def configure(self): my_private_key = self.generate_private_key() self.my_pub_key_data = self.encode_pub_key(my_private_key.public_key()) self.bt_write(service_uuid, step1, True, "\x01\x00") self.bt_write(service_uuid, step1plus, True, "\x01\x00") self.bt_write(service_uuid, step1plus, False, CMD_GET_INFO) while self.state != WR_DID_STATE: if self.p.waitForNotifications(1.0): # handleNotification() was called continue print "Waiting..." # Perhaps do something else here remote_key = self.decode_pub_key(self.remote_key_data) e_share_key = self.create_e_share_key(remote_key, my_private_key) print("eShareKey:", e_share_key.encode("hex")) derived_key = HKDF(algorithm=hashes.SHA256(), length=64, salt=None, info=b'mible-setup-info', backend=default_backend()).derive(e_share_key) print("HKDF result:", derived_key.encode("hex")) token = derived_key[0:12] bind_key = derived_key[12:28] A = derived_key[28:44] print("token:", token.encode("hex")) print("bind_key:", bind_key.encode("hex")) print("A:", A.encode("hex")) aesccm = AESCCM(A) nonce = bytearray([16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27]) did = "blt.3.129vl4ap05o01".encode() aad = "devID".encode() self.did_ct = aesccm.encrypt(nonce, did, aad) print("AES did CT:", self.did_ct.encode("hex")) self.bt_write(service_uuid, step1, False, CMD_WR_DID) while self.state != FINISHED_STATE: if self.p.waitForNotifications(1.0): # handleNotification() was called continue print "Waiting..."
from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.hkdf import HKDF from pwn import * p = process("challenge.py") client_sk = ec.generate_private_key(ec.SECP384R1(), default_backend()) client_pk = client_sk.public_key() client_der = client_pk.public_bytes( encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo) res = p.recvuntil("Send your public key (hex):") server_der = res.split("\n")[1].decode("hex") server_pk = serialization.load_der_public_key(server_der, default_backend()) shared_key = client_sk.exchange(ec.ECDH(), server_pk) derived_key = HKDF(algorithm=hashes.SHA256(), length=16, salt=None, info=b"handshake data", backend=default_backend()).derive(shared_key) p.sendline(client_der.encode('hex')) res = p.recvuntil("Please, prove you know stuffs: ") msg = process(["collide.py", derived_key.encode("hex")]).recvall().split("\n")[1] p.sendline(msg) flag = p.recvall() print(flag)