[*] Binary protection state of se.so
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function printf tear down of se.so
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/keystore/se.so @ 0x29f8 */
| #include <stdint.h>
|
; (fcn) sym.ks_asn1_sekeydata_construct () | void ks_asn1_sekeydata_construct (int16_t arg_48h, int16_t arg_4ch, int16_t arg1, int16_t arg2, int16_t arg3, int16_t arg4) {
| int32_t var_0h;
| int32_t var_0h_2;
| int16_t var_8h;
| int16_t var_10h;
| int16_t var_14h;
| int16_t var_18h;
| int16_t var_1ch;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x000029f8 svcmi 0xf0e92d | __asm ("svcmi 0xf0e92d");
0x000029fc mov r7, r2 | r7 = r2;
0x000029fe ldr r2, [pc, 0x284] |
0x00002a00 mov sb, r3 | sb = r3;
0x00002a02 sub sp, 0x24 |
0x00002a04 movs r5, 0 | r5 = 0;
0x00002a06 ldr r3, [pc, 0x280] | r3 = *(0x2c8a);
0x00002a08 mov r6, r0 | r6 = r0;
0x00002a0a add r2, pc | r2 = 0x5694;
0x00002a0c ldr.w fp, [sp, 0x48] | fp = *(arg_48h);
0x00002a10 ldr r4, [sp, 0x4c] | r4 = *(arg_4ch);
0x00002a12 mov r8, r1 | r8 = r1;
0x00002a14 ldr r3, [r2, r3] |
0x00002a16 ldr r3, [r3] | r3 = *(0x5694);
0x00002a18 str r3, [sp, 0x1c] | var_1ch = r3;
0x00002a1a mov.w r3, 0 | r3 = 0;
0x00002a1e strd r5, r5, [sp, 0x10] | __asm ("strd r5, r5, [var_14h]");
0x00002a22 str r5, [sp, 0x18] | var_18h = r5;
0x00002a24 blx 0x1d88 | ASN1_item_d2i ();
0x00002a28 str r0, [sp, 0x14] | var_14h = r0;
0x00002a2a cmp r0, 0 |
| if (r0 == 0) {
0x00002a2c beq 0x2ae4 | goto label_3;
| }
0x00002a2e blx 0x1d70 | EVP_PKEY_new ();
0x00002a32 str r0, [sp, 0x18] | var_18h = r0;
| if (r0 != 0) {
0x00002a34 cbz r0, 0x2a70 |
0x00002a36 ldr r0, [sp, 0x14] | r0 = var_14h;
0x00002a38 mov r2, r6 | r2 = r6;
0x00002a3a mov r3, r5 | r3 = r5;
0x00002a3c blx 0x1e80 | r0 = fcn_00001e80 ();
0x00002a40 cmp r0, 1 |
| if (r0 == 1) {
0x00002a42 beq 0x2b24 | goto label_4;
| }
| if (r4 == 0) {
0x00002a44 cbz r4, 0x2aae | goto label_2;
| }
0x00002a46 ldr r6, [pc, 0x244] |
0x00002a48 movs r3, 0xa | r3 = 0xa;
0x00002a4a str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002a4e ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002a50 add r6, pc | r6 = 0x56e2;
0x00002a52 ldm r6!, {r0, r1, r2, r3} | r0 = *(r6!);
| r1 = *((r6! + 4));
| r2 = *((r6! + 8));
| r3 = *((r6! + 12));
0x00002a54 str r0, [r4] | *(r4) = r0;
0x00002a56 str r1, [r4, 4] | *((r4 + 4)) = r1;
0x00002a58 ldm r6!, {r0, r1} | r0 = *(r6!);
| r1 = *((r6! + 4));
0x00002a5a str r3, [r4, 0xc] | *((r4 + 0xc)) = r3;
0x00002a5c str r2, [r4, 8] | *((r4 + 8)) = r2;
0x00002a5e ldrh r3, [r6] | r3 = *(r6);
0x00002a60 str r0, [r4, 0x10] | *((r4 + 0x10)) = r0;
0x00002a62 str r1, [r4, 0x14] | *((r4 + 0x14)) = r1;
0x00002a64 strh r3, [r4, 0x18] | *((r4 + 0x18)) = r3;
0x00002a66 ldrb r3, [r6, 2] | r3 = *((r6 + 2));
0x00002a68 mov r6, r5 | r6 = r5;
0x00002a6a strb r3, [r4, 0x1a] | *((r4 + 0x1a)) = r3;
0x00002a6c mov r4, r5 | r4 = r5;
0x00002a6e b 0x2ab4 | goto label_0;
| }
| if (r4 == 0) {
0x00002a70 cbz r4, 0x2ab0 | goto label_1;
| }
0x00002a72 ldr r6, [pc, 0x21c] |
0x00002a74 mov r5, r4 | r5 = r4;
0x00002a76 movs r3, 0xa | r3 = 0xa;
0x00002a78 str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002a7c add r6, pc | r6 = 0x5712;
0x00002a7e add.w r7, r6, 0x20 | r7 = r6 + 0x20;
| do {
0x00002a82 mov r4, r6 | r4 = r6;
0x00002a84 adds r5, 0x10 | r5 += 0x10;
0x00002a86 ldm r4!, {r0, r1, r2, r3} | r0 = *(r4!);
| r1 = *((r4! + 4));
| r2 = *((r4! + 8));
| r3 = *((r4! + 12));
0x00002a88 adds r6, 0x10 | r6 += 0x10;
0x00002a8a cmp r4, r7 |
0x00002a8c str r0, [r5, -0x10] | *((r5 - 0x10)) = r0;
0x00002a90 str r1, [r5, -0xc] | *((r5 - 0xc)) = r1;
0x00002a94 str r2, [r5, -0x8] | *((r5 - 0x8)) = r2;
0x00002a98 str r3, [r5, -0x4] | *((r5 - 0x4)) = r3;
0x00002a9a subs r4, 4 | r4 -= 4;
0x00002a9c bne 0x2a82 |
| } while (r4 != 4);
0x00002a9e ldrh r2, [r6] | r2 = *(r6);
0x00002aa0 movs r4, 0 | r4 = 0;
0x00002aa2 ldrb r3, [r6, 2] | r3 = *((r6 + 2));
0x00002aa4 mov r6, r4 | r6 = r4;
0x00002aa6 strh r2, [r5] | *(r5) = r2;
0x00002aa8 strb r3, [r5, 2] | *((r5 + 2)) = r3;
0x00002aaa ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002aac b 0x2ab4 | goto label_0;
| label_2:
0x00002aae movs r4, 0 | r4 = 0;
| label_1:
0x00002ab0 ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002ab2 movs r6, 0 | r6 = 0;
| do {
| label_0:
0x00002ab4 mov r0, r4 | r0 = r4;
0x00002ab6 blx 0x1bdc | fcn_00001bdc ();
0x00002aba mov r0, r7 | r0 = r7;
0x00002abc blx 0x1bc0 | ASN1_INTEGER_free ();
0x00002ac0 ldr r0, [sp, 0x18] | r0 = var_18h;
0x00002ac2 blx 0x1f94 | fcn_00001f94 ();
0x00002ac6 ldr r2, [pc, 0x1cc] |
0x00002ac8 ldr r3, [pc, 0x1bc] | r3 = *(0x2c88);
0x00002aca add r2, pc | r2 = 0x5764;
0x00002acc ldr r3, [r2, r3] | r3 = *(0x5764);
0x00002ace ldr r2, [r3] | r2 = *(0x5764);
0x00002ad0 ldr r3, [sp, 0x1c] | r3 = var_1ch;
0x00002ad2 eors r2, r3 | r2 ^= r3;
0x00002ad4 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002ad8 bne.w 0x2c52 | goto label_5;
| }
0x00002adc mov r0, r6 | r0 = r6;
0x00002ade add sp, 0x24 |
0x00002ae0 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_3:
0x00002ae4 mov r7, r4 | r7 = r4;
0x00002ae6 mov r6, r4 | r6 = r4;
0x00002ae8 cmp r4, 0 |
0x00002aea beq 0x2ab4 |
| } while (r4 == 0);
