summaryrefslogtreecommitdiffstats
path: root/bootloader/main-pp.c
diff options
context:
space:
mode:
authorBarry Wardell <rockbox@barrywardell.net>2007-03-20 20:45:25 +0000
committerBarry Wardell <rockbox@barrywardell.net>2007-03-20 20:45:25 +0000
commit3de41f5250fc752b92bb953286ed0d9c172fc6b3 (patch)
tree9bd850985f11b266a576897cfe5469f42a933a1c /bootloader/main-pp.c
parent22a673062ffdffc9048ca10193fd93d4c24039a7 (diff)
downloadrockbox-3de41f5250fc752b92bb953286ed0d9c172fc6b3.tar.gz
rockbox-3de41f5250fc752b92bb953286ed0d9c172fc6b3.tar.bz2
rockbox-3de41f5250fc752b92bb953286ed0d9c172fc6b3.zip
Add support for encrypted mi4 bootloaders.
git-svn-id: svn://svn.rockbox.org/rockbox/trunk@12863 a1c6a512-1295-4272-9138-f99709370657
Diffstat (limited to 'bootloader/main-pp.c')
-rw-r--r--bootloader/main-pp.c283
1 files changed, 237 insertions, 46 deletions
diff --git a/bootloader/main-pp.c b/bootloader/main-pp.c
index 8f4a6e619d..687a7271a6 100644
--- a/bootloader/main-pp.c
+++ b/bootloader/main-pp.c
@@ -31,6 +31,194 @@
#include "disk.h"
#include <string.h>
+/* Locations and sizes in hidden partition on Sansa */
+#define PPMI_SECTOR_OFFSET 1024
+#define PPMI_SECTORS 1
+#define MI4_HEADER_SECTORS 1
+#define MI4_HEADER_SIZE 0x200
+
+/* mi4 header structure */
+struct mi4header_t {
+ unsigned char magic[4];
+ uint32_t version;
+ uint32_t length;
+ uint32_t crc32;
+ uint32_t enctype;
+ uint32_t mi4size;
+ uint32_t plaintext;
+ uint32_t dsa_key[10];
+ uint32_t pad[109];
+ unsigned char type[4];
+ unsigned char model[4];
+};
+
+/* PPMI header structure */
+struct ppmi_header_t {
+ unsigned char magic[4];
+ uint32_t length;
+ uint32_t pad[126];
+};
+
+inline unsigned int le2int(unsigned char* buf)
+{
+ int32_t res = (buf[3] << 24) | (buf[2] << 16) | (buf[1] << 8) | buf[0];
+
+ return res;
+}
+
+inline void int2le(unsigned int val, unsigned char* addr)
+{
+ addr[0] = val & 0xFF;
+ addr[1] = (val >> 8) & 0xff;
+ addr[2] = (val >> 16) & 0xff;
+ addr[3] = (val >> 24) & 0xff;
+}
+
+struct tea_key {
+ const char * name;
+ uint32_t key[4];
+};
+
+#define NUM_KEYS 11
+struct tea_key tea_keytable[] = {
+ { "default" , { 0x20d36cc0, 0x10e8c07d, 0xc0e7dcaa, 0x107eb080 } },
+ { "sansa", { 0xe494e96e, 0x3ee32966, 0x6f48512b, 0xa93fbb42 } },
+ { "sansa_gh", { 0xd7b10538, 0xc662945b, 0x1b3fce68, 0xf389c0e6 } },
+ { "rhapsody", { 0x7aa9c8dc, 0xbed0a82a, 0x16204cc7, 0x5904ef38 } },
+ { "p610", { 0x950e83dc, 0xec4907f9, 0x023734b9, 0x10cfb7c7 } },
+ { "p640", { 0x220c5f23, 0xd04df68e, 0x431b5e25, 0x4dcc1fa1 } },
+ { "virgin", { 0xe83c29a1, 0x04862973, 0xa9b3f0d4, 0x38be2a9c } },
+ { "20gc_eng", { 0x0240772c, 0x6f3329b5, 0x3ec9a6c5, 0xb0c9e493 } },
+ { "20gc_fre", { 0xbede8817, 0xb23bfe4f, 0x80aa682d, 0xd13f598c } },
+ { "elio_p722", { 0x6af3b9f8, 0x777483f5, 0xae8181cc, 0xfa6d8a84 } },
+ { "c200", { 0xbf2d06fa, 0xf0e23d59, 0x29738132, 0xe2d04ca7 } },
+};
+
+/*
+
+tea_decrypt() from http://en.wikipedia.org/wiki/Tiny_Encryption_Algorithm
+
+"Following is an adaptation of the reference encryption and decryption
+routines in C, released into the public domain by David Wheeler and
+Roger Needham:"
+
+*/
+
+/* NOTE: The mi4 version of TEA uses a different initial value to sum compared
+ to the reference implementation and the main loop is 8 iterations, not
+ 32.
