search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
The install window doesn't need to be wider than the other ones.
[Rockbox.git] / rbutil / irivertools.cpp
blob9b7cd5a4f30fac76de967671ffbd2923ee1ef575
1 /***************************************************************************
2 * __________ __ ___.
3 * Open \______ \ ____ ____ | | _\_ |__ _______ ___
4 * Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
5 * Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
6 * Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
7 * \/ \/ \/ \/ \/
8 * Module: rbutil
9 * File: irivertools.cpp
10 *
11 * Copyright (C) 2007 Dominik Wenger
12 *
13 * All files in this archive are subject to the GNU General Public License.
14 * See the file COPYING in the source tree root for full license agreement.
15 *
16 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
17 * KIND, either express or implied.
18 *
19 ****************************************************************************/
20
21 #include "irivertools.h"
22
23
24 const unsigned char munge[] = {
25 0x7a, 0x36, 0xc4, 0x43, 0x49, 0x6b, 0x35, 0x4e, 0xa3, 0x46, 0x25, 0x84,
26 0x4d, 0x73, 0x74, 0x61
27 };
28
29 const unsigned char header_modify[] = "* IHPFIRM-DECODED ";
30
31 const char * const models[] = { "iHP-100", "iHP-120/iHP-140", "H300 series",
32 NULL };
33
34 /* aligns with models array; expected min firmware size */
35 const unsigned int firmware_minsize[] = { 0x100000, 0x100000, 0x200000 };
36 /* aligns with models array; expected max firmware size */
37 const unsigned int firmware_maxsize[] = { 0x200000, 0x200000, 0x400000 };
38
39 const unsigned char header[][16] = {
40 { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 },
41 { 0x20, 0x03, 0x08, 0x27, 0x24, 0x00, 0x02, 0x30, 0x19, 0x17, 0x65, 0x73,
42 0x85, 0x32, 0x83, 0x22 },
43 { 0x20, 0x04, 0x03, 0x27, 0x20, 0x50, 0x01, 0x70, 0x80, 0x30, 0x80, 0x06,
44 0x30, 0x19, 0x17, 0x65 }
45 };
46
47 /* begin mkboot.c excerpt */
48 unsigned char image[0x400000 + 0x220 + 0x400000/0x200];
49
50 bool mkboot(wxString infile, wxString outfile,wxString bootloader,int origin)
51 {
52 wxString err;
53 int i;
54 int len,bllen;
55 int actual_length, total_length, binary_length, num_chksums;
56
57 memset(image, 0xff, sizeof(image));
58
59 /* First, read the iriver original firmware into the image */
60 wxFile f;
61 if(!f.Open(infile))
62 {
63 ERR_DIALOG(wxT("Could not open: ") + infile, wxT("mkboot"));
64 return false;
65 }
66 i = f.Read(image,16);
67 if(i < 16) {
68 ERR_DIALOG(wxT("reading header failed"), wxT("mkboot"));
69 return false;
70 }
71
72 /* This is the length of the binary image without the scrambling
73 overhead (but including the ESTFBINR header) */
74 binary_length = image[4] + (image[5] << 8) +
75 (image[6] << 16) + (image[7] << 24);
76
77 /* Read the rest of the binary data, but not the checksum block */
78 len = binary_length+0x200-16;
79 i = f.Read(image+16, len);
80 if(i < len) {
81 ERR_DIALOG(wxT("reading firmware failed"),wxT("mkboot"));
82 return false;
83 }
84
85 f.Close();
86 /* Now, read the boot loader into the image */
87 if(!f.Open(bootloader))
88 {
89 ERR_DIALOG(wxT("Could not open: ") + bootloader, wxT("mkboot"));
90 return false;
91 }
92
93 bllen = f.Length();
94
95 i = f.Read(image+0x220 + origin, bllen);
96 if(i < bllen) {
97 ERR_DIALOG(wxT("reading bootloader failed"), wxT("mkboot"));
98 return false;
99 }
100
101 f.Close();
102
103 if(!f.Open(outfile,wxFile::write))
104 {
105 ERR_DIALOG(wxT("Could not open: ") + outfile, wxT("mkboot"));
106 return false;
107 }
108
109 /* Patch the reset vector to start the boot loader */
110 image[0x220 + 4] = image[origin + 0x220 + 4];
111 image[0x220 + 5] = image[origin + 0x220 + 5];
112 image[0x220 + 6] = image[origin + 0x220 + 6];
113 image[0x220 + 7] = image[origin + 0x220 + 7];
114
115 /* This is the actual length of the binary, excluding all headers */
116 actual_length = origin + bllen;
117
118 /* Patch the ESTFBINR header */
119 image[0x20c] = (actual_length >> 24) & 0xff;
120 image[0x20d] = (actual_length >> 16) & 0xff;
121 image[0x20e] = (actual_length >> 8) & 0xff;
122 image[0x20f] = actual_length & 0xff;
123
124 image[0x21c] = (actual_length >> 24) & 0xff;
125 image[0x21d] = (actual_length >> 16) & 0xff;
126 image[0x21e] = (actual_length >> 8) & 0xff;
127 image[0x21f] = actual_length & 0xff;
128
129 /* This is the length of the binary, including the ESTFBINR header and
130 rounded up to the nearest 0x200 boundary */
131 binary_length = (actual_length + 0x20 + 0x1ff) & 0xfffffe00;
132
133 /* The number of checksums, i.e number of 0x200 byte blocks */
134 num_chksums = binary_length / 0x200;
135
136 /* The total file length, including all headers and checksums */
137 total_length = binary_length + num_chksums + 0x200;
138
139 /* Patch the scrambler header with the new length info */
140 image[0] = total_length & 0xff;
141 image[1] = (total_length >> 8) & 0xff;
142 image[2] = (total_length >> 16) & 0xff;
143 image[3] = (total_length >> 24) & 0xff;
144
145 image[4] = binary_length & 0xff;
146 image[5] = (binary_length >> 8) & 0xff;
147 image[6] = (binary_length >> 16) & 0xff;
148 image[7] = (binary_length >> 24) & 0xff;
149
150 image[8] = num_chksums & 0xff;
151 image[9] = (num_chksums >> 8) & 0xff;
152 image[10] = (num_chksums >> 16) & 0xff;
153 image[11] = (num_chksums >> 24) & 0xff;
154
155 i = f.Write(image,total_length);
156 if(i < total_length) {
157 ERR_DIALOG(wxT("writing bootloader failed"), wxT("mkboot"));
158 return false;
159 }
160
161 f.Close();
162
163 return true;
164 }
165
166 /* end mkboot.c excerpt */
167
168
169 int intable(char *md5, struct sumpairs *table, int len)
170 {
171 int i;
172 for (i = 0; i < len; i++) {
173 if (strncmp(md5, table[i].unpatched, 32) == 0) {
174 return i;
175 }
176 }
177 return -1;
178 }
179
180
181
182
183 static int testheader( const unsigned char * const data )
184 {
185 const unsigned char * const d = data+16;
186 const char * const * m = models;
187 int index = 0;
188 while( *m )
189 {
190 if( memcmp( header[ index ], d, 16 ) == 0 )
191 return index;
192 index++;
193 m++;
194 };
195 return -1;
196 };
197
198 static void modifyheader( unsigned char * data )
199 {
200 const unsigned char * h = header_modify;
201 int i;
202 for( i=0; i<512; i++ )
203 {
204 if( *h == '\0' )
205 h = header_modify;
206 *data++ ^= *h++;
207 };
208 };
209
210 int iriver_decode(wxString infile_name, wxString outfile_name, unsigned int modify,
211 enum striptype stripmode )
212 {
213 wxString err;
214 wxFile infile;
215 wxFile outfile;
216 int i = -1;
217 unsigned char headerdata[512];
218 unsigned long dwLength1, dwLength2, dwLength3, fp = 0;
219 unsigned char blockdata[16+16];
220 unsigned char out[16];
