GSM Shop
GSM-Forum  

Welcome to the GSM-Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features.
Only registered members may post questions, contact other members or search our database of over 8 million posts.

Registration is fast, simple and absolutely free so please - Click to REGISTER!

If you have any problems with the registration process or your account login, please contact contact us .

Go Back   GSM-Forum > Other Gsm/Mobile Related Forums > GSM Programming & Reverse Engineering

GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets.

Reply
 
LinkBack Thread Tools Display Modes
Old 02-13-2018, 18:00   #1 (permalink)
Insane Poster
 
Join Date: Jan 2009
Posts: 75
Member: 952912
Status: Offline
Thanks Meter: 15
Samsung IMEI_Verify v2


For those that would like to verify new CPID-based certs. Enjoy.
Credits: mincrypt, and to Victor for sample code in v1 verify

Code:
#include <stdio.h>
#include <string.h>
#include <inttypes.h>

char IMEI[14] = "35750716544902";	/* Modify with IMEI of your cert */
					/* (AT+IMEITEST=1,0) */
char KeyID[4] = "0328";			/* Modify with KeyID from your device */
					/* (AT+IMEISIGN=1,1,0) */
unsigned char CPID[32] = 		/* Modify with CPID from your device */
{					/* (AT+IMEISIGN=1,3,0) */
  0x84, 0x4D, 0x10, 0x3B, 0x22, 0x75, 0xC6, 0x71, 0x04, 0xFA, 0x3C, 0xFE,
  0xFA, 0x07, 0x0E, 0x37, 0x51, 0xE1, 0x2E, 0x78,
};

unsigned char ImeiSign[256] =		/* Modify with ImeiSign of your cert */
{
  0x24, 0x1F, 0xDE, 0xBA, 0x6C, 0xF5, 0x0B, 0xF9, 0xE3, 0xBE, 0x5B, 0xBF,
  0x48, 0x7B, 0xF4, 0x09, 0x69, 0x21, 0x92, 0x2F, 0x2A, 0x42, 0x52, 0x29,
  0x4C, 0xE7, 0x5C, 0x91, 0x56, 0x74, 0x6E, 0xE1, 0x84, 0xE3, 0x54, 0xCC,
  0xAB, 0x4A, 0x8D, 0x26, 0xF8, 0x1C, 0x40, 0x51, 0x8D, 0xC6, 0xA5, 0x7E,
  0x48, 0xAF, 0xDE, 0xB6, 0x33, 0x79, 0x47, 0xD7, 0x0E, 0x26, 0x09, 0x41,
  0x32, 0xAB, 0xF8, 0xAD, 0x3B, 0x37, 0xBC, 0xB1, 0x20, 0x4E, 0xB5, 0x8F,
  0xD0, 0x7D, 0x4B, 0xF3, 0x90, 0x38, 0x4B, 0x82, 0xE5, 0x24, 0xBE, 0x11,
  0xEB, 0x21, 0xB2, 0xC4, 0xCB, 0xC4, 0xC4, 0x8B, 0x5B, 0x60, 0xE8, 0x25,
  0x4D, 0x29, 0x59, 0xF8, 0x93, 0x24, 0xBA, 0xAC, 0x4A, 0x66, 0xFB, 0xE0,
  0xB5, 0xA8, 0xAD, 0xA3, 0x44, 0x83, 0x26, 0x3C, 0x99, 0x0B, 0x42, 0x4E,
  0x6B, 0x6D, 0x22, 0x73, 0x9A, 0xB9, 0x35, 0x97, 0x15, 0xA9, 0xDB, 0x75,
  0xA2, 0x3A, 0x44, 0x33, 0xEA, 0x8F, 0xFE, 0x90, 0x9A, 0xCB, 0x84, 0xD3,
  0x4A, 0xC6, 0x8A, 0x98, 0x18, 0xB1, 0x25, 0x61, 0x5E, 0x8F, 0x52, 0xCA,
  0xBA, 0xA4, 0x8B, 0x41, 0x0B, 0xCF, 0x51, 0xE7, 0xC8, 0x69, 0xAB, 0xC8,
  0x88, 0xF9, 0x11, 0xCE, 0x8D, 0xDD, 0x23, 0xFF, 0xB2, 0x01, 0xBE, 0xB3,
  0xCE, 0x50, 0xFD, 0xB9, 0x77, 0xBA, 0x10, 0xA5, 0xBD, 0x32, 0x7C, 0xFB,
  0xB8, 0xBD, 0x88, 0x4D, 0x84, 0xB5, 0x03, 0xF3, 0x20, 0x26, 0x85, 0x3E,
  0xDC, 0xE2, 0x0B, 0x7A, 0x8D, 0x12, 0xA7, 0x3B, 0x61, 0x51, 0x85, 0xFA,
  0xF1, 0xAA, 0x45, 0x5A, 0xD4, 0x5A, 0xB9, 0xD5, 0xBF, 0x28, 0x0A, 0x59,
  0x12, 0x66, 0x2F, 0x3D, 0x74, 0x85, 0xCA, 0x23, 0xB8, 0x17, 0xD4, 0x9A,
  0x40, 0x44, 0xAC, 0xAB, 0x62, 0x8D, 0xCC, 0xDC, 0x41, 0x8E, 0xC5, 0x27,
  0x8F, 0xA1, 0x46, 0x14,
};