+*/
+
+static void tea_decrypt(uint32_t* v0, uint32_t* v1, uint32_t* k) {
+ uint32_t sum=0xF1BBCDC8, i; /* set up */
+ uint32_t delta=0x9E3779B9; /* a key schedule constant */
+ uint32_t k0=k[0], k1=k[1], k2=k[2], k3=k[3]; /* cache key */
+ for(i=0; i<8; i++) { /* basic cycle start */
+ *v1 -= ((*v0<<4) + k2) ^ (*v0 + sum) ^ ((*v0>>5) + k3);
+ *v0 -= ((*v1<<4) + k0) ^ (*v1 + sum) ^ ((*v1>>5) + k1);
+ sum -= delta; /* end cycle */
+ }
+}
+
+/* mi4 files are encrypted in 64-bit blocks (two little-endian 32-bit
+ integers) and the key is incremented after each block
+ */
+
+static void tea_decrypt_buf(unsigned char* src, unsigned char* dest, size_t n, uint32_t * key)
+{
+ uint32_t v0, v1;
+ unsigned int i;
+
+ for (i = 0; i < (n / 8); i++) {
+ v0 = le2int(src);
+ v1 = le2int(src+4);
+
+ tea_decrypt(&v0, &v1, key);
+
+ int2le(v0, dest);
+ int2le(v1, dest+4);
+
+ src += 8;
+ dest += 8;
+
+ /* Now increment the key */
+ key[0]++;
+ if (key[0]==0) {
+ key[1]++;
+ if (key[1]==0) {
+ key[2]++;
+ if (key[2]==0) {
+ key[3]++;
+ }
+ }
+ }
+ }
+}
+
+static inline bool tea_test_key(unsigned char magic_enc[8], uint32_t * key, int unaligned)
+{
+ unsigned char magic_dec[8];
+ tea_decrypt_buf(magic_enc, magic_dec, 8, key);
+
+ return (le2int(&magic_dec[4*unaligned]) == 0xaa55aa55);
+}
+
+static int tea_find_key(struct mi4header_t *mi4header, int fd)
+{
+ int i, rc;
+ unsigned int j;
+ uint32_t key[4];
+ unsigned char magic_enc[8];
+ int key_found = -1;
+ unsigned int magic_location = mi4header->length-4;
+ int unaligned = 0;
+
+ if ( (magic_location % 8) != 0 )
+ {
+ unaligned = 1;
+ magic_location -= 4;
+ }
+
+ /* Load encrypted magic 0xaa55aa55 to check key */
+ lseek(fd, MI4_HEADER_SIZE + magic_location, SEEK_SET);
+ rc = read(fd, magic_enc, 8);
+ if(rc < 8 )
+ return EREAD_IMAGE_FAILED;
+
+ printf("Trying key:");
+
+ for (i=0; i < NUM_KEYS && (key_found<0) ; i++) {
+ key[0] = tea_keytable[i].key[0];
+ key[1] = tea_keytable[i].key[1];
+ key[2] = tea_keytable[i].key[2];
+ key[3] = tea_keytable[i].key[3];
+
+ /* Now increment the key */
+ for(j=0; j<((magic_location-mi4header->plaintext)/8); j++){
+ key[0]++;
+ if (key[0]==0) {
+ key[1]++;
+ if (key[1]==0) {
+ key[2]++;
+ if (key[2]==0) {
+ key[3]++;
+ }
+ }
+ }
+ }
+
+ if (tea_test_key(magic_enc,key,unaligned))
+ {
+ key_found = i;
+ printf("%s...found", tea_keytable[i].name);
+ } else {
+ printf("%s...failed", tea_keytable[i].name);
+ }
+ }
+
+ return key_found;
+}
+
/*
* CRC32 implementation taken from:
*
@@ -122,40 +310,13 @@ unsigned char *loadbuffer = (unsigned char *)DRAM_START;
/* Bootloader version */
char version[] = APPSVERSION;
-/* Locations and sizes in hidden partition on Sansa */
-#define PPMI_SECTOR_OFFSET 1024
-#define PPMI_SECTORS 1
-#define MI4_HEADER_SECTORS 1
-#define MI4_HEADER_SIZE 0x200
-
-/* mi4 header structure */
-struct mi4header_t {
- unsigned char magic[4];
- uint32_t version;
- uint32_t length;
- uint32_t crc32;
- uint32_t enctype;
