static void test_decrypt_cbc(void)
{
// Example "simulating" a smaller buffer...
uint8_t key[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c };
uint8_t iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
uint8_t in[] = { 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b, 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09, 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7 };
uint8_t expected[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 };
uint8_t buffer[64];
AES128_CBC_decrypt_buffer(buffer+0, in+0, 16, key, iv);
AES128_CBC_decrypt_buffer(buffer+16, in+16, 16, 0, 0);
AES128_CBC_decrypt_buffer(buffer+32, in+32, 16, 0, 0);
AES128_CBC_decrypt_buffer(buffer+48, in+48, 16, 0, 0);
NP_ASSERT_BYTES_EQUAL( expected, buffer, sizeof(buffer) );
}
//参考 h3c_AES_MD5.md 文档中对算法的说明
int h3c_AES_MD5_decryption(unsigned char *decrypt_data, unsigned char *encrypt_data)
{
const unsigned char key[16] = { 0xEC, 0xD4, 0x4F, 0x7B, 0xC6, 0xDD, 0x7D, 0xDE, 0x2B, 0x7B, 0x51, 0xAB, 0x4A, 0x6F, 0x5A, 0x22 }; // AES_BLOCK_SIZE = 16
unsigned char iv1[16] = { 'a', '@', '4', 'd', 'e', '%', '#', '1', 'a', 's', 'd', 'f', 's', 'd', '2', '4' }; // init vector
unsigned char iv2[16] = { 'a', '@', '4', 'd', 'e', '%', '#', '1', 'a', 's', 'd', 'f', 's', 'd', '2', '4' }; //每次加密、解密后,IV会被改变!因此需要两组IV完成两次“独立的”解密
unsigned int length_1;
unsigned int length_2;
unsigned char tmp0[32];
unsigned char sig[255];
unsigned char tmp2[16];
unsigned char tmp3[16];
// decrypt
AES128_CBC_decrypt_buffer(tmp0, encrypt_data, 32, key, iv1);
memcpy(decrypt_data, tmp0, 16);
length_1 = *(tmp0 + 5);
get_sig(*(uint32_t *)tmp0, *(tmp0 + 4), length_1, sig);
MD5(sig, length_1, tmp2);
AES128_CBC_decrypt_buffer(tmp3, tmp0+16, 16, tmp2, iv2);
memcpy(decrypt_data + 16, tmp3, 16);
length_2 = *(tmp3 + 15);
get_sig(*(uint32_t *)(tmp3 + 10), *(tmp3 + 14), length_2, sig + length_1);
if (length_1 + length_2>32)
{
memcpy(decrypt_data, sig, 32);
}
else
{
memcpy(decrypt_data, sig, length_1 + length_2);
}
MD5(decrypt_data, 32, decrypt_data);//获取MD5摘要数据,将结果存到前16位中
MD5(decrypt_data, 16, decrypt_data + 16);//将前一MD5的结果再做一次MD5,存到后16位
return 0;
}
static void test_cbc_kat_0(void){
uint8_t key[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
uint8_t iv[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
uint8_t plaintext[] = {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
uint8_t ciphertext[] = {0x3a,0xd7,0x8e,0x72,0x6c,0x1e,0xc0,0x2b,0x7e,0xbf,0xe9,0x2b,0x23,0xd9,0xec,0x34 };
uint8_t buffer[16];
AES128_CBC_encrypt_buffer(buffer, plaintext, sizeof(buffer), key, iv);
NP_ASSERT_BYTES_EQUAL( ciphertext, buffer, sizeof(buffer) );
AES128_CBC_decrypt_buffer(buffer, ciphertext, sizeof(buffer), key, iv);
NP_ASSERT_BYTES_EQUAL( plaintext, buffer, sizeof(buffer) );
}
int decrypt(char **data, int len, char *pin, int pinlen)
{
uint8_t iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
int nlen = len % 16 == 0 ? len : len + 16 - len % 16;
char *ndata = (char *)malloc(nlen);
memset(ndata, 0, nlen);
memcpy(ndata, *data, len);
char *npin = (char *)malloc(16);
memset(npin, 0, 16);
memcpy(npin, pin, pinlen);
free(*data);
*data = (char *)malloc(nlen);
AES128_CBC_decrypt_buffer(*data, ndata, nlen, npin, iv);
return nlen;
}
QString decodeText(const QString &hexEncodedText, const QString &key)
{
QCryptographicHash hash(QCryptographicHash::Md5);
hash.addData(key.toUtf8());
QByteArray keyData = hash.result();
const int length = hexEncodedText.size();
int encryptionLength = getAlignedSize(length, 16);
QByteArray encodingBuffer(encryptionLength, 0);
QByteArray encodedText = QByteArray::fromHex(hexEncodedText.toLatin1());
encodedText.resize(encryptionLength);
AES128_CBC_decrypt_buffer((uint8_t*)encodingBuffer.data(), (uint8_t*)encodedText.data(),
encryptionLength, (const uint8_t*)keyData.data(), iv);
void *data = encodingBuffer.data();
const ushort *decodedData = static_cast<ushort*>(data);
QString result = QString::fromUtf16(decodedData);
return result;
}
//Symmetric Decryption
bool symDecrypt(char *plaintext, const char *keyiv,
char *ciphertext, const int64_t ctsize)
{
if (ctsize < 16) {
printf("Warning: symDecrypt: ctsize<16 bytes");
}
//Get Key and IV
uint8_t key[SYMMETRIC_KEY_SIZE];
uint8_t iv[SYMMETRIC_IV_SIZE];
for (int i = 0; i < SYMMETRIC_IV_SIZE + SYMMETRIC_KEY_SIZE; i++) {
if (i < SYMMETRIC_KEY_SIZE)
key[i] = keyiv[i];
else
iv[i - SYMMETRIC_KEY_SIZE] = keyiv[i];
}
//Encrypt
AES128_CBC_decrypt_buffer((uint8_t *) plaintext,
(uint8_t *) ciphertext, ctsize, key, iv);
return 1;
}
static void receive_call_result_data(struct ubus_request *req, int type, struct blob_attr *msg)
{
struct blob_attr *tb[__INIT_MAX];
char *token, *ssid, *ssid_pwd;
int len, ret;
if (!msg)
return;
ret = 0;
blobmsg_parse(init_policy, __INIT_MAX, tb,
blob_data(msg), blob_len(msg));
if(tb[INIT_TOKEN] && tb[INIT_SSID] && tb[INIT_SSID_PWD]){
token = blobmsg_data(tb[INIT_TOKEN]);
ssid = blobmsg_data(tb[INIT_SSID]);
ssid_pwd = blobmsg_data(tb[INIT_SSID_PWD]);
// todo
dlog("recv token[%s], ssid[%s] ssid_pwd[%s]\n",
token, ssid, ssid_pwd);
// printf("recv token[%s], ssid[%s] ssid_pwd[%s]\n", token, ssid, ssid_pwd);
char *base64 = malloc(MAX_ALLOC_LEN);
char *router_key_iv = malloc(MAX_ALLOC_LEN);
char *r_ssid = malloc(MAX_ALLOC_LEN);
char *r_pwd = malloc(MAX_ALLOC_LEN);
char base64_ssid[MAX_ALLOC_LEN] = {0};
char base64_pwd[MAX_ALLOC_LEN] = {0};
// get router key, iv
memset(base64, 0, MAX_ALLOC_LEN);
int base64_length = base64Decode(base64, token, strlen(token));
// printf("json base64 len: %d\n", base64_length);
AES128_CBC_decrypt_buffer(router_key_iv, base64, base64_length, repeater_key, repeater_iv);
memcpy(router_key, router_key_iv, 16);
memcpy(router_iv, router_key_iv+16, 16);
// ssid
memset(base64_ssid, 0, MAX_ALLOC_LEN);
memset(r_ssid, 0, MAX_ALLOC_LEN);
memset(rr_ssid, 0, MAX_ALLOC_LEN);
base64_length = base64Decode(base64_ssid, ssid, strlen(ssid));
AES128_CBC_decrypt_buffer(r_ssid, base64_ssid, base64_length, router_key, router_iv);
memcpy(rr_ssid, r_ssid, strlen(r_ssid));
// printf("rr_ssid:%s\n", rr_ssid);
// ssid pwd
memset(base64_pwd, 0, MAX_ALLOC_LEN);
memset(r_pwd, 0, MAX_ALLOC_LEN);
memset(rr_pwd, 0, MAX_ALLOC_LEN);
base64_length = base64Decode(base64_pwd, ssid_pwd, strlen(ssid_pwd));
AES128_CBC_decrypt_buffer(r_pwd, base64_pwd, base64_length, router_key, router_iv);
memcpy(rr_pwd, r_pwd, strlen(r_pwd));
// printf("rr_pwd:%s\n", rr_pwd);
flag_ssid_pwd = 1;
/* Succeed to get password and ssid, so clear hide_mode flag */
set_hide_mode(0);
if (router_key_iv)
free(router_key_iv);
if (base64)
free(base64);
if (r_ssid)
free(r_ssid);
if (r_pwd)
free(r_pwd);
}else{
dlog("recv DATA INVALID\n");
ret = 1;
}
if (ret){
printf("ecos pair verify failed!\n");
dlog("ret:%d wait %d try again\n", ret,
TRAFFICD_INIT_LOOP_TIME / 1000);
uloop_timeout_set(&sd->timeout_init, TRAFFICD_INIT_LOOP_TIME);
}else{
printf("ssid:%s\n", rr_ssid);
printf("ecos pair verify ok!\n");
#ifdef __ECOS
#if 0
CFG_set(CFG_TRAFFIC_INIT, 0);
sys->init_mode = 0;
uloop_timeout_set(&sd->timeout_mat, TRAFFICD_WIFIAP_LOOP_TIME);
#endif
#endif
}
}
