From 05fc825df8ebeecc167dd8b0529fc51a10f360cc Mon Sep 17 00:00:00 2001 From: schneider Date: Fri, 5 Aug 2011 17:39:00 +0200 Subject: [PATCH] added encryption keys for l0dables --- firmware/applications/final.c | 2 +- firmware/applications/final/nickname.c | 2 +- firmware/filesystem/execute.c | 74 +++++++++++--------------- firmware/filesystem/execute.h | 2 +- 4 files changed, 34 insertions(+), 46 deletions(-) diff --git a/firmware/applications/final.c b/firmware/applications/final.c index 8edc85d..26d1487 100644 --- a/firmware/applications/final.c +++ b/firmware/applications/final.c @@ -21,7 +21,7 @@ void fancyNickname(); void main_final(void) { init_nick(); if(GLOBAL(privacy)>2){ //firstboot - if(execute_file("1boot.int",0,0)){ + if(execute_file("1boot.int")){ lcdPrintln("Badge SETUP"); lcdPrintln("error."); lcdPrintln("Features may"); diff --git a/firmware/applications/final/nickname.c b/firmware/applications/final/nickname.c index 2ed1703..a0985ef 100644 --- a/firmware/applications/final/nickname.c +++ b/firmware/applications/final/nickname.c @@ -21,7 +21,7 @@ void simpleNickname(void); void fancyNickname(void) { if(GLOBAL(l0nick)){ - if(execute_file(GLOBAL(nickl0),0,0)) + if(execute_file(GLOBAL(nickl0))) GLOBAL(l0nick)=0; } diff --git a/firmware/filesystem/execute.c b/firmware/filesystem/execute.c index c50426c..659d6b7 100644 --- a/firmware/filesystem/execute.c +++ b/firmware/filesystem/execute.c @@ -12,15 +12,13 @@ #include "basic/xxtea.h" -const uint32_t signature_key[4] = {0x123456,0,0,0x234567}; -const uint32_t decode_key[4] = {0x123456,0,0,0x234567}; -//const uint32_t decode_key[4] = {0,0,0,0}; +#include "SECRETS" -extern void * sram_top; +//extern void * sram_top; /**************************************************************************/ -uint8_t execute_file (const char * fname, uint8_t checksignature, uint8_t decode){ +uint8_t execute_file (const char * fname){ FRESULT res; FIL file; UINT readbytes; @@ -48,45 +46,35 @@ uint8_t execute_file (const char * fname, uint8_t checksignature, uint8_t decode if(res){ return -1; }; - if( decode || checksignature ) - //only accept files with fixed length - //if( readbytes != 2048 ) - if( readbytes & 0x3 ){ - lcdPrint("readbytes&3"); - lcdRefresh(); - while(1); - return -1; - } - if( checksignature ){ - uint32_t mac[4]; - uint32_t *data = (uint32_t*)dst; - uint32_t len = readbytes/4; - xxtea_cbcmac(mac, (uint32_t*)dst, len-4, signature_key); - if( data[len-4] != mac[0] || data[len-3] != mac[1] - || data[len-2] != mac[2] || data[len-1] != mac[3] ){ - lcdClear(); - lcdPrint("mac wrong");lcdNl(); - lcdPrintIntHex(mac[0]); lcdNl(); - lcdPrintIntHex(mac[1]); lcdNl(); - lcdPrintIntHex(mac[2]); lcdNl(); - lcdPrintIntHex(mac[3]); lcdNl(); - lcdRefresh(); - while(1); - return -1; - } - //lcdPrint("macok"); - //lcdRefresh(); - //while(1); +#ifdef ENCRYPT_L0DABLE + uint32_t *data; + uint32_t len; + if( readbytes & 0x3 ){ + lcdPrint("readbytes&3"); + lcdRefresh(); + while(1); + return -1; } - - if( decode ){ - uint32_t *data = (uint32_t*)dst; - uint32_t len = readbytes/4; - xxtea_decode_words(data, len-4, decode_key); + uint32_t mac[4]; + data = (uint32_t*)dst; + len = readbytes/4; + xxtea_cbcmac(mac, (uint32_t*)dst, len-4, l0dable_sign_key); + if( data[len-4] != mac[0] || data[len-3] != mac[1] + || data[len-2] != mac[2] || data[len-1] != mac[3] ){ + lcdClear(); + lcdPrint("mac wrong");lcdNl(); + lcdPrintIntHex(mac[0]); lcdNl(); + lcdPrintIntHex(mac[1]); lcdNl(); + lcdPrintIntHex(mac[2]); lcdNl(); + lcdPrintIntHex(mac[3]); lcdNl(); + lcdRefresh(); + while(1); + return -1; } - //lcdPrintInt(readbytes); - //lcdPrintln(" bytes"); - //lcdRefresh(); + data = (uint32_t*)dst; + len = readbytes/4; + xxtea_decode_words(data, len-4, l0dable_crypt_key); +#endif dst=(void (*)(void)) ((uint32_t)(dst) | 1); // Enable Thumb mode! dst(); @@ -103,6 +91,6 @@ void executeSelect(char *ext){ filename[2]=0; if( selectFile(filename+2,ext) == 0) - execute_file(filename,0,0); + execute_file(filename); }; diff --git a/firmware/filesystem/execute.h b/firmware/filesystem/execute.h index 4e2c654..50a9a53 100644 --- a/firmware/filesystem/execute.h +++ b/firmware/filesystem/execute.h @@ -1,7 +1,7 @@ #ifndef _EXECUTE_H_ #define _EXECUTE_H_ -uint8_t execute_file (const char * fname, uint8_t checksignature, uint8_t decode); +uint8_t execute_file (const char * fname); void executeSelect(char *ext); #endif