unsigned char PubKey[520] =		/* Modify with PubKey of your Cert */
{
  0x40, 0x00, 0x00, 0x00, 0xA9, 0x50, 0x71, 0x8E, 0x67, 0xAC, 0xDF, 0xD3,
  0xB1, 0x6A, 0x50, 0x20, 0xC7, 0xC4, 0x2F, 0x40, 0x09, 0x2E, 0xC3, 0x14,
  0x98, 0xBF, 0x6F, 0x5C, 0x37, 0x6C, 0x63, 0x5C, 0x7F, 0x39, 0xC2, 0x13,
  0x01, 0xAC, 0x4B, 0x76, 0xA5, 0x38, 0x0C, 0xFF, 0x57, 0x54, 0x4F, 0xC5,
  0x29, 0x0C, 0x4C, 0x36, 0x67, 0x13, 0x1A, 0x99, 0x1F, 0xF9, 0xB9, 0xC4,
  0xA0, 0xB3, 0x21, 0xE9, 0x0A, 0x45, 0x5B, 0xD1, 0x55, 0x92, 0x4A, 0xE6,
  0x37, 0x2E, 0x7C, 0x3B, 0x63, 0x75, 0xDD, 0x6F, 0x27, 0x37, 0x74, 0x33,
  0xE9, 0x57, 0xC0, 0x09, 0xCE, 0xD8, 0xAC, 0x7B, 0x79, 0x58, 0x27, 0xFF,
  0xED, 0xBD, 0xE2, 0xF1, 0x04, 0xD3, 0xDD, 0x51, 0x19, 0xC1, 0xD1, 0x4C,
  0xC8, 0xC4, 0xEC, 0x76, 0x01, 0x80, 0xA0, 0xE8, 0x63, 0x8A, 0x41, 0x68,
  0xE9, 0xA4, 0x4F, 0x33, 0xD9, 0x48, 0xF4, 0xF5, 0x3F, 0x3D, 0x73, 0xF5,
  0x57, 0x05, 0xFB, 0xC9, 0x9E, 0x85, 0xB1, 0xAB, 0xCF, 0x37, 0xCD, 0x32,
  0x61, 0x69, 0x23, 0x6D, 0x08, 0x6A, 0x3A, 0xDC, 0xE5, 0x5F, 0xF2, 0x0B,
  0x92, 0x0C, 0x75, 0xBE, 0xD7, 0xFC, 0x79, 0x65, 0x8F, 0xE5, 0xB5, 0xE6,
  0x78, 0x01, 0x91, 0x9A, 0x92, 0xC1, 0x76, 0xE9, 0x55, 0xC9, 0x37, 0x6D,
  0xC1, 0x4A, 0x13, 0x0B, 0x3B, 0xDE, 0x05, 0x57, 0xAC, 0x45, 0xA0, 0x3B,
  0x97, 0xAB, 0xA1, 0x37, 0xDC, 0xCB, 0x7B, 0xF8, 0xF6, 0x92, 0xA5, 0x02,
  0xA7, 0x5B, 0x31, 0xD9, 0x05, 0xE0, 0xC2, 0xB6, 0x0D, 0x93, 0x5D, 0xE1,
  0x2A, 0x23, 0xAB, 0xDE, 0x50, 0x0E, 0x87, 0x70, 0xBB, 0x7F, 0x68, 0xF0,
  0x21, 0xCD, 0x6B, 0xC5, 0x91, 0x33, 0x5D, 0x48, 0xF8, 0x46, 0xC2, 0x5F,
  0x73, 0x7B, 0xF4, 0x6B, 0x81, 0x3C, 0x0C, 0x2D, 0xCE, 0x38, 0x13, 0x8B,
