1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright (C) 2013 Jeff Kent <jeff@jkent.net>
5 * This tool encrypts and decrypts uImage formatted firmware for Hilink
6 * HLK-RM04 wireless modules. It will also truncate a dump of mtd6 and make
7 * it an image suitable for flashing via the stock firmware upgrade page.
10 * gcc -lcrypto hlkcrypt.c -o hlkcrypt
13 #include <arpa/inet.h>
17 #include <openssl/des.h>
23 #include <sys/types.h>
27 #define DES_KEY "H@L9K*(3"
31 ({ __typeof__ (a) _a = (a); \
32 __typeof__ (b) _b = (b); \
36 #define IH_MAGIC 0x27051956
38 typedef struct image_header
{
39 uint32_t ih_magic
; /* Image Header Magic Number */
40 uint32_t ih_hcrc
; /* Image Header CRC Checksum */
41 uint32_t ih_time
; /* Image Creation Timestamp */
42 uint32_t ih_size
; /* Image Data Size */
43 uint32_t ih_load
; /* Data Load Address */
44 uint32_t ih_ep
; /* Entry Point Address */
45 uint32_t ih_dcrc
; /* Image Data CRC Checksum */
46 uint8_t ih_os
; /* Operating System */
47 uint8_t ih_arch
; /* CPU architecture */
48 uint8_t ih_type
; /* Image Type */
49 uint8_t ih_comp
; /* Compression Type */
50 uint8_t ih_name
[IH_NMLEN
]; /* Image Name */
53 static int temp_fd
= -1;
54 static DES_key_schedule schedule
;
56 static void show_usage(const char *arg0
);
57 static void exit_cleanup(void);
58 static void copy_file(int src
, int dst
);
59 static void do_encrypt(void *p
, off_t len
);
60 static void do_decrypt(void *p
, off_t len
);
63 int main(int argc
, char **argv
)
69 char *input_filename
= NULL
;
70 char *output_filename
= NULL
;
76 char buf
[sizeof(image_header_t
) + 3];
77 image_header_t
*header
;
80 static struct option long_options
[] = {
81 {"encrypt", no_argument
, 0, 'e'},
82 {"decrypt", no_argument
, 0, 'd'},
83 {"input", required_argument
, 0, 'i'},
84 {"output", required_argument
, 0, 'o'},
88 int c
= getopt_long(argc
, argv
, "dei:o:",
89 long_options
, &option_index
);
96 if (decrypt_opt
> 1) {
97 fprintf(stderr
, "%s: decrypt may only be specified once\n",
105 if (encrypt_opt
> 1) {
106 fprintf(stderr
, "%s: encrypt may only be specified once\n",
115 fprintf(stderr
, "%s: only one input file may be specified\n",
119 if (strcmp("-", optarg
) != 0) {
120 input_filename
= optarg
;
126 if (output_opt
> 1) {
127 fprintf(stderr
, "%s: only one output file may be specified\n",
131 if (strcmp("-", optarg
) != 0) {
132 output_filename
= optarg
;
144 if (decrypt_opt
&& encrypt_opt
) {
145 fprintf(stderr
, "%s: decrypt and encrypt may not be used together\n",
150 if (!decrypt_opt
&& !encrypt_opt
) {
151 fprintf(stderr
, "%s: neither decrypt or encrypt were specified\n",
156 temp_fd
= fileno(tmpfile());
158 fprintf(stderr
, "Can't create temporary file\n");
162 atexit(exit_cleanup
);
163 DES_set_key_unchecked((const_DES_cblock
*)DES_KEY
, &schedule
);
165 if (input_filename
) {
166 input_fd
= open(input_filename
