Implemented FMS encryption. Dat betekend werkend H264 en AAC, bitches!

2010-08-24 16:17:19 +02:00 · 2010-08-24 16:17:19 +02:00 · 471de8614f
commit 471de8614f
parent 94f587563c
7 changed files with 671 additions and 12 deletions
--- a/Connector_RTMP/handshake.cpp
+++ b/Connector_RTMP/handshake.cpp
@ -1,13 +1,15 @@
+#undef OLDHANDSHAKE //change to #define for old handshake method
+
+char versionstring[] = "PLSRTMPServer";
+
+#ifdef OLDHANDSHAKE
 struct Handshake {
  char Time[4];
  char Zero[4];
  char Random[1528];
 };//Handshake

-char versionstring[] = "PLSRTMPServer";
-
-void doHandshake(){
-  srand(time(NULL));
+bool doHandshake(){
  char Version;
  Handshake Client;
  Handshake Server;
@ -45,4 +47,91 @@ void doHandshake(){
  fread(Client.Zero, 1, 4, stdin);
  fread(Client.Random, 1, 1528, stdin);
  rec_cnt+=1536;
+  return true;
 }//doHandshake
+
+#else
+
+#include "crypto.cpp" //cryptography for handshaking
+
+bool doHandshake(){
+  char Version;
+  /** Read C0 **/
+  fread(&Version, 1, 1, stdin);
+  uint8_t Client[1536];
+  uint8_t Server[3072];
+  fread(&Client, 1, 1536, stdin);
+  rec_cnt+=1537;
+  
+  /** Build S1 Packet **/
+  *((uint32_t*)Server) = 0;//time zero
+  *(((uint32_t*)(Server+4))) = htonl(0x01020304);//version 1 2 3 4
+  for (int i = 8; i < 3072; ++i){Server[i] = versionstring[i%13];}//"random" data
+
+  bool encrypted = (Version == 6);
+  #ifdef DEBUG
+  fprintf(stderr, "Handshake version is %hhi\n", Version);
+  #endif
+  uint8_t _validationScheme = 5;
+  if (ValidateClientScheme(Client, 0)) _validationScheme = 0;
+  if (ValidateClientScheme(Client, 1)) _validationScheme = 1;
+
+  #ifdef DEBUG
+  fprintf(stderr, "Handshake type is %hhi, encryption is %s\n", _validationScheme, encrypted?"on":"off");
+  #endif
+
+  //**** FIRST 1536 bytes from server response ****//
+  //compute DH key position
+  uint32_t serverDHOffset = GetDHOffset(Server, _validationScheme);
+  uint32_t clientDHOffset = GetDHOffset(Client, _validationScheme);
+
+  //generate DH key
+  DHWrapper dhWrapper(1024);
+  if (!dhWrapper.Initialize()) return false;
+  if (!dhWrapper.CreateSharedKey(Client + clientDHOffset, 128)) return false;
+  if (!dhWrapper.CopyPublicKey(Server + serverDHOffset, 128)) return false;
+
+  if (encrypted) {
+    uint8_t secretKey[128];
+    if (!dhWrapper.CopySharedKey(secretKey, sizeof (secretKey))) return false;
+    RC4_KEY _pKeyIn;
+    RC4_KEY _pKeyOut;
+    InitRC4Encryption(secretKey, (uint8_t*) & Client[clientDHOffset], (uint8_t*) & Server[serverDHOffset], &_pKeyIn, &_pKeyOut);
+    uint8_t data[1536];
+    RC4(&_pKeyIn, 1536, data, data);
+    RC4(&_pKeyOut, 1536, data, data);
+  }
+  //generate the digest
+  uint32_t serverDigestOffset = GetDigestOffset(Server, _validationScheme);
+  uint8_t *pTempBuffer = new uint8_t[1536 - 32];
+  memcpy(pTempBuffer, Server, serverDigestOffset);
+  memcpy(pTempBuffer + serverDigestOffset, Server + serverDigestOffset + 32, 1536 - serverDigestOffset - 32);
+  uint8_t *pTempHash = new uint8_t[512];
+  HMACsha256(pTempBuffer, 1536 - 32, genuineFMSKey, 36, pTempHash);
+  memcpy(Server + serverDigestOffset, pTempHash, 32);
+  delete[] pTempBuffer;
+  delete[] pTempHash;
+
+  //**** SECOND 1536 bytes from server response ****//
+  uint32_t keyChallengeIndex = GetDigestOffset(Client, _validationScheme);
+  pTempHash = new uint8_t[512];
+  HMACsha256(Client + keyChallengeIndex, 32, genuineFMSKey, 68, pTempHash);
+  uint8_t *pLastHash = new uint8_t[512];
+  HMACsha256(Server + 1536, 1536 - 32, pTempHash, 32, pLastHash);
+  memcpy(Server + 1536 * 2 - 32, pLastHash, 32);
+  delete[] pTempHash;
+  delete[] pLastHash;
+  //***** DONE BUILDING THE RESPONSE ***//
+  /** Send response **/
+  fwrite(&Version, 1, 1, stdout);
+  fwrite(&Server, 1, 3072, stdout);
+  snd_cnt+=3073;
+  /** Flush, necessary in order to work **/
+  fflush(stdout);
+  /** Read and discard C2 **/
+  fread(Client, 1, 1536, stdin);
+  rec_cnt+=1536;
+  return true;
+}
+
+#endif