def split_and_init_rsa_dsa(self, pk):
# print pk
pk_tem = json.loads(pk)['keyData'] # json.loads->unicode watch out
pk_tem = pk_tem.encode('utf-8')
# print pk_tem
pk_str = pk_tem.split(chr(0x25))
# This method taught by Miracle
# print pk_str[0], type(pk_str)
rsa_pk_der = base64.b64decode(pk_str[0])
rsa_obj = RSA.importKey(rsa_pk_der)
pk_dsa_der = pk_str[1]
publicKey = chilkat.CkPublicKey()
success = publicKey.LoadFromString(pk_dsa_der)
if not success:
print 'dsa pk load failed'
sys.exit(2)
tmp_dsa_der = chilkat.CkByteData()
publicKey.GetDer(True, tmp_dsa_der)
dsa_obj = chilkat.CkDsa()
success = dsa_obj.UnlockComponent("Anything for 30-day trial")
if not success:
print dsa_obj.lastErrorText()
sys.exit()
dsa_obj.FromPublicDer(tmp_dsa_der)
return rsa_obj, dsa_obj
def remplace_file(self, filename, buff):
entry = self.zip.GetEntryByName(filename)
if entry != None:
obj = chilkat.CkByteData()
obj.append(buff, len(buff))
return entry.ReplaceData(obj)
return False
def get_certificate(self, filename):
"""
Return a certificate object by giving the name in the apk file
"""
import chilkat
cert = chilkat.CkCert()
f = self.get_file(filename)
data = chilkat.CkByteData()
data.append2(f, len(f))
success = cert.LoadFromBinary(data)
return success, cert
def sign_dict(priv_key, dict):
"""
:param priv_key: secp256k1 elliptic curve private key in Pkcs1 DER format in base64 encode
:param dict: utf-8 charset dictionary to sign
:return: secp256k1 signed sha256 hashed and base64 encoded json serialization of dict
"""
sha256_hash = hash_dict(dict)
chilkat_ecdsa = chilkat.CkEcc()
prng = chilkat.CkPrng()
chilkat_byte_data = chilkat.CkByteData()
chilkat_byte_data.appendEncoded(priv_key, 'base64')
chilkat_private_key = chilkat.CkPrivateKey()
chilkat_private_key.LoadPkcs1(chilkat_byte_data)
return chilkat_ecdsa.signHashENC(sha256_hash,"base64",chilkat_private_key,prng)
def __dsa_key_gen(self, key_len):
# generate DSA key pair
# generate DSA secret key
# success = self.dsa.UnlockComponent("Anything for 30-day trial")
# if (success != True):
# print(self.dsa.lastErrorText())
# sys.exit()
success = self.dsa.GenKey(key_len)
if (success != True):
print(self.dsa.lastErrorText())
sys.exit()
# self.DSA_secret_key = dsa.toPem()
# print self.DSA_secret_key
dsa_pub = chilkat.CkByteData()
self.dsa.ToPublicDer(dsa_pub)
dsa_pub = base64.b64encode(dsa_pub.getBytes())
self.DSA_pub_key = dsa_pub
def blowfishECB(crypt, key, clearBytes, expectedAnswer):
# Set the secret key
crypt.SetEncodedKey(key, 'hex')
# Get the unencrypted data as binary data.
unencryptedData = chilkat.CkByteData()
crypt.Decode(clearBytes, 'hex', unencryptedData)
encryptedHexString = chilkat.CkString()
crypt.EncryptBytesENC(unencryptedData, encryptedHexString)
# Chilkat padded to a multiple of 16 bytes, so we discard the padding.
# (In this case, Chilkat added 8 NULL bytes to the original 8 bytes of data,
# so we drop 16 characters - the hex encoding uses 2 characters per byte.)
encryptedHexString.shorten(16)
# Return a string that will be added to our output for visual verification.
return encryptedHexString.getString() + ' should equal ' + expectedAnswer
def grab_certificate(apk, filename):
"""
@param apk : an APK instance
@rtype : a certificate object by giving the name in the apk file
"""
try:
import chilkat
cert = chilkat.CkCert()
f = apk.get_file(filename)
bytedata = chilkat.CkByteData()
bytedata.append2(f, len(f))
success = cert.LoadFromBinary(bytedata)
return success, cert
except ImportError:
log.error(
"The Chilkat module is not installed, you will not have information about the certificate in the generated report"
)
return False, []
def sign_string(priv_key, string):
"""
:param priv_key: secp256k1 elliptic curve private key in Pkcs1 DER format in base64 encode
:param string: string
:return: secp256k1 signed sha256 hashed and base64 encoded json serialization of dict
"""
crypt = chilkat.CkCrypt2()
crypt.put_HashAlgorithm("SHA256")
crypt.put_Charset("utf-8")
crypt.put_EncodingMode("base64")
sha256_hash = crypt.hashStringENC(string)
chilkat_ecdsa = chilkat.CkEcc()
prng = chilkat.CkPrng()
chilkat_byte_data = chilkat.CkByteData()
chilkat_byte_data.appendEncoded(priv_key, 'base64')
chilkat_private_key = chilkat.CkPrivateKey()
chilkat_private_key.LoadPkcs1(chilkat_byte_data)
return chilkat_ecdsa.signHashENC(sha256_hash,"base64",chilkat_private_key,prng)
def read(self, elem):
e = self.zip.GetEntryByName(elem)
s = chilkat.CkByteData()
e.Inflate(s)
return s.getBytes()
def write(self):
obj = chilkat.CkByteData()
self.zip.WriteToMemory(obj)
return obj.getBytes()
#--------Start Tracking Time-----
import datetime
startTime = datetime.datetime.now()
#-----------------
crypt = chilkat.CkCrypt2()
success = crypt.UnlockComponent(
"Anyting for 30-day trial"
) # Use chilkat crypt code instead of "Anyting for 30-day trial" to unlock. It is Licensed and commercial
if (success != True):
print crypt.lastErrorText()
sys.exit()
# Read the P7M file into memory.
p7mData = chilkat.CkByteData()
success = crypt.ReadFile(str(encmessage), p7mData)
if (success != True):
print crypt.lastErrorText()
sys.exit()
# Setup the crypt object: Indicate that public-key decryption is to be used.
crypt.put_CryptAlgorithm("pki")
# Add a PFX file to allow the crypt object to find
# the certificate and private key needed for decryption
pfxFilePath = str(certificate)
pfxPassword = '******' # Activating pfxPassword with dummy password
progressMon = 0
with open(str(wordlist), 'r') as mywordlist:
