1 files changed, 426 insertions, 0 deletions
diff --git a/utils/sbtools/sb.c b/utils/sbtools/sb.c
new file mode 100644
index 0000000000..3921710a2d
--- /dev/null
+++ b/utils/sbtools/sb.c
@@ -0,0 +1,426 @@
+/***************************************************************************
+ *             __________               __   ___.
+ *   Open      \______   \ ____   ____ |  | _\_ |__   _______  ___
+ *   Source     |       _//  _ \_/ ___\|  |/ /| __ \ /  _ \  \/  /
+ *   Jukebox    |    |   (  <_> )  \___|    < | \_\ (  <_> > <  <
+ *   Firmware   |____|_  /\____/ \___  >__|_ \|___  /\____/__/\_ \
+ *                     \/            \/     \/    \/            \/
+ * $Id$
+ *
+ * Copyright (C) 2011 Amaury Pouly
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+#include <stdio.h>
+#include <time.h>
+#include <stdlib.h>
+#include "misc.h"
+#include "crypto.h"
+#include "sb.h"
+static void fill_gaps(struct sb_file_t *sb)
+{
+    for(int i = 0; i < sb->nr_sections; i++)
+    {
+        struct sb_section_t *sec = &sb->sections[i];
+        for(int j = 0; j < sec->nr_insts; j++)
+        {
+            struct sb_inst_t *inst = &sec->insts[j];
+            if(inst->inst != SB_INST_LOAD)
+                continue;
+            inst->padding_size = ROUND_UP(inst->size, BLOCK_SIZE) - inst->size;
+            /* emulate elftosb2 behaviour: generate 15 bytes (that's a safe maximum) */
+            inst->padding = xmalloc(15);
+            generate_random_data(inst->padding, 15);
+        }
+    }
+}
+static void compute_sb_offsets(struct sb_file_t *sb)
+{
+    sb->image_size = 0;
+    /* sb header */
+    sb->image_size += sizeof(struct sb_header_t) / BLOCK_SIZE;
+    /* sections headers */
+    sb->image_size += sb->nr_sections * sizeof(struct sb_section_header_t) / BLOCK_SIZE;
+    /* key dictionary */
+    sb->image_size += g_nr_keys * sizeof(struct sb_key_dictionary_entry_t) / BLOCK_SIZE;
+    /* sections */
+    for(int i = 0; i < sb->nr_sections; i++)
+    {
+        /* each section has a preliminary TAG command */
+        sb->image_size += sizeof(struct sb_instruction_tag_t) / BLOCK_SIZE;
+        /* we might need to pad the section so compute next alignment */
+        uint32_t alignment = BLOCK_SIZE;
+        if((i + 1) < sb->nr_sections)
+            alignment = sb->sections[i + 1].alignment;
+        alignment /= BLOCK_SIZE; /* alignment in block sizes */
+        
+        struct sb_section_t *sec = &sb->sections[i];
+        if(g_debug)
+        {
+            printf("%s section 0x%08x", sec->is_data ? "Data" : "Boot",
+                sec->identifier);
+            if(sec->is_cleartext)
+                printf(" (cleartext)");
+            printf("\n");
+        }
+        
+        sec->file_offset = sb->image_size;
+        for(int j = 0; j < sec->nr_insts; j++)
+        {
+            struct sb_inst_t *inst = &sec->insts[j];
+            if(inst->inst == SB_INST_CALL || inst->inst == SB_INST_JUMP)
+            {
+                if(g_debug)
+                    printf("  %s | addr=0x%08x | arg=0x%08x\n",
+                        inst->inst == SB_INST_CALL ? "CALL" : "JUMP", inst->addr, inst->argument);
+                sb->image_size += sizeof(struct sb_instruction_call_t) / BLOCK_SIZE;
+                sec->sec_size += sizeof(struct sb_instruction_call_t) / BLOCK_SIZE;
+            }
+            else if(inst->inst == SB_INST_FILL)
+            {
+                if(g_debug)
+                    printf("  FILL | addr=0x%08x | len=0x%08x | pattern=0x%08x\n",
+                        inst->addr, inst->size, inst->pattern);
+                sb->image_size += sizeof(struct sb_instruction_fill_t) / BLOCK_SIZE;
+                sec->sec_size += sizeof(struct sb_instruction_fill_t) / BLOCK_SIZE;
+            }
+            else if(inst->inst == SB_INST_LOAD)
+            {
+                if(g_debug)
+                    printf("  LOAD | addr=0x%08x | len=0x%08x\n", inst->addr, inst->size);
+                /* load header */
+                sb->image_size += sizeof(struct sb_instruction_load_t) / BLOCK_SIZE;
+                sec->sec_size += sizeof(struct sb_instruction_load_t) / BLOCK_SIZE;
+                /* data + alignment */
+                sb->image_size += (inst->size + inst->padding_size) / BLOCK_SIZE;
+                sec->sec_size += (inst->size + inst->padding_size) / BLOCK_SIZE;
+            }
+            else if(inst->inst == SB_INST_MODE)
+            {
+                if(g_debug)
+                    printf("  MODE | mod=0x%08x", inst->addr);
+                sb->image_size += sizeof(struct sb_instruction_mode_t) / BLOCK_SIZE;
+                sec->sec_size += sizeof(struct sb_instruction_mode_t) / BLOCK_SIZE;
+            }
+            else if(inst->inst == SB_INST_DATA)
+            {
+                if(g_debug)
+                    printf("  DATA | size=0x%08x\n", inst->size);
+                sb->image_size += ROUND_UP(inst->size, BLOCK_SIZE) / BLOCK_SIZE;
+                sec->sec_size += ROUND_UP(inst->size, BLOCK_SIZE) / BLOCK_SIZE;
+            }
+            else
+                bug("die on inst %d\n", inst->inst);
+        }
+        /* we need to make sure next section starts on the right alignment.
+         * Since each section starts with a boot tag, we thus need to ensure
+         * that this sections ends at adress X such that X+BLOCK_SIZE is
+         * a multiple of the alignment.
+         * For data sections, we just add random data, otherwise we add nops */
+        uint32_t missing_sz = alignment - ((sb->image_size + 1) % alignment);
+        if(missing_sz != alignment)
+        {
+            struct sb_inst_t *aug_insts;
+            int nr_aug_insts = 0;
+            if(sb->sections[i].is_data)
+            {
+                nr_aug_insts = 1;
+                aug_insts = malloc(sizeof(struct sb_inst_t));
+                memset(aug_insts, 0, sizeof(struct sb_inst_t));
+                aug_insts[0].inst = SB_INST_DATA;
+                aug_insts[0].size = missing_sz * BLOCK_SIZE;
+                aug_insts[0].data = xmalloc(missing_sz * BLOCK_SIZE);
+                generate_random_data(aug_insts[0].data, missing_sz * BLOCK_SIZE);
+                if(g_debug)
+                    printf("  DATA | size=0x%08x\n", aug_insts[0].size);
+            }
+            else
+            {
+                nr_aug_insts = missing_sz;
+                aug_insts = malloc(sizeof(struct sb_inst_t) * nr_aug_insts);
+                memset(aug_insts, 0, sizeof(struct sb_inst_t) * nr_aug_insts);
+                for(int j = 0; j < nr_aug_insts; j++)
+                {
+                    aug_insts[j].inst = SB_INST_NOP;
+                    if(g_debug)
+                        printf("  NOOP\n");
+                }
+            }
+            sb->sections[i].insts = augment_array(sb->sections[i].insts, sizeof(struct sb_inst_t),
+                sb->sections[i].nr_insts, aug_insts, nr_aug_insts);
+            sb->sections[i].nr_insts += nr_aug_insts;
+            /* augment image and section size */
+            sb->image_size += missing_sz;
+            sec->sec_size += missing_sz;
+        }
+    }
+    /* final signature */
+    sb->image_size += 2;
+}
+static uint64_t generate_timestamp()
+{
+    struct tm tm_base = {0, 0, 0, 1, 0, 100, 0, 0, 1, 0, NULL}; /* 2000/1/1 0:00:00 */
+    time_t t = time(NULL) - mktime(&tm_base);
+    return (uint64_t)t * 1000000L;
+}
+static uint16_t swap16(uint16_t t)
+{
+    return (t << 8) | (t >> 8);
+}
+static void fix_version(struct sb_version_t *ver)
+{
+    ver->major = swap16(ver->major);
+    ver->minor = swap16(ver->minor);
+    ver->revision = swap16(ver->revision);
+}
+static void produce_sb_header(struct sb_file_t *sb, struct sb_header_t *sb_hdr)
+{
+    struct sha_1_params_t sha_1_params;
+    
+    sb_hdr->signature[0] = 'S';
+    sb_hdr->signature[1] = 'T';
+    sb_hdr->signature[2] = 'M';
+    sb_hdr->signature[3] = 'P';
+    sb_hdr->major_ver = IMAGE_MAJOR_VERSION;
+    sb_hdr->minor_ver = IMAGE_MINOR_VERSION;
+    sb_hdr->flags = 0;
+    sb_hdr->image_size = sb->image_size;
+    sb_hdr->header_size = sizeof(struct sb_header_t) / BLOCK_SIZE;
+    sb_hdr->first_boot_sec_id = sb->sections[0].identifier;
+    sb_hdr->nr_keys = g_nr_keys;
+    sb_hdr->nr_sections = sb->nr_sections;
+    sb_hdr->sec_hdr_size = sizeof(struct sb_section_header_t) / BLOCK_SIZE;
+    sb_hdr->key_dict_off = sb_hdr->header_size +
+        sb_hdr->sec_hdr_size * sb_hdr->nr_sections;
+    sb_hdr->first_boot_tag_off = sb_hdr->key_dict_off +
+        sizeof(struct sb_key_dictionary_entry_t) * sb_hdr->nr_keys / BLOCK_SIZE;
+    generate_random_data(sb_hdr->rand_pad0, sizeof(sb_hdr->rand_pad0));
+    generate_random_data(sb_hdr->rand_pad1, sizeof(sb_hdr->rand_pad1));
+    sb_hdr->timestamp = generate_timestamp();
+    sb_hdr->product_ver = sb->product_ver;
+    fix_version(&sb_hdr->product_ver);
+    sb_hdr->component_ver = sb->component_ver;
+    fix_version(&sb_hdr->component_ver);
+    sb_hdr->drive_tag = 0;
+    sha_1_init(&sha_1_params);
+    sha_1_update(&sha_1_params, &sb_hdr->signature[0],
+        sizeof(struct sb_header_t) - sizeof(sb_hdr->sha1_header));
+    sha_1_finish(&sha_1_params);
+    sha_1_output(&sha_1_params, sb_hdr->sha1_header);
