chore: add release script

Merge pull request 'feat(ximalaya): initial support' (#42 ) from feat/ximalaya into master
Reviewed-on: um/cli#42
2022-11-20 12:42:03 +08:00 · 2022-11-20 01:38:13 +00:00 · 2022-11-20 08:10:56 +08:00 · 2022-11-20 08:04:39 +08:00 · 2022-11-20 00:03:42 +00:00 · 2022-11-20 03:12:30 +08:00
68 changed files with 1988 additions and 1074 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -1,7 +1,6 @@
 name: Build
 on:
  push:
-    branches: [ master ]
    paths:
      - "**/*.go"
      - "go.mod"
@ -17,17 +16,23 @@ on:

 jobs:
  test:
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-latest
    strategy:
      matrix:
-        os: [ windows-latest, ubuntu-latest, macos-latest ]
        include:
-          - os: ubuntu-latest
+          - target: "linux/amd64"
+            GOOS: "linux"
+            GOARCH: "amd64"
            BIN_SUFFIX: ""
-          - os: macos-latest
-            BIN_SUFFIX: ""
-          - os: windows-latest
+          - target: "windows/amd64"
+            GOOS: "windows"
+            GOARCH: "amd64"
            BIN_SUFFIX: ".exe"
+          - target: "darwin/amd64"
+            GOOS: "darwin"
+            GOARCH: "amd64"
+            BIN_SUFFIX: ""
+
    steps:
      - name: Checkout codebase
        uses: actions/checkout@v2
@ -37,7 +42,7 @@ jobs:
      - name: Set up Go 1.x
        uses: actions/setup-go@v2
        with:
-          go-version: ^1.16
+          go-version: ^1.17

      - name: Setup vars
        id: vars
@ -45,13 +50,18 @@ jobs:
          echo "::set-output name=short_sha::$(git rev-parse --short HEAD)"
          echo "::set-output name=git_tag::$(git describe --tags --always)"

+      - name: Test
+        run: go test -v ./...
+
      - name: Build
        env:
+          GOOS: ${{ matrix.GOOS }}
+          GOARCH: ${{ matrix.GOARCH }}
          CGO_ENABLED: 0
-        run: go build -trimpath -ldflags="-w -s -X main.AppVersion=${{ steps.vars.outputs.git_tag }}" -v -o um-${{ runner.os }}${{ matrix.BIN_SUFFIX }} ./cmd/um
+        run: go build -v -trimpath -ldflags="-w -s -X main.AppVersion=${{ steps.vars.outputs.git_tag }}" -o um-${{ matrix.GOOS }}-${{ matrix.GOARCH }}${{ matrix.BIN_SUFFIX }} ./cmd/um

      - name: Publish artifact
        uses: actions/upload-artifact@v2
        with:
-          name: um-${{ runner.os }}${{ matrix.BIN_SUFFIX }}
-          path: ./um-${{ runner.os }}${{ matrix.BIN_SUFFIX }}
+          name: um-${{ matrix.GOOS }}-${{ matrix.GOARCH }}
+          path: ./um-${{ matrix.GOOS }}-${{ matrix.GOARCH }}${{ matrix.BIN_SUFFIX }}
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -0,0 +1,84 @@
+name: Create Release
+
+on:
+  push:
+    tags:
+      - "v*"
+
+jobs:
+  create_release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get current time
+        id: date
+        run: echo "::set-output name=date::$(date +'%Y/%m/%d')"
+
+      - name: Create release
+        id: release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: "Build ${{ steps.date.outputs.date }}"
+          draft: true
+    outputs:
+      upload_url: "${{ steps.release.outputs.upload_url }}"
+  build:
+    needs:
+      - create_release
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - target: "linux/amd64"
+            GOOS: "linux"
+            GOARCH: "amd64"
+            BIN_SUFFIX: ""
+          - target: "windows/amd64"
+            GOOS: "windows"
+            GOARCH: "amd64"
+            BIN_SUFFIX: ".exe"
+          - target: "windows/386"
+            GOOS: "windows"
+            GOARCH: "386"
+            BIN_SUFFIX: ".exe"
+          - target: "darwin/amd64"
+            GOOS: "darwin"
+            GOARCH: "amd64"
+            BIN_SUFFIX: ""
+
+    steps:
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Setup vars
+        id: vars
+        run: |
+          echo "::set-output name=short_sha::$(git rev-parse --short HEAD)"
+          echo "::set-output name=git_tag::$(git describe --tags --always)"
+
+      - name: Set up Go 1.x
+        uses: actions/setup-go@v2
+        with:
+          go-version: ^1.17
+
+      - name: Build
+        env:
+          GOOS: ${{ matrix.GOOS }}
+          GOARCH: ${{ matrix.GOARCH }}
+          CGO_ENABLED: 0
+        run: go build -trimpath -v -ldflags="-w -s -X main.AppVersion=${{ steps.vars.outputs.git_tag }}" -o um ./cmd/um
+
+      - name: Upload release assets
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create_release.outputs.upload_url }}
+          asset_path: um
+          asset_name: um-${{ matrix.GOOS }}-${{ matrix.GOARCH }}${{ matrix.BIN_SUFFIX }}
+          asset_content_type: application/octet-stream
+
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,3 @@
 .idea
+
+/dist
--- a/README.md
+++ b/README.md
@ -13,7 +13,7 @@ Original: Web Edition https://github.com/ix64/unlock-music

 ## Hou to Build

- Requirements: **Golang 1.16**
+- Requirements: **Golang 1.17**

 1. Clone this repo `git clone https://github.com/unlock-music/cli && cd cli`
 2. Build the executable `go build ./cmd/um`
--- a/algo/common/common.go
+++ b/algo/common/common.go
@ -1,12 +1,17 @@
 package common

+import (
+	"context"
+	"io"
+)
+
 type Decoder interface {
 	Validate() error
-	Decode() error
-	GetCoverImage() []byte
-	GetAudioData() []byte
-	GetAudioExt() string
-	GetMeta() Meta
+	io.Reader
+}
+
+type CoverImageGetter interface {
+	GetCoverImage(ctx context.Context) ([]byte, error)
 }

 type Meta interface {
@ -14,3 +19,7 @@ type Meta interface {
 	GetTitle() string
 	GetAlbum() string
 }
+
+type StreamDecoder interface {
+	Decrypt(buf []byte, offset int)
+}
--- a/algo/common/dispatch.go
+++ b/algo/common/dispatch.go
@ -1,12 +1,31 @@
 package common

-type NewDecoderFunc func([]byte) Decoder
+import (
+	"io"
+	"path/filepath"
+	"strings"
+)

-var decoderRegistry = make(map[string][]NewDecoderFunc)
+type NewDecoderFunc func(rd io.ReadSeeker) Decoder

-func RegisterDecoder(ext string, dispatchFunc NewDecoderFunc) {
-	decoderRegistry[ext] = append(decoderRegistry[ext], dispatchFunc)
+type decoderItem struct {
+	noop    bool
+	decoder NewDecoderFunc
 }
-func GetDecoder(ext string) []NewDecoderFunc {
-	return decoderRegistry[ext]
+
+var DecoderRegistry = make(map[string][]decoderItem)
+
+func RegisterDecoder(ext string, noop bool, dispatchFunc NewDecoderFunc) {
+	DecoderRegistry[ext] = append(DecoderRegistry[ext],
+		decoderItem{noop: noop, decoder: dispatchFunc})
+}
+func GetDecoder(filename string, skipNoop bool) (rs []NewDecoderFunc) {
+	ext := strings.ToLower(strings.TrimLeft(filepath.Ext(filename), "."))
+	for _, dec := range DecoderRegistry[ext] {
+		if skipNoop && dec.noop {
+			continue
+		}
+		rs = append(rs, dec.decoder)
+	}
+	return
 }
--- a/algo/common/raw.go
+++ b/algo/common/raw.go
@ -1,52 +1,48 @@
 package common

-import "errors"
+import (
+	"errors"
+	"fmt"
+	"io"
+)

 type RawDecoder struct {
-	file     []byte
+	rd io.ReadSeeker
+
 	audioExt string
 }

-func NewRawDecoder(file []byte) Decoder {
-	return &RawDecoder{file: file}
+func NewRawDecoder(rd io.ReadSeeker) Decoder {
+	return &RawDecoder{rd: rd}
 }

 func (d *RawDecoder) Validate() error {
-	for ext, sniffer := range snifferRegistry {
-		if sniffer(d.file) {
-			d.audioExt = ext
-			return nil
-		}
+	header := make([]byte, 16)
+	if _, err := io.ReadFull(d.rd, header); err != nil {
+		return fmt.Errorf("read file header failed: %v", err)
+	}
+	if _, err := d.rd.Seek(0, io.SeekStart); err != nil {
+		return fmt.Errorf("seek file failed: %v", err)
 	}
-	return errors.New("audio doesn't recognized")
-}

-func (d RawDecoder) Decode() error {
+	var ok bool
+	d.audioExt, ok = SniffAll(header)
+	if !ok {
+		return errors.New("raw: sniff audio type failed")
+	}
 	return nil
 }

-func (d RawDecoder) GetCoverImage() []byte {
-	return nil
-}
-
-func (d RawDecoder) GetAudioData() []byte {
-	return d.file
-}
-
-func (d RawDecoder) GetAudioExt() string {
-	return d.audioExt
-}
-
-func (d RawDecoder) GetMeta() Meta {
-	return nil
+func (d *RawDecoder) Read(p []byte) (n int, err error) {
+	return d.rd.Read(p)
 }

 func init() {
-	RegisterDecoder("mp3", NewRawDecoder)
-	RegisterDecoder("flac", NewRawDecoder)
-	RegisterDecoder("ogg", NewRawDecoder)
-	RegisterDecoder("m4a", NewRawDecoder)
-	RegisterDecoder("wav", NewRawDecoder)
-	RegisterDecoder("wma", NewRawDecoder)
-	RegisterDecoder("aac", NewRawDecoder)
+	RegisterDecoder("mp3", true, NewRawDecoder)
+	RegisterDecoder("flac", true, NewRawDecoder)
+	RegisterDecoder("ogg", true, NewRawDecoder)
+	RegisterDecoder("m4a", true, NewRawDecoder)
+	RegisterDecoder("wav", true, NewRawDecoder)
+	RegisterDecoder("wma", true, NewRawDecoder)
+	RegisterDecoder("aac", true, NewRawDecoder)
 }
--- a/algo/common/sniff.go
+++ b/algo/common/sniff.go
@ -12,6 +12,7 @@ var snifferRegistry = map[string]Sniffer{
 	".wav":  SnifferWAV,
 	".wma":  SnifferWMA,
 	".aac":  SnifferAAC,
+	".dff":  SnifferDFF,
 }

 func SniffAll(header []byte) (string, bool) {
@ -46,3 +47,9 @@ func SnifferWMA(header []byte) bool {
 func SnifferAAC(header []byte) bool {
 	return bytes.HasPrefix(header, []byte{0xFF, 0xF1})
 }
+
+// SnifferDFF sniff a DSDIFF format
+// reference to: https://www.sonicstudio.com/pdf/dsd/DSDIFF_1.5_Spec.pdf
+func SnifferDFF(header []byte) bool {
+	return bytes.HasPrefix(header, []byte("FRM8"))
+}
--- a/algo/kgm/kgm.go
+++ b/algo/kgm/kgm.go
@ -1,98 +1,64 @@
 package kgm

 import (
-	"bytes"
-	"encoding/binary"
-	"errors"
-	"github.com/unlock-music/cli/algo/common"
-	"github.com/unlock-music/cli/internal/logging"
-)
+	"fmt"
+	"io"

-var (
-	vprHeader = []byte{
-		0x05, 0x28, 0xBC, 0x96, 0xE9, 0xE4, 0x5A, 0x43,
-		0x91, 0xAA, 0xBD, 0xD0, 0x7A, 0xF5, 0x36, 0x31}
-	kgmHeader = []byte{
-		0x7C, 0xD5, 0x32, 0xEB, 0x86, 0x02, 0x7F, 0x4B,
-		0xA8, 0xAF, 0xA6, 0x8E, 0x0F, 0xFF, 0x99, 0x14}
-	ErrKgmMagicHeader = errors.New("kgm/vpr magic header not matched")
+	"unlock-music.dev/cli/algo/common"
 )

 type Decoder struct {
-	file  []byte
-	key   []byte
-	isVpr bool
-	audio []byte
+	rd io.ReadSeeker
+
+	cipher common.StreamDecoder
+	offset int
+
+	header header
 }

-func NewDecoder(file []byte) common.Decoder {
-	return &Decoder{
-		file: file,
+func NewDecoder(rd io.ReadSeeker) common.Decoder {
+	return &Decoder{rd: rd}
+}
+
+// Validate checks if the file is a valid Kugou (.kgm, .vpr, .kgma) file.
+// rd will be seeked to the beginning of the encrypted audio.
+func (d *Decoder) Validate() (err error) {
+	if err := d.header.FromFile(d.rd); err != nil {
+		return err
 	}
-}
+	// TODO; validate crypto version

-func (d Decoder) GetCoverImage() []byte {
-	return nil
-}
-
-func (d Decoder) GetAudioData() []byte {
-	return d.audio
-}
-
-func (d Decoder) GetAudioExt() string {
-	return "" // use sniffer
-}
-
-func (d Decoder) GetMeta() common.Meta {
-	return nil
-}
-
-func (d *Decoder) Validate() error {
-	if bytes.Equal(kgmHeader, d.file[:len(kgmHeader)]) {
-		d.isVpr = false
-	} else if bytes.Equal(vprHeader, d.file[:len(vprHeader)]) {
-		d.isVpr = true
-	} else {
-		return ErrKgmMagicHeader
-	}
-
-	d.key = d.file[0x1c:0x2c]
-	d.key = append(d.key, 0x00)
-	_ = d.file[0x2c:0x3c] //todo: key2
-	return nil
-}
-
-func (d *Decoder) Decode() error {
-	headerLen := binary.LittleEndian.Uint32(d.file[0x10:0x14])
-	dataEncrypted := d.file[headerLen:]
-	lenData := len(dataEncrypted)
-	initMask()
-	if fullMaskLen < lenData {
-		logging.Log().Warn("The file is too large and the processed audio is incomplete, " +
-			"please report to us about this file at https://github.com/unlock-music/cli/issues")
-		lenData = fullMaskLen
-	}
-	d.audio = make([]byte, lenData)
-
-	for i := 0; i < lenData; i++ {
-		med8 := d.key[i%17] ^ dataEncrypted[i]
-		med8 ^= (med8 & 0xf) << 4
-
-		msk8 := maskV2PreDef[i%272] ^ maskV2[i>>4]
-		msk8 ^= (msk8 & 0xf) << 4
-		d.audio[i] = med8 ^ msk8
-	}
-	if d.isVpr {
-		for i := 0; i < lenData; i++ {
-			d.audio[i] ^= maskDiffVpr[i%17]
+	switch d.header.CryptoVersion {
+	case 3:
+		d.cipher, err = newKgmCryptoV3(&d.header)
+		if err != nil {
+			return fmt.Errorf("kgm init crypto v3: %w", err)
 		}
+	default:
+		return fmt.Errorf("kgm: unsupported crypto version %d", d.header.CryptoVersion)
 	}
+
+	// prepare for read
+	if _, err := d.rd.Seek(int64(d.header.AudioOffset), io.SeekStart); err != nil {
+		return fmt.Errorf("kgm seek to audio: %w", err)
+	}
+
 	return nil
 }
+
+func (d *Decoder) Read(buf []byte) (int, error) {
+	n, err := d.rd.Read(buf)
+	if n > 0 {
+		d.cipher.Decrypt(buf[:n], d.offset)
+		d.offset += n
+	}
+	return n, err
+}
+
 func init() {
 	// Kugou
-	common.RegisterDecoder("kgm", NewDecoder)
-	common.RegisterDecoder("kgma", NewDecoder)
+	common.RegisterDecoder("kgm", false, NewDecoder)
+	common.RegisterDecoder("kgma", false, NewDecoder)
 	// Viper
-	common.RegisterDecoder("vpr", NewDecoder)
+	common.RegisterDecoder("vpr", false, NewDecoder)
 }
--- a/algo/kgm/kgm.v2.mask
+++ b/algo/kgm/kgm.v2.mask
--- a/algo/kgm/kgm_header.go
+++ b/algo/kgm/kgm_header.go
@ -0,0 +1,64 @@
+package kgm
+
+import (
+	"bytes"
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+)
+
+var (
+	vprHeader = []byte{
+		0x05, 0x28, 0xBC, 0x96, 0xE9, 0xE4, 0x5A, 0x43,
+		0x91, 0xAA, 0xBD, 0xD0, 0x7A, 0xF5, 0x36, 0x31,
+	}
+	kgmHeader = []byte{
+		0x7C, 0xD5, 0x32, 0xEB, 0x86, 0x02, 0x7F, 0x4B,
+		0xA8, 0xAF, 0xA6, 0x8E, 0x0F, 0xFF, 0x99, 0x14,
+	}
+
+	ErrKgmMagicHeader = errors.New("kgm magic header not matched")
+)
+
+// header is the header of a KGM file.
+type header struct {
+	MagicHeader    []byte // 0x00-0x0f: magic header
+	AudioOffset    uint32 // 0x10-0x13: offset of audio data
+	CryptoVersion  uint32 // 0x14-0x17: crypto version
+	CryptoSlot     uint32 // 0x18-0x1b: crypto key slot
+	CryptoTestData []byte // 0x1c-0x2b: crypto test data
+	CryptoKey      []byte // 0x2c-0x3b: crypto key
+}
+
+func (h *header) FromFile(rd io.ReadSeeker) error {
+	if _, err := rd.Seek(0, io.SeekStart); err != nil {
+		return fmt.Errorf("kgm seek start: %w", err)
+	}
+
+	buf := make([]byte, 0x3c)
+	if _, err := io.ReadFull(rd, buf); err != nil {
+		return fmt.Errorf("kgm read header: %w", err)
+	}
+
+	return h.FromBytes(buf)
+}
+
+func (h *header) FromBytes(buf []byte) error {
+	if len(buf) < 0x3c {
+		return errors.New("invalid kgm header length")
+	}
+
+	h.MagicHeader = buf[:0x10]
+	if !bytes.Equal(kgmHeader, h.MagicHeader) && !bytes.Equal(vprHeader, h.MagicHeader) {
+		return ErrKgmMagicHeader
+	}
+
+	h.AudioOffset = binary.LittleEndian.Uint32(buf[0x10:0x14])
+	h.CryptoVersion = binary.LittleEndian.Uint32(buf[0x14:0x18])
+	h.CryptoSlot = binary.LittleEndian.Uint32(buf[0x18:0x1c])
+	h.CryptoTestData = buf[0x1c:0x2c]
+	h.CryptoKey = buf[0x2c:0x3c]
+
+	return nil
+}
--- a/algo/kgm/kgm_v3.go
+++ b/algo/kgm/kgm_v3.go
@ -0,0 +1,55 @@
+package kgm
+
+import (
+	"crypto/md5"
+	"fmt"
+
+	"unlock-music.dev/cli/algo/common"
+)
+
+// kgmCryptoV3 is kgm file crypto v3
+type kgmCryptoV3 struct {
+	slotBox []byte
+	fileBox []byte
+}
+
+var kgmV3Slot2Key = map[uint32][]byte{
+	1: {0x6C, 0x2C, 0x2F, 0x27},
+}
+
+func newKgmCryptoV3(header *header) (common.StreamDecoder, error) {
+	c := &kgmCryptoV3{}
+
+	slotKey, ok := kgmV3Slot2Key[header.CryptoSlot]
+	if !ok {
+		return nil, fmt.Errorf("kgm3: unknown crypto slot %d", header.CryptoSlot)
+	}
+	c.slotBox = kugouMD5(slotKey)
+
+	c.fileBox = append(kugouMD5(header.CryptoKey), 0x6b)
+
+	return c, nil
+}
+
+func (d *kgmCryptoV3) Decrypt(b []byte, offset int) {
+	for i := 0; i < len(b); i++ {
+		b[i] ^= d.fileBox[(offset+i)%len(d.fileBox)]
+		b[i] ^= b[i] << 4
+		b[i] ^= d.slotBox[(offset+i)%len(d.slotBox)]
+		b[i] ^= xorCollapseUint32(uint32(offset + i))
+	}
+}
+
+func xorCollapseUint32(i uint32) byte {
+	return byte(i) ^ byte(i>>8) ^ byte(i>>16) ^ byte(i>>24)
+}
+
+func kugouMD5(b []byte) []byte {
+	digest := md5.Sum(b)
+	ret := make([]byte, 16)
+	for i := 0; i < md5.Size; i += 2 {
+		ret[i] = digest[14-i]
+		ret[i+1] = digest[14-i+1]
+	}
+	return ret
+}
--- a/algo/kgm/mask.go
+++ b/algo/kgm/mask.go
@ -1,59 +0,0 @@
-package kgm
-
-import (
-	"bytes"
-	_ "embed"
-	"github.com/ulikunitz/xz"
-	"github.com/unlock-music/cli/internal/logging"
-	"go.uber.org/zap"
-	"io/ioutil"
-)
-
-var maskDiffVpr = []byte{
-	0x25, 0xDF, 0xE8, 0xA6, 0x75, 0x1E, 0x75, 0x0E,
-	0x2F, 0x80, 0xF3, 0x2D, 0xB8, 0xB6, 0xE3, 0x11,
-	0x00}
-
-var maskV2PreDef = []byte{
-	0xB8, 0xD5, 0x3D, 0xB2, 0xE9, 0xAF, 0x78, 0x8C, 0x83, 0x33, 0x71, 0x51, 0x76, 0xA0, 0xCD, 0x37,
-	0x2F, 0x3E, 0x35, 0x8D, 0xA9, 0xBE, 0x98, 0xB7, 0xE7, 0x8C, 0x22, 0xCE, 0x5A, 0x61, 0xDF, 0x68,
-	0x69, 0x89, 0xFE, 0xA5, 0xB6, 0xDE, 0xA9, 0x77, 0xFC, 0xC8, 0xBD, 0xBD, 0xE5, 0x6D, 0x3E, 0x5A,
-	0x36, 0xEF, 0x69, 0x4E, 0xBE, 0xE1, 0xE9, 0x66, 0x1C, 0xF3, 0xD9, 0x02, 0xB6, 0xF2, 0x12, 0x9B,
-	0x44, 0xD0, 0x6F, 0xB9, 0x35, 0x89, 0xB6, 0x46, 0x6D, 0x73, 0x82, 0x06, 0x69, 0xC1, 0xED, 0xD7,
-	0x85, 0xC2, 0x30, 0xDF, 0xA2, 0x62, 0xBE, 0x79, 0x2D, 0x62, 0x62, 0x3D, 0x0D, 0x7E, 0xBE, 0x48,
-	0x89, 0x23, 0x02, 0xA0, 0xE4, 0xD5, 0x75, 0x51, 0x32, 0x02, 0x53, 0xFD, 0x16, 0x3A, 0x21, 0x3B,
-	0x16, 0x0F, 0xC3, 0xB2, 0xBB, 0xB3, 0xE2, 0xBA, 0x3A, 0x3D, 0x13, 0xEC, 0xF6, 0x01, 0x45, 0x84,
-	0xA5, 0x70, 0x0F, 0x93, 0x49, 0x0C, 0x64, 0xCD, 0x31, 0xD5, 0xCC, 0x4C, 0x07, 0x01, 0x9E, 0x00,
-	0x1A, 0x23, 0x90, 0xBF, 0x88, 0x1E, 0x3B, 0xAB, 0xA6, 0x3E, 0xC4, 0x73, 0x47, 0x10, 0x7E, 0x3B,
-	0x5E, 0xBC, 0xE3, 0x00, 0x84, 0xFF, 0x09, 0xD4, 0xE0, 0x89, 0x0F, 0x5B, 0x58, 0x70, 0x4F, 0xFB,
-	0x65, 0xD8, 0x5C, 0x53, 0x1B, 0xD3, 0xC8, 0xC6, 0xBF, 0xEF, 0x98, 0xB0, 0x50, 0x4F, 0x0F, 0xEA,
-	0xE5, 0x83, 0x58, 0x8C, 0x28, 0x2C, 0x84, 0x67, 0xCD, 0xD0, 0x9E, 0x47, 0xDB, 0x27, 0x50, 0xCA,
-	0xF4, 0x63, 0x63, 0xE8, 0x97, 0x7F, 0x1B, 0x4B, 0x0C, 0xC2, 0xC1, 0x21, 0x4C, 0xCC, 0x58, 0xF5,
-	0x94, 0x52, 0xA3, 0xF3, 0xD3, 0xE0, 0x68, 0xF4, 0x00, 0x23, 0xF3, 0x5E, 0x0A, 0x7B, 0x93, 0xDD,
-	0xAB, 0x12, 0xB2, 0x13, 0xE8, 0x84, 0xD7, 0xA7, 0x9F, 0x0F, 0x32, 0x4C, 0x55, 0x1D, 0x04, 0x36,
-	0x52, 0xDC, 0x03, 0xF3, 0xF9, 0x4E, 0x42, 0xE9, 0x3D, 0x61, 0xEF, 0x7C, 0xB6, 0xB3, 0x93, 0x50,
-}
-
-//go:embed kgm.v2.mask
-var maskV2Xz []byte
-
-var maskV2 []byte
-var fullMaskLen int
-var initMaskOK = false
-
-//todo: decompress mask on demand
-func initMask() {
-	if initMaskOK {
-		return
-	}
-	maskReader, err := xz.NewReader(bytes.NewReader(maskV2Xz))
-	if err != nil {
-		logging.Log().Fatal("load kgm mask failed", zap.Error(err))
-	}
-	maskV2, err = ioutil.ReadAll(maskReader)
-	if err != nil {
-		logging.Log().Fatal("load kgm mask failed", zap.Error(err))
-	}
-	fullMaskLen = len(maskV2) * 16
-	initMaskOK = true
-}
--- a/algo/kwm/kwm.go
+++ b/algo/kwm/kwm.go
@ -2,107 +2,78 @@ package kwm

 import (
 	"bytes"
-	"encoding/binary"
 	"errors"
-	"github.com/unlock-music/cli/algo/common"
+	"fmt"
+	"io"
 	"strconv"
 	"strings"
 	"unicode"
+
+	"unlock-music.dev/cli/algo/common"
 )

-var (
-	magicHeader = []byte{
-		0x79, 0x65, 0x65, 0x6C, 0x69, 0x6F, 0x6E, 0x2D,
-		0x6B, 0x75, 0x77, 0x6F, 0x2D, 0x74, 0x6D, 0x65}
-	ErrKwFileSize    = errors.New("kwm invalid file size")
-	ErrKwMagicHeader = errors.New("kwm magic header not matched")
-)
-
+const magicHeader1 = "yeelion-kuwo-tme"
+const magicHeader2 = "yeelion-kuwo\x00\x00\x00\x00"
 const keyPreDefined = "MoOtOiTvINGwd2E6n0E1i7L5t2IoOoNk"

 type Decoder struct {
-	file []byte
+	rd io.ReadSeeker
+
+	cipher common.StreamDecoder
+	offset int

-	key       []byte
 	outputExt string
 	bitrate   int
-	mask      []byte
-
-	audio []byte
-}
-
-func (d *Decoder) GetCoverImage() []byte {
-	return nil
-}
-
-func (d *Decoder) GetAudioData() []byte {
-	return d.audio
 }

 func (d *Decoder) GetAudioExt() string {
 	return "." + d.outputExt
 }

-func (d *Decoder) GetMeta() common.Meta {
-	return nil
-}
-
-func NewDecoder(data []byte) common.Decoder {
-	//todo: Notice the input data will be changed for now
-	return &Decoder{file: data}
+func NewDecoder(rd io.ReadSeeker) common.Decoder {
+	return &Decoder{rd: rd}
 }

+// Validate checks if the file is a valid Kuwo .kw file.
+// rd will be seeked to the beginning of the encrypted audio.
 func (d *Decoder) Validate() error {
-	lenData := len(d.file)
-	if lenData < 1024 {
-		return ErrKwFileSize
-	}
-	if !bytes.Equal(magicHeader, d.file[:16]) {
-		return ErrKwMagicHeader
-	}
-
-	return nil
-}
-
-func generateMask(key []byte) []byte {
-	keyInt := binary.LittleEndian.Uint64(key)
-	keyStr := strconv.FormatUint(keyInt, 10)
-	keyStrTrim := padOrTruncate(keyStr, 32)
-	mask := make([]byte, 32)
-	for i := 0; i < 32; i++ {
-		mask[i] = keyPreDefined[i] ^ keyStrTrim[i]
-	}
-	return mask
-}
-
-func (d *Decoder) parseBitrateAndType() {
-	bitType := string(bytes.TrimRight(d.file[0x30:0x38], string(byte(0))))
-	charPos := 0
-	for charPos = range bitType {
-		if !unicode.IsNumber(rune(bitType[charPos])) {
-			break
-		}
-	}
-	var err error
-	d.bitrate, err = strconv.Atoi(bitType[:charPos])
+	header := make([]byte, 0x400) // kwm header is fixed to 1024 bytes
+	_, err := io.ReadFull(d.rd, header)
 	if err != nil {
-		d.bitrate = 0
+		return fmt.Errorf("kwm read header: %w", err)
 	}
-	d.outputExt = strings.ToLower(bitType[charPos:])

+	// check magic header, 0x00 - 0x0F
+	magicHeader := header[:0x10]
+	if !bytes.Equal([]byte(magicHeader1), magicHeader) &&
+		!bytes.Equal([]byte(magicHeader2), magicHeader) {
+		return errors.New("kwm magic header not matched")
+	}
+
+	d.cipher = newKwmCipher(header[0x18:0x20])                      // Crypto Key, 0x18 - 0x1F
+	d.bitrate, d.outputExt = parseBitrateAndType(header[0x30:0x38]) // Bitrate & File Extension, 0x30 - 0x38
+
+	return nil
 }

-func (d *Decoder) Decode() error {
-	d.parseBitrateAndType()
+func parseBitrateAndType(header []byte) (int, string) {
+	tmp := strings.TrimRight(string(header), "\x00")
+	sep := strings.IndexFunc(tmp, func(r rune) bool {
+		return !unicode.IsDigit(r)
+	})

-	d.mask = generateMask(d.file[0x18:0x20])
+	bitrate, _ := strconv.Atoi(tmp[:sep]) // just ignore the error
+	outputExt := strings.ToLower(tmp[sep:])
+	return bitrate, outputExt
+}

-	d.audio = d.file[1024:]
-	dataLen := len(d.audio)
-	for i := 0; i < dataLen; i++ {
-		d.audio[i] ^= d.mask[i&0x1F] //equals: [i % 32]
+func (d *Decoder) Read(b []byte) (int, error) {
+	n, err := d.rd.Read(b)
+	if n > 0 {
+		d.cipher.Decrypt(b[:n], d.offset)
+		d.offset += n
 	}
-	return nil
+	return n, err
 }

 func padOrTruncate(raw string, length int) string {
@ -124,6 +95,6 @@ func padOrTruncate(raw string, length int) string {

 func init() {
 	// Kuwo Mp3/Flac
-	common.RegisterDecoder("kwm", NewDecoder)
-	common.RegisterDecoder("kwm", common.NewRawDecoder)
+	common.RegisterDecoder("kwm", false, NewDecoder)
+	common.RegisterDecoder("kwm", false, common.NewRawDecoder)
 }
--- a/algo/kwm/kwm_cipher.go
+++ b/algo/kwm/kwm_cipher.go
@ -0,0 +1,31 @@
+package kwm
+
+import (
+	"encoding/binary"
+	"strconv"
+)
+
+type kwmCipher struct {
+	mask []byte
+}
+
+func newKwmCipher(key []byte) *kwmCipher {
+	return &kwmCipher{mask: generateMask(key)}
+}
+
+func generateMask(key []byte) []byte {
+	keyInt := binary.LittleEndian.Uint64(key)
+	keyStr := strconv.FormatUint(keyInt, 10)
+	keyStrTrim := padOrTruncate(keyStr, 32)
+	mask := make([]byte, 32)
+	for i := 0; i < 32; i++ {
+		mask[i] = keyPreDefined[i] ^ keyStrTrim[i]
+	}
+	return mask
+}
+
+func (c kwmCipher) Decrypt(buf []byte, offset int) {
+	for i := range buf {
+		buf[i] ^= c.mask[(offset+i)&0x1F] // equivalent: [i % 32]
+	}
+}
--- a/algo/ncm/meta.go
+++ b/algo/ncm/meta.go
@ -1,8 +1,9 @@
 package ncm

 import (
-	"github.com/unlock-music/cli/algo/common"
 	"strings"
+
+	"unlock-music.dev/cli/algo/common"
 )

 type RawMeta interface {
--- a/algo/ncm/ncm.go
+++ b/algo/ncm/ncm.go
@ -2,135 +2,173 @@ package ncm

 import (
 	"bytes"
+	"context"
 	"encoding/base64"
 	"encoding/binary"
 	"encoding/json"
 	"errors"
-	"github.com/unlock-music/cli/algo/common"
-	"github.com/unlock-music/cli/internal/logging"
-	"github.com/unlock-music/cli/internal/utils"
-	"go.uber.org/zap"
-	"io/ioutil"
+	"fmt"
+	"io"
 	"net/http"
 	"strings"
+
+	"unlock-music.dev/cli/algo/common"
+	"unlock-music.dev/cli/internal/utils"
 )

+const magicHeader = "CTENFDAM"
+
 var (
-	magicHeader = []byte{
-		0x43, 0x54, 0x45, 0x4E, 0x46, 0x44, 0x41, 0x4D}
 	keyCore = []byte{
 		0x68, 0x7a, 0x48, 0x52, 0x41, 0x6d, 0x73, 0x6f,
-		0x35, 0x6b, 0x49, 0x6e, 0x62, 0x61, 0x78, 0x57}
+		0x35, 0x6b, 0x49, 0x6e, 0x62, 0x61, 0x78, 0x57,
+	}
 	keyMeta = []byte{
 		0x23, 0x31, 0x34, 0x6C, 0x6A, 0x6B, 0x5F, 0x21,
-		0x5C, 0x5D, 0x26, 0x30, 0x55, 0x3C, 0x27, 0x28}
+		0x5C, 0x5D, 0x26, 0x30, 0x55, 0x3C, 0x27, 0x28,
+	}
 )

-func NewDecoder(data []byte) common.Decoder {
+func NewDecoder(rd io.ReadSeeker) common.Decoder {
 	return &Decoder{
-		file:    data,
-		fileLen: uint32(len(data)),
+		rd: rd,
 	}
 }

 type Decoder struct {
-	file    []byte
-	fileLen uint32
+	rd io.ReadSeeker // rd is the original file reader

-	key []byte
-	box []byte
+	offset int
+	cipher common.StreamDecoder

 	metaRaw  []byte
 	metaType string
 	meta     RawMeta
-
-	cover []byte
-	audio []byte
-
-	offsetKey   uint32
-	offsetMeta  uint32
-	offsetCover uint32
-	offsetAudio uint32
+	cover    []byte
 }

+// Validate checks if the file is a valid Netease .ncm file.
+// rd will be seeked to the beginning of the encrypted audio.
 func (d *Decoder) Validate() error {
-	if !bytes.Equal(magicHeader, d.file[:len(magicHeader)]) {
+	if err := d.validateMagicHeader(); err != nil {
+		return err
+	}
+
+	if _, err := d.rd.Seek(2, io.SeekCurrent); err != nil { // 2 bytes gap
+		return fmt.Errorf("ncm seek file: %w", err)
+	}
+
+	keyData, err := d.readKeyData()
+	if err != nil {
+		return err
+	}
+
+	if err := d.readMetaData(); err != nil {
+		return fmt.Errorf("read meta date failed: %w", err)
+	}
+
+	if _, err := d.rd.Seek(5, io.SeekCurrent); err != nil { // 5 bytes gap
+		return fmt.Errorf("ncm seek gap: %w", err)
+	}
+
+	if err := d.readCoverData(); err != nil {
+		return fmt.Errorf("parse ncm cover file failed: %w", err)
+	}
+
+	if err := d.parseMeta(); err != nil {
+		return fmt.Errorf("parse meta failed: %w", err)
+	}
+
+	d.cipher = newNcmCipher(keyData)
+	return nil
+}
+
+func (d *Decoder) validateMagicHeader() error {
+	header := make([]byte, len(magicHeader)) // 0x00 - 0x07
+	if _, err := d.rd.Read(header); err != nil {
+		return fmt.Errorf("ncm read magic header: %w", err)
+	}
+
+	if !bytes.Equal([]byte(magicHeader), header) {
 		return errors.New("ncm magic header not match")
 	}
-	d.offsetKey = 8 + 2
+
 	return nil
 }

-func (d *Decoder) readKeyData() error {
-	if d.offsetKey == 0 || d.offsetKey+4 > d.fileLen {
-		return errors.New("invalid cover file offset")
+func (d *Decoder) readKeyData() ([]byte, error) {
+	bKeyLen := make([]byte, 4) //
+	if _, err := io.ReadFull(d.rd, bKeyLen); err != nil {
+		return nil, fmt.Errorf("ncm read key length: %w", err)
 	}
-	bKeyLen := d.file[d.offsetKey : d.offsetKey+4]
 	iKeyLen := binary.LittleEndian.Uint32(bKeyLen)
-	d.offsetMeta = d.offsetKey + 4 + iKeyLen

 	bKeyRaw := make([]byte, iKeyLen)
+	if _, err := io.ReadFull(d.rd, bKeyRaw); err != nil {
+		return nil, fmt.Errorf("ncm read key data: %w", err)
+	}
 	for i := uint32(0); i < iKeyLen; i++ {
-		bKeyRaw[i] = d.file[i+4+d.offsetKey] ^ 0x64
+		bKeyRaw[i] ^= 0x64
 	}

