If you like BoxMatrix then please contribute Supportdata, Supportdata2, Firmware and/or Hardware (get in touch).
My metamonk@yahoo.com is not reachable by me since years. Please use hippie2000@webnmail.de instead.
Property:cm dl cert
| BoxMatrix >> Configuration >> cm_dl_cert | @ BoxMatrix - IRC-Chat - Translate: de es fr it nl pl |
| News | Selectors | Models | Accessories | Components | Environment | Config | Commands | System | Webif | Software | Develop | Lexicon | Community | Project | Media |
| Static-Config | Bin-Files | Audio-Files | Crypto-Files | Vartar-Items | PCD-Rules | TFFS-Config | Temp-Files | Data-Dirs | Inet-Providers | VoIP-Providers | Firmware | Research |
Firmware-File
This file is part of a firmware update image. It's only present at the specified path during the update.
| File: | cm_dl_cert - type Exec | Wiki | Freetz | IPPF | whmf | AVM | Web |
| Location: | Configuration >> Firmware-Files - Origin: AVM | ||||||
| Path: | Release: /var Lab+Rel: /var | ||||||
| Properties: | Size: 1.3M - Firmware: 6.51 - 6.64 | ||||||
| Function: | Cable modem certificate downloader and updater, ARM build. | ||||||
Goto: Model-Matrix - SMW-Browser
Details
cm_dl_cert is a cable modem certificate downloader and updater, ARM build.
It downloads a cm_cert.tar from an AVM certificate server and verifies it against the ca.pem file stored in the firmware.
If the signature test passes it installs its content to cm_cert.cer, cm_key_prv.bin, mfg_cert.cer, mfg_key_pub.bin.
cm_dl_cert is started by ewnw_check_install without arguments and accesses:
/bin/sh /bin/tar -xf /var/tmp/cm_cert.tar /etc/config/hosts /etc/default /etc/egd-pool /etc/entropy /etc/fstab /etc/hosts /etc/version --project /crossdomain-template.xml /filelink.lua /nvram/1/security/cm_cert.cer /nvram/1/security/cm_key_prv.bin /nvram/1/security/mfg_cert.cer /nvram/1/security/mfg_key_pub.bin /nvram/1/security/download/cm_cert.cer /nvram/1/security/download/cm_key_prv.bin /nvram/1/security/download/mfg_cert.cer /nvram/1/security/download/mfg_key_pub.bin /var/ca.pem /var/config.def /var/flash/crash.log /var/jason_boxinfo.xml /var/lcr.html /var/run/egd-pool /var/tmp/avm-resolv.conf /var/tmp/cm_dl_cert_version /var/tmp/upnpwebsrv/ /var/tmp/websrv.debug /proc/devices /proc/misc /proc/mounts /proc/self/maps /proc/sys/dev/adam2/environment /proc/sys/urlader/environment /proc/uptime /dev/console /dev/egd-pool /dev/null /dev/random /dev/srandom /dev/tty /dev/urandom GU_P15n2_x86/OPENSSL_armp6_build/sharedlibs/../filesystem GU_P15n2_x86/OPENSSL_armp6_build/sharedlibs/../filesystem/cert.pem GU_P15n2_x86/OPENSSL_armp6_build/sharedlibs/../filesystem/certs GU_P15n2_x86/OPENSSL_armp6_build/sharedlibs/../filesystem/private
Unlike most executables in firmware archives this is a dynamically linked tool which requires:
ld-uClibc.so libdl.so libgcc_s.so libpthread.so librt.so librx.so
However, security relevant code is statically linked from these libraries, see the Source below:
libavmcsock.so libavmssl.so libwebsrv.so libcrypto.so
Source
The names of source files compiled into an executable often help to understand function blocks (and show gaps in the docs).
fw 4.49 source files:
$ strings /var/cm_dl_cert | grep -e '\.c$' -e '\.cpp$' # own source cm_dl_cert.c # from libavmcsock.so avmipc_msg.c cbcontext.c cbitset.c cbuf.c cbuffilter.c cfile.c children.c cmmap.c confparse.c connector.c cprocess.c crashdump.c csem_posix.c csock.c csockinit.c cthread.c cthreadmem.c dns.c inaddrlist.c ip6addrlist.c ipaddrlist.c linuxlib.c msg_builder_parser.c parsefile.c posixshm.c shringbuf.c slab.c slabuser.c stringlist.c timercb.c # from libavmssl.so avmssl.c # from libwebsrv.so error.c fill.c fillcgi.c fillfile.c header.c httpclient.c memcache.c mimeinfo.c replacement.c reply.c request.c urlsupport.c util.c websrvlib.c websrvwget.c # from libcrypto.so a_bitstr.c a_bytes.c a_digest.c a_dup.c a_enum.c a_gentm.c a_i2d_fp.c a_int.c a_mbstr.c ameth_lib.c a_object.c a_set.c asn1_gen.c asn1_lib.c asn_pack.c a_strex.c a_strnid.c a_utctm.c a_verify.c bf_buff.c bio_enc.c bio_lib.c bn_blind.c bn_ctx.c bn_exp.c bn_lib.c bn_mont.c bn_print.c bn_rand.c bn_recp.c b_print.c buffer.c buf_str.c by_dir.c cmac.c comp_lib.c conf_api.c conf_def.c conf_mod.c cryptlib.c d1_both.c d1_enc.c d1_lib.c d1_pkt.c dh_ameth.c dh_lib.c dh_pmeth.c dsa_ameth.c dsa_asn1.c dsa_lib.c dsa_pmeth.c dsa_sign.c dso_dlfcn.c dso_lib.c e_aes.c ec_ameth.c ec_asn1.c ech_lib.c ech_ossl.c ec_key.c eck_prn.c ec_lib.c ec_mult.c ec_pmeth.c ec_print.c ecp_smpl.c ecs_lib.c encode.c err.c evp_enc.c evp_key.c evp_lib.c evp_pbe.c ex_data.c f_int.c f_string.c gcm128.c hmac.c hm_ameth.c hm_pmeth.c lhash.c md_rand.c mem_dbg.c nopqrst1_enc.c obj_dat.c obj_lib.c obj_xref.c o_names.c p12_decr.c p12_key.c p12_utl.c p5_crpt2.c p5_crpt.c p5_pbev2.c pcy_cache.c pcy_data.c pcy_node.c pcy_tree.c pem_info.c pem_lib.c pk7_doit.c pk7_lib.c pmeth_fn.c pmeth_lib.c pqueue.c rsa_ameth.c rsa_eay.c rsa_lib.c rsa_oaep.c rsa_pk1.c rsa_pmeth.c rsa_pss.c rsa_saos.c rsa_sign.c s23_clnt.c s23_srvr.c s3_both.c s3_cbc.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c srp_lib.c srp_vfy.c ssl_asn1.c ssl_cert.c ssl_ciph.c ssl_lib.c ssl_rsa.c ssl_sess.c stack.c t1_lib.c t1_reneg.c tasn_enc.c tasn_new.c tasn_prn.c tasn_utl.c tls_srp.c t_x509.c txt_db.c Ubn_gf2m.c ui_lib.c ui_openssl.c v3_alt.c v3_conf.c v3_ia5.c v3_info.c v3_lib.c v3_pci.c v3_purp.c v3_utl.c x509_lu.c x509_req.c x509_trs.c x509_vfy.c x509_vpm.c x_crl.c x_info.c x_name.c x_pkey.c x_pubkey.c
Model-Matrix
Daily updated index of the presence, path and size of this file for each model. Last update: 2025-01-03 05:33 GMT.
Showing all models using this file. Click any column header (click-wait-click) to sort the list by the respective data.
Note that this list is merged from Firmware-Probes of all known AVM firmware for a model, including Recovery.exe and Labor-Files.
| Model | Firmware | Path | Size |
|---|---|---|---|
| FRITZ!Box 6360 Cable | 6.51 | /var | 1.3M |
| FRITZ!Box 6490 Cable | 6.51 - 6.64 | /var | 1.3M |
| 2 models use this file | |||
