windowsdlls
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
windowsdlls [2009/05/04 22:50] – document 0xd8 and start ocmmod marcus | windowsdlls [2010/04/29 14:48] (current) – megadiscman | ||
---|---|---|---|
Line 124: | Line 124: | ||
</ | </ | ||
+ | ===== OpenMG Secure Module - Implementation Architecture ===== | ||
- | ===== The ocm-files ===== | + | * References: |
+ | Sony Patent EP1 496 439 A1, Fig.6 there is a diagram illustrating the functional structure of the client. | ||
- | OCM-Interpretor: | + | Note: Patent diagram says following: |
- | * [[http:// | + | Security Module: |
- | * [[http:// | + | |
- | The OCM files (except | + | [0047] A security module 53 performs processing relating |
+ | to data security, such as encryption of the modules. | ||
+ | A request | ||
+ | in the modules is sent to the security module 53, | ||
+ | and the security module 53 performs encryption or the like | ||
+ | in response to the request. | ||
- | Here is a decode for native code blocks from OCM files. It is severe works-for-me-quality, | + | DRM Module: |
- | * It does not name imports from salwrap, it just puts offsets into the import table into a generic name. Check here for some name [[OCMSalwrapExports]] | + | |
- | * It is unable to parse named exports | + | |
- | * It does only support the relocation types (mostly direct imports of compiler helper functions) I needed. | + | |
- | The output | + | [0043] Fig. 6 shows an example |
+ | structure of the client 1. A DRM (Digital Right Management) | ||
+ | module 51 communicates the content, right data, | ||
+ | etc., or manages the right data. | ||
- | [[codeblockparser]] | + | Comparision with the implementation: |
- | Some info about analysing an OCM file can be found in this part of chat log: | + | Playback module, write module, read module, lcm module all communicate directly to |
+ | the DRM module or Security Module. These modules would be OmgNetMD.dll, | ||
- | [[ocmchatlog1]] | + | Modules in the plugin-layer at the top would communicate with these " |
+ | they never directly communicate with salwrap/ | ||
+ | There are tough, exceptions, a couple of functions can be used in pfcom trough COM. Its also possible to use SAL (salExec0) using COM (omgmisc.dll DLL link to salwrap.dll salExec0). | ||
- | These new pages could be created | + | < |
+ | .................................................................................................... + UI | ||
+ | SonicStage | ||
+ | .................................................................................................... | ||
+ | ^ ^ | ||
+ | | | | ||
+ | | COM | ||
+ | v v | ||
+ | .................................................................................................... Plug-in layer (AVLib) | ||
+ | + CheckOut +Playback | ||
+ | + CheckIn +Convert | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | NetMDAPI.dll | ||
+ | | ||
+ | | ||
+ | NetMDUSB.dll | ||
+ | | ||
+ | .................................................................................................... OpenMG | ||
+ | ^ | ||
+ | | COM | ||
+ | DLL | ||
+ | ----------------------- | ||
+ | pfcom.dll | ||
+ | | | ||
+ | | | ||
+ | | ||
+ | | ||
+ | | | ||
+ | | ||
+ | | | ||
+ | | | ||
+ | ----------------------- | ||
+ | ^ | ||
+ | | | ||
+ | v | ||
+ | | ||
+ | | ||
+ | maclist1.dat, | ||
+ | [License information] | ||
+ | OMGKEY\salomgid.dat | ||
+ | < | ||
+ | | ||
- | * Netmd.ocm: [[netmdocm]] | ||
- | * Device.sal: [[devicesal]] | ||
- | Start for device.sal | + | .................................................................................................... Secure Applications |
+ | | ||
+ | device.sal init.ocm | ||
+ | | ||
- | < | + | |
- | int | + | SAL Runtime |
- | dev_0x01 (blob_t someblob, bool_t somebool) | + | ------------------- |