0x00002aec ldr r6, [pc, 0x1a8] |
0x00002aee mov r5, r4 | r5 = r4;
0x00002af0 movs r3, 0xa | r3 = 0xa;
0x00002af2 str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002af6 add r6, pc | r6 = 0x5792;
0x00002af8 add.w r7, r6, 0x20 | r7 = r6 + 0x20;
| do {
0x00002afc mov r4, r6 | r4 = r6;
0x00002afe adds r5, 0x10 | r5 += 0x10;
0x00002b00 ldm r4!, {r0, r1, r2, r3} | r0 = *(r4!);
| r1 = *((r4! + 4));
| r2 = *((r4! + 8));
| r3 = *((r4! + 12));
0x00002b02 adds r6, 0x10 | r6 += 0x10;
0x00002b04 cmp r4, r7 |
0x00002b06 str r0, [r5, -0x10] | *((r5 - 0x10)) = r0;
0x00002b0a str r1, [r5, -0xc] | *((r5 - 0xc)) = r1;
0x00002b0e str r2, [r5, -0x8] | *((r5 - 0x8)) = r2;
0x00002b12 str r3, [r5, -0x4] | *((r5 - 0x4)) = r3;
0x00002b16 bne 0x2afc |
| } while (r4 != r7);
0x00002b18 ldrh r3, [r6] | r3 = *(r6);
0x00002b1a movs r4, 0 | r4 = 0;
0x00002b1c mov r6, r4 | r6 = r4;
0x00002b1e strh r3, [r5] | *(r5) = r3;
0x00002b20 ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002b22 b 0x2ab4 | goto label_0;
| label_4:
0x00002b24 cmp r7, 0 |
| if (r7 < 0) {
0x00002b26 blt 0x2b60 | goto label_6;
| }
0x00002b28 ldr r0, [sp, 0x18] | r0 = var_18h;
0x00002b2a mov r2, r7 | r2 = r7;
0x00002b2c mov r1, r8 | r1 = r8;
0x00002b2e blx 0x1eb0 | r0 = fcn_00001eb0 ();
0x00002b32 cmp r0, 1 |
0x00002b34 mov r6, r0 | r6 = r0;
| if (r0 == 1) {
0x00002b36 beq 0x2b8e | goto label_7;
| }
0x00002b38 cmp r4, 0 |
| if (r4 == 0) {
0x00002b3a beq 0x2ab0 | goto label_1;
| }
0x00002b3c ldr r6, [pc, 0x15c] |
0x00002b3e movs r3, 0xa | r3 = 0xa;
0x00002b40 str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002b44 ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002b46 add r6, pc | r6 = 0x57e6;
0x00002b48 ldm r6!, {r0, r1, r2, r3} | r0 = *(r6!);
| r1 = *((r6! + 4));
| r2 = *((r6! + 8));
| r3 = *((r6! + 12));
0x00002b4a str r0, [r4] | *(r4) = r0;
0x00002b4c str r1, [r4, 4] | *((r4 + 4)) = r1;
0x00002b4e str r2, [r4, 8] | *((r4 + 8)) = r2;
0x00002b50 ldm r6!, {r0, r1, r2} | r0 = *(r6!);
| r1 = *((r6! + 4));
| r2 = *((r6! + 8));
0x00002b52 mov r6, r5 | r6 = r5;
0x00002b54 str r3, [r4, 0xc] | *((r4 + 0xc)) = r3;
0x00002b56 str r0, [r4, 0x10] | *((r4 + 0x10)) = r0;
0x00002b58 str r1, [r4, 0x14] | *((r4 + 0x14)) = r1;
0x00002b5a str r2, [r4, 0x18] | *((r4 + 0x18)) = r2;
0x00002b5c mov r4, r5 | r4 = r5;
0x00002b5e b 0x2ab4 | goto label_0;
| label_6:
0x00002b60 cmp r4, 0 |
| if (r4 == 0) {
0x00002b62 beq 0x2aae | goto label_2;
| }
0x00002b64 movs r3, 0xa | r3 = 0xa;
0x00002b66 mov r2, r0 | r2 = r0;
0x00002b68 str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002b6c mvn r3, 0x80000000 | r3 = ~0x80000000;