- uint32_t mi4size;
- uint32_t plaintext;
- uint32_t dsa_key[10];
- uint32_t pad[109];
- unsigned char type[4];
- unsigned char model[4];
-};
-
-/* PPMI header structure */
-struct ppmi_header_t {
- unsigned char magic[4];
- uint32_t length;
- uint32_t pad[126];
-};
-
/* Load mi4 format firmware image */
int load_mi4(unsigned char* buf, char* firmware, unsigned int buffer_size)
{
int fd;
struct mi4header_t mi4header;
int rc;
+ unsigned int i;
unsigned long sum;
char filename[MAX_PATH];
@@ -171,10 +332,6 @@ int load_mi4(unsigned char* buf, char* firmware, unsigned int buffer_size)
read(fd, &mi4header, MI4_HEADER_SIZE);
- /* We don't support encrypted mi4 files yet */
- if( (mi4header.plaintext + MI4_HEADER_SIZE) != mi4header.mi4size)
- return EINVALID_FORMAT;
-
/* MI4 file size */
printf("mi4 size: %x", mi4header.mi4size);
@@ -190,20 +347,54 @@ int load_mi4(unsigned char* buf, char* firmware, unsigned int buffer_size)
/* Read binary type (RBOS, RBBL) */
printf("Binary type: %.4s", mi4header.type);
- /* Load firmware */
- lseek(fd, MI4_HEADER_SIZE, SEEK_SET);
- rc = read(fd, buf, mi4header.mi4size-MI4_HEADER_SIZE);
- if(rc < (int)mi4header.mi4size-MI4_HEADER_SIZE)
- return EREAD_IMAGE_FAILED;
-
- /* Check CRC32 to see if we have a valid file */
- sum = chksum_crc32 (buf,mi4header.mi4size-MI4_HEADER_SIZE);
-
- printf("Calculated CRC32: %x", sum);
-
- if(sum != mi4header.crc32)
- return EBAD_CHKSUM;
+ /* Decrypt or calculate CRC */
+ if( (mi4header.plaintext + 0x200) != mi4header.mi4size)
+ {
+ /* Load encrypted firmware */
+ int key_index = tea_find_key(&mi4header, fd);
+ unsigned char encrypted_block[8];
+ unsigned int blocks_to_decrypt;
+
+ if (key_index < 0)
+ return EINVALID_FORMAT;
+
+ /* Load plaintext part */
+ lseek(fd, MI4_HEADER_SIZE, SEEK_SET);
+ rc = read(fd, buf, mi4header.plaintext );
+ if(rc < (int)mi4header.plaintext )
+ return EREAD_IMAGE_FAILED;
+ buf += mi4header.plaintext;
+
+ /* Load encrypted part */
+ blocks_to_decrypt = (mi4header.mi4size-(mi4header.plaintext+MI4_HEADER_SIZE))/8;
+ for(i=0; i < blocks_to_decrypt; i++)
+ {
+ lseek(fd, MI4_HEADER_SIZE + mi4header.plaintext + i*8, SEEK_SET);
+ rc = read(fd, encrypted_block, 8);
+ if(rc < 8)
+ return EREAD_IMAGE_FAILED;
+
+ tea_decrypt_buf(encrypted_block, buf, 8, tea_keytable[key_index].key);
+ buf += 8;
+ }
+
+ printf("%s key used", tea_keytable[key_index].name);
+ } else {
+ /* Load plaintext firmware */
+ lseek(fd, MI4_HEADER_SIZE, SEEK_SET);
+ rc = read(fd, buf, mi4header.mi4size-MI4_HEADER_SIZE);
+ if(rc < (int)mi4header.mi4size-MI4_HEADER_SIZE)
+ return EREAD_IMAGE_FAILED;
+
+ /* Check CRC32 to see if we have a valid file */
+ sum = chksum_crc32 (buf, mi4header.mi4size - MI4_HEADER_SIZE);
+
+ printf("Calculated CRC32: %x", sum);
+ if(sum != mi4header.crc32)
+ return EBAD_CHKSUM;
+ }
+
return EOK;
}
@@ -378,7 +569,7 @@ void* main(void)
return (void*)loadbuffer;
}
- error(EBOOTFILE, rc);
+ error(0, 0);
} else {
printf("Loading Rockbox...");