daily pastebin goal
20%
SHARE
TWEET

hg658c_configtool.py

hg658c Mar 16th, 2015 (edited) 9,682 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #! /usr/bin/env python
  2.  
  3. # hg658c.wordpress.com
  4. # Version 3
  5.  
  6. import sys
  7. import os
  8. from binascii import hexlify, unhexlify
  9. from Crypto.Cipher import AES
  10. from Crypto.Hash import SHA256
  11. from Crypto.Util import number
  12.  
  13.  
  14. RSA_D = "2345ADB2C06E54D7373E2A233A50150A" \
  15.         "4044E417FBF76FB1AC8A444E72A345AA" \
  16.         "14B7C349A4824C96DF9ECF7D8CC50425" \
  17.         "32930DBD40D86FDCD892398702E3EA51" \
  18.         "41C90F10494BB91440E89B104626CCCB" \
  19.         "E45A5133362359732954BD63FCA58929" \
  20.         "E3D890014FDF83847E6B19F0D9E1117E" \
  21.         "9706984EAA57E114934B273366C4DBD1"
  22.  
  23. RSA_N = "C206CF93A9E6EE1CE17984DD54422AC4" \
  24.         "561A4EEB969D1BA81432626D6409FA03" \
  25.         "3B3738F8BBA046ACEF3BAC35094B70AF" \
  26.         "231D9DC43C1D68EDBEBE983E267B72FD" \
  27.         "3C2A7614D60FA7457B92B6A45C49F307" \
  28.         "EA23DE51E7E0C36D6440FC4F62C44CCB" \
  29.         "4169914E43DBFDAE536F002B2D670CE0" \
  30.         "A2A11FD1AF4C484C1A6FED9C228199A3"
  31.  
  32. RSA_E = "010001"
  33.                
  34. SIG_TEMPLATE = "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
  35.                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
  36.                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
  37.                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
  38.                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
  39.                "003021300906052B0E03021A05000420"
  40.  
  41. AES128CBC_KEY = "48EE9D8621739F26C215C49071e2438A"
  42. AES128CBC_IV  = "A68FBBCA44BB1F5364A530608BCDEAAB"
  43.  
  44. XML_VERSION_STRING = b'<?xml version="1.0" ?>'
  45.  
  46. def print_usage():
  47.         print("Usage : " + sys.argv[0] + " {encrypt | decrypt} input_file output_file")
  48.         sys.exit(1)
  49.  
  50. def load_config(config_file):
  51.         if os.path.isfile(config_file):
  52.                 cf = open(config_file, "rb")
  53.                 config = cf.read()
  54.                 cf.close()
  55.         else:
  56.                 print("Config file not found..exiting")
  57.                 sys.exit(1)
  58.         return config
  59.  
  60. def save_to_file(dest_file, data):
  61.         wfile = open(dest_file,"wb")
  62.         wfile.write(data)
  63.         wfile.close()
  64.  
  65. def get_sha256_hash_from_sig(sig):
  66.         sig_int = int(hexlify(sig),16)
  67.         rsa_n = int(RSA_N,16)
  68.         dec_sig_as_int = pow(sig_int, 0x10001, rsa_n );
  69.         decrypted_sig = number.long_to_bytes(dec_sig_as_int, 128)
  70.         target_sha256 = hexlify(decrypted_sig)[-64:]
  71.         return target_sha256
  72.  
  73. def calc_actual_sha256_hash(enc_config_body):
  74.         sha256 = SHA256.new()
  75.         sha256.update(enc_config_body)
  76.         actual_sha256_sig = sha256.hexdigest()
  77.         actual_sha256_sig = str.encode(actual_sha256_sig)
  78.         return actual_sha256_sig
  79.  
  80. def decrypt_body(enc_config_body):
  81.         iv = unhexlify(AES128CBC_IV)
  82.         key= unhexlify(AES128CBC_KEY)
  83.         cipher = AES.new(key, AES.MODE_CBC, iv)
  84.         decrypted_data = cipher.decrypt(enc_config_body)
  85.         # Strip block padding
  86.         decrypted_data=decrypted_data.rstrip(b'\0')
  87.         return decrypted_data
  88.  
  89.  
  90. def decrypt_config(input_file, output_file):
  91.         enc_config=load_config(input_file)
  92.         sig = enc_config[:0x80]
  93.         enc_config_body=enc_config[0x80:]
  94.  
  95.         print("verifying signature...")
  96.         target_sha256_hash = get_sha256_hash_from_sig(sig)
  97.         actual_sha256_hash = calc_actual_sha256_hash(enc_config_body)
  98.  
  99.         if (actual_sha256_hash == target_sha256_hash):
  100.                 print("Signature ok...")               
  101.         else:
  102.                 print("Signature not ok...exiting")
  103.                 sys.exit(1)
  104.  
  105.         print("Decrypting...")
  106.         decrypted_data = decrypt_body(enc_config_body)
  107.  
  108.         check_config(decrypted_data)
  109.  
  110.         print("Saving decrypted config to " + output_file + "...")
  111.         save_to_file(output_file, decrypted_data)
  112.  
  113. def check_config(new_config_file):
  114.         head = new_config_file[0:len(XML_VERSION_STRING)]
  115.         if head != XML_VERSION_STRING:
  116.                 print("Not a valid config file...exiting")
  117.                 sys.exit(1)
  118.  
  119. def encrypt_config(input_file, output_file):
  120.         new_config_file=load_config(input_file)
  121.  
  122.         check_config(new_config_file)
  123.  
  124.         padding_amount = len(new_config_file) % 32
  125.         print("" + str(padding_amount) + " bytes padding needed")
  126.         print("Adding padding...")
  127.         new_config_file=new_config_file + b'\0'*(32-padding_amount)
  128.  
  129.         print("Encrypting config...")
  130.         iv = unhexlify(AES128CBC_IV)
  131.         key= unhexlify(AES128CBC_KEY)
  132.         aes = AES.new(key, AES.MODE_CBC, iv)
  133.         enc_new_config = aes.encrypt(new_config_file)
  134.  
  135.         print("Calculating SHA256 hash...")
  136.         h = SHA256.new()
  137.         h.update(enc_new_config)
  138.         actual_sha256_sig = h.hexdigest()
  139.  
  140.         sig = SIG_TEMPLATE+actual_sha256_sig;
  141.  
  142.         print("Encrypting Signature...")
  143.         sig_int = int(sig,16)
  144.         rsa_d = int(RSA_D,16)
  145.         rsa_n = int(RSA_N,16)
  146.         enc_sig_int = pow(sig_int, rsa_d, rsa_n);
  147.  
  148.         encrypted_sig = number.long_to_bytes(enc_sig_int, 128)
  149.         enc_config = encrypted_sig + enc_new_config
  150.  
  151.         print("Saving encrypted config to " + output_file + "...")
  152.         save_to_file(output_file, enc_config)
  153.  
  154. def main():
  155.  
  156.         if len(sys.argv) < 4:
  157.                 print_usage()
  158.  
  159.         input_file = sys.argv[2]
  160.         output_file = sys.argv[3]
  161.         command = sys.argv[1]
  162.  
  163.         if (command == "encrypt"):
  164.                 encrypt_config(input_file, output_file)
  165.         elif (command == "decrypt"):
  166.                 decrypt_config(input_file, output_file)
  167.         else:
  168.                 print_usage()
  169.  
  170.  
  171.  
  172. if __name__ == "__main__":
  173.         main()
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top