1 /***************************************************************************
3 * Open \______ \ ____ ____ | | _\_ |__ _______ ___
4 * Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
5 * Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
6 * Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
10 * Copyright (C) 2010 Bertrik Sikken
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
18 * KIND, either express or implied.
20 ****************************************************************************/
23 * .sb file parser and chunk extractor
25 * Based on amsinfo, which is
26 * Copyright © 2008 Rafaël Carré <rafael.carre@gmail.com>
29 #define _ISOC99_SOURCE /* snprintf() */
46 /* all blocks are sized as a multiple of 0x1ff */
47 #define PAD_TO_BOUNDARY(x) (((x) + 0x1ff) & ~0x1ff)
49 /* If you find a firmware that breaks the known format ^^ */
50 #define assert(a) do { if(!(a)) { fprintf(stderr,"Assertion \"%s\" failed in %s() line %d!\n\nPlease send us your firmware!\n",#a,__func__,__LINE__); exit(1); } } while(0)
52 #define crypto_cbc(...) \
53 do { int ret = crypto_cbc(__VA_ARGS__); \
54 if(ret != CRYPTO_ERROR_SUCCESS) \
55 bug("crypto_cbc error: %d\n", ret); \
60 static char *g_out_prefix
;
61 static bool g_elf_simplify
= true;
63 static void elf_printf(void *user
, bool error
, const char *fmt
, ...)
65 if(!g_debug
&& !error
)
74 static void elf_write(void *user
, uint32_t addr
, const void *buf
, size_t count
)
77 fseek(f
, addr
, SEEK_SET
);
78 fwrite(buf
, count
, 1, f
);
81 static void extract_elf_section(struct elf_params_t
*elf
, int count
, uint32_t id
)
84 char *filename
= xmalloc(strlen(g_out_prefix
) + 32);
85 sb_fill_section_name(name
, id
);
86 sprintf(filename
, "%s%s.%d.elf", g_out_prefix
, name
, count
);
88 printf("Write boot section %s to %s\n", name
, filename
);
90 FILE *fd
= fopen(filename
, "wb");
97 elf_write_file(elf
, elf_write
, elf_printf
, fd
);
101 static void extract_sb_section(struct sb_section_t
*sec
)
106 char *filename
= xmalloc(strlen(g_out_prefix
) + 32);
107 sb_fill_section_name(sec_name
, sec
->identifier
);
108 sprintf(filename
, "%s%s.bin", g_out_prefix
, sec_name
);
109 FILE *fd
= fopen(filename
, "wb");
111 bugp("Cannot open %s for writing\n", filename
);
113 printf("Write data section %s to %s\n", sec_name
, filename
);
116 for(int j
= 0; j
< sec
->nr_insts
; j
++)
118 assert(sec
->insts
[j
].inst
== SB_INST_DATA
);
119 fwrite(sec
->insts
[j
].data
, sec
->insts
[j
].size
, 1, fd
);
125 struct elf_params_t elf
;
128 for(int i
= 0; i
< sec
->nr_insts
; i
++)
130 struct sb_inst_t
*inst
= &sec
->insts
[i
];
134 elf_add_load_section(&elf
, inst
->addr
, inst
->size
, inst
->data
);
137 elf_add_fill_section(&elf
, inst
->addr
, inst
->size
, inst
->pattern
);
141 elf_set_start_addr(&elf
, inst
->addr
);
142 extract_elf_section(&elf
, elf_count
++, sec
->identifier
);
147 /* ignore mode and nop */
152 if(!elf_is_empty(&elf
))
153 extract_elf_section(&elf
, elf_count
, sec
->identifier
);
157 static void extract_sb_file(struct sb_file_t
*file
)
159 for(int i
= 0; i
< file
->nr_sections
; i
++)
160 extract_sb_section(&file
->sections
[i
]);
163 static void extract_elf(struct elf_params_t
*elf
, int count
)
165 char *filename
= xmalloc(strlen(g_out_prefix
) + 32);
166 sprintf(filename
, "%s.%d.elf", g_out_prefix
, count
);
168 printf("Write boot content to %s\n", filename
);
170 FILE *fd
= fopen(filename
, "wb");
177 elf_write_file(elf
, elf_write
, elf_printf
, fd
);
181 static void extract_sb1_file(struct sb1_file_t
*file
)
184 struct elf_params_t elf
;
187 for(int i
= 0; i
< file
->nr_insts
; i
++)
189 struct sb1_inst_t
*inst
= &file
->insts
[i
];
193 elf_add_load_section(&elf
, inst
->addr
, inst
->size
, inst
->data
);
196 elf_add_fill_section(&elf
, inst
->addr
, inst
->size
, inst
->pattern
);
200 elf_set_start_addr(&elf
, inst
->addr
);
201 extract_elf(&elf
, elf_count
++);
206 /* ignore mode and nop */
211 if(!elf_is_empty(&elf
))
212 extract_elf(&elf
, elf_count
);
216 static void usage(void)
218 printf("Usage: sbtoelf [options] sb-file\n");
219 printf("Options:\n");
220 printf(" -?/--help\tDisplay this message\n");
221 printf(" -o <prefix>\tEnable output and set prefix\n");
222 printf(" -d/--debug\tEnable debug output*\n");
223 printf(" -k <file>\tAdd key file\n");
224 printf(" -z\t\tAdd zero key\n");
225 printf(" -r\t\tUse raw command mode\n");
226 printf(" -a/--add-key <key>\tAdd single key (hex or usbotp)\n");
227 printf(" -n/--no-color\tDisable output colors\n");
228 printf(" -l/--loopback <file>\tProduce sb file out of extracted description*\n");
229 printf(" -f/--force\tForce reading even without a key*\n");
230 printf(" -1/--v1\tForce to read file as a version 1 file\n");
231 printf(" -2/--v2\tForce to read file as a version 2 file\n");
232 printf(" -s/--no-simpl\tPrevent elf files from being simplified*\n");
233 printf(" -x\t\tUse default sb1 key\n");
234 printf("Options marked with a * are for debug purpose only\n");
238 static void sb_printf(void *user
, bool error
, color_t c
, const char *fmt
, ...)
