2 files changed, 54 insertions, 0 deletions
diff --git a/include/libirecovery.h b/include/libirecovery.h
index b524cd3..9272ab4 100644
--- a/include/libirecovery.h
+++ b/include/libirecovery.h
@@ -210,6 +210,7 @@ irecv_error_t irecv_set_interface(irecv_client_t client, int interface, int alt_
 irecv_error_t irecv_get_cpid(irecv_client_t client, unsigned int* cpid);
 irecv_error_t irecv_get_bdid(irecv_client_t client, unsigned int* bdid);
 irecv_error_t irecv_get_ecid(irecv_client_t client, unsigned long long* ecid);
+irecv_error_t irecv_get_nonce(irecv_client_t client, unsigned char** nonce, int* nonce_size);
 void irecv_hexdump(unsigned char* buf, unsigned int len, unsigned int addr);
 void irecv_init();
diff --git a/libirecovery.c b/libirecovery.c
index 18763ed..f8f33ca 100644
--- a/libirecovery.c
+++ b/libirecovery.c
@@ -1059,6 +1059,59 @@ irecv_error_t irecv_get_imei(irecv_client_t client, unsigned char* imei) {
        return IRECV_E_SUCCESS;
 }
+irecv_error_t irecv_get_nonce(irecv_client_t client, unsigned char** nonce, int* nonce_size) {
+        if (check_context(client) != IRECV_E_SUCCESS) return IRECV_E_NO_DEVICE;
+        unsigned char buf[255];
+        int len;
+        *nonce = NULL;
+        *nonce_size = 0;
+        len = irecv_get_string_descriptor_ascii(client, 1, (unsigned char*) buf, 255);
+        debug("%s: got length: %d\n", __func__, len);
+        if (len < 0) {
+                return len;
+        }
+        buf[len] = 0;
+        debug("%s: buf='%s'\n", __func__, buf);
+        char* nonce_string = strstr(buf, "NONC:");
+        if (nonce_string == NULL) {
+                return IRECV_E_UNKNOWN_ERROR;
+        }
+        nonce_string+=5;
+        int nlen = (len - ((unsigned char*)nonce_string - &buf[0])) / 2;
+        unsigned char *nn = malloc(nlen);
+        if (!nn) {
+                return IRECV_E_OUT_OF_MEMORY;
+        }
+        int i = 0;
+        for (i = 0; i < nlen; i++) {
+                int val = 0;
+                if (sscanf(nonce_string+(i*2), "%02X", &val) == 1) {
+                        nn[i] = (unsigned char)val;
+                } else {
+                        debug("%s: ERROR: unexpected data in nonce result (%2s)\n", __func__, nonce_string+(i*2));
+                        break;
+                }
+        }
+        if (i != nlen) {
+                debug("%s: ERROR: unable to parse nonce\n", __func__);
+                free(nn);
+                return IRECV_E_UNKNOWN_ERROR;
+        }
+        *nonce = nn;
+        *nonce_size = nlen;
+        return IRECV_E_SUCCESS;
+}
 irecv_error_t irecv_send_exploit(irecv_client_t client) {
        if (check_context(client) != IRECV_E_SUCCESS) return IRECV_E_NO_DEVICE;
        irecv_control_transfer(client, 0x21, 2, 0, 0, NULL, 0, USB_TIMEOUT);

diff --git a/include/libirecovery.h b/include/libirecovery.h index b524cd3..9272ab4 100644 --- a/include/libirecovery.h +++ b/include/libirecovery.h
@@ -210,6 +210,7 @@ irecv_error_t irecv_set_interface(irecv_client_t client, int interface, int alt_
