1 files changed, 532 insertions, 0 deletions
diff --git a/rbutil/rbutilqt/irivertools/irivertools.cpp b/rbutil/rbutilqt/irivertools/irivertools.cpp
new file mode 100644
index 0000000000..f2cc59a8c2
--- /dev/null
+++ b/rbutil/rbutilqt/irivertools/irivertools.cpp
@@ -0,0 +1,532 @@
+/***************************************************************************
+ *             __________               __   ___.
+ *   Open      \______   \ ____   ____ |  | _\_ |__   _______  ___
+ *   Source     |       _//  _ \_/ ___\|  |/ /| __ \ /  _ \  \/  /
+ *   Jukebox    |    |   (  <_> )  \___|    < | \_\ (  <_> > <  <
+ *   Firmware   |____|_  /\____/ \___  >__|_ \|___  /\____/__/\_ \
+ *                     \/            \/     \/    \/            \/
+ * Module: rbutil
+ * File: irivertools.cpp
+ *
+ * Copyright (C) 2007 Dominik Wenger
+ *
+ * All files in this archive are subject to the GNU General Public License.
+ * See the file COPYING in the source tree root for full license agreement.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+#include "irivertools.h"
+const unsigned char munge[] = {
+  0x7a, 0x36, 0xc4, 0x43, 0x49, 0x6b, 0x35, 0x4e, 0xa3, 0x46, 0x25, 0x84,
+  0x4d, 0x73, 0x74, 0x61
+};
+const unsigned char header_modify[] = "* IHPFIRM-DECODED ";
+const char * const models[] = { "iHP-100", "iHP-120/iHP-140", "H300 series",
+                                NULL };
+/* aligns with models array;  expected min firmware size */
+const unsigned int firmware_minsize[] = { 0x100000, 0x100000, 0x200000 };
+/* aligns with models array;  expected max firmware size */
+const unsigned int firmware_maxsize[] = { 0x200000, 0x200000, 0x400000 };
+const unsigned char header[][16] = {
+  { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 },
+  { 0x20, 0x03, 0x08, 0x27, 0x24, 0x00, 0x02, 0x30, 0x19, 0x17, 0x65, 0x73,
+    0x85, 0x32, 0x83, 0x22 },
+  { 0x20, 0x04, 0x03, 0x27, 0x20, 0x50, 0x01, 0x70, 0x80, 0x30, 0x80, 0x06,
+    0x30, 0x19, 0x17, 0x65 }
+};
+/* begin mkboot.c excerpt */
+unsigned char image[0x400000 + 0x220 + 0x400000/0x200];
+bool mkboot(QString infile, QString outfile,QString bootloader,int origin,Ui::InstallProgressFrm* dp)
+{
+    int i;
+    int len,bllen;
+    int actual_length, total_length, binary_length, num_chksums;
+    memset(image, 0xff, sizeof(image));
+    /* First, read the iriver original firmware into the image */
+    QFile f(infile);
+    if(!f.open(QIODevice::ReadOnly))
+    {
+        dp->listProgress->addItem("Could not open: %1" + infile);
+        return false;
+    }
+    i = f.read((char*)image,16);
+    if(i < 16) {
+        dp->listProgress->addItem("reading header failed");
+        return false;
+    }
+    /* This is the length of the binary image without the scrambling
+       overhead (but including the ESTFBINR header) */
+    binary_length = image[4] + (image[5] << 8) +
+        (image[6] << 16) + (image[7] << 24);
+    /* Read the rest of the binary data, but not the checksum block */
+    len = binary_length+0x200-16;
+    i = f.read((char*)image+16, len);
+    if(i < len) {
+        dp->listProgress->addItem("reading firmware failed");
+        return false;
+    }
+    f.close();
+    /* Now, read the boot loader into the image */
+    f.setFileName(bootloader);
+    if(!f.open(QIODevice::ReadOnly))
+    {
+        dp->listProgress->addItem("Could not open: %1" + bootloader);
+        return false;
+    }
+    bllen = f.size();
+    i = f.read((char*)image+0x220 + origin, bllen);
+    if(i < bllen) {
+       dp->listProgress->addItem("reading bootloader failed"); 
+       return false;
+    }
+    f.close();
+    f.setFileName(outfile);
+    if(!f.open(QIODevice::WriteOnly))
+    {
+        dp->listProgress->addItem("Could not open: %1" + outfile);
+        return false;
+    }
+    /* Patch the reset vector to start the boot loader */
+    image[0x220 + 4] = image[origin + 0x220 + 4];
+    image[0x220 + 5] = image[origin + 0x220 + 5];
+    image[0x220 + 6] = image[origin + 0x220 + 6];
+    image[0x220 + 7] = image[origin + 0x220 + 7];
+    /* This is the actual length of the binary, excluding all headers */
+    actual_length = origin + bllen;
+    /* Patch the ESTFBINR header */
+    image[0x20c] = (actual_length >> 24) & 0xff;
