a"
dependencies = [
"cc",
"libc",

2
Cargo.toml
View file

@ -9,5 +9,5 @@ edition = "2021"
anyhow = "1.0.71"
bitreader = "0.3.7"
clap = { version = "4.3.4", features = ["derive"] }
openssl = "0.10.54"
openssl = { git = "https://github.com/anpage/rust-openssl.git" }
serde_json = "1.0"

15
src/bink1998.rs
View file

@ -6,12 +6,11 @@ use openssl::{
sha::sha1,
};
use crate::{
key::{base24_decode, base24_encode},
FIELD_BITS, FIELD_BYTES,
};
use crate::key::{base24_decode, base24_encode};
const SHA_MSG_LENGTH_XP: usize = 4 + 2 * FIELD_BYTES;
const FIELD_BITS: i32 = 384;
const FIELD_BYTES: usize = 48;
const SHA_MSG_LENGTH: usize = 4 + 2 * FIELD_BYTES;
#[derive(Clone, Copy, Debug)]
struct ProductKey {
@ -51,7 +50,7 @@ pub fn verify(
p.affine_coordinates(e_curve, &mut x, &mut y, &mut num_context)?;
let mut msg_buffer: [u8; SHA_MSG_LENGTH_XP] = [0; SHA_MSG_LENGTH_XP];
let mut msg_buffer: [u8; SHA_MSG_LENGTH] = [0; SHA_MSG_LENGTH];
let mut x_bin = x.to_vec_padded(FIELD_BYTES as i32)?;
x_bin.reverse();
@ -92,7 +91,7 @@ pub fn generate(
let mut r = EcPoint::new(e_curve)?;
// Generate a random number c consisting of 384 bits without any constraints.
c.rand(FIELD_BITS, MsbOption::MAYBE_ZERO, true)?;
c.rand(FIELD_BITS, MsbOption::MAYBE_ZERO, false)?;
// Pick a random derivative of the base point on the elliptic curve.
// R = cG;
@ -102,7 +101,7 @@ pub fn generate(
// x = R.x; y = R.y;
r.affine_coordinates(e_curve, &mut x, &mut y, &mut num_context)?;
let mut msg_buffer: [u8; SHA_MSG_LENGTH_XP] = [0; SHA_MSG_LENGTH_XP];
let mut msg_buffer: [u8; SHA_MSG_LENGTH] = [0; SHA_MSG_LENGTH];
let mut x_bin = x.to_vec_padded(FIELD_BYTES as i32)?;
x_bin.reverse();

300
src/bink2002.rs Normal file
View file

@ -0,0 +1,300 @@
use anyhow::Result;
use bitreader::BitReader;
use openssl::{
bn::{BigNum, BigNumContext, MsbOption},
ec::{EcGroup, EcPoint},
sha::sha1,
};
use crate::key::{base24_decode, base24_encode};
const FIELD_BITS: i32 = 512;
const FIELD_BYTES: usize = 64;
const SHA_MSG_LENGTH: usize = 3 + 2 * FIELD_BYTES;
#[derive(Clone, Copy, Debug)]
struct ProductKey {
upgrade: bool,
channel_id: u32,
hash: u32,
signature: u64,
auth_info: u32,
}
pub fn verify(
e_curve: &EcGroup,
base_point: &EcPoint,
public_key: &EcPoint,
cd_key: &str,
) -> Result<bool> {
let mut num_context = BigNumContext::new()?;
let b_key = base24_decode(cd_key);
let product_key = unpack(&b_key)?;
let p_data = product_key.channel_id << 1 | product_key.upgrade as u32;
let mut msg_buffer: [u8; SHA_MSG_LENGTH] = [0; SHA_MSG_LENGTH];
msg_buffer[0x00] = 0x5D;
msg_buffer[0x01] = (p_data & 0x00FF) as u8;
msg_buffer[0x02] = ((p_data & 0xFF00) >> 8) as u8;
msg_buffer[0x03] = (product_key.hash & 0x000000FF) as u8;
msg_buffer[0x04] = ((product_key.hash & 0x0000FF00) >> 8) as u8;
msg_buffer[0x05] = ((product_key.hash & 0x00FF0000) >> 16) as u8;
msg_buffer[0x06] = ((product_key.hash & 0xFF000000) >> 24) as u8;
msg_buffer[0x07] = (product_key.auth_info & 0x00FF) as u8;
msg_buffer[0x08] = ((product_key.auth_info & 0xFF00) >> 8) as u8;
msg_buffer[0x09] = 0x00;
msg_buffer[0x0A] = 0x00;
let msg_digest = sha1(&msg_buffer[..=0x0A]);
let i_signature = next_sn_bits(by_dword(&msg_digest[4..8]) as u64, 30, 2) << 32
| by_dword(&msg_digest[0..4]) as u64;
let e = BigNum::from_slice(&i_signature.to_be_bytes())?;
let s = BigNum::from_slice(&product_key.signature.to_be_bytes())?;
let mut x = BigNum::new()?;
let mut y = BigNum::new()?;
let mut p = EcPoint::new(e_curve)?;
let mut t = EcPoint::new(e_curve)?;
t.mul(e_curve, base_point, &s, &num_context)?;
p.mul(e_curve, public_key, &e, &num_context)?;
let p_2 = p.to_owned(e_curve)?;
p.add(e_curve, &t, &p_2, &mut num_context)?;
let p_2 = p.to_owned(e_curve)?;
p.mul(e_curve, &p_2, &s, &num_context)?;
p.affine_coordinates(e_curve, &mut x, &mut y, &mut num_context)?;
let mut x_bin = x.to_vec_padded(FIELD_BYTES as i32)?;
x_bin.reverse();
let mut y_bin = y.to_vec_padded(FIELD_BYTES as i32)?;
y_bin.reverse();
msg_buffer[0x00] = 0x79;
msg_buffer[0x01] = (p_data & 0x00FF) as u8;
msg_buffer[0x02] = ((p_data & 0xFF00) >> 8) as u8;
msg_buffer[3..3 + FIELD_BYTES].copy_from_slice(&x_bin);
msg_buffer[3 + FIELD_BYTES..3 + FIELD_BYTES * 2].copy_from_slice(&y_bin);
let msg_digest = sha1(&msg_buffer);
let hash: u32 = by_dword(&msg_digest[0..4]) & bitmask(31) as u32;
Ok(hash == product_key.hash)
}
pub fn generate(
e_curve: &EcGroup,
base_point: &EcPoint,
gen_order: &BigNum,
private_key: &BigNum,
p_channel_id: u32,
p_auth_info: u32,
p_upgrade: bool,
) -> Result<String> {
let mut num_context = BigNumContext::new().unwrap();
let mut c = BigNum::new()?;
let mut x = BigNum::new()?;
let mut y = BigNum::new()?;
let p_data = p_channel_id << 1 | p_upgrade as u32;
let mut no_square = false;
let p_raw: Vec<u8> = loop {
let mut r = EcPoint::new(e_curve)?;
c.rand(FIELD_BITS, MsbOption::MAYBE_ZERO, false)?;
r.mul(e_curve, base_point, &c, &num_context)?;
r.affine_coordinates(e_curve, &mut x, &mut y, &mut num_context)?;
let mut msg_buffer: [u8; SHA_MSG_LENGTH] = [0; SHA_MSG_LENGTH];
let mut x_bin = x.to_vec_padded(FIELD_BYTES as i32)?;
x_bin.reverse();
let mut y_bin = y.to_vec_padded(FIELD_BYTES as i32)?;
y_bin.reverse();
msg_buffer[0x00] = 0x79;
msg_buffer[0x01] = (p_data & 0x00FF) as u8;
msg_buffer[0x02] = ((p_data & 0xFF00) >> 8) as u8;
msg_buffer[3..3 + FIELD_BYTES].copy_from_slice(&x_bin);
msg_buffer[3 + FIELD_BYTES..3 + FIELD_BYTES * 2].copy_from_slice(&y_bin);
let msg_digest = sha1(&msg_buffer);
let p_hash: u32 = by_dword(&msg_digest[0..4]) & bitmask(31) as u32;
msg_buffer[0x00] = 0x5D;
msg_buffer[0x01] = (p_data & 0x00FF) as u8;
msg_buffer[0x02] = ((p_data & 0xFF00) >> 8) as u8;
msg_buffer[0x03] = (p_hash & 0x000000FF) as u8;
