コード例 #1
0
    def decrypt_blob(self, blob):
        if blob == None:
            return ""

        if len(blob) < 48:
            print "keychain blob length must be >= 48"
            return

        version, clas = struct.unpack("<LL", blob[0:8])

        if version == 0:
            wrappedkey = blob[8:8 + 40]
            encrypted_data = blob[48:]
        elif version == 2:
            wrappedkey = blob[12:12 + 40]
            encrypted_data = blob[52:-16]
        else:
            raise Exception("unknown keychain verson ", version)
            return

        unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey)
        if not unwrappedkey:
            print "keychain unwrap fail for item with class=%d (%s)" % (
                clas, KSECATTRACCESSIBLE.get(clas))
            return

        if version == 0:
            return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
        elif version == 2:
            binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
                                      blob[-16:])
            return BPlistReader(binaryplist).parse()
コード例 #2
0
    def decrypt_blob(self, blob):
        if blob == None:
            return ""

        if len(blob) < 48:
            print "keychain blob length must be >= 48"
            return

        version, clas = struct.unpack("<LL", blob[0:8])
        self.clas = clas
        if version == 0:
            wrappedkey = blob[8:8 + 40]
            encrypted_data = blob[48:]
        elif version == 2:
            l = struct.unpack("<L", blob[8:12])[0]
            wrappedkey = blob[12:12 + l]
            encrypted_data = blob[12 + l:-16]
        else:
            raise Exception("unknown keychain verson ", version)
            return

        unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey, False)
        if not unwrappedkey:
            return

        if version == 0:
            return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
        elif version == 2:
            binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
                                      blob[-16:])
            return BPlistReader(binaryplist).parse()
コード例 #3
0
    def decrypt_blob(self, blob):
        if blob == None:
            return ""

        if len(blob) < 48:
            print "keychain blob length must be >= 48"
            return

        version, clas = struct.unpack("<LL", blob[0:8])
        clas &= 0xF
        self.clas = clas
        if version == 0:
            wrappedkey = blob[8:8 + 40]
            encrypted_data = blob[48:]
        elif version == 2:
            l = struct.unpack("<L", blob[8:12])[0]
            wrappedkey = blob[12:12 + l]
            encrypted_data = blob[12 + l:-16]
        elif version == 3:
            l = struct.unpack("<L", blob[8:12])[0]
            wrappedkey = blob[12:12 + l]
            encrypted_data = blob[12 + l:-16]
        else:
            raise Exception("unknown keychain verson ", version)
            return

        unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey, False)
        if not unwrappedkey:
            return

        if version == 0:
            return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
        elif version == 2:
            binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
                                      blob[-16:])
            return BPlistReader(binaryplist).parse()
        elif version == 3:
            der = gcm_decrypt(unwrappedkey, "", encrypted_data, "", blob[-16:])
            stuff, tail = der_decode(der)
            rval = {}

            try:
                index = 0
                while True:
                    k = stuff.getComponentByPosition(
                        index).getComponentByPosition(0)
                    v = stuff.getComponentByPosition(
                        index).getComponentByPosition(1)
                    rval[str(k)] = str(v)
                    index += 1
            except:
                pass

            return rval
コード例 #4
0
 def recvPlist(self):
     payload = self.recv_raw()
     if not payload:
         return
     if payload.startswith("bplist00"):
         return BPlistReader(payload).parse()
     elif payload.startswith("<?xml"):
         #HAX lockdown HardwarePlatform with null bytes
         payload = sub('[^\w<>\/ \-_0-9\"\'\\=\.\?\!\+]+', '',
                       payload.decode('utf-8')).encode('utf-8')
         return plistlib.readPlistFromString(payload)
     else:
         raise Exception("recvPlist invalid data : %s" %
                         payload[:100].encode("hex"))
コード例 #5
0
    def decrypt_blob(self, blob):
        if blob == None:
            return ""

        if len(blob) < 48:
            print "keychain blob length must be >= 48"
            return

        version, clas = struct.unpack("<LL", blob[0:8])
        clas &= 0xF
        self.clas = clas
        if version == 0:
            wrappedkey = blob[8:8 + 40]
            encrypted_data = blob[48:]
        elif version == 2:
            l = struct.unpack("<L", blob[8:12])[0]
            wrappedkey = blob[12:12 + l]
            encrypted_data = blob[12 + l:-16]
        elif version == 3:
            l = struct.unpack("<L", blob[8:12])[0]
            wrappedkey = blob[12:12 + l]
            encrypted_data = blob[12 + l:-16]
        else:
            raise Exception("unknown keychain verson ", version)
            return

        unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey, False)
        if not unwrappedkey:
            return

        if version == 0:
            return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
        elif version == 2:
            binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
                                      blob[-16:])
            return BPlistReader(binaryplist).parse()
        elif version == 3:
            der = gcm_decrypt(unwrappedkey, "", encrypted_data, "", blob[-16:])
            stuff = der_decode(der)[0]
            rval = {}
            for k, v in stuff:
                k = str(k)
                # NB - this is binary and may not be valid UTF8 data
                v = str(v)
                rval[k] = v
            return rval