Nice!

[Manevolent]

I just came across your project and I am really loving the work you're doing here. I found it by googling one of the AES keys I happened across; the repo where I've been working so far is,

https://github.com/atlas-tuning/utilities

If it helps I have figured out the Subaru pak/pk2 file encryption in that repository, perhaps that could lead you somewhere on this project. If you need all the decrypted stuff I've done so far, I have a private GH repo I can share.

I am currently working on trying to figure out what the encryption is for Subaru ECU data on their DIT ECU, which seems to be some sort of Feistel cipher. If you have any leads on that it would be much appreciated!

[jglim]

Hello, thanks for sharing about your work! It's very cool to see a new set of open-source automotive tools.

So far, the bulk of my Subaru reversing is confined within CMD_FhiCan.dll. Most of the prior Subaru discussion is available here: #25. That is also the same thread where we were figuring out the AES keys. We also made progress on decrypting their xml definitions.

As far as I know..

• CMD_SecurityAccess2018CY1 : regular AES, encrypt, embedded AES function
• CMD_SecurityAccessAES_AB : regular AES, decrypt, otherwise same as above
• XML definitions: AES, relies on MS CryptoAPI
• CMD_SecurityAccess : stuck, haven't figured this out, but likely less relevant as it is more like a hash Subaru SSM4 CMD_SecurityAccess #26
• SSM4 licensing: also regular AES via MS CryptoAPI; iirc the key is derived from sha256 hash.

They seem to like AES, so it could be useful to trace calls to CryptoAPI. Beyond that, I do not know enough about DIT ECUs to be of meaningful help. Tagging @jnewb1 as he's the Subaru expert around here; perhaps he might be able to advise further.

[jnewb1]

I just came across your project and I am really loving the work you're doing here. I found it by googling one of the AES keys I happened across; the repo where I've been working so far is,

https://github.com/atlas-tuning/utilities

If it helps I have figured out the Subaru pak/pk2 file encryption in that repository, perhaps that could lead you somewhere on this project. If you need all the decrypted stuff I've done so far, I have a private GH repo I can share.

I am currently working on trying to figure out what the encryption is for Subaru ECU data on their DIT ECU, which seems to be some sort of Feistel cipher. If you have any leads on that it would be much appreciated!

Unfortunately I don't know much more than what we discovered here: #25

but I saw that you decrypted the pk2 files! I'm definitely interested in that for my work on openpilot for subaru! I will check out your work!

[Manevolent]

@jnewb1 if I learn more about the encrypted flash data I will share back! I'm glad it's going to be of use! I just shared you an invite to the aforementioned private GH repo to save you the trouble of decrypting the library yourself

[jnewb1]

Did a bit of looking, managed to replicate your results and extract the MOT files from a pk2 file, which seem like they would be the raw memory that is flashed, but it also appears like that is encrypted too (high entropy on the extracted binary version). There is an “encode.exe” file within flashwrite that is referenced, and also appears to have to AES functions within it (found an expanded key and AES sbox/ibox, I’m wondering if that could be the final decryption before it’s transferred to the ECU?
https://github.com/jnewb1/eps-subaru