+    image[0x20d] = (actual_length >> 16) & 0xff;
+    image[0x20e] = (actual_length >> 8) & 0xff;
+    image[0x20f] = actual_length & 0xff;
+    image[0x21c] = (actual_length >> 24) & 0xff;
+    image[0x21d] = (actual_length >> 16) & 0xff;
+    image[0x21e] = (actual_length >> 8) & 0xff;
+    image[0x21f] = actual_length & 0xff;
+    /* This is the length of the binary, including the ESTFBINR header and
+       rounded up to the nearest 0x200 boundary */
+    binary_length = (actual_length + 0x20 + 0x1ff) & 0xfffffe00;
+    /* The number of checksums, i.e number of 0x200 byte blocks */
+    num_chksums = binary_length / 0x200;
+    /* The total file length, including all headers and checksums */
+    total_length = binary_length + num_chksums + 0x200;
+    /* Patch the scrambler header with the new length info */
+    image[0] = total_length & 0xff;
+    image[1] = (total_length >> 8) & 0xff;
+    image[2] = (total_length >> 16) & 0xff;
+    image[3] = (total_length >> 24) & 0xff;
+    image[4] = binary_length & 0xff;
+    image[5] = (binary_length >> 8) & 0xff;
+    image[6] = (binary_length >> 16) & 0xff;
+    image[7] = (binary_length >> 24) & 0xff;
+    image[8] = num_chksums & 0xff;
+    image[9] = (num_chksums >> 8) & 0xff;
+    image[10] = (num_chksums >> 16) & 0xff;
+    image[11] = (num_chksums >> 24) & 0xff;
+    i = f.write((char*)image,total_length);
+    if(i < total_length) {
+        dp->listProgress->addItem("writing bootloader failed");
+        return false;
+    }
+    f.close();
+    return true;
+}
+/* end mkboot.c excerpt */
+int intable(char *md5, struct sumpairs *table, int len)
+{
+    int i;
+    for (i = 0; i < len; i++) {
+        if (strncmp(md5, table[i].unpatched, 32) == 0) {
+            return i;
+        }
+    }
+    return -1;
+}
+static int testheader( const unsigned char * const data )
+{
+    const unsigned char * const d = data+16;
+    const char * const * m = models;
+    int index = 0;
+    while( *m )
+    {
+        if( memcmp( header[ index ], d, 16 ) == 0 )
+            return index;
+        index++;
+        m++;
+    };
+    return -1;
+};
+static void modifyheader( unsigned char * data )
+{
+    const unsigned char * h = header_modify;
+    int i;
+    for( i=0; i<512; i++ )
+    {
+        if( *h == '\0' )
+            h = header_modify;
+        *data++ ^= *h++;
+    };
+};
+int iriver_decode(QString infile_name, QString outfile_name, unsigned int modify,
+                  enum striptype stripmode,Ui::InstallProgressFrm* dp )
+{
+    QFile infile(infile_name);
+    QFile outfile(outfile_name);
+    int i = -1;
+    unsigned char headerdata[512];
+    unsigned long dwLength1, dwLength2, dwLength3, fp = 0;
+    unsigned char blockdata[16+16];
+    unsigned char out[16];
+    unsigned char newmunge;
+    signed long lenread;
+    int s = 0;
+    unsigned char * pChecksums, * ppChecksums = 0;
+    unsigned char ck;
+     
+    if(!infile.open(QIODevice::ReadOnly))
+    {
+        dp->listProgress->addItem("Could not open: %1" + infile_name);
+        return -1;
+    }
+    if(!outfile.open(QIODevice::WriteOnly))
+    {
+        dp->listProgress->addItem("Could not open: %1" + outfile_name);
+        return -1;
+    }
+    lenread = infile.read( (char*)headerdata, 512);
+    if( lenread != 512 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid encrypted iHP" 
+                                    "firmware - reason: header length.");
+        infile.close();
+        outfile.close();
+        return -1;
+    };
+    i = testheader( headerdata );
+    if( i == -1 )
+    {
+        dp->listProgress->addItem("This firmware is for an unknown model, or is not"
+                                    " a valid encrypted iHP firmware.");
+        infile.close();
+        outfile.close();
+        return -1;
+    };
+    fprintf( stderr, "Model %s\n", models[ i ] );
+    dwLength1 = headerdata[0] | (headerdata[1]<<8) |
+        (headerdata[2]<<16) | (headerdata[3]<<24);
+    dwLength2 = headerdata[4] | (headerdata[5]<<8) |
+        (headerdata[6]<<16) | (headerdata[7]<<24);
+    dwLength3 = headerdata[8] | (headerdata[9]<<8) |
+        (headerdata[10]<<16) | (headerdata[11]<<24);
+    if( dwLength1 < firmware_minsize[ i ] ||
