| 1 | + | using System; |
| 2 | + | |
| 3 | + | using System.Linq; |
| 4 | + | |
| 5 | + | namespace Minidump.Decryptor |
| 6 | + | { |
| 7 | + | |
| 8 | + | public class LsaDecryptor_NT5 |
| 9 | + | |
| 10 | + | public object decryptor_template; |
| 11 | + | |
| 12 | + | public object des_key; |
| 13 | + | |
| 14 | + | public object feedback; |
| 15 | + | |
| 16 | + | public object feedback_offset; |
| 17 | + | |
| 18 | + | public object random_key; |
| 19 | + | |
| 20 | + | public LsaDecryptor_NT5(object reader, object decryptor_template, object sysinfo) |
| 21 | + | : base(null, sysinfo, reader) { |
| 22 | + | decryptor_template = decryptor_template; |
| 23 | + | feedback; |
| 24 | + | feedback_offset; |
| 25 | + | des_key; |
| 26 | + | random_key; |
| 27 | + | acquire_crypto_material(); |
| 28 | + | } |
| 29 | + | |
| 30 | + | public virtual object acquire_crypto_material() { |
| 31 | + | Console.WriteLine("Acquireing crypto stuff..."); |
| 32 | + | var sigpos = find_signature(); |
| 33 | + | reader.move(sigpos); |
| 34 | + | //data = self.reader.peek(0x50) |
| 35 | + | //self.Console.WriteLine('Memory looks like this around the signature\n%s' % hexdump(data, start = sigpos)) |
| 36 | + | foreach (var x in new List<object> { |
| 37 | + | decryptor_template.feedback_ptr_offset, |
| 38 | + | decryptor_template.old_feedback_offset |
| 39 | + | }) { |
| 40 | + | feedback_offset = x; |
| 41 | + | try { |
| 42 | + | feedback = get_feedback(sigpos); |
| 43 | + | //self.Console.WriteLine('Feedback bytes:\n%s' % hexdump(self.feedback, start = 0)) |
| 44 | + | des_key = get_key(sigpos); |
| 45 | + | random_key = get_random(sigpos); |
| 46 | + | //self.Console.WriteLine('randomkey bytes:\n%s' % hexdump(self.random_key, start = 0)) |
| 47 | + | } catch { |
| 48 | + | traceback.print_exc(); |
| 49 | + | input(); |
| 50 | + | } |
| 51 | + | } |
| 52 | + | } |
| 53 | + | |
| 54 | + | public virtual object get_feedback(object sigpos) { |
| 55 | + | if (decryptor_template.arch == "x86") { |
| 56 | + | var new_ptr = reader.get_ptr_with_offset(sigpos + feedback_offset); |
| 57 | + | reader.move(new_ptr); |
| 58 | + | return reader.read(8); |
| 59 | + | } else { |
| 60 | + | reader.move(sigpos + feedback_offset); |
| 61 | + | var offset = LONG(reader).value; |
| 62 | + | var newpos = sigpos + feedback_offset + 4 + offset; |
| 63 | + | reader.move(newpos); |
| 64 | + | return reader.read(8); |
| 65 | + | } |
| 66 | + | } |
| 67 | + | |
| 68 | + | public virtual object get_key(object sigpos) { |
| 69 | + | object des_key; |
| 70 | + | object des_key_ptr; |
| 71 | + | if (decryptor_template.arch == "x86") { |
| 72 | + | var new_ptr = reader.get_ptr_with_offset(sigpos + decryptor_template.desx_key_ptr_offset); |
| 73 | + | reader.move(new_ptr); |
| 74 | + | des_key_ptr = decryptor_template.key_struct_ptr(reader); |
| 75 | + | des_key = des_key_ptr.read(reader); |
| 76 | + | } else { |
| 77 | + | reader.move(sigpos + decryptor_template.desx_key_ptr_offset); |
| 78 | + | var offset = LONG(reader).value; |
| 79 | + | var newpos = sigpos + decryptor_template.desx_key_ptr_offset + 4 + offset; |
| 80 | + | reader.move(newpos); |
