summaryrefslogtreecommitdiffstats
path: root/utils
diff options
context:
space:
mode:
authorAmaury Pouly <pamaury@rockbox.org>2010-11-29 14:15:06 +0000
committerAmaury Pouly <pamaury@rockbox.org>2010-11-29 14:15:06 +0000
commit761255928e0a56ce915f35f6c22b8b6945050659 (patch)
treeff116115d177c00e94dc3af193a70221da5d0d36 /utils
parentdb1e051bf08871d156feadf8e81972fdaf1989f7 (diff)
downloadrockbox-761255928e0a56ce915f35f6c22b8b6945050659.tar.gz
rockbox-761255928e0a56ce915f35f6c22b8b6945050659.tar.bz2
rockbox-761255928e0a56ce915f35f6c22b8b6945050659.zip
sbinfo: add full support for various kind of cryptographic checks
- now have a AES128, SHA1 and CRC implementation - now crc check the boot section chunks as well as the instruction headers - now sha1 check the sb header and the whole file - nearly all fields of the sb format are now documented git-svn-id: svn://svn.rockbox.org/rockbox/trunk@28708 a1c6a512-1295-4272-9138-f99709370657
Diffstat (limited to 'utils')
-rw-r--r--utils/sbinfo/Makefile4
-rw-r--r--utils/sbinfo/aes128.c (renamed from utils/sbinfo/aes128_impl.c)50
-rw-r--r--utils/sbinfo/aes128_impl.h10
-rw-r--r--utils/sbinfo/crc.c78
-rw-r--r--utils/sbinfo/crypto.h57
-rw-r--r--utils/sbinfo/sbinfo.c170
-rw-r--r--utils/sbinfo/sha1.c150
7 files changed, 432 insertions, 87 deletions
diff --git a/utils/sbinfo/Makefile b/utils/sbinfo/Makefile
index 6a857b0b0c..8b2cd2649d 100644
--- a/utils/sbinfo/Makefile
+++ b/utils/sbinfo/Makefile
@@ -2,8 +2,8 @@ TGT = sbinfo
all: $(TGT)
-$(TGT): sbinfo.c
- $(CC) -std=c99 -o $(TGT) -W -Wall sbinfo.c aes128_impl.c
+$(TGT): sbinfo.c crc.c crypto.h aes128.c sha1.c
+ $(CC) -g -std=c99 -o $(TGT) -W -Wall sbinfo.c aes128.c crc.c sha1.c
clean:
rm -fr $(TGT)
diff --git a/utils/sbinfo/aes128_impl.c b/utils/sbinfo/aes128.c
index edb2139fa7..d435009a14 100644
--- a/utils/sbinfo/aes128_impl.c
+++ b/utils/sbinfo/aes128.c
@@ -6,7 +6,7 @@
// http://en.wikipeia.org/wiki/Rijndael_mix_columns
// http://en.wikipedia.org/wiki/Rijndael_S-box
// This code is public domain, or any OSI-approved license, your choice. No warranty.
