def testServerVerification(self):
getCertResponse = "<?xml version=\"1.0\" encoding=\"UTF-16\"?><root protocol_version=\"0.1\" query=\"pair\" status_code=\"200\" status_message=\"OK\"><challengeresponse></challengeresponse><encodedcipher></encodedcipher><isBusy>0</isBusy><paired>1</paired><pairingsecret></pairingsecret><plaincert>2D2D2D2D2D424547494E2043455254494649434154452D2D2D2D2D0A4D494943776A434341616F434351436C616B502F47746678367A414E42676B71686B694739773042415155464144416A4D53457748775944565151444442684F0A566B6C4553554567523246745A564E30636D5668625342545A584A325A5849774868634E4D5459774E4441794D54497A4D7A49775768634E4D7A59774E4441790A4D54497A4D7A4977576A416A4D53457748775944565151444442684F566B6C4553554567523246745A564E30636D5668625342545A584A325A584977676745690A4D4130474353714753496233445145424151554141344942447741776767454B416F49424151446F6A70315167732F6242472F4E75377449366E326B4D7658390A3871656A3866486A46746B70534A6A654B4B45714F456D6F51564E674F6E4B4641757A364B6550497544592F4D694265315070675A6A726651336C4B454449510A4D51497676496163706A4135557839625A4F454B524B4C6C534237485A4D4A73676562414459786731624A484677463475443373477A41304E675955546F49430A79694E794C41757655676C726E50523348503771574D527641395373314A4A7476327159624C6F76484930507A534842524F5058384C6F6F6243366C6C7153760A346774646C6846674858463962644779467372786246634568476E6458715834752B39376C6159484E7A35446A3338504F712F7365647A6B55684631434274480A36546972502F766765306B2B667A6F4C4272775A772F6E6C705759646B68694A4D5579446A737158597544796B48524F78593253524A33764C45583941674D420A414145774451594A4B6F5A496876634E415145464251414467674542414D5A433378794A5048335673483637564764574F4B64656B57645154747771766531710A39517555694138746A5151514B38656372584E417642415A4276743530574749472B7236646D34434A4F5838774A416A46546873467A6A6F306D3852714148550A36526C6D6D70627952454F7130434C627361416B63466D5558724C44694E5A665A55584F736A4342735147597A524A47646F6C34446953496264574C4758496B0A6D3254464845314155636977734B454836342F4E376E54344E4A4633512B3464726D2B3361515274622B6543354B49694B3552627A706D7577445261517744700A334D714532736C595A4C5755316D6C6A2F6C56704B4854473855626D486B2B7330694F4F566A7A4241353236696D644F412F736E4E43746B707735596E64385A0A48354C3174745649357A33777567415073345461515972503865364146412F2F7131394C505056712B5564306B44696D4F61733D0A2D2D2D2D2D454E442043455254494649434154452D2D2D2D2D0A</plaincert></root>"
cert, sig = PairingManager.extract_plain_cert(getCertResponse)
serverSecretResponseString = "<?xml version=\"1.0\" encoding=\"UTF-16\"?><root protocol_version=\"0.1\" query=\"pair\" status_code=\"200\" status_message=\"OK\"><challengeresponse></challengeresponse><encodedcipher></encodedcipher><isBusy>0</isBusy><paired>1</paired><pairingsecret>3880D207483FD2D6A2E0E1C961457050392B05A7D271343D8AB69E9770E4EE5999985623CEF8E82B34B55C48F9AE7373EB0AC1D9F78F1F8179678647438A62BB551447268E2B47187B9E81A787AD5324F3F60572B8AE86B277D9E3AB39D287AEF2A3A612280DA78E721538DE1362602204A3BEDCFB7DA880C3ED9B68FCB256553C84F8A6402E49673F07796B50701E8B3418CE198FE7DA74665A5685439B92791338F03A863132B689B122721D7F0A57547096E055EC83BDB6E39E76107F7C6758E2FC42B11D78BC73BB180F0FCC094BA0C3A1E49FEEA106E363FCD263666F409996C3C8888FF3B3C4FD23C1DA1E0D24F6E02884ADE27E93C61572E7EFB8ECE61EBD8171D822620D78D313CC258C261F</pairingsecret><plaincert></plaincert></root>"
serverSecretResponse = PairingManager.hex_to_bytes(NvHTTP.get_xml_string(serverSecretResponseString, "pairingsecret"))
serverSecret = serverSecretResponse[:16]
serverSignature = serverSecretResponse[16:272]
self.assertEqual(True, PairingManager.verify_signature(serverSecret, serverSignature, cert))
def testDataSigning(self):
provider = CryptoProvider()
privateKey = provider.get_client_private_key()
cert = provider.get_client_cert()
clientSecretAsHex = "7E72A5BFEB5679B35060E3C805CA233E"
clientSecret = PairingManager.hex_to_bytes(clientSecretAsHex)
# signedSecret = base64.b64encode(PairingManager.sign_data(clientSecret, privateKey))
signedSecret = PairingManager.sign_data(clientSecret, privateKey)
clientPairingSecret = PairingManager.concat_bytes(clientSecret, signedSecret)
self.assertEqual(True, PairingManager.verify_signature(clientSecret, signedSecret, cert))
self.assertEqual(False, PairingManager.verify_signature(clientSecret[:-1], signedSecret, cert))
self.assertEqual(272, len(clientPairingSecret))
def testCertPemBytes(self):
provider = CryptoProvider()
# provider.generate_cert_key_pair()
provider.get_client_cert()
certBytes = provider.get_pem_encoded_client_cert()
assertedCertHex = "2D2D2D2D2D424547494E2043455254494649434154452D2D2D2D2D0A4D4949432F7A43434165656741774942416749424154414E42676B71686B694739773042415155464144416A4D53457748775944565151444442684F566B6C450A53554567523246745A564E30636D56686253424462476C6C626E51774868634E4D5459774E4449794D5451314E5445355768634E4D5463774E4449794D5451310A4E544535576A416A4D53457748775944565151444442684F566B6C4553554567523246745A564E30636D56686253424462476C6C626E5177676745694D4130470A4353714753496233445145424151554141344942447741776767454B416F49424151445957664C55644941374B56336752756B462F5838343878714C4D706E4A0A566571526373613148464B3659702B524D4D697267767978614F724F3843456F5366565154617049337A367778756B7448776677674D6D5742794934373530670A717A7A4B703048542B32626A66733859756F77362B6B6B3535634C533356425047496A444D484A30784C4F2B75614431337943656A64563532753957314D43640A31434841726242664450436A57466A37713758574973565468334D7A4538795870656D7676785939674B476B68486163374843326B5832544959614C4D51417A0A764857715647382B446D626C653174566231314D69655A4B535949322F4C36436335644F4C58306D57566E68544D666A6C495966464B734776353770744473770A456653573449712B4676576D2F4F6C476B6855444D3155506C6F3250347046464469766548466D6A5938482B3666476E71766F314C69514A41674D424141476A0A506A41384D41384741315564457745422F7751464D414D424166387744675944565230504151482F42415144416745474D426B4741315564446751534242436F0A71726D4F75712F454A4D55443630316A644F426D4D413047435371475349623344514542425155414134494241514169632B3969474553783350577671766E630A536139346A68486565435067567A545472553264783753533947756C3469796B382F484750654F2F743773427976314746596B7135566A66702F5A51476E6F530A6C56684C6B7442317861656733446935313773724A304345444E6951374F324D4772642B6C494A7A716648313270507565523739524B6A4967676945393379710A436B5676302B2F55366C2B6463743079625054334D4C715855586638614861757739424B47645464596C483372704C65574365355370503642336C52643162740A577744716535305736356A74326D334D48714B533336426D6B72664B2B7872687065776D73524F5644304261496B587A7A676C6F2F4773743533306A347A6D4A0A676B4E46616C736C4648306741384C6931424E6B684A50776262667757353235556D424A7233355646316759506A367543512F4E42797A6E505162345873504A0A674D74680A2D2D2D2D2D454E442043455254494649434154452D2D2D2D2D0A"
java_pem = provider.load_file_to_bytes('client.crt')
assert_java_hex = "2D2D2D2D2D424547494E2043455254494649434154452D2D2D2D2D0A4D494943786A4343416136674177494241674949594E592B53344850494F45774451594A4B6F5A496876634E4151454642514177497A45684D423847413155450A41777759546C5A4A52456C42494564686257565464484A6C59573067513278705A5735304D423458445445324D4451794D5445794E444D304F566F5844544D320A4D4451794D5445794E444D304F566F77497A45684D4238474131554541777759546C5A4A52456C42494564686257565464484A6C59573067513278705A5735300A4D494942496A414E42676B71686B6947397730424151454641414F43415138414D49494243674B43415145416E44667063622F784571484659544D332F7143520A4C7036732F736738596B45705A30556A5979704D35703266504F48415241715756444237584C36315A47446A4B7444424C636D4B5149687738416872574370430A554F75486C64496538335974636B7051615878515679342F737154532F7A6B74782B32572B4F75577037527646304968495A4E75486764784D5751723857444D0A6542574E5672392B47517648557261765250525767505349334B6E4B68482F575A763278487A4C4A566E387A367A6555347856623938374E30704C65724447300A7032716E5167585A4142693468312B48496C65305A714453755A6A31584E77534D4A54386B324C64776275735336444166796B4D4C73786672586573386465560A686C4647697475504D422B77577652627977762F4E49497051662F524A4C6242506538494F487330346C5531714B36376B6941415346657230324A64383946480A42514944415141424D413047435371475349623344514542425155414134494241514359367275472F2F7479523461756477506F587969476A51386A435046760A4C7268433243726D6E76634345762F6A6456322F6D737843366E4A505578794A306A42423273376778713137596159784F6C4A44764C2B6D5870746B4E4F70510A4151475862324869316936423431547378726D34742F61352B48793252482B32777168506B48667A594B795A36616E36512F69613061673135564745555461300A415A30357137743231567872434B7241734437594D3848797675594D587072757257525253533952513555345A6F504B36574C435055384A64715856656D354D0A754E6D4E7238384730485379696467494F36712B7068444D6A665966646F737243794A6872364B693878334B7A62593976544A444A596D6A6D357A6E464A47730A7152514E347A4A346E735054636A683557734B757A364D2B716451456B624F5153623846436A7579566F4F44414A523842366867685457570A2D2D2D2D2D454E442043455254494649434154452D2D2D2D2D0A"
moonlight_pem = provider.load_file_to_bytes('client-ml.pem')
asserted_moonlight_hex = "2D2D2D2D2D424547494E2043455254494649434154452D2D2D2D2D0A4D494944417A43434165756741774942416749424144414E42676B71686B694739773042415155464144416A4D53457748775944565151444442684F566B6C450A53554567523246745A564E30636D56686253424462476C6C626E51774868634E4D5459774D7A41314D5449304E544D345768634E4D6A59774D7A417A4D5449300A4E544D34576A416A4D53457748775944565151444442684F566B6C4553554567523246745A564E30636D56686253424462476C6C626E5177676745694D4130470A4353714753496233445145424151554141344942447741776767454B416F49424151446B4F39462B5776626A4633784F556E45397637435643712B32454B4D780A387250686B496D7857364B5974434C356B6F4B632F3332444443615454317668656D4B6D7053634D6E322F696B464A386C45516E746D48577049676C76686F7A0A396A30345936326E392F36446667544D595877515A5865416559674E3742596F4364356B7A2F316D7933584246556F6A786F5A7738734D6E364E716C75724B500A6841645164614E64764A33395A6D43656A323630676B396B682F6E2B766C6A34746D53776A467A33394E683161374E474A32322B6D76644753426842572F59520A36776F55592F764D6636474969637569476A793252474E58796136352B49355359396B6D4A6D6D68734B367954517A4A485A694F592B3335326F6E61786856560A617A71753359324A52494474394E4A434C76694A2F7553323161564B65564439575374386457307145703170426D7833746734347736417A41674D424141476A0A516A42414D41384741315564457745422F7751464D414D424166387744675944565230504151482F42415144416745474D4230474131556444675157424251710A393142502F754E646348386B2F4C56354E5A4C3777736B617244414E42676B71686B6947397730424151554641414F434151454158635557794B3279676436740A65545A4F353076496357306950306F7932756A6C324452475652437444585A394E49695A624865752F4E446934646C375371393746374E595561445532464B770A75696E41355A5A6B6F62444652443530624C61622F6E476644476B44645A6B6936463969394D372B6258572B7247686951657930345864704E755669645A2F4A0A2B744630752F666A3752776A2B4C426775707569386578474151574264662B685A4F6D526234334643764F5A543266354146584F447836724A4A7076673558460A5A2F736442746854364E6D745753637630586F734F4E745267664F4237676C4142326954754D6D394B62447A695270776A546F4134585A4A487476594C69646A0A4F4B77366F4636545075444A704139587873554F61776B4D5563687345504859542F6C2F714258744C6D62516D7334345356576746707135446F4A6A666E43650A346A76474654474258673D3D0A2D2D2D2D2D454E442043455254494649434154452D2D2D2D2D0A"
self.assertEqual(asserted_moonlight_hex, PairingManager.bytes_to_hex(moonlight_pem))
self.assertEqual(assert_java_hex, PairingManager.bytes_to_hex(java_pem))
self.assertEqual(assertedCertHex, PairingManager.bytes_to_hex(certBytes))
def testAesEncryptDecrypt(self):
sha1 = Sha1PairingHash()
saltAsHex = "10A5CEFEAFE3BEACB892DEFAE5317C30"
pin = "1234"
salt = PairingManager.hex_to_bytes(saltAsHex)
saltAndPin = PairingManager.salt_pin(salt, pin)
aesKey = PairingManager.generate_aes_key(sha1, saltAndPin)
randomChallengeAsHex = "A0F7773477F91290C6E462A7EE9AAC25"
randomChallenge = PairingManager.hex_to_bytes(randomChallengeAsHex)
encryptedChallenge = PairingManager.encrypt_aes(randomChallenge, aesKey)
decryptedChallenge = PairingManager.decrypt_aes(encryptedChallenge, aesKey)
self.assertEqual("6DDE4DC10BE9E7AAF6ADCDB0192516CF", PairingManager.bytes_to_hex(aesKey).upper())
self.assertEqual("2A3C2686A60F613AD2CD769ECD4677DE", PairingManager.bytes_to_hex(encryptedChallenge).upper())
self.assertEqual(randomChallengeAsHex, PairingManager.bytes_to_hex(decryptedChallenge).upper())
def testChallengeResponse(self):
sha1 = Sha1PairingHash()
saltAsHex = "10A5CEFEAFE3BEACB892DEFAE5317C30"
pin = "1234"
salt = PairingManager.hex_to_bytes(saltAsHex)
saltAndPin = PairingManager.salt_pin(salt, pin)
aesKey = PairingManager.generate_aes_key(sha1, saltAndPin)
challengeResponse = "<?xml version=\"1.0\" encoding=\"UTF-16\"?><root protocol_version=\"0.1\" query=\"pair\" status_code=\"200\" status_message=\"OK\"><challengeresponse>271FE1A71E0B66C53A819D8C61DF3E8ED18545F7A9CD3EBC4D84FB5929ACF78A6DCA6581834D27870DB4F2BD6F0BAB22</challengeresponse><encodedcipher></encodedcipher><isBusy>0</isBusy><paired>1</paired><pairingsecret></pairingsecret><plaincert></plaincert></root>"
encryptedChallengeResponse = PairingManager.hex_to_bytes(NvHTTP.get_xml_string(challengeResponse, "challengeresponse"))
decryptedChallengeResponse = PairingManager.decrypt_aes(encryptedChallengeResponse, aesKey)
serverResponse = decryptedChallengeResponse[0:sha1.get_hash_length()]
serverChallenge = decryptedChallengeResponse[sha1.get_hash_length():sha1.get_hash_length()+16]
self.assertEqual("10A5CEFEAFE3BEACB892DEFAE5317C3031323334", PairingManager.bytes_to_hex(saltAndPin))
self.assertEqual("271FE1A71E0B66C53A819D8C61DF3E8ED18545F7A9CD3EBC4D84FB5929ACF78A6DCA6581834D27870DB4F2BD6F0BAB22", PairingManager.bytes_to_hex(encryptedChallengeResponse).upper())
self.assertEqual("D0F88541E5198E00AA1B942B47DBF28DFB8AEA604553FBD14537D14F0407C07167EFBB134991113352E7BD01B973D82B", PairingManager.bytes_to_hex(decryptedChallengeResponse).upper())
self.assertEqual("D0F88541E5198E00AA1B942B47DBF28DFB8AEA60", PairingManager.bytes_to_hex(serverResponse).upper())
self.assertEqual("4553FBD14537D14F0407C07167EFBB13", PairingManager.bytes_to_hex(serverChallenge).upper())
def testSecretAndChallengeResponse(self):
sha1 = Sha1PairingHash()
clientSecretAsHex = "7E72A5BFEB5679B35060E3C805CA233E"
clientSecret = PairingManager.hex_to_bytes(clientSecretAsHex)
clientSignatureHex = "c642df1c893c7dd5b07ebb54675638a75e9167504edc2abded6af50b94880f2d8d04102bc79cad7340bc101906fb79d161881beafa766e0224e5fcc0902315386c1738e8d26f11a801d4e919669a96f24443aad022dbb1a0247059945eb2c388d65f6545ceb23081b10198cd12467689780e24886dd58b1972249b64c51c4d4051c8b0b0a107eb8fcdee74f834917743ee1dae6fb769046d6fe782e4a2222b945bce99aec0345a4300e9dcca84dac95864b594d66963fe55692874c6f146e61e4facd2238e563cc1039dba8a674e03fb27342b64a70e589ddf191f92f5b6d548e73df0ba000fb384da418acff1ee80140fffab5f4b3cf56af947749038a639ab"
clientSignature = PairingManager.hex_to_bytes(clientSignatureHex)
serverChallengeAsHex = "4553FBD14537D14F0407C07167EFBB13"
serverChallenge = PairingManager.hex_to_bytes(serverChallengeAsHex)
challengeResponseHash = sha1.hash_data(PairingManager.concat_bytes(PairingManager.concat_bytes(serverChallenge, clientSignature), clientSecret))
challengeResponseHashAsHex = PairingManager.bytes_to_hex(challengeResponseHash)
self.assertEqual("B0B23931FE7F7412030B26DA943B81F93A2C59F5", challengeResponseHashAsHex.upper())
def testRandBytesLength(self):
rand_bytes = PairingManager.get_random_bytes(16)
self.assertEqual(16, len(rand_bytes))
def testServerCertSignature(self):
getCertResponse = "<?xml version=\"1.0\" encoding=\"UTF-16\"?><root protocol_version=\"0.1\" query=\"pair\" status_code=\"200\" status_message=\"OK\"><challengeresponse></challengeresponse><encodedcipher></encodedcipher><isBusy>0</isBusy><paired>1</paired><pairingsecret></pairingsecret><plaincert>2D2D2D2D2D424547494E2043455254494649434154452D2D2D2D2D0A4D494943776A434341616F434351436C616B502F47746678367A414E42676B71686B694739773042415155464144416A4D53457748775944565151444442684F0A566B6C4553554567523246745A564E30636D5668625342545A584A325A5849774868634E4D5459774E4441794D54497A4D7A49775768634E4D7A59774E4441790A4D54497A4D7A4977576A416A4D53457748775944565151444442684F566B6C4553554567523246745A564E30636D5668625342545A584A325A584977676745690A4D4130474353714753496233445145424151554141344942447741776767454B416F49424151446F6A70315167732F6242472F4E75377449366E