+        dwLength1 > firmware_maxsize[ i ] ||
+        dwLength2 < firmware_minsize[ i ] ||
+        dwLength2 > dwLength1 ||
+        dwLength3 > dwLength1 ||
+        dwLength2>>9 != dwLength3 ||
+        dwLength2+dwLength3+512 != dwLength1 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid encrypted "
+                                    "iHP firmware - reason: file 'length' data.");
+        infile.close();
+        outfile.close();
+        return -1;
+    };
+    pChecksums = ppChecksums = (unsigned char *)( malloc( dwLength3 ) );
+    if( modify )
+    {
+        modifyheader( headerdata );
+    };
+    if( stripmode == STRIP_NONE )
+        outfile.write( (char*)headerdata, 512);
+    memset( blockdata, 0, 16 );
+    ck = 0;
+    while( ( fp < dwLength2 ) &&
+           ( lenread = infile.read( (char*)blockdata+16, 16) == 16) )
+    {
+        fp += 16;
+        for( i=0; i<16; ++i )
+        {
+            newmunge = blockdata[16+i] ^ munge[i];
+            out[i] = newmunge ^ blockdata[i];
+            blockdata[i] = newmunge;
+            ck += out[i];
+        }
+        if( fp > ESTF_SIZE || stripmode != STRIP_HEADER_CHECKSUM_ESTF )
+        {
+            outfile.write( (char*)out+4, 12);
+            outfile.write( (char*)out, 4);
+        }
+        else
+        {
+            if( ESTF_SIZE - fp < 16 )
+            {
+                memcpy( out+4, blockdata+16, 12 );
+                memcpy( out, blockdata+28, 4 );
+                outfile.write((char*) blockdata+16+ESTF_SIZE-fp, ESTF_SIZE-fp);
+            }
+        }
+        if( s == 496 )
+        {
+            s = 0;
+            memset( blockdata, 0, 16 );
+            *ppChecksums++ = ck;
+            ck = 0;
+        }
+        else
+            s+=16;
+    };
+    if( fp != dwLength2 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid encrypted "
+                                    "iHP firmware - reason: 'length2' mismatch.");
+        infile.close();
+        outfile.close();
+        return -1;
+    };
+    fp = 0;
+    ppChecksums = pChecksums;
+    while( ( fp < dwLength3 ) &&
+           ( lenread = infile.read((char*) blockdata, 32 ) ) > 0 )
+    {
+        fp += lenread;
+        if( stripmode == STRIP_NONE )
+            outfile.write((char*) blockdata, lenread );
+        if( memcmp( ppChecksums, blockdata, lenread ) != 0 )
+        {
+            dp->listProgress->addItem("This doesn't look like a valid encrypted "
+                                    "iHP firmware - reason: Checksum mismatch!");
+            infile.close();
+            outfile.close();
+            return -1;
+        };
+        ppChecksums += lenread;
+    };
+    if( fp != dwLength3 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid encrypted "
+                                    "iHP firmware - reason: 'length3' mismatch.");
+        infile.close();
+        outfile.close();
+        return -1;
+    };
+    fprintf( stderr, "File decoded correctly and all checksums matched!\n" );
+    switch( stripmode )
+    {
+        default:
+        case STRIP_NONE:
+            fprintf(stderr, "Output file contains all headers and "
+                    "checksums\n");
+            break;
+        case STRIP_HEADER_CHECKSUM:
+            fprintf( stderr, "NB:  output file contains only ESTFBINR header"
+                     " and decoded firmware code\n" );
+            break;
+        case STRIP_HEADER_CHECKSUM_ESTF:
+            fprintf( stderr, "NB:  output file contains only raw decoded "
+                     "firmware code\n" );
+            break;
+    };
+    infile.close();
+    outfile.close();
+    return 0;
+};
+int iriver_encode(QString infile_name, QString outfile_name, unsigned int modify,Ui::InstallProgressFrm* dp )
+{
+    QFile infile(infile_name);
+    QFile outfile(outfile_name);
+    int i = -1;
+    unsigned char headerdata[512];
+    unsigned long dwLength1, dwLength2, dwLength3, fp = 0;
+    unsigned char blockdata[16+16];
+    unsigned char out[16];
+    unsigned char newmunge;
+    signed long lenread;
+    int s = 0;
+    unsigned char * pChecksums, * ppChecksums;
+    unsigned char ck;
+    if(!infile.open(QIODevice::ReadOnly))
+    {
+        dp->listProgress->addItem("Could not open: %1" + infile_name);
+        return -1;
+    }
+    if(!outfile.open(QIODevice::WriteOnly))
+    {
+        dp->listProgress->addItem("Could not open: %1" + outfile_name);
+        return -1;
+    }
+    lenread = infile.read((char*) headerdata, 512 );
+    if( lenread != 512 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid decoded "
+                                    "iHP firmware - reason: header length.");
+        infile.close();
+        outfile.close();
+    };
+    if( modify )
+    {
+        modifyheader( headerdata ); /* reversible */
+    };
+    i = testheader( headerdata );
+    if( i == -1 )
+    {
+        dp->listProgress->addItem("This firmware is for an unknown model, or is not"
+                                    " a valid decoded iHP firmware.");
+        infile.close();
+        outfile.close();
+    };
+    fprintf( stderr, "Model %s\n", models[ i ] );
+    dwLength1 = headerdata[0] | (headerdata[1]<<8) |
+        (headerdata[2]<<16) | (headerdata[3]<<24);
+    dwLength2 = headerdata[4] | (headerdata[5]<<8) |
+        (headerdata[6]<<16) | (headerdata[7]<<24);
+    dwLength3 = headerdata[8] | (headerdata[9]<<8) |
+        (headerdata[10]<<16) | (headerdata[11]<<24);
+    if( dwLength1 < firmware_minsize[i] ||
+        dwLength1 > firmware_maxsize[i] ||
+        dwLength2 < firmware_minsize[i] ||
+        dwLength2 > dwLength1 ||
+        dwLength3 > dwLength1 ||
+        dwLength2+dwLength3+512 != dwLength1 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid decoded "
+                                    "iHP firmware - reason:file 'length' data.");
+        infile.close();
+        outfile.close();
+    };
+    pChecksums = ppChecksums = (unsigned char *)( malloc( dwLength3 ) );
+    outfile.write( (char*)headerdata, 512);
+    memset( blockdata, 0, 16 );
+    ck = 0;
+    while( ( fp < dwLength2 ) &&
+           ( lenread = infile.read((char*) blockdata+16, 16) ) == 16 )
+    {
+        fp += 16;
+        for( i=0; i<16; ++i )
+        {
+            newmunge = blockdata[16+((12+i)&0xf)] ^ blockdata[i];
+            out[i] = newmunge ^ munge[i];
+            ck += blockdata[16+i];
+            blockdata[i] = newmunge;
+        };
+        outfile.write( (char*)out, 16);
+        if( s == 496 )
+        {
+            s = 0;
+            memset( blockdata, 0, 16 );
+            *ppChecksums++ = ck;
+            ck = 0;
+        }
+        else
+            s+=16;
+    };
+    if( fp != dwLength2 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid decoded "
+                                    "iHP firmware - reason: 'length1' mismatch.");
+        infile.close();
+        outfile.close();
+    };
+    /* write out remainder w/out applying descrambler */
+    fp = 0;
+    lenread = dwLength3;
+    ppChecksums = pChecksums;
+    while( ( fp < dwLength3) &&
+           ( lenread = outfile.write((char*) ppChecksums, lenread) ) > 0 )
+    {
+        fp += lenread;
+        ppChecksums += lenread;
+        lenread = dwLength3 - fp;
+    };
+    if( fp != dwLength3 )
+    {
+        dp->listProgress->addItem("This doesn't look like a valid decoded "
+                                    "iHP firmware - 'length2' mismatch.");
+        infile.close();
+        outfile.close();
+    };
+    fprintf( stderr, "File encoded successfully and checksum table built!\n" );
+    infile.close();
+    outfile.close();
+    return 0;
+};

diff --git a/rbutil/rbutilqt/irivertools/irivertools.cpp b/rbutil/rbutilqt/irivertools/irivertools.cpp new file mode 100644 index 0000000000..f2cc59a8c2 --- /dev/null +++ b/rbutil/rbutilqt/irivertools/irivertools.cpp
@@ -0,0 +1,532 @@
	1	/***************************************************************************
	2	* __________ __ ___.
	3	* Open \______ \ ____ ____ \| \| _\_ \|__ _______ ___
	4	* Source \| _// _ \_/ ___\\| \|/ /\| __ \ / _ \ \/ /
	5	* Jukebox \| \| ( <_> ) \___\| < \| \_\ ( <_> > < <
	6	* Firmware \|____\|_ /\____/ \___ >__\|_ \\|___ /\____/__/\_ \
	7	* \/ \/ \/ \/ \/
	8	* Module: rbutil
	9	* File: irivertools.cpp
	10	*
	11	* Copyright (C) 2007 Dominik Wenger
	12	*
	13	* All files in this archive are subject to the GNU General Public License.
	14	* See the file COPYING in the source tree root for full license agreement.
	15	*
	16	* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
	17	* KIND, either express or implied.
	18	*
	19	****************************************************************************/
	20
	21	#include "irivertools.h"
	22
	23
	24	const unsigned char munge[] = {
	25	0x7a, 0x36, 0xc4, 0x43, 0x49, 0x6b, 0x35, 0x4e, 0xa3, 0x46, 0x25, 0x84,
	26	0x4d, 0x73, 0x74, 0x61
	27	};
	28
	29	const unsigned char header_modify[] = "* IHPFIRM-DECODED ";
	30
	31	const char * const models[] = { "iHP-100", "iHP-120/iHP-140", "H300 series",
	32	NULL };
	33
	34	/* aligns with models array; expected min firmware size */
	35	const unsigned int firmware_minsize[] = { 0x100000, 0x100000, 0x200000 };
	36	/* aligns with models array; expected max firmware size */
	37	const unsigned int firmware_maxsize[] = { 0x200000, 0x200000, 0x400000 };
	38
	39	const unsigned char header[][16] = {
	40	{ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 },
	41	{ 0x20, 0x03, 0x08, 0x27, 0x24, 0x00, 0x02, 0x30, 0x19, 0x17, 0x65, 0x73,
	42	0x85, 0x32, 0x83, 0x22 },
	43	{ 0x20, 0x04, 0x03, 0x27, 0x20, 0x50, 0x01, 0x70, 0x80, 0x30, 0x80, 0x06,
	44	0x30, 0x19, 0x17, 0x65 }
	45	};
	46
	47	/* begin mkboot.c excerpt */
	48	unsigned char image[0x400000 + 0x220 + 0x400000/0x200];
	49
	50	bool mkboot(QString infile, QString outfile,QString bootloader,int origin,Ui::InstallProgressFrm* dp)
	51	{
	52	int i;
	53	int len,bllen;
	54	int actual_length, total_length, binary_length, num_chksums;
	55
	56	memset(image, 0xff, sizeof(image));
	57
	58	/* First, read the iriver original firmware into the image */
	59	QFile f(infile);
	60	if(!f.open(QIODevice::ReadOnly))
	61	{
	62	dp->listProgress->addItem("Could not open: %1" + infile);
	63	return false;
	64	}
	65	i = f.read((char*)image,16);
	66	if(i < 16) {
	67	dp->listProgress->addItem("reading header failed");
	68	return false;
	69	}
	70
	71	/* This is the length of the binary image without the scrambling
	72	overhead (but including the ESTFBINR header) */
	73	binary_length = image[4] + (image[5] << 8) +
	74	(image[6] << 16) + (image[7] << 24);
	75
	76	/* Read the rest of the binary data, but not the checksum block */
	77	len = binary_length+0x200-16;
	78	i = f.read((char*)image+16, len);
	79	if(i < len) {
	80	dp->listProgress->addItem("reading firmware failed");
	81	return false;
	82	}
	83
	84	f.close();
	85	/* Now, read the boot loader into the image */
	86	f.setFileName(bootloader);
	87	if(!f.open(QIODevice::ReadOnly))
	88	{
	89	dp->listProgress->addItem("Could not open: %1" + bootloader);
	90	return false;
	91	}
	92
	93	bllen = f.size();
	94
	95	i = f.read((char*)image+0x220 + origin, bllen);
	96	if(i < bllen) {
	97	dp->listProgress->addItem("reading bootloader failed");
	98	return false;
	99	}
	100
	101	f.close();
	102	f.setFileName(outfile);
	103	if(!f.open(QIODevice::WriteOnly))
	104	{
	105	dp->listProgress->addItem("Could not open: %1" + outfile);
	106	return false;
	107	}
	108
	109	/* Patch the reset vector to start the boot loader */
	110	image[0x220 + 4] = image[origin + 0x220 + 4];
	111	image[0x220 + 5] = image[origin + 0x220 + 5];
	112	image[0x220 + 6] = image[origin + 0x220 + 6];
	113	image[0x220 + 7] = image[origin + 0x220 + 7];
	114
	115	/* This is the actual length of the binary, excluding all headers */
	116	actual_length = origin + bllen;
	117
	118	/* Patch the ESTFBINR header */
	119	image[0x20c] = (actual_length >> 24) & 0xff;
	120	image[0x20d] = (actual_length >> 16) & 0xff;
	121	image[0x20e] = (actual_length >> 8) & 0xff;
	122	image[0x20f] = actual_length & 0xff;
	123
	124	image[0x21c] = (actual_length >> 24) & 0xff;
	125	image[0x21d] = (actual_length >> 16) & 0xff;
	126	image[0x21e] = (actual_length >> 8) & 0xff;
	127	image[0x21f] = actual_length & 0xff;
	128
	129	/* This is the length of the binary, including the ESTFBINR header and
	130	rounded up to the nearest 0x200 boundary */
	131	binary_length = (actual_length + 0x20 + 0x1ff) & 0xfffffe00;
	132
	133	/* The number of checksums, i.e number of 0x200 byte blocks */
	134	num_chksums = binary_length / 0x200;
	135
	136	/* The total file length, including all headers and checksums */
	137	total_length = binary_length + num_chksums + 0x200;
	138
	139	/* Patch the scrambler header with the new length info */
	140	image[0] = total_length & 0xff;
	141	image[1] = (total_length >> 8) & 0xff;
	142	image[2] = (total_length >> 16) & 0xff;
	143	image[3] = (total_length >> 24) & 0xff;
	144
	145	image[4] = binary_length & 0xff;
	146	image[5] = (binary_length >> 8) & 0xff;
	147	image[6] = (binary_length >> 16) & 0xff;
	148	image[7] = (binary_length >> 24) & 0xff;
	149
	150	image[8] = num_chksums & 0xff;
	151	image[9] = (num_chksums >> 8) & 0xff;
	152	image[10] = (num_chksums >> 16) & 0xff;
	153	image[11] = (num_chksums >> 24) & 0xff;
	154
	155	i = f.write((char*)image,total_length);
	156	if(i < total_length) {
	157	dp->listProgress->addItem("writing bootloader failed");
	158	return false;
	159	}
	160
	161	f.close();
	162
	163	return true;
	164	}
	165
	166	/* end mkboot.c excerpt */
	167
	168
	169	int intable(char md5, struct sumpairs table, int len)
	170	{
	171	int i;
	172	for (i = 0; i < len; i++) {
	173	if (strncmp(md5, table[i].unpatched, 32) == 0) {
	174	return i;
	175	}
	176	}
	177	return -1;
	178	}
	179
	180
	181
	182
	183	static int testheader( const unsigned char * const data )
	184	{
	185	const unsigned char * const d = data+16;
	186	const char * const * m = models;
	187	int index = 0;
	188	while( *m )
	189	{
	190	if( memcmp( header[ index ], d, 16 ) == 0 )
	191	return index;
	192	index++;
	193	m++;
	194	};
	195	return -1;
	196	};
	197
	198	static void modifyheader( unsigned char * data )
	199	{
	200	const unsigned char * h = header_modify;
	201	int i;
	202	for( i=0; i<512; i++ )
	203	{
	204	if( *h == '\0' )
	205	h = header_modify;
	206	data++ ^= h++;
	207	};
	208	};
	209
	210	int iriver_decode(QString infile_name, QString outfile_name, unsigned int modify,
	211	enum striptype stripmode,Ui::InstallProgressFrm* dp )
	212	{
	213	QFile infile(infile_name);
	214	QFile outfile(outfile_name);
	215	int i = -1;
	216	unsigned char headerdata[512];
	217	unsigned long dwLength1, dwLength2, dwLength3, fp = 0;
	218	unsigned char blockdata[16+16];
	219	unsigned char out[16];
	220	unsigned char newmunge;
	221	signed long lenread;
	222	int s = 0;
	223	unsigned char * pChecksums, * ppChecksums = 0;
	224	unsigned char ck;
	225
	226
	227	if(!infile.open(QIODevice::ReadOnly))
	228	{
	229	dp->listProgress->addItem("Could not open: %1" + infile_name);
	230	return -1;
	231	}
	232	if(!outfile.open(QIODevice::WriteOnly))
	233	{
	234	dp->listProgress->addItem("Could not open: %1" + outfile_name);
	235	return -1;
	236	}
	237	lenread = infile.read( (char*)headerdata, 512);
	238	if( lenread != 512 )
	239	{
	240	dp->listProgress->addItem("This doesn't look like a valid encrypted iHP"
	241	"firmware - reason: header length.");
	242	infile.close();
	243	outfile.close();
	244	return -1;
	245	};
	246
	247	i = testheader( headerdata );
	248	if( i == -1 )
	249	{
	250	dp->listProgress->addItem("This firmware is for an unknown model, or is not"
	251	" a valid encrypted iHP firmware.");
	252	infile.close();
	253	outfile.close();
	254	return -1;
	255	};
	256	fprintf( stderr, "Model %s\n", models[ i ] );
	257
	258	dwLength1 = headerdata[0] \| (headerdata[1]<<8) \|
	259	(headerdata[2]<<16) \| (headerdata[3]<<24);
	260	dwLength2 = headerdata[4] \| (headerdata[5]<<8) \|
	261	(headerdata[6]<<16) \| (headerdata[7]<<24);
	262	dwLength3 = headerdata[8] \| (headerdata[9]<<8) \|
	263	(headerdata[10]<<16) \| (headerdata[11]<<24);
	264
	265	if( dwLength1 < firmware_minsize[ i ] \|\|
	266	dwLength1 > firmware_maxsize[ i ] \|\|
	267	dwLength2 < firmware_minsize[ i ] \|\|
	268	dwLength2 > dwLength1 \|\|
	269	dwLength3 > dwLength1 \|\|
	270	dwLength2>>9 != dwLength3 \|\|
	271	dwLength2+dwLength3+512 != dwLength1 )
	272	{
	273	dp->listProgress->addItem("This doesn't look like a valid encrypted "
	274	"iHP firmware - reason: file 'length' data.");
	275	infile.close();
	276	outfile.close();
	277	return -1;
	278	};
	279
	280	pChecksums = ppChecksums = (unsigned char *)( malloc( dwLength3 ) );
	281
	282	if( modify )
	283	{
	284	modifyheader( headerdata );
	285	};
	286
	287	if( stripmode == STRIP_NONE )
	288	outfile.write( (char*)headerdata, 512);
	289
	290	memset( blockdata, 0, 16 );
	291
	292	ck = 0;
	293	while( ( fp < dwLength2 ) &&
	294	( lenread = infile.read( (char*)blockdata+16, 16) == 16) )
	295	{
	296	fp += 16;
	297
	298	for( i=0; i<16; ++i )
	299	{
	300	newmunge = blockdata[16+i] ^ munge[i];
	301	out[i] = newmunge ^ blockdata[i];
	302	blockdata[i] = newmunge;
	303	ck += out[i];
	304	}
	305
	306	if( fp > ESTF_SIZE \|\| stripmode != STRIP_HEADER_CHECKSUM_ESTF )
	307	{
	308	outfile.write( (char*)out+4, 12);
	309	outfile.write( (char*)out, 4);
	310	}
	311	else
	312	{
	313	if( ESTF_SIZE - fp < 16 )
	314	{
	315	memcpy( out+4, blockdata+16, 12 );
	316	memcpy( out, blockdata+28, 4 );
	317	outfile.write((char*) blockdata+16+ESTF_SIZE-fp, ESTF_SIZE-fp);
	318	}
	319	}
	320
	321
	322	if( s == 496 )
	323	{
	324	s = 0;
	325	memset( blockdata, 0, 16 );
	326	*ppChecksums++ = ck;
	327	ck = 0;
	328	}
	329	else
	330	s+=16;
	331	};
	332
	333	if( fp != dwLength2 )
	334	{
	335	dp->listProgress->addItem("This doesn't look like a valid encrypted "
	336	"iHP firmware - reason: 'length2' mismatch.");
	337	infile.close();
	338	outfile.close();
	339	return -1;
	340	};
	341
	342	fp = 0;
	343	ppChecksums = pChecksums;
	344	while( ( fp < dwLength3 ) &&
	345	( lenread = infile.read((char*) blockdata, 32 ) ) > 0 )
	346	{
	347	fp += lenread;
	348	if( stripmode == STRIP_NONE )
	349	outfile.write((char*) blockdata, lenread );
	350	if( memcmp( ppChecksums, blockdata, lenread ) != 0 )
	351	{
	352	dp->listProgress->addItem("This doesn't look like a valid encrypted "
	353	"iHP firmware - reason: Checksum mismatch!");
	354	infile.close();
	355	outfile.close();
	356	return -1;
	357	};
	358	ppChecksums += lenread;
	359	};
	360
	361	if( fp != dwLength3 )
	362	{
	363	dp->listProgress->addItem("This doesn't look like a valid encrypted "
	364	"iHP firmware - reason: 'length3' mismatch.");
	365	infile.close();
	366	outfile.close();
	367	return -1;
	368	};
	369
	370
	371	fprintf( stderr, "File decoded correctly and all checksums matched!\n" );
	372	switch( stripmode )
	373	{
	374	default:
	375	case STRIP_NONE:
	376	fprintf(stderr, "Output file contains all headers and "
	377	"checksums\n");
	378	break;
	379	case STRIP_HEADER_CHECKSUM:
	380	fprintf( stderr, "NB: output file contains only ESTFBINR header"
	381	" and decoded firmware code\n" );
	382	break;
	383	case STRIP_HEADER_CHECKSUM_ESTF:
	384	fprintf( stderr, "NB: output file contains only raw decoded "
	385	"firmware code\n" );
	386	break;
	387	};
	388
	389	infile.close();
	390	outfile.close();
	391	return 0;
	392
	393	};
	394
	395	int iriver_encode(QString infile_name, QString outfile_name, unsigned int modify,Ui::InstallProgressFrm* dp )
	396	{
