def generatetoken(self, program=False, device_timestamp=None): # setswprojmodel timestamp = str(int(time.time())) ha = cryptutils().hash() h1 = self.prodkey + self.ModelVerifyPrjName + self.random_postfix ModelVerifyHashToken = hexlify(ha.sha256(bytes( h1, 'utf-8'))).decode('utf-8').upper() # 0x1c[0x10] 0x4 0x90 0x7f 0x3e ModelVerifyHashToken/verify_hash h2 = self.prodkey + self.ModelVerifyPrjName + self.soc_sn + self.Version + timestamp + \ ModelVerifyHashToken + "8f7359c8a2951e8c" secret = hexlify(ha.sha256(bytes(h2, 'utf-8'))).decode('utf-8').upper() if program: items = [timestamp, secret] else: # 0x1C[0x10] 0x2D[0x11] 0x3E[0x41] 0x10[0x4] # 0x14[0x4] 0x90[0x40] 0x4[0x4] 0x114[0x4] 0x7F[0x10] 0xD1[0x41] items = [ self.ModelVerifyPrjName, self.random_postfix, ModelVerifyHashToken, self.ato_build_state, self.flash_mode, self.Version, self.soc_sn, self.device_id, timestamp, secret ] data = "" for item in items: data += item + "," data = data[:-1] token = self.crypt_token(data, self.pk, device_timestamp) return self.pk, token
def generatetoken(self, program=False, device_timestamp=None): timestamp = str(int(time.time())) ha = cryptutils().hash() h1 = self.prodkey + self.ModelVerifyPrjName + self.random_postfix ModelVerifyHashToken = hexlify(ha.sha256(bytes( h1, 'utf-8'))).decode('utf-8').upper() # ModelVerifyPrjName=0x1C [0] # random_postfix=0x2D [1] # verify_hash=0x3E [2] Len:0x41 # ver=0x90 [3] # cf=0x4 [4] # sn=0x14 [5] # ts=0x7f [6] Len:0x11 # secret=0xd1 (hash store) [7], len:0x41 # 0x7, Len:0x11 # 0x24, Len:0x41 # 0x1c 0x4 0x14 0x90 0x7f ModelVerifyHashToken h2 = "c4b95538c57df231" + self.ModelVerifyPrjName + self.cf + self.soc_sn + self.Version + \ timestamp + ModelVerifyHashToken + "5b0217457e49381b" secret = hexlify(ha.sha256(bytes( h2, 'utf-8'))).decode('utf-8').upper() # 0xd1 if program: items = [timestamp, secret] else: items = [ self.ModelVerifyPrjName, self.random_postfix, ModelVerifyHashToken, self.Version, self.cf, self.soc_sn, timestamp, secret ] data = "" for item in items: data += item + "," data = data[:-1] token = self.crypt_token(data, self.pk) return self.pk, token
def crypt_token(self, data, pk, decrypt=False, demacia=False): aes = cryptutils().aes() if demacia: aeskey = b"\x01\x63\xA0\xD1\xFD\xE2\x67\x11" + bytes( pk, 'utf-8') + b"\x48\x27\xC2\x08\xFB\xB0\xE6\xF0" aesiv = b"\x96\xE0\x79\x0C\xAE\x2B\xB4\xAF\x68\x4C\x36\xCB\x0B\xEC\x49\xCE" else: aeskey = b"\x10\x45\x63\x87\xE3\x7E\x23\x71" + bytes( pk, 'utf-8') + b"\xA2\xD4\xA0\x74\x0f\xD3\x28\x96" aesiv = b"\x9D\x61\x4A\x1E\xAC\x81\xC9\xB2\xD3\x76\xD7\x49\x31\x03\x63\x79" if decrypt: cdata = unhexlify(data) result = aes.aes_cbc(aeskey, aesiv, cdata) result = result.rstrip(b'\x00') if result[:16] == b"907heavyworkload": return result else: return result.decode('utf-8').split(',') else: if not demacia: while len(data) < 256: data += "\x00" pdata = bytes(data, 'utf-8') else: while len(data) < 256: data += b"\x00" pdata = data result = aes.aes_cbc(aeskey, aesiv, pdata, False) rdata = hexlify(result) return rdata.upper().decode('utf-8')