210	irecv_error_t irecv_get_cpid(irecv_client_t client, unsigned int* cpid);	210	irecv_error_t irecv_get_cpid(irecv_client_t client, unsigned int* cpid);
211	irecv_error_t irecv_get_bdid(irecv_client_t client, unsigned int* bdid);	211	irecv_error_t irecv_get_bdid(irecv_client_t client, unsigned int* bdid);
212	irecv_error_t irecv_get_ecid(irecv_client_t client, unsigned long long* ecid);	212	irecv_error_t irecv_get_ecid(irecv_client_t client, unsigned long long* ecid);
		213	irecv_error_t irecv_get_nonce(irecv_client_t client, unsigned char** nonce, int* nonce_size);
213	void irecv_hexdump(unsigned char* buf, unsigned int len, unsigned int addr);	214	void irecv_hexdump(unsigned char* buf, unsigned int len, unsigned int addr);
214		215
215	void irecv_init();	216	void irecv_init();


diff --git a/libirecovery.c b/libirecovery.c index 18763ed..f8f33ca 100644 --- a/libirecovery.c +++ b/libirecovery.c
@@ -1059,6 +1059,59 @@ irecv_error_t irecv_get_imei(irecv_client_t client, unsigned char* imei) {
1059	return IRECV_E_SUCCESS;	1059	return IRECV_E_SUCCESS;
1060	}	1060	}
1061		1061
		1062	irecv_error_t irecv_get_nonce(irecv_client_t client, unsigned char** nonce, int* nonce_size) {
		1063	if (check_context(client) != IRECV_E_SUCCESS) return IRECV_E_NO_DEVICE;
		1064
		1065	unsigned char buf[255];
		1066	int len;
		1067
		1068	*nonce = NULL;
		1069	*nonce_size = 0;
		1070
		1071	len = irecv_get_string_descriptor_ascii(client, 1, (unsigned char*) buf, 255);
		1072	debug("%s: got length: %d\n", __func__, len);
		1073	if (len < 0) {
		1074	return len;
		1075	}
		1076
		1077	buf[len] = 0;
		1078	debug("%s: buf='%s'\n", __func__, buf);
		1079
		1080	char* nonce_string = strstr(buf, "NONC:");
		1081	if (nonce_string == NULL) {
		1082	return IRECV_E_UNKNOWN_ERROR;
		1083	}
		1084	nonce_string+=5;
		1085
		1086	int nlen = (len - ((unsigned char*)nonce_string - &buf[0])) / 2;
		1087	unsigned char *nn = malloc(nlen);
		1088	if (!nn) {
		1089	return IRECV_E_OUT_OF_MEMORY;
		1090	}
		1091
		1092	int i = 0;
		1093	for (i = 0; i < nlen; i++) {
		1094	int val = 0;
		1095	if (sscanf(nonce_string+(i*2), "%02X", &val) == 1) {
		1096	nn[i] = (unsigned char)val;
		1097	} else {
		1098	debug("%s: ERROR: unexpected data in nonce result (%2s)\n", __func__, nonce_string+(i*2));
		1099	break;
		1100	}
		1101	}
		1102
		1103	if (i != nlen) {
		1104	debug("%s: ERROR: unable to parse nonce\n", __func__);
		1105	free(nn);
		1106	return IRECV_E_UNKNOWN_ERROR;
		1107	}
		1108
		1109	*nonce = nn;
		1110	*nonce_size = nlen;
		1111
		1112	return IRECV_E_SUCCESS;
		1113	}
		1114
1062	irecv_error_t irecv_send_exploit(irecv_client_t client) {	1115	irecv_error_t irecv_send_exploit(irecv_client_t client) {
1063	if (check_context(client) != IRECV_E_SUCCESS) return IRECV_E_NO_DEVICE;	1116	if (check_context(client) != IRECV_E_SUCCESS) return IRECV_E_NO_DEVICE;
1064	irecv_control_transfer(client, 0x21, 2, 0, 0, NULL, 0, USB_TIMEOUT);	1117	irecv_control_transfer(client, 0x21, 2, 0, 0, NULL, 0, USB_TIMEOUT);