len0rd/rockbox
1
0
Fork 1
mirror of https://github.com/Rockbox/rockbox.git synced 2025-11-09 13:12:37 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

atjboottool: gzipped fw files, option for big-endian fw, clarify ECIES in fwu

Browse source 
Added fw modifications required to unpack real world player dumps.


Documented more fwu header fields, magic numbers and finite field arithmetics (extended Euclidean for inverse, long division for reducing modulo field_poly).

v3 encryption used is standard RC4 with the key additionally ciphered by the Elliptic Curve Integrated Encryption Scheme.

Either sect233k1 (NIST K-233) or sect163r2 (NIST B-163) curves can be used, with the former overwhelmingly prevailing, being hardwired in SDK's maker.exe. Using a private/public key scheme is superfluous because both are stored in the firmware, with the added level of complexity likely serving the purpose of obfuscation. The private key is generated at random with each invokation.

None of KDF or MAC from ECIES are used, RC4 key is directly xored with the shared secret. The random number r used to calculate rG isn't stored, but that's unimportant since only krG == rkG is actually used in the encryption.

Change-Id: Ieacf8cc744bc90c7c5582dd724b2c10a41bfc191
This commit is contained in:
Nikita Burnashev 2023-04-16 12:46:55 +03:00 committed by Solomon Peachy
parent 72c0e49b41
commit e232f69214
7 changed files with 499 additions and 317 deletions
Download patch file Download diff file Expand all files Collapse all files

18
utils/atj2137/atjboottool/atj_tables.c
View file

@ -20,7 +20,7 @@
****************************************************************************/
#include <stdint.h>
uint8_t g_check_block_A_table[1024] =
uint8_t g_decode_A_table[1024] =
{
0x16, 0x2b, 0x01, 0xe4, 0x0e, 0x3d, 0xc1, 0xdf, 0x0f, 0x35, 0x8f, 0xf5, 0xe2,
0x48, 0xa0, 0x2e, 0x1c, 0x6a, 0x57, 0xea, 0x6d, 0x9a, 0xe2, 0x03, 0xec, 0xe8,
@ -109,45 +109,45 @@ uint8_t g_decode_B_table[20] =
0xf8, 0xb4, 0x36, 0x41, 0xc5, 0x51, 0xaf
};
uint32_t g_crypto_table[8] =
uint32_t g_sect233k1_G_x[8] =
{
0xefad6126, 0x0a4c9d6e, 0x19c26bf5, 0x149563a4, 0x29f22ff4, 0x7e731af1,
0x32ba853a, 0x00000172
};
uint32_t g_crypto_table2[8] =
uint32_t g_sect233k1_G_y[8] =
{
0x56fae6a3, 0x56e0c110, 0xf18aeb9b, 0x27a8cd9b, 0x555a67c4, 0x19b7f70f,
0x537dece8, 0x000001db
};
uint32_t g_crypto_key6[8] =
uint32_t g_sect233k1_b[8] =
{
0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
0x00000000, 0x00000000
};
uint32_t g_crypto_key3[6] =
uint32_t g_sect163r2_G_x[6] =
{
0xe8343e36, 0xd4994637, 0xa0991168, 0x86a2d57e, 0xf0eba162, 0x00000003
};
uint32_t g_crypto_key4[6] =
uint32_t g_sect163r2_G_y[6] =
{
0x797324f1, 0xb11c5c0c, 0xa2cdd545, 0x71a0094f, 0xd51fbc6c, 0x00000000
};
uint32_t g_atj_ec163_a[6] =
uint32_t g_sect163r2_a[6] =
{
0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000
};
uint32_t g_crypto_key5[6] =
uint32_t g_sect163r2_b[6] =
{
0x4a3205fd, 0x512f7874, 0x1481eb10, 0xb8c953ca, 0x0a601907, 0x00000002
};
uint32_t g_atj_ec233_a[8] =
uint32_t g_sect233k1_a[8] =
{
0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
};