view rvinterf/etmsync/pirimei.c @ 1023:cd6002e3aefb

doc/Freerunner-Howto: apparently some people still use SHR, so mention it too
author Mychaela Falconia <falcon@ivan.Harhan.ORG>
date Tue, 03 May 2016 13:48:39 +0000
parents 9b4b0fcddc77
children
line wrap: on
line source

/*
 * Reading and decryption of Pirelli's factory IMEI record
 */

#include <sys/types.h>
#include <openssl/des.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include "exitcodes.h"

u_char pirelli_imeisv[8];

get_pirelli_imei()
{
	DES_cblock ciphertext[2], dieid_key, decrypted[2];
	DES_key_schedule keysched;
	int rc;
	static char failmsg[] =
	"decryption failed: no valid IMEI record or incompatible firmware\n";

	printf("Requesting Calypso die ID\n");
	rc = do_dieid_read(dieid_key);
	if (rc)
		return(rc);
	printf("Reading IMEI record in Pirelli's factory data block\n");
	rc = do_memory_read(0x027F0504, ciphertext, 16);
	if (rc)
		return(rc);
	DES_set_key_unchecked(&dieid_key, &keysched);
	DES_ecb_encrypt(&ciphertext[0], &decrypted[0], &keysched, DES_DECRYPT);
	DES_ecb_encrypt(&ciphertext[1], &decrypted[1], &keysched, DES_DECRYPT);
	if (bcmp(decrypted[1], dieid_key, 8)) {
		printf(failmsg);
		return(ERROR_TARGET);
	}
	bcopy(decrypted[0], pirelli_imeisv, 8);
	printf("Factory IMEISV is %02X%02X%02X%02X-%02X%02X%02X-%02X\n",
		pirelli_imeisv[0], pirelli_imeisv[1], pirelli_imeisv[2],
		pirelli_imeisv[3], pirelli_imeisv[4], pirelli_imeisv[5],
		pirelli_imeisv[6], pirelli_imeisv[7]);
	return(0);
}