221 unsigned char newmunge;
222 signed long lenread;
223 int s = 0;
224 unsigned char * pChecksums, * ppChecksums = 0;
225 unsigned char ck;
226
227 if(!infile.Open(infile_name))
228 {
229 ERR_DIALOG(wxT("Could not open: ") + infile_name, wxT("iriver_decode"));
230 return -1;
231 }
232 if(!outfile.Open(outfile_name,wxFile::write))
233 {
234 ERR_DIALOG(wxT("Could not open: ") + outfile_name,
235 wxT("iriver_decode"));
236 return -1;
237 }
238 lenread = infile.Read( headerdata, 512);
239 if( lenread != 512 )
240 {
241 ERR_DIALOG(wxT("This doesn't look like a valid encrypted iHP "
242 "firmware - reason: header length\n"),wxT("iriver_decode"));
243
244 infile.Close();
245 outfile.Close();
246 return -1;
247 };
248
249 i = testheader( headerdata );
250 if( i == -1 )
251 {
252 ERR_DIALOG( wxT( "This firmware is for an unknown model, or is not"
253 " a valid encrypted iHP firmware\n" ),wxT("iriver_decode"));
254 infile.Close();
255 outfile.Close();
256 return -1;
257 };
258 fprintf( stderr, "Model %s\n", models[ i ] );
259
260 dwLength1 = headerdata[0] | (headerdata[1]<<8) |
261 (headerdata[2]<<16) | (headerdata[3]<<24);
262 dwLength2 = headerdata[4] | (headerdata[5]<<8) |
263 (headerdata[6]<<16) | (headerdata[7]<<24);
264 dwLength3 = headerdata[8] | (headerdata[9]<<8) |
265 (headerdata[10]<<16) | (headerdata[11]<<24);
266
267 if( dwLength1 < firmware_minsize[ i ] ||
268 dwLength1 > firmware_maxsize[ i ] ||
269 dwLength2 < firmware_minsize[ i ] ||
270 dwLength2 > dwLength1 ||
271 dwLength3 > dwLength1 ||
272 dwLength2>>9 != dwLength3 ||
273 dwLength2+dwLength3+512 != dwLength1 )
274 {
275 ERR_DIALOG( wxT( "This doesn't look like a valid encrypted "
276 "iHP firmware - reason: file 'length' data\n" ),wxT("iriver_decode"));
277 infile.Close();
278 outfile.Close();
279 return -1;
280 };
281
282 pChecksums = ppChecksums = (unsigned char *)( malloc( dwLength3 ) );
283
284 if( modify )
285 {
286 modifyheader( headerdata );
287 };
288
289 if( stripmode == STRIP_NONE )
290 outfile.Write( headerdata, 512);
291
292 memset( blockdata, 0, 16 );
293
294 ck = 0;
295 while( ( fp < dwLength2 ) &&
296 ( lenread = infile.Read( blockdata+16, 16) == 16) )
297 {
298 fp += 16;
299
300 for( i=0; i<16; ++i )
301 {
302 newmunge = blockdata[16+i] ^ munge[i];
303 out[i] = newmunge ^ blockdata[i];
304 blockdata[i] = newmunge;
305 ck += out[i];
306 }
307
308 if( fp > ESTF_SIZE || stripmode != STRIP_HEADER_CHECKSUM_ESTF )
309 {
310 outfile.Write( out+4, 12);
311 outfile.Write( out, 4);
312 }
313 else
314 {
315 if( ESTF_SIZE - fp < 16 )
316 {
317 memcpy( out+4, blockdata+16, 12 );
318 memcpy( out, blockdata+28, 4 );
319 outfile.Write( blockdata+16+ESTF_SIZE-fp, ESTF_SIZE-fp);
320 }
321 }
322
323
324 if( s == 496 )
325 {
326 s = 0;
327 memset( blockdata, 0, 16 );
328 *ppChecksums++ = ck;
329 ck = 0;
330 }
331 else
332 s+=16;
333 };
334
335 if( fp != dwLength2 )
336 {
337 ERR_DIALOG( wxT( "This doesn't look like a valid encrypted "
338 "iHP firmware - reason: 'length2' mismatch\n" ),wxT("iriver_decode"));
339 infile.Close();
340 outfile.Close();
341 return -1;
342 };
343
344 fp = 0;
345 ppChecksums = pChecksums;
346 while( ( fp < dwLength3 ) &&
347 ( lenread = infile.Read( blockdata, 32 ) ) > 0 )
348 {
349 fp += lenread;
350 if( stripmode == STRIP_NONE )
351 outfile.Write( blockdata, lenread );
352 if( memcmp( ppChecksums, blockdata, lenread ) != 0 )
353 {