+}
+static void produce_sb_section_header(struct sb_section_t *sec,
+    struct sb_section_header_t *sec_hdr)
+{
+    sec_hdr->identifier = sec->identifier;
+    sec_hdr->offset = sec->file_offset;
+    sec_hdr->size = sec->sec_size;
+    sec_hdr->flags = (sec->is_data ? 0 : SECTION_BOOTABLE)
+        | (sec->is_cleartext ? SECTION_CLEARTEXT : 0);
+}
+static uint8_t instruction_checksum(struct sb_instruction_header_t *hdr)
+{
+    uint8_t sum = 90;
+    byte *ptr = (byte *)hdr;
+    for(int i = 1; i < 16; i++)
+        sum += ptr[i];
+    return sum;
+}
+static void produce_section_tag_cmd(struct sb_section_t *sec,
+    struct sb_instruction_tag_t *tag, bool is_last)
+{
+    tag->hdr.opcode = SB_INST_TAG;
+    tag->hdr.flags = is_last ? SB_INST_LAST_TAG : 0;
+    tag->identifier = sec->identifier;
+    tag->len = sec->sec_size;
+    tag->flags = (sec->is_data ? 0 : SECTION_BOOTABLE)
+        | (sec->is_cleartext ? SECTION_CLEARTEXT : 0);
+    tag->hdr.checksum = instruction_checksum(&tag->hdr);
+}
+void produce_sb_instruction(struct sb_inst_t *inst,
+    struct sb_instruction_common_t *cmd)
+{
+    memset(cmd, 0, sizeof(struct sb_instruction_common_t));
+    cmd->hdr.opcode = inst->inst;
+    switch(inst->inst)
+    {
+        case SB_INST_CALL:
+        case SB_INST_JUMP:
+            cmd->addr = inst->addr;
+            cmd->data = inst->argument;
+            break;
+        case SB_INST_FILL:
+            cmd->addr = inst->addr;
+            cmd->len = inst->size;
+            cmd->data = inst->pattern;
+            break;
+        case SB_INST_LOAD:
+            cmd->addr = inst->addr;
+            cmd->len = inst->size;
+            cmd->data = crc_continue(crc(inst->data, inst->size),
+                inst->padding, inst->padding_size);
+            break;
+        case SB_INST_MODE:
+            cmd->data = inst->addr;
+            break;
+        case SB_INST_NOP:
+            break;
+        default:
+            bug("die\n");
+    }
+    cmd->hdr.checksum = instruction_checksum(&cmd->hdr);
+}
+void sb_produce_file(struct sb_file_t *sb, const char *filename)
+{
+    FILE *fd = fopen(filename, "wb");
+    if(fd == NULL)
+        bugp("cannot open output file");
+    struct crypto_key_t real_key;
+    real_key.method = CRYPTO_KEY;
+    byte crypto_iv[16];
+    byte (*cbc_macs)[16] = xmalloc(16 * g_nr_keys);
+    /* init CBC-MACs */
+    for(int i = 0; i < g_nr_keys; i++)
+        memset(cbc_macs[i], 0, 16);
+    fill_gaps(sb);
+    compute_sb_offsets(sb);
+    generate_random_data(real_key.u.key, 16);
+    /* global SHA-1 */
+    struct sha_1_params_t file_sha1;
+    sha_1_init(&file_sha1);
+    /* produce and write header */
+    struct sb_header_t sb_hdr;
+    produce_sb_header(sb, &sb_hdr);
+    sha_1_update(&file_sha1, (byte *)&sb_hdr, sizeof(sb_hdr));
+    fwrite(&sb_hdr, 1, sizeof(sb_hdr), fd);
+    
+    memcpy(crypto_iv, &sb_hdr, 16);
+    /* update CBC-MACs */
+    for(int i = 0; i < g_nr_keys; i++)
+        crypto_cbc((byte *)&sb_hdr, NULL, sizeof(sb_hdr) / BLOCK_SIZE, &g_key_array[i],
+            cbc_macs[i], &cbc_macs[i], 1);
+    
+    /* produce and write section headers */
+    for(int i = 0; i < sb_hdr.nr_sections; i++)
+    {
+        struct sb_section_header_t sb_sec_hdr;
+        produce_sb_section_header(&sb->sections[i], &sb_sec_hdr);
+        sha_1_update(&file_sha1, (byte *)&sb_sec_hdr, sizeof(sb_sec_hdr));
+        fwrite(&sb_sec_hdr, 1, sizeof(sb_sec_hdr), fd);
+        /* update CBC-MACs */
+        for(int j = 0; j < g_nr_keys; j++)
+            crypto_cbc((byte *)&sb_sec_hdr, NULL, sizeof(sb_sec_hdr) / BLOCK_SIZE,
+                &g_key_array[j], cbc_macs[j], &cbc_macs[j], 1);
+    }
+    /* produce key dictionary */
+    for(int i = 0; i < g_nr_keys; i++)
+    {
+        struct sb_key_dictionary_entry_t entry;
+        memcpy(entry.hdr_cbc_mac, cbc_macs[i], 16);
+        crypto_cbc(real_key.u.key, entry.key, 1, &g_key_array[i],
+            crypto_iv, NULL, 1);
+        
+        fwrite(&entry, 1, sizeof(entry), fd);
+        sha_1_update(&file_sha1, (byte *)&entry, sizeof(entry));
+    }
+    /* HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK */
+    /* Image crafting, don't use it unless you understand what you do */
+    if(sb->real_key != NULL)
+        memcpy(real_key.u.key, *sb->real_key, 16);
+    if(sb->crypto_iv != NULL)
+        memcpy(crypto_iv, *sb->crypto_iv, 16);
+    /* KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH */
+    if(g_debug)
+    {
+        printf("Real key: ");
+        for(int j = 0; j < 16; j++)
+            printf("%02x", real_key.u.key[j]);
+        printf("\n");
+        printf("IV      : ");
+        for(int j = 0; j < 16; j++)
+            printf("%02x", crypto_iv[j]);
+        printf("\n");
+    }
+    /* produce sections data */
+    for(int i = 0; i< sb_hdr.nr_sections; i++)
+    {
+        /* produce tag command */
+        struct sb_instruction_tag_t tag_cmd;
+        produce_section_tag_cmd(&sb->sections[i], &tag_cmd, (i + 1) == sb_hdr.nr_sections);
+        if(g_nr_keys > 0)
+            crypto_cbc((byte *)&tag_cmd, (byte *)&tag_cmd, sizeof(tag_cmd) / BLOCK_SIZE,
+                &real_key, crypto_iv, NULL, 1);
+        sha_1_update(&file_sha1, (byte *)&tag_cmd, sizeof(tag_cmd));
+        fwrite(&tag_cmd, 1, sizeof(tag_cmd), fd);
+        /* produce other commands */
+        byte cur_cbc_mac[16];
+        memcpy(cur_cbc_mac, crypto_iv, 16);
+        for(int j = 0; j < sb->sections[i].nr_insts; j++)
+        {
+            struct sb_inst_t *inst = &sb->sections[i].insts[j];
+            /* command */
+            if(inst->inst != SB_INST_DATA)
+            {
+                struct sb_instruction_common_t cmd;
+                produce_sb_instruction(inst, &cmd);
+                if(g_nr_keys > 0 && !sb->sections[i].is_cleartext)
+                    crypto_cbc((byte *)&cmd, (byte *)&cmd, sizeof(cmd) / BLOCK_SIZE,
+                        &real_key, cur_cbc_mac, &cur_cbc_mac, 1);
+                sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd));
+                fwrite(&cmd, 1, sizeof(cmd), fd);
+            }
+            /* data */
+            if(inst->inst == SB_INST_LOAD || inst->inst == SB_INST_DATA)
+            {
+                uint32_t sz = inst->size + inst->padding_size;
+                byte *data = xmalloc(sz);
+                memcpy(data, inst->data, inst->size);
+                memcpy(data + inst->size, inst->padding, inst->padding_size);
+                if(g_nr_keys > 0 && !sb->sections[i].is_cleartext)
+                    crypto_cbc(data, data, sz / BLOCK_SIZE,
+                        &real_key, cur_cbc_mac, &cur_cbc_mac, 1);
+                sha_1_update(&file_sha1, data, sz);
+                fwrite(data, 1, sz, fd);
+                free(data);
+            }
+        }
+    }
+    /* write file SHA-1 */
+    byte final_sig[32];
+    sha_1_finish(&file_sha1);
+    sha_1_output(&file_sha1, final_sig);
+    generate_random_data(final_sig + 20, 12);
+    if(g_nr_keys > 0)
+        crypto_cbc(final_sig, final_sig, 2, &real_key, crypto_iv, NULL, 1);
+    fwrite(final_sig, 1, 32, fd);
+    
+    fclose(fd);
+}

diff --git a/utils/sbtools/sb.c b/utils/sbtools/sb.c new file mode 100644 index 0000000000..3921710a2d --- /dev/null +++ b/utils/sbtools/sb.c
@@ -0,0 +1,426 @@
	1	/***************************************************************************
	2	* __________ __ ___.
	3	* Open \______ \ ____ ____ \| \| _\_ \|__ _______ ___
	4	* Source \| _// _ \_/ ___\\| \|/ /\| __ \ / _ \ \/ /
	5	* Jukebox \| \| ( <_> ) \___\| < \| \_\ ( <_> > < <
	6	* Firmware \|____\|_ /\____/ \___ >__\|_ \\|___ /\____/__/\_ \
	7	* \/ \/ \/ \/ \/
	8	* $Id$
	9	*
	10	* Copyright (C) 2011 Amaury Pouly
	11	*
	12	* This program is free software; you can redistribute it and/or
	13	* modify it under the terms of the GNU General Public License
	14	* as published by the Free Software Foundation; either version 2
	15	* of the License, or (at your option) any later version.