| 81 | + | des_key_ptr = decryptor_template.key_struct_ptr(reader); |
| 82 | + | des_key = des_key_ptr.read(reader); |
| 83 | + | } |
| 84 | + | return des_key; |
| 85 | + | } |
| 86 | + | |
| 87 | + | public virtual object get_random(object sigpos) { |
| 88 | + | if (decryptor_template.arch == "x86") { |
| 89 | + | var random_key_ptr = reader.get_ptr_with_offset(sigpos + decryptor_template.randomkey_ptr_offset); |
| 90 | + | random_key_ptr = reader.get_ptr_with_offset(random_key_ptr); |
| 91 | + | reader.move(random_key_ptr); |
| 92 | + | } else { |
| 93 | + | reader.move(sigpos + decryptor_template.randomkey_ptr_offset); |
| 94 | + | var offset = LONG(reader).value; |
| 95 | + | var newpos = sigpos + decryptor_template.desx_key_ptr_offset + 4 + offset; |
| 96 | + | reader.move(newpos); |
| 97 | + | } |
| 98 | + | return reader.read(256); |
| 99 | + | } |
| 100 | + | |
| 101 | + | public virtual object find_signature() { |
| 102 | + | Console.WriteLine("Looking for main struct signature in memory..."); |
| 103 | + | var fl = reader.find_in_module("lsasrv.dll", decryptor_template.signature); |
| 104 | + | if (fl.Count == 0) { |
| 105 | + | logging.debug(String.Format("signature not found! %s", decryptor_template.signature.hex())); |
| 106 | + | throw new Exception("LSA signature not found!"); |
| 107 | + | } |
| 108 | + | Console.WriteLine(String.Format("Found candidates on the following positions: %s", " ".join(from x in fl |
| 109 | + | select hex(x)))); |
| 110 | + | Console.WriteLine(String.Format("Selecting first one @ 0x%08x", fl[0])); |
| 111 | + | return fl[0]; |
| 112 | + | } |
| 113 | + | |
| 114 | + | public virtual object decrypt(object encrypted) { |
| 115 | + | // TODO: NT version specific, move from here in subclasses. |
| 116 | + | var cleartext = new byte[] { }; |
| 117 | + | var size = encrypted.Count; |
| 118 | + | if (size) { |
| 119 | + | if (size % 8 != 0) { |
| 120 | + | var ctx = RC4(random_key); |
| 121 | + | cleartext = ctx.decrypt(encrypted); |
| 122 | + | } else { |
| 123 | + | //print('Decryption not implemented!') |
| 124 | + | cleartext = @__desx_decrypt(encrypted); |
| 125 | + | //raise Exception('Not implemented!') |
| 126 | + | } |
| 127 | + | } |
| 128 | + | return cleartext; |
| 129 | + | } |
| 130 | + | |
| 131 | + | public virtual object dump() { |
| 132 | + | Console.WriteLine("Recovered LSA encryption keys\n"); |
| 133 | + | Console.WriteLine("Feedback ({}): {}".format(feedback.Count, feedback.hex())); |
| 134 | + | Console.WriteLine("Random Key ({}): {}".format(random_key.Count, random_key.hex())); |
| 135 | + | Console.WriteLine("DESX inputwhitening Key ({}): {}".format(des_key.inputWhitening.Count, des_key.inputWhitening.hex())); |
| 136 | + | Console.WriteLine("DESX outputwhitening Key ({}): {}".format(des_key.outputWhitening.Count, des_key.outputWhitening.hex())); |
| 137 | + | //self.Console.WriteLine('DESX DES Expanded Key ({}): {}' % (self.des_key.desKey.roundKey)) |
| 138 | + | } |
| 139 | + | |
| 140 | + | public virtual void @__desx_decrypt_internal_block(object chunk) { |
| 141 | + | chunk = xor(chunk, des_key.outputWhitening); |