  0x2C, 0x2C, 0x6E, 0x02, 0xC4, 0x85, 0x10, 0x61, 0xD5, 0xA3, 0x35, 0xE2,
  0x8A, 0xB6, 0x53, 0x5D, 0x29, 0x0D, 0xE2, 0x0E, 0xE8, 0x0E, 0xBA, 0x30,
  0x5D, 0x7B, 0x5A, 0xD5, 0x26, 0x38, 0xD5, 0x8C, 0xBF, 0xB3, 0x5E, 0xF3,
  0x1B, 0xAC, 0x8A, 0x1A, 0x95, 0x18, 0x97, 0xE9, 0x2F, 0x80, 0xEA, 0xCE,
  0xAC, 0x53, 0xFC, 0x8B, 0x6A, 0xB9, 0xFF, 0x28, 0x70, 0x87, 0x85, 0xBD,
  0x39, 0x43, 0x0E, 0x0A, 0xA2, 0x54, 0x41, 0x4B, 0x24, 0x1D, 0xCF, 0x39,
  0x1C, 0xB8, 0x1C, 0xE4, 0x9F, 0xB1, 0xA9, 0x85, 0xEC, 0x60, 0x6B, 0x50,
  0xB3, 0x50, 0x5C, 0x4D, 0x4E, 0x95, 0x07, 0x8E, 0x7E, 0x91, 0xAB, 0xBF,
  0x9F, 0x9A, 0x7C, 0x9B, 0x2E, 0xFA, 0x1F, 0x51, 0x46, 0x73, 0x2F, 0x7D,
  0x9A, 0x03, 0x12, 0x26, 0xD1, 0xC1, 0x49, 0x02, 0xAE, 0x80, 0x56, 0xC8,
  0x78, 0x49, 0xC8, 0x31, 0xB5, 0x5F, 0xDE, 0x8B, 0xA9, 0x2A, 0xB9, 0xA5,
  0x92, 0xCC, 0x91, 0x29, 0x48, 0x42, 0x34, 0x51, 0xFB, 0x00, 0x9B, 0xF8,
  0x6D, 0x2D, 0x72, 0xB7, 0xDF, 0x12, 0x0C, 0x4B, 0x2C, 0x7C, 0x49, 0xAD,
  0x70, 0xF9, 0x7F, 0x79, 0x9A, 0xFF, 0x76, 0xC3, 0xD0, 0x19, 0xAF, 0x9F,
  0xE7, 0x9C, 0x2E, 0x01, 0x41, 0x96, 0x36, 0x98, 0x36, 0x6F, 0xF0, 0x36,
  0x8A, 0xA1, 0x77, 0xDE, 0x07, 0x09, 0xFC, 0x7F, 0x82, 0x1D, 0xC0, 0x6F,
  0x74, 0x49, 0x2C, 0x80, 0xB4, 0xB0, 0xC1, 0xC7, 0xFD, 0x3B, 0x09, 0x54,
  0xFA, 0x0F, 0xE9, 0x0F, 0x4E, 0x0C, 0x31, 0xFD, 0x78, 0xCB, 0x05, 0x11,
  0xBF, 0xB1, 0xA1, 0x6F, 0xBD, 0x31, 0xCC, 0x4C, 0xDD, 0xF9, 0x85, 0x3F,
  0x72, 0xEA, 0x40, 0x0E, 0x5D, 0x3E, 0x9B, 0xD3, 0x34, 0xBA, 0x61, 0x4C,
  0xD1, 0x80, 0x87, 0x3A, 0x65, 0x13, 0x06, 0x68, 0xFF, 0xB0, 0xD1, 0xEB,
  0x06, 0xD1, 0xAF, 0x75, 0x02, 0xCE, 0xD3, 0xD5, 0xC2, 0x9E, 0xA0, 0x2D,
  0xA4, 0x44, 0x6F, 0xA4,
};

unsigned char PubKeySign[256] = 	/* Modify with PubKeySign of your cert */
{
  0x10, 0x65, 0x39, 0xFD, 0x61, 0xAF, 0x6A, 0x02, 0xF9, 0xA3, 0x1A, 0xB4,
  0xF3, 0xBE, 0xA6, 0x26, 0x36, 0x63, 0x88, 0x46, 0xE1, 0xF3, 0x0C, 0x9D,
  0x8D, 0x8F, 0xDC, 0x0B, 0xEE, 0x66, 0xA5, 0x12, 0xD1, 0xFE, 0xC7, 0x98,
  0xF1, 0xEF, 0x61, 0x35, 0x3E, 0x6B, 0x3A, 0x7D, 0x0F, 0x55, 0x3F, 0x72,
  0x24, 0xB1, 0x69, 0x99, 0xBB, 0xEA, 0x16, 0x1F, 0xF9, 0xEE, 0x02, 0xC6,
  0x6A, 0x1B, 0xAD, 0xCC, 0x62, 0x31, 0x1C, 0x66, 0xDA, 0x03, 0x54, 0x97,
  0x08, 0x07, 0xF2, 0x5A, 0x03, 0xDB, 0x89, 0xB7, 0x62, 0xFD, 0x4A, 0xE0,
  0xDC, 0x12, 0xAD, 0x57, 0xC4, 0x3B, 0xB1, 0xB3, 0x5A, 0x40, 0xD8, 0x11,
  0x7B, 0xA8, 0xE9, 0x7F, 0xC9, 0x02, 0xF2, 0x27, 0x94, 0x02, 0x9D, 0x3D,
  0xEF, 0x97, 0x15, 0x78, 0x07, 0x56, 0x0F, 0xDE, 0x7E, 0x3D, 0xEA, 0x20,
  0x74, 0xAE, 0xF3, 0x94, 0x28, 0x77, 0x1A, 0xD6, 0xF2, 0xBF, 0x64, 0xF2,
  0x48, 0x89, 0x33, 0x45, 0x93, 0x39, 0x3D, 0xF5, 0xB4, 0xF0, 0x80, 0x63,
  0x7B, 0xCA, 0x99, 0x6B, 0x3E, 0xA5, 0xBC, 0x39, 0x86, 0x83, 0x2F, 0x17,
  0x40, 0x95, 0xD7, 0x07, 0x12, 0xE5, 0xA5, 0x53, 0xC4, 0x6E, 0xD7, 0xBF,
  0xD9, 0xCD, 0x8F, 0xAB, 0x14, 0x59, 0x57, 0x40, 0xE1, 0xFB, 0x64, 0xE6,
  0xF1, 0x2E, 0x1A, 0x3C, 0x01, 0x67, 0x32, 0x6F, 0xF5, 0x0A, 0xDB, 0x3A,
  0xC5, 0xBB, 0xB9, 0xBB, 0x91, 0x65, 0x5F, 0xC9, 0x6C, 0xB6, 0xC0, 0x64,
  0x31, 0x4D, 0xDF, 0xBC, 0x10, 0x92, 0x4B, 0x56, 0xE2, 0xFE, 0x67, 0x9E,
  0xDA, 0x6A, 0xDF, 0x81, 0xBC, 0x80, 0x0A, 0xE2, 0x07, 0x6B, 0x3A, 0x8E,
  0xB6, 0x2A, 0x0E, 0xF0, 0xC2, 0x18, 0x06, 0x37, 0xB9, 0xC7, 0x9A, 0x9B,
  0xB2, 0xBD, 0x79, 0x9E, 0x3D, 0x40, 0xF4, 0xFF, 0x71, 0x9D, 0x7B, 0x0B,
  0xFD, 0x76, 0xB4, 0x4D,
};

unsigned char RootPubKey[520] =		/* Do not modify */
{
  0x40, 0x00, 0x00, 0x00, 0x81, 0x48, 0xCF, 0x4E, 0x7F, 0x08, 0x67, 0xC1,
  0x7C, 0x05, 0xC1, 0x82, 0x73, 0x32, 0x71, 0x85, 0xBB, 0x24, 0x63, 0x07,
  0x62, 0x0D, 0x13, 0xC8, 0xBB, 0x2A, 0x3E, 0x6E, 0x24, 0xF9, 0x52, 0x15,
  0xA6, 0xD7, 0xF2, 0x78, 0xE7, 0xD2, 0x1A, 0x76, 0x19, 0x69, 0xDA, 0x97,
  0x5D, 0x26, 0x3C, 0x2B, 0x04, 0xB3, 0xC9, 0xA1, 0x6D, 0xD6, 0xDE, 0x5F,
  0xBD, 0x51, 0x01, 0x4B, 0x1F, 0x6E, 0x29, 0x88, 0xD8, 0xFB, 0x0E, 0xA0,
  0x58, 0x2E, 0x7B, 0x2C, 0xE9, 0xD6, 0xAB, 0x96, 0x77, 0x68, 0x9A, 0x0B,
  0xC5, 0xD8, 0xD9, 0x42, 0xE0, 0x9A, 0xB6, 0x05, 0xD1, 0xDC, 0x1F, 0xB2,
  0x01, 0xF3, 0xAC, 0x4E, 0x4E, 0x85, 0x59, 0x5E, 0x0B, 0x42, 0x91, 0xC3,
  0x29, 0xF9, 0x30, 0xA2, 0xB8, 0x71, 0x6D, 0x7B, 0x0E, 0x76, 0x81, 0xD8,
  0x43, 0x22, 0x49, 0x40, 0xAB, 0xB7, 0xAB, 0x18, 0x1D, 0x82, 0xCD, 0xC7,
  0xB3, 0x25, 0xAC, 0x3F, 0xDF, 0x4B, 0xE2, 0xF4, 0x76, 0x3E, 0x2C, 0x94,
  0x3F, 0xB5, 0x24, 0x42, 0x39, 0x12, 0x94, 0xAD, 0x9F, 0x9B, 0x14, 0xBD,
  0x00, 0xCC, 0x3D, 0x30, 0xCD, 0x4A, 0x3D, 0xC2, 0x9A, 0x3A, 0x26, 0x01,
  0x64, 0x7B, 0xD3, 0x9B, 0xC8, 0xF6, 0x3B, 0xD4, 0x6D, 0x63, 0x5E, 0x17,
  0x26, 0xF2, 0x9F, 0x08, 0x62, 0x78, 0x66, 0x6B, 0x45, 0xFB, 0x79, 0xA0,
  0x4C, 0xC8, 0xB2, 0x42, 0x0F, 0x3A, 0xFD, 0x2A, 0x8F, 0x73, 0x21, 0x13,
  0x61, 0x08, 0x6F, 0x55, 0x98, 0x8D, 0x10, 0xAE, 0xB8, 0x59, 0x71, 0x76,
  0xE6, 0x5A, 0x02, 0x1F, 0x5F, 0x50, 0x5A, 0xDD, 0x23, 0x3C, 0x0D, 0xBA,
  0x6D, 0x16, 0xEE, 0xC0, 0x4C, 0xE6, 0x36, 0xAE, 0xCE, 0xA9, 0xFA, 0x8A,
  0xA7, 0x7E, 0x9A, 0xEB, 0x43, 0x4E, 0x41, 0xF4, 0x6D, 0xF9, 0x80, 0xDB,
  0xB5, 0x40, 0x02, 0x4D, 0x29, 0x01, 0x53, 0x53, 0xBE, 0x6F, 0xB8, 0xDB,
  0x34, 0xD0, 0x2D, 0x73, 0xEA, 0x0A, 0x35, 0x28, 0x0A, 0x89, 0x99, 0x02,
  0xA9, 0x0E, 0x8A, 0x39, 0x0E, 0xA7, 0xF7, 0xB5, 0xA8, 0x84, 0x4D, 0x52,
  0x2A, 0xD3, 0x8E, 0xCA, 0xAE, 0x75, 0x8C, 0x45, 0xE4, 0x24, 0xE2, 0xEF,
  0x01, 0x16, 0xDA, 0xE4, 0x85, 0x7B, 0xE7, 0xE6, 0xB9, 0x6D, 0x93, 0xF4,
  0xD1, 0xB5, 0xDD, 0xBF, 0xF1, 0x7E, 0x5B, 0x76, 0x79, 0xFA, 0x37, 0x61,
  0x0C, 0xF4, 0x44, 0x64, 0x07, 0x7E, 0x92, 0x82, 0xB5, 0x20, 0x70, 0x15,
  0xD2, 0xD8, 0x2D, 0x61, 0x1A, 0xCE, 0x4C, 0xF5, 0x95, 0x65, 0xCA, 0xA2,
  0x9C, 0x3D, 0x8E, 0x01, 0x57, 0xDB, 0xBD, 0xE0, 0xF7, 0xBA, 0x60, 0x56,
  0x57, 0xFB, 0x9D, 0xE4, 0xBD, 0x87, 0x8A, 0xCF, 0x51, 0xF9, 0xB5, 0x50,
  0xEE, 0x8E, 0x45, 0x9A, 0xDA, 0x1E, 0x3A, 0x38, 0x5C, 0x9A, 0x0B, 0x04,
  0x3C, 0xAD, 0x24, 0xE9, 0x92, 0x29, 0xD7, 0x05, 0xD6, 0x53, 0xBD, 0xEE,
  0xCB, 0xC8, 0x1A, 0xF3, 0xF3, 0x92, 0x55, 0xCF, 0xBB, 0x37, 0xB3, 0xAA,
  0xE6, 0xF1, 0x64, 0x37, 0x4F, 0x1D, 0x94, 0x50, 0x4B, 0xB0, 0x0C, 0xAC,
  0x7D, 0xFF, 0x57, 0xE0, 0x33, 0xEB, 0x44, 0xD7, 0x50, 0x9D, 0xDB, 0x92,
  0xE2, 0x98, 0xF0, 0xA6, 0x36, 0x50, 0x03, 0x55, 0x98, 0x3C, 0x38, 0xC6,
  0xA0, 0x83, 0x22, 0x83, 0xB8, 0xA4, 0xDE, 0x0B, 0xC2, 0x0C, 0xD1, 0x13,
  0xCC, 0x02, 0xE8, 0xF2, 0x89, 0x6A, 0xBB, 0x62, 0x2C, 0x59, 0x12, 0x7F,
  0xD8, 0xCF, 0x1D, 0x61, 0xE0, 0x44, 0xF1, 0xF8, 0xC8, 0x19, 0x2C, 0xC2,
  0xC9, 0x73, 0xAD, 0x4C, 0x44, 0x53, 0x63, 0x86, 0x59, 0x64, 0x61, 0xBA,
  0xEB, 0x39, 0xCB, 0x8A, 0x4F, 0xB9, 0x32, 0xC2, 0x96, 0x96, 0x92, 0x88,
  0x7A, 0xD5, 0xD1, 0xC0, 0xCE, 0x52, 0xD2, 0x8F, 0xFC, 0xEE, 0x6B, 0xF5,
  0x25, 0xC1, 0xEE, 0x24,
};

