From 828aa54618a5e417d7e12dbbffbff20533beb202 Mon Sep 17 00:00:00 2001 From: Viktor Dragomiretskyy Date: Wed, 19 Jun 2019 14:22:49 +1200 Subject: [PATCH] Added an ability to do a factory reset and partition the flash. (first steps to enable the pairing) --- .gitignore | 2 + db97.py | 33 ++-- factory-reset.py | 291 ++++++++++++++++++++++++++++++ parse-init-flash.py | 108 +++++++++++ partition-the-flash.py | 387 ++++++++++++++++++++++++++++++++++++++++ prototype.py | 16 +- timeslot-table-blobs.py | 127 ++++++++++--- tls97.py | 54 +++--- usb97.py | 7 +- 9 files changed, 954 insertions(+), 71 deletions(-) create mode 100644 factory-reset.py create mode 100644 parse-init-flash.py create mode 100644 partition-the-flash.py diff --git a/.gitignore b/.gitignore index 0c0fe4d..bdfe550 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ __pycache__ tls.dict +*.bin +*.log diff --git a/db97.py b/db97.py index e343ec1..43d6a33 100644 --- a/db97.py +++ b/db97.py @@ -170,16 +170,16 @@ class Db(): if len(name) > 0: name += b'\0' - return parse_user_storage(self.tls.app(pack(' 0: + hdr, blob4f = blob4f[:4], blob4f[4:] + id, l = unpack(' 0: + d, align, hsh, p = p[:12], p[12:12+4], p[12+4:12+4+32], p[12+4+32:] + if align != b'\0' * 4: + raise Exception('align should be blank') + m=sha256() + m.update(d) + if m.digest() != hsh: + raise Exception('Hash mismatch') + + print('block 1, blob: %s' % hexlify(d).decode()) + elif id == 5: + hdr, p = p[:4+4], p[4+4:] + + magic, keysz = unpack(' 0: - (typ, sz), b = unpack(' 0: - (off, val), p = unpack(' 0: - (off, val), p = unpack(' 0: + (typ, sz), b = unpack(' 0: + (off, val), p = unpack(' 0: + (off, val), p = unpack(' 0: + res += hmac.new(secret, a+seed, sha256).digest() + a = hmac.new(secret, a, sha256).digest() + n -= 1 + + return res[:length] # pre-TLS keys -psk_encryption_key=hmac2(password_hardcoded, hw_key) -psk_validation_key=hmac2(psk_encryption_key, gwk_sign_hardcoded) +psk_encryption_key=prf(password_hardcoded, b'GWK' + hw_key, 0x20) +psk_validation_key=prf(psk_encryption_key, b'GWK_SIGN' + gwk_sign_hardcoded, 0x20) + +def hs_key(): + key=password_hardcoded[:0x10] + seed=password_hardcoded[0x10:] + b'\xaa'*2 + hs_key=prf(key, b'HS_KEY_PAIR_GEN' + seed, 0x20) + return int(hs_key[::-1].hex(), 16) def with_2bytes_size(chunk): return pack('>H', len(chunk)) + chunk @@ -58,18 +71,6 @@ def pad(b): def unpad(b): return b[:-1-b[-1]] -def prf(secret, seed, length): - n = (length + 0x20 - 1) // 0x20 - - res = b'' - a = hmac.new(secret, seed, sha256).digest() - - while n > 0: - res += hmac.new(secret, a+seed, sha256).digest() - a = hmac.new(secret, a, sha256).digest() - n -= 1 - - return res[:length] # TODO assert the right state transitions class Tls(): @@ -80,23 +81,18 @@ class Tls(): self.secure_rx = False self.secure_tx = False - def read_flash(self, which, addr, size): - cmd = pack('cmd> %s' % hexlify(out).decode()) self.dev.write(1, out)