How does one start porting the fw to another platform?

Discussions related to the firmware code development
Post Reply
EA5JAQ
Posts: 12
Joined: Thu Jul 16, 2020 6:08 am

How does one start porting the fw to another platform?

Post by EA5JAQ » Sun Aug 14, 2022 11:26 am

Hi!

I have a couple RT50s (aka TYT MD-680D) I use for when I’m hiking as they’re pretty strong radios. The internals are pretty similar to the ones found in a GD77 (MK22FN512, HR-C6000, AT1846S, etc.), and I wanted to try myself if I’m capable of porting the OpenGD77S version to this handheld.

I’ve programmed in C several times although I’m not an expert. In fact, a year ago I played around for a couple months with the OpenGD77 source code customizing things and I could get to understand almost every part of the firmware (obviously, I did this complying with the license terms, as my only intention was to improve my coding skills).

My question is, where or how can I start porting this firmware to this radio? I’m guessing a first step would be to be able to flash the firmware to this device, get it to turn on and then see which functions need to be adapted. I remember I read somewhere that the firmware has to be encrypted after being compiled, and that the encryption key is specific to each model of radio, but that there’s a way to crack it.

There’s no way to find an original .bin or .sgl file of the radio’s firmware, as the firmware updater is an .exe file that does everything (it connects to the radio and flashes the firmware), and I don’t know if this means that there’s no way of knowing this programming encryption password. If it’s not possible to flash the firmware in a conventional way (aka, using the firmware loader), is there any other way like using some kind of in-circuit programmer or debugger soldered to the MCU?

Thanks a lot, I know this will take me a lot of work (and it won’t probably be possible to do), but I’m willing to try it out.

73

VK3KYY
Posts: 4818
Joined: Sat Nov 16, 2019 3:25 am
Location: Melbourne, Australia
Contact:

Re: How does one start porting the fw to another platform?

Post by VK3KYY » Sun Aug 14, 2022 9:15 pm

You can connect a programmer to the CPU in the radio, but you will not be able to read the firmware because all radios enable the Read Protection in the CPU

You can erase the CPU but then your radio would be useless.

With the GD77 etc, the encryption was broken by DG4KLU, but he keeps his methods secret.
The MD9600 encryption was broken by someone in the MD380Tools team.


I think someone broke the encryption on the Ailuance HD1, which uses an exe file, but I don't know who did this.

Search for 'radiotool' on github and contact them,

EA5JAQ
Posts: 12
Joined: Thu Jul 16, 2020 6:08 am

Re: How does one start porting the fw to another platform?

Post by EA5JAQ » Thu Aug 18, 2022 6:26 pm

Thank you so much! I'll try to reach them and see what I can find out :)

Post Reply