search

mkst / zte-config-utility

Scripts for decoding/encoding config.bin for ZTE routers
MIT License
235 stars 77 forks source link

Add support for type 4 with signature-derived key/IV #29

Closed 811Alex closed 2 years ago

811Alex commented 2 years ago

This will add support for ZXHN H168N V3.5. The new key/IV generation is based on another script by Felis-Sapiens. Tested on files provided by @minanagehsalalma & @kies83. Fixes https://github.com/mkst/zte-config-utility/issues/11

811Alex commented 2 years ago

I'll update encode.py in a bit. Let me know if you want any changes in these, in the meantime.

mkst commented 2 years ago

Can the config XML be encrypted for type 4 (without any additional changes)?

811Alex commented 2 years ago

I need to update aes_encrypt() in encryption.py and encode.py. That should be it, though.

kies83 commented 2 years ago

There is no script yet that can re-encrypt this model's config file.

mkst commented 2 years ago

If we can decrypt, why can't we encrypt? Or are you just saying there's no script yet?

mkst commented 2 years ago

Re: other changes, I don't really like the way is_digi/is_t4 are arguments to aes_decrypt, feels very un-SOLID.. but I've not got the time to refactor it. So I'll let it slide..

kies83 commented 2 years ago

There's no script yet!

811Alex commented 2 years ago

yet this is a draft, I'll add the encryption in a moment

As for the aes_decrypt() arguments, I feel you, but at the same time, they have to get to digi_key() somehow. I'm definitely open to ideas though.

811Alex commented 2 years ago

Would you feel better about it if it was a single Enum?

mkst commented 2 years ago

It's fine - next time this function is touched I'll enforce that it's improved :)

Is it possible to add a test/tests for the type 4?

811Alex commented 2 years ago

Added the encryption and the tests.

I also made it byte-perfect, with https://github.com/mkst/zte-config-utility/pull/29/commits/26374c80a7e89b703452c7dddfd3cc52096a6cf6 I compared a couple of type 4s and a couple of type 2s and it seems that type 4s actually set the "unencrypted data length" bytes properly, hence that change. Not the biggest sample, but I think it's good enough for me.

I think that's about it for this one. How does it look?

mkst commented 2 years ago

If you're happy with this PR I'll merge it :+1:

811Alex commented 2 years ago

Yup, go for it :)

kies83 commented 2 years ago

Chapter Close!

gsxrk7 commented 2 years ago

can you check my config if it support? zte zxhn h108n 2.5v