freemyipod r277 - Code Review

Jump to: navigation, search
Repository:freemyipod
Revision:r276‎ | r277 | r278 >
Date:00:46, 23 November 2010
Author:theseven
Status:new
Tags:
Comment:
ipodcrypt: Add s5l8700-cryptnor and s5l8700-decryptnor (the encrypted binaries will only work on the very same device)
Modified paths:
  • /embios/trunk/tools/ipodcrypt.py (modified) (history)
  • /embios/trunk/tools/libipodcrypto.py (modified) (history)

Diff [purge]

Index: embios/trunk/tools/ipodcrypt.py
@@ -35,6 +35,8 @@
3636 print " s5l8701-decryptdfu <infile> <outfile>"
3737 print " s5l8701-cryptfirmware <infile> <outfile>"
3838 print " s5l8701-decryptfirmware <infile> <outfile>"
 39+ print " s5l8702-cryptnor <infile> <outfile>"
 40+ print " s5l8702-decryptnor <infile> <outfile>"
3941 exit(2)
4042
4143
@@ -53,6 +55,12 @@
5456 elif argv[1] == "s5l8701-decryptfirmware":
5557 libipodcrypto.s5l8701decryptfirmwarefile(argv[2], argv[3])
5658
 59+ elif argv[1] == "s5l8702-cryptnor":
 60+ libipodcrypto.s5l8702cryptnorfile(argv[2], argv[3])
 61+
 62+ elif argv[1] == "s5l8702-decryptnor":
 63+ libipodcrypto.s5l8702decryptnorfile(argv[2], argv[3])
 64+
5765 else: usage()
5866
5967
Index: embios/trunk/tools/libipodcrypto.py
@@ -25,6 +25,7 @@
2626 import sys
2727 import struct
2828 import time
 29+import hashlib
2930 import libembios
3031 from libembios import Error
3132 import libembiosdata
@@ -70,8 +71,28 @@
7172 return embios.read(0x08000800, len(data) - 0x800)
7273
7374
 75+def s5l8702cryptnor(data):
 76+ data = data.ljust((len(data) + 0xf) & ~0xf, "\0")
 77+ header = "87021.0\0\0\0\0\0" + struct.pack("<I", len(data)) + hashlib.sha1(data).digest()[:0x10]
 78+ embios = libembios.Embios()
 79+ embios.write(0x08000000, header.ljust(0x800, "\0") + data)
 80+ embios.lib.dev.timeout = 20000
 81+ embios.aesencrypt(0x08000800, len(data), 1)
 82+ embios.aesencrypt(0x08000010, 0x10, 1)
 83+ embios.write(0x08000040, hashlib.sha1(embios.read(0x08000000, 0x40)).digest()[:0x10])
 84+ embios.aesencrypt(0x08000040, 0x10, 1)
 85+ return embios.read(0x08000000, len(data) + 0x800)
 86+
 87+
 88+def s5l8702decryptnor(data):
 89+ embios = libembios.Embios()
 90+ embios.write(0x08000000, data[0x800:])
 91+ embios.lib.dev.timeout = 20000
 92+ embios.aesdecrypt(0x08000000, len(data) - 0x800, 1)
 93+ return embios.read(0x08000000, len(data) - 0x800)
 94+
 95+
7496 def s5l8701cryptdfufile(infile, outfile):
75 - print(outfile)
7697 infile = open(infile, "rb")
7798 outfile = open(outfile, "wb")
7899 outfile.write(s5l8701cryptdfu(infile.read()))
@@ -101,3 +122,19 @@
102123 outfile.write(s5l8701decryptfirmware(infile.read()))
103124 infile.close()
104125 outfile.close()
 126+
 127+
 128+def s5l8702cryptnorfile(infile, outfile):
 129+ infile = open(infile, "rb")
 130+ outfile = open(outfile, "wb")
 131+ outfile.write(s5l8702cryptnor(infile.read()))
 132+ infile.close()
 133+ outfile.close()
 134+
 135+
 136+def s5l8702decryptnorfile(infile, outfile):
 137+ infile = open(infile, "rb")
 138+ outfile = open(outfile, "wb")
 139+ outfile.write(s5l8702decryptnor(infile.read()))
 140+ infile.close()
 141+ outfile.close()