Closed SLKsander closed 1 month ago
Hi,
I'm glad you found some use for this project. Unfortunately, I have not looked into the checksum generation part, but you raise a good point; this tool should support re-encryption of the NVRAM config. I may look into that this weekend (or sooner, if I have time).
Thanks,
Scott
From: Fysac notifications@github.com Sent: Tuesday, August 18, 2020 9:00 PM To: Fysac/orbicfg orbicfg@noreply.github.com Cc: SLKsander ksander@purdue.edu; Author author@noreply.github.com Subject: Re: [Fysac/orbicfg] NVRAM checksum insight?? (#2)
Hi, I'm glad you found some use for this project. Unfortunately, I have not looked into the checksum generation part, but you raise a good point; this tool should support re-encryption of the NVRAM config. I may look into that this weekend (or sooner, if I have time). — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Fysac/orbicfg/issues/2#issuecomment-675791600 , or unsubscribe https://github.com/notifications/unsubscribe-auth/APDEED5JPBFUZYRUMYVK7LDSBMPYDANCNFSM4QD3JZOA . https://github.com/notifications/beacon/APDEEDYV7TBVL6CPKOLI6RLSBMPYDA5CNFSM4QD3JZOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOFBD4F4A.gif
An update: I've figured out how checksums are generated and have added code to verify the checksum of a config backup: https://github.com/Fysac/orbicfg/blob/0b6ddd65d93c6dc4e7a333f4c451a7874e612284/main.c#L88
The code to smoothly re-encrypt and create a valid checksum for arbitrary NVRAM entries is going to take me a bit longer, but the core logic will simply be the reverse of the function linked above. For example:
uint32_t create_checksum(unsigned char *data, size_t data_len) {
uint32_t crc = 0xffffffff;
for (int i = 0; i < data_len / sizeof(uint32_t); i++) {
crc -= *((uint32_t *) data);
data += sizeof(uint32_t);
}
return crc;
}
The data
parameter refers to the plaintext/unencrypted key-value pairs, each separated by a null byte (\0
). Note that in orbicfg's decryption output, null bytes are replaced with newlines for easier reading, so keep that in mind if you decide to implement your own encryption feature before me.
Thanks much. I will take a look and let you know.
Thanks,
Scott
From: Fysac notifications@github.com Sent: Thursday, August 27, 2020 8:33 PM To: Fysac/orbicfg orbicfg@noreply.github.com Cc: SLKsander ksander@purdue.edu; Author author@noreply.github.com Subject: Re: [Fysac/orbicfg] NVRAM checksum insight?? (#2)
An update: I've figured out how checksums are generated and have added code to verify the checksum of a config backup: https://github.com/Fysac/orbicfg/blob/0b6ddd65d93c6dc4e7a333f4c451a7874e612284/main.c#L88 The code to smoothly re-encrypt and create a valid checksum for arbitrary NVRAM entries is going to take me a bit longer, but the core logic will simply be the reverse of the function linked above. For example: uint32_t create_checksum(unsigned char data, size_t data_len) { uint32_t crc = 0xffffffff; for (int i = 0; i < data_len / sizeof(uint32_t); i++) { crc -= ((uint32_t *) data); data += sizeof(uint32_t); } return crc; } The data parameter refers to the plaintext/unencrypted key-value pairs, each separated by a null byte (\0). Note that in orbicfg's decryption output, null bytes are replaced with newlines https://github.com/Fysac/orbicfg/blob/0b6ddd65d93c6dc4e7a333f4c451a7874e612284/main.c#L77 for easier reading, so keep that in mind if you decide to implement your own encryption feature before me. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Fysac/orbicfg/issues/2#issuecomment-682258931 , or unsubscribe https://github.com/notifications/unsubscribe-auth/APDEED6DHGRRO53SOCAI4UDSC33LTANCNFSM4QD3JZOA . https://github.com/notifications/beacon/APDEEDZOSI6VXM6BNATVSJ3SC33LTA5CNFSM4QD3JZOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOFCVHD4Y.gif
Added in master branch.
First, thank for a VERY helpful utility. It has save a great deal of time. THANK YOU.
My objective is to dump orbi config, use your utility to decrypt, sort and add things, then reencrypt and reload. The major stumbling block at the moment is the checksum on the new NVRAM set. Did you work uncover any info on how the checksum is generated by datalib? Any help would be much appreciated.