-	d.key = utils.PKCS7UnPadding(utils.DecryptAes128Ecb(bKeyRaw, keyCore))[17:]
-	return nil
+	return utils.PKCS7UnPadding(utils.DecryptAES128ECB(bKeyRaw, keyCore))[17:], nil
 }

 func (d *Decoder) readMetaData() error {
-	if d.offsetMeta == 0 || d.offsetMeta+4 > d.fileLen {
-		return errors.New("invalid meta file offset")
+	bMetaLen := make([]byte, 4) //
+	if _, err := io.ReadFull(d.rd, bMetaLen); err != nil {
+		return fmt.Errorf("ncm read key length: %w", err)
 	}
-	bMetaLen := d.file[d.offsetMeta : d.offsetMeta+4]
 	iMetaLen := binary.LittleEndian.Uint32(bMetaLen)
-	d.offsetCover = d.offsetMeta + 4 + iMetaLen
+
 	if iMetaLen == 0 {
-		return errors.New("no any meta file found")
+		return nil // no meta data
 	}

-	// Why sub 22: Remove "163 key(Don't modify):"
-	bKeyRaw := make([]byte, iMetaLen-22)
-	for i := uint32(0); i < iMetaLen-22; i++ {
-		bKeyRaw[i] = d.file[d.offsetMeta+4+22+i] ^ 0x63
+	bMetaRaw := make([]byte, iMetaLen)
+	if _, err := io.ReadFull(d.rd, bMetaRaw); err != nil {
+		return fmt.Errorf("ncm read meta data: %w", err)
+	}
+	bMetaRaw = bMetaRaw[22:] // skip "163 key(Don't modify):"
+	for i := 0; i < len(bMetaRaw); i++ {
+		bMetaRaw[i] ^= 0x63
 	}

-	cipherText, err := base64.StdEncoding.DecodeString(string(bKeyRaw))
+	cipherText, err := base64.StdEncoding.DecodeString(string(bMetaRaw))
 	if err != nil {
 		return errors.New("decode ncm meta failed: " + err.Error())
 	}
-	metaRaw := utils.PKCS7UnPadding(utils.DecryptAes128Ecb(cipherText, keyMeta))
-	sepIdx := bytes.IndexRune(metaRaw, ':')
-	if sepIdx == -1 {
+	metaRaw := utils.PKCS7UnPadding(utils.DecryptAES128ECB(cipherText, keyMeta))
+	sep := bytes.IndexByte(metaRaw, ':')
+	if sep == -1 {
 		return errors.New("invalid ncm meta file")
 	}

-	d.metaType = string(metaRaw[:sepIdx])
-	d.metaRaw = metaRaw[sepIdx+1:]
+	d.metaType = string(metaRaw[:sep])
+	d.metaRaw = metaRaw[sep+1:]
+
 	return nil
 }

-func (d *Decoder) buildKeyBox() {
-	box := make([]byte, 256)
-	for i := 0; i < 256; i++ {
-		box[i] = byte(i)
+func (d *Decoder) readCoverData() error {
+	bCoverCRC := make([]byte, 4)
+	if _, err := io.ReadFull(d.rd, bCoverCRC); err != nil {
+		return fmt.Errorf("ncm read cover crc: %w", err)
 	}

-	keyLen := len(d.key)
-	var j byte
-	for i := 0; i < 256; i++ {
-		j = box[i] + j + d.key[i%keyLen]
-		box[i], box[j] = box[j], box[i]
+	bCoverLen := make([]byte, 4) //
+	if _, err := io.ReadFull(d.rd, bCoverLen); err != nil {
+		return fmt.Errorf("ncm read cover length: %w", err)
 	}
+	iCoverLen := binary.LittleEndian.Uint32(bCoverLen)

-	d.box = make([]byte, 256)
-	var _i byte
-	for i := 0; i < 256; i++ {
-		_i = byte(i + 1)
-		si := box[_i]
-		sj := box[_i+si]
-		d.box[i] = box[si+sj]
+	coverBuf := make([]byte, iCoverLen)
+	if _, err := io.ReadFull(d.rd, coverBuf); err != nil {
+		return fmt.Errorf("ncm read cover data: %w", err)
 	}
+	d.cover = coverBuf
+
+	return nil
 }

 func (d *Decoder) parseMeta() error {
@ -146,59 +184,16 @@ func (d *Decoder) parseMeta() error {
 	}
 }

-func (d *Decoder) readCoverData() error {
-	if d.offsetCover == 0 || d.offsetCover+13 > d.fileLen {
-		return errors.New("invalid cover file offset")
+func (d *Decoder) Read(buf []byte) (int, error) {
+	n, err := d.rd.Read(buf)
+	if n > 0 {
+		d.cipher.Decrypt(buf[:n], d.offset)
+		d.offset += n
 	}
-
-	coverLenStart := d.offsetCover + 5 + 4
-	bCoverLen := d.file[coverLenStart : coverLenStart+4]
-
-	iCoverLen := binary.LittleEndian.Uint32(bCoverLen)
-	d.offsetAudio = coverLenStart + 4 + iCoverLen
-	if iCoverLen == 0 {
-		return errors.New("no any cover file found")
-	}
-	d.cover = d.file[coverLenStart+4 : 4+coverLenStart+iCoverLen]
-	return nil
+	return n, err
 }

-func (d *Decoder) readAudioData() error {
-	if d.offsetAudio == 0 || d.offsetAudio > d.fileLen {
-		return errors.New("invalid audio offset")
-	}
-	audioRaw := d.file[d.offsetAudio:]
-	audioLen := len(audioRaw)
-	d.audio = make([]byte, audioLen)
-	for i := uint32(0); i < uint32(audioLen); i++ {
-		d.audio[i] = d.box[i&0xff] ^ audioRaw[i]
-	}
-	return nil
-}
-
-func (d *Decoder) Decode() error {
-	if err := d.readKeyData(); err != nil {
-		return err
-	}
-	d.buildKeyBox()
-
-	err := d.readMetaData()
-	if err == nil {
-		err = d.parseMeta()
-	}
-	if err != nil {
-		logging.Log().Warn("parse ncm meta file failed", zap.Error(err))
-	}
-
-	err = d.readCoverData()
-	if err != nil {
-		logging.Log().Warn("parse ncm cover file failed", zap.Error(err))
-	}
-
-	return d.readAudioData()
-}
-
-func (d Decoder) GetAudioExt() string {
+func (d *Decoder) GetAudioExt() string {
 	if d.meta != nil {
 		if format := d.meta.GetFormat(); format != "" {
 			return "." + d.meta.GetFormat()
@ -207,44 +202,38 @@ func (d Decoder) GetAudioExt() string {
 	return ""
 }

-func (d Decoder) GetAudioData() []byte {
-	return d.audio
-}
-
-func (d Decoder) GetCoverImage() []byte {
+func (d *Decoder) GetCoverImage(ctx context.Context) ([]byte, error) {
 	if d.cover != nil {
-		return d.cover
+		return d.cover, nil
 	}
-	{
-		imgURL := d.meta.GetAlbumImageURL()
-		if d.meta != nil && !strings.HasPrefix(imgURL, "http") {
-			return nil
-		}
-		resp, err := http.Get(imgURL)
-		if err != nil {
-			logging.Log().Warn("download image failed", zap.Error(err), zap.String("url", imgURL))
-			return nil
-		}
-		defer resp.Body.Close()
-		if resp.StatusCode != http.StatusOK {
-			logging.Log().Warn("download image failed", zap.String("http", resp.Status),
-				zap.String("url", imgURL))
-			return nil
-		}
-		data, err := ioutil.ReadAll(resp.Body)
-		if err != nil {
-			logging.Log().Warn("download image failed", zap.Error(err), zap.String("url", imgURL))
-			return nil
-		}
-		return data
+	imgURL := d.meta.GetAlbumImageURL()
+	if d.meta != nil && !strings.HasPrefix(imgURL, "http") {
+		return nil, nil // no cover image
 	}
+
+	// fetch cover image
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, imgURL, nil)
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("download image failed: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("download image failed: unexpected http status %s", resp.Status)
+	}
+	data, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("download image failed: %w", err)
+	}
+	return data, nil
 }

-func (d Decoder) GetMeta() common.Meta {
+func (d *Decoder) GetMeta() common.Meta {
 	return d.meta
 }

 func init() {
 	// Netease Mp3/Flac
-	common.RegisterDecoder("ncm", NewDecoder)
+	common.RegisterDecoder("ncm", false, NewDecoder)
 }
--- a/algo/ncm/ncm_cipher.go
+++ b/algo/ncm/ncm_cipher.go
@ -0,0 +1,42 @@
+package ncm
+
+type ncmCipher struct {
+	key []byte
+	box []byte
+}
+
+func newNcmCipher(key []byte) *ncmCipher {
+	return &ncmCipher{
+		key: key,
+		box: buildKeyBox(key),
+	}
+}
+
+func (c *ncmCipher) Decrypt(buf []byte, offset int) {
+	for i := 0; i < len(buf); i++ {
+		buf[i] ^= c.box[(i+offset)&0xff]
+	}
+}
+
+func buildKeyBox(key []byte) []byte {
+	box := make([]byte, 256)
+	for i := 0; i < 256; i++ {
+		box[i] = byte(i)
+	}
+
+	var j byte
+	for i := 0; i < 256; i++ {
+		j = box[i] + j + key[i%len(key)]
+		box[i], box[j] = box[j], box[i]
+	}
+
+	ret := make([]byte, 256)
+	var _i byte
+	for i := 0; i < 256; i++ {
+		_i = byte(i + 1)
+		si := box[_i]
+		sj := box[_i+si]
+		ret[i] = box[si+sj]
+	}
+	return ret
+}
--- a/algo/qmc/cipher_map.go
+++ b/algo/qmc/cipher_map.go
@ -0,0 +1,39 @@
+package qmc
+
+import "errors"
+
+type mapCipher struct {
+	key  []byte
+	box  []byte
+	size int
+}
+
+func newMapCipher(key []byte) (*mapCipher, error) {
+	if len(key) == 0 {
+		return nil, errors.New("qmc/cipher_map: invalid key size")
+	}
+	c := &mapCipher{key: key, size: len(key)}
+	c.box = make([]byte, c.size)
+	return c, nil
+}
+
+func (c *mapCipher) getMask(offset int) byte {
+	if offset > 0x7FFF {
+		offset %= 0x7FFF
+	}
+	idx := (offset*offset + 71214) % c.size
+	return c.rotate(c.key[idx], byte(idx)&0x7)
+}
+
+func (c *mapCipher) rotate(value byte, bits byte) byte {
+	rotate := (bits + 4) % 8
+	left := value << rotate
+	right := value >> rotate
+	return left | right
+}
+
+func (c *mapCipher) Decrypt(buf []byte, offset int) {
+	for i := 0; i < len(buf); i++ {
+		buf[i] ^= c.getMask(offset + i)
+	}
+}
--- a/algo/qmc/cipher_map_test.go
+++ b/algo/qmc/cipher_map_test.go
@ -0,0 +1,53 @@
+package qmc
+
+import (
+	"fmt"
+	"os"
+	"reflect"
+	"testing"
+)
+
+func loadTestDataMapCipher(name string) ([]byte, []byte, []byte, error) {
+	key, err := os.ReadFile(fmt.Sprintf("./testdata/%s_key.bin", name))
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	raw, err := os.ReadFile(fmt.Sprintf("./testdata/%s_raw.bin", name))
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	target, err := os.ReadFile(fmt.Sprintf("./testdata/%s_target.bin", name))
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	return key, raw, target, nil
+}
+func Test_mapCipher_Decrypt(t *testing.T) {
+
+	tests := []struct {
+		name    string
+		wantErr bool
+	}{
+		{"mflac_map", false},
+		{"mgg_map", false},
+	}
+
+	for _, tt := range tests {
+
+		t.Run(tt.name, func(t *testing.T) {
+			key, raw, target, err := loadTestDataMapCipher(tt.name)
+			if err != nil {
+				t.Fatalf("load testing data failed: %s", err)
+			}
+			c, err := newMapCipher(key)
+			if err != nil {
+				t.Errorf("init mapCipher failed: %s", err)
+				return
+			}
+			c.Decrypt(raw, 0)
+			if !reflect.DeepEqual(raw, target) {
+				t.Error("overall")
+			}
+		})
+	}
+}
--- a/algo/qmc/cipher_rc4.go
+++ b/algo/qmc/cipher_rc4.go
@ -0,0 +1,124 @@
+package qmc
+
+import (
+	"errors"
+)
+
+// A rc4Cipher is an instance of RC4 using a particular key.
+type rc4Cipher struct {
+	box  []byte
+	key  []byte
+	hash uint32
+	n    int
+}
+
+// newRC4Cipher creates and returns a new rc4Cipher. The key argument should be the
+// RC4 key, at least 1 byte and at most 256 bytes.
+func newRC4Cipher(key []byte) (*rc4Cipher, error) {
+	n := len(key)
+	if n == 0 {
+		return nil, errors.New("qmc/cipher_rc4: invalid key size")
+	}
+
+	var c = rc4Cipher{key: key, n: n}
+	c.box = make([]byte, n)
+
+	for i := 0; i < n; i++ {
+		c.box[i] = byte(i)
+	}
+
+	var j = 0
+	for i := 0; i < n; i++ {
+		j = (j + int(c.box[i]) + int(key[i%n])) % n
+		c.box[i], c.box[j] = c.box[j], c.box[i]
+	}
+	c.getHashBase()
+	return &c, nil
+}
+
+func (c *rc4Cipher) getHashBase() {
+	c.hash = 1
+	for i := 0; i < c.n; i++ {
+		v := uint32(c.key[i])
+		if v == 0 {
+			continue
+		}
+		nextHash := c.hash * v
+		if nextHash == 0 || nextHash <= c.hash {
+			break
+		}
+		c.hash = nextHash
+	}
+}
+
+const (
+	rc4SegmentSize      = 5120
+	rc4FirstSegmentSize = 128
+)
+
+func (c *rc4Cipher) Decrypt(src []byte, offset int) {
+	toProcess := len(src)
+	processed := 0
+	markProcess := func(p int) (finished bool) {
+		offset += p
+		toProcess -= p
+		processed += p
+		return toProcess == 0
+	}
+
+	if offset < rc4FirstSegmentSize {
+		blockSize := toProcess
+		if blockSize > rc4FirstSegmentSize-offset {
+			blockSize = rc4FirstSegmentSize - offset
+		}
+		c.encFirstSegment(src[:blockSize], offset)
+		if markProcess(blockSize) {
+			return
+		}
+	}
+
+	if offset%rc4SegmentSize != 0 {
+		blockSize := toProcess
+		if blockSize > rc4SegmentSize-offset%rc4SegmentSize {
+			blockSize = rc4SegmentSize - offset%rc4SegmentSize
+		}
+		c.encASegment(src[processed:processed+blockSize], offset)
+		if markProcess(blockSize) {
+			return
+		}
+	}
+	for toProcess > rc4SegmentSize {
+		c.encASegment(src[processed:processed+rc4SegmentSize], offset)
+		markProcess(rc4SegmentSize)
+	}
+
+	if toProcess > 0 {
+		c.encASegment(src[processed:], offset)
+	}
+}
+func (c *rc4Cipher) encFirstSegment(buf []byte, offset int) {
+	for i := 0; i < len(buf); i++ {
+		buf[i] ^= c.key[c.getSegmentSkip(offset+i)]
+	}
+}
+
+func (c *rc4Cipher) encASegment(buf []byte, offset int) {
+	box := make([]byte, c.n)
+	copy(box, c.box)
+	j, k := 0, 0
+
+	skipLen := (offset % rc4SegmentSize) + c.getSegmentSkip(offset/rc4SegmentSize)
+	for i := -skipLen; i < len(buf); i++ {
+		j = (j + 1) % c.n
+		k = (int(box[j]) + k) % c.n
+		box[j], box[k] = box[k], box[j]
+		if i >= 0 {
+			buf[i] ^= box[(int(box[j])+int(box[k]))%c.n]
+		}
+	}
+}
+func (c *rc4Cipher) getSegmentSkip(id int) int {
+	seed := int(c.key[id%c.n])
+	idx := int64(float64(c.hash) / float64((id+1)*seed) * 100.0)
+	return int(idx % int64(c.n))
+}
--- a/algo/qmc/cipher_rc4_test.go
+++ b/algo/qmc/cipher_rc4_test.go
@ -0,0 +1,115 @@
+package qmc
+
+import (
+	"os"
+	"reflect"
+	"testing"
+)
+
+func loadTestRC4CipherData(name string) ([]byte, []byte, []byte, error) {
+	prefix := "./testdata/" + name
+	key, err := os.ReadFile(prefix + "_key.bin")
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	raw, err := os.ReadFile(prefix + "_raw.bin")
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	target, err := os.ReadFile(prefix + "_target.bin")
+	if err != nil {
+		return nil, nil, nil, err
+	}
+
+	return key, raw, target, nil
+}
+func Test_rc4Cipher_Decrypt(t *testing.T) {
+	tests := []struct {
+		name    string
+		wantErr bool
+	}{
+		{"mflac0_rc4", false},
+		{"mflac_rc4", false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			key, raw, target, err := loadTestRC4CipherData(tt.name)
+			if err != nil {
+				t.Fatalf("load testing data failed: %s", err)
+			}
+			c, err := newRC4Cipher(key)
+			if err != nil {
+				t.Errorf("init rc4Cipher failed: %s", err)
+				return
+			}
+			c.Decrypt(raw, 0)
+			if !reflect.DeepEqual(raw, target) {
+				t.Error("overall")
+			}
+		})
+	}
+
+}
+func BenchmarkRc4Cipher_Decrypt(b *testing.B) {
+	key, raw, _, err := loadTestRC4CipherData("mflac0_rc4")
+	if err != nil {
+		b.Fatalf("load testing data failed: %s", err)
+	}
+	c, err := newRC4Cipher(key)
+	if err != nil {
+		b.Errorf("init rc4Cipher failed: %s", err)
+		return
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		c.Decrypt(raw, 0)
+	}
+}
+
+func Test_rc4Cipher_encFirstSegment(t *testing.T) {
+	key, raw, target, err := loadTestRC4CipherData("mflac0_rc4")
+	if err != nil {
+		t.Fatalf("load testing data failed: %s", err)
+	}
+	t.Run("first-block(0~128)", func(t *testing.T) {
+		c, err := newRC4Cipher(key)
+		if err != nil {
+			t.Errorf("init rc4Cipher failed: %s", err)
+			return
+		}
+		c.Decrypt(raw[:128], 0)
+		if !reflect.DeepEqual(raw[:128], target[:128]) {
+			t.Error("first-block(0~128)")
+		}
+	})
+}
+
+func Test_rc4Cipher_encASegment(t *testing.T) {
+	key, raw, target, err := loadTestRC4CipherData("mflac0_rc4")
+	if err != nil {
+		t.Fatalf("load testing data failed: %s", err)
+	}
+
+	t.Run("align-block(128~5120)", func(t *testing.T) {
+		c, err := newRC4Cipher(key)
+		if err != nil {
+			t.Errorf("init rc4Cipher failed: %s", err)
+			return
+		}
+		c.Decrypt(raw[128:5120], 128)
+		if !reflect.DeepEqual(raw[128:5120], target[128:5120]) {
+			t.Error("align-block(128~5120)")
+		}
+	})
+	t.Run("simple-block(5120~10240)", func(t *testing.T) {
+		c, err := newRC4Cipher(key)
+		if err != nil {
+			t.Errorf("init rc4Cipher failed: %s", err)
+			return
+		}
+		c.Decrypt(raw[5120:10240], 5120)
+		if !reflect.DeepEqual(raw[5120:10240], target[5120:10240]) {
+			t.Error("align-block(128~5120)")
+		}
+	})
+}
--- a/algo/qmc/cipher_static.go
+++ b/algo/qmc/cipher_static.go
@ -0,0 +1,57 @@
+package qmc
+
+func newStaticCipher() *staticCipher {
+	return &defaultStaticCipher
+}
+
+var defaultStaticCipher = staticCipher{}
+
+type staticCipher struct{}
+
+func (c *staticCipher) Decrypt(buf []byte, offset int) {
+	for i := 0; i < len(buf); i++ {
+		buf[i] ^= c.getMask(offset + i)
+	}
+}
+func (c *staticCipher) getMask(offset int) byte {
+	if offset > 0x7FFF {
+		offset %= 0x7FFF
+	}
+	idx := (offset*offset + 27) & 0xff
+	return staticCipherBox[idx]
+}
+
+var staticCipherBox = [...]byte{
+	0x77, 0x48, 0x32, 0x73, 0xDE, 0xF2, 0xC0, 0xC8, //0x00
+	0x95, 0xEC, 0x30, 0xB2, 0x51, 0xC3, 0xE1, 0xA0, //0x08
+	0x9E, 0xE6, 0x9D, 0xCF, 0xFA, 0x7F, 0x14, 0xD1, //0x10
+	0xCE, 0xB8, 0xDC, 0xC3, 0x4A, 0x67, 0x93, 0xD6, //0x18
+	0x28, 0xC2, 0x91, 0x70, 0xCA, 0x8D, 0xA2, 0xA4, //0x20
+	0xF0, 0x08, 0x61, 0x90, 0x7E, 0x6F, 0xA2, 0xE0, //0x28
+	0xEB, 0xAE, 0x3E, 0xB6, 0x67, 0xC7, 0x92, 0xF4, //0x30
+	0x91, 0xB5, 0xF6, 0x6C, 0x5E, 0x84, 0x40, 0xF7, //0x38
+	0xF3, 0x1B, 0x02, 0x7F, 0xD5, 0xAB, 0x41, 0x89, //0x40
+	0x28, 0xF4, 0x25, 0xCC, 0x52, 0x11, 0xAD, 0x43, //0x48
+	0x68, 0xA6, 0x41, 0x8B, 0x84, 0xB5, 0xFF, 0x2C, //0x50
+	0x92, 0x4A, 0x26, 0xD8, 0x47, 0x6A, 0x7C, 0x95, //0x58
+	0x61, 0xCC, 0xE6, 0xCB, 0xBB, 0x3F, 0x47, 0x58, //0x60
+	0x89, 0x75, 0xC3, 0x75, 0xA1, 0xD9, 0xAF, 0xCC, //0x68
+	0x08, 0x73, 0x17, 0xDC, 0xAA, 0x9A, 0xA2, 0x16, //0x70
+	0x41, 0xD8, 0xA2, 0x06, 0xC6, 0x8B, 0xFC, 0x66, //0x78
+	0x34, 0x9F, 0xCF, 0x18, 0x23, 0xA0, 0x0A, 0x74, //0x80
+	0xE7, 0x2B, 0x27, 0x70, 0x92, 0xE9, 0xAF, 0x37, //0x88
+	0xE6, 0x8C, 0xA7, 0xBC, 0x62, 0x65, 0x9C, 0xC2, //0x90
+	0x08, 0xC9, 0x88, 0xB3, 0xF3, 0x43, 0xAC, 0x74, //0x98
+	0x2C, 0x0F, 0xD4, 0xAF, 0xA1, 0xC3, 0x01, 0x64, //0xA0
+	0x95, 0x4E, 0x48, 0x9F, 0xF4, 0x35, 0x78, 0x95, //0xA8
+	0x7A, 0x39, 0xD6, 0x6A, 0xA0, 0x6D, 0x40, 0xE8, //0xB0
+	0x4F, 0xA8, 0xEF, 0x11, 0x1D, 0xF3, 0x1B, 0x3F, //0xB8
+	0x3F, 0x07, 0xDD, 0x6F, 0x5B, 0x19, 0x30, 0x19, //0xC0
+	0xFB, 0xEF, 0x0E, 0x37, 0xF0, 0x0E, 0xCD, 0x16, //0xC8
+	0x49, 0xFE, 0x53, 0x47, 0x13, 0x1A, 0xBD, 0xA4, //0xD0
+	0xF1, 0x40, 0x19, 0x60, 0x0E, 0xED, 0x68, 0x09, //0xD8
+	0x06, 0x5F, 0x4D, 0xCF, 0x3D, 0x1A, 0xFE, 0x20, //0xE0
+	0x77, 0xE4, 0xD9, 0xDA, 0xF9, 0xA4, 0x2B, 0x76, //0xE8
+	0x1C, 0x71, 0xDB, 0x00, 0xBC, 0xFD, 0x0C, 0x6C, //0xF0
+	0xA5, 0x47, 0xF7, 0xF6, 0x00, 0x79, 0x4A, 0x11, //0xF8
+}
--- a/algo/qmc/consts.go
+++ b/algo/qmc/consts.go
@ -1,70 +0,0 @@
-package qmc
-
-var oggPublicHeader1 = []byte{
-	0x4f, 0x67, 0x67, 0x53, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff,
-	0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0x01, 0x1e, 0x01, 0x76, 0x6f, 0x72,
-	0x62, 0x69, 0x73, 0x00, 0x00, 0x00, 0x00, 0x02, 0x44, 0xac, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	0x00, 0xee, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb8, 0x01, 0x4f, 0x67, 0x67, 0x53, 0x00, 0x00,
-	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0x01, 0x00, 0x00, 0x00,
-	0xff, 0xff, 0xff, 0xff}
-
-var oggPublicHeader2 = []byte{
-	0x03, 0x76, 0x6f, 0x72, 0x62, 0x69, 0x73, 0x2c, 0x00, 0x00, 0x00, 0x58, 0x69, 0x70, 0x68, 0x2e,
-	0x4f, 0x72, 0x67, 0x20, 0x6c, 0x69, 0x62, 0x56, 0x6f, 0x72, 0x62, 0x69, 0x73, 0x20, 0x49, 0x20,
-	0x32, 0x30, 0x31, 0x35, 0x30, 0x31, 0x30, 0x35, 0x20, 0x28, 0xe2, 0x9b, 0x84, 0xe2, 0x9b, 0x84,
-	0xe2, 0x9b, 0x84, 0xe2, 0x9b, 0x84, 0x29, 0xff, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x00, 0x54,
-	0x49, 0x54, 0x4c, 0x45, 0x3d}
-
-var oggPublicConfidence1 = []uint{
-	9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 0, 0,
-	0, 0, 9, 9, 9, 9, 0, 0, 0, 0, 9, 9, 9, 9, 9, 9,
-	9, 9, 9, 9, 9, 9, 9, 6, 3, 3, 3, 3, 6, 6, 6, 6,
-	3, 3, 3, 3, 6, 6, 6, 6, 6, 9, 9, 9, 9, 9, 9, 9,
-	9, 9, 9, 9, 9, 9, 9, 9, 0, 0, 0, 0, 9, 9, 9, 9,
-	0, 0, 0, 0}
-
-var oggPublicConfidence2 = []uint{
-	3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
-	3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
-	3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
-	3, 3, 3, 3, 3, 3, 3, 0, 1, 3, 3, 0, 1, 3, 3, 3,
-	3, 3, 3, 3, 3}
-
-var (
-	defaultKey256Mask44 = []byte{
-		0xde, 0x51, 0xfa, 0xc3, 0x4a, 0xd6, 0xca, 0x90,
-		0x7e, 0x67, 0x5e, 0xf7, 0xd5, 0x52, 0x84, 0xd8,
-		0x47, 0x95, 0xbb, 0xa1, 0xaa, 0xc6, 0x66, 0x23,
-		0x92, 0x62, 0xf3, 0x74, 0xa1, 0x9f, 0xf4, 0xa0,
-		0x1d, 0x3f, 0x5b, 0xf0, 0x13, 0x0e, 0x09, 0x3d,
-		0xf9, 0xbc, 0x00, 0x11}
-)
-var key256MappingAll [][]int //[idx256][idx128]idx44
-var key256Mapping128to44 map[int]int
-
-func init() {
-	{ // init all mapping
-		key256MappingAll = make([][]int, 256)
-		for i := 0; i < 128; i++ {
-			realIdx := (i*i + 27) % 256
-			if key256MappingAll[realIdx] == nil {
-				key256MappingAll[realIdx] = []int{i}
-			} else {
-				key256MappingAll[realIdx] = append(key256MappingAll[realIdx], i)
-			}
-		}
-	}
-	{ // init
-		key256Mapping128to44 = make(map[int]int, 128)
-		idx44 := 0
-		for _, all128 := range key256MappingAll {
-			if all128 != nil {
-				for _, _i128 := range all128 {
-					key256Mapping128to44[_i128] = idx44
-				}
-				idx44++
-			}
-		}
-	}
-
-}
--- a/algo/qmc/key_derive.go
+++ b/algo/qmc/key_derive.go
@ -0,0 +1,161 @@
+package qmc
+
+import (
+	"bytes"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"math"
+
+	"golang.org/x/crypto/tea"
+)
+
+func simpleMakeKey(salt byte, length int) []byte {
+	keyBuf := make([]byte, length)
+	for i := 0; i < length; i++ {
+		tmp := math.Tan(float64(salt) + float64(i)*0.1)
+		keyBuf[i] = byte(math.Abs(tmp) * 100.0)
+	}
+	return keyBuf
+}
+
+const rawKeyPrefixV2 = "QQMusic EncV2,Key:"
+
+func deriveKey(rawKey []byte) ([]byte, error) {
+	rawKeyDec := make([]byte, base64.StdEncoding.DecodedLen(len(rawKey)))
+	n, err := base64.StdEncoding.Decode(rawKeyDec, rawKey)
+	if err != nil {
+		return nil, err
+	}
+	rawKeyDec = rawKeyDec[:n]
+
+	if bytes.HasPrefix(rawKeyDec, []byte(rawKeyPrefixV2)) {
+		rawKeyDec, err = deriveKeyV2(bytes.TrimPrefix(rawKeyDec, []byte(rawKeyPrefixV2)))
+		if err != nil {
+			return nil, fmt.Errorf("deriveKeyV2 failed: %w", err)
+		}
+	}
+	return deriveKeyV1(rawKeyDec)
+}
+
+func deriveKeyV1(rawKeyDec []byte) ([]byte, error) {
+	if len(rawKeyDec) < 16 {
+		return nil, errors.New("key length is too short")
+	}
+
+	simpleKey := simpleMakeKey(106, 8)
+	teaKey := make([]byte, 16)
+	for i := 0; i < 8; i++ {
+		teaKey[i<<1] = simpleKey[i]
+		teaKey[i<<1+1] = rawKeyDec[i]
+	}
+
+	rs, err := decryptTencentTea(rawKeyDec[8:], teaKey)
+	if err != nil {
+		return nil, err
+	}
+	return append(rawKeyDec[:8], rs...), nil
+}
+
+var (
+	deriveV2Key1 = []byte{
+		0x33, 0x38, 0x36, 0x5A, 0x4A, 0x59, 0x21, 0x40,
+		0x23, 0x2A, 0x24, 0x25, 0x5E, 0x26, 0x29, 0x28,
+	}
+
+	deriveV2Key2 = []byte{
+		0x2A, 0x2A, 0x23, 0x21, 0x28, 0x23, 0x24, 0x25,
+		0x26, 0x5E, 0x61, 0x31, 0x63, 0x5A, 0x2C, 0x54,
+	}
+)
+
+func deriveKeyV2(raw []byte) ([]byte, error) {
+	buf, err := decryptTencentTea(raw, deriveV2Key1)
+	if err != nil {
+		return nil, err
+	}
+
+	buf, err = decryptTencentTea(buf, deriveV2Key2)
+	if err != nil {
+		return nil, err
+	}
+
+	n, err := base64.StdEncoding.Decode(buf, buf)
+	if err != nil {
+		return nil, err
+	}
+	return buf[:n], nil
+}
+
+func decryptTencentTea(inBuf []byte, key []byte) ([]byte, error) {
+	const saltLen = 2
+	const zeroLen = 7
+	if len(inBuf)%8 != 0 {
+		return nil, errors.New("inBuf size not a multiple of the block size")
+	}
+	if len(inBuf) < 16 {
+		return nil, errors.New("inBuf size too small")
+	}
+
+	blk, err := tea.NewCipherWithRounds(key, 32)
+	if err != nil {
+		return nil, err
+	}
+
+	destBuf := make([]byte, 8)
+	blk.Decrypt(destBuf, inBuf)
+	padLen := int(destBuf[0] & 0x7)
+	outLen := len(inBuf) - 1 - padLen - saltLen - zeroLen
+
+	out := make([]byte, outLen)
+
+	ivPrev := make([]byte, 8)
+	ivCur := inBuf[:8]
+
+	inBufPos := 8
+
+	destIdx := 1 + padLen
+	cryptBlock := func() {
+		ivPrev = ivCur
+		ivCur = inBuf[inBufPos : inBufPos+8]
+
+		xor8Bytes(destBuf, destBuf, inBuf[inBufPos:inBufPos+8])
+		blk.Decrypt(destBuf, destBuf)
+
+		inBufPos += 8
+		destIdx = 0
+	}
+	for i := 1; i <= saltLen; {
+		if destIdx < 8 {
+			destIdx++
+			i++
+		} else if destIdx == 8 {
+			cryptBlock()
+		}
+	}
+
+	outPos := 0
+	for outPos < outLen {
+		if destIdx < 8 {
+			out[outPos] = destBuf[destIdx] ^ ivPrev[destIdx]
+			destIdx++
+			outPos++
+		} else if destIdx == 8 {
+			cryptBlock()
+		}
+	}
+
+	for i := 1; i <= zeroLen; i++ {
+		if destBuf[destIdx] != ivPrev[destIdx] {
+			return nil, errors.New("zero check failed")
+		}
+	}
+
+	return out, nil
+}
+
+func xor8Bytes(dst, a, b []byte) {
+	for i := 0; i < 8; i++ {
+		dst[i] = a[i] ^ b[i]
+	}
+}
--- a/algo/qmc/key_derive_test.go
+++ b/algo/qmc/key_derive_test.go
@ -0,0 +1,57 @@
+package qmc
+
+import (
+	"fmt"
+	"os"
+	"reflect"
+	"testing"
+)
+
+func TestSimpleMakeKey(t *testing.T) {
+	expect := []byte{0x69, 0x56, 0x46, 0x38, 0x2b, 0x20, 0x15, 0x0b}
+	t.Run("106,8", func(t *testing.T) {
+		if got := simpleMakeKey(106, 8); !reflect.DeepEqual(got, expect) {
+			t.Errorf("simpleMakeKey() = %v, want %v", got, expect)
+		}
+	})
+}
+func loadDecryptKeyData(name string) ([]byte, []byte, error) {
+	keyRaw, err := os.ReadFile(fmt.Sprintf("./testdata/%s_key_raw.bin", name))
+	if err != nil {
+		return nil, nil, err
+	}
+	keyDec, err := os.ReadFile(fmt.Sprintf("./testdata/%s_key.bin", name))
+	if err != nil {
+		return nil, nil, err
+	}
+	return keyRaw, keyDec, nil
+}
+func TestDecryptKey(t *testing.T) {
+	tests := []struct {
+		name     string
+		filename string
+		wantErr  bool
+	}{
+		{"mflac0_rc4(512)", "mflac0_rc4", false},
+		{"mflac_map(256)", "mflac_map", false},
+		{"mflac_rc4(256)", "mflac_rc4", false},
+		{"mgg_map(256)", "mgg_map", false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			raw, want, err := loadDecryptKeyData(tt.filename)
+			if err != nil {
+				t.Fatalf("load test data failed: %s", err)
+			}
+			got, err := deriveKey(raw)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("deriveKey() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if !reflect.DeepEqual(got, want) {
+				t.Errorf("deriveKey() got = %v..., want %v...",
+					string(got[:32]), string(want[:32]))
+			}
+		})
+	}
+}
--- a/algo/qmc/mask_key256.go
+++ b/algo/qmc/mask_key256.go
@ -1,212 +0,0 @@
-package qmc
-
-import (
-	"bytes"
-	"errors"
-	"github.com/unlock-music/cli/algo/common"
-	"github.com/unlock-music/cli/internal/logging"
-	"go.uber.org/zap"
-)
-
-var (
-	ErrFailToMatchMask = errors.New("can not match at least one key")
-	ErrTestDataLength  = errors.New("invalid length of test file")
-	ErrMaskLength128   = errors.New("incorrect mask length 128")
-	ErrMaskLength44    = errors.New("incorrect mask length 44")
-	ErrMaskDecode      = errors.New("decode mask-128 to mask-58 failed")
-	ErrDetectFlacMask  = errors.New("can not detect mflac mask")
-	ErrDetectMggMask   = errors.New("can not detect mgg mask")
-)
-
-type Key256Mask struct {
-	matrix []byte // Mask 128
-}
-
-func NewKey256FromMask128(mask128 []byte) (*Key256Mask, error) {
-	if len(mask128) != 128 {
-		return nil, ErrMaskLength128
-	}
-	q := &Key256Mask{matrix: mask128}
-	return q, nil
-}
-
-func NewKey256FromMask44(mask44 []byte) (*Key256Mask, error) {
-	mask128, err := convertKey256Mask44to128(mask44)
-	if err != nil {
-		return nil, err
-	}
-	q := &Key256Mask{matrix: mask128}
-	return q, nil
-}
-
-func (q *Key256Mask) getMatrix44() (mask44 []byte, err error) {
-	if len(q.matrix) != 128 {
-		return nil, ErrMaskLength128
-	}
-	matrix44 := make([]byte, 44)
-	idx44 := 0
-	for _, it256 := range key256MappingAll {
-		if it256 != nil {
-			it256Len := len(it256)
-			for i := 1; i < it256Len; i++ {
-				if q.matrix[it256[0]] != q.matrix[it256[i]] {
-					return nil, ErrMaskDecode
-				}
-			}
-			q.matrix[idx44] = q.matrix[it256[0]]
-			idx44++
-		}
-	}
-	return matrix44, nil
-}
-
-func (q *Key256Mask) Decrypt(data []byte) []byte {
-	dst := make([]byte, len(data))
-	index := -1
-	maskIdx := -1
-	for cur := 0; cur < len(data); cur++ {
-		index++
-		maskIdx++
-		if index == 0x8000 || (index > 0x8000 && (index+1)%0x8000 == 0) {
-			index++
-			maskIdx++
-		}
-		if maskIdx >= 128 {
-			maskIdx -= 128
-		}
-		dst[cur] = data[cur] ^ q.matrix[maskIdx]
-	}
-	return dst
-}
-
-func convertKey256Mask44to128(mask44 []byte) ([]byte, error) {
-	if len(mask44) != 44 {
-		return nil, ErrMaskLength44
-	}
-	mask128 := make([]byte, 128)
-	idx44 := 0
-	for _, it256 := range key256MappingAll {
-		if it256 != nil {
-			for _, idx128 := range it256 {
-				mask128[idx128] = mask44[idx44]
-			}
-			idx44++
-		}
-	}
-	return mask128, nil
-}
-
-func getDefaultMask() *Key256Mask {
-	y, _ := NewKey256FromMask44(defaultKey256Mask44)
-	return y
-}
-
-func detectMflac256Mask(input []byte) (*Key256Mask, error) {
-	var q *Key256Mask
-	var rtErr = ErrDetectFlacMask
-
-	lenData := len(input)
-	lenTest := 0x8000
-	if lenData < 0x8000 {
-		lenTest = lenData
-	}
-
-	for blockIdx := 0; blockIdx < lenTest; blockIdx += 128 {
-		var err error
-		q, err = NewKey256FromMask128(input[blockIdx : blockIdx+128])
-		if err != nil {
-			continue
-		}
-		if common.SnifferFLAC(q.Decrypt(input[:4])) {
-			rtErr = nil
-			break
-		}
-	}
-	return q, rtErr
-}
-
-func detectMgg256Mask(input []byte) (*Key256Mask, error) {
-	if len(input) < 0x100 {
-		return nil, ErrTestDataLength
-	}
-
-	matrixConf := make([]map[uint8]uint, 44) //meaning: [idx58][value]confidence
-	for i := uint(0); i < 44; i++ {
-		matrixConf[i] = make(map[uint8]uint)
-	}
-
-	page2size := input[0x54] ^ input[0xC] ^ oggPublicHeader1[0xC]
-	spHeader, spConf := generateOggFullHeader(int(page2size))
-	lenTest := len(spHeader)
-
-	for idx128 := 0; idx128 < lenTest; idx128++ {
-		confidence := spConf[idx128]
-		if confidence > 0 {
-			mask := input[idx128] ^ spHeader[idx128]
-
-			idx44 := key256Mapping128to44[idx128&0x7f] // equals: [idx128 % 128]
-			if _, ok2 := matrixConf[idx44][mask]; ok2 {
-				matrixConf[idx44][mask] += confidence
-			} else {
-				matrixConf[idx44][mask] = confidence
-			}
-		}
-	}
-
-	matrix := make([]uint8, 44)
-	var err error
-	for i := uint(0); i < 44; i++ {
-		matrix[i], err = decideMgg256MaskItemConf(matrixConf[i])
-		if err != nil {
-			return nil, err
-		}
-	}
-	q, err := NewKey256FromMask44(matrix)
-	if err != nil {
-		return nil, err
-	}
-	if common.SnifferOGG(q.Decrypt(input[:4])) {
-		return q, nil
-	}
-	return nil, ErrDetectMggMask
-}
-
-func generateOggFullHeader(pageSize int) ([]byte, []uint) {
-	spec := make([]byte, pageSize+1)
-
-	spec[0], spec[1], spec[pageSize] = uint8(pageSize), 0xFF, 0xFF
-	for i := 2; i < pageSize; i++ {
-		spec[i] = 0xFF
-	}
-	specConf := make([]uint, pageSize+1)
-	specConf[0], specConf[1], specConf[pageSize] = 6, 0, 0
-	for i := 2; i < pageSize; i++ {
-		specConf[i] = 4
-	}
-	allConf := append(oggPublicConfidence1, specConf...)
-	allConf = append(allConf, oggPublicConfidence2...)
-
-	allHeader := bytes.Join(
-		[][]byte{oggPublicHeader1, spec, oggPublicHeader2},
-		[]byte{},
-	)
-	return allHeader, allConf
-}
-
-func decideMgg256MaskItemConf(confidence map[uint8]uint) (uint8, error) {
-	lenConf := len(confidence)
-	if lenConf == 0 {
-		return 0xff, ErrFailToMatchMask
-	} else if lenConf > 1 {
-		logging.Log().Warn("there are 2 potential value for the mask", zap.Any("confidence", confidence))
-	}
-	result := uint8(0)
-	conf := uint(0)
-	for idx, item := range confidence {
-		if item > conf {
-			result = idx
-			conf = item
-		}
-	}
-	return result, nil
-}
--- a/algo/qmc/qmc.go
+++ b/algo/qmc/qmc.go
@ -1,128 +1,220 @@
 package qmc

 import (
-	"encoding/base64"
+	"bytes"
 	"encoding/binary"
 	"errors"
-	"github.com/unlock-music/cli/algo/common"
-)
+	"fmt"
+	"io"
+	"strconv"
+	"strings"

-var (
-	ErrQmcFileLength      = errors.New("invalid qmc file length")
-	ErrQmcKeyDecodeFailed = errors.New("base64 decode qmc key failed")
-	ErrQmcKeyLength       = errors.New("unexpected decoded qmc key length")
+	"unlock-music.dev/cli/algo/common"
 )

 type Decoder struct {
-	file         []byte
-	maskDetector func(encodedData []byte) (*Key256Mask, error)
-	mask         *Key256Mask
-	audioExt     string
-	key          []byte
-	audio        []byte
+	raw io.ReadSeeker // raw is the original file reader
+
+	audio    io.Reader // audio is the encrypted audio data
+	audioLen int       // audioLen is the audio data length
+	offset   int       // offset is the current audio read position
+
+	decodedKey []byte // decodedKey is the decoded key for cipher
+	cipher     common.StreamDecoder
+
+	rawMetaExtra1 int
+	rawMetaExtra2 int
 }

-func NewMflac256Decoder(data []byte) common.Decoder {
-	return &Decoder{file: data, maskDetector: detectMflac256Mask, audioExt: "flac"}
+// Read implements io.Reader, offer the decrypted audio data.
+// Validate should call before Read to check if the file is valid.
+func (d *Decoder) Read(p []byte) (int, error) {
+	n, err := d.audio.Read(p)
+	if n > 0 {
+		d.cipher.Decrypt(p[:n], d.offset)
+		d.offset += n
+	}
+	return n, err
 }

-func NewMgg256Decoder(data []byte) common.Decoder {
-	return &Decoder{file: data, maskDetector: detectMgg256Mask, audioExt: "ogg"}
+func NewDecoder(r io.ReadSeeker) common.Decoder {
+	return &Decoder{raw: r}
 }

 func (d *Decoder) Validate() error {
-	if nil != d.mask {
-		return nil
-	}
-	if nil != d.maskDetector {
-		if err := d.validateKey(); err != nil {
-			return err
-		}
-		var err error
-		d.mask, err = d.maskDetector(d.file)
+	// search & derive key
+	err := d.searchKey()
+	if err != nil {
 		return err
 	}
-	return errors.New("no mask or mask detector found")
+
+	// check cipher type and init decode cipher
+	if len(d.decodedKey) > 300 {
+		d.cipher, err = newRC4Cipher(d.decodedKey)
+		if err != nil {
+			return err
+		}
+	} else if len(d.decodedKey) != 0 {
+		d.cipher, err = newMapCipher(d.decodedKey)
+		if err != nil {
+			return err
+		}
+	} else {
+		d.cipher = newStaticCipher()
+	}
+
+	// test with first 16 bytes
+	if err := d.validateDecode(); err != nil {
+		return err
+	}
+
+	// reset position, limit to audio, prepare for Read
+	if _, err := d.raw.Seek(0, io.SeekStart); err != nil {
+		return err
+	}
+	d.audio = io.LimitReader(d.raw, int64(d.audioLen))
+
+	return nil
 }

-func (d *Decoder) validateKey() error {
-	lenData := len(d.file)
-	if lenData < 4 {
-		return ErrQmcFileLength
-	}
-
-	keyLen := binary.LittleEndian.Uint32(d.file[lenData-4:])
-	if lenData < int(keyLen+4) {
-		return ErrQmcFileLength
-	}
-	var err error
-	d.key, err = base64.StdEncoding.DecodeString(
-		string(d.file[lenData-4-int(keyLen) : lenData-4]))
+func (d *Decoder) validateDecode() error {
+	_, err := d.raw.Seek(0, io.SeekStart)
 	if err != nil {
-		return ErrQmcKeyDecodeFailed
+		return fmt.Errorf("qmc seek to start: %w", err)
 	}

-	if len(d.key) != 272 {
-		return ErrQmcKeyLength
+	buf := make([]byte, 16)
+	if _, err := io.ReadFull(d.raw, buf); err != nil {
+		return fmt.Errorf("qmc read header: %w", err)
 	}
-	d.file = d.file[:lenData-4-int(keyLen)]
-	return nil

-}
-
-func (d *Decoder) Decode() error {
-	d.audio = d.mask.Decrypt(d.file)
+	d.cipher.Decrypt(buf, 0)
+	_, ok := common.SniffAll(buf)
+	if !ok {
+		return errors.New("qmc: detect file type failed")
+	}
 	return nil
 }

-func (d Decoder) GetCoverImage() []byte {
+func (d *Decoder) searchKey() error {
+	fileSizeM4, err := d.raw.Seek(-4, io.SeekEnd)
+	if err != nil {
+		return err
+	}
+
+	suffixBuf := make([]byte, 4)
+	if _, err := io.ReadFull(d.raw, suffixBuf); err != nil {
+		return err
+	}
+
+	switch string(suffixBuf) {
+	case "QTag":
+		return d.readRawMetaQTag()
+	case "STag":
+		return errors.New("qmc: file with 'STag' suffix doesn't contains media key")
+	default:
+		size := binary.LittleEndian.Uint32(suffixBuf)
+
+		if size <= 0xFFFF && size != 0 { // assume size is key len
+			return d.readRawKey(int64(size))
+		}
+
+		// try to use default static cipher
+		d.audioLen = int(fileSizeM4 + 4)
+		return nil
+	}
+
+}
+
+func (d *Decoder) readRawKey(rawKeyLen int64) error {
+	audioLen, err := d.raw.Seek(-(4 + rawKeyLen), io.SeekEnd)
+	if err != nil {
+		return err
+	}
+	d.audioLen = int(audioLen)
+
+	rawKeyData, err := io.ReadAll(io.LimitReader(d.raw, rawKeyLen))
+	if err != nil {
+		return err
+	}
+
+	// clean suffix NULs
+	rawKeyData = bytes.TrimRight(rawKeyData, "\x00")
+
+	d.decodedKey, err = deriveKey(rawKeyData)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }

-func (d Decoder) GetAudioData() []byte {
-	return d.audio
-}
-
-func (d Decoder) GetAudioExt() string {
-	if d.audioExt != "" {
-		return "." + d.audioExt
+func (d *Decoder) readRawMetaQTag() error {
+	// get raw meta data len
+	if _, err := d.raw.Seek(-8, io.SeekEnd); err != nil {
+		return err
+	}
+	buf, err := io.ReadAll(io.LimitReader(d.raw, 4))
+	if err != nil {
+		return err
+	}
+	rawMetaLen := int64(binary.BigEndian.Uint32(buf))
+
+	// read raw meta data
+	audioLen, err := d.raw.Seek(-(8 + rawMetaLen), io.SeekEnd)
+	if err != nil {
+		return err
+	}
+	d.audioLen = int(audioLen)
+	rawMetaData, err := io.ReadAll(io.LimitReader(d.raw, rawMetaLen))
+	if err != nil {
+		return err
+	}
+
+	items := strings.Split(string(rawMetaData), ",")
+	if len(items) != 3 {
+		return errors.New("invalid raw meta data")
+	}
+
+	d.decodedKey, err = deriveKey([]byte(items[0]))
+	if err != nil {
+		return err
+	}
+
+	d.rawMetaExtra1, err = strconv.Atoi(items[1])
+	if err != nil {
+		return err
+	}
+	d.rawMetaExtra2, err = strconv.Atoi(items[2])
+	if err != nil {
+		return err
 	}
-	return ""
-}

-func (d Decoder) GetMeta() common.Meta {
 	return nil
 }

-func DecoderFuncWithExt(ext string) common.NewDecoderFunc {
-	return func(file []byte) common.Decoder {
-		return &Decoder{file: file, audioExt: ext, mask: getDefaultMask()}
-	}
-}
-
 //goland:noinspection SpellCheckingInspection
 func init() {
-	common.RegisterDecoder("qmc0", DecoderFuncWithExt("mp3")) //QQ Music Mp3
-	common.RegisterDecoder("qmc3", DecoderFuncWithExt("mp3")) //QQ Music Mp3
+	supportedExts := []string{
+		"qmc0", "qmc3", //QQ Music MP3
+		"qmc2", "qmc4", "qmc6", "qmc8", //QQ Music M4A
+		"qmcflac", //QQ Music FLAC
+		"qmcogg",  //QQ Music OGG

-	common.RegisterDecoder("qmc2", DecoderFuncWithExt("m4a")) //QQ Music M4A
-	common.RegisterDecoder("qmc4", DecoderFuncWithExt("m4a")) //QQ Music M4A
-	common.RegisterDecoder("qmc6", DecoderFuncWithExt("m4a")) //QQ Music M4A
-	common.RegisterDecoder("qmc8", DecoderFuncWithExt("m4a")) //QQ Music M4A
+		"tkm", //QQ Music Accompaniment M4A

-	common.RegisterDecoder("qmcflac", DecoderFuncWithExt("flac")) //QQ Music Flac
-	common.RegisterDecoder("qmcogg", DecoderFuncWithExt("ogg"))   //QQ Music Ogg
-	common.RegisterDecoder("tkm", DecoderFuncWithExt("m4a"))      //QQ Music Accompaniment M4a
+		"bkcmp3", "bkcm4a", "bkcflac", "bkcwav", "bkcape", "bkcogg", "bkcwma", //Moo Music

-	common.RegisterDecoder("bkcmp3", DecoderFuncWithExt("mp3"))   //Moo Music Mp3
-	common.RegisterDecoder("bkcflac", DecoderFuncWithExt("flac")) //Moo Music Flac
+		"666c6163", //QQ Music Weiyun Flac
+		"6d7033",   //QQ Music Weiyun Mp3
+		"6f6767",   //QQ Music Weiyun Ogg
+		"6d3461",   //QQ Music Weiyun M4a
+		"776176",   //QQ Music Weiyun Wav

-	common.RegisterDecoder("666c6163", DecoderFuncWithExt("flac")) //QQ Music Weiyun Flac
-	common.RegisterDecoder("6d7033", DecoderFuncWithExt("mp3"))    //QQ Music Weiyun Mp3
-	common.RegisterDecoder("6f6767", DecoderFuncWithExt("ogg"))    //QQ Music Weiyun Ogg
-	common.RegisterDecoder("6d3461", DecoderFuncWithExt("m4a"))    //QQ Music Weiyun M4a
-	common.RegisterDecoder("776176", DecoderFuncWithExt("wav"))    //QQ Music Weiyun Wav
-
-	common.RegisterDecoder("mgg", NewMgg256Decoder)     //QQ Music New Ogg
-	common.RegisterDecoder("mflac", NewMflac256Decoder) //QQ Music New Flac
+		"mgg", "mgg1", "mggl", //QQ Music New Ogg
+		"mflac", "mflac0", //QQ Music New Flac
+	}
+	for _, ext := range supportedExts {
+		common.RegisterDecoder(ext, false, NewDecoder)
+	}
 }
--- a/algo/qmc/qmc_test.go
+++ b/algo/qmc/qmc_test.go
@ -0,0 +1,92 @@
+package qmc
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"os"
+	"reflect"
+	"testing"
+)
+
+func loadTestDataQmcDecoder(filename string) ([]byte, []byte, error) {
+	encBody, err := os.ReadFile(fmt.Sprintf("./testdata/%s_raw.bin", filename))
+	if err != nil {
+		return nil, nil, err
+	}
+	encSuffix, err := os.ReadFile(fmt.Sprintf("./testdata/%s_suffix.bin", filename))
+	if err != nil {
+		return nil, nil, err
+	}
+
+	target, err := os.ReadFile(fmt.Sprintf("./testdata/%s_target.bin", filename))
+	if err != nil {
+		return nil, nil, err
+	}
+	return bytes.Join([][]byte{encBody, encSuffix}, nil), target, nil
+
+}
+func TestMflac0Decoder_Read(t *testing.T) {
+	tests := []struct {
+		name    string
+		wantErr bool
+	}{
+		{"mflac0_rc4", false},
+		{"mflac_rc4", false},
+		{"mflac_map", false},
+		{"mgg_map", false},
+		{"qmc0_static", false},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			raw, target, err := loadTestDataQmcDecoder(tt.name)
+			if err != nil {
+				t.Fatal(err)
+			}
+
+			d := NewDecoder(bytes.NewReader(raw))
+			if err := d.Validate(); err != nil {
+				t.Errorf("validate file error = %v", err)
+			}
+
+			buf := make([]byte, len(target))
+			if _, err := io.ReadFull(d, buf); err != nil {
+				t.Errorf("read bytes from decoder error = %v", err)
+				return
+			}
+			if !reflect.DeepEqual(buf, target) {
+				t.Errorf("Decrypt() got = %v, want %v", buf[:32], target[:32])
+			}
+		})
+	}
+
+}
+
+func TestMflac0Decoder_Validate(t *testing.T) {
+	tests := []struct {
+		name    string
+		fileExt string
+		wantErr bool
+	}{
+		{"mflac0_rc4", ".flac", false},
+		{"mflac_map", ".flac", false},
+		{"mgg_map", ".ogg", false},
+		{"qmc0_static", ".mp3", false},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			raw, _, err := loadTestDataQmcDecoder(tt.name)
+			if err != nil {
+				t.Fatal(err)
+			}
+			d := NewDecoder(bytes.NewReader(raw))
+
+			if err := d.Validate(); err != nil {
+				t.Errorf("read bytes from decoder error = %v", err)
+				return
+			}
+		})
+	}
+}
--- a/algo/qmc/testdata/mflac0_rc4_key.bin
+++ b/algo/qmc/testdata/mflac0_rc4_key.bin
@ -0,0 +1 @@
+dRzX3p5ZYqAlp7lLSs9Zr0rw1iEZy23bB670x4ch2w97x14Zwpk1UXbKU4C2sOS7uZ0NB5QM7ve9GnSrr2JHxP74hVNONwVV77CdOOVb807317KvtI5Yd6h08d0c5W88rdV46C235YGDjUSZj5314YTzy0b6vgh4102P7E273r911Nl464XV83Hr00rkAHkk791iMGSJH95GztN28u2Nv5s9Xx38V69o4a8aIXxbx0g1EM0623OEtbtO9zsqCJfj6MhU7T8iVS6M3q19xhq6707E6r7wzPO6Yp4BwBmgg4F95Lfl0vyF7YO6699tb5LMnr7iFx29o98hoh3O3Rd8h9Juu8P1wG7vdnO5YtRlykhUluYQblNn7XwjBJ53HAyKVraWN5dG7pv7OMl1s0RykPh0p23qfYzAAMkZ1M422pEd07TA9OCKD1iybYxWH06xj6A8mzmcnYGT9P1a5Ytg2EF5LG3IknL2r3AUz99Y751au6Cr401mfAWK68WyEBe5
--- a/algo/qmc/testdata/mflac0_rc4_key_raw.bin
+++ b/algo/qmc/testdata/mflac0_rc4_key_raw.bin
@ -0,0 +1 @@
+ZFJ6WDNwNVrjEJZB1o6QjkQV2ZbHSw/2Eb00q1+4z9SVWYyFWO1PcSQrJ5326ubLklmk2ab3AEyIKNUu8DFoAoAc9dpzpTmc+pdkBHjM/bW2jWx+dCyC8vMTHE+DHwaK14UEEGW47ZXMDi7PRCQ2Jpm/oXVdHTIlyrc+bRmKfMith0L2lFQ+nW8CCjV6ao5ydwkZhhNOmRdrCDcUXSJH9PveYwra9/wAmGKWSs9nemuMWKnbjp1PkcxNQexicirVTlLX7PVgRyFyzNyUXgu+R2S4WTmLwjd8UsOyW/dc2mEoYt+vY2lq1X4hFBtcQGOAZDeC+mxrN0EcW8tjS6P4TjOjiOKNMxIfMGSWkSKL3H7z5K7nR1AThW20H2bP/LcpsdaL0uZ/js1wFGpdIfFx9rnLC78itL0WwDleIqp9TBMX/NwakGgIPIbjBwfgyD8d8XKYuLEscIH0ZGdjsadB5XjybgdE3ppfeFEcQiqpnodlTaQRm3KDIF9ATClP0mTl8XlsSojsZ468xseS1Ib2iinx/0SkK3UtJDwp8DH3/+ELisgXd69Bf0pve7wbrQzzMUs9/Ogvvo6ULsIkQfApJ8cSegDYklzGXiLNH7hZYnXDLLSNejD7NvQouULSmGsBbGzhZ5If0NP/6AhSbpzqWLDlabTDgeWWnFeZpBnlK6SMxo+YFFk1Y0XLKsd69+jj
--- a/algo/qmc/testdata/mflac0_rc4_raw.bin
+++ b/algo/qmc/testdata/mflac0_rc4_raw.bin
--- a/algo/qmc/testdata/mflac0_rc4_suffix.bin
+++ b/algo/qmc/testdata/mflac0_rc4_suffix.bin
--- a/algo/qmc/testdata/mflac0_rc4_target.bin
+++ b/algo/qmc/testdata/mflac0_rc4_target.bin
--- a/algo/qmc/testdata/mflac_map_key.bin
+++ b/algo/qmc/testdata/mflac_map_key.bin
@ -0,0 +1 @@
+yw7xWOyNQ8585Jwx3hjB49QLPKi38F89awnrQ0fq66NT9TDq1ppHNrFqhaDrU5AFk916D58I53h86304GqOFCCyFzBem68DqiXJ81bILEQwG3P3MOnoNzM820kNW9Lv9IJGNn9Xo497p82BLTm4hAX8JLBs0T2pilKvT429sK9jfg508GSk4d047Jxdz5Fou4aa33OkyFRBU3x430mgNBn04Lc9BzXUI2IGYXv3FGa9qE4Vb54kSjVv8ogbg47j3
--- a/algo/qmc/testdata/mflac_map_key_raw.bin
+++ b/algo/qmc/testdata/mflac_map_key_raw.bin
@ -0,0 +1 @@
+eXc3eFdPeU6+3f7GVeF35bMpIEIQj5JWOWt7G+jsR68Hx3BUFBavkTQ8dpPdP0XBIwPe+OfdsnTGVQqPyg3GCtQSrkgA0mwSQdr4DPzKLkEZFX+Cf1V6ChyipOuC6KT37eAxWMdV1UHf9/OCvydr1dc6SWK1ijRUcP6IAHQhiB+mZLay7XXrSPo32WjdBkn9c9sa2SLtI48atj5kfZ4oOq6QGeld2JA3Z+3wwCe6uTHthKaEHY8ufDYodEe3qqrjYpzkdx55pCtxCQa1JiNqFmJigWm4m3CDzhuJ7YqnjbD+mXxLi7BP1+z4L6nccE2h+DGHVqpGjR9+4LBpe4WHB4DrAzVp2qQRRQJxeHd1v88=
--- a/algo/qmc/testdata/mflac_map_raw.bin
+++ b/algo/qmc/testdata/mflac_map_raw.bin
--- a/algo/qmc/testdata/mflac_map_suffix.bin
+++ b/algo/qmc/testdata/mflac_map_suffix.bin
--- a/algo/qmc/testdata/mflac_map_target.bin
+++ b/algo/qmc/testdata/mflac_map_target.bin
--- a/algo/qmc/testdata/mflac_rc4_key.bin
+++ b/algo/qmc/testdata/mflac_rc4_key.bin
@ -0,0 +1 @@
+pUtyvqr0TgAvR95mNmY7DmNl386TsJNAEIz95CEcgIgJCcs28686O7llxD5E74ldn70xMtd5cG58TA5ILw09I8BOTf5EdHKd6wwPn689DUK13y3Req6H0P33my2miJ5bQ2AA22B8vp4V0NJ3hBqNtFf7cId48V6W51e1kwgu1xKKawxe9BByT92MFlqrFaKH32dB2zFgyd38l2P1outr4l2XLq48F9G17ptRz4W8Loxu28RvZgv0BzL26Ht9I2L5VCwMzzt7OeZ55iQs40Tr6k81QGraIUJj5zeBMgJRMTaSgi19hU5x5a08Qd662MbFhZZ0FjVvaDy1nbIDhrC62c1lX6wf70O45h4W42VxloBVeZ9Sef4V7cWrjrEjj3DJ5w2iu6Q9uoal2f4390kue42Um5HcDFWqv3m56k6O89bRV424PaRra1k9Cd2L56IN2zfBYqNo2WP5VC68G8w1hfflOY0O52h4WdcpoHSjZm4b35N7l47dT4dwEXj1U4J5
--- a/algo/qmc/testdata/mflac_rc4_key_raw.bin
+++ b/algo/qmc/testdata/mflac_rc4_key_raw.bin
@ -0,0 +1 @@
+cFV0eXZxcjAF/IXJ9qJT1u5C3S5AgY9BoVtIQNBKfxQMt5hH7BF36ndIJGV5L6qw5h4G0IOIOOewdHmMCNfKJftHM4nv3B0iRlSdqJKdL08wO3sV0v8eZk0OiYAlxgseGcBquQWYS/0b5Lj/Ioi2NfpOthAY9vUiRPnfH3+7/2AJGudHjj4Gg1KkpPW3mXIKbsk+Ou9fhrUqs873BCdsmI6qRmVNhOkLaUcbG6Zin3XU0WkgnnjebR43S8N4bw5BTphFvhy42QvspnD7Ewb1tVZQMQ2N1s38nBjukdfCB9R6aRwITOvg2U7Lr0RjLpbrIn6A6iVilpINjK4VptuKUTlpDXQwgCjoqeHQaHNCWgYpdjB69lXn8km/BfzK7QyDbh0VgTikwAHF9tvPhin3AIDRcU0xsaWYKURRfJelX3pSN495ADlhXdEKL/+l60hVnY7t6iCMxJL3lOtdGtdUYUGUCc76PB1fX+0HTWCcfcwvXTEdczr9J1h2yTeJNqFQ5pNy8vX7Ws8k7vDQVFkw4llZjPhb0kg9aDNePTNIKSGwy/7eofrcUQlC9DI+qqqwQ5abA/93fNsPq6XU3uwawnrbBsdz8DDdjJiEDI7abkPIDIfr/uR0YzgBxW90t5bt6xAtuW+VSYAM7kGxI3RZTl7JgOT60MLyIWkYASrRhRPMGks8zL10ED/4yGTEB1nt
--- a/algo/qmc/testdata/mflac_rc4_raw.bin
+++ b/algo/qmc/testdata/mflac_rc4_raw.bin
--- a/algo/qmc/testdata/mflac_rc4_suffix.bin
+++ b/algo/qmc/testdata/mflac_rc4_suffix.bin
--- a/algo/qmc/testdata/mflac_rc4_target.bin
+++ b/algo/qmc/testdata/mflac_rc4_target.bin
--- a/algo/qmc/testdata/mgg_map_key.bin
+++ b/algo/qmc/testdata/mgg_map_key.bin
@ -0,0 +1 @@
+zGxNk54pKJ0hDkAo80wHE80ycSWQ7z4m4E846zVy2sqCn14F42Y5S7GqeR11WpOV75sDLbE5dFP992t88l0pHy1yAQ49YK6YX6c543drBYLo55Hc4Y0Fyic6LQPiGqu2bG31r8vaq9wS9v63kg0X5VbnOD6RhO4t0RRhk3ajrA7p0iIy027z0L70LZjtw6E18H0D41nz6ASTx71otdF9z1QNC0JmCl51xvnb39zPExEXyKkV47S6QsK5hFh884QJ
--- a/algo/qmc/testdata/mgg_map_key_raw.bin
+++ b/algo/qmc/testdata/mgg_map_key_raw.bin
@ -0,0 +1 @@
+ekd4Tms1NHC53JEDO/AKVyF+I0bj0hHB7CZeoLDGSApaQB9Oo/pJTBGA/RO+nk5RXLXdHsffLiY4e8kt3LNo6qMl7S89vkiSFxx4Uoq4bGDJ7Jc+bYL6lLsa3M4sBvXS4XcPChrMDz+LmrJMGG6ua2fYyIz1d6TCRUBf1JJgCIkBbDAEeMVYc13qApitiz/apGAPmAnveCaDhfD5GxWsF+RfQ2OcnvrnIXe80Feh/0jx763DlsOBI3eIede6t5zYHokWkZmVEF1jMrnlvsgbQK2EzUWMblmLMsTKNILyZazEoKUyulqmyLO/c/KYE+USPOXPcbjlYFmLhSGHK7sQB5aBR153Yp+xh61ooh2NGAA=
--- a/algo/qmc/testdata/mgg_map_raw.bin
+++ b/algo/qmc/testdata/mgg_map_raw.bin
--- a/algo/qmc/testdata/mgg_map_suffix.bin
+++ b/algo/qmc/testdata/mgg_map_suffix.bin
--- a/algo/qmc/testdata/mgg_map_target.bin
+++ b/algo/qmc/testdata/mgg_map_target.bin
--- a/algo/qmc/testdata/qmc0_static_raw.bin
+++ b/algo/qmc/testdata/qmc0_static_raw.bin
--- a/algo/qmc/testdata/qmc0_static_suffix.bin
+++ b/algo/qmc/testdata/qmc0_static_suffix.bin
--- a/algo/qmc/testdata/qmc0_static_target.bin
+++ b/algo/qmc/testdata/qmc0_static_target.bin
--- a/algo/tm/tm.go
+++ b/algo/tm/tm.go
@ -3,77 +3,55 @@ package tm
 import (
 	"bytes"
 	"errors"
-	"github.com/unlock-music/cli/algo/common"
+	"fmt"
+	"io"
+
+	"unlock-music.dev/cli/algo/common"
 )

 var replaceHeader = []byte{0x00, 0x00, 0x00, 0x20, 0x66, 0x74, 0x79, 0x70}
 var magicHeader = []byte{0x51, 0x51, 0x4D, 0x55} //0x15, 0x1D, 0x1A, 0x21

 type Decoder struct {
-	file        []byte
-	audio       []byte
-	headerMatch bool
-	audioExt    string
-}
+	raw io.ReadSeeker // raw is the original file reader

-func (d *Decoder) GetCoverImage() []byte {
-	return nil
-}
-
-func (d *Decoder) GetAudioData() []byte {
-	return d.audio
-}
-
-func (d *Decoder) GetAudioExt() string {
-	if d.audioExt != "" {
-		return "." + d.audioExt
-	}
-	return ""
-}
-
-func (d *Decoder) GetMeta() common.Meta {
-	return nil
+	offset int
+	audio  io.Reader // audio is the decrypted audio data
 }

 func (d *Decoder) Validate() error {
-	if len(d.file) < 8 {
-		return errors.New("invalid file size")
+	header := make([]byte, 8)
+	if _, err := io.ReadFull(d.raw, header); err != nil {
+		return fmt.Errorf("tm read header: %w", err)
 	}
-	if !bytes.Equal(magicHeader, d.file[:4]) {
-		return errors.New("not a valid tm file")
+
+	if bytes.Equal(magicHeader, header[:len(magicHeader)]) { // replace m4a header
+		d.audio = io.MultiReader(bytes.NewReader(replaceHeader), d.raw)
+		return nil
 	}
-	d.headerMatch = true
-	return nil
+
+	if _, ok := common.SniffAll(header); ok { // not encrypted
+		d.audio = io.MultiReader(bytes.NewReader(header), d.raw)
+		return nil
+	}
+
+	return errors.New("tm: valid magic header")
 }

-func (d *Decoder) Decode() error {
-	d.audio = d.file
-	if d.headerMatch {
-		for i := 0; i < 8; i++ {
-			d.audio[i] = replaceHeader[i]
-		}
-		d.audioExt = "m4a"
-	}
-	return nil
+func (d *Decoder) Read(buf []byte) (int, error) {
+	return d.audio.Read(buf)
 }

-//goland:noinspection GoUnusedExportedFunction
-func NewDecoder(data []byte) common.Decoder {
-	return &Decoder{file: data}
-}
-
-func DecoderFuncWithExt(ext string) common.NewDecoderFunc {
-	return func(file []byte) common.Decoder {
-		return &Decoder{file: file, audioExt: ext}
-	}
+func NewTmDecoder(rd io.ReadSeeker) common.Decoder {
+	return &Decoder{raw: rd}
 }

 func init() {
-	// QQ Music IOS M4a
-	common.RegisterDecoder("tm2", DecoderFuncWithExt("m4a"))
-	common.RegisterDecoder("tm6", DecoderFuncWithExt("m4a"))
-	// QQ Music IOS Mp3
-	common.RegisterDecoder("tm0", common.NewRawDecoder)
-	common.RegisterDecoder("tm3", common.NewRawDecoder)
+	// QQ Music IOS M4a (replace header)
+	common.RegisterDecoder("tm2", false, NewTmDecoder)
+	common.RegisterDecoder("tm6", false, NewTmDecoder)

+	// QQ Music IOS Mp3 (not encrypted)
+	common.RegisterDecoder("tm0", false, NewTmDecoder)
+	common.RegisterDecoder("tm3", false, NewTmDecoder)
 }
--- a/algo/xiami/xm.go
+++ b/algo/xiami/xm.go
@ -0,0 +1,91 @@
+package xiami
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"io"
+
+	"unlock-music.dev/cli/algo/common"
+)
+
+var (
+	magicHeader  = []byte{'i', 'f', 'm', 't'}
+	magicHeader2 = []byte{0xfe, 0xfe, 0xfe, 0xfe}
+	typeMapping  = map[string]string{
+		" WAV": "wav",
+		"FLAC": "flac",
+		" MP3": "mp3",
+		" A4M": "m4a",
+	}
+	ErrMagicHeader = errors.New("xm magic header not matched")
+)
+
+type Decoder struct {
+	rd     io.ReadSeeker // rd is the original file reader
+	offset int
+
+	cipher    common.StreamDecoder
+	outputExt string
+}
+
+func (d *Decoder) GetAudioExt() string {
+	if d.outputExt != "" {
+		return "." + d.outputExt
+
+	}
+	return ""
+}
+
+func NewDecoder(rd io.ReadSeeker) common.Decoder {
+	return &Decoder{rd: rd}
+}
+
+// Validate checks if the file is a valid xiami .xm file.
+// rd will set to the beginning of the encrypted audio data.
+func (d *Decoder) Validate() error {
+	header := make([]byte, 16) // xm header is fixed to 16 bytes
+
+	if _, err := io.ReadFull(d.rd, header); err != nil {
+		return fmt.Errorf("xm read header: %w", err)
+	}
+
+	// 0x00 - 0x03 and 0x08 - 0x0B: magic header
+	if !bytes.Equal(magicHeader, header[:4]) || !bytes.Equal(magicHeader2, header[8:12]) {
+		return ErrMagicHeader
+	}
+
+	// 0x04 - 0x07: Audio File Type
+	var ok bool
+	d.outputExt, ok = typeMapping[string(header[4:8])]
+	if !ok {
+		return fmt.Errorf("xm detect unknown audio type: %s", string(header[4:8]))
+	}
+
+	// 0x0C - 0x0E, Encrypt Start At, LittleEndian Unit24
+	encStartAt := uint32(header[12]) | uint32(header[13])<<8 | uint32(header[14])<<16
+
+	// 0x0F, XOR Mask
+	d.cipher = newXmCipher(header[15], int(encStartAt))
+
+	return nil
+}
+
+func (d *Decoder) Read(p []byte) (int, error) {
+	n, err := d.rd.Read(p)
+	if n > 0 {
+		d.cipher.Decrypt(p[:n], d.offset)
+		d.offset += n
+	}
+	return n, err
+}
+
+func init() {
+	// Xiami Wav/M4a/Mp3/Flac
+	common.RegisterDecoder("xm", false, NewDecoder)
+	// Xiami Typed Format
+	common.RegisterDecoder("wav", false, NewDecoder)
+	common.RegisterDecoder("mp3", false, NewDecoder)
+	common.RegisterDecoder("flac", false, NewDecoder)
+	common.RegisterDecoder("m4a", false, NewDecoder)
+}
--- a/algo/xiami/xm_cipher.go
+++ b/algo/xiami/xm_cipher.go
@ -0,0 +1,21 @@
+package xiami
+
+type xmCipher struct {
+	mask           byte
+	encryptStartAt int
+}
+
+func newXmCipher(mask byte, encryptStartAt int) *xmCipher {
+	return &xmCipher{
+		mask:           mask,
+		encryptStartAt: encryptStartAt,
+	}
+}
+
+func (c *xmCipher) Decrypt(buf []byte, offset int) {
+	for i := 0; i < len(buf); i++ {
+		if offset+i >= c.encryptStartAt {
+			buf[i] ^= c.mask
+		}
+	}
+}
--- a/algo/ximalaya/x2m_crypto.go
+++ b/algo/ximalaya/x2m_crypto.go
@ -0,0 +1,34 @@
+package ximalaya
+
+import (
+	_ "embed"
+	"encoding/binary"
+)
+
+const x2mHeaderSize = 1024
+
+var x2mKey = [...]byte{'x', 'm', 'l', 'y'}
+var x2mScrambleTable = [x2mHeaderSize]uint16{}
+
+//go:embed x2m_scramble_table.bin
+var x2mScrambleTableBytes []byte
+
+func init() {
+	if len(x2mScrambleTableBytes) != 2*x2mHeaderSize {
+		panic("invalid x3m scramble table")
+	}
+	for i := range x3mScrambleTable {
+		x3mScrambleTable[i] = binary.LittleEndian.Uint16(x2mScrambleTableBytes[i*2:])
+	}
+}
+
+// decryptX2MHeader decrypts the header of ximalaya .x2m file.
+// make sure input src is 1024(x2mHeaderSize) bytes long.
+func decryptX2MHeader(src []byte) []byte {
+	dst := make([]byte, len(src))
+	for dstIdx := range src {
+		srcIdx := x2mScrambleTable[dstIdx]
+		dst[dstIdx] = src[srcIdx] ^ x2mKey[dstIdx%len(x2mKey)]
+	}
+	return dst
+}
--- a/algo/ximalaya/x2m_scramble_table.bin
+++ b/algo/ximalaya/x2m_scramble_table.bin
--- a/algo/ximalaya/x3m_crypto.go
+++ b/algo/ximalaya/x3m_crypto.go
@ -0,0 +1,40 @@
+package ximalaya
+
+import (
+	_ "embed"
+	"encoding/binary"
+)
+
+var x3mKey = [...]byte{
+	'3', '9', '8', '9', 'd', '1', '1', '1',
+	'a', 'a', 'd', '5', '6', '1', '3', '9',
+	'4', '0', 'f', '4', 'f', 'c', '4', '4',
+	'b', '6', '3', '9', 'b', '2', '9', '2',
+}
+
+const x3mHeaderSize = 1024
+
+var x3mScrambleTable = [x3mHeaderSize]uint16{}
+
+//go:embed x3m_scramble_table.bin
+var x3mScrambleTableBytes []byte
+
+func init() {
+	if len(x3mScrambleTableBytes) != 2*x3mHeaderSize {
+		panic("invalid x3m scramble table")
+	}
+	for i := range x3mScrambleTable {
+		x3mScrambleTable[i] = binary.LittleEndian.Uint16(x3mScrambleTableBytes[i*2:])
+	}
+}
+
+// decryptX3MHeader decrypts the header of ximalaya .x3m file.
+// make sure input src is 1024 (x3mHeaderSize) bytes long.
+func decryptX3MHeader(src []byte) []byte {
+	dst := make([]byte, len(src))
+	for dstIdx := range src {
+		srcIdx := x3mScrambleTable[dstIdx]
+		dst[dstIdx] = src[srcIdx] ^ x3mKey[dstIdx%len(x3mKey)]
+	}
+	return dst
+}
--- a/algo/ximalaya/x3m_scramble_table.bin
+++ b/algo/ximalaya/x3m_scramble_table.bin
--- a/algo/ximalaya/ximalaya.go
+++ b/algo/ximalaya/ximalaya.go
@ -0,0 +1,56 @@
+package ximalaya
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+
+	"unlock-music.dev/cli/algo/common"
+)
+
+type Decoder struct {
+	rd     io.ReadSeeker
+	offset int
+
+	audio io.Reader
+}
+
+func NewDecoder(rd io.ReadSeeker) common.Decoder {
+	return &Decoder{rd: rd}
+}
+
+func (d *Decoder) Validate() error {
+	encryptedHeader := make([]byte, x2mHeaderSize)
+	if _, err := io.ReadFull(d.rd, encryptedHeader); err != nil {
+		return fmt.Errorf("ximalaya read header: %w", err)
+	}
+
+	{ // try to decode with x2m
+		header := decryptX2MHeader(encryptedHeader)
+		if _, ok := common.SniffAll(header); ok {
+			d.audio = io.MultiReader(bytes.NewReader(header), d.rd)
+			return nil
+		}
+	}
+
+	{ // try to decode with x3m
+		// not read file again, since x2m and x3m have the same header size
+		header := decryptX3MHeader(encryptedHeader)
+		if _, ok := common.SniffAll(header); ok {
+			d.audio = io.MultiReader(bytes.NewReader(header), d.rd)
+			return nil
+		}
+	}
+
+	return fmt.Errorf("ximalaya: unknown format")
+}
+
+func (d *Decoder) Read(p []byte) (n int, err error) {
+	return d.audio.Read(p)
+}
+
+func init() {
+	common.RegisterDecoder("x2m", false, NewDecoder)
+	common.RegisterDecoder("x3m", false, NewDecoder)
+	common.RegisterDecoder("xm", false, NewDecoder)
+}
--- a/algo/xm/xm.go
+++ b/algo/xm/xm.go
@ -1,106 +0,0 @@
-package xm
-
-import (
-	"bytes"
-	"errors"
-	"github.com/unlock-music/cli/algo/common"
-	"github.com/unlock-music/cli/internal/logging"
-	"go.uber.org/zap"
-)
-
-var (
-	magicHeader  = []byte{'i', 'f', 'm', 't'}
-	magicHeader2 = []byte{0xfe, 0xfe, 0xfe, 0xfe}
-	typeMapping  = map[string]string{
-		" WAV": "wav",
-		"FLAC": "flac",
-		" MP3": "mp3",
-		" A4M": "m4a",
-	}
-	ErrFileSize    = errors.New("xm invalid file size")
-	ErrMagicHeader = errors.New("xm magic header not matched")
-)
-
-type Decoder struct {
-	file      []byte
-	headerLen uint32
-	outputExt string
-	mask      byte
-	audio     []byte
-}
-
-func (d *Decoder) GetCoverImage() []byte {
-	return nil
-}
-
-func (d *Decoder) GetAudioData() []byte {
-	return d.audio
-}
-
-func (d *Decoder) GetAudioExt() string {
-	if d.outputExt != "" {
-		return "." + d.outputExt
-
-	}
-	return ""
-}
-
-func (d *Decoder) GetMeta() common.Meta {
-	return nil
-}
-
-func NewDecoder(data []byte) common.Decoder {
-	return &Decoder{file: data}
-}
-
-func (d *Decoder) Validate() error {
-	lenData := len(d.file)
-	if lenData < 16 {
-		return ErrFileSize
-	}
-	if !bytes.Equal(magicHeader, d.file[:4]) ||
-		!bytes.Equal(magicHeader2, d.file[8:12]) {
-		return ErrMagicHeader
-	}
-
-	var ok bool
-	d.outputExt, ok = typeMapping[string(d.file[4:8])]
-	if !ok {
-		return errors.New("detect unknown xm file type: " + string(d.file[4:8]))
-	}
-
-	if d.file[14] != 0 {
-		logging.Log().Warn("not a simple xm file", zap.Uint8("b[14]", d.file[14]))
-	}
-	d.headerLen = uint32(d.file[12]) | uint32(d.file[13])<<8 | uint32(d.file[14])<<16 // LittleEndian Unit24
-	if d.headerLen+16 > uint32(lenData) {
-		return ErrFileSize
-	}
-	return nil
-}
-
-func (d *Decoder) Decode() error {
-	d.mask = d.file[15]
-	d.audio = d.file[16:]
-	dataLen := uint32(len(d.audio))
-	for i := d.headerLen; i < dataLen; i++ {
-		d.audio[i] = ^(d.audio[i] - d.mask)
-	}
-	return nil
-}
-
-func DecoderFuncWithExt(ext string) common.NewDecoderFunc {
-	return func(file []byte) common.Decoder {
-		return &Decoder{file: file, outputExt: ext}
-	}
-}
-
-func init() {
-	// Xiami Wav/M4a/Mp3/Flac
-	common.RegisterDecoder("xm", NewDecoder)
-	// Xiami Typed Format
-	common.RegisterDecoder("wav", DecoderFuncWithExt("wav"))
-	common.RegisterDecoder("mp3", DecoderFuncWithExt("mp3"))
-	common.RegisterDecoder("flac", DecoderFuncWithExt("flac"))
-	common.RegisterDecoder("m4a", DecoderFuncWithExt("m4a"))
-}
--- a/cmd/um/main.go
+++ b/cmd/um/main.go
@ -1,50 +1,92 @@
 package main

 import (
+	"bytes"
 	"errors"
-	"github.com/unlock-music/cli/algo/common"
-	_ "github.com/unlock-music/cli/algo/kgm"
-	_ "github.com/unlock-music/cli/algo/kwm"
-	_ "github.com/unlock-music/cli/algo/ncm"
-	_ "github.com/unlock-music/cli/algo/qmc"
-	_ "github.com/unlock-music/cli/algo/tm"
-	_ "github.com/unlock-music/cli/algo/xm"
-	"github.com/unlock-music/cli/internal/logging"
-	"github.com/urfave/cli/v2"
-	"go.uber.org/zap"
+	"fmt"
+	"io"
 	"os"
 	"path/filepath"
+	"runtime"
+	"runtime/debug"
+	"sort"
 	"strings"
+	"time"
+
+	"github.com/urfave/cli/v2"
+	"go.uber.org/zap"
+
+	"unlock-music.dev/cli/algo/common"
+	_ "unlock-music.dev/cli/algo/kgm"
+	_ "unlock-music.dev/cli/algo/kwm"
+	_ "unlock-music.dev/cli/algo/ncm"
+	_ "unlock-music.dev/cli/algo/qmc"
+	_ "unlock-music.dev/cli/algo/tm"
+	_ "unlock-music.dev/cli/algo/xiami"
+	_ "unlock-music.dev/cli/algo/ximalaya"
+	"unlock-music.dev/cli/internal/logging"
 )

-var AppVersion = "0.0.4"
+var AppVersion = "v0.0.6"
+
+var logger, _ = logging.NewZapLogger() // TODO: inject logger to application, instead of using global logger

 func main() {
+	module, ok := debug.ReadBuildInfo()
+	if ok && module.Main.Version != "(devel)" {
+		AppVersion = module.Main.Version
+	}
 	app := cli.App{
 		Name:     "Unlock Music CLI",
 		HelpName: "um",
-		Usage:    "Unlock your encrypted music file https://github.com/unlock-music/cli",
-		Version:  AppVersion,
+		Usage:    "Unlock your encrypted music file https://git.unlock-music.dev/um/cli",
+		Version:  fmt.Sprintf("%s (%s,%s/%s)", AppVersion, runtime.Version(), runtime.GOOS, runtime.GOARCH),
 		Flags: []cli.Flag{
 			&cli.StringFlag{Name: "input", Aliases: []string{"i"}, Usage: "path to input file or dir", Required: false},
 			&cli.StringFlag{Name: "output", Aliases: []string{"o"}, Usage: "path to output dir", Required: false},
+			&cli.BoolFlag{Name: "remove-source", Aliases: []string{"rs"}, Usage: "remove source file", Required: false, Value: false},
+			&cli.BoolFlag{Name: "skip-noop", Aliases: []string{"n"}, Usage: "skip noop decoder", Required: false, Value: true},
+			&cli.BoolFlag{Name: "supported-ext", Usage: "Show supported file extensions and exit", Required: false, Value: false},
 		},

 		Action:          appMain,
-		Copyright:       "Copyright (c) 2020 - 2021 Unlock Music https://github.com/unlock-music/cli/blob/master/LICENSE",
+		Copyright:       fmt.Sprintf("Copyright (c) 2020 - %d Unlock Music https://git.unlock-music.dev/um/cli/src/branch/master/LICENSE", time.Now().Year()),
 		HideHelpCommand: true,
-		UsageText:       "um [-o /path/to/output/dir] [-i] /path/to/input",
+		UsageText:       "um [-o /path/to/output/dir] [--extra-flags] [-i] /path/to/input",
 	}
 	err := app.Run(os.Args)
 	if err != nil {
-		logging.Log().Fatal("run app failed", zap.Error(err))
+		logger.Fatal("run app failed", zap.Error(err))
 	}
 }
-
-func appMain(c *cli.Context) error {
+func printSupportedExtensions() {
+	var exts []string
+	for ext := range common.DecoderRegistry {
+		exts = append(exts, ext)
+	}
+	sort.Strings(exts)
+	for _, ext := range exts {
+		fmt.Printf("%s: %d\n", ext, len(common.DecoderRegistry[ext]))
+	}
+}
+func appMain(c *cli.Context) (err error) {
+	if c.Bool("supported-ext") {
+		printSupportedExtensions()
+		return nil
+	}
 	input := c.String("input")
-	if input == "" && c.Args().Present() {
-		input = c.Args().Get(c.Args().Len() - 1)
+	if input == "" {
+		switch c.Args().Len() {
+		case 0:
+			input, err = os.Getwd()
+			if err != nil {
+				return err
+			}
+		case 1:
+			input = c.Args().Get(0)
+		default:
+			return errors.New("please specify input file (or directory)")
+		}
 	}

 	output := c.String("output")
@ -54,8 +96,14 @@ func appMain(c *cli.Context) error {
 		if err != nil {
 			return err
 		}
+		if input == output {
+			return errors.New("input and output path are same")
+		}
 	}

+	skipNoop := c.Bool("skip-noop")
+	removeSource := c.Bool("remove-source")
+
 	inputStat, err := os.Stat(input)
 	if err != nil {
 		return err
@ -74,18 +122,17 @@ func appMain(c *cli.Context) error {
 	}

 	if inputStat.IsDir() {
-		return dealDirectory(input, output)
+		return dealDirectory(input, output, skipNoop, removeSource)
 	} else {
-		ext := strings.TrimLeft(filepath.Ext(inputStat.Name()), ".")
-		allDec := common.GetDecoder(ext)
+		allDec := common.GetDecoder(inputStat.Name(), skipNoop)
 		if len(allDec) == 0 {
-			logging.Log().Fatal("skipping while no suitable decoder")
+			logger.Fatal("skipping while no suitable decoder")
 		}
-		return tryDecFile(input, output, allDec)
+		return tryDecFile(input, output, allDec, removeSource)
 	}

 }
-func dealDirectory(inputDir string, outputDir string) error {
+func dealDirectory(inputDir string, outputDir string, skipNoop bool, removeSource bool) error {
 	items, err := os.ReadDir(inputDir)
 	if err != nil {
 		return err
@ -94,60 +141,77 @@ func dealDirectory(inputDir string, outputDir string) error {
 		if item.IsDir() {
 			continue
 		}
-		ext := strings.TrimLeft(filepath.Ext(item.Name()), ".")
-		allDec := common.GetDecoder(ext)
+		allDec := common.GetDecoder(item.Name(), skipNoop)
 		if len(allDec) == 0 {
-			logging.Log().Info("skipping while no suitable decoder", zap.String("file", item.Name()))
+			logger.Info("skipping while no suitable decoder", zap.String("file", item.Name()))
 			continue
 		}

-		err := tryDecFile(filepath.Join(inputDir, item.Name()), outputDir, allDec)
+		err := tryDecFile(filepath.Join(inputDir, item.Name()), outputDir, allDec, removeSource)
 		if err != nil {
-			logging.Log().Error("conversion failed", zap.String("source", item.Name()))
+			logger.Error("conversion failed", zap.String("source", item.Name()), zap.Error(err))
 		}
 	}
 	return nil
 }

-func tryDecFile(inputFile string, outputDir string, allDec []common.NewDecoderFunc) error {
-	file, err := os.ReadFile(inputFile)
+func tryDecFile(inputFile string, outputDir string, allDec []common.NewDecoderFunc, removeSource bool) error {
+	file, err := os.Open(inputFile)
 	if err != nil {
 		return err
 	}
+	defer file.Close()

 	var dec common.Decoder
 	for _, decFunc := range allDec {
 		dec = decFunc(file)
 		if err := dec.Validate(); err == nil {
 			break
+		} else {
+			logger.Warn("try decode failed", zap.Error(err))
+			dec = nil
 		}
-		logging.Log().Warn("try decode failed", zap.Error(err))
-		dec = nil
 	}
 	if dec == nil {
 		return errors.New("no any decoder can resolve the file")
 	}
-	if err := dec.Decode(); err != nil {
-		return errors.New("failed while decoding: " + err.Error())
+
+	header := bytes.NewBuffer(nil)
+	_, err = io.CopyN(header, dec, 16)
+	if err != nil {
+		return fmt.Errorf("read header failed: %w", err)
 	}

-	outData := dec.GetAudioData()
-	outExt := dec.GetAudioExt()
-	if outExt == "" {
-		if ext, ok := common.SniffAll(outData); ok {
-			outExt = ext
-		} else {
-			outExt = ".mp3"
-		}
+	outExt := ".mp3"
+	if ext, ok := common.SniffAll(header.Bytes()); ok {
+		outExt = ext
 	}
 	filenameOnly := strings.TrimSuffix(filepath.Base(inputFile), filepath.Ext(inputFile))

 	outPath := filepath.Join(outputDir, filenameOnly+outExt)
-	err = os.WriteFile(outPath, outData, 0644)
+	outFile, err := os.OpenFile(outPath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0644)
 	if err != nil {
 		return err
 	}
-	logging.Log().Info("successfully converted",
-		zap.String("source", inputFile), zap.String("destination", outPath))
+	defer outFile.Close()
+
+	if _, err := io.Copy(outFile, header); err != nil {
+		return err
+	}
+	if _, err := io.Copy(outFile, dec); err != nil {
+		return err
+	}
+
+	// if source file need to be removed
+	if removeSource {
+		err := os.RemoveAll(inputFile)
+		if err != nil {
+			return err
+		}
+		logger.Info("successfully converted, and source file is removed", zap.String("source", inputFile), zap.String("destination", outPath))
+	} else {
+		logger.Info("successfully converted", zap.String("source", inputFile), zap.String("destination", outPath))
+	}
+
 	return nil
 }
--- a/go.mod
+++ b/go.mod
@ -1,12 +1,17 @@
-module github.com/unlock-music/cli
+module unlock-music.dev/cli

-go 1.16
+go 1.17

 require (
-	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
-	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/ulikunitz/xz v0.5.10
-	github.com/urfave/cli/v2 v2.3.0
-	go.uber.org/multierr v1.6.0 // indirect
-	go.uber.org/zap v1.16.0
+	github.com/urfave/cli/v2 v2.23.5
+	go.uber.org/zap v1.23.0
+	golang.org/x/crypto v0.3.0
+)
+
+require (
+	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
+	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
+	go.uber.org/multierr v1.8.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,13 +1,11 @@
-github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM=
-github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
+github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
+github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
+github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
+github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
@ -15,51 +13,76 @@ github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
-github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8=
-github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
-github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M=
-github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
-go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
-go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/urfave/cli/v2 v2.23.5 h1:xbrU7tAYviSpqeR3X4nEFWUdB/uDZ6DE+HxmRU7Xtyw=
+github.com/urfave/cli/v2 v2.23.5/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc=
+github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
+github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
-go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4=
+go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
+go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
+go.uber.org/goleak v1.1.11 h1:wy28qYRKZgnJTxGxvye5/wgWr1EKjmUDGYox5mGlRlI=
+go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
 go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
-go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
-go.uber.org/zap v1.16.0 h1:uFRZXykJGK9lLY4HtgSw44DnIcAM+kRBP7x5m+NpAOM=
-go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ=
+go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8=
+go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak=
+go.uber.org/zap v1.23.0 h1:OjGQ5KQDEUawVHxNwQgPpiypGHOxo2mNZsOqTak4fFY=
+go.uber.org/zap v1.23.0/go.mod h1:D+nX8jyLsMHMYrln8A0rJjFt/T/9/bGgIhAqxv5URuY=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.3.0 h1:a06MkbcxBrEFc0w0QIZWXrH/9cCX6KJyWbBOIwAn+7A=
+golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5 h1:hKsoRgsbwY1NafxrwTs+k64bikrLBkAgPir1TNCj3Zs=
-golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.3 h1:fvjTMHxHEw/mxHbtzPi3JCcKXQRAnQTBRo6YCJSVHKI=
-gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM=
-honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/internal/logging/logging.go
+++ b/internal/logging/logging.go
@ -1,41 +0,0 @@
-package logging
-
-import (
-	"os"
-	"sync"
-	"time"
-)
-
-import (
-	"go.uber.org/zap"
-	"go.uber.org/zap/zapcore"
-)
-
-// newDefaultProductionLog configures a custom log that is
-// intended for use by default if no other log is specified
-// in a config. It writes to stderr, uses the console encoder,
-// and enables INFO-level logs and higher.
-func newDefaultProductionLog() *zap.Logger {
-	encCfg := zap.NewProductionEncoderConfig()
-	// if interactive terminal, make output more human-readable by default
-	encCfg.EncodeTime = func(ts time.Time, encoder zapcore.PrimitiveArrayEncoder) {
-		encoder.AppendString(ts.Format("2006/01/02 15:04:05.000"))
-	}
-	encCfg.EncodeLevel = zapcore.CapitalColorLevelEncoder
-	enc := zapcore.NewConsoleEncoder(encCfg)
-	core := zapcore.NewCore(enc, zapcore.Lock(os.Stdout), zap.NewAtomicLevelAt(zap.DebugLevel))
-	return zap.New(core)
-
-}
-
-// Log returns the current default logger.
-func Log() *zap.Logger {
-	defaultLoggerMu.RLock()
-	defer defaultLoggerMu.RUnlock()
-	return defaultLogger
-}
-
-var (
-	defaultLogger   = newDefaultProductionLog()
-	defaultLoggerMu sync.RWMutex
-)
--- a/internal/logging/zap.go
+++ b/internal/logging/zap.go
@ -0,0 +1,14 @@
+package logging
+
+import (
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+)
+
+func NewZapLogger() (*zap.Logger, error) {
+	zapCfg := zap.NewDevelopmentConfig()
+	zapCfg.DisableStacktrace = true
+	zapCfg.EncoderConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
+	zapCfg.EncoderConfig.EncodeTime = zapcore.TimeEncoderOfLayout("2006/01/02 15:04:05.000")
+	return zapCfg.Build()
+}
--- a/internal/utils/crypto.go
+++ b/internal/utils/crypto.go
@ -8,7 +8,7 @@ func PKCS7UnPadding(encrypt []byte) []byte {
 	return encrypt[:(length - unPadding)]
 }

-func DecryptAes128Ecb(data, key []byte) []byte {
+func DecryptAES128ECB(data, key []byte) []byte {
 	cipher, _ := aes.NewCipher(key)
 	decrypted := make([]byte, len(data))
 	size := 16
--- a/misc/release.sh
+++ b/misc/release.sh
@ -0,0 +1,32 @@
+#!/bin/bash
+set -e
+
+PLATFORMS=(
+  "linux/amd64"
+  "linux/arm64"
+  "darwin/amd64"
+  "darwin/arm64"
+  "windows/amd64"
+  "windows/386"
+)
+
+DEST_DIR=${DEST_DIR:-"dist"}
+
+for PLATFORM in "${PLATFORMS[@]}"; do
+  GOOS=${PLATFORM%/*}
+  GOARCH=${PLATFORM#*/}
+  echo "Building for $GOOS/$GOARCH"
+
+  FILENAME="um-$GOOS-$GOARCH"
+  if [ "$GOOS" = "windows" ]; then
+    FILENAME="$FILENAME.exe"
+  fi
+
+  GOOS=$GOOS GOARCH=$GOARCH go build -v \
+    -o "${DEST_DIR}/${FILENAME}" \
+    -ldflags "-s -w -X main.AppVersion=$(git describe --tags --always --dirty)" \
+    ./cmd/um
+done
+
+cd "$DEST_DIR"
+sha256sum um-* > sha256sums.txt
Author	SHA1	Message	Date
Unlock Music Dev	62548955dc	chore: add release script	2022-11-20 12:42:03 +08:00
Unlock Music Dev	3794ff3154	Merge pull request 'feat(ximalaya): initial support' (#42 ) from feat/ximalaya into master Reviewed-on: um/cli#42	2022-11-20 01:38:13 +00:00
Unlock Music Dev	b22453215f	revert: go mod changes	2022-11-20 08:10:56 +08:00
Unlock Music Dev	81862b26c9	feat(ximalaya): initial support	2022-11-20 08:04:39 +08:00
Unlock Music Dev	110a78433a	Merge pull request 'fix(kwm): allow new magic header' (#41 ) from fix/kwm-magic into master Reviewed-on: um/cli#41	2022-11-20 00:03:42 +00:00
Unlock Music Dev	d896925dff	fix(kwm): allow new magic header	2022-11-20 03:12:30 +08:00
Unlock Music Dev	bd95fdb53b	fix: unit tests	2022-11-20 02:53:04 +08:00
Unlock Music Dev	f6748d644d	refactor: code cleaning	2022-11-20 02:47:28 +08:00
Unlock Music Dev	8e068b9c8d	refactor: rename xm -> xiami	2022-11-20 02:18:50 +08:00
Unlock Music Dev	14c9d49d46	refactor: change module path	2022-11-19 07:44:44 +08:00
Unlock Music Dev	6f1cdc5b4f	fix: raw don't access registry	2022-11-19 07:25:45 +08:00
Unlock Music Dev	8fd6763b29	fix: allow unencrypted tm0 tm3	2022-11-19 07:25:44 +08:00
Unlock Music Dev	2880c63bf7	fix: seek to audio start after validate	2022-11-19 07:25:44 +08:00
Unlock Music Dev	67ff0c44cd	refactor: use io.Reader instead of custom method	2022-11-19 07:25:43 +08:00
Unlock Music Dev	4365628bff	refactor: qmc don't export internal functions	2022-11-19 07:25:42 +08:00
Unlock Music Dev	b275b552ed	refactor: use kgm crypto from `parakeet-rs` chore: update deps	2022-11-19 07:25:42 +08:00
Unlock Music Dev	4ecaef1ff9	refactor: remove global logger	2022-11-19 07:25:41 +08:00
Unlock Music Dev	e2fc56ddb2	refactor: remove logging in algorithms	2022-11-19 07:25:40 +08:00
Unlock Music Dev	a2c55721cc	feat: simplify vpr decode	2022-11-19 07:25:39 +08:00
Unlock Music Dev	e6ba9f0bfa	fix: links & errors	2022-11-19 07:25:39 +08:00
Unlock Music Dev	21bd246d6c	feat: use table to generate kgm mask	2022-11-19 07:25:38 +08:00
Unlock Music Dev	f05ae61aff	feat: adapt for qmc key v2	2022-11-19 07:25:37 +08:00
Unlock Music Dev	7b37e4dd3c	feat: add tips for QMC with STag suffix	2022-11-19 07:25:36 +08:00
MengYX	9647ca15fd	Merge pull request #33 from Sloaix/master feat: support removing source files	2022-03-05 17:56:09 +08:00
Sloaix	f27b73a64c	feat: support removing source files	2022-02-25 07:50:00 +08:00
MengYX	2058504384	feat(QMCv2): support `.mggl` and `.bkc` `.mggl`: QQ Music MacOS Ogg (fix https://github.com/unlock-music/cli/issues/25) `.bkc` (".bkc" + {"mp3", "m4a", "flac", "wav", "ape", "ogg", "wma"}): Moo Music	2022-01-09 06:30:53 +08:00
MengYX	76df8e6c1a	fix(QMCv2): unlock error on 32bit platform	2022-01-09 06:24:58 +08:00
MengYX	42d658625f	test(QMCv2): add case mflac_rc4	2022-01-09 06:21:35 +08:00
MengYX	def2925900	feat(QMCv2): better rc4 cipher	2021-12-17 04:31:58 +08:00
MengYX	62f7991a64	ci: add go test	2021-12-14 04:12:45 +08:00
MengYX	9390b45207	Merge pull request #23 from unlock-music/feature/qmc-v2 Feature: QMC Decoder v2	2021-12-14 04:09:17 +08:00
MengYX	deaa58e91f	feat(QMCv2): replace with old decoder	2021-12-14 04:01:04 +08:00
MengYX	7755d47f7a	test(QMCv2): add test data & case "mgg_map"	2021-12-14 02:56:33 +08:00
MengYX	7cc7aa19fd	feat(QMCv2): support static cipher (legacy)	2021-12-14 02:19:32 +08:00
MengYX	1025010395	fix(QMCv2): add missing test data	2021-12-13 22:58:45 +08:00
MengYX	8cc7f66640	chore(QMCv2): Rename old files	2021-12-13 22:55:31 +08:00
MengYX	38648d57e6	feat(QMCv2): Add mapCipher & mflac/mgg key discovery	2021-12-13 22:54:08 +08:00
MengYX	629c0c36f0	ci: allow all branches	2021-12-13 20:55:05 +08:00
MengYX	1552a667f6	init QMCv2: RC4 (512 Byte Key)	2021-12-13 20:42:07 +08:00
Emmm Monster	f14c0cd9c2	fix ci	2021-11-12 05:41:37 +08:00
Emmm Monster	63d4e6e1d2	improve ci	2021-11-12 05:35:53 +08:00
Emmm Monster	be6d3e5a44	improve ci	2021-11-12 05:24:53 +08:00
Emmm Monster	ae4b46bf57	improve cli	2021-11-12 00:23:37 +08:00
Emmm Monster	3f3980de38	fix #18 : skip noop decoder	2021-11-11 23:43:20 +08:00
Emmm Monster	6fd5bd5863	fix #18 : support upper case extension	2021-11-11 23:27:07 +08:00
Emmm Monster	0a13671df2	chore: update deps	2021-11-11 23:18:17 +08:00
Emmm Monster	28d84e4dc2	Fix: algorithm bugs in `qmc` Optimize: algorithm in `kgm`	2021-08-03 04:17:10 +08:00
Emmm Monster	60c15894c0	Fixed #12 : Add sniffer for `.dff`	2021-05-25 12:21:11 +08:00
				`@ -0,0 +1 @@`
				dRzX3p5ZYqAlp7lLSs9Zr0rw1iEZy23bB670x4ch2w97x14Zwpk1UXbKU4C2sOS7uZ0NB5QM7ve9GnSrr2JHxP74hVNONwVV77CdOOVb807317KvtI5Yd6h08d0c5W88rdV46C235YGDjUSZj5314YTzy0b6vgh4102P7E273r911Nl464XV83Hr00rkAHkk791iMGSJH95GztN28u2Nv5s9Xx38V69o4a8aIXxbx0g1EM0623OEtbtO9zsqCJfj6MhU7T8iVS6M3q19xhq6707E6r7wzPO6Yp4BwBmgg4F95Lfl0vyF7YO6699tb5LMnr7iFx29o98hoh3O3Rd8h9Juu8P1wG7vdnO5YtRlykhUluYQblNn7XwjBJ53HAyKVraWN5dG7pv7OMl1s0RykPh0p23qfYzAAMkZ1M422pEd07TA9OCKD1iybYxWH06xj6A8mzmcnYGT9P1a5Ytg2EF5LG3IknL2r3AUz99Y751au6Cr401mfAWK68WyEBe5
				`@ -0,0 +1 @@`
				ZFJ6WDNwNVrjEJZB1o6QjkQV2ZbHSw/2Eb00q1+4z9SVWYyFWO1PcSQrJ5326ubLklmk2ab3AEyIKNUu8DFoAoAc9dpzpTmc+pdkBHjM/bW2jWx+dCyC8vMTHE+DHwaK14UEEGW47ZXMDi7PRCQ2Jpm/oXVdHTIlyrc+bRmKfMith0L2lFQ+nW8CCjV6ao5ydwkZhhNOmRdrCDcUXSJH9PveYwra9/wAmGKWSs9nemuMWKnbjp1PkcxNQexicirVTlLX7PVgRyFyzNyUXgu+R2S4WTmLwjd8UsOyW/dc2mEoYt+vY2lq1X4hFBtcQGOAZDeC+mxrN0EcW8tjS6P4TjOjiOKNMxIfMGSWkSKL3H7z5K7nR1AThW20H2bP/LcpsdaL0uZ/js1wFGpdIfFx9rnLC78itL0WwDleIqp9TBMX/NwakGgIPIbjBwfgyD8d8XKYuLEscIH0ZGdjsadB5XjybgdE3ppfeFEcQiqpnodlTaQRm3KDIF9ATClP0mTl8XlsSojsZ468xseS1Ib2iinx/0SkK3UtJDwp8DH3/+ELisgXd69Bf0pve7wbrQzzMUs9/Ogvvo6ULsIkQfApJ8cSegDYklzGXiLNH7hZYnXDLLSNejD7NvQouULSmGsBbGzhZ5If0NP/6AhSbpzqWLDlabTDgeWWnFeZpBnlK6SMxo+YFFk1Y0XLKsd69+jj
				`@ -0,0 +1 @@`
				`yw7xWOyNQ8585Jwx3hjB49QLPKi38F89awnrQ0fq66NT9TDq1ppHNrFqhaDrU5AFk916D58I53h86304GqOFCCyFzBem68DqiXJ81bILEQwG3P3MOnoNzM820kNW9Lv9IJGNn9Xo497p82BLTm4hAX8JLBs0T2pilKvT429sK9jfg508GSk4d047Jxdz5Fou4aa33OkyFRBU3x430mgNBn04Lc9BzXUI2IGYXv3FGa9qE4Vb54kSjVv8ogbg47j3`
				`@ -0,0 +1 @@`
				`eXc3eFdPeU6+3f7GVeF35bMpIEIQj5JWOWt7G+jsR68Hx3BUFBavkTQ8dpPdP0XBIwPe+OfdsnTGVQqPyg3GCtQSrkgA0mwSQdr4DPzKLkEZFX+Cf1V6ChyipOuC6KT37eAxWMdV1UHf9/OCvydr1dc6SWK1ijRUcP6IAHQhiB+mZLay7XXrSPo32WjdBkn9c9sa2SLtI48atj5kfZ4oOq6QGeld2JA3Z+3wwCe6uTHthKaEHY8ufDYodEe3qqrjYpzkdx55pCtxCQa1JiNqFmJigWm4m3CDzhuJ7YqnjbD+mXxLi7BP1+z4L6nccE2h+DGHVqpGjR9+4LBpe4WHB4DrAzVp2qQRRQJxeHd1v88=`
				`@ -0,0 +1 @@`
				pUtyvqr0TgAvR95mNmY7DmNl386TsJNAEIz95CEcgIgJCcs28686O7llxD5E74ldn70xMtd5cG58TA5ILw09I8BOTf5EdHKd6wwPn689DUK13y3Req6H0P33my2miJ5bQ2AA22B8vp4V0NJ3hBqNtFf7cId48V6W51e1kwgu1xKKawxe9BByT92MFlqrFaKH32dB2zFgyd38l2P1outr4l2XLq48F9G17ptRz4W8Loxu28RvZgv0BzL26Ht9I2L5VCwMzzt7OeZ55iQs40Tr6k81QGraIUJj5zeBMgJRMTaSgi19hU5x5a08Qd662MbFhZZ0FjVvaDy1nbIDhrC62c1lX6wf70O45h4W42VxloBVeZ9Sef4V7cWrjrEjj3DJ5w2iu6Q9uoal2f4390kue42Um5HcDFWqv3m56k6O89bRV424PaRra1k9Cd2L56IN2zfBYqNo2WP5VC68G8w1hfflOY0O52h4WdcpoHSjZm4b35N7l47dT4dwEXj1U4J5
				`@ -0,0 +1 @@`
				cFV0eXZxcjAF/IXJ9qJT1u5C3S5AgY9BoVtIQNBKfxQMt5hH7BF36ndIJGV5L6qw5h4G0IOIOOewdHmMCNfKJftHM4nv3B0iRlSdqJKdL08wO3sV0v8eZk0OiYAlxgseGcBquQWYS/0b5Lj/Ioi2NfpOthAY9vUiRPnfH3+7/2AJGudHjj4Gg1KkpPW3mXIKbsk+Ou9fhrUqs873BCdsmI6qRmVNhOkLaUcbG6Zin3XU0WkgnnjebR43S8N4bw5BTphFvhy42QvspnD7Ewb1tVZQMQ2N1s38nBjukdfCB9R6aRwITOvg2U7Lr0RjLpbrIn6A6iVilpINjK4VptuKUTlpDXQwgCjoqeHQaHNCWgYpdjB69lXn8km/BfzK7QyDbh0VgTikwAHF9tvPhin3AIDRcU0xsaWYKURRfJelX3pSN495ADlhXdEKL/+l60hVnY7t6iCMxJL3lOtdGtdUYUGUCc76PB1fX+0HTWCcfcwvXTEdczr9J1h2yTeJNqFQ5pNy8vX7Ws8k7vDQVFkw4llZjPhb0kg9aDNePTNIKSGwy/7eofrcUQlC9DI+qqqwQ5abA/93fNsPq6XU3uwawnrbBsdz8DDdjJiEDI7abkPIDIfr/uR0YzgBxW90t5bt6xAtuW+VSYAM7kGxI3RZTl7JgOT60MLyIWkYASrRhRPMGks8zL10ED/4yGTEB1nt
				`@ -0,0 +1 @@`
				`zGxNk54pKJ0hDkAo80wHE80ycSWQ7z4m4E846zVy2sqCn14F42Y5S7GqeR11WpOV75sDLbE5dFP992t88l0pHy1yAQ49YK6YX6c543drBYLo55Hc4Y0Fyic6LQPiGqu2bG31r8vaq9wS9v63kg0X5VbnOD6RhO4t0RRhk3ajrA7p0iIy027z0L70LZjtw6E18H0D41nz6ASTx71otdF9z1QNC0JmCl51xvnb39zPExEXyKkV47S6QsK5hFh884QJ`
				`@ -0,0 +1 @@`
				`ekd4Tms1NHC53JEDO/AKVyF+I0bj0hHB7CZeoLDGSApaQB9Oo/pJTBGA/RO+nk5RXLXdHsffLiY4e8kt3LNo6qMl7S89vkiSFxx4Uoq4bGDJ7Jc+bYL6lLsa3M4sBvXS4XcPChrMDz+LmrJMGG6ua2fYyIz1d6TCRUBf1JJgCIkBbDAEeMVYc13qApitiz/apGAPmAnveCaDhfD5GxWsF+RfQ2OcnvrnIXe80Feh/0jx763DlsOBI3eIede6t5zYHokWkZmVEF1jMrnlvsgbQK2EzUWMblmLMsTKNILyZazEoKUyulqmyLO/c/KYE+USPOXPcbjlYFmLhSGHK7sQB5aBR153Yp+xh61ooh2NGAA=`