Store.pt
Seems to store the keys the bootloader needs to check against when flashing something. Notice nothing on this post is for sure, it's just what it looks like from my point of view. Don't take it too seriously.
Part1
Header:
Code:
00000000 53 59 45 4b 2c 00 00 00 00 00 01 00 00 00 00 00 |SYEK,...........|
00000010 00 00 00 00 01 00 00 00 01 00 00 00 20 00 00 00 |............ ...|
Notice the 'keys' backwards?
Then each key starts with 'NOKIAKEY'. and 0x00 0x00 0x00 afterwards. Then each key has an hex value, looks like some kind of identifier:
Key1: 0x72
Key2: 0x73
Key3: 0x74
Key4: 0x71
Key 1?
Code:
000003c0 00 00 00 00 28 01 00 00 4e 4f 4b 49 41 4b 45 59 |....(...NOKIAKEY|
000003d0 00 00 00 72 b2 b5 e3 bf 65 74 b6 e6 fd 07 e5 c9 |...r....et......|
000003e0 1e fb 9e 27 0d 19 bc f5 08 f7 0e cd 76 f6 e4 ee |...'........v...|
000003f0 14 2b e8 2b a0 01 43 c3 e4 bc 91 03 e2 a3 07 1b |.+.+..C.........|
00000400 b2 85 75 87 20 6f a9 1d cf ae 43 ed 06 91 21 ed |..u. o....C...!.|
00000410 1b 07 5f fd 97 4c 57 6b bd 2c 0e bb e5 ea 6f 84 |.._..LWk.,....o.|
00000420 21 84 7f d2 2c 28 a3 12 e0 99 8a 65 4c 08 28 72 |!...,(.....eL.(r|
00000430 57 5c 8d db 8a be 73 9c 5b fd 4d 50 4e 4f 4b 49 |W\....s.[.MPNOKI|
And as soon as one key ends, the next one begins.
Key2, just after it
Code:
00000430 57 5c 8d db 8a be 73 9c 5b fd 4d 50 4e 4f 4b 49 |W\....s.[.MPNOKI|
00000440 41 4b 45 59 00 00 00 73 6b c6 1a 5f e5 d3 9a 54 |AKEY...sk.._...T|
00000450 6c 3e 24 c1 75 4f e2 18 d9 56 0d 97 08 f7 0e cd |l>$.uO...V......|
00000460 76 f6 e4 ee 14 2b e8 2b a0 01 43 c3 e4 bc 91 03 |v....+.+..C.....|
00000470 dc 0e ec 5a 3f 5f a2 e6 de 15 54 66 2f 8b b1 67 |...Z?_....Tf/..g|
00000480 cc bd 80 27 b5 e7 34 70 36 98 f7 8f 7a 6e 2a 93 |...'..4p6...zn*.|
00000490 ab a4 9d f5 e6 c0 eb b7 eb ca 30 7c 4b 22 f5 11 |..........0|K"..|
000004a0 b8 8d 02 18 32 7d 0a 7b e5 0d 24 76 d6 f5 27 63 |....2}.{..$v..'c|
Key3, just after key2
Code:
000004b0 4e 4f 4b 49 41 4b 45 59 00 00 00 74 33 8d 5f 6a |NOKIAKEY...t3._j|
000004c0 d8 e6 79 4a 6a fd eb f3 eb bf 9a 08 d6 d1 23 c2 |..yJj.........#.|
000004d0 08 f7 0e cd 76 f6 e4 ee 14 2b e8 2b a0 01 43 c3 |....v....+.+..C.|
000004e0 e4 bc 91 03 a7 a4 f0 38 66 c9 b2 bf bd f4 31 b4 |.......8f.....1.|
000004f0 af 66 10 af a1 8b ae 87 82 65 dd 2c 71 4b 71 99 |.f.......e.,qKq.|
00000500 c6 14 77 d7 b1 21 89 a6 ff 4a 81 6f 7e a6 80 e9 |..w..!...J.o~...|
00000510 92 71 da a4 4d 23 3a f8 40 5b 4c 5f 62 59 d8 b2 |.q..M#:.@[L_bY..|
00000520 3b db d5 ae 4e 4f 4b 49 41 4b 45 59 00 00 00 71 |;...NOKIAKEY...q|
And Key4
Code:
00000520 3b db d5 ae 4e 4f 4b 49 41 4b 45 59 00 00 00 71 |;...NOKIAKEY...q|
00000530 0c 20 3f 23 77 64 66 e7 55 e9 95 5a 9f 8f 9a 39 |. ?#wdf.U..Z...9|
00000540 a0 88 8b 8e 01 00 01 00 00 00 80 00 1f 54 67 40 |.............Tg@|
00000550 59 6c 23 fb e1 b7 05 21 5e ae b6 5c 5c 53 35 58 |Yl#....!^..\\S5X|
00000560 25 3c 76 18 d9 b7 b5 41 92 02 20 c9 16 4e b2 53 |%<v....A.. ..N.S|
00000570 0e 91 8a 89 bf 71 38 08 ad 6c 98 bb 15 11 0c f3 |.....q8..l......|
00000580 b4 3b 8c 2f 32 39 8d c2 b8 d0 6e 55 15 9f 62 08 |.;./29....nU..b.|
00000590 bc f2 03 9e eb d1 f8 f6
Each key seem to be 74 bytes long. Don't know if it's too little or too much.
There's quite a big chunk of data between the header and the begining of the first key. After the fourth key, there's another piece of data until the EOF which I also don't know what it is...
Code:
db b8 eb 5b 6e 9a c4 6e |...........[n..n|
000005a0 d8 d9 5f 93 d9 cb 61 c6 d9 1b ed 49 d1 bb 6f 3e |.._...a....I..o>|
000005b0 06 92 7e 38 b1 77 b9 81 28 58 01 9f 46 e7 d1 31 |..~8.w..(X..F..1|
000005c0 c1 8d 72 5e d6 11 1d 75 5e 3a 2d b2 5e f5 0b 77 |..r^...u^:-.^..w|
000005d0 9a 3d 28 a8 2e ff 95 3e 73 54 2e 3a 4d bd 4f 26 |.=(....>sT.:M.O&|
000005e0 80 8c 3e 4b b2 61 0a 15 54 29 7d b9 4b 4b ed 28 |..>K.a..T)}.KK.(|
000005f0 dd 66 c4 05 2b 01 77 d7 25 cc cf 92 fc 1a 7a 10 |.f..+.w.%.....z.|
00000600 10 b2 40 c5 0a 5c 2c 2b a7 db 99 d9 ee 64 c8 33 |..@..\,+.....d.3|
00000610 fd b8 f6 f8 fd 62 ae 62 84 06 8c 4b 13 8c 9a c6 |.....b.b...K....|
00000620 f2 1f b5 3a 8b 3d 79 2d 1a ab 69 a5 cb a8 0e f7 |...:.=y-..i.....|
00000630 06 b0 d6 23 ca f0 79 0b fd ea 92 e8 11 e7 e3 49 |...#..y........I|
00000640 e5 1b 38 f4 52 ec 07 f7 68 10 7d aa |..8.R...h.}.|
0000064c
(and on the SBL strings...)
Code:
Init security...
/sys_boot/keystore/store.pt
Plain keystore file %s found and open
/sys_boot/keystore/key.str
Keystore read & decrypt failed!
Random seed init failed!
Security init (%d @ 0x%x)
Security init status 0x%x
DETAIL: Keys 0x%08x, 0x%08x, 0x%08x, 0x%08x...
Security init skipped!
Which belongs to the function:
Code:
ROM:00005A8C ADR R0, aSecurityInitD0 ; "Security init (%d @ 0x%x)"
ROM:00005A90 BL sub_1DED8
ROM:00005A94 LDR R0, [SP,#0xC]
ROM:00005A98 LDR R1, [SP,#8]
ROM:00005A9C MOV R3, #0x24 ; '$'
ROM:00005AA0 MOV R2, R4
ROM:00005AA4 BL sub_1EE18
ROM:00005AA8 MOV R1, R0
ROM:00005AAC ADR R0, aSecurityInitSt ; "Security init status 0x%x"
ROM:00005AB0 BL sub_1DED8
ROM:00005AB4 LDR R4, [SP,#0xC]
ROM:00005AB8 ADD R0, R4, #0xC
ROM:00005ABC BL sub_36184
ROM:00005AC0 MOV R5, R0
ROM:00005AC4 ADD R0, R4, #8
ROM:00005AC8 BL sub_36184
ROM:00005ACC MOV R6, R0
ROM:00005AD0 ADD R0, R4, #4
ROM:00005AD4 BL sub_36184
ROM:00005AD8 MOV R7, R0
ROM:00005ADC MOV R0, R4
ROM:00005AE0 BL sub_36184
ROM:00005AE4 MOV R1, R0
ROM:00005AE8 ADR R0, aDetailKeys0x08 ; "DETAIL: Keys 0x%08x, 0x%08x, 0x%08x, 0x"...
Anyone seeing some recognizable pattern somewhere?
Did anyone already look at that and I'm wasting my time?
New: XDA launches forum for app developers. Discuss coding, tools, marketing, and more.
>
DEV ONLY - NAND access + Full Unlock for Lumia 710 & 800
Print
Email
View Profile
View Forum Posts
.gif "Germany - O2 (Viag Interkom)")
Follow on Twitter
Visit Homepage
View Facebook page
Subscribe