249 static struct crypto_key_t g_zero_key
=
251 .method
= CRYPTO_KEY
,
257 enum sb_version_guess_t
264 enum sb_version_guess_t
guess_sb_version(const char *filename
)
266 #define ret(x) do { fclose(f); return x; } while(0)
267 FILE *f
= fopen(filename
, "rb");
269 bugp("Cannot open file for reading\n");
272 if(fseek(f
, 20, SEEK_SET
))
274 if(fread(sig
, 4, 1, f
) != 1)
276 if(memcmp(sig
, "STMP", 4) != 0)
278 // check header size (v1)
280 if(fseek(f
, 8, SEEK_SET
))
282 if(fread(&hdr_size
, 4, 1, f
) != 1)
286 // check header params relationship
289 uint16_t nr_keys
; /* Number of encryption keys */
290 uint16_t key_dict_off
; /* Offset to key dictionary (in blocks) */
291 uint16_t header_size
; /* In blocks */
292 uint16_t nr_sections
; /* Number of sections */
293 uint16_t sec_hdr_size
; /* Section header size (in blocks) */
294 } __attribute__((packed
)) u
;
295 if(fseek(f
, 0x28, SEEK_SET
))
297 if(fread(&u
, sizeof(u
), 1, f
) != 1)
299 if(u
.sec_hdr_size
== 1 && u
.header_size
== 6 && u
.key_dict_off
== u
.header_size
+ u
.nr_sections
)
305 int main(int argc
, char **argv
)
307 bool raw_mode
= false;
308 const char *loopback
= NULL
;
309 bool force_sb1
= false;
310 bool force_sb2
= false;
314 static struct option long_options
[] =
316 {"help", no_argument
, 0, '?'},
317 {"debug", no_argument
, 0, 'd'},
318 {"add-key", required_argument
, 0, 'a'},
319 {"no-color", no_argument
, 0, 'n'},
320 {"loopback", required_argument
, 0, 'l'},
321 {"force", no_argument
, 0, 'f'},
322 {"v1", no_argument
, 0, '1'},
323 {"v2", no_argument
, 0, '2'},
324 {"no-simpl", no_argument
, 0, 's'},
328 int c
= getopt_long(argc
, argv
, "?do:k:zra:nl:f12xs", long_options
, NULL
);
337 bug("Only one loopback file can be specified !\n");
350 g_out_prefix
= optarg
;
357 if(!add_keys_from_file(optarg
))
358 bug("Cannot add keys from %s\n", optarg
);
362 add_keys(&g_zero_key
, 1);
366 struct crypto_key_t key
;
367 sb1_get_default_key(&key
);
376 struct crypto_key_t key
;
378 if(!parse_key(&s
, &key
))
379 bug("Invalid key specified as argument\n");
381 bug("Trailing characters after key specified as argument\n");
392 g_elf_simplify
= false;
399 if(force_sb1
&& force_sb2
)
400 bug("You cannot force both version 1 and 2\n");
402 if(argc
- optind
!= 1)
408 const char *sb_filename
= argv
[optind
];
410 enum sb_version_guess_t ver
= guess_sb_version(sb_filename
);
412 if(force_sb2
|| ver
== SB_VERSION_2
)
415 struct sb_file_t
*file
= sb_read_file(sb_filename
, raw_mode
, NULL
, sb_printf
, &err
);
419 printf("SB read failed: %d\n", err
);
425 extract_sb_file(file
);
429 printf("[Debug output]\n");
430 sb_dump(file
, NULL
, sb_printf
);
434 /* sb_read_file will fill real key and IV but we don't want to override
435 * them when looping back otherwise the output will be inconsistent and
437 file
->override_real_key
= false;
438 file
->override_crypto_iv
= false;
439 sb_write_file(file
, loopback
);
443 else if(force_sb1
|| ver
== SB_VERSION_1
)
445 enum sb1_error_t err
;
446 struct sb1_file_t
*file
= sb1_read_file(sb_filename
, NULL
, sb_printf
, &err
);
450 printf("SB read failed: %d\n", err
);
456 extract_sb1_file(file
);
460 printf("[Debug output]\n");
461 sb1_dump(file
, NULL
, sb_printf
);
464 sb1_write_file(file
, loopback
);
471 printf("Cannot guess file type, are you sure it's a valid image ?\n");