FreeCalypso > hg > freecalypso-sw
view rvinterf/etmsync/pirimei.c @ 984:8c83777f856c
tfc139 reworked for the new "universal" break-in method
| author | Mychaela Falconia <falcon@ivan.Harhan.ORG> |
|---|---|
| date | Sat, 12 Dec 2015 03:17:12 +0000 |
| parents | 9b4b0fcddc77 |
| children |
line wrap: on
line source
/* * Reading and decryption of Pirelli's factory IMEI record */ #include <sys/types.h> #include <openssl/des.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <strings.h> #include "exitcodes.h" u_char pirelli_imeisv[8]; get_pirelli_imei() { DES_cblock ciphertext[2], dieid_key, decrypted[2]; DES_key_schedule keysched; int rc; static char failmsg[] = "decryption failed: no valid IMEI record or incompatible firmware\n"; printf("Requesting Calypso die ID\n"); rc = do_dieid_read(dieid_key); if (rc) return(rc); printf("Reading IMEI record in Pirelli's factory data block\n"); rc = do_memory_read(0x027F0504, ciphertext, 16); if (rc) return(rc); DES_set_key_unchecked(&dieid_key, &keysched); DES_ecb_encrypt(&ciphertext[0], &decrypted[0], &keysched, DES_DECRYPT); DES_ecb_encrypt(&ciphertext[1], &decrypted[1], &keysched, DES_DECRYPT); if (bcmp(decrypted[1], dieid_key, 8)) { printf(failmsg); return(ERROR_TARGET); } bcopy(decrypted[0], pirelli_imeisv, 8); printf("Factory IMEISV is %02X%02X%02X%02X-%02X%02X%02X-%02X\n", pirelli_imeisv[0], pirelli_imeisv[1], pirelli_imeisv[2], pirelli_imeisv[3], pirelli_imeisv[4], pirelli_imeisv[5], pirelli_imeisv[6], pirelli_imeisv[7]); return(0); }