> On Nov 2, 2023, at 20:16, Sebastian Schaper <open...@sebastianschaper.net> > wrote: > > This tool will encrypt/decrypt factory images requiring the "SHRS" header > e.g. COVR-C1200, COVR-P2500, COVR-X1860, DIR-878, DIR-882, ... > > Encryption is loosely based on a series of blogposts by ricksanchez [1] > and the provided code [2], as well as patches to qca-uboot found in the > GPL tarball released for D-Link COVR-P2500 Rev. A1 [3]. > > Further scripts (e.g. /lib/upgrade/) and keys were found in the GPL tarball > and/or rootfs of COVR-C1200 (the devices are based on OpenWrt Chaos Calmer > and failsafe can be entered by pressing 'f' on the serial console during > boot, allowing to access the file system of the running device). > > For newer devices like COVR-X1860 and DIR-X3260, an updated method of > vendor key derivation is implemented based on enk.txt from the GPL release. > > [1] > https://0x00sec.org/t/breaking-the-d-link-dir3060-firmware-encryption-recon-part-1/21943 > [2] https://github.com/0xricksanchez/dlink-decrypt > [3] https://tsd.dlink.com.tw/GPL.asp > > Signed-off-by: Sebastian Schaper <open...@sebastianschaper.net> > Tested-By: Alan Luck <luckyhome2...@gmail.com> > --- > > Changes from v1: > - improve formatting, replace raw strings with individual newlines to > fix build on macOS using clang
Tested and merged, thank you! Works as expected. A PR for the bump of firmware-utils is here: https://github.com/openwrt/openwrt/pull/13861 I’d be happy if you could create a PR for the device itself, I already got it running and it appears to work just fine. Best, Paul _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel