View Single Post
Old 07-17-2012, 21:11   #1 (permalink)
jatza
Junior Member
 
Join Date: Mar 2011
Posts: 18
Member: 1542807
Status: Offline
Thanks Meter: 0
Nokia E52 - corrupted simlock area after writing RPL [Solved]

Hello,

I have Nokia E52 with corrupted IMEI (123456..., startup failed, etc.). So I bought RPL (calculated from ASK file) and wrote it to the phone.

Here's the log:

Skipping RPL decryption...
Parsing decrypted RPL...
Processing FBUS Part...
Writing Simlock...
Handling as SL3 Simlock Data
Handling as SIMLOCK2 Format
Reading Security Block...
Security block OK and saved to "RM-469_12345610654321_2012-07-15_143647.SecurityBlock.PM"
15 Digits NCK Found
Simlock ACCEPTED OK !
Writing Superdongle key...
Superdongle Key ACCEPTED OK !
Writing CMLA key...
CMLA Key NOT ACCEPTED !
Writing WMDRM PD Data...
WMDRM PD Data NOT ACCEPTED !
Processing FLASHBUS Part...
Booting CMT...
CMT_SYSTEM_ASIC_ID: 000000030000022600010007600C192102011104
CMT_EM_ASIC_ID: 00001040
CMT_EM_ASIC_ID: 00001030
CMT_PUBLIC_ID: 14D0010975400E49CE5178EE0A602065A1D9F871
CMT_ASIC_MODE_ID: 00
CMT_ROOT_KEY_HASH: 25B977A055BE9B5DEC0C38A2A279C695
CMT_BOOT_ROM_CRC: 3E273BF6
CMT_SECURE_ROM_CRC: 37BE26FA
CMT Ready!
Searching for BootCode: DualLine 32Bit
RAPUv11_2nd.fg, Type: 2nd Boot Loader, Rev: 768.12.11.0, Algo: BB5
Flashbus Write baud set to 1.0Mbits
Flashbus Read baud set to 98Kbits
Using NEW BB5 FLASHING PROTOCOL
Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding
Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit
Box TX2 Data Pin set to: Service Pin 3
If software STUCK HERE with box TX LED lit, that means:
1. You have not attached yellow TX2 Adapter (IT IS REQUIRED FOR BB5 PHONES WHEN USING JAF/UFS CABLES!)
2. Your cable is not TX2 Enabled!
3. Transmission error occured, try again
In either cases, you need to reconnect your box from USB.
FlashChip[0,CMT]: 0x0000000000000000, Unknown, RAM
FlashChip[0,CMT]: 0xFFFF000000000000, Unknown, MMC
FlashChip[0,CMT]: 0x0020004000000031, ST, NOR
FlashChip[1,CMT]: 0x0000000100000000, Unknown, NOR
FlashChip[0,CMT]: 0x0020004000000031, ST, ONENAND
Requested Algorithm: XSR 1.6 (CMT)
Searching for BootCode: DualLine 32Bit
FlashChip 0x00200040 (ST), Size: 256MBytes, VPP: Not Supported
FlashChip 0x00200040 (ST), Size: 256MBytes, VPP: Not Supported
RAPUv11_XSR17_alg.fg, Type: Algorithm, Rev: 768.12.11.0, Algo: XSR 1.6
Initializing TurboCache...
TurboCache Loaded!
Writing CMT PASUBTOC Certificate...
Writing CMT ALG Certificate...
CMT Algorithm Ready!
Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding
Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit
Box TX2 Data Pin set to: Service Pin 3
Adding FUR Client (CMT, State: Ready)...
CMT FUR Ready!
Box VPP disabled
Internal CMT Phone VPP Enabled
PAPUBKEYS Hash for CMT: 85F252E351E225CAFC4DFBC8041EABD2823E3500
APE Subsystem Not Found
Flashbus Write baud set to 5.0Mbits
CMT NPC Erased
CMT NPC Written
CMT HWC Erased
CMT HWC Written
CMT CCC Erased
CMT CCC Written
Restarting MCU...
Write RPL Finished!


Analyze security log:

Started Phone Security Analysis...
MCU Version V ICPR82_11w16.3.5
MCU Date 19-08-11
Product RM-469 (Nokia E52)
Manufacturer (c) Nokia
IMEI 3593270XXXXXXXX
Mastercode 7070XXXXX
Reading Security Block...
Security block OK and saved to "RM-469_3593270XXXXXXXX_2012-07-15_143806.SecurityBlock.PM"
Step 1 : Testing SIMLOCK
-- SIMLOCK PROBLEM --

Phone have failed SIMLOCK Test, that means Simlock Area is DAMAGED!
To repair simlock area, Select Unlock method : "RPL CALCULATION",
And then click DIRECT UNLOCK. SL Area will be re-formatted.

-- SIMLOCK PROBLEM --
Step 2 : Testing SECURITY
SECURITY SEFLTEST PASSED OK!
Step 3 : Analyzing Security Block
"14D0010975400E49CE5178EE0A602065A1D9F871.B000089B " Exists, That is good...
Checking SUPERDONGLE...
SUPERDONGLE FOUND AND CHECKSUM OK! PASSED!
Checking SIMLOCK...
Failed to decode Security Section, Box Reported: Security Section Not Found (SL3 phone?)
Checking MCU&DSP TIMESTAMPS...
MCU&DSP TIMESTAMPS FOUND AND CHECKSUM OK! PASSED!
Checking CMLA KEYS...
CMLA KEYS FOUND AND CHECKSUM OK! PASSED!
Checking ECC KEYS...
ECC KEYS FOUND AND CHECKSUM OK! PASSED!
Checking DIV KEYS...
DIV KEYS FOUND AND CHECKSUM OK! PASSED!
Analyze finished!


Read info log:

MCU Version V ICPR82_11w16.3.5
MCU Date 19-08-11
Product RM-469 (Nokia E52)
Manufacturer (c) Nokia
IMEI 3593270XXXXXXXX
Mastercode 70705XXXXX
IMEI Spare 3A952307XXXXXXXX
IMEI SV 3395230723XXXXXXXX000000
PSN 0
Product Code 0593914
PSD 0000000000000000
LPSN 0
WLAN MAC A87B39283E1F
APE SW 081.003
APE Variant 081.003081.003.06.01081.003.283.02
APE Test v0.a091
APE HW 256
APE ADSP 256
RETU 40
TAHVO 00
AHNE 11
RFIC |Vapaus_5.1 | Aura_?.?
DSP ICPR82_11w16
Failed to read info -> Failed to read SP info


As you can see, simlock is accepted, but simlock test is failed (before writing RPL, simlock was ok and test passed). As a result, IMEI is recovered, but simlock area damaged.

Any solution plz?
 
 
Page generated in 0.09480 seconds with 7 queries