def demacia(self): """ return "<?xml version=\"1.0\" ?>\n<data>\n " + \ "<program SECTOR_SIZE_IN_BYTES=\"4096\" filename=\"param.bin\" " + \ "num_partition_sectors=\"256\" partofsingleimage=\"0\" physical_partition_number=\"0\" " + \ "read_back_verify=\"1\" start_sector=\"8456\" token=\""+token+"\" pk=\""+pk+"\" />\n</data>" """ ha = cryptutils().hash() serial = self.soc_sn while len(serial) < 10: serial = '0' + serial hash1 = "2e7006834dafe8ad" + serial + "a6674c6b039707ff" data = b"907heavyworkload" + ha.sha256(bytes(hash1, 'utf-8')) token = self.crypt_token(data, self.pk, False, True) return self.pk, token
def setswprojmodel_verify(self, pk, token, device_timestamp): self.pk = pk ha = cryptutils().hash() items = self.crypt_token(token, pk, device_timestamp, True) info = [ "ModelVerifyPrjName", "random_postfix", "ModelVerifyHashToken", "ato_build_state", "flash_mode", "Version", "soc_sn", "cf", "timestamp", "secret" ] i = 0 print() if len(info) == len(items): for item in items: print(info[i] + "=" + item) i += 1 # New # 0=ModelVerifyPrjName [param+0x1C] # 1=random_postfix [param+0x2D] # 2=hash [param_1+0xd1] # 3=[ATO Build state param+0x3E] # 4=[flash mode param_1+0x10] # 5=[img ver param+0x14] # 6=soc sn [param_1+0x90] # 7=cf [param_1+4] # 8=timestamp [param_1+0x114] # 9=secret [param_1+0x7f] hash1 = self.prodkey + items[0] + items[1] res1 = hexlify(ha.sha256(bytes(hash1, 'utf-8'))).decode('utf-8').upper() if items[2] != res1: print("Hash1 failed !") return # ModelVerifyPrjName sn ver ts ModelVerifyHashToken secret = self.prodkey + items[0] + items[6] + items[5] + items[8] + items[2] \ + "8f7359c8a2951e8c" # h2 = self.prodkey + self.ModelVerifyPrjName + self.soc_sn + self.Version + timestamp + # ModelVerifyHashToken + "8f7359c8a2951e8c" res2 = hexlify(ha.sha256(bytes(secret, 'utf-8'))).decode('utf-8').upper() if items[9] != res2: print("secret failed !") return print("setswprojmodel good") return items
def crypt_token(self, data, pk, device_timestamp, decrypt=False): aes = cryptutils().aes() aeskey = b"\x46\xA5\x97\x30\xBB\x0D\x41\xE8" + bytes(pk, 'utf-8') + \ pack("<Q", int(device_timestamp,10)) # we get this using setprocstart aesiv = b"\xDC\x91\x0D\x88\xE3\xC6\xEE\x65\xF0\xC7\x44\xB4\x02\x30\xCE\x40" if decrypt: cdata = unhexlify(data) result = aes.aes_cbc(aeskey, aesiv, cdata) result = result.rstrip(b'\x00') return result.decode('utf-8').split(',') else: while len(data) < 0x200: data += "\x00" pdata = bytes(data, 'utf-8') result = aes.aes_cbc(aeskey, aesiv, pdata, False) rdata = hexlify(result) return rdata.upper().decode('utf-8')
def setprojmodel_verify(self, pk, token): self.pk = pk ha = cryptutils().hash() items = self.crypt_token(token, pk, True, False) info = [ "Projid", "ModelVerifyHashToken", "Hash1", "FirmwareString", "CustFlag", "SOC_Serial", "Timestamp", "secret" ] i = 0 print() if len(info) == len(items): for item in items: print(info[i] + "=" + item) i += 1 # Old # 0=ModelVerifyPrjName [param+0x1C] # 1=random_postfix [param+0x2D] # 2=hash(key+0+1) [ModelVerifyHashToken param+0x3E] # 3=ver [param_1+0x90] # 4=cf [param_1+4] # 5=serial? [param_1+0x14] # 6=timestamp [param_1+0x7F] hash1 = self.prodkey + items[0] + items[1] res1 = hexlify(ha.sha256(bytes(hash1, 'utf-8'))).decode('utf-8').upper() if items[2] != res1: print("Hash1 failed !") return # ModelVerifyPrjName cf sn ver ts ModelVerifyHashToken secret = "c4b95538c57df231" + items[0] + items[4] + items[5] + items[3] + items[6] + \ items[2] + "5b0217457e49381b" res2 = hexlify(ha.sha256(bytes(secret, 'utf-8'))).decode('utf-8').upper() if items[7] != res2: print("secret failed !") return print("setprojmodel good") return items