-#include "aes128_impl.h"
+#include "crypto.h"
// Here are all the lookup tables for the row shifts, rcon, s-boxes, and galois field multiplications
byte shift_rows_table[] = {0,5,10,15,4,9,14,3,8,13,2,7,12,1,6,11};
@@ -234,3 +234,51 @@ int main(void)
return 0;
}
*/
+
+void cbc_mac(
+ byte *in_data, /* Input data */
+ byte *out_data, /* Output data (or NULL) */
+ int nr_blocks, /* Number of blocks to encrypt/decrypt (one block=16 bytes) */
+ byte key[16], /* Key */
+ byte iv[16], /* Initialisation Vector */
+ byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */
+ int encrypt /* 1 to encrypt, 0 to decrypt */
+ )
+{
+ byte feedback[16];
+ memcpy(feedback, iv, 16);
+
+ if(encrypt)
+ {
+ /* for each block */
+ for(int i = 0; i < nr_blocks; i++)
+ {
+ /* xor it with feedback */
+ xor_(feedback, &in_data[i * 16], 16);
+ /* encrypt it using aes */
+ EncryptAES(feedback, key, feedback);
+ /* write cipher to output */
+ if(out_data)
+ memcpy(&out_data[i * 16], feedback, 16);
+ }
+ if(out_cbc_mac)
+ memcpy(out_cbc_mac, feedback, 16);
+ }
+ else
+ {
+ /* nothing to do ? */
+ if(out_data == NULL)
+ return;
+
+ /* for each block */
+ for(int i = 0; i < nr_blocks; i++)
+ {
+ /* decrypt it using aes */
+ DecryptAES(&in_data[i * 16], key, &out_data[i * 16]);
+ /* xor it with iv */
+ xor_(&out_data[i * 16], feedback, 16);
+ /* copy cipher to iv */
+ memcpy(feedback, &in_data[i * 16], 16);
+ }
+ }
+}
diff --git a/utils/sbinfo/aes128_impl.h b/utils/sbinfo/aes128_impl.h
deleted file mode 100644
index 7f1b966cd3..0000000000
--- a/utils/sbinfo/aes128_impl.h
+++ /dev/null
@@ -1,10 +0,0 @@
-#include <stdio.h>
-#include <stdint.h>
-#include <string.h>
-
-typedef uint8_t byte;
-
-void xor_(byte *a, byte *b, int n);
-void EncryptAES(byte *msg, byte *key, byte *c);
-void DecryptAES(byte *c, byte *key, byte *m);
-void Pretty(byte* b,int len,const char* label);
diff --git a/utils/sbinfo/crc.c b/utils/sbinfo/crc.c
new file mode 100644
index 0000000000..8030141567
--- /dev/null
+++ b/utils/sbinfo/crc.c
@@ -0,0 +1,78 @@
+/***************************************************************************
+ * __________ __ ___.
+ * Open \______ \ ____ ____ | | _\_ |__ _______ ___
+ * Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
+ * Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
+ * Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
+ * \/ \/ \/ \/ \/
+ * $Id$
+ *
+ * Copyright (C) 2010 Amaury Pouly
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+#include "crypto.h"
+
+/* Table extracted from firmware, don't know if this is regular CRC32 */
+
+static uint32_t crc_table[256] = {
+ 0x0, 0x4C11DB7, 0x9823B6E, 0x0D4326D9, 0x130476DC, 0x17C56B6B, 0x1A864DB2,
+ 0x1E475005, 0x2608EDB8, 0x22C9F00F, 0x2F8AD6D6, 0x2B4BCB61, 0x350C9B64,
+ 0x31CD86D3, 0x3C8EA00A, 0x384FBDBD, 0x4C11DB70, 0x48D0C6C7, 0x4593E01E,
+ 0x4152FDA9, 0x5F15ADAC, 0x5BD4B01B, 0x569796C2, 0x52568B75, 0x6A1936C8,
+ 0x6ED82B7F, 0x639B0DA6, 0x675A1011, 0x791D4014, 0x7DDC5DA3, 0x709F7B7A,
+ 0x745E66CD, 0x9823B6E0, 0x9CE2AB57, 0x91A18D8E, 0x95609039, 0x8B27C03C,
+ 0x8FE6DD8B, 0x82A5FB52, 0x8664E6E5, 0x0BE2B5B58, 0x0BAEA46EF, 0x0B7A96036,
+ 0x0B3687D81, 0x0AD2F2D84, 0x0A9EE3033, 0x0A4AD16EA, 0x0A06C0B5D, 0x0D4326D90,
+ 0x0D0F37027, 0x0DDB056FE, 0x0D9714B49, 0x0C7361B4C, 0x0C3F706FB, 0x0CEB42022,
+ 0x0CA753D95, 0x0F23A8028, 0x0F6FB9D9F, 0x0FBB8BB46, 0x0FF79A6F1, 0x0E13EF6F4,
+ 0x0E5FFEB43, 0x0E8BCCD9A, 0x0EC7DD02D, 0x34867077, 0x30476DC0, 0x3D044B19,
+ 0x39C556AE, 0x278206AB, 0x23431B1C, 0x2E003DC5, 0x2AC12072, 0x128E9DCF,
+ 0x164F8078, 0x1B0CA6A1, 0x1FCDBB16, 0x18AEB13, 0x54BF6A4, 0x808D07D,
+ 0x0CC9CDCA, 0x7897AB07, 0x7C56B6B0, 0x71159069, 0x75D48DDE, 0x6B93DDDB,
+ 0x6F52C06C, 0x6211E6B5, 0x66D0FB02, 0x5E9F46BF, 0x5A5E5B08, 0x571D7DD1,
+ 0x53DC6066, 0x4D9B3063, 0x495A2DD4, 0x44190B0D, 0x40D816BA, 0x0ACA5C697,
+ 0x0A864DB20, 0x0A527FDF9, 0x0A1E6E04E, 0x0BFA1B04B, 0x0BB60ADFC, 0x0B6238B25,
+ 0x0B2E29692, 0x8AAD2B2F, 0x8E6C3698, 0x832F1041, 0x87EE0DF6, 0x99A95DF3,
+ 0x9D684044, 0x902B669D, 0x94EA7B2A, 0x0E0B41DE7, 0x0E4750050, 0x0E9362689,
+ 0x0EDF73B3E, 0x0F3B06B3B, 0x0F771768C, 0x0FA325055, 0x0FEF34DE2, 0x0C6BCF05F,
+ 0x0C27DEDE8, 0x0CF3ECB31, 0x0CBFFD686, 0x0D5B88683, 0x0D1799B34, 0x0DC3ABDED,
+ 0x0D8FBA05A, 0x690CE0EE, 0x6DCDFD59, 0x608EDB80, 0x644FC637, 0x7A089632,
+ 0x7EC98B85, 0x738AAD5C, 0x774BB0EB, 0x4F040D56, 0x4BC510E1, 0x46863638,
+ 0x42472B8F, 0x5C007B8A, 0x58C1663D, 0x558240E4, 0x51435D53, 0x251D3B9E,
+ 0x21DC2629, 0x2C9F00F0, 0x285E1D47, 0x36194D42, 0x32D850F5, 0x3F9B762C,
+ 0x3B5A6B9B, 0x315D626, 0x7D4CB91, 0x0A97ED48, 0x0E56F0FF, 0x1011A0FA,
+ 0x14D0BD4D, 0x19939B94, 0x1D528623, 0x0F12F560E, 0x0F5EE4BB9, 0x0F8AD6D60,
+ 0x0FC6C70D7, 0x0E22B20D2, 0x0E6EA3D65, 0x0EBA91BBC, 0x0EF68060B, 0x0D727BBB6,
+ 0x0D3E6A601, 0x0DEA580D8, 0x0DA649D6F, 0x0C423CD6A, 0x0C0E2D0DD, 0x0CDA1F604,
+ 0x0C960EBB3, 0x0BD3E8D7E, 0x0B9FF90C9, 0x0B4BCB610, 0x0B07DABA7, 0x0AE3AFBA2,
+ 0x0AAFBE615, 0x0A7B8C0CC, 0x0A379DD7B, 0x9B3660C6, 0x9FF77D71, 0x92B45BA8,
+ 0x9675461F, 0x8832161A, 0x8CF30BAD, 0x81B02D74, 0x857130C3, 0x5D8A9099,
+ 0x594B8D2E, 0x5408ABF7, 0x50C9B640, 0x4E8EE645, 0x4A4FFBF2, 0x470CDD2B,
+ 0x43CDC09C, 0x7B827D21, 0x7F436096, 0x7200464F, 0x76C15BF8, 0x68860BFD,
+ 0x6C47164A, 0x61043093, 0x65C52D24, 0x119B4BE9, 0x155A565E, 0x18197087,
+ 0x1CD86D30, 0x29F3D35, 0x65E2082, 0x0B1D065B, 0x0FDC1BEC, 0x3793A651,
+ 0x3352BBE6, 0x3E119D3F, 0x3AD08088, 0x2497D08D, 0x2056CD3A, 0x2D15EBE3,
+ 0x29D4F654, 0x0C5A92679, 0x0C1683BCE, 0x0CC2B1D17, 0x0C8EA00A0, 0x0D6AD50A5,
+ 0x0D26C4D12, 0x0DF2F6BCB, 0x0DBEE767C, 0x0E3A1CBC1, 0x0E760D676, 0x0EA23F0AF,
