def run(self):
tmp = self.sock.recv(1024)
length = int.from_bytes(tmp[0:2], 'little')
tmp = tmp[2:]
block = tmp[0:length]
tmp = tmp[length:]
tag = tmp[0:16]
request = chacha20_aead_decrypt(
length.to_bytes(2, byteorder='little'), self.c2a_key,
self.c2a_counter.to_bytes(8, byteorder='little'),
bytes([0, 0, 0, 0]), block + tag)
assert b'Host:' in request
self.c2a_counter += 1
combined_data = b''
for data in self.data:
len_bytes = len(data).to_bytes(2, byteorder='little')
cnt_bytes = self.a2c_counter.to_bytes(8, byteorder='little')
self.a2c_counter += 1
ciper_and_mac = chacha20_aead_encrypt(len_bytes,
self.a2c_key, cnt_bytes,
bytes([0, 0, 0, 0]),
data.encode())
if self.encryption_fail:
ciper_and_mac[0][0] = 0
combined_data += len_bytes + ciper_and_mac[0] + ciper_and_mac[1]
self.sock.send(combined_data)
def decrypt_block(self, length, block, tag):
tmp = chacha20_aead_decrypt(
length.to_bytes(2, byteorder='little'), self.a2c_key,
self.a2c_counter.to_bytes(8, byteorder='little'),
bytes([0, 0, 0, 0]), block + tag)
if tmp is not False:
self.a2c_counter += 1
return tmp
def test_example2_8_2(self):
# Test aus 2.8.2
plain_text = "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, " \
"sunscreen would be it.".encode()
aad = 0x50515253c0c1c2c3c4c5c6c7.to_bytes(length=12, byteorder='big')
key = 0x808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f.to_bytes(
length=32, byteorder='big')
iv = 0x4041424344454647.to_bytes(length=8, byteorder='big')
fixed = 0x07000000.to_bytes(length=4, byteorder='big')
r_ = (bytes([
0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, 0x7b, 0x86, 0xaf,
0xbc, 0x53, 0xef, 0x7e, 0xc2, 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e,
0x08, 0xfe, 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, 0x3d,
0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, 0x82, 0xfa, 0xfb, 0x69,
0xda, 0x92, 0x72, 0x8b, 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b,
0x29, 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, 0x92, 0xdd,
0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, 0x98, 0x03, 0xae, 0xe3, 0x28,
0x09, 0x1b, 0x58, 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94,
0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, 0x3f, 0xf4, 0xde,
0xf0, 0x8e, 0x4b, 0x7a, 0x9d, 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce,
0xc6, 0x4b, 0x61, 0x16
]),
bytes([
0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, 0x7e, 0x90,
0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91
]))
r = chacha20_aead_encrypt(aad, key, iv, fixed, plain_text)
self.assertEqual(r[0], r_[0], 'ciphertext')
self.assertEqual(r[1], r_[1], 'tag')
self.assertTrue(
chacha20_aead_verify_tag(aad, key, iv, fixed, r[0] + r[1]))
self.assertFalse(
chacha20_aead_verify_tag(aad, key, iv, fixed,
r[0] + r[1] + bytes([0, 1, 2, 3])))
plain_text_ = chacha20_aead_decrypt(aad, key, iv, fixed, r[0] + r[1])
self.assertEqual(plain_text, plain_text_)
self.assertFalse(
chacha20_aead_decrypt(aad, key, iv, fixed,
r[0] + r[1] + bytes([0, 1, 2, 3])))
def decrypt_value(self, value):
device = self.service.device
session = device.sessions[device.session_id]
if 'controller_to_accessory_key' in session:
c2a_key = session['controller_to_accessory_key']
cnt_bytes = session['controller_to_accessory_count'].to_bytes(8, byteorder='little')
value = chacha20_aead_decrypt(b'', c2a_key, cnt_bytes, bytes([0, 0, 0, 0]), value)
session['controller_to_accessory_count'] += 1
return value