A way to decrypt AMLSECU! boot image?

[SanyaPilot]

Hello. In your last commits I've found some commented out lines about boot.img decryption. And i want ask you about offset and length in this dd command: #dd >/dev/null if=boot.bin bs=1 skip=2304 count=9734268 of=boot_enc.bin status=none

How are they calculated? Do you know a way to decrypt an amlogic encrypted boot.img?

Sorry that I opened an issue, don't want to contact via email

[Raxone]

That "dd" line is from s905x3 script, not work on s905x2 and is not calculated. On some x3 box boot.(kernel) image is only encrypted with aes key and that key is not same what is for bootloader. On x88pro X3 is 3 aes key,for bootloader,for uboot(bl33) and for kernel.

There is 2 way how facturer encrypt:

1. Use script from android source (header for key: @KEYd).Use 6-7 rsa keys.
2. Use amlogic win tool and use 1 rsa key generated with aml_encrypt_g12a.Header is (@KEYd R2SA is 2048 rsa and R1SA is 1024 rsa key ) Both version use aml_encrypt_g12a.

There is not way to decrypt AMLSECU what i know. AMLSECU use 2 way encrypt level, fist is encrypt with amlogic algorithm and than encrypt with rsa key.

[SanyaPilot]

Okay, thank you