def data_encrypt(secret, inputs, data):
"""inputs = confirmation_salt + provisioner_random + device_random"""
provisioning_salt = s1(inputs)
provisioning_key = k1(secret, provisioning_salt, b"prsk")
provisioning_nonce = k1(secret, provisioning_salt, b"prsn")[-13:]
return aes_ccm_encrypt(provisioning_key,
provisioning_nonce,
data,
tag_length=8)
def confirmation_encrypt(secret, inputs, random, auth=None):
"""inputs = invite(attention) + capabilities(without opcode) + start(msg) + provisioner_key + device_key"""
confirmation_salt = s1(inputs)
confirmation_key = k1(secret, confirmation_salt, b"prck")
return (
confirmation_salt,
confirmation_key,
aes_cmac(confirmation_key,
random + struct.pack("16s", auth or b"")),
)
def test_s1():
s = s1(b"test")
assert s == bytes.fromhex("b73cefbd641ef2ea598c2b6efb62f79c")