diff options
Diffstat (limited to 'bootloader/main-pp.c')
-rw-r--r-- | bootloader/main-pp.c | 44 |
1 files changed, 10 insertions, 34 deletions
diff --git a/bootloader/main-pp.c b/bootloader/main-pp.c index 3aba71790a..72d45712fc 100644 --- a/bootloader/main-pp.c +++ b/bootloader/main-pp.c | |||
@@ -235,21 +235,12 @@ static void tea_decrypt_buf(unsigned char* src, unsigned char* dest, size_t n, u | |||
235 | } | 235 | } |
236 | } | 236 | } |
237 | 237 | ||
238 | static inline bool tea_test_key(unsigned char magic_enc[8], uint32_t * key, int unaligned) | 238 | static int tea_find_key(struct mi4header_t *mi4header, unsigned char* buf) |
239 | { | ||
240 | unsigned char magic_dec[8]; | ||
241 | tea_decrypt_buf(magic_enc, magic_dec, 8, key); | ||
242 | |||
243 | return (le2int(&magic_dec[4*unaligned]) == 0xaa55aa55); | ||
244 | } | ||
245 | |||
246 | static int tea_find_key(struct mi4header_t *mi4header, int fd) | ||
247 | { | 239 | { |
248 | unsigned int i; | 240 | unsigned int i; |
249 | int rc; | ||
250 | uint32_t key[4]; | 241 | uint32_t key[4]; |
251 | uint32_t keyinc; | 242 | uint32_t keyinc; |
252 | unsigned char magic_enc[8]; | 243 | unsigned char magic_dec[8]; |
253 | int key_found = -1; | 244 | int key_found = -1; |
254 | unsigned int magic_location = mi4header->length-4; | 245 | unsigned int magic_location = mi4header->length-4; |
255 | int unaligned = 0; | 246 | int unaligned = 0; |
@@ -260,12 +251,6 @@ static int tea_find_key(struct mi4header_t *mi4header, int fd) | |||
260 | magic_location -= 4; | 251 | magic_location -= 4; |
261 | } | 252 | } |
262 | 253 | ||
263 | /* Load encrypted magic 0xaa55aa55 to check key */ | ||
264 | lseek(fd, MI4_HEADER_SIZE + magic_location, SEEK_SET); | ||
265 | rc = read(fd, magic_enc, 8); | ||
266 | if(rc < 8 ) | ||
267 | return EREAD_IMAGE_FAILED; | ||
268 | |||
269 | printf("Searching for key:"); | 254 | printf("Searching for key:"); |
270 | 255 | ||
271 | for (i=0; i < NUM_KEYS && (key_found<0) ; i++) { | 256 | for (i=0; i < NUM_KEYS && (key_found<0) ; i++) { |
@@ -281,10 +266,13 @@ static int tea_find_key(struct mi4header_t *mi4header, int fd) | |||
281 | if (key[1]==0) key[2]++; | 266 | if (key[1]==0) key[2]++; |
282 | if (key[2]==0) key[3]++; | 267 | if (key[2]==0) key[3]++; |
283 | 268 | ||
284 | if (tea_test_key(magic_enc,key,unaligned)) | 269 | /* Decrypt putative magic */ |
270 | tea_decrypt_buf(&buf[magic_location], magic_dec, 8, key); | ||
271 | |||
272 | if (le2int(&magic_dec[4*unaligned]) == 0xaa55aa55) | ||
285 | { | 273 | { |
286 | key_found = i; | 274 | key_found = i; |
287 | printf("%s...found", tea_keytable[i].name); | 275 | printf("%s...found", tea_keytable[i].name); |
288 | } else { | 276 | } else { |
289 | /* printf("%s...failed", tea_keytable[i].name); */ | 277 | /* printf("%s...failed", tea_keytable[i].name); */ |
290 | } | 278 | } |
@@ -336,33 +324,25 @@ int load_mi4(unsigned char* buf, char* firmware, unsigned int buffer_size) | |||
336 | /* Load firmware file */ | 324 | /* Load firmware file */ |
337 | lseek(fd, MI4_HEADER_SIZE, SEEK_SET); | 325 | lseek(fd, MI4_HEADER_SIZE, SEEK_SET); |
338 | rc = read(fd, buf, mi4header.mi4size-MI4_HEADER_SIZE); | 326 | rc = read(fd, buf, mi4header.mi4size-MI4_HEADER_SIZE); |
327 | close(fd); | ||
339 | if(rc < (int)mi4header.mi4size-MI4_HEADER_SIZE) | 328 | if(rc < (int)mi4header.mi4size-MI4_HEADER_SIZE) |
340 | { | ||
341 | close(fd); | ||
342 | return EREAD_IMAGE_FAILED; | 329 | return EREAD_IMAGE_FAILED; |
343 | } | 330 | |
344 | |||
345 | /* Check CRC32 to see if we have a valid file */ | 331 | /* Check CRC32 to see if we have a valid file */ |
346 | sum = chksum_crc32 (buf, mi4header.mi4size - MI4_HEADER_SIZE); | 332 | sum = chksum_crc32 (buf, mi4header.mi4size - MI4_HEADER_SIZE); |
347 | 333 | ||
348 | printf("Calculated CRC32: %x", sum); | 334 | printf("Calculated CRC32: %x", sum); |
349 | 335 | ||
350 | if(sum != mi4header.crc32) | 336 | if(sum != mi4header.crc32) |
351 | { | ||
352 | close(fd); | ||
353 | return EBAD_CHKSUM; | 337 | return EBAD_CHKSUM; |
354 | } | ||
355 | 338 | ||
356 | if( (mi4header.plaintext + MI4_HEADER_SIZE) != mi4header.mi4size) | 339 | if( (mi4header.plaintext + MI4_HEADER_SIZE) != mi4header.mi4size) |
357 | { | 340 | { |
358 | /* Load encrypted firmware */ | 341 | /* Load encrypted firmware */ |
359 | int key_index = tea_find_key(&mi4header, fd); | 342 | int key_index = tea_find_key(&mi4header, buf); |
360 | 343 | ||
361 | if (key_index < 0) | 344 | if (key_index < 0) |
362 | { | ||
363 | close(fd); | ||
364 | return EINVALID_FORMAT; | 345 | return EINVALID_FORMAT; |
365 | } | ||
366 | 346 | ||
367 | /* Plaintext part is already loaded */ | 347 | /* Plaintext part is already loaded */ |
368 | buf += mi4header.plaintext; | 348 | buf += mi4header.plaintext; |
@@ -376,13 +356,9 @@ int load_mi4(unsigned char* buf, char* firmware, unsigned int buffer_size) | |||
376 | 356 | ||
377 | /* Check decryption was successfull */ | 357 | /* Check decryption was successfull */ |
378 | if(le2int(&buf[mi4header.length-mi4header.plaintext-4]) != 0xaa55aa55) | 358 | if(le2int(&buf[mi4header.length-mi4header.plaintext-4]) != 0xaa55aa55) |
379 | { | ||
380 | close(fd); | ||
381 | return EREAD_IMAGE_FAILED; | 359 | return EREAD_IMAGE_FAILED; |
382 | } | ||
383 | } | 360 | } |
384 | 361 | ||
385 | close(fd); | ||
386 | return EOK; | 362 | return EOK; |
387 | } | 363 | } |
388 | 364 | ||