| 142 | + | chunk = @__desx_internal_block(chunk, encrypt: false); |
| 143 | + | chunk = xor(chunk, des_key.inputWhitening); |
| 144 | + | return chunk; |
| 145 | + | } |
| 146 | + | |
| 147 | + | public virtual object @__desx_decrypt(object data) { |
| 148 | + | var res = new byte[] { }; |
| 149 | + | var i = 0; |
| 150 | + | var IV = feedback; |
| 151 | + | while (i != data.Count) { |
| 152 | + | var chunk = @__desx_decrypt_internal_block(data[i::(i + 8)]); |
| 153 | + | res += xor(chunk, IV); |
| 154 | + | IV = data[i::(i + 8)]; |
| 155 | + | i += 8; |
| 156 | + | } |
| 157 | + | return res; |
| 158 | + | } |
| 159 | + | |
| 160 | + | public virtual object @__desx_internal_block(object data, object encrypt = false) { |
| 161 | + | var L = @int.from_bytes(data[4], "little", signed: false); |
| 162 | + | var R = @int.from_bytes(data[::4], "little", signed: false); |
| 163 | + | //t = 'ORIGINAL L: %s R: %s' % (L,R) |
| 164 | + | //input(t) |
| 165 | + | //print(hex(R)) |
| 166 | + | R = rol32(R, 4); |
| 167 | + | //input(hex(R)) |
| 168 | + | var Ta = (L ^ R) & 0xf0f0f0f0; |
| 169 | + | //input('Ta ' + hex(Ta)) |
| 170 | + | L = L ^ Ta; |
| 171 | + | R = R ^ Ta; |
| 172 | + | L = rol32(L, 20); |
| 173 | + | Ta = (L ^ R) & 0xfff0000f; |
| 174 | + | //input('Ta ' + hex(Ta)) |
| 175 | + | L = L ^ Ta; |
| 176 | + | R = R ^ Ta; |
| 177 | + | L = rol32(L, 14); |
| 178 | + | Ta = (L ^ R) & 0x33333333; |
| 179 | + | //input('Ta ' + hex(Ta)) |
| 180 | + | L = L ^ Ta; |
| 181 | + | R = R ^ Ta; |
| 182 | + | R = rol32(R, 22); |
| 183 | + | Ta = (L ^ R) & 0x03fc03fc; |
| 184 | + | //input('Ta ' + hex(Ta)) |
| 185 | + | L = L ^ Ta; |
| 186 | + | R = R ^ Ta; |
| 187 | + | R = rol32(R, 9); |
| 188 | + | Ta = (L ^ R) & 0xaaaaaaaa; |
| 189 | + | //input('Ta ' + hex(Ta)) |
| 190 | + | L = L ^ Ta; |
| 191 | + | R = R ^ Ta; |
| 192 | + | L = rol32(L, 1); |
| 193 | + | //t = 'BEFORE F! L: %s R: %s' % (L,R) |
| 194 | + | //input(t) |
| 195 | + | if (encrypt) { |
| 196 | + | foreach (var i in Enumerable.Range(0, Convert.ToInt32(Math.Ceiling(Convert.ToDouble(14 - 0) / 2))).Select(_x_1 => 0 + _x_1 * 2)) { |
| 197 | + | var _tup_1 = F(L, R, des_key.desKey.roundKey[i]); |
| 198 | + | L = _tup_1.Item1; |
| 199 | + | R = _tup_1.Item2; |
| 200 | + | var _tup_2 = F(R, L, des_key.desKey.roundKey[i + 1]); |
| 201 | + | R = _tup_2.Item1; |
| 202 | + | L = _tup_2.Item2; |
| 203 | + | } |
| 204 | + | } else { |
| 205 | + | foreach (var i in Enumerable.Range(0, Convert.ToInt32(Math.Ceiling(Convert.ToDouble(-2 - 14) / -2))).Select(_x_2 => 14 + _x_2 * -2)) { |
| 206 | + | //print(i) |
| 207 | + | var _tup_3 = F(L, R, des_key.desKey.roundKey[i + 1]); |
| 208 | + | L = _tup_3.Item1; |
| 209 | + | R = _tup_3.Item2; |
| 210 | + | //t = 'F(%s) L: %s R: %s' % (i, L,R) |
| 211 | + | //input(t) |
| 212 | + | var _tup_4 = F(R, L, des_key.desKey.roundKey[i]); |
| 213 | + | R = _tup_4.Item1; |
| 214 | + | L = _tup_4.Item2; |
| 215 | + | //t = 'F(%s) L: %s R: %s' % (i, L,R) |
| 216 | + | //input(t) |
| 217 | + | //t = 'AFTER F! L: %s R: %s' % (L,R) |
| 218 | + | //input(t) |
| 219 | + | } |
| 220 | + | } |
| 221 | + | R = ror32(R, 1); |
| 222 | + | Ta = (L ^ R) & 0xaaaaaaaa; |
| 223 | + | L = L ^ Ta; |
| 224 | + | R = R ^ Ta; |
| 225 | + | L = ror32(L, 9); |
| 226 | + | Ta = (L ^ R) & 0x03fc03fc; |
| 227 | + | L ^= Ta; |
| 228 | + | R ^= Ta; |
| 229 | + | L = ror32(L, 22); |
| 230 | + | Ta = (L ^ R) & 0x33333333; |
| 231 | + | L ^= Ta; |
| 232 | + | R ^= Ta; |
| 233 | + | R = ror32(R, 14); |
| 234 | + | Ta = (L ^ R) & 0xfff0000f; |
| 235 | + | L ^= Ta; |
| 236 | + | R ^= Ta; |
| 237 | + | R = ror32(R, 20); |
| 238 | + | Ta = (L ^ R) & 0xf0f0f0f0; |
| 239 | + | L ^= Ta; |
| 240 | + | R ^= Ta; |
| 241 | + | L = ror32(L, 4); |
| 242 | + | return L.to_bytes(4, "little", signed: false) + R.to_bytes(4, "little", signed: false); |
| 243 | + | } |
| 244 | + | } |
| 245 | + | |
| 246 | + | public static List<List<int>> SymCryptDesSpbox = new List<List<int>> { |
| 247 | + | new List<int> { |
| 248 | + | 0x02080800, |
| 249 | + | 0x00080000, |
| 250 | + | 0x02000002, |
| 251 | + | 0x02080802, |
| 252 | + | 0x02000000, |
| 253 | + | 0x00080802, |
| 254 | + | 0x00080002, |
| 255 | + | 0x02000002, |
| 256 | + | 0x00080802, |
| 257 | + | 0x02080800, |
| 258 | + | 0x02080000, |
| 259 | + | 0x00000802, |
| 260 | + | 0x02000802, |
| 261 | + | 0x02000000, |
| 262 | + | 0x00000000, |
| 263 | + | 0x00080002, |
| 264 | + | 0x00080000, |
| 265 | + | 0x00000002, |
| 266 | + | 0x02000800, |
| 267 | + | 0x00080800, |
| 268 | + | 0x02080802, |
| 269 | + | 0x02080000, |
| 270 | + | 0x00000802, |
| 271 | + | 0x02000800, |
| 272 | + | 0x00000002, |
| 273 | + | 0x00000800, |
| 274 | + | 0x00080800, |
| 275 | + | 0x02080002, |
| 276 | + | 0x00000800, |
| 277 | + | 0x02000802, |
| 278 | + | 0x02080002, |
| 279 | + | 0x00000000, |
| 280 | + | 0x00000000, |
| 281 | + | 0x02080802, |
| 282 | + | 0x02000800, |
| 283 | + | 0x00080002, |
| 284 | + | 0x02080800, |
| 285 | + | 0x00080000, |
| 286 | + | 0x00000802, |
| 287 | + | 0x02000800, |
| 288 | + | 0x02080002, |
| 289 | + | 0x00000800, |
| 290 | + | 0x00080800, |
| 291 | + | 0x02000002, |
| 292 | + | 0x00080802, |
| 293 | + | 0x00000002, |
| 294 | + | 0x02000002, |
| 295 | + | 0x02080000, |
| 296 | + | 0x02080802, |
| 297 | + | 0x00080800, |
| 298 | + | 0x02080000, |
| 299 | + | 0x02000802, |
| 300 | + | 0x02000000, |
| 301 | + | 0x00000802, |
| 302 | + | 0x00080002, |
| 303 | + | 0x00000000, |
| 304 | + | 0x00080000, |
| 305 | + | 0x02000000, |
| 306 | + | 0x02000802, |
| 307 | + | 0x02080800, |
| 308 | + | 0x00000002, |
| 309 | + | 0x02080002, |
| 310 | + | 0x00000800, |
| 311 | + | 0x00080802 |
| 312 | + | }, |
| 313 | + | new List<int> { |
| 314 | + | 0x40108010, |
| 315 | + | 0x00000000, |
| 316 | + | 0x00108000, |
| 317 | + | 0x40100000, |
| 318 | + | 0x40000010, |
| 319 | + | 0x00008010, |
| 320 | + | 0x40008000, |
| 321 | + | 0x00108000, |
| 322 | + | 0x00008000, |
| 323 | + | 0x40100010, |
| 324 | + | 0x00000010, |
| 325 | + | 0x40008000, |
| 326 | + | 0x00100010, |
| 327 | + | 0x40108000, |
| 328 | + | 0x40100000, |
| 329 | + | 0x00000010, |
| 330 | + | 0x00100000, |
| 331 | + | 0x40008010, |
| 332 | + | 0x40100010, |
| 333 | + | 0x00008000, |
| 334 | + | 0x00108010, |
| 335 | + | 0x40000000, |
| 336 | + | 0x00000000, |
| 337 | + | 0x00100010, |
| 338 | + | 0x40008010, |
| 339 | + | 0x00108010, |
| 340 | + | 0x40108000, |
| 341 | + | 0x40000010, |
| 342 | + | 0x40000000, |
| 343 | + | 0x00100000, |
| 344 | + | 0x00008010, |
| 345 | + | 0x40108010, |
| 346 | + | 0x00100010, |
| 347 | + | 0x40108000, |
| 348 | + | 0x40008000, |
| 349 | + | 0x00108010, |
| 350 | + | 0x40108010, |
| 351 | + | 0x00100010, |
| 352 | + | 0x40000010, |
| 353 | + | 0x00000000, |
| 354 | + | 0x40000000, |
| 355 | + | 0x00008010, |
| 356 | + | 0x00100000, |
| 357 | + | 0x40100010, |
| 358 | + | 0x00008000, |
| 359 | + | 0x40000000, |
| 360 | + | 0x00108010, |
| 361 | + | 0x40008010, |
| 362 | + | 0x40108000, |
| 363 | + | 0x00008000, |
| 364 | + | 0x00000000, |
| 365 | + | 0x40000010, |
| 366 | + | 0x00000010, |
| 367 | + | 0x40108010, |
| 368 | + | 0x00108000, |
| 369 | + | 0x40100000, |
| 370 | + | 0x40100010, |
| 371 | + | 0x00100000, |
| 372 | + | 0x00008010, |
| 373 | + | 0x40008000, |
| 374 | + | 0x40008010, |
| 375 | + | 0x00000010, |
| 376 | + | 0x40100000, |
| 377 | + | 0x00108000 |
| 378 | + | }, |
| 379 | + | new List<int> { |
| 380 | + | 0x04000001, |
| 381 | + | 0x04040100, |
| 382 | + | 0x00000100, |
| 383 | + | 0x04000101, |
| 384 | + | 0x00040001, |
| 385 | + | 0x04000000, |
| 386 | + | 0x04000101, |
| 387 | + | 0x00040100, |
| 388 | + | 0x04000100, |
| 389 | + | 0x00040000, |
| 390 | + | 0x04040000, |
| 391 | + | 0x00000001, |
| 392 | + | 0x04040101, |
| 393 | + | 0x00000101, |
| 394 | + | 0x00000001, |
| 395 | + | 0x04040001, |
| 396 | + | 0x00000000, |
| 397 | + | 0x00040001, |
| 398 | + | 0x04040100, |
| 399 | + | 0x00000100, |
| 400 | + | 0x00000101, |
| 401 | + | 0x04040101, |
| 402 | + | 0x00040000, |
| 403 | + | 0x04000001, |
| 404 | + | 0x04040001, |
| 405 | + | 0x04000100, |
| 406 | + | 0x00040101, |
| 407 | + | 0x04040000, |
| 408 | + | 0x00040100, |
| 409 | + | 0x00000000, |
| 410 | + | 0x04000000, |
| 411 | + | 0x00040101, |
| 412 | + | 0x04040100, |
| 413 | + | 0x00000100, |
| 414 | + | 0x00000001, |
| 415 | + | 0x00040000, |
| 416 | + | 0x00000101, |
| 417 | + | 0x00040001, |
| 418 | + | 0x04040000, |
| 419 | + | 0x04000101, |
| 420 | + | 0x00000000, |
| 421 | + | 0x04040100, |
| 422 | + | 0x00040100, |
| 423 | + | 0x04040001, |
| 424 | + | 0x00040001, |
| 425 | + | 0x04000000, |
| 426 | + | 0x04040101, |
| 427 | + | 0x00000001, |
| 428 | + | 0x00040101, |
| 429 | + | 0x04000001, |
| 430 | + | 0x04000000, |
| 431 | + | 0x04040101, |
| 432 | + | 0x00040000, |
| 433 | + | 0x04000100, |
| 434 | + | 0x04000101, |
| 435 | + | 0x00040100, |
| 436 | + | 0x04000100, |
| 437 | + | 0x00000000, |
| 438 | + | 0x04040001, |
| 439 | + | 0x00000101, |
| 440 | + | 0x04000001, |
| 441 | + | 0x00040101, |
| 442 | + | 0x00000100, |
| 443 | + | 0x04040000 |
| 444 | + | }, |
| 445 | + | new List<int> { |
| 446 | + | 0x00401008, |
| 447 | + | 0x10001000, |
| 448 | + | 0x00000008, |
| 449 | + | 0x10401008, |
| 450 | + | 0x00000000, |
| 451 | + | 0x10400000, |
| 452 | + | 0x10001008, |
| 453 | + | 0x00400008, |
| 454 | + | 0x10401000, |
| 455 | + | 0x10000008, |
| 456 | + | 0x10000000, |
| 457 | + | 0x00001008, |
| 458 | + | 0x10000008, |
| 459 | + | 0x00401008, |
| 460 | + | 0x00400000, |
| 461 | + | 0x10000000, |
| 462 | + | 0x10400008, |
| 463 | + | 0x00401000, |
| 464 | + | 0x00001000, |
| 465 | + | 0x00000008, |
| 466 | + | 0x00401000, |
| 467 | + | 0x10001008, |
| 468 | + | 0x10400000, |
| 469 | + | 0x00001000, |
| 470 | + | 0x00001008, |
| 471 | + | 0x00000000, |
| 472 | + | 0x00400008, |
| 473 | + | 0x10401000, |
| 474 | + | 0x10001000, |
| 475 | + | 0x10400008, |
| 476 | + | 0x10401008, |
| 477 | + | 0x00400000, |
| 478 | + | 0x10400008, |
| 479 | + | 0x00001008, |
| 480 | + | 0x00400000, |
| 481 | + | 0x10000008, |
| 482 | + | 0x00401000, |
| 483 | + | 0x10001000, |
| 484 | + | 0x00000008, |
| 485 | + | 0x10400000, |
| 486 | + | 0x10001008, |
| 487 | + | 0x00000000, |
| 488 | + | 0x00001000, |
| 489 | + | 0x00400008, |
| 490 | + | 0x00000000, |
| 491 | + | 0x10400008, |
| 492 | + | 0x10401000, |
| 493 | + | 0x00001000, |
| 494 | + | 0x10000000, |
| 495 | + | 0x10401008, |
| 496 | + | 0x00401008, |
| 497 | + | 0x00400000, |
| 498 | + | 0x10401008, |
| 499 | + | 0x00000008, |
| 500 | + | 0x10001000, |
| 501 | + | 0x00401008, |
| 502 | + | 0x00400008, |
| 503 | + | 0x00401000, |
| 504 | + | 0x10400000, |
| 505 | + | 0x10001008, |
| 506 | + | 0x00001008, |
| 507 | + | 0x10000000, |
| 508 | + | 0x10000008, |
| 509 | + | 0x10401000 |
| 510 | + | }, |
| 511 | + | new List<int> { |
| 512 | + | 0x08000000, |
| 513 | + | 0x00010000, |
| 514 | + | 0x00000400, |
| 515 | + | 0x08010420, |
| 516 | + | 0x08010020, |
| 517 | + | 0x08000400, |
| 518 | + | 0x00010420, |
| 519 | + | 0x08010000, |
| 520 | + | 0x00010000, |
| 521 | + | 0x00000020, |
| 522 | + | 0x08000020, |
| 523 | + | 0x00010400, |
| 524 | + | 0x08000420, |
| 525 | + | 0x08010020, |
| 526 | + | 0x08010400, |
| 527 | + | 0x00000000, |
| 528 | + | 0x00010400, |
| 529 | + | 0x08000000, |
| 530 | + | 0x00010020, |
| 531 | + | 0x00000420, |
| 532 | + | 0x08000400, |
| 533 | + | 0x00010420, |
| 534 | + | 0x00000000, |
| 535 | + | 0x08000020, |
| 536 | + | 0x00000020, |
| 537 | + | 0x08000420, |
| 538 | + | 0x08010420, |
| 539 | + | 0x00010020, |
| 540 | + | 0x08010000, |
| 541 | + | 0x00000400, |
| 542 | + | 0x00000420, |
| 543 | + | 0x08010400, |
| 544 | + | 0x08010400, |
| 545 | + | 0x08000420, |
| 546 | + | 0x00010020, |
| 547 | + | 0x08010000, |
| 548 | + | 0x00010000, |
| 549 | + | 0x00000020, |
| 550 | + | 0x08000020, |
| 551 | + | 0x08000400, |
| 552 | + | 0x08000000, |
| 553 | + | 0x00010400, |
| 554 | + | 0x08010420, |
| 555 | + | 0x00000000, |
| 556 | + | 0x00010420, |
| 557 | + | 0x08000000, |
| 558 | + | 0x00000400, |
| 559 | + | 0x00010020, |
| 560 | + | 0x08000420, |
| 561 | + | 0x00000400, |
| 562 | + | 0x00000000, |
| 563 | + | 0x08010420, |
| 564 | + | 0x08010020, |
| 565 | + | 0x08010400, |
| 566 | + | 0x00000420, |
| 567 | + | 0x00010000, |
| 568 | + | 0x00010400, |
| 569 | + | 0x08010020, |
| 570 | + | 0x08000400, |
| 571 | + | 0x00000420, |
| 572 | + | 0x00000020, |
| 573 | + | 0x00010420, |
| 574 | + | 0x08010000, |
| 575 | + | 0x08000020 |
| 576 | + | }, |
| 577 | + | new List<int> { |
| 578 | + | 0x80000040, |
| 579 | + | 0x00200040, |
| 580 | + | 0x00000000, |
| 581 | + | 0x80202000, |
| 582 | + | 0x00200040, |