	16	*
	17	* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
	18	* KIND, either express or implied.
	19	*
	20	****************************************************************************/
	21	#include <stdio.h>
	22	#include <time.h>
	23	#include <stdlib.h>
	24	#include "misc.h"
	25	#include "crypto.h"
	26	#include "sb.h"
	27
	28	static void fill_gaps(struct sb_file_t *sb)
	29	{
	30	for(int i = 0; i < sb->nr_sections; i++)
	31	{
	32	struct sb_section_t *sec = &sb->sections[i];
	33	for(int j = 0; j < sec->nr_insts; j++)
	34	{
	35	struct sb_inst_t *inst = &sec->insts[j];
	36	if(inst->inst != SB_INST_LOAD)
	37	continue;
	38	inst->padding_size = ROUND_UP(inst->size, BLOCK_SIZE) - inst->size;
	39	/* emulate elftosb2 behaviour: generate 15 bytes (that's a safe maximum) */
	40	inst->padding = xmalloc(15);
	41	generate_random_data(inst->padding, 15);
	42	}
	43	}
	44	}
	45
	46	static void compute_sb_offsets(struct sb_file_t *sb)
	47	{
	48	sb->image_size = 0;
	49	/* sb header */
	50	sb->image_size += sizeof(struct sb_header_t) / BLOCK_SIZE;
	51	/* sections headers */
	52	sb->image_size += sb->nr_sections * sizeof(struct sb_section_header_t) / BLOCK_SIZE;
	53	/* key dictionary */
	54	sb->image_size += g_nr_keys * sizeof(struct sb_key_dictionary_entry_t) / BLOCK_SIZE;
	55	/* sections */
	56	for(int i = 0; i < sb->nr_sections; i++)
	57	{
	58	/* each section has a preliminary TAG command */
	59	sb->image_size += sizeof(struct sb_instruction_tag_t) / BLOCK_SIZE;
	60	/* we might need to pad the section so compute next alignment */
	61	uint32_t alignment = BLOCK_SIZE;
	62	if((i + 1) < sb->nr_sections)
	63	alignment = sb->sections[i + 1].alignment;
	64	alignment /= BLOCK_SIZE; /* alignment in block sizes */
	65
	66	struct sb_section_t *sec = &sb->sections[i];
	67
	68	if(g_debug)
	69	{
	70	printf("%s section 0x%08x", sec->is_data ? "Data" : "Boot",
	71	sec->identifier);
	72	if(sec->is_cleartext)
	73	printf(" (cleartext)");
	74	printf("\n");
	75	}
	76
	77	sec->file_offset = sb->image_size;
	78	for(int j = 0; j < sec->nr_insts; j++)
	79	{
	80	struct sb_inst_t *inst = &sec->insts[j];
	81	if(inst->inst == SB_INST_CALL \|\| inst->inst == SB_INST_JUMP)
	82	{
	83	if(g_debug)
	84	printf(" %s \| addr=0x%08x \| arg=0x%08x\n",
	85	inst->inst == SB_INST_CALL ? "CALL" : "JUMP", inst->addr, inst->argument);
	86	sb->image_size += sizeof(struct sb_instruction_call_t) / BLOCK_SIZE;
	87	sec->sec_size += sizeof(struct sb_instruction_call_t) / BLOCK_SIZE;
	88	}
	89	else if(inst->inst == SB_INST_FILL)
	90	{
	91	if(g_debug)
	92	printf(" FILL \| addr=0x%08x \| len=0x%08x \| pattern=0x%08x\n",
	93	inst->addr, inst->size, inst->pattern);
	94	sb->image_size += sizeof(struct sb_instruction_fill_t) / BLOCK_SIZE;
	95	sec->sec_size += sizeof(struct sb_instruction_fill_t) / BLOCK_SIZE;
	96	}
	97	else if(inst->inst == SB_INST_LOAD)
	98	{
	99	if(g_debug)
	100	printf(" LOAD \| addr=0x%08x \| len=0x%08x\n", inst->addr, inst->size);
	101	/* load header */
	102	sb->image_size += sizeof(struct sb_instruction_load_t) / BLOCK_SIZE;
	103	sec->sec_size += sizeof(struct sb_instruction_load_t) / BLOCK_SIZE;
	104	/* data + alignment */
	105	sb->image_size += (inst->size + inst->padding_size) / BLOCK_SIZE;
	106	sec->sec_size += (inst->size + inst->padding_size) / BLOCK_SIZE;
	107	}
	108	else if(inst->inst == SB_INST_MODE)
	109	{
	110	if(g_debug)
	111	printf(" MODE \| mod=0x%08x", inst->addr);
	112	sb->image_size += sizeof(struct sb_instruction_mode_t) / BLOCK_SIZE;
	113	sec->sec_size += sizeof(struct sb_instruction_mode_t) / BLOCK_SIZE;
	114	}
	115	else if(inst->inst == SB_INST_DATA)
	116	{
	117	if(g_debug)
	118	printf(" DATA \| size=0x%08x\n", inst->size);
	119	sb->image_size += ROUND_UP(inst->size, BLOCK_SIZE) / BLOCK_SIZE;
	120	sec->sec_size += ROUND_UP(inst->size, BLOCK_SIZE) / BLOCK_SIZE;
	121	}
	122	else
	123	bug("die on inst %d\n", inst->inst);
	124	}
	125	/* we need to make sure next section starts on the right alignment.
	126	* Since each section starts with a boot tag, we thus need to ensure
	127	* that this sections ends at adress X such that X+BLOCK_SIZE is
	128	* a multiple of the alignment.
	129	* For data sections, we just add random data, otherwise we add nops */
	130	uint32_t missing_sz = alignment - ((sb->image_size + 1) % alignment);
	131	if(missing_sz != alignment)
	132	{
	133	struct sb_inst_t *aug_insts;
	134	int nr_aug_insts = 0;
	135
	136	if(sb->sections[i].is_data)
	137	{
	138	nr_aug_insts = 1;
	139	aug_insts = malloc(sizeof(struct sb_inst_t));
	140	memset(aug_insts, 0, sizeof(struct sb_inst_t));
	141	aug_insts[0].inst = SB_INST_DATA;
	142	aug_insts[0].size = missing_sz * BLOCK_SIZE;
	143	aug_insts[0].data = xmalloc(missing_sz * BLOCK_SIZE);
	144	generate_random_data(aug_insts[0].data, missing_sz * BLOCK_SIZE);
	145	if(g_debug)
	146	printf(" DATA \| size=0x%08x\n", aug_insts[0].size);
	147	}
	148	else
	149	{
	150	nr_aug_insts = missing_sz;
	151	aug_insts = malloc(sizeof(struct sb_inst_t) * nr_aug_insts);
	152	memset(aug_insts, 0, sizeof(struct sb_inst_t) * nr_aug_insts);
	153	for(int j = 0; j < nr_aug_insts; j++)
	154	{
	155	aug_insts[j].inst = SB_INST_NOP;
	156	if(g_debug)
	157	printf(" NOOP\n");
	158	}
	159	}
	160
	161	sb->sections[i].insts = augment_array(sb->sections[i].insts, sizeof(struct sb_inst_t),
	162	sb->sections[i].nr_insts, aug_insts, nr_aug_insts);
	163	sb->sections[i].nr_insts += nr_aug_insts;
	164
	165	/* augment image and section size */
	166	sb->image_size += missing_sz;
	167	sec->sec_size += missing_sz;
	168	}
	169	}
	170	/* final signature */
	171	sb->image_size += 2;
	172	}
	173
	174	static uint64_t generate_timestamp()
	175	{
	176	struct tm tm_base = {0, 0, 0, 1, 0, 100, 0, 0, 1, 0, NULL}; /* 2000/1/1 0:00:00 */
	177	time_t t = time(NULL) - mktime(&tm_base);
	178	return (uint64_t)t * 1000000L;
	179	}
	180
	181	static uint16_t swap16(uint16_t t)
	182	{
	183	return (t << 8) \| (t >> 8);
	184	}
	185
	186	static void fix_version(struct sb_version_t *ver)
	187	{
	188	ver->major = swap16(ver->major);
	189	ver->minor = swap16(ver->minor);
	190	ver->revision = swap16(ver->revision);
	191	}
	192
	193	static void produce_sb_header(struct sb_file_t sb, struct sb_header_t sb_hdr)
	194	{
	195	struct sha_1_params_t sha_1_params;
	196
	197	sb_hdr->signature[0] = 'S';
	198	sb_hdr->signature[1] = 'T';
	199	sb_hdr->signature[2] = 'M';
	200	sb_hdr->signature[3] = 'P';
	201	sb_hdr->major_ver = IMAGE_MAJOR_VERSION;
	202	sb_hdr->minor_ver = IMAGE_MINOR_VERSION;
	203	sb_hdr->flags = 0;
	204	sb_hdr->image_size = sb->image_size;
	205	sb_hdr->header_size = sizeof(struct sb_header_t) / BLOCK_SIZE;
	206	sb_hdr->first_boot_sec_id = sb->sections[0].identifier;
	207	sb_hdr->nr_keys = g_nr_keys;
	208	sb_hdr->nr_sections = sb->nr_sections;
	209	sb_hdr->sec_hdr_size = sizeof(struct sb_section_header_t) / BLOCK_SIZE;
	210	sb_hdr->key_dict_off = sb_hdr->header_size +
	211	sb_hdr->sec_hdr_size * sb_hdr->nr_sections;
	212	sb_hdr->first_boot_tag_off = sb_hdr->key_dict_off +
	213	sizeof(struct sb_key_dictionary_entry_t) * sb_hdr->nr_keys / BLOCK_SIZE;
	214	generate_random_data(sb_hdr->rand_pad0, sizeof(sb_hdr->rand_pad0));
	215	generate_random_data(sb_hdr->rand_pad1, sizeof(sb_hdr->rand_pad1));
	216	sb_hdr->timestamp = generate_timestamp();
	217	sb_hdr->product_ver = sb->product_ver;
	218	fix_version(&sb_hdr->product_ver);
	219	sb_hdr->component_ver = sb->component_ver;
	220	fix_version(&sb_hdr->component_ver);
	221	sb_hdr->drive_tag = 0;
	222
	223	sha_1_init(&sha_1_params);
	224	sha_1_update(&sha_1_params, &sb_hdr->signature[0],
	225	sizeof(struct sb_header_t) - sizeof(sb_hdr->sha1_header));
	226	sha_1_finish(&sha_1_params);
	227	sha_1_output(&sha_1_params, sb_hdr->sha1_header);
	228	}
	229
	230	static void produce_sb_section_header(struct sb_section_t *sec,
	231	struct sb_section_header_t *sec_hdr)
	232	{
	233	sec_hdr->identifier = sec->identifier;
	234	sec_hdr->offset = sec->file_offset;
	235	sec_hdr->size = sec->sec_size;
	236	sec_hdr->flags = (sec->is_data ? 0 : SECTION_BOOTABLE)
	237	\| (sec->is_cleartext ? SECTION_CLEARTEXT : 0);
	238	}
	239
	240	static uint8_t instruction_checksum(struct sb_instruction_header_t *hdr)
	241	{
	242	uint8_t sum = 90;
	243	byte ptr = (byte )hdr;
	244	for(int i = 1; i < 16; i++)
	245	sum += ptr[i];
	246	return sum;
	247	}
	248
	249	static void produce_section_tag_cmd(struct sb_section_t *sec,
	250	struct sb_instruction_tag_t *tag, bool is_last)
	251	{
	252	tag->hdr.opcode = SB_INST_TAG;
	253	tag->hdr.flags = is_last ? SB_INST_LAST_TAG : 0;
	254	tag->identifier = sec->identifier;
	255	tag->len = sec->sec_size;
	256	tag->flags = (sec->is_data ? 0 : SECTION_BOOTABLE)
	257	\| (sec->is_cleartext ? SECTION_CLEARTEXT : 0);
	258	tag->hdr.checksum = instruction_checksum(&tag->hdr);
	259	}
	260
	261	void produce_sb_instruction(struct sb_inst_t *inst,
	262	struct sb_instruction_common_t *cmd)
	263	{
	264	memset(cmd, 0, sizeof(struct sb_instruction_common_t));
	265	cmd->hdr.opcode = inst->inst;
	266	switch(inst->inst)
	267	{
	268	case SB_INST_CALL:
	269	case SB_INST_JUMP:
	270	cmd->addr = inst->addr;
	271	cmd->data = inst->argument;
	272	break;
	273	case SB_INST_FILL:
	274	cmd->addr = inst->addr;
	275	cmd->len = inst->size;
	276	cmd->data = inst->pattern;
	277	break;
	278	case SB_INST_LOAD:
	279	cmd->addr = inst->addr;
	280	cmd->len = inst->size;
	281	cmd->data = crc_continue(crc(inst->data, inst->size),
	282	inst->padding, inst->padding_size);
	283	break;
	284	case SB_INST_MODE:
	285	cmd->data = inst->addr;
	286	break;
	287	case SB_INST_NOP:
	288	break;
	289	default:
	290	bug("die\n");
	291	}
	292	cmd->hdr.checksum = instruction_checksum(&cmd->hdr);
	293	}
	294
	295	void sb_produce_file(struct sb_file_t sb, const char filename)
	296	{
	297	FILE *fd = fopen(filename, "wb");
	298	if(fd == NULL)
	299	bugp("cannot open output file");
	300
	301	struct crypto_key_t real_key;
	302	real_key.method = CRYPTO_KEY;
	303	byte crypto_iv[16];
	304	byte (cbc_macs)[16] = xmalloc(16 g_nr_keys);
	305	/* init CBC-MACs */
	306	for(int i = 0; i < g_nr_keys; i++)
	307	memset(cbc_macs[i], 0, 16);
	308
	309	fill_gaps(sb);
	310	compute_sb_offsets(sb);
	311
	312	generate_random_data(real_key.u.key, 16);
	313
	314	/* global SHA-1 */
	315	struct sha_1_params_t file_sha1;
	316	sha_1_init(&file_sha1);
	317	/* produce and write header */
	318	struct sb_header_t sb_hdr;
	319	produce_sb_header(sb, &sb_hdr);
	320	sha_1_update(&file_sha1, (byte *)&sb_hdr, sizeof(sb_hdr));
	321	fwrite(&sb_hdr, 1, sizeof(sb_hdr), fd);
	322
	323	memcpy(crypto_iv, &sb_hdr, 16);
	324
	325	/* update CBC-MACs */
	326	for(int i = 0; i < g_nr_keys; i++)
	327	crypto_cbc((byte *)&sb_hdr, NULL, sizeof(sb_hdr) / BLOCK_SIZE, &g_key_array[i],
	328	cbc_macs[i], &cbc_macs[i], 1);
	329
	330	/* produce and write section headers */
	331	for(int i = 0; i < sb_hdr.nr_sections; i++)
	332	{
	333	struct sb_section_header_t sb_sec_hdr;