+ 0x0EEE2ED18, 0x0F0A5BD1D, 0x0F464A0AA, 0x0F9278673, 0x0FDE69BC4, 0x89B8FD09,
+ 0x8D79E0BE, 0x803AC667, 0x84FBDBD0, 0x9ABC8BD5, 0x9E7D9662, 0x933EB0BB,
+ 0x97FFAD0C, 0x0AFB010B1, 0x0AB710D06, 0x0A6322BDF, 0x0A2F33668, 0x0BCB4666D,
+ 0x0B8757BDA, 0x0B5365D03, 0x0B1F740B4
+};
+
+uint32_t crc(byte *data, int size)
+{
+ uint32_t c = 0xffffffff;
+ /* normal CRC */
+ for(int i = 0; i < size; i++)
+ c = crc_table[data[i] ^ (c >> 24)] ^ (c << 8);
+ return c;
+}
diff --git a/utils/sbinfo/crypto.h b/utils/sbinfo/crypto.h
new file mode 100644
index 0000000000..e36900df47
--- /dev/null
+++ b/utils/sbinfo/crypto.h
@@ -0,0 +1,57 @@
+/***************************************************************************
+ * __________ __ ___.
+ * Open \______ \ ____ ____ | | _\_ |__ _______ ___
+ * Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
+ * Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
+ * Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
+ * \/ \/ \/ \/ \/
+ * $Id$
+ *
+ * Copyright (C) 2010 Amaury Pouly
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+
+typedef uint8_t byte;
+
+/* aes128.c */
+void xor_(byte *a, byte *b, int n);
+void EncryptAES(byte *msg, byte *key, byte *c);
+void DecryptAES(byte *c, byte *key, byte *m);
+void Pretty(byte* b,int len,const char* label);
+void cbc_mac(
+ byte *in_data, /* Input data */
+ byte *out_data, /* Output data (or NULL) */
+ int nr_blocks, /* Number of blocks to encrypt/decrypt (one block=16 bytes) */
+ byte key[16], /* Key */
+ byte iv[16], /* Initialisation Vector */
+ byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */
+ int encrypt /* 1 to encrypt, 0 to decrypt */
+ );
+
+/* crc.c */
+uint32_t crc(byte *data, int size);
+
+/* sha1.c */
+struct sha_1_params_t
+{
+ uint32_t hash[5];
+ uint64_t buffer_nr_bits;
+ uint32_t w[80];
+};
+
+void sha_1_init(struct sha_1_params_t *params);
+void sha_1_block(struct sha_1_params_t *params, uint32_t cur_hash[5], byte *data);
+void sha_1_update(struct sha_1_params_t *params, byte *buffer, int size);
+void sha_1_finish(struct sha_1_params_t *params);
+void sha_1_output(struct sha_1_params_t *params, byte *out);
diff --git a/utils/sbinfo/sbinfo.c b/utils/sbinfo/sbinfo.c
index 779d926011..74b5a0b7be 100644
--- a/utils/sbinfo/sbinfo.c
+++ b/utils/sbinfo/sbinfo.c
@@ -38,7 +38,7 @@
#include <string.h>
#include <ctype.h>
#include <time.h>
-#include "aes128_impl.h"
+#include "crypto.h"
#if 1 /* ANSI colors */
@@ -78,9 +78,6 @@ uint8_t *buf; /* file content */
char out_prefix[PREFIX_SIZE];
const char *key_file;
-#define SB_INST_OP(inst) (((inst) >> 8) & 0xff)
-#define SB_INST_UNK(inst) ((inst) & 0xff)
-
#define SB_INST_NOP 0x0
#define SB_INST_TAG 0x1
#define SB_INST_LOAD 0x2
@@ -91,7 +88,9 @@ const char *key_file;
