outCmd.c 4.21 KB
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/time.h>
#include <getopt.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <PR/bbmetadata.h>
#include <PR/bbcert.h>
#include <PR/os_bbsa.h>
#include <bbtoolsapi.h>
#include <aes_api.h>
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/rand.h>
#include <bb_nn.h>
#include <sha1.h>
#include <aes.h>
#include <util.h>

#define BLK_SIZE	16384
#define AES_BLOCK_SIZE  128

#define H2BE4(a) (htonl((a)))
#define H2BE2(a) (htons((a)))

#define MAX_KEY_SIZE 4096

int asciiToBin(char *str,int bytes,u8 *buf)
{
    int i,j;
    char t;

    for(i=0;i<bytes;i++){
        t = str[2*i];
        //t = fgetc(fp);
        if ((t >= '0') && (t <= '9')) 
            j = (t - '0') << 4;
        else if ((t >= 'a') && (t <= 'f')) 
            j = (t - 'a' + 10) << 4;
        else if ((t >= 'A') && (t <= 'F')) 
            j = (t - 'A' + 10) << 4;
        else return -1;
        
        t = str[2*i+1];
        //t = fgetc(fp);
        if ((t >= '0') && (t <= '9')) 
            j ^= (t - '0');
        else if ((t >= 'a') && (t <= 'f')) 
            j ^= (t - 'a' + 10);
        else if ((t >= 'A') && (t <= 'F')) 
            j ^= (t - 'A' + 10);
        else return -1;

        buf[i]=j;
    }
    
    return 0;
}

int readBin(char *str,u8 *buf)
{
    int num;
    FILE *fp = fopen(str,"r");
    num = fread(buf, 1, 16384, fp);
    fclose(fp);
    return num;
}

void printUsage()
{
    fprintf(stderr, "\n outCmd [-s] <file>\n");
}

int main(int argc, char* argv[]) 
{
    BbContentMetaDataHead *cmd;
    u32 virageconstants[30];
    char c, *root_string, buf[16384];
    FILE *viragefileptr;
    char tmp_name[2048];
    BbAesKey  commonkey, decryptResult;
    int serverFormat = 0;

    opterr = 0;
    while((c = getopt(argc, argv, "s:")) != (char)-1) {
        switch(c) {
        case 's':  /* server xml header info */
	    serverFormat = 1;
            break;
	default:
            printUsage();
            return 1;
	}
    }

    if(serverFormat){
        asciiToBin(argv[1], sizeof cmd,(u8 *)&cmd);
        cmd = (BbContentMetaDataHead *)buf;
    }
    else{
        readBin(argv[1],buf);
        /* now guess if in bundle or not */
        cmd = (BbContentMetaDataHead *)buf;
        if(strncmp(cmd->issuer,"Root",4) != 0){
            cmd = (BbContentMetaDataHead *)(buf + BB_CMD_DESC_SIZE);
        }
    }

    printf("id: 0x%x\n", ntohl(cmd->id));
    printf("size: 0x%x\n", ntohl(cmd->size));
    printf("bb id: 0x%x\n", ntohl(cmd->bbid));
    printf("exec: 0x%x\n", ntohl(cmd->execFlags));
    printf("hw rights: 0x%x\n", ntohl(cmd->hwAccessRights));
    printf("sk rights: 0x%x\n", ntohl(cmd->secureKernelRights));
    printf("cp: %s\n", cmd->issuer);
    printf("cp crlv: %x\n", ntohl(cmd->cpCrlVersion));
    printf("cp ca crlv: %x\n", ntohl(cmd->caCrlVersion));
    printf("iv:\n");
    printf("  %08x\n",ntohl(cmd->iv[0]));
    printf("  %08x\n",ntohl(cmd->iv[1]));
    printf("  %08x\n",ntohl(cmd->iv[2]));
    printf("  %08x\n",ntohl(cmd->iv[3]));
    printf("hash:\n");
    printf("  %08x\n",ntohl(cmd->hash[0]));
    printf("  %08x\n",ntohl(cmd->hash[1]));
    printf("  %08x\n",ntohl(cmd->hash[2]));
    printf("  %08x\n",ntohl(cmd->hash[3]));
    printf("  %08x\n",ntohl(cmd->hash[4]));

    if((root_string = getenv("ROOT")) == NULL){
        fprintf(stderr,"Root not set\n");
        exit(1);
    }
    memset(virageconstants, 0, sizeof virageconstants);
    sprintf(tmp_name,"%s/usr/host_data/%s", root_string, "virage2.in");
    if((viragefileptr = fopen(tmp_name, "r")) == NULL) {
        fprintf(stderr,"Virage input file not found\n");
        return 1;
    }
    fread(virageconstants, 4, 26, viragefileptr);
    fclose(viragefileptr);

    /* must crack the key */
    memcpy(commonkey, &virageconstants[BB_VIRAGE2_BOOTAPPKEY_LOC], 
           sizeof commonkey);
    aes_SwDecrypt((u8 *)commonkey, (u8 *)&(cmd->commonCmdIv), 
                  (u8 *)&(cmd->key), sizeof decryptResult, 
                  (u8 *)decryptResult);

    printf("key:\n");
    printf("  %08x\n",ntohl(decryptResult[0]));
    printf("  %08x\n",ntohl(decryptResult[1]));
    printf("  %08x\n",ntohl(decryptResult[2]));
    printf("  %08x\n",ntohl(decryptResult[3]));

    return 0;
}