mkey using for decryption is :
Code: Select all
unsigned char mkey[] = {0xEA,0xEA,0x51,0x2D,0xA9,0x1F,0x87,0xE1,0xC4,0x15,0x4C,0x3E,0xDB,0x7A,0xAD,0xB8};
who need, enjoy:)
Denny
and copmplete routine is :
Code: Select all
typedef struct {
char type[6];
char endian[4];
char valuex[2];
char string[32];
char model1[8];
char model2[32];
char model3[31];
char model4[5];
char size[4];
} sam_flash_struct_t;
sam_flash_struct_t *flash_file;
int main(int argc, char * argv[])
{
unsigned int filesize, i, n, b;
FILE *inputfp,*outputfp;
unsigned char buffer[1024];
unsigned char *inbuf,*outbuf;
unsigned char iv_init[0x10]= {0,};
unsigned char mkey[] = {0xEA,0xEA,0x51,0x2D,0xA9,0x1F,0x87,0xE1,0xC4,0x15,0x4C,0x3E,0xDB,0x7A,0xAD,0xB8};
int decrypt_point = 0;
memset (buffer, 0, sizeof(buffer));
for (b = 1; b < argc; b++) {
unsigned char iv[16];
int paramlen = strlen(argv[b]);
memset(buffer, 0, 1024);
memcpy(buffer, argv[b], paramlen -4);
memcpy(iv, iv_init, 16);
inputfp = fopen(argv[b], "rb");
outputfp = fopen((char*)buffer, "wb");
fseek(inputfp,0,2);
filesize=ftell(inputfp);
rewind(inputfp);
inbuf =(unsigned char*) malloc(filesize);
outbuf =(unsigned char*) malloc(filesize + 0x40);
memset (outbuf, 0, filesize + 0x40);
fread(inbuf, sizeof(unsigned char), filesize, inputfp);
flash_file=(sam_flash_struct_t *) inbuf;
decrypt_point= ( flash_file->size[0] << 24) | ( flash_file->size[1] << 16) | ( flash_file->size[2] << 8) | ( flash_file->size[3]);
memcpy(outbuf, inbuf, 0x800);
for (i = 0x800; i < decrypt_point + 0x800; i+=16) {
unsigned char *out = outbuf + i;
aes_decrypt_128(inbuf + i, outbuf + i, mkey);
for(n = 0; n < 16; n++)
out[n] ^= iv[n];
memcpy(iv, inbuf + i, 16);
}
memcpy(outbuf + decrypt_point + 0x800, inbuf + decrypt_point + 0x800, filesize -decrypt_point-0x800);
fwrite(outbuf, 1,filesize , outputfp);
fclose(outputfp);
fclose(inputfp);
free(outbuf);
free(inbuf);
}
return 0;
}