struct sb_instruction_header_t
{
- uint32_t inst;
+ uint8_t checksum;
+ uint8_t opcode;
+ uint16_t zero_except_for_tag;
} __attribute__((packed));
struct sb_instruction_load_t
@@ -114,6 +113,7 @@ struct sb_instruction_call_t
{
struct sb_instruction_header_t hdr;
uint32_t addr;
+ uint32_t zero;
uint32_t arg;
} __attribute__((packed));
@@ -165,6 +165,12 @@ static void print_key(byte key[16])
printf("%02X ", key[i]);
}
+static void print_sha1(byte sha[20])
+{
+ for(int i = 0; i < 20; i++)
+ printf("%02X ", sha[i]);
+}
+
/* verify the firmware header */
static void check(unsigned long filesize)
{
@@ -242,56 +248,17 @@ static key_array_t read_keys(int num_keys)
return keys;
}
-static void cbc_mac(
- byte *in_data, /* Input data */
- byte *out_data, /* Output data (or NULL) */
- int nr_blocks, /* Number of blocks to encrypt/decrypt (one block=16 bytes) */
- byte key[16], /* Key */
- byte iv[16], /* Initialisation Vector */
- byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */
- int encrypt /* 1 to encrypt, 0 to decrypt */
- )
-{
- byte feedback[16];
- memcpy(feedback, iv, 16);
-
- if(encrypt)
- {
- /* for each block */
- for(int i = 0; i < nr_blocks; i++)
- {
- /* xor it with feedback */
- xor_(feedback, &in_data[i * 16], 16);
- /* encrypt it using aes */
- EncryptAES(feedback, key, feedback);
- /* write cipher to output */
- if(out_data)
- memcpy(&out_data[i * 16], feedback, 16);
- }
- if(out_cbc_mac)
- memcpy(out_cbc_mac, feedback, 16);
- }
- else
- {
- /* nothing to do ? */
- if(out_data == NULL)
- bugp("can't ask to decrypt with no output buffer");
+#define ROUND_UP(val, round) ((((val) + (round) - 1) / (round)) * (round))
- /* for each block */
- for(int i = 0; i < nr_blocks; i++)
- {
- /* decrypt it using aes */
- DecryptAES(&in_data[i * 16], key, &out_data[i * 16]);
- /* xor it with iv */
- xor_(&out_data[i * 16], feedback, 16);
- /* copy cipher to iv */
- memcpy(feedback, &in_data[i * 16], 16);
- }
- }
+static uint8_t instruction_checksum(struct sb_instruction_header_t *hdr)
+{
+ uint8_t sum = 90;
+ byte *ptr = (byte *)hdr;
+ for(int i = 1; i < 16; i++)
+ sum += ptr[i];
+ return sum;
}
-#define ROUND_UP(val, round) ((((val) + (round) - 1) / (round)) * (round))
-
static void extract_section(int data_sec, char name[5], byte *buf, int size, const char *indent)
{
char filename[PREFIX_SIZE + 16];
@@ -308,62 +275,77 @@ static void extract_section(int data_sec, char name[5], byte *buf, int size, con
while(pos < size)
{
struct sb_instruction_header_t *hdr = (struct sb_instruction_header_t *)&buf[pos];
- if(SB_INST_OP(hdr->inst) == SB_INST_LOAD)
+ printf("%s", indent);
+ uint8_t checksum = instruction_checksum(hdr);
+ if(checksum != hdr->checksum)
+ {
+ color(GREY);
+ printf("[Bad checksum]");
+ }
+
+ if(hdr->opcode == SB_INST_LOAD)