msg_buffer[0x04] = ((p_hash & 0x0000FF00) >> 8) as u8;
msg_buffer[0x05] = ((p_hash & 0x00FF0000) >> 16) as u8;
msg_buffer[0x06] = ((p_hash & 0xFF000000) >> 24) as u8;
msg_buffer[0x07] = (p_auth_info & 0x00FF) as u8;
msg_buffer[0x08] = ((p_auth_info & 0xFF00) >> 8) as u8;
msg_buffer[0x09] = 0x00;
msg_buffer[0x0A] = 0x00;
let msg_digest = sha1(&msg_buffer[..=0x0A]);
let i_signature = next_sn_bits(by_dword(&msg_digest[4..8]) as u64, 30, 2) << 32
| by_dword(&msg_digest[0..4]) as u64;
let mut e = BigNum::from_slice(&i_signature.to_be_bytes())?;
let e_2 = e.to_owned()?;
e.mod_mul(&e_2, private_key, gen_order, &mut num_context)?;
let mut s = e.to_owned()?;
let s_2 = s.to_owned()?;
s.mod_sqr(&s_2, gen_order, &mut num_context)?;
let c_2 = c.to_owned()?;
c.lshift(&c_2, 2)?;
s = &s + &c;
let s_2 = s.to_owned()?;
if s.mod_sqrt(&s_2, gen_order, &mut num_context).is_err() {
no_square = true;
};
let s_2 = s.to_owned()?;
s.mod_sub(&s_2, &e, gen_order, &mut num_context)?;
if s.is_bit_set(0) {
s = &s + gen_order;
}
let s_2 = s.to_owned()?;
s.rshift1(&s_2)?;
let p_signature = u64::from_be_bytes(s.to_vec_padded(8)?.try_into().unwrap());
let product_key = ProductKey {
upgrade: p_upgrade,
channel_id: p_channel_id,
hash: p_hash,
signature: p_signature,
auth_info: p_auth_info,
};
if p_signature <= bitmask(62) && !no_square {
break pack(product_key);
}
no_square = false;
};
Ok(base24_encode(&p_raw))
}
const SIGNATURE_LENGTH_BITS: u8 = 62;
const HASH_LENGTH_BITS: u8 = 31;
const CHANNEL_ID_LENGTH_BITS: u8 = 10;
const UPGRADE_LENGTH_BITS: u8 = 1;
const EVERYTHING_ELSE: u8 =
SIGNATURE_LENGTH_BITS + HASH_LENGTH_BITS + CHANNEL_ID_LENGTH_BITS + UPGRADE_LENGTH_BITS;
fn unpack(p_raw: &[u8]) -> Result<ProductKey> {
let mut reader = BitReader::new(p_raw);
let auth_info_length_bits = (p_raw.len() * 8) as u8 - EVERYTHING_ELSE;
let p_auth_info = reader.read_u32(auth_info_length_bits)?;
let p_signature = reader.read_u64(SIGNATURE_LENGTH_BITS)?;
let p_hash = reader.read_u32(HASH_LENGTH_BITS)?;
let p_channel_id = reader.read_u32(CHANNEL_ID_LENGTH_BITS)?;
let p_upgrade = reader.read_bool()?;
Ok(ProductKey {
upgrade: p_upgrade,
channel_id: p_channel_id,
hash: p_hash,
signature: p_signature,
auth_info: p_auth_info,
})
}
fn pack(p_key: ProductKey) -> Vec<u8> {
let mut p_raw: u128 = 0;
p_raw |= (p_key.auth_info as u128)
<< (SIGNATURE_LENGTH_BITS
+ HASH_LENGTH_BITS
+ CHANNEL_ID_LENGTH_BITS
+ UPGRADE_LENGTH_BITS);
p_raw |= (p_key.signature as u128)
<< (HASH_LENGTH_BITS + CHANNEL_ID_LENGTH_BITS + UPGRADE_LENGTH_BITS);
p_raw |= (p_key.hash as u128) << (CHANNEL_ID_LENGTH_BITS + UPGRADE_LENGTH_BITS);
p_raw |= (p_key.channel_id as u128) << UPGRADE_LENGTH_BITS;
p_raw |= p_key.upgrade as u128;
p_raw
.to_be_bytes()
.into_iter()
.skip_while(|&x| x == 0)
.collect()
}
fn bitmask(n: u64) -> u64 {
(1 << n) - 1
}
fn next_sn_bits(field: u64, n: u32, offset: u32) -> u64 {
(field >> offset) & ((1u64 << n) - 1)
}
fn by_dword(n: &[u8]) -> u32 {
(n[0] as u32) | (n[1] as u32) << 8 | (n[2] as u32) << 16 | (n[3] as u32) << 24
}
#[cfg(test)]
mod tests {
use std::{fs::File, io::BufReader};
use serde_json::from_reader;
use crate::crypto::initialize_elliptic_curve;
#[test]
fn verify_test() {
// Example product key and its BINK ID
let product_key = "R882X-YRGC8-4KYTG-C3FCC-JCFDY";
let bink_id = "54";
// Load keys.json
let path = "keys.json";
let file = File::open(path).unwrap();
let reader = BufReader::new(file);
let keys: serde_json::Value = from_reader(reader).unwrap();
let bink = &keys["BINK"][&bink_id];
let p = bink["p"].as_str().unwrap();
let a = bink["a"].as_str().unwrap();
let b = bink["b"].as_str().unwrap();
let gx = bink["g"]["x"].as_str().unwrap();
let gy = bink["g"]["y"].as_str().unwrap();
let kx = bink["pub"]["x"].as_str().unwrap();
let ky = bink["pub"]["y"].as_str().unwrap();
let (e_curve, gen_point, pub_point) = initialize_elliptic_curve(p, a, b, gx, gy, kx, ky);
assert!(super::verify(&e_curve, &gen_point, &pub_point, product_key).unwrap());
}
}

