加密IC 在android 机子上的简单应用
来源:互联网 发布:mac的路径 编辑:程序博客网 时间:2024/04/29 10:11
原理:
产生一个组随机机,写入加密IC ,再从IC 中读出来一组数,经算法计算后,判断之前的随机数和计算的结果一样,就证明此IC 为加密 IC ..因为加密算法保密和随机性比较大,防止抄板效果不错。
kernel 层:
保证 i2c 通就行。不需要额外驱动。
hardware 层,通用代码如下。如果判断没有此 IC ,就重启机子。此代码里 随机数就用的当前的时间
#define _GNU_SOURCE#include <string.h>#include <stdlib.h>#include<sys/socket.h>#include<arpa/inet.h>#include <linux/if.h>#include <sys/ioctl.h>#include <netinet/ether.h>#include <pthread.h>#include <signal.h>#include <utils/Log.h>#include <cutils/log.h>#include <hardware/hardware.h> #include <fcntl.h> #include <errno.h> #include <cutils/atomic.h> #include <stdio.h>#include <stdlib.h>#include <linux/types.h>#include <unistd.h>#include <sys/types.h>#include <sys/ioctl.h>#include <string.h>#include <time.h>#include <sys/reboot.h>#ifdef LOG_TAG#undef LOG_TAG#define LOG_TAG "encrypt_ic"#endif#define DEVICE_NAME "/dev/i2c-4" #define MODULE_NAME "iic" #define MODULE_AUTHOR "pcwung@163.com" #define I2C_RETRIES 0x0701/* number of times a device address should be polled when not acknowledging */#define I2C_TIMEOUT 0x0702/* set timeout in units of 10 ms */#define I2C_RDWR 0x0707int fd;/*********定义struct i2c_rdwr_ioctl_data和struct i2c_msg,要和内核一致*******/ struct i2c_msg { __u16 addr; /* slave address */ __u16 flags; #define I2C_M_TEN 0x0010 /* this is a ten bit chip address */ #define I2C_M_RD 0x0001 /* read data, from slave to master */ #define I2C_M_STOP 0x8000 /* if I2C_FUNC_PROTOCOL_MANGLING */ #define I2C_M_NOSTART 0x4000 /* if I2C_FUNC_NOSTART */ #define I2C_M_REV_DIR_ADDR 0x2000 /* if I2C_FUNC_PROTOCOL_MANGLING */ #define I2C_M_IGNORE_NAK 0x1000 /* if I2C_FUNC_PROTOCOL_MANGLING */ #define I2C_M_NO_RD_ACK 0x0800 /* if I2C_FUNC_PROTOCOL_MANGLING */ #define I2C_M_RECV_LEN 0x0400 /* length will be first received byte */ __u16 len; /* msg length */ __u8 *buf; /* pointer to msg data */ __u32 scl_rate; /* add by kfx */ }; /* This is the structure as used in the I2C_RDWR ioctl call */struct i2c_rdwr_ioctl_data {struct i2c_msg *msgs;/* pointers to i2c_msgs */int nmsgs; /* number of i2c_msgs */}; struct i2c_rdwr_ioctl_data iic_data;int ret;static int iic_write(unsigned char* dataBuf, unsigned char slaveAddr, unsigned char subAddr, int len) {int count = 0;unsigned char data[9];unsigned char bytes; data[0] = subAddr; memcpy(&data[1], dataBuf, 8);iic_data.nmsgs=1; (iic_data.msgs[0]).len=len; //写入地址位和数据长度 (iic_data.msgs[0]).addr=slaveAddr;// 设备地址0x50 (iic_data.msgs[0]).flags=0; //write (iic_data.msgs[0]).scl_rate = 100000; (iic_data.msgs[0]).buf=data; ret=ioctl(fd,I2C_RDWR,(unsigned long)&iic_data); if(ret<0){ ALOGI("IIC HAL ioctl error"); } return 0; } static int iic_read(unsigned char* dataBuf, unsigned char slaveAddr, unsigned char subAddr, int len) { iic_data.nmsgs=2; (iic_data.msgs[0]).len=1; (iic_data.msgs[0]).addr=slaveAddr; // 设备地址 (iic_data.msgs[0]).flags=0;//write (iic_data.msgs[0]).buf= &subAddr; (iic_data.msgs[0]).scl_rate = 100000; (iic_data.msgs[1]).len=len; (iic_data.msgs[1]).addr=slaveAddr; // 设备地址 (iic_data.msgs[1]).flags=I2C_M_RD;//read (iic_data.msgs[1]).buf= dataBuf; (iic_data.msgs[1]).scl_rate = 100000; if(ioctl(fd, I2C_RDWR,(unsigned long)&iic_data)<0){ ALOGE("ioctl read error"); } ALOGI("IIC read HAL: 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x", dataBuf[0], dataBuf[1], dataBuf[2], dataBuf[3], dataBuf[4], dataBuf[5], dataBuf[6], dataBuf[7], dataBuf[8], dataBuf[9]); return 0; }int main(int argc, char *argv[]){unsigned char write_data[8]; unsigned char read_data[10];unsigned char tx_data[10];unsigned char rx_data[8]; struct tm *time_now; time_t time_second; time(&time_second); time_now = localtime(&time_second);memset(write_data, 0x68, 8); write_data[0] = time_now->tm_sec; write_data[1] = time_now->tm_min; write_data[2] = time_now->tm_hour; write_data[3] = time_now->tm_mday; write_data[4] = time_now->tm_mon; write_data[5] = time_now->tm_year; write_data[6] = time_now->tm_wday;if((fd = open(DEVICE_NAME, O_RDWR)) == -1) { ALOGE("iic Stub hal: failed to open /dev/i2c-1 -- %s.", strerror(errno)); return -EFAULT; }else{ ALOGV("iic Stub hal: open %s successfully.", DEVICE_NAME); iic_data.nmsgs=2; iic_data.msgs=(struct i2c_msg*)malloc(iic_data.nmsgs*sizeof(struct i2c_msg)); if(!iic_data.msgs){ ALOGE("malloc error");close(fd); exit(1); }ioctl(fd, I2C_TIMEOUT, 2);//设置超时时间 ioctl(fd, I2C_RETRIES, 1);//设置重发次数 }iic_write(write_data, 0x60, 0xa0, 9); iic_read(read_data,0x60,0xa0, 10); //copy the encrypt ic data to soft input memcpy(tx_data, read_data, 10);EDesEn_Crypt(tx_data, rx_data);//ALOGI("is soft we get the data: 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x", rx_data[0], rx_data[1], rx_data[2], rx_data[3], rx_data[4], rx_data[5], rx_data[6], rx_data[7]);ALOGI("is soft we get the data: %d, %d, %d, %d, %d, %d, %d, %d", rx_data[0], rx_data[1], rx_data[2], rx_data[3], rx_data[4], rx_data[5], rx_data[6], rx_data[7]); if(memcmp(write_data, rx_data, 8) == 0 ) ALOGD("read encrypt ic OKay & the devices is hello"); else { ALOGD("read encrypt ic the devices is not hello, so reboot"); sync(); // 同步磁盘数据,将缓存数据回写到硬盘,以防数据丢失[luther.gliethttp] return reboot(RB_AUTOBOOT); }return 0;}
Android.mk 如下, licsc.a 为算法库。mm 后产生一个 i2c_write 的文件在 /system/bin/
