def decrypt_blob(self, blob):
if blob == None:
return ""
if len(blob) < 48:
print "keychain blob length must be >= 48"
return
version, clas = struct.unpack("<LL", blob[0:8])
if version == 0:
wrappedkey = blob[8:8 + 40]
encrypted_data = blob[48:]
elif version == 2:
wrappedkey = blob[12:12 + 40]
encrypted_data = blob[52:-16]
else:
raise Exception("unknown keychain verson ", version)
return
unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey)
if not unwrappedkey:
print "keychain unwrap fail for item with class=%d (%s)" % (
clas, KSECATTRACCESSIBLE.get(clas))
return
if version == 0:
return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
elif version == 2:
binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
blob[-16:])
return BPlistReader(binaryplist).parse()
def decrypt_blob(self, blob):
if blob == None:
return ""
if len(blob) < 48:
print "keychain blob length must be >= 48"
return
version, clas = struct.unpack("<LL", blob[0:8])
self.clas = clas
if version == 0:
wrappedkey = blob[8:8 + 40]
encrypted_data = blob[48:]
elif version == 2:
l = struct.unpack("<L", blob[8:12])[0]
wrappedkey = blob[12:12 + l]
encrypted_data = blob[12 + l:-16]
else:
raise Exception("unknown keychain verson ", version)
return
unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey, False)
if not unwrappedkey:
return
if version == 0:
return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
elif version == 2:
binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
blob[-16:])
return BPlistReader(binaryplist).parse()
def decrypt_blob(self, blob):
if blob == None:
return ""
if len(blob) < 48:
print "keychain blob length must be >= 48"
return
version, clas = struct.unpack("<LL", blob[0:8])
clas &= 0xF
self.clas = clas
if version == 0:
wrappedkey = blob[8:8 + 40]
encrypted_data = blob[48:]
elif version == 2:
l = struct.unpack("<L", blob[8:12])[0]
wrappedkey = blob[12:12 + l]
encrypted_data = blob[12 + l:-16]
elif version == 3:
l = struct.unpack("<L", blob[8:12])[0]
wrappedkey = blob[12:12 + l]
encrypted_data = blob[12 + l:-16]
else:
raise Exception("unknown keychain verson ", version)
return
unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey, False)
if not unwrappedkey:
return
if version == 0:
return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
elif version == 2:
binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
blob[-16:])
return BPlistReader(binaryplist).parse()
elif version == 3:
der = gcm_decrypt(unwrappedkey, "", encrypted_data, "", blob[-16:])
stuff, tail = der_decode(der)
rval = {}
try:
index = 0
while True:
k = stuff.getComponentByPosition(
index).getComponentByPosition(0)
v = stuff.getComponentByPosition(
index).getComponentByPosition(1)
rval[str(k)] = str(v)
index += 1
except:
pass
return rval
def recvPlist(self):
payload = self.recv_raw()
if not payload:
return
if payload.startswith("bplist00"):
return BPlistReader(payload).parse()
elif payload.startswith("<?xml"):
#HAX lockdown HardwarePlatform with null bytes
payload = sub('[^\w<>\/ \-_0-9\"\'\\=\.\?\!\+]+', '',
payload.decode('utf-8')).encode('utf-8')
return plistlib.readPlistFromString(payload)
else:
raise Exception("recvPlist invalid data : %s" %
payload[:100].encode("hex"))
def decrypt_blob(self, blob):
if blob == None:
return ""
if len(blob) < 48:
print "keychain blob length must be >= 48"
return
version, clas = struct.unpack("<LL", blob[0:8])
clas &= 0xF
self.clas = clas
if version == 0:
wrappedkey = blob[8:8 + 40]
encrypted_data = blob[48:]
elif version == 2:
l = struct.unpack("<L", blob[8:12])[0]
wrappedkey = blob[12:12 + l]
encrypted_data = blob[12 + l:-16]
elif version == 3:
l = struct.unpack("<L", blob[8:12])[0]
wrappedkey = blob[12:12 + l]
encrypted_data = blob[12 + l:-16]
else:
raise Exception("unknown keychain verson ", version)
return
unwrappedkey = self.keybag.unwrapKeyForClass(clas, wrappedkey, False)
if not unwrappedkey:
return
if version == 0:
return AESdecryptCBC(encrypted_data, unwrappedkey, padding=True)
elif version == 2:
binaryplist = gcm_decrypt(unwrappedkey, "", encrypted_data, "",
blob[-16:])
return BPlistReader(binaryplist).parse()
elif version == 3:
der = gcm_decrypt(unwrappedkey, "", encrypted_data, "", blob[-16:])
stuff = der_decode(der)[0]
rval = {}
for k, v in stuff:
k = str(k)
# NB - this is binary and may not be valid UTF8 data
v = str(v)
rval[k] = v
return rval
