def setup1_response(self, response_data):
setup_resp = proto.session_pb2.SessionData()
setup_resp.ParseFromString(utils.bytearr_to_bytes(response_data))
if setup_resp.sec_ver == session_pb2.SecScheme1:
self._print_verbose(
"Device verify:\t" +
utils.bytes_to_hexstr(setup_resp.sec1.sr1.device_verify_data))
enc_client_pubkey = self.cipher.update(
setup_resp.sec1.sr1.device_verify_data)
self._print_verbose("Enc client pubkey:\t " +
utils.bytes_to_hexstr(enc_client_pubkey))
else:
print("Unsupported security protocol")
return -1
def send_version_data(self, data):
print("Client->Device msg " + utils.bytes_to_hexstr(data))
try:
m2 = input("Enter device->client msg ")
except Exception as err:
print("error:", err)
return None
return bytearray(list([ord(c) for c in m2]))
def custom_config_request(security_ctx, info, version):
cmd = proto.custom_config_pb2.CustomConfigRequest()
cmd.info = info
cmd.version = version
enc_cmd = security_ctx.encrypt_data(cmd.SerializeToString())
print_verbose(
security_ctx, "Client -> Device (CustomConfig cmd) " +
utils.bytes_to_hexstr(enc_cmd))
return enc_cmd
def setup0_request(self):
setup_req = session_pb2.SessionData()
setup_req.sec_ver = session_pb2.SecScheme1
self.__generate_key()
setup_req.sec1.sc0.client_pubkey = self.client_public_key.public_bytes(
)
self._print_verbose(
"Client Public Key:\t" +
utils.bytes_to_hexstr(setup_req.sec1.sc0.client_pubkey))
return setup_req.SerializeToString()
def setup0_response(self, response_data):
setup_resp = proto.session_pb2.SessionData()
setup_resp.ParseFromString(utils.bytearr_to_bytes(response_data))
self._print_verbose("Security version:\t" + str(setup_resp.sec_ver))
if setup_resp.sec_ver != session_pb2.SecScheme1:
print("Incorrect sec scheme")
exit(1)
self._print_verbose(
"Device Public Key:\t" +
utils.bytes_to_hexstr(setup_resp.sec1.sr0.device_pubkey))
self._print_verbose(
"Device Random:\t" +
utils.bytes_to_hexstr(setup_resp.sec1.sr0.device_random))
sharedK = self.client_private_key.exchange(
X25519PublicKey.from_public_bytes(
setup_resp.sec1.sr0.device_pubkey))
self._print_verbose("Shared Key:\t" + utils.bytes_to_hexstr(sharedK))
if len(self.pop) > 0:
h = hashes.Hash(hashes.SHA256(), backend=default_backend())
h.update(self.pop)
digest = h.finalize()
sharedK = utils.xor(sharedK, digest)
self._print_verbose("New Shared Key XORed with PoP:\t" +
utils.bytes_to_hexstr(sharedK))
self._print_verbose("IV " + hex(
int(utils.bytes_to_hexstr(setup_resp.sec1.sr0.device_random), 16)))
cipher = Cipher(algorithms.AES(sharedK),
modes.CTR(setup_resp.sec1.sr0.device_random),
backend=default_backend())
self.cipher = cipher.encryptor()
self.client_verify = self.cipher.update(
setup_resp.sec1.sr0.device_pubkey)
self._print_verbose("Client Verify:\t" +
utils.bytes_to_hexstr(self.client_verify))