0x00002b70 str r3, [sp, 8] | var_8h = r3;
0x00002b72 mov r0, r4 | r0 = r4;
0x00002b74 ldr r3, [pc, 0x128] |
0x00002b76 mov r4, r5 | r4 = r5;
0x00002b78 mov r6, r5 | r6 = r5;
0x00002b7a add r3, pc | r3 = 0x581e;
0x00002b7c strd r3, r7, [sp] | __asm ("strd r3, r7, [sp]");
0x00002b80 mov.w r3, 0x200 | r3 = 0x200;
0x00002b84 mov r1, r3 | r1 = r3;
0x00002b86 blx 0x1fe8 | fcn_00001fe8 ();
0x00002b8a ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002b8c b 0x2ab4 | goto label_0;
| label_7:
0x00002b8e add.w sl, sp, 0x14 | sl += var_14h;
0x00002b92 mov r1, r5 | r1 = r5;
0x00002b94 mov r0, sl | r0 = sl;
0x00002b96 blx 0x1d40 | r0 = g_strdup_printf ()
0x00002b9a cmp r0, 0 |
| if (r0 >= 0) {
0x00002b9c blt 0x2bc6 |
0x00002b9e blx 0x1fd0 | r0 = fcn_00001fd0 ();
0x00002ba2 mov r8, r0 | r8 = r0;
0x00002ba4 cmp r0, 0 |
| if (r0 == 0) {
0x00002ba6 beq 0x2c56 | goto label_8;
| }
0x00002ba8 mov r0, sl | r0 = sl;
0x00002baa add r1, sp, 0x10 | r1 += var_10h;
0x00002bac str.w r8, [sp, 0x10] | __asm ("str.w r8, [var_10h]");
0x00002bb0 blx 0x1d40 | r0 = g_strdup_printf ()
0x00002bb4 cmp r0, 0 |
| if (r0 < 0) {
0x00002bb6 blt 0x2c10 | goto label_9;
| }
0x00002bb8 str.w r8, [sb] | __asm ("str.w r8, [sb]");
0x00002bbc mov r4, r5 | r4 = r5;
0x00002bbe ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002bc0 str.w r0, [fp] | __asm ("str.w r0, [fp]");
0x00002bc4 b 0x2ab4 | goto label_0;
| }
0x00002bc6 cmp r4, 0 |
| if (r4 == 0) {
0x00002bc8 beq.w 0x2ab0 | goto label_1;
| }
0x00002bcc ldr r6, [pc, 0xd4] |
0x00002bce mov r5, r4 | r5 = r4;
0x00002bd0 movs r3, 0xa | r3 = 0xa;
0x00002bd2 str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002bd6 add r6, pc | r6 = 0x587e;
0x00002bd8 add.w r7, r6, 0x20 | r7 = r6 + 0x20;
| do {
0x00002bdc mov r4, r6 | r4 = r6;
0x00002bde adds r5, 0x10 | r5 += 0x10;
0x00002be0 ldm r4!, {r0, r1, r2, r3} | r0 = *(r4!);
| r1 = *((r4! + 4));
| r2 = *((r4! + 8));
| r3 = *((r4! + 12));
0x00002be2 adds r6, 0x10 | r6 += 0x10;
0x00002be4 cmp r4, r7 |
0x00002be6 str r0, [r5, -0x10] | *((r5 - 0x10)) = r0;
0x00002bea str r1, [r5, -0xc] | *((r5 - 0xc)) = r1;
0x00002bee str r2, [r5, -0x8] | *((r5 - 0x8)) = r2;
0x00002bf2 str r3, [r5, -0x4] | *((r5 - 0x4)) = r3;
0x00002bf6 bne 0x2bdc |
| } while (r4 != r7);
0x00002bf8 ldm r6!, {r0, r1, r2} | r0 = *(r6!);
| r1 = *((r6! + 4));
| r2 = *((r6! + 8));
0x00002bfa movs r4, 0 | r4 = 0;
0x00002bfc ldrh r3, [r6] | r3 = *(r6);
0x00002bfe str r0, [r5] | *(r5) = r0;
0x00002c00 str r1, [r5, 4] | *((r5 + 4)) = r1;
0x00002c02 strh r3, [r5, 0xc] | *((r5 + 0xc)) = r3;
0x00002c04 ldrb r3, [r6, 2] | r3 = *((r6 + 2));
0x00002c06 mov r6, r4 | r6 = r4;
0x00002c08 str r2, [r5, 8] | *((r5 + 8)) = r2;
0x00002c0a strb r3, [r5, 0xe] | *((r5 + 0xe)) = r3;
0x00002c0c ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002c0e b 0x2ab4 | goto label_0;
| if (r4 == 0) {
| label_9:
0x00002c10 cbz r4, 0x2c4a | goto label_10;
| }
0x00002c12 ldr r6, [pc, 0x94] |
0x00002c14 mov r5, r4 | r5 = r4;
0x00002c16 movs r3, 0xa | r3 = 0xa;
0x00002c18 str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002c1c add r6, pc | r6 = 0x58ca;
0x00002c1e add.w r7, r6, 0x30 | r7 = r6 + 0x30;
| do {
0x00002c22 mov r4, r6 | r4 = r6;
0x00002c24 adds r5, 0x10 | r5 += 0x10;
0x00002c26 ldm r4!, {r0, r1, r2, r3} | r0 = *(r4!);
| r1 = *((r4! + 4));
| r2 = *((r4! + 8));
| r3 = *((r4! + 12));
0x00002c28 adds r6, 0x10 | r6 += 0x10;
0x00002c2a cmp r4, r7 |
0x00002c2c str r0, [r5, -0x10] | *((r5 - 0x10)) = r0;
0x00002c30 str r1, [r5, -0xc] | *((r5 - 0xc)) = r1;
0x00002c34 str r2, [r5, -0x8] | *((r5 - 0x8)) = r2;
0x00002c38 str r3, [r5, -0x4] | *((r5 - 0x4)) = r3;
0x00002c3c bne 0x2c22 |
| } while (r4 != r7);
0x00002c3e ldrh r2, [r6] | r2 = *(r6);
0x00002c40 mov r4, r8 | r4 = r8;
0x00002c42 ldrb r3, [r6, 2] | r3 = *((r6 + 2));
0x00002c44 strh r2, [r5] | *(r5) = r2;
0x00002c46 strb r3, [r5, 2] | *((r5 + 2)) = r3;
0x00002c48 b 0x2ab0 | goto label_1;
| label_10:
0x00002c4a ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002c4c mov r4, r8 | r4 = r8;
0x00002c4e mov r6, r5 | r6 = r5;
0x00002c50 b 0x2ab4 | goto label_0;
| label_5:
0x00002c52 blx 0x1e74 | fcn_00001e74 ();
| label_8:
0x00002c56 cmp r4, 0 |
| if (r4 == 0) {
0x00002c58 beq.w 0x2ab0 | goto label_1;
| }
0x00002c5c ldr r5, [pc, 0x4c] |
0x00002c5e movs r3, 0xa | r3 = 0xa;
0x00002c60 str.w r3, [r4, 0x200] | __asm ("str.w r3, [r4, 0x200]");
0x00002c64 mov r6, r8 | r6 = r8;
0x00002c66 ldr r7, [sp, 0x14] | r7 = var_14h;
0x00002c68 add r5, pc | r5 = 0x5918;
0x00002c6a ldm r5!, {r0, r1, r2, r3} | r0 = *(r5!);
| r1 = *((r5! + 4));
| r2 = *((r5! + 8));
| r3 = *((r5! + 12));
0x00002c6c str r0, [r4] | *(r4) = r0;
0x00002c6e str r1, [r4, 4] | *((r4 + 4)) = r1;
0x00002c70 ldm r5!, {r0, r1} | r0 = *(r5!);
| r1 = *((r5! + 4));
0x00002c72 str r3, [r4, 0xc] | *((r4 + 0xc)) = r3;
0x00002c74 str r2, [r4, 8] | *((r4 + 8)) = r2;
0x00002c76 ldrh r3, [r5] | r3 = *(r5);
0x00002c78 str r0, [r4, 0x10] | *((r4 + 0x10)) = r0;
0x00002c7a str r1, [r4, 0x14] | *((r4 + 0x14)) = r1;
0x00002c7c strh r3, [r4, 0x18] | *((r4 + 0x18)) = r3;
0x00002c7e mov r4, r8 | r4 = r8;
0x00002c80 b 0x2ab4 | goto label_0;
| }
[*] Function printf used 3 times se.so
