Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #! /usr/bin/env python
- # hg658c.wordpress.com
- # Version 3
- import sys
- import os
- from binascii import hexlify, unhexlify
- from Crypto.Cipher import AES
- from Crypto.Hash import SHA256
- from Crypto.Util import number
- RSA_D = "2345ADB2C06E54D7373E2A233A50150A" \
- "4044E417FBF76FB1AC8A444E72A345AA" \
- "14B7C349A4824C96DF9ECF7D8CC50425" \
- "32930DBD40D86FDCD892398702E3EA51" \
- "41C90F10494BB91440E89B104626CCCB" \
- "E45A5133362359732954BD63FCA58929" \
- "E3D890014FDF83847E6B19F0D9E1117E" \
- "9706984EAA57E114934B273366C4DBD1"
- RSA_N = "C206CF93A9E6EE1CE17984DD54422AC4" \
- "561A4EEB969D1BA81432626D6409FA03" \
- "3B3738F8BBA046ACEF3BAC35094B70AF" \
- "231D9DC43C1D68EDBEBE983E267B72FD" \
- "3C2A7614D60FA7457B92B6A45C49F307" \
- "EA23DE51E7E0C36D6440FC4F62C44CCB" \
- "4169914E43DBFDAE536F002B2D670CE0" \
- "A2A11FD1AF4C484C1A6FED9C228199A3"
- RSA_E = "010001"
- SIG_TEMPLATE = "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "003021300906052B0E03021A05000420"
- AES128CBC_KEY = "48EE9D8621739F26C215C49071e2438A"
- AES128CBC_IV = "A68FBBCA44BB1F5364A530608BCDEAAB"
- XML_VERSION_STRING = b'<?xml version="1.0" ?>'
- def print_usage():
- print("Usage : " + sys.argv[0] + " {encrypt | decrypt} input_file output_file")
- sys.exit(1)
- def load_config(config_file):
- if os.path.isfile(config_file):
- cf = open(config_file, "rb")
- config = cf.read()
- cf.close()
- else:
- print("Config file not found..exiting")
- sys.exit(1)
- return config
- def save_to_file(dest_file, data):
- wfile = open(dest_file,"wb")
- wfile.write(data)
- wfile.close()
- def get_sha256_hash_from_sig(sig):
- sig_int = int(hexlify(sig),16)
- rsa_n = int(RSA_N,16)
- dec_sig_as_int = pow(sig_int, 0x10001, rsa_n );
- decrypted_sig = number.long_to_bytes(dec_sig_as_int, 128)
- target_sha256 = hexlify(decrypted_sig)[-64:]
- return target_sha256
- def calc_actual_sha256_hash(enc_config_body):
- sha256 = SHA256.new()
- sha256.update(enc_config_body)
- actual_sha256_sig = sha256.hexdigest()
- actual_sha256_sig = str.encode(actual_sha256_sig)
- return actual_sha256_sig
- def decrypt_body(enc_config_body):
- iv = unhexlify(AES128CBC_IV)
- key= unhexlify(AES128CBC_KEY)
- cipher = AES.new(key, AES.MODE_CBC, iv)
- decrypted_data = cipher.decrypt(enc_config_body)
- # Strip block padding
- decrypted_data=decrypted_data.rstrip(b'\0')
- return decrypted_data
- def decrypt_config(input_file, output_file):
- enc_config=load_config(input_file)
- sig = enc_config[:0x80]
- enc_config_body=enc_config[0x80:]
- print("verifying signature...")
- target_sha256_hash = get_sha256_hash_from_sig(sig)
- actual_sha256_hash = calc_actual_sha256_hash(enc_config_body)
- if (actual_sha256_hash == target_sha256_hash):
- print("Signature ok...")
- else:
- print("Signature not ok...exiting")
- sys.exit(1)
- print("Decrypting...")
- decrypted_data = decrypt_body(enc_config_body)
- check_config(decrypted_data)
- print("Saving decrypted config to " + output_file + "...")
- save_to_file(output_file, decrypted_data)
- def check_config(new_config_file):
- head = new_config_file[0:len(XML_VERSION_STRING)]
- if head != XML_VERSION_STRING:
- print("Not a valid config file...exiting")
- sys.exit(1)
- def encrypt_config(input_file, output_file):
- new_config_file=load_config(input_file)
- check_config(new_config_file)
- padding_amount = len(new_config_file) % 32
- print("" + str(padding_amount) + " bytes padding needed")
- print("Adding padding...")
- new_config_file=new_config_file + b'\0'*(32-padding_amount)
- print("Encrypting config...")
- iv = unhexlify(AES128CBC_IV)
- key= unhexlify(AES128CBC_KEY)
- aes = AES.new(key, AES.MODE_CBC, iv)
- enc_new_config = aes.encrypt(new_config_file)
- print("Calculating SHA256 hash...")
- h = SHA256.new()
- h.update(enc_new_config)
- actual_sha256_sig = h.hexdigest()
- sig = SIG_TEMPLATE+actual_sha256_sig;
- print("Encrypting Signature...")
- sig_int = int(sig,16)
- rsa_d = int(RSA_D,16)
- rsa_n = int(RSA_N,16)
- enc_sig_int = pow(sig_int, rsa_d, rsa_n);
- encrypted_sig = number.long_to_bytes(enc_sig_int, 128)
- enc_config = encrypted_sig + enc_new_config
- print("Saving encrypted config to " + output_file + "...")
- save_to_file(output_file, enc_config)
- def main():
- if len(sys.argv) < 4:
- print_usage()
- input_file = sys.argv[2]
- output_file = sys.argv[3]
- command = sys.argv[1]
- if (command == "encrypt"):
- encrypt_config(input_file, output_file)
- elif (command == "decrypt"):
- decrypt_config(input_file, output_file)
- else:
- print_usage()
- if __name__ == "__main__":
- main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement