def checkTKIPtestVector(self, description, key, ta, iv, plainText, cipherText): """ Process TKIP encryption test vectors (no MIC) """ print '%s %s %s'%('='*((54-len(description))/2),description,'='*((54-len(description))/2)) # Convert from octet lists to string key = a2b_p(key) ta = a2b_p(ta) iv = a2b_p(iv) pt = a2b_p(plainText) kct = a2b_p(cipherText) mixer = TKIP_Mixer(key,ta) rc4key = mixer.newKey(iv) alg = TKIP_encr(key) alg.setTA(ta) print 'key: %s'%b2a_p(key)[9:] print 'rc4Key %s'%b2a_p(rc4key)[9:] # calculated print 'ta: %s'%b2a_p(ta)[9:] print 'iv: %s'%b2a_p(iv)[9:] print 'pt: %s'%b2a_p(pt)[9:] print 'kct: %s'%b2a_p(kct)[9:] ct = alg.encrypt(pt, iv) print 'ct: %s'%b2a_p(ct)[9:] cpt = alg.decrypt(kct) print 'cpt: %s'%b2a_p(cpt)[9:] print '========================================================' self.assertEqual( ct, kct ) alg.setKey(key) dct = alg.decrypt( ct ) self.assertEqual( dct, pt )
def testTKIP_crc_modify(self): """ TKIP crc modification test """ key = a2b_p( "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f") # the PMK ta = a2b_p( "10 22 33 44 55 66") # the TK (key) is created from the iv and ta keyID = 0 alg = TKIP_encr( key, ta, keyID) # this is just the encryption algorithm with no Michael MIC plainText = ''.join([chr(i) for i in range(20)]) # 20 octets (0 t 19) iv = a2b_p( "01 00 00 00 00 00") # the little-endian encoded PacketNumber cipherText = alg.encrypt(plainText, iv) ctHeader = cipherText[0:8] # encoded iv and keyId ctData = cipherText[8:-4] ctCrcEncrypted = cipherText[-4:] # just the encrypted crc fields # lets change the first octet of the data from 0x00 to 0x01 base = (len(ctData)) * chr(0) baseCrc = crc32(base) bitMask = chr(1) + (len(ctData) - 1) * chr(0) maskCrc = crc32(bitMask) maskedCt = xor(bitMask, ctData) maskedCtCrc = crc32(maskedCt) print "--------------- make a modified packet and MIC ------------" print "plainText = %s " % b2a_hex(plainText) print "cipherText= %s " % b2a_hex(cipherText) print "ctData = %s " % b2a_hex(ctData) print "ctxtCrc = %s " % b2a_hex(ctCrcEncrypted) print "base = %s " % b2a_hex(base) print "baseCrc = %0X" % baseCrc print "mask = %s " % b2a_hex(bitMask) print "maskCrc = %0X" % maskCrc print "maskedCt = %s " % b2a_hex(maskedCt) print "maskCtCrc= %0X" % maskedCtCrc maskDiff = maskCrc ^ baseCrc newCtCrc = pack('<I', (maskDiff ^ unpack('<I', ctCrcEncrypted)[0])) newCt = ctHeader + maskedCt + newCtCrc newPt = alg.decrypt( newCt) # this will raise an exception if the crc is 'bad'! print "newPt = %s " % b2a_hex(newPt)
def testTKIP_crc_modify(self): """ TKIP crc modification test """ key = a2b_p( "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f" ) # the PMK ta = a2b_p( "10 22 33 44 55 66" ) # the TK (key) is created from the iv and ta keyID = 0 alg = TKIP_encr(key, ta, keyID) # this is just the encryption algorithm with no Michael MIC plainText = ''.join([chr(i) for i in range(20)]) # 20 octets (0 t 19) iv = a2b_p( "01 00 00 00 00 00" ) # the little-endian encoded PacketNumber cipherText = alg.encrypt(plainText, iv) ctHeader = cipherText[0:8] # encoded iv and keyId ctData = cipherText[8:-4] ctCrcEncrypted = cipherText[-4:] # just the encrypted crc fields # lets change the first octet of the data from 0x00 to 0x01 base = (len(ctData))*chr(0) baseCrc = crc32(base) bitMask = chr(1)+(len(ctData)-1)*chr(0) maskCrc = crc32(bitMask) maskedCt = xor(bitMask,ctData) maskedCtCrc = crc32(maskedCt) print "--------------- make a modified packet and MIC ------------" print "plainText = %s " % b2a_hex(plainText) print "cipherText= %s " % b2a_hex(cipherText) print "ctData = %s " % b2a_hex(ctData) print "ctxtCrc = %s " % b2a_hex(ctCrcEncrypted) print "base = %s " % b2a_hex(base) print "baseCrc = %0X" % baseCrc print "mask = %s " % b2a_hex(bitMask) print "maskCrc = %0X" % maskCrc print "maskedCt = %s " % b2a_hex(maskedCt) print "maskCtCrc= %0X" % maskedCtCrc maskDiff = maskCrc ^ baseCrc newCtCrc = pack('<I', (maskDiff ^ unpack('<I',ctCrcEncrypted)[0]) ) newCt = ctHeader + maskedCt + newCtCrc newPt = alg.decrypt(newCt) # this will raise an exception if the crc is 'bad'! print "newPt = %s " % b2a_hex(newPt)
def checkTKIPtestVector(self, description, key, ta, iv, plainText, cipherText): """ Process TKIP encryption test vectors (no MIC) """ print '%s %s %s' % ('=' * ((54 - len(description)) / 2), description, '=' * ((54 - len(description)) / 2)) # Convert from octet lists to string key = a2b_p(key) ta = a2b_p(ta) iv = a2b_p(iv) pt = a2b_p(plainText) kct = a2b_p(cipherText) mixer = TKIP_Mixer(key, ta) rc4key = mixer.newKey(iv) alg = TKIP_encr(key) alg.setTA(ta) print 'key: %s' % b2a_p(key)[9:] print 'rc4Key %s' % b2a_p(rc4key)[9:] # calculated print 'ta: %s' % b2a_p(ta)[9:] print 'iv: %s' % b2a_p(iv)[9:] print 'pt: %s' % b2a_p(pt)[9:] print 'kct: %s' % b2a_p(kct)[9:] ct = alg.encrypt(pt, iv) print 'ct: %s' % b2a_p(ct)[9:] cpt = alg.decrypt(kct) print 'cpt: %s' % b2a_p(cpt)[9:] print '========================================================' self.assertEqual(ct, kct) alg.setKey(key) dct = alg.decrypt(ct) self.assertEqual(dct, pt)