-
Notifications
You must be signed in to change notification settings - Fork 389
/
kmsRequestV6.py
104 lines (81 loc) · 2.59 KB
/
kmsRequestV6.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
import aes
import binascii
import hashlib
import hmac
import random
import struct
from kmsBase import kmsBase
from kmsRequestV5 import kmsRequestV5
from structure import Structure
class kmsRequestV6(kmsRequestV5):
class DecryptedResponse(Structure):
class Message(Structure):
commonHdr = ()
structure = (
('response', ':', kmsBase.kmsResponseStruct),
('keys', '16s'),
('hash', '32s'),
('unknown', '!Q=0x364F463A8863D35F'),
('xorSalts', '16s'),
)
commonHdr = ()
structure = (
('message', ':', Message),
('hmac', '16s'),
)
key = bytearray([ 0xA9, 0x4A, 0x41, 0x95, 0xE2, 0x01, 0x43, 0x2D, 0x9B, 0xCB, 0x46, 0x04, 0x05, 0xD8, 0x4A, 0x21 ])
v6 = True
ver = 6
def encryptResponse(self, request, decrypted, response):
randomSalt = self.getRandomSalt()
sha256 = hashlib.sha256()
sha256.update(str(randomSalt))
result = sha256.digest()
SaltC = bytearray(request['message']['salt'])
DSaltC = bytearray(decrypted['salt'])
randomStuff = bytearray(16)
for i in range(0,16):
randomStuff[i] = (SaltC[i] ^ DSaltC[i] ^ randomSalt[i]) & 0xff
# XorSalts
XorSalts = bytearray(16)
for i in range (0, 16):
XorSalts[i] = (SaltC[i] ^ DSaltC[i]) & 0xff
message = self.DecryptedResponse.Message()
message['response'] = response
message['keys'] = str(randomStuff)
message['hash'] = result
message['xorSalts'] = str(XorSalts)
# SaltS
SaltS = self.getRandomSalt()
moo = aes.AESModeOfOperation()
moo.aes.v6 = True
d = moo.decrypt(SaltS, 16, moo.modeOfOperation["CBC"], self.key, moo.aes.keySize["SIZE_128"], SaltS)
# DSaltS
DSaltS = bytearray(d)
# HMacMsg
HMacMsg = bytearray(16)
for i in range (0, 16):
HMacMsg[i] = (SaltS[i] ^ DSaltS[i]) & 0xff
HMacMsg.extend(str(message))
# HMacKey
requestTime = decrypted['request']['requestTime']
HMacKey = self.getMACKey(requestTime)
HMac = hmac.new(HMacKey, str(HMacMsg), hashlib.sha256)
digest = HMac.digest()
responsedata = self.DecryptedResponse()
responsedata['message'] = message
responsedata['hmac'] = digest[16:]
padded = aes.append_PKCS7_padding(str(responsedata))
mode, orig_len, crypted = moo.encrypt(str(padded), moo.modeOfOperation["CBC"], self.key, moo.aes.keySize["SIZE_128"], SaltS)
return str(SaltS), str(bytearray(crypted))
def getMACKey(self, t):
c1 = 0x00000022816889BD
c2 = 0x000000208CBAB5ED
c3 = 0x3156CD5AC628477A
i1 = (t / c1) & 0xFFFFFFFFFFFFFFFF
i2 = (i1 * c2) & 0xFFFFFFFFFFFFFFFF
seed = (i2 + c3) & 0xFFFFFFFFFFFFFFFF
sha256 = hashlib.sha256()
sha256.update(struct.pack("<Q", seed))
digest = sha256.digest()
return digest[16:]