#include <stdio.h>
#include <stdint.h>
#include <string.h>
#define RSANUMBYTES 256 /* 2048 bit key length */
#define RSANUMWORDS (RSANUMBYTES / sizeof(uint32_t))
typedef struct RSAPublicKey {
int len; /* Length of n[] in number of uint32_t */
uint32_t n0inv; /* -1 / n[0] mod 2^32 */
uint32_t n[RSANUMWORDS]; /* modulus as little endian array */
uint32_t rr[RSANUMWORDS]; /* R^2 as little endian array */
int exponent; /* 3 or 65537 */
} RSAPublicKey;
static RSAPublicKey PK;
unsigned char RootPub[520] =
{
0x40, 0x00, 0x00, 0x00, 0x81, 0x48, 0xCF, 0x4E, 0x7F, 0x08, 0x67, 0xC1, 0x7C, 0x05, 0xC1, 0x82,
0x73, 0x32, 0x71, 0x85, 0xBB, 0x24, 0x63, 0x07, 0x62, 0x0D, 0x13, 0xC8, 0xBB, 0x2A, 0x3E, 0x6E,
0x24, 0xF9, 0x52, 0x15, 0xA6, 0xD7, 0xF2, 0x78, 0xE7, 0xD2, 0x1A, 0x76, 0x19, 0x69, 0xDA, 0x97,
0x5D, 0x26, 0x3C, 0x2B, 0x04, 0xB3, 0xC9, 0xA1, 0x6D, 0xD6, 0xDE, 0x5F, 0xBD, 0x51, 0x01, 0x4B,
0x1F, 0x6E, 0x29, 0x88, 0xD8, 0xFB, 0x0E, 0xA0, 0x58, 0x2E, 0x7B, 0x2C, 0xE9, 0xD6, 0xAB, 0x96,
0x77, 0x68, 0x9A, 0x0B, 0xC5, 0xD8, 0xD9, 0x42, 0xE0, 0x9A, 0xB6, 0x05, 0xD1, 0xDC, 0x1F, 0xB2,
0x01, 0xF3, 0xAC, 0x4E, 0x4E, 0x85, 0x59, 0x5E, 0x0B, 0x42, 0x91, 0xC3, 0x29, 0xF9, 0x30, 0xA2,
0xB8, 0x71, 0x6D, 0x7B, 0x0E, 0x76, 0x81, 0xD8, 0x43, 0x22, 0x49, 0x40, 0xAB, 0xB7, 0xAB, 0x18,
0x1D, 0x82, 0xCD, 0xC7, 0xB3, 0x25, 0xAC, 0x3F, 0xDF, 0x4B, 0xE2, 0xF4, 0x76, 0x3E, 0x2C, 0x94,
0x3F, 0xB5, 0x24, 0x42, 0x39, 0x12, 0x94, 0xAD, 0x9F, 0x9B, 0x14, 0xBD, 0x00, 0xCC, 0x3D, 0x30,
0xCD, 0x4A, 0x3D, 0xC2, 0x9A, 0x3A, 0x26, 0x01, 0x64, 0x7B, 0xD3, 0x9B, 0xC8, 0xF6, 0x3B, 0xD4,
0x6D, 0x63, 0x5E, 0x17, 0x26, 0xF2, 0x9F, 0x08, 0x62, 0x78, 0x66, 0x6B, 0x45, 0xFB, 0x79, 0xA0,
0x4C, 0xC8, 0xB2, 0x42, 0x0F, 0x3A, 0xFD, 0x2A, 0x8F, 0x73, 0x21, 0x13, 0x61, 0x08, 0x6F, 0x55,
0x98, 0x8D, 0x10, 0xAE, 0xB8, 0x59, 0x71, 0x76, 0xE6, 0x5A, 0x02, 0x1F, 0x5F, 0x50, 0x5A, 0xDD,
0x23, 0x3C, 0x0D, 0xBA, 0x6D, 0x16, 0xEE, 0xC0, 0x4C, 0xE6, 0x36, 0xAE, 0xCE, 0xA9, 0xFA, 0x8A,
0xA7, 0x7E, 0x9A, 0xEB, 0x43, 0x4E, 0x41, 0xF4, 0x6D, 0xF9, 0x80, 0xDB, 0xB5, 0x40, 0x02, 0x4D,
0x29, 0x01, 0x53, 0x53, 0xBE, 0x6F, 0xB8, 0xDB, 0x34, 0xD0, 0x2D, 0x73, 0xEA, 0x0A, 0x35, 0x28,