38
src/cli.rs
View file

@ -5,10 +5,11 @@ use clap::Parser;
use openssl::{
bn::{BigNum, MsbOption},
ec::{EcGroup, EcPoint},
rand::rand_bytes,
};
use serde_json::{from_reader, from_str};
use crate::{bink1998, crypto::initialize_elliptic_curve};
use crate::{bink1998, bink2002, crypto::initialize_elliptic_curve};
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum Mode {
@ -230,7 +231,40 @@ impl Cli {
}
fn bink2002(&mut self) -> Result<()> {
todo!()
let p_channel_id = self.options.channel_id;
if self.options.verbose {
println!("> Channel ID: {p_channel_id:03}");
}
for _ in 0..self.options.num_keys {
let mut p_auth_info_bytes = [0_u8; 4];
rand_bytes(&mut p_auth_info_bytes)?;
let p_auth_info = u32::from_ne_bytes(p_auth_info_bytes) & ((1 << 10) - 1);
if self.options.verbose {
println!("> AuthInfo: {p_auth_info}");
}
let p_key = bink2002::generate(
&self.e_curve,
&self.gen_point,
&self.gen_order,
&self.private_key,
p_channel_id,
p_auth_info,
false,
)?;
Cli::print_key(&p_key);
println!("\n");
if bink2002::verify(&self.e_curve, &self.gen_point, &self.pub_point, &p_key)? {
self.count += 1;
}
}
println!("Success count: {}/{}", self.count, self.options.num_keys);
Ok(())
}
fn confirmation_id(&mut self) -> Result<()> {

4
src/main.rs
View file

@ -1,13 +1,11 @@
use anyhow::Result;
mod bink1998;
mod bink2002;
mod cli;
mod crypto;
mod key;
pub const FIELD_BITS: i32 = 384;
pub const FIELD_BYTES: usize = 48;
fn main() -> Result<()> {
cli::Cli::new()?.run()
}