I'm not asking for a key, but is there a dump of the flash uploaded somewhere? It seems silly that we all have to desolder the SPI chip over and over again.
And thanks to all the posters on this thread so far, awesome work!
EDIT:
Note: I don't have an NV2, so I'm doing this without feedback.
Not made much progress yet, but I will post a (growing) list of things that DON'T seem to work
I *assume* this is how the unlock protocol works: the camera sends you a 'Seed', as per Tmbinc's blogpost description, and this data is 12-bytes random plus 4-byte serial number. You have to use a secret 'key' and do an HMAC-MD5 digest of the 'Seed' and send it back. The camera has done the same thing and compares its calculation with yours, and if they are the same, it unlocks itself. No secret key, no unlock. It seems simple enough...
I tried using the screenshots from oPossums post, where he showed 2 seed/key pairs, 16 bytes each.
seed: 8D E9 AD 49 DC 8E 68 9E CE F6 89 20 3C 25 DB 53
Key: 90 CC 53 17 64 A1 66 1C 58 0A 88 16 EB 39 50 52
seed: 7E 71 63 31 D5 5E EF 26 A1 9C AA A1 3C 25 DB 53
Key: BA CC 53 C6 8A 79 CF C2 46 AD 56 AE C3 B6 A4 68
Then, because I'm dumb, I just brute-forced iterated through the whole BIN file, reading every sequential 16-byte block as a potential private key.
I used the standard python hmac library.
import hmac
output = hmac.new(password, seed).hexdigest()
then I tried to match the posted 'Key' with the calculated output, and the whole process of 8 million MD5-HMAC digests (the bin file is about 8 Mb) takes under a minute, but no luck finding the key
I might try iterating backward next, because why not?
Just in case there is data in a different format, I did the same again for the Data2mem output file, after extracting out the binary data. That didn't work either.
I was a bit confused about the BRAM columns/rows memory layout (I have used a MicroBlaze core before, but I just drew in wires from the Microblaze to the BRAM controllers in Vivado, I have no idea how they work under-the-hood), but I tried to take the 4 rows that kind of looked interesting and interleaved them together in various ways. From the discussion here, it seems that they have to be interleaved somehow (maybe the MicroBlaze reads across down rows?). The most interesting 4 rows have most of the data at the beginning, so maybe stacking the rows and then reading in columns makes sense... Eyeballing they merged HEX data it didn't look like much beyond looking at a The Matrix screensaver. I didn't find a nice, simple, stand-alone MicroBlaze disassembler, plus I'm too lazy to learn IDA for a single project
EDIT:
I found the key last night using the approach above, and the tip from tmbinc and oPossum below (thanks guys!). Just by knowing the XOR ordering (x4, as you don't know the byte offset), and overlaying that with the permutations on interleaving the 4x BRAM rows (x24), running over every possible private key in the data2mem dump (2Mb) shouldn't take more than half an hour brute force (~200 million potential keys). This should be faster than installing all the software you need to go the disassembler route. Using the extra tip from oPossum makes the calculation a bit faster. The timing below including passing the Data2Mem file for BRAM data too
34.2 ms ± 453 µs per loop (mean ± std. dev. of 7 runs, 10 loops each)