sbtools: add option to force sb dump

In the case of encrypted SB files without any key match, it is still possible to dump the section headers. The force option allows one to do so. It also allows to dump unencrypted sections of encrypted files if there are some. Change-Id: I36280230679ac5903f9c451c68c276f5c6959536
2012-06-27 14:50:39 +02:00 · 2012-06-27 14:50:39 +02:00 · 7c9e7ec707
commit 7c9e7ec707
parent fa17cb904c
4 changed files with 37 additions and 7 deletions
--- a/utils/imxtools/sbtools/misc.c
+++ b/utils/imxtools/sbtools/misc.c
@ -25,6 +25,7 @@
 #include "misc.h"

 bool g_debug = false;
+bool g_force = false;

 /**
 * Misc
--- a/utils/imxtools/sbtools/misc.h
+++ b/utils/imxtools/sbtools/misc.h
@ -33,6 +33,7 @@
 #define ROUND_UP(val, round) ((((val) + (round) - 1) / (round)) * (round))

 extern bool g_debug;
+extern bool g_force;

 typedef struct crypto_key_t *key_array_t;
 int g_nr_keys;
--- a/utils/imxtools/sbtools/sb.c
+++ b/utils/imxtools/sbtools/sb.c
@ -503,7 +503,7 @@ static struct sb_section_t *read_section(bool data_sec, uint32_t id, byte *buf,
        printf(OFF, "%s", indent);
        uint8_t checksum = instruction_checksum(hdr);
        if(checksum != hdr->checksum)
-            fatal(SB_CHECKSUM_ERROR, "Bad instruction checksum");
+            fatal(SB_CHECKSUM_ERROR, "Bad instruction checksum\n");
        if(hdr->flags != 0)
        {
            printf(GREY, "[");
@ -788,7 +788,8 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi
        printf(BLUE, "Encryption keys\n");
        for(int i = 0; i < g_nr_keys; i++)
        {
-            printf(RED, "  Key %d: ", i);
+            printf(RED, "  Key %d\n", i),
+            printf(GREEN, "    Key: ");
            printf(YELLOW, "");
            print_key(&g_key_array[i], true);
            printf(GREEN, "    CBC-MAC: ");
@ -859,7 +860,12 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi
        free(cbcmacs);

        if(!valid_key)
+        {
+            if(g_force)
+                printf(GREY, "  No valid key found\n");
+            else
                fatal(SB_NO_VALID_KEY, "No valid key found\n");
+        }

        if(getenv("SB_REAL_KEY") != 0)
        {
@ -868,6 +874,12 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi
            if(!parse_key(&env, &k) || *env)
                fatal(SB_ERROR, "Invalid SB_REAL_KEY\n");
            memcpy(real_key, k.u.key, 16);
+            /* assume the key is valid */
+            if(valid_key)
+                printf(GREY, "  Overriding real key\n");
+            else
+                printf(GREY, "  Assuming real key is ok\n");
+            valid_key = true;
        }

        printf(RED, "  Summary:\n");
@ -917,6 +929,13 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi
                printf(RED, " (Encrypted)");
            printf(OFF, "\n");

+            /* skip it if we cannot decrypt it */
+            if(encrypted && !valid_key)
+            {
+                printf(GREY, "  Skipping section content (no valid key)\n");
+                continue;
+            }
+            
            /* save it */
            byte *sec = xmalloc(size);
            if(encrypted)
@ -939,7 +958,7 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi
            free(sec);
        }
    }
-    else
+    else if(valid_key)
    {
        /* advanced raw mode */
        printf(BLUE, "Commands\n");
@ -1041,6 +1060,10 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi
            }
        }
    }
+    else
+    {
+        printf(GREY, "Cannot read content in raw mode without a valid key\n");
+    }
    
    /* final signature */
    printf(BLUE, "Final signature:\n");
--- a/utils/imxtools/sbtools/sbtoelf.c
+++ b/utils/imxtools/sbtools/sbtoelf.c
@ -169,6 +169,7 @@ static void usage(void)
    printf("  -a/--add-key <key>\tAdd single key (hex or usbotp)\n");
    printf("  -n/--no-color\tDisable output colors\n");
    printf("  -l/--loopback <file>\tProduce sb file out of extracted description*\n");
+    printf("  -f/--force\tForce reading even without a key*\n");
    printf("Options marked with a * are for debug purpose only\n");
    exit(1);
 }
@ -204,10 +205,11 @@ int main(int argc, char **argv)
            {"add-key", required_argument, 0, 'a'},
            {"no-color", no_argument, 0, 'n'},
            {"loopback", required_argument, 0, 'l'},
+            {"force", no_argument, 0, 'f' },
            {0, 0, 0, 0}
        };

-        int c = getopt_long(argc, argv, "?do:k:zra:nl:", long_options, NULL);
+        int c = getopt_long(argc, argv, "?do:k:zra:nl:f", long_options, NULL);
        if(c == -1)
            break;
        switch(c)
@ -231,6 +233,9 @@ int main(int argc, char **argv)
            case 'o':
                g_out_prefix = optarg;
                break;
+            case 'f':
+                g_force = true;
+                break;
            case 'k':
            {
                if(!add_keys_from_file(optarg))
@ -250,9 +255,9 @@ int main(int argc, char **argv)
                struct crypto_key_t key;
                char *s = optarg;
                if(!parse_key(&s, &key))
-                    bug("Invalid key specified as argument");
+                    bug("Invalid key specified as argument\n");
                if(*s != 0)
-                    bug("Trailing characters after key specified as argument");
+                    bug("Trailing characters after key specified as argument\n");
                add_keys(&key, 1);
                break;
            }