{
struct sb_instruction_load_t *load = (struct sb_instruction_load_t *)&buf[pos];
color(RED);
- printf("%sLOAD", indent);
+ printf("LOAD");
color(OFF);printf(" | ");
color(BLUE);
- printf("addr=%#08x", load->addr);
+ printf("addr=0x%08x", load->addr);
color(OFF);printf(" | ");
color(GREEN);
- printf("len=%#08x", load->len);
+ printf("len=0x%08x", load->len);
color(OFF);printf(" | ");
color(YELLOW);
- printf("crc=%#08x\n", load->crc);
- color(OFF);
+ printf("crc=0x%08x", load->crc);
+ /* data is padded to 16-byte boundary with random data and crc'ed with it */
+ uint32_t computed_crc = crc(&buf[pos + sizeof(struct sb_instruction_load_t)],
+ ROUND_UP(load->len, 16));
+ color(RED);
+ if(load->crc == computed_crc)
+ printf(" Ok\n");
+ else
+ printf(" Failed (crc=0x%08x)\n", computed_crc);
pos += load->len + sizeof(struct sb_instruction_load_t);
// unsure about rounding
pos = ROUND_UP(pos, 16);
}
- else if(SB_INST_OP(hdr->inst) == SB_INST_FILL)
+ else if(hdr->opcode == SB_INST_FILL)
{
struct sb_instruction_fill_t *fill = (struct sb_instruction_fill_t *)&buf[pos];
color(RED);
- printf("%sFILL", indent);
+ printf("FILL");
color(OFF);printf(" | ");
color(BLUE);
- printf("addr=%#08x", fill->addr);
+ printf("addr=0x%08x", fill->addr);
color(OFF);printf(" | ");
color(GREEN);
- printf("len=%#08x", fill->len);
+ printf("len=0x%08x", fill->len);
color(OFF);printf(" | ");
color(YELLOW);
- printf("pattern=%#08x\n", fill->pattern);
+ printf("pattern=0x%08x\n", fill->pattern);
color(OFF);
pos += sizeof(struct sb_instruction_fill_t);
// fixme: useless as pos is a multiple of 16 and fill struct is 4-bytes wide ?
pos = ROUND_UP(pos, 16);
}
- else if(SB_INST_OP(hdr->inst) == SB_INST_CALL ||
- SB_INST_OP(hdr->inst) == SB_INST_JUMP)
+ else if(hdr->opcode == SB_INST_CALL ||
+ hdr->opcode == SB_INST_JUMP)
{
- int is_call = (SB_INST_OP(hdr->inst) == SB_INST_CALL);
+ int is_call = (hdr->opcode == SB_INST_CALL);
struct sb_instruction_call_t *call = (struct sb_instruction_call_t *)&buf[pos];
color(RED);
if(is_call)
- printf("%sCALL", indent);
+ printf("CALL");
else
- printf("%sJUMP", indent);
+ printf("JUMP");
color(OFF);printf(" | ");
color(BLUE);
- printf("addr=%#08x", call->addr);
+ printf("addr=0x%08x", call->addr);
color(OFF);printf(" | ");
color(GREEN);
- printf("arg=%#08x\n", call->arg);
+ printf("arg=0x%08x\n", call->arg);
color(OFF);
pos += sizeof(struct sb_instruction_call_t);
@@ -373,7 +355,7 @@ static void extract_section(int data_sec, char name[5], byte *buf, int size, con
else
{
color(RED);
- printf("Unknown instruction %d at address %#08lx\n", SB_INST_OP(hdr->inst), (unsigned long)pos);
+ printf("Unknown instruction %d at address 0x%08lx\n", hdr->opcode, (unsigned long)pos);
break;
}
}
@@ -381,12 +363,27 @@ static void extract_section(int data_sec, char name[5], byte *buf, int size, con