LOCAL_PATH := $(call my-dir)include $(CLEAR_VARS)LOCAL_MODULE_TAGS := optionalLOCAL_PRELINK_MODULE := false#LOCAL_MODULE_RELATIVE_PATH := hwLOCAL_SRC_FILES := i2c_command.c# All of the shared libraries we link against.LOCAL_SHARED_LIBRARIES := \ libutils libc libcutilsLOCAL_LDFLAGS = $(LOCAL_PATH)/libsc.aLOCAL_MODULE := i2c_writeinclude $(BUILD_EXECUTABLE)
以上文件编译好后,手动可以在板子上敲命令 ./i2c_write 可以查看
I/encrypt_ic( 6299): IIC read HAL: 0xff, 0x31, 0xe7, 0xd3, 0x3f, 0x4e, 0x88, 0x2a, 0xa7, 0x5b
I/encrypt_ic( 6299): is soft we get the data: 33, 0, 13, 1, 0, 111, 6, 104
D/encrypt_ic( 6299): read encrypt ic OKay & the devices is hello
---------------------------------------------------------------------------------
测试OK 后,把其功能加到系统。
由于 android 可以定制。决定在 bootanimation 通过 init.rc 这里进行判断。
代码
--- a/frameworks/base/cmds/bootanimation/bootanimation_main.cpp+++ b/frameworks/base/cmds/bootanimation/bootanimation_main.cpp@@ -43,6 +43,8 @@ int main(int argc, char** argv) #if defined(HAVE_PTHREADS) setpriority(PRIO_PROCESS, 0, ANDROID_PRIORITY_DISPLAY); #endif+ ALOGE("!!!!!!!!!!!!!! Now check the ic encrypt . if the IC check fail .the system will be reboot");+ property_set("ctl.start", "ic_encrypt"); char value[PROPERTY_VALUE_MAX]; property_get("debug.sf.nobootanimation", value, "0");
--- a/device/rockchip/rk3288/init.rc+++ b/device/rockchip/rk3288/init.rc@@ -642,3 +642,11 @@ service drawpath /system/bin/drawpath class main disabled oneshot++ +service ic_encrypt /system/bin/i2c_write+ class main+ disabled+ oneshot ++
编译刷机后,经验证:在没有 加密ic 或者 ic 读写出错 的机子上,机子启动不了,会不断重启
read encrypt ic the devices is not hello, so reboot
在有对应加密算法会正常重启。
log 就会看到
ead encrypt ic OKay & the devices is hello
备注:
此 i2c 用的是连续写 8个字节 和 读 10 个字节的方法
- 加密IC 在android 机子上的简单应用
- 在Android机子上进行AssetBundle 读取
- AssetBundle 在Android机子上进行读取
- Unity3D - AssetBundle 在Android机子上进行读取
- Unity3D - AssetBundle 在Android机子上进行读取
- Unity3D - AssetBundle 在Android机子上进行读取
- 天地图在Android上的简单应用
- winform 在不同的机子上显示不一样的解决
- 在已有ArcGIS的机子上安装FME2011
- SqlCipher在Android上数据库的加密
- 为什么同样的程序在别人机子上可以运行,在我的机子上报错呢?error C2011
- jms在jboss上的简单应用
- AES加密技术在文件与字符串上的应用
- 用域名在自己机子上部署web应用,可通过外网访问
- 对硬盘的一种简单加密----在分区表上做手脚.
- 简单的内容加密解密,在嵌入式上实现
- 简单的内容加密解密,在嵌入式上实现
- 简单的内容加密解密,在嵌入式上实现
- nginx中configure详解
- Apache服务器的下载与安装
- 1067.Sort with Swap(0,*) (25)...to be continued...
- 公众号付费势不可挡,罗胖、轻课们开启新教育时代?
- 嵌套for循环语句的性能优化
- 加密IC 在android 机子上的简单应用
- angularjs2入门2-使用多个组件
- 【已解决】java.lang.NoSuchMethodError: javax.servlet.jsp.JspFactory.getJspApplicationContext
- QList释放指针内存
- Notepad++
- Android开发:Service和Thread的关系
- where和having的区别
- CSS自定义滚动条(scrollbar-face-color)
- 每日四个算法 -----2017年3月1号