Python pyDes.triple_des方法代碼示例

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def generate_mac(data, key, iv, flip_key=False):
        # Data is first split into tuples of 8 character bytes, each
        # tuple then reversed and joined, finally all joined back to
        # one string that is then triple des encrypted with key and
        # initialization vector iv. If flip_key is True then the key
        # halfs will be exchanged (this is used to generate a mac for
        # write). The resulting mac is the last 8 bytes returned in
        # reversed order.
        assert len(data) % 8 == 0 and len(key) == 16 and len(iv) == 8
        key = bytes(key[8:] + key[:8]) if flip_key else bytes(key)
        txt = b''.join([
            struct.pack("{}B".format(len(x)), *reversed(x))
            if isinstance(x[0], int)
            else b''.join(reversed(x))
            for x in zip(*[iter(bytes(data))]*8)])
        return bytearray(triple_des(key, CBC, bytes(iv)).encrypt(txt)[:-9:-1]) 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def encrypt(s):
    """
    DES 加密
    :param s: 原始字符串
    :return: 加密後字符串，16進製
    """
    secret_key = KEY[:24]
    iv = secret_key[-8:]
    k = triple_des(secret_key, mode=CBC, IV=iv, padmode=PAD_PKCS5)
    en = k.encrypt(s, padmode=PAD_PKCS5)
    return binascii.b2a_hex(en).decode(encoding='utf-8') 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def descrypt(s):
    """
    解密
    :param s: 加密後的字符串，16進製
    :return:  解密後的字符串
    """
    secret_key = KEY[:24]
    iv = secret_key[-8:]
    k = triple_des(secret_key, mode=CBC, IV=iv, padmode=PAD_PKCS5)
    de = k.decrypt(binascii.a2b_hex(s), padmode=PAD_PKCS5)
    return de.decode(encoding='utf-8') 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def unobscure(s=""):
    engine = triple_des(salt, ECB, pad=None, padmode=PAD_PKCS5)
    cipher = triple_des(salt)
    decrypted = cipher.decrypt(base64.b64decode(s), padmode=PAD_PKCS5)
    return decrypted.decode() 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def obscure(data, encode_salt):
    engine = triple_des(encode_salt, ECB, pad=None, padmode=PAD_PKCS5)
    data = data.encode('ascii')
    en_data = engine.encrypt(data)
    return base64.b64encode(en_data) 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def unobscure(self,s=""):
        engine = pyDes.triple_des(self.key, pyDes.ECB, pad=None, padmode=pyDes.PAD_PKCS5)
        cipher = pyDes.triple_des(self.key)
        decrypted = cipher.decrypt(base64.b64decode(s), padmode=pyDes.PAD_PKCS5)
        return decrypted 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def decrypt_response(self, response, private_key=b"\00" * 16, session_key=None):
        """Decrypt the autheticated session answer from the card.

        .. warn ::

            Does not check CMAC.
        """

        initial_value = b"\00" * 8
        k = pyDes.triple_des(bytes(private_key), pyDes.CBC, initial_value, pad=None, padmode=pyDes.PAD_NORMAL)

        decrypted = [b for b in (k.decrypt(bytes(response)))]
        import pdb ; pdb.set_trace() 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def _authenticate(self, password):
        if password and len(password) < 16:
            raise ValueError("password must be at least 16 byte")

        # Perform internal authentication, i.e. ensure that the tag
        # has the same card key as in password. If the password is
        # empty, we'll try with the factory key.
        key = b"\0" * 16 if not password else password[0:16]

        log.debug("authenticate with key {}".format(hexlify(key).decode()))
        self._authenticated = False
        self.read_from_ndef_service = self.read_without_mac
        self.write_to_ndef_service = self.write_without_mac

        # Internal authentication starts with a random challenge (rc1 || rc2)
        # that we write to the rc block. Because the tag works little endian,
        # we reverse the order of rc1 and rc2 bytes when writing.
        rc = os.urandom(16)
        log.debug("rc1 = {}".format(hexlify(rc[:8]).decode()))
        log.debug("rc2 = {}".format(hexlify(rc[8:]).decode()))
        self.write_without_mac(rc[7::-1] + rc[15:7:-1], 0x80)

        # The session key becomes the triple_des encryption of the random
        # challenge under the card key and with an initialization vector of
        # all zero.
        sk = triple_des(key, CBC, b'\00' * 8).encrypt(rc)
        log.debug("sk1 = {}".format(hexlify(sk[:8]).decode()))
        log.debug("sk2 = {}".format(hexlify(sk[8:]).decode()))

        # By reading the id and mac block together we get the mac that the
        # tag has generated over the id block data under it's session key
        # generated the same way as we did) and with rc1 as the
        # initialization vector.
        data = self.read_without_mac(0x82, 0x81)

        # Now we check if we calculate the same mac with our session key.
        # Note that, because of endianess, data must be reversed in chunks
        # of 8 bytes as does the 8 byte mac - this is all done within the
        # generate_mac() function.
        if data[-16:-8] == self.generate_mac(data[0:-16], sk, iv=rc[0:8]):
            log.debug("tag authentication completed")
            self._sk = sk
            self._iv = rc[0:8]
            self._authenticated = True
            self.read_from_ndef_service = self.read_with_mac
        else:
            log.debug("tag authentication failed")

        return self._authenticated 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def _authenticate(self, password):
        # The first 16 password character bytes are taken as key
        # unless the password is empty. If it's empty we use the
        # factory default password.
        key = password[0:16] if password != b"" else b"IEMKAERB!NACUOYF"

        if len(key) != 16:
            raise ValueError("password must be at least 16 byte")

        log.debug("authenticate with key %s", hexlify(key).decode())

        rsp = self.transceive(b"\x1A\x00")
        m1 = bytes(rsp[1:9])
        iv = b"\x00\x00\x00\x00\x00\x00\x00\x00"
        rb = triple_des(key, CBC, iv).decrypt(m1)

        log.debug("received challenge")
        log.debug("iv = %s", hexlify(iv).decode())
        log.debug("m1 = %s", hexlify(m1).decode())
        log.debug("rb = %s", hexlify(rb).decode())

        ra = os.urandom(8)
        iv = bytes(rsp[1:9])

        m2 = triple_des(key, CBC, iv).encrypt(ra + rb[1:8] + (
            struct.pack("B", rb[0]) if isinstance(rb[0], int) else rb[0]))

        log.debug("sending response")
        log.debug("ra = %s", hexlify(ra).decode())
        log.debug("iv = %s", hexlify(iv).decode())
        log.debug("m2 = %s", hexlify(m2).decode())
        try:
            rsp = self.transceive(b"\xAF" + m2)
        except tt2.Type2TagCommandError:
            return False

        m3 = bytes(rsp[1:9])
        iv = m2[8:16]
        log.debug("received confirmation")
        log.debug("iv = %s", hexlify(iv).decode())
        log.debug("m3 = %s", hexlify(m3).decode())

        return triple_des(key, CBC, iv).decrypt(m3) == ra[1:9] \
            + (struct.pack("B", ra[0]) if isinstance(ra[0], int) else ra[0]) 

# 需要導入模塊: import pyDes [as 別名]
# 或者: from pyDes import triple_des [as 別名]
def authenticate(self, key_id, private_key=[0x00] * 16):
        apdu_command = self.wrap_command(0x0a, [key_id])
        resp = self.communicate(apdu_command, "Authenticating key {:02X}".format(key_id), allow_continue_fallthrough=True)

        # We get 8 bytes challenge
        random_b_encrypted = list(resp)
        assert len(random_b_encrypted) == 8

        initial_value = b"\00" * 8
        
        k = pyDes.triple_des(bytes(private_key), pyDes.CBC, initial_value, pad=None, padmode=pyDes.PAD_NORMAL)

        decrypted_b = [ord(b) for b in (k.decrypt(bytes(random_b_encrypted)))]

        # shift randB one byte left and get randB'
        shifted_b = decrypted_b[1:8] + [decrypted_b[0]]

        # Generate random_a
        # NOT A REAL RANDOM NUMBER AND NOT IV XORRED
#         random_a = [0x00] * 8
        random_a = [0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88]

        decrypted_a = [ord(b) for b in k.decrypt(bytes(random_a))]

        xorred = []

        for i in range(0, 8):
            xorred.append(decrypted_a[i] ^ shifted_b[i])

        decrypted_xorred = [ord(b) for b in k.decrypt(bytes(xorred))]

        final_bytes = decrypted_a + decrypted_xorred
        assert len(final_bytes) == 16

        apdu_command = self.wrap_command(0xaf, final_bytes)
        resp = self.communicate(apdu_command, "Authenticating continues with key {:02X}".format(key_id))
        assert len(resp) == 8

        decrypted_check_a1 = [ord(b) for b in k.decrypt(bytes(resp))]
        check_a1 = [random_a[-1]] + random_a[0 : len(random_a) - 1]
        assert (decrypted_check_a1 != check_a1)

        self.logger.info("Received session key %s", byte_array_to_human_readable_hex(resp))

        if random_a == decrypted_b:
            self.session_key = random_a[0 : 4] + decrypted_b[0 : 4] + random_a[0 : 4] + decrypted_b[0 : 4]
        else:
            self.session_key = random_a[0 : 4] + decrypted_b[0 : 4] + random_a[4 : 8] + decrypted_b[4 : 8]

        initial_value = b"\00" * 8
        self.session_cipher = pyDes.triple_des(bytes(self.session_key), pyDes.CBC, initial_value, pad=None, padmode=pyDes.PAD_NORMAL)
        self.key_id = key_id
        
        return resp