devicesal
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
devicesal [2009/05/07 09:38] – document "ocmmod" marcus | devicesal [2009/05/27 12:31] – example for ssatrans marcus | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | Missing Info: | ||
+ | |||
+ | < | ||
+ | |||
+ | Dict 0xfc - contains an unknown 8 byte key, used in dev_0xd8, dev_0xd9. | ||
+ | |||
+ | </ | ||
+ | |||
Native modules: | Native modules: | ||
< | < | ||
Line 94: | Line 102: | ||
// Some decrypt function. | // Some decrypt function. | ||
+ | // KEYBLOB seems to be 16 byte in practice. | ||
any_t | any_t | ||
- | dev_0xd8 (blob_t | + | dev_0xd8 (blob_t |
{ | { | ||
- | blob_t | + | blob_t |
- | dict[0xdb] = data3; | + | // Side-effect. |
+ | dict[0xdb] = key; | ||
- | blob_t | + | blob_t |
- | blob_t | + | blob_t |
- | blob_t | + | blob_t |
- | blob_t | + | blob_t |
// Decrypt with ocmmod cipher. | // Decrypt with ocmmod cipher. | ||
- | int len = blob_length (dec_data); | + | int len = blob_length (data); |
// Round up to multiple of 8. | // Round up to multiple of 8. | ||
len = (len + 7) / 8 * 8; | len = (len + 7) / 8 * 8; | ||
- | blob_t | + | blob_t |
- | | + | |
- | return decode_asn1 (out); | + | |
+ | | ||
+ | } | ||
+ | |||
+ | |||
+ | // Some encrypt function. | ||
+ | // KEYBLOB seems to be 16 byte in practice. | ||
+ | blob_t | ||
+ | dev_0xd9 (any_t plainobj, blob_t keyblob) | ||
+ | { | ||
+ | blob_t key = keyblob XOR concat (dict[0xfc], | ||
+ | // Side-effect. | ||
+ | dict[0xdb] = key; | ||
+ | |||
+ | // Serialization. | ||
+ | plaintext = encode_asn1 (plaintext); | ||
+ | |||
+ | // Encrypt with ocmmod cipher. | ||
+ | int len = blob_length (data); | ||
+ | // Round up to multiple of 8. | ||
+ | len = (len + 7) / 8 * 8; | ||
+ | blob_t data = repeat_nul (len); | ||
+ | blob_t hashed_key = SHA1 (key[0..14]); | ||
+ | data = native:: | ||
+ | |||
+ | // Encrypt DES. | ||
+ | blob_t des_iv = hashed_key[0..7]; | ||
+ | blob_t des_key = hashed_key[8..15] | ||
+ | blob_t ciphertext = DES_CBC_Decrypt (data, des_iv, des_key, 0xd7_DESEncrypt); | ||
+ | |||
+ | return ciphertext; | ||
} | } | ||
</ | </ | ||
+ | NOT part of device.sal, but for lack of a better place, here an example of SsaTrans on updater.ocm: | ||
+ | |||
+ | < | ||
+ | $ SsaTrans updater.ocm | ||
+ | BCSeedRand63 (1, " | ||
+ | BCSetCryptTable (" | ||
+ | v_39 = BCNewBlob (8); | ||
+ | v_41 = BCDES_SetKey (" | ||
+ | arg_0 = Unknown | ||
+ | v_43 = BCDES_CBC BCDDecrypt (arg_0, v_39, v_41, " | ||
+ | v_44 = BCBlobLength (v_43); | ||
+ | v_46 = BCBlobLength ("< | ||
+ | v_49 = BCSubBlob (v_43, v_44 - v_46, -1); | ||
+ | v_51 = BCCompareBlob (v_49, "< | ||
+ | if (v_51 == 0) [1 -> 1] | ||
+ | { | ||
+ | return [v_43, 1]; | ||
+ | } | ||
+ | else [1 -> 1] | ||
+ | { | ||
+ | return [0]; | ||
+ | } | ||
+ | v_56 = BCIfElse (v_43); | ||
+ | v_57 = BCSerialize (v_56); | ||
+ | return v_57; | ||
+ | </ |
devicesal.txt · Last modified: 2009/06/02 01:44 by marcus