static void extract(unsigned long filesize)
{
+ struct sha_1_params_t sha_1_params;
/* Basic header info */
color(BLUE);
printf("Basic info:\n");
color(GREEN);
printf("\tHeader SHA-1: ");
- printhex(0, 20);
+ byte *hdr_sha1 = &buf[0];
+ color(YELLOW);
+ print_sha1(hdr_sha1);
+ /* Check SHA1 sum */
+ byte computed_sha1[20];
+ sha_1_init(&sha_1_params);
+ sha_1_update(&sha_1_params, &buf[0x14], 0x4C);
+ sha_1_finish(&sha_1_params);
+ sha_1_output(&sha_1_params, computed_sha1);
+ color(RED);
+ if(memcmp(hdr_sha1, computed_sha1, 20) == 0)
+ printf(" Ok\n");
+ else
+ printf(" Failed\n");
+ color(GREEN);
printf("\tFlags: ");
printhex(0x18, 4);
printf("\tTotal file size : %ld\n", filesize);
@@ -448,6 +445,7 @@ static void extract(unsigned long filesize)
/* copy the cbc mac */
byte hdr_cbc_mac[16];
memcpy(hdr_cbc_mac, &buf[0x60 + 16 * num_chunks + 32 * i], 16);
+ color(YELLOW);
print_key(hdr_cbc_mac);
/* check it */
byte computed_cbc_mac[16];
@@ -464,14 +462,17 @@ static void extract(unsigned long filesize)
printf("\t\tEncrypted key : ");
byte (*encrypted_key)[16];
encrypted_key = (key_array_t)&buf[0x60 + 16 * num_chunks + 32 * i + 16];
+ color(YELLOW);
print_key(*encrypted_key);
printf("\n");
+ color(GREEN);
/* decrypt */
byte decrypted_key[16];
byte iv[16];
memcpy(iv, buf, 16); /* uses the first 16-bytes of SHA-1 sig as IV */
cbc_mac(*encrypted_key, decrypted_key, 1, keys[i], iv, NULL, 0);
printf("\t\tDecrypted key : ");
+ color(YELLOW);
print_key(decrypted_key);
/* cross-check or copy */
if(i == 0)
@@ -532,11 +533,32 @@ static void extract(unsigned long filesize)
/* final signature */
color(BLUE);
- printf("Final signature:\n\t");
+ printf("Final signature:\n");
color(GREEN);
+ printf("\tEncrypted signature:\n");
+ color(YELLOW);
+ printf("\t\t");
printhex(filesize - 32, 16);
- printf("\t");
+ printf("\t\t");
printhex(filesize - 16, 16);
+ /* decrypt it */
+ byte *encrypted_block = &buf[filesize - 32];
+ byte decrypted_block[32];
+ cbc_mac(encrypted_block, decrypted_block, 2, real_key, buf, NULL, 0);
+ color(GREEN);
+ printf("\tDecrypted SHA-1:\n\t\t");
+ color(YELLOW);
+ print_sha1(decrypted_block);
+ /* check it */
+ sha_1_init(&sha_1_params);
+ sha_1_update(&sha_1_params, buf, filesize - 32);
+ sha_1_finish(&sha_1_params);
+ sha_1_output(&sha_1_params, computed_sha1);
+ color(RED);
+ if(memcmp(decrypted_block, computed_sha1, 20) == 0)
+ printf(" Ok\n");
+ else
+ printf(" Failed\n");
}
int main(int argc, const char **argv)
diff --git a/utils/sbinfo/sha1.c b/utils/sbinfo/sha1.c
new file mode 100644
index 0000000000..99657fb14a
--- /dev/null
+++ b/utils/sbinfo/sha1.c
@@ -0,0 +1,150 @@
+/***************************************************************************
+ * __________ __ ___.
