Copyright (C) 2007-2011 pancake Copyright (C) 2011-2012 Pali Rohár SPECS FOR TEH FIASCO FIRMWARE FILE FORMAT ffff! ----------------------------------------------- These notes has not been taken properly and may be wrong. It must be revised to fit the reality. But this is mostly a general idea: FILE HEADER 1 byte = 0xb4 -- signature 4 bytes -- FW header length (big endian) FW HEADER 4 bytes -- count of blocks (big endian) block { 1 byte -- type of block 0xE8 - header 0x31 - FW name 1 byte -- length of data N bytes -- block data } IMAGE 1 byte = 0x54 -- signature 1 byte -- number of subsections + 1 5 bytes -- unknown (always 0x2e 0x19 0x01 0x01 0x00) 2 bytes -- checksum for the image contents (xorpair) 12 bytes -- image name type (first byte is FF if is the last) 4 bytes -- image size (big endian) 4 bytes -- unknown (always 0x00 0x00 0x00 0x00) block { 1 byte -- type of subsection '1' - version '2' - device & hw revisions (separated by char 0, max size of device is 16, hw revision 8) '3' - layout '4' - unknown '/' - unknown 1 byte -- length of subsection N bytes -- subsection data } 1 byte -- unknown (maybe end of subsections?) N bytes -- image data