326B4D7658390A3871656A3866486A46746B70534A6A654B4B45714F456D6F51564E674F6E4B4641757A364B6550497544592F4D694265315070675A6A726651336C4B454449510A4D51497676496163706A4135557839625A4F454B524B4C6C534237485A4D4A73676562414459786731624A484677463475443373477A41304E675955546F49430A79694E794C41757655676C726E50523348503771574D527641395373314A4A7476327159624C6F76484930507A534842524F5058384C6F6F6243366C6C7153760A346774646C6846674858463962644779467372786246634568476E6458715834752B39376C6159484E7A35446A3338504F712F7365647A6B55684631434274480A36546972502F766765306B2B667A6F4C4272775A772F6E6C705759646B68694A4D5579446A737158597544796B48524F78593253524A33764C45583941674D420A414145774451594A4B6F5A496876634E415145464251414467674542414D5A433378794A5048335673483637564764574F4B64656B57645154747771766531710A39517555694138746A5151514B38656372584E417642415A4276743530574749472B7236646D34434A4F5838774A416A46546873467A6A6F306D3852714148550A36526C6D6D70627952454F7130434C627361416B63466D5558724C44694E5A665A55584F736A4342735147597A524A47646F6C34446953496264574C4758496B0A6D3254464845314155636977734B454836342F4E376E54344E4A4633512B3464726D2B3361515274622B6543354B49694B3552627A706D7577445261517744700A334D714532736C595A4C5755316D6C6A2F6C56704B4854473855626D486B2B7330694F4F566A7A4241353236696D644F412F736E4E43746B707735596E64385A0A48354C3174745649357A33777567415073345461515972503865364146412F2F7131394C505056712B5564306B44696D4F61733D0A2D2D2D2D2D454E442043455254494649434154452D2D2D2D2D0A</plaincert></root>"
cert, sig = PairingManager.extract_plain_cert(getCertResponse)
assertedSignature = "c642df1c893c7dd5b07ebb54675638a75e9167504edc2abded6af50b94880f2d8d04102bc79cad7340bc101906fb79d161881beafa766e0224e5fcc0902315386c1738e8d26f11a801d4e919669a96f24443aad022dbb1a0247059945eb2c388d65f6545ceb23081b10198cd12467689780e24886dd58b1972249b64c51c4d4051c8b0b0a107eb8fcdee74f834917743ee1dae6fb769046d6fe782e4a2222b945bce99aec0345a4300e9dcca84dac95864b594d66963fe55692874c6f146e61e4facd2238e563cc1039dba8a674e03fb27342b64a70e589ddf191f92f5b6d548e73df0ba000fb384da418acff1ee80140fffab5f4b3cf56af947749038a639ab"
self.assertEqual(assertedSignature.upper(), sig.upper())
def testServerChallengeRespHashEncryption(self):
sha1 = Sha1PairingHash()
saltAsHex = "10A5CEFEAFE3BEACB892DEFAE5317C30"
pin = "1234"
salt = PairingManager.hex_to_bytes(saltAsHex)
saltAndPin = PairingManager.salt_pin(salt, pin)
aesKey = PairingManager.generate_aes_key(sha1, saltAndPin)
getCertResponse = "<?xml version=\"1.0\" encoding=\"UTF-16\"?><root protocol_version=\"0.1\" query=\"pair\" status_code=\"200\" status_message=\"OK\"><challengeresponse></challengeresponse><encodedcipher></encodedcipher><isBusy>0</isBusy><paired>1</paired><pairingsecret></pairingsecret><plaincert>2D2D2D2D2D424547494E2043455254494649434154452D2D2D2D2D0A4D494943776A434341616F434351436C616B502F47746678367A414E42676B71686B694739773042415155464144416A4D53457748775944565151444442684F0A566B6C4553554567523246745A564E30636D5668625342545A584A325A5849774868634E4D5459774E4441794D54497A4D7A49775768634E4D7A59774E4441790A4D54497A4D7A4977576A416A4D53457748775944565151444442684F566B6C4553554567523246745A564E30636D5668625342545A584A325A584977676745690A4D4130474353714753496233445145424151554141344942447741776767454B416