def run(self):
tmp = self.sock.recv(1024)
length = int.from_bytes(tmp[0:2], 'little')
tmp = tmp[2:]
block = tmp[0:length]
tmp = tmp[length:]
tag = tmp[0:16]
request = chacha20_aead_decrypt(
length.to_bytes(2, byteorder='little'), self.c2a_key,
self.c2a_counter.to_bytes(8, byteorder='little'),
bytes([0, 0, 0, 0]), block + tag)
assert b'Host:' in request
self.c2a_counter += 1
combined_data = b''
for data in self.data:
len_bytes = len(data).to_bytes(2, byteorder='little')
cnt_bytes = self.a2c_counter.to_bytes(8, byteorder='little')
self.a2c_counter += 1
ciper_and_mac = chacha20_aead_encrypt(len_bytes,
self.a2c_key, cnt_bytes,
bytes([0, 0, 0, 0]),
data.encode())
if self.encryption_fail:
ciper_and_mac[0][0] = 0
combined_data += len_bytes + ciper_and_mac[0] + ciper_and_mac[1]
self.sock.send(combined_data)
def encrypt_value(self, value):
device = self.service.device
session = device.sessions[device.session_id]
if 'accessory_to_controller_key' in session:
a2c_key = session['accessory_to_controller_key']
cnt_bytes = session['accessory_to_controller_count'].to_bytes(8, byteorder='little')
ciper_and_mac = chacha20_aead_encrypt(b'', a2c_key, cnt_bytes, bytes([0, 0, 0, 0]), value)
session['accessory_to_controller_count'] += 1
value = ciper_and_mac[0] + ciper_and_mac[1]
return value
def _handle_request(self, data):
with self.lock:
data = data.replace("\n", "\r\n")
assert len(data) < 1024
len_bytes = len(data).to_bytes(2, byteorder='little')
cnt_bytes = self.c2a_counter.to_bytes(8, byteorder='little')
self.c2a_counter += 1
ciper_and_mac = chacha20_aead_encrypt(len_bytes,
self.c2a_key, cnt_bytes,
bytes([0, 0, 0, 0]),
data.encode())
self.sock.send(len_bytes + ciper_and_mac[0] + ciper_and_mac[1])
return self._read_response()
def _handle_request(self, data):
with self.lock:
data = data.replace("\n", "\r\n")
assert len(data) < 1024
len_bytes = len(data).to_bytes(2, byteorder='little')
cnt_bytes = self.c2a_counter.to_bytes(8, byteorder='little')
self.c2a_counter += 1
ciper_and_mac = chacha20_aead_encrypt(len_bytes, self.c2a_key, cnt_bytes, bytes([0, 0, 0, 0]),
data.encode())
try:
self.sock.send(len_bytes + ciper_and_mac[0] + ciper_and_mac[1])
return self._read_response(self.timeout)
except OSError as e:
raise exceptions.AccessoryDisconnectedError(str(e))
def test_example2_8_2(self):
# Test aus 2.8.2
plain_text = "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, " \
"sunscreen would be it.".encode()
aad = 0x50515253c0c1c2c3c4c5c6c7.to_bytes(length=12, byteorder='big')
key = 0x808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f.to_bytes(
length=32, byteorder='big')
iv = 0x4041424344454647.to_bytes(length=8, byteorder='big')
fixed = 0x07000000.to_bytes(length=4, byteorder='big')
r_ = (bytes([
0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, 0x7b, 0x86, 0xaf,
0xbc, 0x53, 0xef, 0x7e, 0xc2, 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e,
0x08, 0xfe, 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, 0x3d,
0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, 0x82, 0xfa, 0xfb, 0x69,
0xda, 0x92, 0x72, 0x8b, 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b,
0x29, 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, 0x92, 0xdd,
0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, 0x98, 0x03, 0xae, 0xe3, 0x28,
0x09, 0x1b, 0x58, 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94,
0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, 0x3f, 0xf4, 0xde,
0xf0, 0x8e, 0x4b, 0x7a, 0x9d, 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce,
0xc6, 0x4b, 0x61, 0x16
]),
bytes([
0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, 0x7e, 0x90,
0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91
]))
r = chacha20_aead_encrypt(aad, key, iv, fixed, plain_text)
self.assertEqual(r[0], r_[0], 'ciphertext')
self.assertEqual(r[1], r_[1], 'tag')
self.assertTrue(
chacha20_aead_verify_tag(aad, key, iv, fixed, r[0] + r[1]))
self.assertFalse(
chacha20_aead_verify_tag(aad, key, iv, fixed,
r[0] + r[1] + bytes([0, 1, 2, 3])))
plain_text_ = chacha20_aead_decrypt(aad, key, iv, fixed, r[0] + r[1])
self.assertEqual(plain_text, plain_text_)
self.assertFalse(
chacha20_aead_decrypt(aad, key, iv, fixed,
r[0] + r[1] + bytes([0, 1, 2, 3])))
def _handle_request(self, data):
logging.debug('handle request: %s', data)
with self.lock:
while len(data) > 0:
# split the data to max 1024 bytes (see page 71)
len_data = min(len(data), 1024)
tmp_data = data[:len_data]
data = data[len_data:]
len_bytes = len_data.to_bytes(2, byteorder='little')
cnt_bytes = self.c2a_counter.to_bytes(8, byteorder='little')
self.c2a_counter += 1
ciper_and_mac = chacha20_aead_encrypt(len_bytes, self.c2a_key,
cnt_bytes,
bytes([0, 0, 0,
0]), tmp_data)
try:
self.sock.send(len_bytes + ciper_and_mac[0] +
ciper_and_mac[1])
except OSError as e:
raise exceptions.AccessoryDisconnectedError(str(e))
return self._read_response(self.timeout)
def run(self):
# tmp = self.sock.recv(1024)
# length = int.from_bytes(tmp[0:2], 'little')
# tmp = tmp[2:]
# block = tmp[0:length]
# tmp = tmp[length:]
# tag = tmp[0:16]
# request = chacha20_aead_decrypt(length.to_bytes(2, byteorder='little'),
# self.c2a_key,
# self.c2a_counter.to_bytes(8, byteorder='little'),
# bytes([0, 0, 0, 0]), block + tag)
self.c2a_counter += 1
data = 'HTTP/1.1 200 OK\r\nContent-Length: 0\r\n\r\n'
len_bytes = len(data).to_bytes(2, byteorder='little')
cnt_bytes = self.a2c_counter.to_bytes(8, byteorder='little')
self.a2c_counter += 1
ciper_and_mac = chacha20_aead_encrypt(len_bytes, self.a2c_key, cnt_bytes, bytes([0, 0, 0, 0]),
data.encode())
if self.encryption_fail:
ciper_and_mac[0][0] = 0
self.sock.send(len_bytes + ciper_and_mac[0] + ciper_and_mac[1])