| 583 | + | 0x00002000, |
| 584 | + | 0x80002040, |
| 585 | + | 0x00200000, |
| 586 | + | 0x00002040, |
| 587 | + | 0x80202040, |
| 588 | + | 0x00202000, |
| 589 | + | 0x80000000, |
| 590 | + | 0x80002000, |
| 591 | + | 0x80000040, |
| 592 | + | 0x80200000, |
| 593 | + | 0x00202040, |
| 594 | + | 0x00200000, |
| 595 | + | 0x80002040, |
| 596 | + | 0x80200040, |
| 597 | + | 0x00000000, |
| 598 | + | 0x00002000, |
| 599 | + | 0x00000040, |
| 600 | + | 0x80202000, |
| 601 | + | 0x80200040, |
| 602 | + | 0x80202040, |
| 603 | + | 0x80200000, |
| 604 | + | 0x80000000, |
| 605 | + | 0x00002040, |
| 606 | + | 0x00000040, |
| 607 | + | 0x00202000, |
| 608 | + | 0x00202040, |
| 609 | + | 0x80002000, |
| 610 | + | 0x00002040, |
| 611 | + | 0x80000000, |
| 612 | + | 0x80002000, |
| 613 | + | 0x00202040, |
| 614 | + | 0x80202000, |
| 615 | + | 0x00200040, |
| 616 | + | 0x00000000, |
| 617 | + | 0x80002000, |
| 618 | + | 0x80000000, |
| 619 | + | 0x00002000, |
| 620 | + | 0x80200040, |
| 621 | + | 0x00200000, |
| 622 | + | 0x00200040, |
| 623 | + | 0x80202040, |
| 624 | + | 0x00202000, |
| 625 | + | 0x00000040, |
| 626 | + | 0x80202040, |
| 627 | + | 0x00202000, |
| 628 | + | 0x00200000, |
| 629 | + | 0x80002040, |
| 630 | + | 0x80000040, |
| 631 | + | 0x80200000, |
| 632 | + | 0x00202040, |
| 633 | + | 0x00000000, |
| 634 | + | 0x00002000, |
| 635 | + | 0x80000040, |
| 636 | + | 0x80002040, |
| 637 | + | 0x80202000, |
| 638 | + | 0x80200000, |
| 639 | + | 0x00002040, |
| 640 | + | 0x00000040, |
| 641 | + | 0x80200040 |
| 642 | + | }, |
| 643 | + | new List<int> { |
| 644 | + | 0x00004000, |
| 645 | + | 0x00000200, |
| 646 | + | 0x01000200, |
| 647 | + | 0x01000004, |
| 648 | + | 0x01004204, |
| 649 | + | 0x00004004, |
| 650 | + | 0x00004200, |
| 651 | + | 0x00000000, |
| 652 | + | 0x01000000, |
| 653 | + | 0x01000204, |
| 654 | + | 0x00000204, |
| 655 | + | 0x01004000, |
| 656 | + | 0x00000004, |
| 657 | + | 0x01004200, |
| 658 | + | 0x01004000, |
| 659 | + | 0x00000204, |
| 660 | + | 0x01000204, |
| 661 | + | 0x00004000, |
| 662 | + | 0x00004004, |
| 663 | + | 0x01004204, |
| 664 | + | 0x00000000, |
| 665 | + | 0x01000200, |
| 666 | + | 0x01000004, |
| 667 | + | 0x00004200, |
| 668 | + | 0x01004004, |
| 669 | + | 0x00004204, |
| 670 | + | 0x01004200, |
| 671 | + | 0x00000004, |
| 672 | + | 0x00004204, |
| 673 | + | 0x01004004, |
| 674 | + | 0x00000200, |
| 675 | + | 0x01000000, |
| 676 | + | 0x00004204, |
| 677 | + | 0x01004000, |
| 678 | + | 0x01004004, |
| 679 | + | 0x00000204, |
| 680 | + | 0x00004000, |
| 681 | + | 0x00000200, |
| 682 | + | 0x01000000, |
| 683 | + | 0x01004004, |
| 684 | + | 0x01000204, |
| 685 | + | 0x00004204, |
| 686 | + | 0x00004200, |
| 687 | + | 0x00000000, |
| 688 | + | 0x00000200, |
| 689 | + | 0x01000004, |
| 690 | + | 0x00000004, |
| 691 | + | 0x01000200, |
| 692 | + | 0x00000000, |
| 693 | + | 0x01000204, |
| 694 | + | 0x01000200, |
| 695 | + | 0x00004200, |
| 696 | + | 0x00000204, |
| 697 | + | 0x00004000, |
| 698 | + | 0x01004204, |
| 699 | + | 0x01000000, |
| 700 | + | 0x01004200, |
| 701 | + | 0x00000004, |
| 702 | + | 0x00004004, |
| 703 | + | 0x01004204, |
| 704 | + | 0x01000004, |
| 705 | + | 0x01004200, |
| 706 | + | 0x01004000, |
| 707 | + | 0x00004004 |
| 708 | + | }, |
| 709 | + | new List<int> { |
| 710 | + | 0x20800080, |
| 711 | + | 0x20820000, |
| 712 | + | 0x00020080, |
| 713 | + | 0x00000000, |
| 714 | + | 0x20020000, |
| 715 | + | 0x00800080, |
| 716 | + | 0x20800000, |
| 717 | + | 0x20820080, |
| 718 | + | 0x00000080, |
| 719 | + | 0x20000000, |
| 720 | + | 0x00820000, |
| 721 | + | 0x00020080, |
| 722 | + | 0x00820080, |
| 723 | + | 0x20020080, |
| 724 | + | 0x20000080, |
| 725 | + | 0x20800000, |
| 726 | + | 0x00020000, |
| 727 | + | 0x00820080, |
| 728 | + | 0x00800080, |
| 729 | + | 0x20020000, |
| 730 | + | 0x20820080, |
| 731 | + | 0x20000080, |
| 732 | + | 0x00000000, |
| 733 | + | 0x00820000, |
| 734 | + | 0x20000000, |
| 735 | + | 0x00800000, |
| 736 | + | 0x20020080, |
| 737 | + | 0x20800080, |
| 738 | + | 0x00800000, |
| 739 | + | 0x00020000, |
| 740 | + | 0x20820000, |
| 741 | + | 0x00000080, |
| 742 | + | 0x00800000, |
| 743 | + | 0x00020000, |
| 744 | + | 0x20000080, |
| 745 | + | 0x20820080, |
| 746 | + | 0x00020080, |
| 747 | + | 0x20000000, |
| 748 | + | 0x00000000, |
| 749 | + | 0x00820000, |
| 750 | + | 0x20800080, |
| 751 | + | 0x20020080, |
| 752 | + | 0x20020000, |
| 753 | + | 0x00800080, |
| 754 | + | 0x20820000, |
| 755 | + | 0x00000080, |
| 756 | + | 0x00800080, |
| 757 | + | 0x20020000, |
| 758 | + | 0x20820080, |
| 759 | + | 0x00800000, |
| 760 | + | 0x20800000, |
| 761 | + | 0x20000080, |
| 762 | + | 0x00820000, |
| 763 | + | 0x00020080, |
| 764 | + | 0x20020080, |
| 765 | + | 0x20800000, |
| 766 | + | 0x00000080, |
| 767 | + | 0x20820000, |
| 768 | + | 0x00820080, |
| 769 | + | 0x00000000, |
| 770 | + | 0x20000000, |
| 771 | + | 0x20800080, |
| 772 | + | 0x00020000, |
| 773 | + | 0x00820080 |
| 774 | + | } |
| 775 | + | }; |
| 776 | + | |
| 777 | + | public static object F(object L, object R, object keya) { |
| 778 | + | var Ta = keya[0] ^ R; |
| 779 | + | var Tb = keya[1] ^ R; |
| 780 | + | Tb = ror32(Tb, 4); |
| 781 | + | L ^= SymCryptDesSpbox[0][(Ta & 0xfc) / 4]; |
| 782 | + | L ^= SymCryptDesSpbox[1][(Tb & 0xfc) / 4]; |
| 783 | + | L ^= SymCryptDesSpbox[2][(Ta >> 8 & 0xfc) / 4]; |
| 784 | + | L ^= SymCryptDesSpbox[3][(Tb >> 8 & 0xfc) / 4]; |
| 785 | + | L ^= SymCryptDesSpbox[4][(Ta >> 16 & 0xfc) / 4]; |
| 786 | + | L ^= SymCryptDesSpbox[5][(Tb >> 16 & 0xfc) / 4]; |
| 787 | + | L ^= SymCryptDesSpbox[6][(Ta >> 24 & 0xfc) / 4]; |
| 788 | + | L ^= SymCryptDesSpbox[7][(Tb >> 24 & 0xfc) / 4]; |
| 789 | + | return Tuple.Create(L, R); |
| 790 | + | } |
| 791 | + | |
| 792 | + | public static object rol32(object n, object d) { |
| 793 | + | return (n << d | n >> 32 - d) & 0xFFFFFFFF; |
| 794 | + | } |
| 795 | + | |
| 796 | + | public static object ror32(object n, object d) { |
| 797 | + | return (n >> d | n << 32 - d) & 0xFFFFFFFF; |
| 798 | + | } |
| 799 | + | |
| 800 | + | public static object xor(object d1, object d2) { |
| 801 | + | return bytes(from _tup_1 in zip(d1, d2).Chop((a,b) => (a, b)) |
| 802 | + | let a = _tup_1.Item1 |
| 803 | + | let b = _tup_1.Item2 |
| 804 | + | select a ^ b); |
| 805 | + | } |
| 806 | + | } |
| 807 | + | |