2 * Copyright (C) 2013 Jeff Kent <jeff@jkent.net>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 * This tool encrypts and decrypts uImage formatted firmware for Hilink
18 * HLK-RM04 wireless modules. It will also truncate a dump of mtd6 and make
19 * it an image suitable for flashing via the stock firmware upgrade page.
22 * gcc -lcrypto hlkcrypt.c -o hlkcrypt
25 #include <arpa/inet.h>
29 #include <openssl/des.h>
35 #include <sys/types.h>
39 #define DES_KEY "H@L9K*(3"
43 ({ __typeof__ (a) _a = (a); \
44 __typeof__ (b) _b = (b); \
48 #define IH_MAGIC 0x27051956
50 typedef struct image_header {
51 uint32_t ih_magic; /* Image Header Magic Number */
52 uint32_t ih_hcrc; /* Image Header CRC Checksum */
53 uint32_t ih_time; /* Image Creation Timestamp */
54 uint32_t ih_size; /* Image Data Size */
55 uint32_t ih_load; /* Data Load Address */
56 uint32_t ih_ep; /* Entry Point Address */
57 uint32_t ih_dcrc; /* Image Data CRC Checksum */
58 uint8_t ih_os; /* Operating System */
59 uint8_t ih_arch; /* CPU architecture */
60 uint8_t ih_type; /* Image Type */
61 uint8_t ih_comp; /* Compression Type */
62 uint8_t ih_name[IH_NMLEN]; /* Image Name */
65 static int temp_fd = -1;
66 static DES_key_schedule schedule;
68 static void show_usage(const char *arg0);
69 static void exit_cleanup(void);
70 static void copy_file(int src, int dst);
71 static void do_encrypt(void *p, off_t len);
72 static void do_decrypt(void *p, off_t len);
75 int main(int argc, char **argv)
81 char *input_filename = NULL;
82 char *output_filename = NULL;
88 char buf[sizeof(image_header_t) + 3];
89 image_header_t *header;
92 static struct option long_options[] = {
93 {"encrypt", no_argument, 0, 'e'},
94 {"decrypt", no_argument, 0, 'd'},
95 {"input", required_argument, 0, 'i'},
96 {"output", required_argument, 0, 'o'},
100 int c = getopt_long(argc, argv, "dei:o:",
101 long_options, &option_index);
108 if (decrypt_opt > 1) {
109 fprintf(stderr, "%s: decrypt may only be specified once\n",
117 if (encrypt_opt > 1) {
118 fprintf(stderr, "%s: encrypt may only be specified once\n",
127 fprintf(stderr, "%s: only one input file may be specified\n",
131 if (strcmp("-", optarg) != 0) {
132 input_filename = optarg;
138 if (output_opt > 1) {
139 fprintf(stderr, "%s: only one output file may be specified\n",
143 if (strcmp("-", optarg) != 0) {
144 output_filename = optarg;
156 if (decrypt_opt && encrypt_opt) {
157 fprintf(stderr, "%s: decrypt and encrypt may not be used together\n",
162 if (!decrypt_opt && !encrypt_opt) {
163 fprintf(stderr, "%s: neither decrypt or encrypt were specified\n",
168 temp_fd = fileno(tmpfile());
170 fprintf(stderr, "Can't create temporary file\n");
174 atexit(exit_cleanup);
175 DES_set_key_unchecked((const_DES_cblock *)DES_KEY, &schedule);
177 if (input_filename) {
178 input_fd = open(input_filename, O_RDONLY);
180 fprintf(stderr, "Can't open %s for reading: %s\n", input_filename,
184 copy_file(input_fd, temp_fd);
188 copy_file(STDIN_FILENO, temp_fd);
191 file_len = lseek(temp_fd, 0, SEEK_CUR);
193 fprintf(stderr, "Not enough data\n");
197 p = mmap(0, file_len, PROT_READ|PROT_WRITE, MAP_SHARED, temp_fd, 0);
198 if (p == MAP_FAILED) {
199 fprintf(stderr, "mmap failed: %s\n", strerror(errno));
204 header = (image_header_t *)p;
205 off_t len = min(file_len,
206 ntohl(header->ih_size) + sizeof(image_header_t));
207 if (ntohl(header->ih_magic) != IH_MAGIC) {
208 fprintf(stderr, "Header magic incorrect: "
209 "expected 0x%08X, got 0x%08X\n",
210 IH_MAGIC, ntohl(header->ih_magic));
216 if (len != file_len) {
217 if (ftruncate(temp_fd, len) < 0) {
218 fprintf(stderr, "ftruncate failed: %s\n", strerror(errno));
225 off_t header_len = min(file_len, sizeof(image_header_t) + 3);
226 memcpy(buf, p, header_len);
227 do_decrypt(buf, header_len);
228 header = (image_header_t *)buf;
229 if (ntohl(header->ih_magic) != IH_MAGIC) {
230 fprintf(stderr, "Header magic incorrect: "
231 "expected 0x%08X, got 0x%08X\n",
232 IH_MAGIC, ntohl(header->ih_magic));
235 do_decrypt(p, file_len);
239 lseek(temp_fd, 0, SEEK_SET);
240 if (output_filename) {
241 output_fd = creat(output_filename, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
243 fprintf(stderr, "Can't open %s for writing: %s\n",
244 output_filename, strerror(errno));
247 copy_file(temp_fd, output_fd);
251 copy_file(temp_fd, STDOUT_FILENO);
258 static void show_usage(const char *arg0)
260 fprintf(stderr, "usage: %s -d|-e [-i FILE] [-o FILE]\n\n", arg0);
261 fprintf(stderr, "%-15s %s\n", "-d, --decrypt", "decrypt data");
262 fprintf(stderr, "%-15s %s\n", "-e, --encrypt", "encrypt data");
263 fprintf(stderr, "%-15s %s\n", "-i, --input", "intput file (defaults to stdin)");
264 fprintf(stderr, "%-15s %s\n", "-o, --output", "output file (defaults to stdout)");
268 static void exit_cleanup(void)
275 static void copy_file(int src, int dst)
280 while ((size = read(src, buf, 4096)) > 0) {
281 write(dst, buf, size);
285 static void do_encrypt(void *p, off_t len)
290 num_blocks = len / 8;
291 pblock = (DES_cblock *) p;
292 while (num_blocks--) {
293 DES_ecb_encrypt(pblock, pblock, &schedule, DES_ENCRYPT);
297 num_blocks = (len - 3) / 8;
298 pblock = (DES_cblock *) (p + 3);
299 while (num_blocks--) {
300 DES_ecb_encrypt(pblock, pblock, &schedule, DES_ENCRYPT);
305 static void do_decrypt(void *p, off_t len)
310 num_blocks = (len - 3) / 8;
311 pblock = (DES_cblock *) (p + 3);
312 while (num_blocks--) {
313 DES_ecb_encrypt(pblock, pblock, &schedule, DES_DECRYPT);
317 num_blocks = len / 8;
318 pblock = (DES_cblock *) p;
319 while (num_blocks--) {
320 DES_ecb_encrypt(pblock, pblock, &schedule, DES_DECRYPT);