From 7cd2ac6e831c259283c59cbdfec570dccff082a5 Mon Sep 17 00:00:00 2001
From: Keuin <keuinx@gmail.com>
Date: Fri, 27 May 2022 23:28:13 +0800
Subject: Do not copy ciphertext.

---
 main.c | 23 +++++++++++------------
 1 file changed, 11 insertions(+), 12 deletions(-)

(limited to 'main.c')

diff --git a/main.c b/main.c
index 6419f47..d4e8fdd 100644
--- a/main.c
+++ b/main.c
@@ -16,25 +16,28 @@ int pkcs7_check_pad(const char *buf, size_t n);
 typedef struct s_key_search_ctx {
     /* first 8 bytes and the last 8 bytes of the ciphertext
      * in encrypted QQ flash image */
-    uint64_t ciphertext[2];
+    const char *ciphertext;
     /* if routine `yield_possible_key` returns true,
      * the possible 64-bit DES key will be stored here */
     uint64_t yield;
     /* 4 byte effective key space */
     uint32_t next_possible_key;
+    /* length of ciphertext */
+    uint32_t len;
     bool finished;
 } key_search_ctx;
 
 /* constructor of type `key_search_ctx` */
 void new_key_search_ctx(
         key_search_ctx *ctx,
-        uint64_t ciphertext[2],
+        const char *ciphertext,
+        uint32_t ciphertext_len,
         uint32_t a
 ) {
     ctx->finished = false;
     ctx->next_possible_key = a;
-    ctx->ciphertext[0] = ciphertext[0];
-    ctx->ciphertext[1] = ciphertext[1];
+    ctx->ciphertext = ciphertext;
+    ctx->len = ciphertext_len;
 }
 
 /* search key in range [a, b), returns false if
@@ -79,7 +82,7 @@ bool yield_possible_key(
         }
         /* decrypt the first 8 bytes */
         if (des_ecb_decrypt(
-                (const unsigned char *) (&ctx->ciphertext[0]),
+                (const unsigned char *) (ctx->ciphertext),
                 (unsigned char *) &plaintext,
                 (const symmetric_key *) &skey
         ) != CRYPT_OK)
@@ -90,7 +93,7 @@ bool yield_possible_key(
 
         /* decrypt the last 8 bytes */
         if (des_ecb_decrypt(
-                (const unsigned char *) (&ctx->ciphertext[1]),
+                (const unsigned char *) (ctx->ciphertext + ctx->len - 8),
                 (unsigned char *) &plaintext,
                 (const symmetric_key *) &skey
         ) != CRYPT_OK)
@@ -135,7 +138,7 @@ typedef struct s_thread_param {
 /* if a worker find this to be true, it will terminate */
 atomic_bool key_found;
 /* shared across workers */
-const char *ciphertext;
+const char * volatile ciphertext;
 /* should not be modified by workers */
 uint32_t ciphertext_len;
 /* the result generated by a lucky worker */
@@ -148,11 +151,7 @@ int thread_worker(thread_param *param) {
     key_search_ctx ctx;
     const uint32_t b = param->b; /* search end */
     uint32_t ciphertext_length = ciphertext_len;
-    uint64_t prefilter_ciphertext[2] = {
-            *(uint64_t *) ciphertext,
-            *((uint64_t *) (ciphertext + ciphertext_length) - 1)
-    };
-    new_key_search_ctx(&ctx, prefilter_ciphertext, param->a);
+    new_key_search_ctx(&ctx, ciphertext, ciphertext_length, param->a);
     char *plaintext = malloc(ciphertext_length);
     if (plaintext == NULL) {
         perror("malloc");
-- 
cgit v1.2.3