0x0A, 0x89, 0x99, 0x02, 0xA9, 0x0E, 0x8A, 0x39, 0x0E, 0xA7, 0xF7, 0xB5, 0xA8, 0x84, 0x4D, 0x52,
0x2A, 0xD3, 0x8E, 0xCA, 0xAE, 0x75, 0x8C, 0x45, 0xE4, 0x24, 0xE2, 0xEF, 0x01, 0x16, 0xDA, 0xE4,
0x85, 0x7B, 0xE7, 0xE6, 0xB9, 0x6D, 0x93, 0xF4, 0xD1, 0xB5, 0xDD, 0xBF, 0xF1, 0x7E, 0x5B, 0x76,
0x79, 0xFA, 0x37, 0x61, 0x0C, 0xF4, 0x44, 0x64, 0x07, 0x7E, 0x92, 0x82, 0xB5, 0x20, 0x70, 0x15,
0xD2, 0xD8, 0x2D, 0x61, 0x1A, 0xCE, 0x4C, 0xF5, 0x95, 0x65, 0xCA, 0xA2, 0x9C, 0x3D, 0x8E, 0x01,
0x57, 0xDB, 0xBD, 0xE0, 0xF7, 0xBA, 0x60, 0x56, 0x57, 0xFB, 0x9D, 0xE4, 0xBD, 0x87, 0x8A, 0xCF,
0x51, 0xF9, 0xB5, 0x50, 0xEE, 0x8E, 0x45, 0x9A, 0xDA, 0x1E, 0x3A, 0x38, 0x5C, 0x9A, 0x0B, 0x04,
0x3C, 0xAD, 0x24, 0xE9, 0x92, 0x29, 0xD7, 0x05, 0xD6, 0x53, 0xBD, 0xEE, 0xCB, 0xC8, 0x1A, 0xF3,
0xF3, 0x92, 0x55, 0xCF, 0xBB, 0x37, 0xB3, 0xAA, 0xE6, 0xF1, 0x64, 0x37, 0x4F, 0x1D, 0x94, 0x50,
0x4B, 0xB0, 0x0C, 0xAC, 0x7D, 0xFF, 0x57, 0xE0, 0x33, 0xEB, 0x44, 0xD7, 0x50, 0x9D, 0xDB, 0x92,
0xE2, 0x98, 0xF0, 0xA6, 0x36, 0x50, 0x03, 0x55, 0x98, 0x3C, 0x38, 0xC6, 0xA0, 0x83, 0x22, 0x83,
0xB8, 0xA4, 0xDE, 0x0B, 0xC2, 0x0C, 0xD1, 0x13, 0xCC, 0x02, 0xE8, 0xF2, 0x89, 0x6A, 0xBB, 0x62,
0x2C, 0x59, 0x12, 0x7F, 0xD8, 0xCF, 0x1D, 0x61, 0xE0, 0x44, 0xF1, 0xF8, 0xC8, 0x19, 0x2C, 0xC2,
0xC9, 0x73, 0xAD, 0x4C, 0x44, 0x53, 0x63, 0x86, 0x59, 0x64, 0x61, 0xBA, 0xEB, 0x39, 0xCB, 0x8A,
0x4F, 0xB9, 0x32, 0xC2, 0x96, 0x96, 0x92, 0x88, 0x7A, 0xD5, 0xD1, 0xC0, 0xCE, 0x52, 0xD2, 0x8F,
0xFC, 0xEE, 0x6B, 0xF5, 0x25, 0xC1, 0xEE, 0x24,
} ;
unsigned char cert_sig[256] =
{
0x5F, 0x21, 0xBD, 0xE8, 0x8E, 0xD5, 0xC8, 0x72, 0x71, 0x31, 0x1D, 0x81, 0x14, 0x4F, 0xB1, 0x8A,
0x73, 0xD3, 0xAB, 0xED, 0x29, 0x4B, 0xB1, 0x70, 0x5C, 0xD3, 0x46, 0xC0, 0x16, 0x38, 0xE8, 0x4D,
0x52, 0x25, 0xD9, 0x7A, 0x2D, 0x6D, 0x7B, 0x99, 0x42, 0xF1, 0xC4, 0x57, 0xA7, 0xE8, 0x69, 0x02,
0x6F, 0x72, 0x47, 0xDA, 0x2A, 0xBE, 0x15, 0xAB, 0x9E, 0x5F, 0x88, 0xDC, 0x52, 0x67, 0xE1, 0x75,
0xBE, 0x06, 0x24, 0x31, 0x1E, 0x47, 0x28, 0x4D, 0xA6, 0x03, 0x09, 0xD5, 0x4D, 0x2A, 0xE4, 0x91,
0x86, 0x62, 0xE4, 0x6A, 0xF9, 0x9A, 0x64, 0x11, 0x66, 0x63, 0x95, 0xF2, 0x94, 0x44, 0x80, 0x40,
0xDF, 0xDC, 0x17, 0x93, 0x49, 0xB3, 0xDB, 0x23, 0xCF, 0x40, 0x11, 0xEE, 0x5C, 0x7D, 0xD2, 0xAA,
0x68, 0x10, 0xA8, 0x10, 0x87, 0xCA, 0xDF, 0x87, 0x22, 0x32, 0x4F, 0xDD, 0xB3, 0x69, 0xF8, 0x4B,
0x63, 0x30, 0x75, 0x97, 0x31, 0x1F, 0xE9, 0x75, 0xD0, 0x92, 0x23, 0x15, 0x7C, 0xD3, 0x49, 0xF1,
0x90, 0x72, 0x83, 0xF0, 0x81, 0xDA, 0xE5, 0x2B, 0x98, 0x6D, 0xD4, 0x45, 0xDB, 0xBA, 0xE3, 0xC2,
0x7C, 0x99, 0xDD, 0x15, 0x48, 0xFA, 0x8F, 0xA8, 0x3D, 0x69, 0xCC, 0x46, 0x31, 0xAA, 0x71, 0x92,
0x16, 0xED, 0x04, 0x72, 0x86, 0x27, 0x1A, 0xA3, 0x91, 0xCC, 0xC2, 0x95, 0x6F, 0x54, 0xF4, 0x4A,
0xB5, 0x39, 0x39, 0x27, 0x83, 0xC8, 0x8F, 0xD6, 0x67, 0x2A, 0x51, 0xEB, 0x8C, 0x8C, 0x09, 0xF1,
0xEC, 0xC3, 0xEA, 0x74, 0xF5, 0xD3, 0x01, 0x4B, 0xD9, 0xCD, 0xD0, 0xAA, 0x5C, 0x29, 0x87, 0x9B,
0x29, 0x8F, 0x15, 0x58, 0x30, 0x83, 0x94, 0x60, 0xA1, 0x4A, 0x29, 0x7A, 0x9A, 0x9B, 0x21, 0xA9,
0x47, 0xD2, 0x63, 0x83, 0xFE, 0x4E, 0x61, 0x5C, 0x97, 0x3C, 0x55, 0x66, 0xC0, 0x46, 0xFC, 0x29,
} ;
/* a[] -= mod */
static void subM(const RSAPublicKey *key, uint32_t *a) {
int64_t A = 0;
int i;
for (i = 0; i < key->len; ++i) {
A += (uint64_t)a[i] - key->n[i];
a[i] = (uint32_t)A;
A >>= 32;
}
}
/* return a[] >= mod */
static int geM(const RSAPublicKey *key, const uint32_t *a) {
int i;
for (i = key->len; iWink {
--i;
if (a[i] < key->n[i]) return 0;
if (a[i] > key->n[i]) return 1;
}
return 1; /* equal */
}
/* montgomery c[] += a * b[] / R % mod */
static void montMulAdd(const RSAPublicKey *key,
uint32_t* c,
const uint32_t a,
const uint32_t* b) {
uint64_t A = (uint64_t)a * b[0] + c[0];
uint32_t d0 = (uint32_t)A * key->n0inv;
uint64_t B = (uint64_t)d0 * key->n[0] + (uint32_t)A;
int i;
for (i = 1; i < key->len; ++i) {
A = (A >> 32) + (uint64_t)a * b[i] + c[i];
B = (B >> 32) + (uint64_t)d0 * key->n[i] + (uint32_t)A;
c[i - 1] = (uint32_t)B;
}
A = (A >> 32) + (B >> 32);
c[i - 1] = (uint32_t)A;
if (A >> 32) {
subM(key, c);
}
}
/* montgomery c[] = a[] * b[] / R % mod */
static void montMul(const RSAPublicKey *key,
uint32_t* c,
const uint32_t* a,
const uint32_t* b) {
int i;
for (i = 0; i < key->len; ++i) {
c[i] = 0;
}
for (i = 0; i < key->len; ++i) {
montMulAdd(key, c, a[i], b);
}
}
/* In-place public exponentiation.