+ * Open \______ \ ____ ____ | | _\_ |__ _______ ___
+ * Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
+ * Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
+ * Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
+ * \/ \/ \/ \/ \/
+ * $Id$
+ *
+ * Copyright (C) 2010 Amaury Pouly
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+/* Based on http://en.wikipedia.org/wiki/SHA-1 */
+#include "crypto.h"
+
+static uint32_t rot_left(uint32_t val, int rot)
+{
+ return (val << rot) | (val >> (32 - rot));
+}
+
+static inline void byte_swapxx(byte *ptr, int size)
+{
+ for(int i = 0; i < size / 2; i++)
+ {
+ byte c = ptr[i];
+ ptr[i] = ptr[size - i - 1];
+ ptr[size - i - 1] = c;
+ }
+}
+
+static void byte_swap32(uint32_t *v)
+{
+ byte_swapxx((byte *)v, 4);
+}
+
+void sha_1_init(struct sha_1_params_t *params)
+{
+ params->hash[0] = 0x67452301;
+ params->hash[1] = 0xEFCDAB89;
+ params->hash[2] = 0x98BADCFE;
+ params->hash[3] = 0x10325476;
+ params->hash[4] = 0xC3D2E1F0;
+ params->buffer_nr_bits = 0;
+}
+
+void sha_1_update(struct sha_1_params_t *params, byte *buffer, int size)
+{
+ int buffer_nr_bytes = (params->buffer_nr_bits / 8) % 64;
+ params->buffer_nr_bits += 8 * size;
+ int pos = 0;
+ if(buffer_nr_bytes + size >= 64)
+ {
+ pos = 64 - buffer_nr_bytes;
+ memcpy((byte *)(params->w) + buffer_nr_bytes, buffer, 64 - buffer_nr_bytes);
+ sha_1_block(params, params->hash, (byte *)params->w);
+ for(; pos + 64 <= size; pos += 64)
+ sha_1_block(params, params->hash, buffer + pos);
+ buffer_nr_bytes = 0;
+ }
+ memcpy((byte *)(params->w) + buffer_nr_bytes, buffer + pos, size - pos);
+}
+
+void sha_1_finish(struct sha_1_params_t *params)
+{
+ /* length (in bits) in big endian BEFORE preprocessing */
+ byte length_big_endian[8];
+ memcpy(length_big_endian, &params->buffer_nr_bits, 8);
+ byte_swapxx(length_big_endian, 8);
+ /* append '1' and then '0's to the message to get 448 bit length for the last block */
+ byte b = 0x80;
+ sha_1_update(params, &b, 1);
+ b = 0;
+ while((params->buffer_nr_bits % 512) != 448)
+ sha_1_update(params, &b, 1);
+ /* append length */
+ sha_1_update(params, length_big_endian, 8);
+ /* go back to big endian */
+ for(int i = 0; i < 5; i++)
+ byte_swap32(&params->hash[i]);
+}
+
+void sha_1_output(struct sha_1_params_t *params, byte *out)
+{
+ memcpy(out, params->hash, 20);
+}
+
+void sha_1_block(struct sha_1_params_t *params, uint32_t cur_hash[5], byte *data)
+{
+ uint32_t a, b, c, d, e;
+ a = cur_hash[0];
+ b = cur_hash[1];
+ c = cur_hash[2];
+ d = cur_hash[3];
+ e = cur_hash[4];
+
+ #define w params->w
+
+ memcpy(w, data, 64);
+ for(int i = 0; i < 16; i++)
+ byte_swap32(&w[i]);
+
+ for(int i = 16; i <= 79; i++)
+ w[i] = rot_left(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1);
+
+ for(int i = 0; i<= 79; i++)
+ {
+ uint32_t f, k;
+ if(i <= 19)
+ {
+ f = (b & c) | ((~b) & d);
+ k = 0x5A827999;
+ }
+ else if(i <= 39)
+ {
+ f = b ^ c ^ d;
+ k = 0x6ED9EBA1;
+ }
+ else if(i <= 59)
+ {
+ f = (b & c) | (b & d) | (c & d);
+ k = 0x8F1BBCDC;
+ }
+ else
+ {
+ f = b ^ c ^ d;
+ k = 0xCA62C1D6;
+ }
+ uint32_t temp = rot_left(a, 5) + f + e + k + w[i];
+ e = d;
+ d = c;
+ c = rot_left(b, 30);
+ b = a;
+ a = temp;
+ }
+ #undef w
+
+ cur_hash[0] += a;
+ cur_hash[1] += b;
+ cur_hash[2] += c;
+ cur_hash[3] += d;
+ cur_hash[4] += e;
+}