static void test_decrypt_cbc(void) { // Example "simulating" a smaller buffer... uint8_t key[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }; uint8_t iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; uint8_t in[] = { 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d, 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2, 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b, 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16, 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09, 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7 }; uint8_t expected[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }; uint8_t buffer[64]; AES128_CBC_decrypt_buffer(buffer+0, in+0, 16, key, iv); AES128_CBC_decrypt_buffer(buffer+16, in+16, 16, 0, 0); AES128_CBC_decrypt_buffer(buffer+32, in+32, 16, 0, 0); AES128_CBC_decrypt_buffer(buffer+48, in+48, 16, 0, 0); NP_ASSERT_BYTES_EQUAL( expected, buffer, sizeof(buffer) ); }
//参考 h3c_AES_MD5.md 文档中对算法的说明 int h3c_AES_MD5_decryption(unsigned char *decrypt_data, unsigned char *encrypt_data) { const unsigned char key[16] = { 0xEC, 0xD4, 0x4F, 0x7B, 0xC6, 0xDD, 0x7D, 0xDE, 0x2B, 0x7B, 0x51, 0xAB, 0x4A, 0x6F, 0x5A, 0x22 }; // AES_BLOCK_SIZE = 16 unsigned char iv1[16] = { 'a', '@', '4', 'd', 'e', '%', '#', '1', 'a', 's', 'd', 'f', 's', 'd', '2', '4' }; // init vector unsigned char iv2[16] = { 'a', '@', '4', 'd', 'e', '%', '#', '1', 'a', 's', 'd', 'f', 's', 'd', '2', '4' }; //每次加密、解密后,IV会被改变!因此需要两组IV完成两次“独立的”解密 unsigned int length_1; unsigned int length_2; unsigned char tmp0[32]; unsigned char sig[255]; unsigned char tmp2[16]; unsigned char tmp3[16]; // decrypt AES128_CBC_decrypt_buffer(tmp0, encrypt_data, 32, key, iv1); memcpy(decrypt_data, tmp0, 16); length_1 = *(tmp0 + 5); get_sig(*(uint32_t *)tmp0, *(tmp0 + 4), length_1, sig); MD5(sig, length_1, tmp2); AES128_CBC_decrypt_buffer(tmp3, tmp0+16, 16, tmp2, iv2); memcpy(decrypt_data + 16, tmp3, 16); length_2 = *(tmp3 + 15); get_sig(*(uint32_t *)(tmp3 + 10), *(tmp3 + 14), length_2, sig + length_1); if (length_1 + length_2>32) { memcpy(decrypt_data, sig, 32); } else { memcpy(decrypt_data, sig, length_1 + length_2); } MD5(decrypt_data, 32, decrypt_data);//获取MD5摘要数据,将结果存到前16位中 MD5(decrypt_data, 16, decrypt_data + 16);//将前一MD5的结果再做一次MD5,存到后16位 return 0; }
static void test_cbc_kat_0(void){ uint8_t key[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; uint8_t iv[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; uint8_t plaintext[] = {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; uint8_t ciphertext[] = {0x3a,0xd7,0x8e,0x72,0x6c,0x1e,0xc0,0x2b,0x7e,0xbf,0xe9,0x2b,0x23,0xd9,0xec,0x34 }; uint8_t buffer[16]; AES128_CBC_encrypt_buffer(buffer, plaintext, sizeof(buffer), key, iv); NP_ASSERT_BYTES_EQUAL( ciphertext, buffer, sizeof(buffer) ); AES128_CBC_decrypt_buffer(buffer, ciphertext, sizeof(buffer), key, iv); NP_ASSERT_BYTES_EQUAL( plaintext, buffer, sizeof(buffer) ); }
int decrypt(char **data, int len, char *pin, int pinlen) { uint8_t iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}; int nlen = len % 16 == 0 ? len : len + 16 - len % 16; char *ndata = (char *)malloc(nlen); memset(ndata, 0, nlen); memcpy(ndata, *data, len); char *npin = (char *)malloc(16); memset(npin, 0, 16); memcpy(npin, pin, pinlen); free(*data); *data = (char *)malloc(nlen); AES128_CBC_decrypt_buffer(*data, ndata, nlen, npin, iv); return nlen; }
QString decodeText(const QString &hexEncodedText, const QString &key) { QCryptographicHash hash(QCryptographicHash::Md5); hash.addData(key.toUtf8()); QByteArray keyData = hash.result(); const int length = hexEncodedText.size(); int encryptionLength = getAlignedSize(length, 16); QByteArray encodingBuffer(encryptionLength, 0); QByteArray encodedText = QByteArray::fromHex(hexEncodedText.toLatin1()); encodedText.resize(encryptionLength); AES128_CBC_decrypt_buffer((uint8_t*)encodingBuffer.data(), (uint8_t*)encodedText.data(), encryptionLength, (const uint8_t*)keyData.data(), iv); void *data = encodingBuffer.data(); const ushort *decodedData = static_cast<ushort*>(data); QString result = QString::fromUtf16(decodedData); return result; }
//Symmetric Decryption bool symDecrypt(char *plaintext, const char *keyiv, char *ciphertext, const int64_t ctsize) { if (ctsize < 16) { printf("Warning: symDecrypt: ctsize<16 bytes"); } //Get Key and IV uint8_t key[SYMMETRIC_KEY_SIZE]; uint8_t iv[SYMMETRIC_IV_SIZE]; for (int i = 0; i < SYMMETRIC_IV_SIZE + SYMMETRIC_KEY_SIZE; i++) { if (i < SYMMETRIC_KEY_SIZE) key[i] = keyiv[i]; else iv[i - SYMMETRIC_KEY_SIZE] = keyiv[i]; } //Encrypt AES128_CBC_decrypt_buffer((uint8_t *) plaintext, (uint8_t *) ciphertext, ctsize, key, iv); return 1; }
static void receive_call_result_data(struct ubus_request *req, int type, struct blob_attr *msg) { struct blob_attr *tb[__INIT_MAX]; char *token, *ssid, *ssid_pwd; int len, ret; if (!msg) return; ret = 0; blobmsg_parse(init_policy, __INIT_MAX, tb, blob_data(msg), blob_len(msg)); if(tb[INIT_TOKEN] && tb[INIT_SSID] && tb[INIT_SSID_PWD]){ token = blobmsg_data(tb[INIT_TOKEN]); ssid = blobmsg_data(tb[INIT_SSID]); ssid_pwd = blobmsg_data(tb[INIT_SSID_PWD]); // todo dlog("recv token[%s], ssid[%s] ssid_pwd[%s]\n", token, ssid, ssid_pwd); // printf("recv token[%s], ssid[%s] ssid_pwd[%s]\n", token, ssid, ssid_pwd); char *base64 = malloc(MAX_ALLOC_LEN); char *router_key_iv = malloc(MAX_ALLOC_LEN); char *r_ssid = malloc(MAX_ALLOC_LEN); char *r_pwd = malloc(MAX_ALLOC_LEN); char base64_ssid[MAX_ALLOC_LEN] = {0}; char base64_pwd[MAX_ALLOC_LEN] = {0}; // get router key, iv memset(base64, 0, MAX_ALLOC_LEN); int base64_length = base64Decode(base64, token, strlen(token)); // printf("json base64 len: %d\n", base64_length); AES128_CBC_decrypt_buffer(router_key_iv, base64, base64_length, repeater_key, repeater_iv); memcpy(router_key, router_key_iv, 16); memcpy(router_iv, router_key_iv+16, 16); // ssid memset(base64_ssid, 0, MAX_ALLOC_LEN); memset(r_ssid, 0, MAX_ALLOC_LEN); memset(rr_ssid, 0, MAX_ALLOC_LEN); base64_length = base64Decode(base64_ssid, ssid, strlen(ssid)); AES128_CBC_decrypt_buffer(r_ssid, base64_ssid, base64_length, router_key, router_iv); memcpy(rr_ssid, r_ssid, strlen(r_ssid)); // printf("rr_ssid:%s\n", rr_ssid); // ssid pwd memset(base64_pwd, 0, MAX_ALLOC_LEN); memset(r_pwd, 0, MAX_ALLOC_LEN); memset(rr_pwd, 0, MAX_ALLOC_LEN); base64_length = base64Decode(base64_pwd, ssid_pwd, strlen(ssid_pwd)); AES128_CBC_decrypt_buffer(r_pwd, base64_pwd, base64_length, router_key, router_iv); memcpy(rr_pwd, r_pwd, strlen(r_pwd)); // printf("rr_pwd:%s\n", rr_pwd); flag_ssid_pwd = 1; /* Succeed to get password and ssid, so clear hide_mode flag */ set_hide_mode(0); if (router_key_iv) free(router_key_iv); if (base64) free(base64); if (r_ssid) free(r_ssid); if (r_pwd) free(r_pwd); }else{ dlog("recv DATA INVALID\n"); ret = 1; } if (ret){ printf("ecos pair verify failed!\n"); dlog("ret:%d wait %d try again\n", ret, TRAFFICD_INIT_LOOP_TIME / 1000); uloop_timeout_set(&sd->timeout_init, TRAFFICD_INIT_LOOP_TIME); }else{ printf("ssid:%s\n", rr_ssid); printf("ecos pair verify ok!\n"); #ifdef __ECOS #if 0 CFG_set(CFG_TRAFFIC_INIT, 0); sys->init_mode = 0; uloop_timeout_set(&sd->timeout_mat, TRAFFICD_WIFIAP_LOOP_TIME); #endif #endif } }