From 7c9e7ec707b9aa9e40c8e7ebdbbf1138cef85bb1 Mon Sep 17 00:00:00 2001 From: Amaury Pouly Date: Wed, 27 Jun 2012 14:50:39 +0200 Subject: [PATCH] sbtools: add option to force sb dump In the case of encrypted SB files without any key match, it is still possible to dump the section headers. The force option allows one to do so. It also allows to dump unencrypted sections of encrypted files if there are some. Change-Id: I36280230679ac5903f9c451c68c276f5c6959536 --- utils/imxtools/sbtools/misc.c | 1 + utils/imxtools/sbtools/misc.h | 1 + utils/imxtools/sbtools/sb.c | 31 +++++++++++++++++++++++++++---- utils/imxtools/sbtools/sbtoelf.c | 11 ++++++++--- 4 files changed, 37 insertions(+), 7 deletions(-) diff --git a/utils/imxtools/sbtools/misc.c b/utils/imxtools/sbtools/misc.c index fce71ae0cd..ec9b8c2a27 100644 --- a/utils/imxtools/sbtools/misc.c +++ b/utils/imxtools/sbtools/misc.c @@ -25,6 +25,7 @@ #include "misc.h" bool g_debug = false; +bool g_force = false; /** * Misc diff --git a/utils/imxtools/sbtools/misc.h b/utils/imxtools/sbtools/misc.h index 4df9bbe957..f5bba9164f 100644 --- a/utils/imxtools/sbtools/misc.h +++ b/utils/imxtools/sbtools/misc.h @@ -33,6 +33,7 @@ #define ROUND_UP(val, round) ((((val) + (round) - 1) / (round)) * (round)) extern bool g_debug; +extern bool g_force; typedef struct crypto_key_t *key_array_t; int g_nr_keys; diff --git a/utils/imxtools/sbtools/sb.c b/utils/imxtools/sbtools/sb.c index 9b97509491..78f98b5985 100644 --- a/utils/imxtools/sbtools/sb.c +++ b/utils/imxtools/sbtools/sb.c @@ -503,7 +503,7 @@ static struct sb_section_t *read_section(bool data_sec, uint32_t id, byte *buf, printf(OFF, "%s", indent); uint8_t checksum = instruction_checksum(hdr); if(checksum != hdr->checksum) - fatal(SB_CHECKSUM_ERROR, "Bad instruction checksum"); + fatal(SB_CHECKSUM_ERROR, "Bad instruction checksum\n"); if(hdr->flags != 0) { printf(GREY, "["); @@ -788,7 +788,8 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi printf(BLUE, "Encryption keys\n"); for(int i = 0; i < g_nr_keys; i++) { - printf(RED, " Key %d: ", i); + printf(RED, " Key %d\n", i), + printf(GREEN, " Key: "); printf(YELLOW, ""); print_key(&g_key_array[i], true); printf(GREEN, " CBC-MAC: "); @@ -859,7 +860,12 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi free(cbcmacs); if(!valid_key) - fatal(SB_NO_VALID_KEY, "No valid key found\n"); + { + if(g_force) + printf(GREY, " No valid key found\n"); + else + fatal(SB_NO_VALID_KEY, "No valid key found\n"); + } if(getenv("SB_REAL_KEY") != 0) { @@ -868,6 +874,12 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi if(!parse_key(&env, &k) || *env) fatal(SB_ERROR, "Invalid SB_REAL_KEY\n"); memcpy(real_key, k.u.key, 16); + /* assume the key is valid */ + if(valid_key) + printf(GREY, " Overriding real key\n"); + else + printf(GREY, " Assuming real key is ok\n"); + valid_key = true; } printf(RED, " Summary:\n"); @@ -916,6 +928,13 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi if(encrypted) printf(RED, " (Encrypted)"); printf(OFF, "\n"); + + /* skip it if we cannot decrypt it */ + if(encrypted && !valid_key) + { + printf(GREY, " Skipping section content (no valid key)\n"); + continue; + } /* save it */ byte *sec = xmalloc(size); @@ -939,7 +958,7 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi free(sec); } } - else + else if(valid_key) { /* advanced raw mode */ printf(BLUE, "Commands\n"); @@ -1041,6 +1060,10 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, bool raw_mode, voi } } } + else + { + printf(GREY, "Cannot read content in raw mode without a valid key\n"); + } /* final signature */ printf(BLUE, "Final signature:\n"); diff --git a/utils/imxtools/sbtools/sbtoelf.c b/utils/imxtools/sbtools/sbtoelf.c index c1d1e9aa34..0170ea1836 100644 --- a/utils/imxtools/sbtools/sbtoelf.c +++ b/utils/imxtools/sbtools/sbtoelf.c @@ -169,6 +169,7 @@ static void usage(void) printf(" -a/--add-key \tAdd single key (hex or usbotp)\n"); printf(" -n/--no-color\tDisable output colors\n"); printf(" -l/--loopback \tProduce sb file out of extracted description*\n"); + printf(" -f/--force\tForce reading even without a key*\n"); printf("Options marked with a * are for debug purpose only\n"); exit(1); } @@ -204,10 +205,11 @@ int main(int argc, char **argv) {"add-key", required_argument, 0, 'a'}, {"no-color", no_argument, 0, 'n'}, {"loopback", required_argument, 0, 'l'}, + {"force", no_argument, 0, 'f' }, {0, 0, 0, 0} }; - int c = getopt_long(argc, argv, "?do:k:zra:nl:", long_options, NULL); + int c = getopt_long(argc, argv, "?do:k:zra:nl:f", long_options, NULL); if(c == -1) break; switch(c) @@ -231,6 +233,9 @@ int main(int argc, char **argv) case 'o': g_out_prefix = optarg; break; + case 'f': + g_force = true; + break; case 'k': { if(!add_keys_from_file(optarg)) @@ -250,9 +255,9 @@ int main(int argc, char **argv) struct crypto_key_t key; char *s = optarg; if(!parse_key(&s, &key)) - bug("Invalid key specified as argument"); + bug("Invalid key specified as argument\n"); if(*s != 0) - bug("Trailing characters after key specified as argument"); + bug("Trailing characters after key specified as argument\n"); add_keys(&key, 1); break; } -- 2.11.4.GIT