Update mikrotik_patch_6.yml

Signed-off-by: elseif <elseif@live.cn>
Update mikrotik_patch_7.yml
2025-01-18 11:13:51 +08:00 · 2025-01-18 11:13:31 +08:00 · 2025-01-18 11:11:16 +08:00 · 2025-01-18 10:55:50 +08:00 · 2025-01-18 10:53:36 +08:00 · 2025-01-18 10:46:54 +08:00
4 changed files with 21 additions and 12 deletions
--- a/.github/workflows/mikrotik_patch_6.yml
+++ b/.github/workflows/mikrotik_patch_6.yml
@ -17,7 +17,7 @@ env:
  CUSTOM_NPK_SIGN_PUBLIC_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PUBLIC_KEY }}
  CUSTOM_CLOUD_PUBLIC_KEY: ${{ secrets.CUSTOM_CLOUD_PUBLIC_KEY }}
  MIKRO_LICENSE_PUBLIC_KEY: ${{ secrets.MIKRO_LICENSE_PUBLIC_KEY }}
-  MIKRO_NPK_SIGN_PUBLIC_LKEY: ${{ secrets.MIKRO_NPK_SIGN_PUBLIC_LKEY }}
+  MIKRO_NPK_SIGN_PUBLIC_KEY: ${{ secrets.MIKRO_NPK_SIGN_PUBLIC_KEY }}
  MIKRO_CLOUD_PUBLIC_KEY: ${{ secrets.MIKRO_CLOUD_PUBLIC_KEY }}
  MIKRO_LICENCE_URL: ${{ secrets.MIKRO_LICENCE_URL }}
  CUSTOM_LICENCE_URL: ${{ secrets.CUSTOM_LICENCE_URL }}
--- a/.github/workflows/mikrotik_patch_7.yml
+++ b/.github/workflows/mikrotik_patch_7.yml
@ -16,7 +16,7 @@ env:
  CUSTOM_NPK_SIGN_PUBLIC_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PUBLIC_KEY }}
  CUSTOM_CLOUD_PUBLIC_KEY: ${{ secrets.CUSTOM_CLOUD_PUBLIC_KEY }}
  MIKRO_LICENSE_PUBLIC_KEY: ${{ secrets.MIKRO_LICENSE_PUBLIC_KEY }}
-  MIKRO_NPK_SIGN_PUBLIC_LKEY: ${{ secrets.MIKRO_NPK_SIGN_PUBLIC_LKEY }}
+  MIKRO_NPK_SIGN_PUBLIC_KEY: ${{ secrets.MIKRO_NPK_SIGN_PUBLIC_KEY }}
  MIKRO_CLOUD_PUBLIC_KEY: ${{ secrets.MIKRO_CLOUD_PUBLIC_KEY }}
  MIKRO_LICENCE_URL: ${{ secrets.MIKRO_LICENCE_URL }}
  CUSTOM_LICENCE_URL: ${{ secrets.CUSTOM_LICENCE_URL }}
--- a/mikro.py
+++ b/mikro.py
@ -1,8 +1,7 @@
-
+import random
 import struct
 from sha256 import SHA256
 from toyecc import AffineCurvePoint, getcurvebyname, FieldElement,ECPrivateKey,ECPublicKey,Tools
-from toyecc.Random import secure_rand_int_between


 MIKRO_BASE64_CHARACTER_TABLE = b'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
@ -39,8 +38,8 @@ def mikro_softwareid_encode(id:int)->str:
  assert(isinstance(id, int))
  ret = ''
  for i in range(8):
-    ret += chr(SOFTWARE_ID_CHARACTER_TABLE[id % 0x23])
-    id //= 0x23
+    ret += chr(SOFTWARE_ID_CHARACTER_TABLE[id % len(SOFTWARE_ID_CHARACTER_TABLE)])
+    id //= len(SOFTWARE_ID_CHARACTER_TABLE)
    if i == 3:
      ret += '-'
  return ret
@ -167,7 +166,7 @@ def mikro_kcdsa_sign(data:bytes,private_key:bytes)->bytes:
    private_key:ECPrivateKey = ECPrivateKey(Tools.bytestoint_le(private_key), curve)
    public_key:ECPublicKey = private_key.pubkey
    while True:
-        nonce_secret = secure_rand_int_between(1, curve.n - 1)
+        nonce_secret = random.SystemRandom().randint(1, curve.n - 1)
        nonce_point = nonce_secret * curve.G
        nonce = int(nonce_point.x) % curve.n
        nonce_hash = mikro_sha256(Tools.inttobytes_le(nonce,32))
@ -205,4 +204,4 @@ def mikro_kcdsa_verify(data:bytes, signature:bytes, public_key:bytes)->bool:
        nonce = int((public_key * signature + curve.G * data_hash).x) 
        if mikro_sha256(Tools.inttobytes_le(nonce,32))[:len(nonce_hash)] == nonce_hash:
            return True
-    return False
+    return False
--- a/patch.py
+++ b/patch.py
@ -84,12 +84,22 @@ def patch_initrd_xz(initrd_xz:bytes,key_dict:dict,ljust=True):
        if old_public_key in new_initrd:
            print(f'initrd public key patched {old_public_key[:16].hex().upper()}...')
            new_initrd = new_initrd.replace(old_public_key,new_public_key)
-    new_initrd_xz = lzma.compress(new_initrd,check=lzma.CHECK_CRC32,filters=[{"id": lzma.FILTER_LZMA2, "preset": 9,}] )
+    preset = 6
+    new_initrd_xz = lzma.compress(new_initrd,check=lzma.CHECK_CRC32,filters=[{"id": lzma.FILTER_LZMA2, "preset": preset }] )
+    while len(new_initrd_xz) > len(initrd_xz) and preset < 9:
+        print(f'preset:{preset}')
+        print(f'new initrd xz size:{len(new_initrd_xz)}')
+        print(f'old initrd xz size:{len(initrd_xz)}')
+        preset += 1
+        new_initrd_xz = lzma.compress(new_initrd,check=lzma.CHECK_CRC32,filters=[{"id": lzma.FILTER_LZMA2, "preset": preset }] )
+    if len(new_initrd_xz) > len(initrd_xz):
+        new_initrd_xz = lzma.compress(new_initrd,check=lzma.CHECK_CRC32,filters=[{"id": lzma.FILTER_LZMA2, "preset": 9 | lzma.PRESET_EXTREME,'dict_size': 32*1024*1024,"lc": 4,"lp": 0, "pb": 0,}] )
    if ljust:
-        assert len(new_initrd_xz) <= len(initrd_xz),'new initrd xz size is too big'
+        print(f'preset:{preset}')
        print(f'new initrd xz size:{len(new_initrd_xz)}')
        print(f'old initrd xz size:{len(initrd_xz)}')
        print(f'ljust size:{len(initrd_xz)-len(new_initrd_xz)}')
+        assert len(new_initrd_xz) <= len(initrd_xz),'new initrd xz size is too big'
        new_initrd_xz = new_initrd_xz.ljust(len(initrd_xz),b'\0')
    return new_initrd_xz