#define RSANUMBYTES 256           /* 2048 bit key length */
#define RSANUMWORDS (RSANUMBYTES / sizeof(uint32_t))
#define SHA_DIGEST_SIZE 20
#define SHA256_DIGEST_SIZE 32
#define SHA_DIGEST_SIZE 20
#define rol(bits, value) (((value) << (bits)) | ((value) >> (32 - (bits))))

typedef struct RSAPublicKey {
	int len;			/* Length of n[] in number of uint32_t */
	uint32_t n0inv;			/* -1 / n[0] mod 2^32 */
	uint32_t n[RSANUMWORDS];	/* modulus as little endian array */
	uint32_t rr[RSANUMWORDS];	/* R^2 as little endian array */
	int exponent;			/* 3 or 65537 */
} RSAPublicKey;


typedef struct SHA_CTX {
    uint64_t count;
    uint32_t state[5];
    uint8_t buf[64];
} SHA_CTX;

static void SHA1_transform(SHA_CTX *ctx) {
    uint32_t W[80];
    uint32_t A, B, C, D, E;
    uint8_t *p = ctx->buf;
    int t;

    for(t = 0; t < 16; ++t) {
        uint32_t tmp =  *p++ << 24;
        tmp |= *p++ << 16;
        tmp |= *p++ << 8;
        tmp |= *p++;
        W[t] = tmp;
    }

    for(; t < 80; t++) {
        W[t] = rol(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
    }

    A = ctx->state[0];
    B = ctx->state[1];
    C = ctx->state[2];
    D = ctx->state[3];
    E = ctx->state[4];

    for(t = 0; t < 80; t++) {
        uint32_t tmp = rol(5,A) + E + W[t];

        if (t < 20)
            tmp += (D^(B&(C^D))) + 0x5A827999;
        else if ( t < 40)
            tmp += (B^C^D) + 0x6ED9EBA1;
        else if ( t < 60)
            tmp += ((B&C)|(D&(B|C))) + 0x8F1BBCDC;
        else
            tmp += (B^C^D) + 0xCA62C1D6;

        E = D;
        D = C;
        C = rol(30,B);
        B = A;
        A = tmp;
    }

    ctx->state[0] += A;
    ctx->state[1] += B;
    ctx->state[2] += C;
    ctx->state[3] += D;
    ctx->state[4] += E;
}

void SHA_update(SHA_CTX *ctx, const void *data, int len) {
    int i = ctx->count % sizeof(ctx->buf);
    const uint8_t* p = (const uint8_t*)data;

    ctx->count += len;

    while (len--) {
        ctx->buf[i++] = *p++;
        if (i == sizeof(ctx->buf)) {
            SHA1_transform(ctx);
            i = 0;
        }
    }
}
const uint8_t *SHA_final(SHA_CTX *ctx) {
    uint8_t *p = ctx->buf;
    uint64_t cnt = ctx->count * 8;
    int i;

    SHA_update(ctx, (uint8_t*)"\x80", 1);
    while ((ctx->count % sizeof(ctx->buf)) != (sizeof(ctx->buf) - 8)) {
        SHA_update(ctx, (uint8_t*)"\0", 1);
    }
    for (i = 0; i < 8; ++i) {
        uint8_t tmp = cnt >> ((7 - i) * 8);
        SHA_update(ctx, &tmp, 1);
    }

    for (i = 0; i < 5; i++) {
        uint32_t tmp = ctx->state[i];
        *p++ = tmp >> 24;
        *p++ = tmp >> 16;
        *p++ = tmp >> 8;
        *p++ = tmp >> 0;
    }

    return ctx->buf;
}

void SHA_init(SHA_CTX* ctx) {
    ctx->state[0] = 0x67452301;
    ctx->state[1] = 0xEFCDAB89;
    ctx->state[2] = 0x98BADCFE;
    ctx->state[3] = 0x10325476;
    ctx->state[4] = 0xC3D2E1F0;
    ctx->count = 0;
}

