Talk:Communication Processor: Difference between revisions
Strike Venom (talk | contribs) No edit summary |
(More infos) |
||
Line 35: | Line 35: | ||
works. (I should learn reading ;)) | works. (I should learn reading ;)) | ||
---- | |||
I would like to add that it's much easier to interact with the System Controller from the Communication Processor shell considering that Syscon on Reference tool does not require any authentication or encryption of the packets sent to it and you do get real time replies, Syscon on those units also allow many more commands than on consumer systems (even after using AUTH1/AUTH2), this can be rather useful should you want syscon to jump to your code by performing a packet overflow. | |||
The Communication Processor can also talk to the southbridge. |
Revision as of 11:03, 21 December 2012
Problem
Using this file: [[1]] (v1.0.4c2_TMU510_u.bin) -> Source
IV: 737973317347595DFB853B7B4A28105D
Hash: 46EE8C013CB4F1821E184FB74A56FCC7
update.bin = v1.0.4c2_TMU510_u.bin - first 32 bytes (IV + Hash)
openssl enc -aes-256-cbc -d -K E8ED2B817207B70C5DF9090507AF2A8982967620D692B92A59231638402DF13F -iv 737973317347595DFB853B7B4A28105D -in update.bin -out update.tar.gz
Output:
2282524:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:539:
This is a syscon firmware update, not a CP update.
CP updates are usually called reftool_cp_xxx.bin (replace xxx by version) you can find these in official sdks. Syscon firmware updates use other keys and another algorithm.
-Mathieulh
Thanks,
openssl enc -aes-256-cbc -d -K E8ED2B817207B70C5DF9090507AF2A8982967620D692B92A59231638402DF13F -iv FB306DA62E530EB13FB9D0EF8615060A -in reftool_cp_133.bin -out reftool_cp_133.tar.gz
works. (I should learn reading ;))
I would like to add that it's much easier to interact with the System Controller from the Communication Processor shell considering that Syscon on Reference tool does not require any authentication or encryption of the packets sent to it and you do get real time replies, Syscon on those units also allow many more commands than on consumer systems (even after using AUTH1/AUTH2), this can be rather useful should you want syscon to jump to your code by performing a packet overflow.
The Communication Processor can also talk to the southbridge.