@ -250,13 +260,13 @@ def patch_squashfs(path,key_dict):
                        print(f'{file} public key patched {old_public_key[:16].hex().upper()}...')
                        data = data.replace(old_public_key,new_public_key)
                        open(file,'wb').write(data)
-                data = open(file,'rb').read()
                url_dict = {
                    os.environ['MIKRO_LICENCE_URL'].encode():os.environ['CUSTOM_LICENCE_URL'].encode(),
                    os.environ['MIKRO_UPGRADE_URL'].encode():os.environ['CUSTOM_UPGRADE_URL'].encode(),
                    os.environ['MIKRO_CLOUD_URL'].encode():os.environ['CUSTOM_CLOUD_URL'].encode(),
                    os.environ['MIKRO_CLOUD_PUBLIC_KEY'].encode():os.environ['CUSTOM_CLOUD_PUBLIC_KEY'].encode(),
                }
+                data = open(file,'rb').read()
                for old_url,new_url in url_dict.items():
                    if old_url in data:
                        print(f'{file} url patched {old_url.decode()[:7]}...')
@ -331,7 +341,7 @@ if __name__ == '__main__':
    args = parser.parse_args()
    key_dict = {
        bytes.fromhex(os.environ['MIKRO_LICENSE_PUBLIC_KEY']):bytes.fromhex(os.environ['CUSTOM_LICENSE_PUBLIC_KEY']),
-        bytes.fromhex(os.environ['MIKRO_NPK_SIGN_PUBLIC_LKEY']):bytes.fromhex(os.environ['CUSTOM_NPK_SIGN_PUBLIC_KEY'])
+        bytes.fromhex(os.environ['MIKRO_NPK_SIGN_PUBLIC_KEY']):bytes.fromhex(os.environ['CUSTOM_NPK_SIGN_PUBLIC_KEY'])
    }
    kcdsa_private_key = bytes.fromhex(os.environ['CUSTOM_LICENSE_PRIVATE_KEY'])
    eddsa_private_key = bytes.fromhex(os.environ['CUSTOM_NPK_SIGN_PRIVATE_KEY'])
Author	SHA1	Message	Date
elseif	3207b0ccd3	Update mikrotik_patch_6.yml Signed-off-by: elseif <elseif@live.cn>	2025-01-18 11:13:51 +08:00
elseif	65dff5204a	Update mikrotik_patch_7.yml Signed-off-by: elseif <elseif@live.cn>	2025-01-18 11:13:31 +08:00
elseif	10349947e6	Update patch.py Signed-off-by: elseif <elseif@live.cn>	2025-01-18 11:11:16 +08:00
elseif	2e7b31abf5	Update patch.py Signed-off-by: elseif <elseif@live.cn>	2025-01-18 10:55:50 +08:00
elseif	32ef5f3aeb	Update patch.py Signed-off-by: elseif <elseif@live.cn>	2025-01-18 10:53:36 +08:00
elseif	3ba9e027e3	Update patch.py Signed-off-by: elseif <elseif@live.cn>	2025-01-18 10:46:54 +08:00
elseif	f6fea00c16	Merge pull request #74 from vnxme/system-random Use SystemRandom to ensure crossplatform compatibility	2024-12-30 11:21:29 +08:00
vnxme	391d019a42	Use random.SystemRandom().randint instead of toyecc.Random.secure_rand_int_between	2024-12-28 10:57:32 +03:00
elseif	4c6ab80b09	Merge pull request #66 from vnxme/env-consistency-fixes Env consistency fixes	2024-12-14 12:40:16 +08:00
elseif	098f967cfd	Merge pull request #69 from loskiq/patch-1 Update mikro.py	2024-12-14 12:40:05 +08:00
Amir	e61c981f84	Update mikro.py Signed-off-by: Amir <loskiq@gmail.com>	2024-12-13 17:23:54 +03:00
vnxme	29663ed175	Fix *_LICENSE_URL spelling	2024-12-12 11:45:40 +03:00
vnxme	fd2baf25a0	Fix MIKRO_NPK_SIGN_PUBLIC_KEY spelling	2024-12-12 11:45:40 +03:00