/* Convenience function */
const uint8_t* SHA(const void *data, int len, uint8_t *digest) {
    const uint8_t *p;
    int i;
    SHA_CTX ctx;
    SHA_init(&ctx);
    SHA_update(&ctx, data, len);
    p = SHA_final(&ctx);
    for (i = 0; i < SHA_DIGEST_SIZE; ++i) {
        digest[i] = *p++;
    }
    return digest;
}

// a[] -= mod
static void subM(const RSAPublicKey* key, uint32_t* a) {
	int64_t A = 0;
	int i;
	for (i = 0; i < key->len; ++i) {
		A += (uint64_t)a[i] - key->n[i];
		a[i] = (uint32_t)A;
		A >>= 32;
	}
}

// return a[] >= mod
static int geM(const RSAPublicKey* key, const uint32_t* a) {
	int i;
	for (i = key->len; i;) {
		--i;
		if (a[i] < key->n[i]) return 0;
		if (a[i] > key->n[i]) return 1;
	}
	return 1;  // equal
}

// montgomery c[] += a * b[] / R % mod
static void montMulAdd(const RSAPublicKey* key,
			uint32_t* c,
			const uint32_t a,
			const uint32_t* b) {
	uint64_t A = (uint64_t)a * b[0] + c[0];
	uint32_t d0 = (uint32_t)A * key->n0inv;
	uint64_t B = (uint64_t)d0 * key->n[0] + (uint32_t)A;
	int i;
	for (i = 1; i < key->len; ++i) {
		A = (A >> 32) + (uint64_t)a * b[i] + c[i];
		B = (B >> 32) + (uint64_t)d0 * key->n[i] + (uint32_t)A;
		c[i - 1] = (uint32_t)B;
	}
	A = (A >> 32) + (B >> 32);
	c[i - 1] = (uint32_t)A;
	if (A >> 32) {
		subM(key, c);
	}
}

// montgomery c[] = a[] * b[] / R % mod
static void montMul(const RSAPublicKey* key,
			uint32_t* c,
			const uint32_t* a,
			const uint32_t* b) {
	int i;
	for (i = 0; i < key->len; ++i) {
		c[i] = 0;
	}
	for (i = 0; i < key->len; ++i) {
		montMulAdd(key, c, a[i], b);
	}
}

// In-place public exponentiation.
// Input and output big-endian byte array in inout.
static void modpow(const RSAPublicKey* key, uint8_t* inout) {
	uint32_t a[RSANUMWORDS];
	uint32_t aR[RSANUMWORDS];
	uint32_t aaR[RSANUMWORDS];
	uint32_t* aaa = 0;
	int i;
	// Convert from big endian byte array to little endian word array.
	for (i = 0; i < key->len; ++i) {
		uint32_t tmp =
			(inout[((key->len - 1 - i) * 4) + 0] << 24) |
			(inout[((key->len - 1 - i) * 4) + 1] << 16) |
			(inout[((key->len - 1 - i) * 4) + 2] << 8) |
			(inout[((key->len - 1 - i) * 4) + 3] << 0);
		a[i] = tmp;
	}
	if (key->exponent == 65537) {
		aaa = aaR;  // Re-use location.
		montMul(key, aR, a, key->rr);  // aR = a * RR / R mod M
		for (i = 0; i < 16; i += 2) {
			montMul(key, aaR, aR, aR);  // aaR = aR * aR / R mod M
			montMul(key, aR, aaR, aaR);  // aR = aaR * aaR / R mod M
		}
		montMul(key, aaa, aR, a);  // aaa = aR * a / R mod M
	} else if (key->exponent == 3) {
		aaa = aR;  // Re-use location.
		montMul(key, aR, a, key->rr);  /* aR = a * RR / R mod M   */
		montMul(key, aaR, aR, aR);     /* aaR = aR * aR / R mod M */
		montMul(key, aaa, aaR, a);     /* aaa = aaR * a / R mod M */
	}
	// Make sure aaa < mod; aaa is at most 1x mod too large.
	if (geM(key, aaa)) {
		subM(key, aaa);
	}
	// Convert to bigendian byte array
	for (i = key->len - 1; i >= 0; --i) {
		uint32_t tmp = aaa[i];
		*inout++ = tmp >> 24;
		*inout++ = tmp >> 16;
		*inout++ = tmp >> 8;
		*inout++ = tmp >> 0;
	}
}

