forked from themaddoctor/linux-mybook-tools
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsw6316-extract-DEK-from-keyblock.sh
63 lines (53 loc) · 2.06 KB
/
sw6316-extract-DEK-from-keyblock.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/bin/bash
# usage: bash sw6316-extract-DEK-from-keyblock.sh <kek file (hex)> <keyblock file (binary)>
# requires python2 and pycrypto
KEK="$1"
KEYBLOCK="$2"
TEMPDIR=`mktemp -d ./WDXXXXXXXX`
cat > $TEMPDIR/unwrap.py << "EOF"
#!/usr/bin/python
import struct
from Crypto.Cipher import AES
QUAD = struct.Struct('>Q')
def aes_unwrap_key_and_iv(kek, wrapped):
n = len(wrapped)/8 - 1
R = [None]+[wrapped[i*8:i*8+8] for i in range(1, n+1)]
A = QUAD.unpack(wrapped[:8])[0]
decrypt = AES.new(kek).decrypt
for j in range(5,-1,-1): #counting down
for i in range(n, 0, -1): #(n, n-1, ..., 1)
ciphertext = QUAD.pack(A^(n*j+i)) + R[i]
B = decrypt(ciphertext)
A = QUAD.unpack(B[:8])[0]
R[i] = B[8:]
return "".join(R[1:]), A
def aes_unwrap_key(kek, wrapped, iv=0xa6a6a6a6a6a6a6a6):
key, key_iv = aes_unwrap_key_and_iv(kek, wrapped)
if key_iv != iv:
raise ValueError("Integrity Check Failed: "+hex(key_iv)+
" (expected "+hex(iv)+")")
return key
if __name__ == "__main__":
import sys
import binascii
CIPHER = binascii.unhexlify(sys.argv[1])
KEK = binascii.unhexlify(sys.argv[2])
print binascii.hexlify(aes_unwrap_key(KEK, CIPHER))
EOF
chmod +x $TEMPDIR/unwrap.py
xxd -p -c 16 "$KEYBLOCK" | grep -o ........ | tac | echo "$(tr -d '\n')" | \
grep -o .. | tac | echo "$(tr -d '\n')" | xxd -p -r > $TEMPDIR/kb.bin
dd if=$TEMPDIR/kb.bin bs=8 skip=2 count=5 of=$TEMPDIR/edek.bin status=none
$TEMPDIR/unwrap.py `xxd -p -c 40 $TEMPDIR/edek.bin` `cat "$KEK"` > $TEMPDIR/dek0.hex
TEST=`xxd -p -c 16 $TEMPDIR/kb.bin | head -n 1 | cut -b 17-32`
if [ "$TEST" = "0000000200000002" ]; then
echo "encryption mode is XTS" 1>&2
dd if=$TEMPDIR/kb.bin bs=8 skip=7 count=5 of=$TEMPDIR/edek2.bin status=none
$TEMPDIR/unwrap.py `xxd -p -c 40 $TEMPDIR/edek2.bin` `cat "$KEK"` >> $TEMPDIR/dek0.hex
else
echo "encryption mode is ECB" 1>&2
fi
cat $TEMPDIR/dek0.hex | grep -o ........ | tac | echo "$(tr -d '\n')" | \
grep -o .. |tac | echo "$(tr -d '\n')"
rm -rf $TEMPDIR
# end