- | { | + | |
- | int res; | + | |
- | if (somebool == 1) | + | .................................................................................................... |
- | { | + | </ |
- | res = dev_0x00 (someblob); | + | |
- | if (res != 0) | + | |
- | return res; | + | |
- | } | + | |
- | int some_nr = (unsigned) SubBlob (someblob, 0, 4); | + | |
- | int some_nr2 = (unsigned) dev_0xd1 (some_nr); | + | |
- | res = " | + | |
- | // FIXME: Don't know the stack layout after this. | + | |
- | if (res != 0) | + | ===== The ocm-files ===== |
- | return; | + | |
- | blob_t someblob2; | + | OCM-Interpretor: |
- | | + | * [[http:// |
- | vector< | + | |
- | do | + | |
- | { | + | |
- | vec.append (SubBlob (some_nr3 | + | |
- | } | + | |
- | | + | |
+ | OCM handling code is stored in a private git repository (run using [[http:// | ||
- | int some_nr3 = (signed) SubBlob (someblob2, 0, 4); | + | < |
- | res = dev_0xc1 (some_nr3); | + | Hostname z6.physik.fu-berlin.de |
- | if (res != 0) | + | |
- | return res; | + | </ |
- | int some_nr4 = (signed) SubBlob (someblob2, 16, 4); | + | After that, you can clone the repo by using |
- | if (some_nr3 == some_nr4) | + | < |
- | | + | git-clone gitosis@z6.physik.fu-berlin.de:/ |
- | else | + | </ |
- | | + | |
- | // is vec returned as well? it's still on the stack. | + | The OCM files (except for init.ocm which contains an extra layer of packing) are interpreted as [[OCMBytecode]] |
- | } | + | |
+ | Here is a decoder for native code blocks from OCM files. It is severe works-for-me-quality, | ||
+ | * It does not name imports from salwrap, it just puts offsets into the import table into a generic name. Check here for some name [[OCMSalwrapExports]] | ||
+ | * It is unable to parse named exports | ||
+ | * It does only support the relocation types (mostly direct imports of compiler helper functions) I needed. | ||
- | int | + | The output of the program is an assembler source file (completely unreadable) that is intended to be compiled by the GNU assembler |
- | dev_0xb7 | + | |
- | { | + | |
- | if (get_type (thing) != TYPE_BLOB) | + | |
- | return 0; | + | |
- | if (thing[2] == 0x31) | + | |
- | return 2; | + | |
- | else | + | |
- | { | + | |
- | if (! strncmp (thing, " | + | |
- | return 1; | + | |
- | else | + | |
- | return 0; | + | |
- | } | + | |
- | } | + | |
- | block_t | + | [[codeblockparser]] |
- | dev_0xd1 | + | |
- | { | + | |
- | if (nr > 1) | + | |
- | { | + | |
- | 0x80 (" | + | |
- | return 0; | + | |
- | } | + | |
- | else | + | |
- | { | + | |
- | return 00 81 00 00 00 00 00 00; | + | |
- | } | + | |
- | } | + | |
+ | Some info about analysing an OCM file can be found in this part of chat log: | ||
- | // Some decrypt function. | + | [[ocmchatlog1]] |
- | any_t | + | |
- | dev_0xd8 (blob_t data1, blob_t data2) | + | |
- | { | + | |
- | blob_t data3 = data2 XOR concat (dict[0xfc], dict[0xfc]); | + | |
- | dict[0xdb] = data3; | + | |
- | blob_t shasum = SHA1 (data3[0..1f]); | + | These pages show internals of some modules |
- | blob_t iv = shasum[0..7]; | + | |
- | blob_t key = shasum[8..15] | + | |
- | | + | |
- | + | | |
- | | + | * Trkinf: [[trkinfocm]] |
- | // Round up to multiple of 8. | + | |
- | | + | |
- | blob_t out = repeat_nul (len); | + | ===== Links ===== |
- | // Modifies OUT. 1 means that length is provided. | + | |
- | out = native:: | + | |
- | return decode_asn1 (out); | + | |
- | } | + | |
- | </ | + | |
- | + | ||
- | < | + | |
- | // Do something. | + | |
- | // If use_len is TRUE, the provided LEN parameter is used, otherwise LEN is determined | + | |
- | // from DATA. Modifies OUT and returns it. | + | |
- | blob_t | + | |
- | native:: | + | |
+ | * [[http:// |
windowsdlls.1241477412.txt.gz · Last modified: 2009/05/04 22:50 by marcus