	397	QFile infile(infile_name);
	398	QFile outfile(outfile_name);
	399	int i = -1;
	400	unsigned char headerdata[512];
	401	unsigned long dwLength1, dwLength2, dwLength3, fp = 0;
	402	unsigned char blockdata[16+16];
	403	unsigned char out[16];
	404	unsigned char newmunge;
	405	signed long lenread;
	406	int s = 0;
	407	unsigned char * pChecksums, * ppChecksums;
	408	unsigned char ck;
	409
	410	if(!infile.open(QIODevice::ReadOnly))
	411	{
	412	dp->listProgress->addItem("Could not open: %1" + infile_name);
	413	return -1;
	414	}
	415	if(!outfile.open(QIODevice::WriteOnly))
	416	{
	417	dp->listProgress->addItem("Could not open: %1" + outfile_name);
	418	return -1;
	419	}
	420
	421	lenread = infile.read((char*) headerdata, 512 );
	422	if( lenread != 512 )
	423	{
	424	dp->listProgress->addItem("This doesn't look like a valid decoded "
	425	"iHP firmware - reason: header length.");
	426	infile.close();
	427	outfile.close();
	428	};
	429
	430	if( modify )
	431	{
	432	modifyheader( headerdata ); /* reversible */
	433	};
	434
	435	i = testheader( headerdata );
	436	if( i == -1 )
	437	{
	438	dp->listProgress->addItem("This firmware is for an unknown model, or is not"
	439	" a valid decoded iHP firmware.");
	440	infile.close();
	441	outfile.close();
	442	};
	443	fprintf( stderr, "Model %s\n", models[ i ] );
	444
	445	dwLength1 = headerdata[0] \| (headerdata[1]<<8) \|
	446	(headerdata[2]<<16) \| (headerdata[3]<<24);
	447	dwLength2 = headerdata[4] \| (headerdata[5]<<8) \|
	448	(headerdata[6]<<16) \| (headerdata[7]<<24);
	449	dwLength3 = headerdata[8] \| (headerdata[9]<<8) \|
	450	(headerdata[10]<<16) \| (headerdata[11]<<24);
	451
	452	if( dwLength1 < firmware_minsize[i] \|\|
	453	dwLength1 > firmware_maxsize[i] \|\|
	454	dwLength2 < firmware_minsize[i] \|\|
	455	dwLength2 > dwLength1 \|\|
	456	dwLength3 > dwLength1 \|\|
	457	dwLength2+dwLength3+512 != dwLength1 )
	458	{
	459	dp->listProgress->addItem("This doesn't look like a valid decoded "
	460	"iHP firmware - reason:file 'length' data.");
	461	infile.close();
	462	outfile.close();
	463	};
	464
	465	pChecksums = ppChecksums = (unsigned char *)( malloc( dwLength3 ) );
	466
	467	outfile.write( (char*)headerdata, 512);
	468
	469	memset( blockdata, 0, 16 );
	470	ck = 0;
	471	while( ( fp < dwLength2 ) &&
	472	( lenread = infile.read((char*) blockdata+16, 16) ) == 16 )
	473	{
	474	fp += 16;
	475	for( i=0; i<16; ++i )
	476	{
	477	newmunge = blockdata[16+((12+i)&0xf)] ^ blockdata[i];
	478	out[i] = newmunge ^ munge[i];
	479	ck += blockdata[16+i];
	480	blockdata[i] = newmunge;
	481	};
	482	outfile.write( (char*)out, 16);
	483
	484	if( s == 496 )
	485	{
	486	s = 0;
	487	memset( blockdata, 0, 16 );
	488	*ppChecksums++ = ck;
	489	ck = 0;
	490	}
	491	else
	492	s+=16;
	493	};
	494
	495	if( fp != dwLength2 )
	496	{
	497	dp->listProgress->addItem("This doesn't look like a valid decoded "
	498	"iHP firmware - reason: 'length1' mismatch.");
	499	infile.close();
	500	outfile.close();
	501	};
	502
	503	/* write out remainder w/out applying descrambler */
	504	fp = 0;
	505	lenread = dwLength3;
	506	ppChecksums = pChecksums;
	507	while( ( fp < dwLength3) &&
	508	( lenread = outfile.write((char*) ppChecksums, lenread) ) > 0 )
	509	{
	510	fp += lenread;
	511	ppChecksums += lenread;
	512	lenread = dwLength3 - fp;
	513	};
	514
	515	if( fp != dwLength3 )
	516	{
	517	dp->listProgress->addItem("This doesn't look like a valid decoded "
	518	"iHP firmware - 'length2' mismatch.");
	519	infile.close();
	520	outfile.close();
	521	};
	522
	523	fprintf( stderr, "File encoded successfully and checksum table built!\n" );
	524
	525	infile.close();
	526	outfile.close();
	527	return 0;
	528
	529	};
	530
	531
	532