Encrypted bootloader.

**ScaleRobotics** · - 20th June 2010, 17:35

First off, I don't have any experience with this one. But it looks like it encodes/decodes with an XTEA algorithm. Key is a 16 byte code. Here is some info on it from their readme file. And best of all, it is free.

I would think that hex is hex, and whether it is PBP, CCS, etc, the hex would not look any different to a bootloader.

http://www.diolan.com/pic/bootloader_dwn.html

Code:

XTEA Encoder/Decoder
====================

XTEA Algorithm backgrounds
---------------------------
The XTEA encoder/decoder input byte stream is separated into 8 byte chunks
    [ b0 b1 b2 b3 b4 b5 b6 b7 ], [ b8 b9 ........... ], ...
Chunk is treated as two 32 bit little endian integers x1 and x2.
    For chunk0:
        x1 = (b3<<24) + (b2<<16) + (b1<<8) + b0
        x2 = (b4<<24) + (b5<<16) + (b6<<8) + b7
        
Encoding/Decoding is performed for every single chunk.

KEY is a 16 bytes string treated as key[4], where key[i] is 
32 bit little endian integer 
    KEY k0 k1 k2 k3 k4 ..... k15
        key[0] = (k3<<24) + (k2<<16) + (k1<<8) + k0 
    
DELTA is 32 bit integer constant 
    DELTA = 0x9E3779B9
    
Chunk Encoding:
    sum=0;
    for( i=0; i<XTEA_ITER; i++ )
    {
            x1 += (((x2<<4) ^ (x2>>5)) + x2) ^ (sum + key[sum&0x03]);
        sum+= DELTA;
        x2 += (((x1<<4) ^ (x1>>5)) + x1) ^ (sum + $KEY[(sum>>11)&0x03]);
    }
    
Chunk Decoding:
    sum = DELTA* XTEA_ITER;
        for( i=0; i<XTEA_ITER; i++ )
    {
        x2 -= (((x1<<4) ^ (x1>>5)) + x1) ^ (sum + key[(sum>>11)&0x03]);
        sum-= DELTA;
            x1 -= (((x2<<4) ^ (x2>>5)) + x2) ^ (sum + key[sum&0x03]);
    }        

        
XTEA Encoder/Decoder configuration
----------------------------------    
You can change following parameters to configure XTEA encoder/decoder

- XTEA encoder/decoder KEY

File        : xtea.asm
Identifier    : XTEA_KEY

- XTEA encoder/decoder number of iterations
    
File        : xtea.asm 
Identifier    : XTEA_ITERATIONS and DELTA_ITER

The number of iterations defines level of security. The 16 iterations are
quite enough for bootloader. Default value is 64 iterations.
If you change number of iterations do not forget to change DELTA_ITER,
that is precalculated value of DELTA*XTEA_ITERATIONS used by decoder 

Example:
        XTEA_ITERATIONS    equ     0x40            ; Number of iterations on x1,x2
    DELTA_ITER      db      0x40,0x6e,0xde,0x8d     ; Delta*XTEA_ITERATIONS
    

Code Protection
===============
Following Configuration Registers settings are recomended to secure 
FW from anauthorised access and protect bootloader section from undesired 
changes by external or internall agent. This setting will allow proper 
operation of bootloader but will not let any external access to FW.

Config Register  Value  Description
0x300006.bit7    1    
            Background Debug         Disabled
0x300008        0x08
            Code Protect 0x0800-0x1FFF  Enabled
            Code Protect 0x2000-0x3FFF  Enabled
            Code Protect 0x4000-0x5FFF  Enabled
0x300009    0x80
            Data EE Read Protect        Disabled
            Code Protect Boot        Enabled
0x30000A    0x0F
            Table Write Protect 0x0800-0x1FFF  Disabled
            Table Write Protect 0x2000-0x3FFF  Disabled
            Table Write Protect 0x4000-0x5FFF  Disabled
0x30000B    0x80
            Data EE Write Protect       Disabled
            Table Write Protect Boot    Enabled
            Config Write Protect        Enabled
0x30000C    0x0F
            Table Read  Protect 0x0800-0x1FFF  Disabled
            Table Read  Protect 0x2000-0x3FFF  Disabled
            Table Read  Protect 0x4000-0x5FFF  Disabled
0x30000D    0x00
            Table Read Protect Boot        Enabled

Thread: Encrypted bootloader.

Thread Tools

Search Thread

Display

Threaded View

Members who have read this thread : 0

Bookmarks

Bookmarks

Posting Permissions