354 ERR_DIALOG( wxT( "This doesn't look like a valid encrypted "
355 "iHP firmware - reason: Checksum mismatch!" ),wxT("iriver_decode"));
356 infile.Close();
357 outfile.Close();
358 return -1;
359 };
360 ppChecksums += lenread;
361 };
362
363 if( fp != dwLength3 )
364 {
365 ERR_DIALOG(wxT( "This doesn't look like a valid encrypted "
366 "iHP firmware - reason: 'length3' mismatch\n" ),wxT("iriver_decode"));
367 infile.Close();
368 outfile.Close();
369 return -1;
370 };
371
372
373 fprintf( stderr, "File decoded correctly and all checksums matched!\n" );
374 switch( stripmode )
375 {
376 default:
377 case STRIP_NONE:
378 fprintf(stderr, "Output file contains all headers and "
379 "checksums\n");
380 break;
381 case STRIP_HEADER_CHECKSUM:
382 fprintf( stderr, "NB: output file contains only ESTFBINR header"
383 " and decoded firmware code\n" );
384 break;
385 case STRIP_HEADER_CHECKSUM_ESTF:
386 fprintf( stderr, "NB: output file contains only raw decoded "
387 "firmware code\n" );
388 break;
389 };
390
391 infile.Close();
392 outfile.Close();
393 return 0;
394
395 };
396
397 int iriver_encode(wxString infile_name, wxString outfile_name, unsigned int modify )
398 {
399 wxString err;
400 wxFile infile;
401 wxFile outfile;
402 int i = -1;
403 unsigned char headerdata[512];
404 unsigned long dwLength1, dwLength2, dwLength3, fp = 0;
405 unsigned char blockdata[16+16];
406 unsigned char out[16];
407 unsigned char newmunge;
408 signed long lenread;
409 int s = 0;
410 unsigned char * pChecksums, * ppChecksums;
411 unsigned char ck;
412
413 if(!infile.Open(infile_name,wxFile::read))
414 {
415 ERR_DIALOG(wxT("Could not open: ") + infile_name, wxT("iriver_decode"));
416 return -1;
417 }
418 if(!outfile.Open(outfile_name,wxFile::write))
419 {
420 ERR_DIALOG(wxT("Could not open: ") + outfile_name,
421 wxT("iriver_decode"));
422 return -1;
423 }
424
425 lenread = infile.Read( headerdata, 512 );
426 if( lenread != 512 )
427 {
428 ERR_DIALOG(wxT("This doesn't look like a valid decoded "
429 "iHP firmware - reason: header length\n"), wxT("iriver_decode"));
430 infile.Close();
431 outfile.Close();
432 };
433
434 if( modify )
435 {
436 modifyheader( headerdata ); /* reversible */
437 };
438
439 i = testheader( headerdata );
440 if( i == -1 )
441 {
442 ERR_DIALOG(wxT("This firmware is for an unknown model, or is not"
443 " a valid decoded iHP firmware\n"), wxT("iriver_decode"));
444 infile.Close();
445 outfile.Close();
446 };
447 fprintf( stderr, "Model %s\n", models[ i ] );
448
449 dwLength1 = headerdata[0] | (headerdata[1]<<8) |
450 (headerdata[2]<<16) | (headerdata[3]<<24);
451 dwLength2 = headerdata[4] | (headerdata[5]<<8) |
452 (headerdata[6]<<16) | (headerdata[7]<<24);
453 dwLength3 = headerdata[8] | (headerdata[9]<<8) |
454 (headerdata[10]<<16) | (headerdata[11]<<24);
455
456 if( dwLength1 < firmware_minsize[i] ||
457 dwLength1 > firmware_maxsize[i] ||
458 dwLength2 < firmware_minsize[i] ||
459 dwLength2 > dwLength1 ||
460 dwLength3 > dwLength1 ||
461 dwLength2+dwLength3+512 != dwLength1 )
462 {
463 ERR_DIALOG(wxT("This doesn't look like a valid decoded iHP"
464 " firmware - reason: file 'length' data\n"), wxT("iriver_decode"));
465 infile.Close();
466 outfile.Close();
467 };
468
469 pChecksums = ppChecksums = (unsigned char *)( malloc( dwLength3 ) );
470
471 outfile.Write( headerdata, 512);
472
473 memset( blockdata, 0, 16 );
