[PATCH firmware-utils] add dlink-sge-image for D-Link devices by SGE

Paul Spooren mail at aparcar.org
Thu Nov 2 10:46:01 PDT 2023 

Hello,

> On Jun 23, 2023, at 14:06, Sebastian Schaper <openwrt at sebastianschaper.net> wrote:
> 
> This tool will encrypt/decrypt factory images requiring the "SHRS" header
> e.g. COVR-C1200, COVR-P2500, COVR-X1860, DIR-878, DIR-882, ...
> 
> Encryption is loosely based on a series of blogposts by ricksanchez [1]
> and the provided code [2], as well as patches to qca-uboot found in the
> GPL tarball released for D-Link COVR-P2500 Rev. A1 [3].
> 
> Further scripts (e.g. /lib/upgrade/) and keys were found in the GPL tarball
> and/or rootfs of COVR-C1200 (the devices are based on OpenWrt Chaos Calmer
> and failsafe can be entered by pressing 'f' on the serial console during
> boot, allowing to access the file system of the running device).
> 
> For newer devices like COVR-X1860 and DIR-X3260, an updated method of
> vendor key derivation is implemented based on enk.txt from the GPL release.
> 
> [1] https://0x00sec.org/t/breaking-the-d-link-dir3060-firmware-encryption-recon-part-1/21943
> [2] https://github.com/0xricksanchez/dlink-decrypt
> [3] https://tsd.dlink.com.tw/GPL.asp
> 
> Signed-off-by: Sebastian Schaper <openwrt at sebastianschaper.net>
> Tested-By: Alan Luck <luckyhome2008 at gmail.com>
> ---
> 
> This patch is based on previous work on PR #4174, migrated to OpenSSL EVP API
> and extended to include support for newer devices like COVR-X1860.
> 
> The intermediate development stages are tracked at
> https://github.com/s-2/firmware-utils/commits/dlink-sge-image
> and the forum thread
> https://forum.openwrt.org/t/add-support-for-d-link-covr-x1860/161862
> 

— %< —

> +/*
> +  key.pem as found in GPL tarball, e.g.:
> +  COVRP2500A1_FW101/COVRP2500_GPL_Release/package/tw-prog.priv/imgcrypt/key.pem
> +  encrypted with passphrase: "12345678"
> +*/
> +const unsigned char key_legacy_pem[] = R"(
> +-----BEGIN RSA PRIVATE KEY-----
> +Proc-Type: 4,ENCRYPTED
> +DEK-Info: AES-256-CBC,EAA1FD02CDBC7AA7E62AC821D47823F2
> +
> +1LiXFElARVvVJnikiVqZxC5FS7silmaqZ1yBOfzWuYNLaiEuvoUOylwiT0JYna94
> +nevCGjdU27GOUBsLnhGVulVuD8aiZCGBaZES5BAFtOEz0rrmpJLHxD3txLBh49rM
> +zLfn77/bMfubuhUFw+TPQ9J6SlrwK12IaMBTBTCFf06h+dkY500A0GAESgSA4Cab
> +retvT5/xtnl5jtT7zBYPbDGPDZ0fFoDSa7IqkqJ+chGz4w02UezAuKPPlNTTxD4l

— >% —

Could you please change the usage of raw strings (R”) with the less pretty `\n\` after each line? This would allow compilation on macOS which uses clang.

Apart from that I tried to get the device running based one your work. Via the web installer an upload and “successful” flash was possible, however it doesn’t boot afterwards. I'll solder a serial connection later to figure out where things go wrong.

Thanks for your work and patience!

Best,
Paul

More information about the openwrt-devel mailing list