// Expected PKCS1.5 signature padding bytes, for a keytool RSA signature.
// Has the 0-length optional parameter encoded in the ASN1 (as opposed to the
// other flavor which omits the optional parameter entirely). This code does not
// accept signatures without the optional parameter.
static const uint8_t sha_padding[] = {
	0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x21, 0x30,
	0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
	0x05, 0x00, 0x04, 0x14,
};

// Verify a 2048-bit RSA PKCS1.5 signature against an expected hash.
// Both e=3 and e=65537 are supported.  hash_len may be
// SHA_DIGEST_SIZE (== 20) to indicate a SHA-1 hash, or
// SHA256_DIGEST_SIZE (== 32) to indicate a SHA-256 hash.  No other
// values are supported.
//
// Returns 1 on successful verification, 0 on failure.
int RSA_verify(const RSAPublicKey *key,
		const uint8_t *signature,
		const int len,
		const uint8_t *hash) {

	uint8_t buf[RSANUMBYTES];
	int i;
	const uint8_t* padding_hash;
	if (key->len != RSANUMWORDS) {
		return 0;  // Wrong key passed in.
	}
	if (len != sizeof(buf)) {
		return 0;  // Wrong input length.
	}
	if (key->exponent != 3 && key->exponent != 65537) {
		return 0;  // Unsupported exponent.
	}
	for (i = 0; i < len; ++i) {  // Copy input to local workspace.
		buf[i] = signature[i];
	}
	
	modpow(key, buf);  // In-place exponentiation.

	memcpy((void*)hash, &buf[sizeof(sha_padding)], 20);

	/* Check pkcs1.5 padding bytes. */
	for (i = 0; i < sizeof(sha_padding); ++i) {
		if (buf[i] != sha_padding[i]) {
			return 0;
		}
	}

	return 1;  // All checked out OK.
}


int main(int argc, char **argv)
{
	int retval;
	unsigned char rsahash[SHA_DIGEST_SIZE];
	unsigned char keyidrsahash[SHA_DIGEST_SIZE];
	unsigned char aIn1[SHA_DIGEST_SIZE + sizeof(IMEI)];
	unsigned char aIn2[sizeof(PubKey) + sizeof(KeyID)];
	unsigned char shahash[SHA_DIGEST_SIZE];
	unsigned char keyidshahash[SHA_DIGEST_SIZE];
	RSAPublicKey PK;
	RSAPublicKey RPK;

	memcpy(aIn1, IMEI, sizeof(IMEI));
	memcpy(&aIn1[sizeof(IMEI)], CPID, sizeof(CPID));
	SHA(aIn1, sizeof(aIn1), shahash);

	memcpy(aIn2, PubKey, sizeof(PubKey));
	memcpy(&aIn2[sizeof(PubKey)], KeyID, sizeof(KeyID));
	SHA(aIn2, sizeof(aIn2), keyidshahash);

	memcpy(&RPK, RootPubKey, 520);
	RPK.exponent = 3;
	retval = RSA_verify(&RPK, PubKeySign, 256, keyidrsahash);
	if (retval) {
		printf("PubKeySign match RootPubkey\n");
	}
	else {
		printf("PubKeySign bad\n");
		return 1;
	}
	if (!memcmp(keyidrsahash, keyidshahash, 20)) {
		printf("PubKey match KeyID\n");
	}
	else {
		printf("PubKeySign and PubKey/KeyID mismatch\n");
		return 1;
	}

	memcpy(&PK, PubKey, 520);
	PK.exponent = 3;
	retval = RSA_verify(&PK, ImeiSign, 256, rsahash);
	if (retval) {
		printf("ImeiSign match Pubkey\n");
	}
	else {
		printf("ImeiSign bad\n");
		return 1;
	}
	if (!memcmp(rsahash, shahash, 20)) {
		printf("ImeiSign match IMEI/CPID\nCert is good!\n");
	}
	else {
		printf("IMEI/CPID and ImeiSign mismatch\n");
		return 1;
	}
	return 0;
}
  Reply With Quote
The Following 2 Users Say Thank You to chavonbravo For This Useful Post:
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


 



All times are GMT +1. The time now is 11:58.



Powered by Searchlight © 2018 Axivo Inc.
vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
- GSM Hosting Ltd. - 1999-2017 -
Page generated in 0.23089 seconds with 7 queries

SEO by vBSEO