474 ck = 0;
475 while( ( fp < dwLength2 ) &&
476 ( lenread = infile.Read( blockdata+16, 16) ) == 16 )
477 {
478 fp += 16;
479 for( i=0; i<16; ++i )
480 {
481 newmunge = blockdata[16+((12+i)&0xf)] ^ blockdata[i];
482 out[i] = newmunge ^ munge[i];
483 ck += blockdata[16+i];
484 blockdata[i] = newmunge;
485 };
486 outfile.Write( out, 16);
487
488 if( s == 496 )
489 {
490 s = 0;
491 memset( blockdata, 0, 16 );
492 *ppChecksums++ = ck;
493 ck = 0;
494 }
495 else
496 s+=16;
497 };
498
499 if( fp != dwLength2 )
500 {
501 ERR_DIALOG(wxT("This doesn't look like a valid decoded "
502 "iHP firmware - reason: 'length1' mismatch\n"), wxT("iriver_decode"));
503 infile.Close();
504 outfile.Close();
505 };
506
507 /* write out remainder w/out applying descrambler */
508 fp = 0;
509 lenread = dwLength3;
510 ppChecksums = pChecksums;
511 while( ( fp < dwLength3) &&
512 ( lenread = outfile.Write( ppChecksums, lenread) ) > 0 )
513 {
514 fp += lenread;
515 ppChecksums += lenread;
516 lenread = dwLength3 - fp;
517 };
518
519 if( fp != dwLength3 )
520 {
521 ERR_DIALOG(wxT("This doesn't look like a valid decoded "
522 "iHP firmware - reason: 'length2' mismatch\n"), wxT("iriver_decode"));
523 infile.Close();
524 outfile.Close();
525 };
526
527 fprintf( stderr, "File encoded successfully and checksum table built!\n" );
528
529 infile.Close();
530 outfile.Close();
531 return 0;
532
533 };
534
535 bool PatchFirmware(wxString firmware,wxString bootloader,int series, int table_entry)
536 {
537 wxString name1, name2, name3;
538
539 char md5sum_str[32];
540 struct sumpairs *sums;
541 int origin;
542
543 /* get pointer to the correct bootloader.bin */
544 switch(series) {
545 case 100:
546 sums = &h100pairs[0];
547 origin = 0x1f0000;
548 break;
549 case 120:
550 sums = &h120pairs[0];
551 origin = 0x1f0000;
552 break;
553 case 300:
554 sums = &h300pairs[0];
555 origin = 0x3f0000;
556 break;
557 }
558
559 name1 = gv->stdpaths->GetUserDataDir()
560 + wxT("" PATH_SEP "download" PATH_SEP "firmware.bin"),
561 /* descrambled file */
562 name2 = gv->stdpaths->GetUserDataDir()
563 + wxT("" PATH_SEP "download" PATH_SEP "new.bin");
564 /* patched file */
565 name3 = gv->stdpaths->GetUserDataDir()
566 + wxT("" PATH_SEP "download" PATH_SEP "new.hex");
567 if (iriver_decode(firmware, name1, FALSE, STRIP_NONE) == -1) {
568 ERR_DIALOG(wxT("Error in descramble"), wxT("Descramble Firmware"));
569 wxRemoveFile(name1);
570 wxRemoveFile(name2);
571 wxRemoveFile(name3);
572 return false;
573 }
574 if (!mkboot(name1, name2, bootloader, origin)) {
575 ERR_DIALOG(wxT("Error in patching"),wxT("Patching Firmware"));
576 wxRemoveFile(name1);
577 wxRemoveFile(name2);
578 wxRemoveFile(name3);
579 return false;
580 }
581 if (iriver_encode(name2, name3, FALSE) == -1) {
582 ERR_DIALOG(wxT("Error in scramble"),wxT("Scramble Firmware"));
583 wxRemoveFile(name1);
584 wxRemoveFile(name2);
585 wxRemoveFile(name3);
586 return false;
587 }
588 /* now md5sum it */
589 if (!FileMD5(name3, md5sum_str)) {
590 ERR_DIALOG(wxT("Error in checksumming"),wxT("Checksumming Firmware"));
591 wxRemoveFile(name1);
592 wxRemoveFile(name2);
593 wxRemoveFile(name3);
594 return false;
595 }
596 if (strncmp(sums[table_entry].patched, md5sum_str, 32) == 0) {
597 /* delete temp files */
598 wxRemoveFile(name1);
599 wxRemoveFile(name2);
600 }
601
602 return true;
603 }
604
Open Source Jukebox Firmware