	334	produce_sb_section_header(&sb->sections[i], &sb_sec_hdr);
	335	sha_1_update(&file_sha1, (byte *)&sb_sec_hdr, sizeof(sb_sec_hdr));
	336	fwrite(&sb_sec_hdr, 1, sizeof(sb_sec_hdr), fd);
	337	/* update CBC-MACs */
	338	for(int j = 0; j < g_nr_keys; j++)
	339	crypto_cbc((byte *)&sb_sec_hdr, NULL, sizeof(sb_sec_hdr) / BLOCK_SIZE,
	340	&g_key_array[j], cbc_macs[j], &cbc_macs[j], 1);
	341	}
	342	/* produce key dictionary */
	343	for(int i = 0; i < g_nr_keys; i++)
	344	{
	345	struct sb_key_dictionary_entry_t entry;
	346	memcpy(entry.hdr_cbc_mac, cbc_macs[i], 16);
	347	crypto_cbc(real_key.u.key, entry.key, 1, &g_key_array[i],
	348	crypto_iv, NULL, 1);
	349
	350	fwrite(&entry, 1, sizeof(entry), fd);
	351	sha_1_update(&file_sha1, (byte *)&entry, sizeof(entry));
	352	}
	353
	354	/* HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK */
	355	/* Image crafting, don't use it unless you understand what you do */
	356	if(sb->real_key != NULL)
	357	memcpy(real_key.u.key, *sb->real_key, 16);
	358	if(sb->crypto_iv != NULL)
	359	memcpy(crypto_iv, *sb->crypto_iv, 16);
	360	/* KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH KCAH */
	361	if(g_debug)
	362	{
	363	printf("Real key: ");
	364	for(int j = 0; j < 16; j++)
	365	printf("%02x", real_key.u.key[j]);
	366	printf("\n");
	367	printf("IV : ");
	368	for(int j = 0; j < 16; j++)
	369	printf("%02x", crypto_iv[j]);
	370	printf("\n");
	371	}
	372	/* produce sections data */
	373	for(int i = 0; i< sb_hdr.nr_sections; i++)
	374	{
	375	/* produce tag command */
	376	struct sb_instruction_tag_t tag_cmd;
	377	produce_section_tag_cmd(&sb->sections[i], &tag_cmd, (i + 1) == sb_hdr.nr_sections);
	378	if(g_nr_keys > 0)
	379	crypto_cbc((byte )&tag_cmd, (byte )&tag_cmd, sizeof(tag_cmd) / BLOCK_SIZE,
	380	&real_key, crypto_iv, NULL, 1);
	381	sha_1_update(&file_sha1, (byte *)&tag_cmd, sizeof(tag_cmd));
	382	fwrite(&tag_cmd, 1, sizeof(tag_cmd), fd);
	383	/* produce other commands */
	384	byte cur_cbc_mac[16];
	385	memcpy(cur_cbc_mac, crypto_iv, 16);
	386	for(int j = 0; j < sb->sections[i].nr_insts; j++)
	387	{
	388	struct sb_inst_t *inst = &sb->sections[i].insts[j];
	389	/* command */
	390	if(inst->inst != SB_INST_DATA)
	391	{
	392	struct sb_instruction_common_t cmd;
	393	produce_sb_instruction(inst, &cmd);
	394	if(g_nr_keys > 0 && !sb->sections[i].is_cleartext)
	395	crypto_cbc((byte )&cmd, (byte )&cmd, sizeof(cmd) / BLOCK_SIZE,
	396	&real_key, cur_cbc_mac, &cur_cbc_mac, 1);
	397	sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd));
	398	fwrite(&cmd, 1, sizeof(cmd), fd);
	399	}
	400	/* data */
	401	if(inst->inst == SB_INST_LOAD \|\| inst->inst == SB_INST_DATA)
	402	{
	403	uint32_t sz = inst->size + inst->padding_size;
	404	byte *data = xmalloc(sz);
	405	memcpy(data, inst->data, inst->size);
	406	memcpy(data + inst->size, inst->padding, inst->padding_size);
	407	if(g_nr_keys > 0 && !sb->sections[i].is_cleartext)
	408	crypto_cbc(data, data, sz / BLOCK_SIZE,
	409	&real_key, cur_cbc_mac, &cur_cbc_mac, 1);
	410	sha_1_update(&file_sha1, data, sz);
	411	fwrite(data, 1, sz, fd);
	412	free(data);
	413	}
	414	}
	415	}
	416	/* write file SHA-1 */
	417	byte final_sig[32];
	418	sha_1_finish(&file_sha1);
	419	sha_1_output(&file_sha1, final_sig);
	420	generate_random_data(final_sig + 20, 12);
	421	if(g_nr_keys > 0)
	422	crypto_cbc(final_sig, final_sig, 2, &real_key, crypto_iv, NULL, 1);
	423	fwrite(final_sig, 1, 32, fd);
	424
	425	fclose(fd);
	426	}