, O_RDONLY
);
168 fprintf(stderr
, "Can't open %s for reading: %s\n", input_filename
,
172 copy_file(input_fd
, temp_fd
);
176 copy_file(STDIN_FILENO
, temp_fd
);
179 file_len
= lseek(temp_fd
, 0, SEEK_CUR
);
181 fprintf(stderr
, "Not enough data\n");
185 p
= mmap(0, file_len
, PROT_READ
|PROT_WRITE
, MAP_SHARED
, temp_fd
, 0);
186 if (p
== MAP_FAILED
) {
187 fprintf(stderr
, "mmap failed: %s\n", strerror(errno
));
192 header
= (image_header_t
*)p
;
193 off_t len
= min(file_len
,
194 ntohl(header
->ih_size
) + sizeof(image_header_t
));
195 if (ntohl(header
->ih_magic
) != IH_MAGIC
) {
196 fprintf(stderr
, "Header magic incorrect: "
197 "expected 0x%08X, got 0x%08X\n",
198 IH_MAGIC
, ntohl(header
->ih_magic
));
204 if (len
!= file_len
) {
205 if (ftruncate(temp_fd
, len
) < 0) {
206 fprintf(stderr
, "ftruncate failed: %s\n", strerror(errno
));
213 off_t header_len
= min(file_len
, sizeof(image_header_t
) + 3);
214 memcpy(buf
, p
, header_len
);
215 do_decrypt(buf
, header_len
);
216 header
= (image_header_t
*)buf
;
217 if (ntohl(header
->ih_magic
) != IH_MAGIC
) {
218 fprintf(stderr
, "Header magic incorrect: "
219 "expected 0x%08X, got 0x%08X\n",
220 IH_MAGIC
, ntohl(header
->ih_magic
));
223 do_decrypt(p
, file_len
);
227 lseek(temp_fd
, 0, SEEK_SET
);
228 if (output_filename
) {
229 output_fd
= creat(output_filename
, S_IRUSR
|S_IWUSR
|S_IRGRP
|S_IROTH
);
231 fprintf(stderr
, "Can't open %s for writing: %s\n",
232 output_filename
, strerror(errno
));
235 copy_file(temp_fd
, output_fd
);
239 copy_file(temp_fd
, STDOUT_FILENO
);
246 static void show_usage(const char *arg0
)
248 fprintf(stderr
, "usage: %s -d|-e [-i FILE] [-o FILE]\n\n", arg0
);
249 fprintf(stderr
, "%-15s %s\n", "-d, --decrypt", "decrypt data");
250 fprintf(stderr
, "%-15s %s\n", "-e, --encrypt", "encrypt data");
251 fprintf(stderr
, "%-15s %s\n", "-i, --input", "intput file (defaults to stdin)");
252 fprintf(stderr
, "%-15s %s\n", "-o, --output", "output file (defaults to stdout)");
256 static void exit_cleanup(void)
263 static void copy_file(int src
, int dst
)
268 while ((size
= read(src
, buf
, 4096)) > 0) {
269 write(dst
, buf
, size
);
273 static void do_encrypt(void *p
, off_t len
)
278 num_blocks
= len
/ 8;
279 pblock
= (DES_cblock
*) p
;
280 while (num_blocks
--) {
281 DES_ecb_encrypt(pblock
, pblock
, &schedule
, DES_ENCRYPT
);
285 num_blocks
= (len
- 3) / 8;
286 pblock
= (DES_cblock
*) (p
+ 3);
287 while (num_blocks
--) {
288 DES_ecb_encrypt(pblock
, pblock
, &schedule
, DES_ENCRYPT
);
293 static void do_decrypt(void *p
, off_t len
)
298 num_blocks
= (len
- 3) / 8;
299 pblock
= (DES_cblock
*) (p
+ 3);
300 while (num_blocks
--) {
301 DES_ecb_encrypt(pblock
, pblock
, &schedule
, DES_DECRYPT
);
305 num_blocks
= len
/ 8;
306 pblock
= (DES_cblock
*) p
;
307 while (num_blocks
--) {
308 DES_ecb_encrypt(pblock
, pblock
, &schedule
, DES_DECRYPT
);