F49424151446F6A70315167732F6242472F4E75377449366E326B4D7658390A3871656A3866486A46746B70534A6A654B4B45714F456D6F51564E674F6E4B4641757A364B6550497544592F4D694265315070675A6A726651336C4B454449510A4D51497676496163706A4135557839625A4F454B524B4C6C534237485A4D4A73676562414459786731624A484677463475443373477A41304E675955546F49430A79694E794C41757655676C726E50523348503771574D527641395373314A4A7476327159624C6F76484930507A534842524F5058384C6F6F6243366C6C7153760A346774646C6846674858463962644779467372786246634568476E6458715834752B39376C6159484E7A35446A3338504F712F7365647A6B55684631434274480A36546972502F766765306B2B667A6F4C4272775A772F6E6C705759646B68694A4D5579446A737158597544796B48524F78593253524A33764C45583941674D420A414145774451594A4B6F5A496876634E415145464251414467674542414D5A433378794A5048335673483637564764574F4B64656B57645154747771766531710A39517555694138746A5151514B38656372584E417642415A4276743530574749472B7236646D34434A4F5838774A416A46546873467A6A6F306D3852714148550A36526C6D6D70627952454F7130434C627361416B63466D5558724C44694E5A665A55584F736A4342735147597A524A47646F6C34446953496264574C4758496B0A6D3254464845314155636977734B454836342F4E376E54344E4A4633512B3464726D2B3361515274622B6543354B49694B3552627A706D7577445261517744700A334D714532736C595A4C5755316D6C6A2F6C56704B4854473855626D486B2B7330694F4F566A7A4241353236696D644F412F736E4E43746B707735596E64385A0A48354C3174745649357A33777567415073345461515972503865364146412F2F7131394C505056712B5564306B44696D4F61733D0A2D2D2D2D2D454E442043455254494649434154452D2D2D2D2D0A</plaincert></root>"
cert, sig = PairingManager.extract_plain_cert(getCertResponse)
serverSignature = PairingManager.hex_to_bytes(sig)
challengeResponse = "<?xml version=\"1.0\" encoding=\"UTF-16\"?><root protocol_version=\"0.1\" query=\"pair\" status_code=\"200\" status_message=\"OK\"><challengeresponse>271FE1A71E0B66C53A819D8C61DF3E8ED18545F7A9CD3EBC4D84FB5929ACF78A6DCA6581834D27870DB4F2BD6F0BAB22</challengeresponse><encodedcipher></encodedcipher><isBusy>0</isBusy><paired>1</paired><pairingsecret></pairingsecret><plaincert></plaincert></root>"
encryptedChallengeResponse = PairingManager.hex_to_bytes(NvHTTP.get_xml_string(challengeResponse, "challengeresponse"))
decryptedChallengeResponse = PairingManager.decrypt_aes(encryptedChallengeResponse, aesKey)
serverResponse = decryptedChallengeResponse[0:sha1.get_hash_length()]
serverChallenge = decryptedChallengeResponse[sha1.get_hash_length():sha1.get_hash_length()+16]
clientSecretAsHex = "7E72A5BFEB5679B35060E3C805CA233E"
clientSecret = PairingManager.hex_to_bytes(clientSecretAsHex)
challengeRespHash = sha1.hash_data(PairingManager.concat_bytes(PairingManager.concat_bytes(serverChallenge, serverSignature), clientSecret))
challengeRespHashEnc = PairingManager.encrypt_aes(challengeRespHash, aesKey)
challengeRespHashDec = PairingManager.decrypt_aes(challengeRespHashEnc, aesKey)
self.assertEqual("B0B23931FE7F7412030B26DA943B81F93A2C59F5", PairingManager.bytes_to_hex(challengeRespHash))
self.assertEqual("D983D0362EEEF36A6F7A877F8400B668E5C35B6D6DF58D7EE5B6DD230C57A2EC", PairingManager.bytes_to_hex(challengeRespHashEnc))
self.assertEqual("B0B23931FE7F7412030B26DA943B81F93A2C59F5000000000000000000000000", PairingManager.bytes_to_hex(challengeRespHashDec))