** Input and output big-endian byte array in inout.
*/
static void modpow3(const RSAPublicKey *key,
uint8_t* inout) {
uint32_t a[RSANUMWORDS];
uint32_t aR[RSANUMWORDS];
uint32_t aaR[RSANUMWORDS];
uint32_t *aaa = aR; /* Re-use location. */
int i;
/* Convert from big endian byte array to little endian word array. */
for (i = 0; i < key->len; ++i) {
uint32_t tmp =
(inout[((key->len - 1 - i) * 4) + 0] << 24) |
(inout[((key->len - 1 - i) * 4) + 1] << 16) |
(inout[((key->len - 1 - i) * 4) + 2] << 8) |
(inout[((key->len - 1 - i) * 4) + 3] << 0);
a[i] = tmp;
}
montMul(key, aR, a, key->rr); /* aR = a * RR / R mod M */
montMul(key, aaR, aR, aR); /* aaR = aR * aR / R mod M */
montMul(key, aaa, aaR, a); /* aaa = aaR * a / R mod M */
/* Make sure aaa < mod; aaa is at most 1x mod too large. */
if (geM(key, aaa)) {
subM(key, aaa);
}
/* Convert to bigendian byte array */
for (i = key->len - 1; i >= 0; --i) {
uint32_t tmp = aaa[i];
*inout++ = tmp >> 24;
*inout++ = tmp >> 16;
*inout++ = tmp >> 8;
*inout++ = tmp >> 0;
}
}
/* Expected PKCS1.5 signature padding bytes, for a keytool RSA signature.
** Has the 0-length optional parameter encoded in the ASN1 (as opposed to the
** other flavor which omits the optional parameter entirely). This code does not
** accept signatures without the optional parameter.
*/
static const uint8_t padding[RSANUMBYTES - 20] = {
0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,
0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,
0x04,0x14
};
/* Verify a 2048 bit RSA e=3 PKCS1.5 signature against an expected SHA-1 hash.
** Returns 0 on failure, 1 on success.
*/
int RSA_e_3_verify(const RSAPublicKey *key,
const uint8_t *signature,
const int len,
const uint8_t *sha) {
uint8_t buf[RSANUMBYTES];
int i;
if (key->len != RSANUMWORDS) {
return 0; /* Wrong key passed in. */
}
if (len != sizeof(buf)) {
return 0; /* Wrong input length. */
}
if (key->exponent != 3) {
return 0; // Wrong exponent.
}
for (i = 0; i < len; ++i) {
buf[i] = signature[i];
}
modpow3(key, buf);
memcpy ((void *)sha,&buf,RSANUMBYTES);
return 1;
}
int main(int numArgs, const char *args[])
{
int i;
unsigned char decr[256];
memcpy(&PK,RootPub,520);
PK.exponent = 3;
RSA_e_3_verify(&PK,cert_sig,256,decr);
for (i; i < 256; i++) {
printf("%.2x ",decr[i]);
}
return 0;
}
2. side ;
int IMEI_Verify(const ImeiRsaInfo *const imeiInfo)
{
bool v1; // zf@1
int result; // r0@6
bool v4; // zf@7
const uint8_t *v5; // r0@10
const uint8_t *v6; // r0@12
int v7; // [sp+0h] [bp-280h]@10
char v8; // [sp+208h] [bp-78h]@10
MC_SHA_CTX_0 ctx; // [sp+210h] [bp-70h]@10
v1 = imeiInfo == 0;
if ( imeiInfo )
imeiInfo = 0x81255DCC;
if ( !v1 )
v1 = *&imeiInfo->imei[0] == -1;
if ( v1 )
{
result = 0xFFFFFFF6;
}
else
{
v4 = &imeiInfo->certificate == 0;
if ( imeiInfo != 0xFFFFFEEC )
v4 = imeiInfo->certificateSignature == 0;
if ( v4
|| (_rt_memcpy_w(&v7, &imeiInfo->certificate, 0x208u),
_rt_memcpy(&v8, signKeyId, 4),
MC_SHA_init(&ctx),
MC_SHA_update(&ctx, &v7, 0x20C),
v5 = MC_SHA_final(&ctx),
!MC_RSA_verify(&mRootPublicKey, imeiInfo->certificateSignature, 256, v5)) )
{
result = -1;
}
else if ( imeiInfo != 0xFFFFFFEC
&& (MC_SHA_init(&v7),
MC_SHA_update(&v7, imeiInfo, 20),
v6 = MC_SHA_final(&v7),
MC_RSA_verify(&imeiInfo->certificate, imeiInfo->imeiSignature, 256, v6)) )
{
result = 1;
}
else
{
result = -2;
}
}
return result;
}