From c21d63752fa9642d3b0c394cdb79accf6dffc25f Mon Sep 17 00:00:00 2001 From: hploetz Date: Sun, 19 Nov 2006 04:53:10 +0000 Subject: [PATCH] move cipher() to crypto_utils git-svn-id: svn+ssh://localhost/home/henryk/svn/cyberflex-shell/trunk@128 f711b948-2313-0410-aaa9-d29f33439f0b --- crypto_utils.py | 44 ++++++++++++++++++++++++++++++++++++++++++++ cyberflex-shell.py | 38 ++------------------------------------ 2 files changed, 46 insertions(+), 36 deletions(-) diff --git a/crypto_utils.py b/crypto_utils.py index 0004ee9..d497118 100644 --- a/crypto_utils.py +++ b/crypto_utils.py @@ -4,6 +4,50 @@ from Crypto.Cipher import DES3 iv = '\x00' * 8 PADDING = '\x80' + '\x00' * 7 +## ******************************************************************* +## * Generic methods * +## ******************************************************************* +def cipher(do_encrypt, cipherspec, key, data, iv = None): + """Do a cryptographic operation. + operation = do_encrypt ? encrypt : decrypt, + cipherspec must be of the form "cipher-mode", or "cipher\"""" + from Crypto.Cipher import DES3, DES, AES, IDEA, RC5 + cipherparts = cipherspec.split("-") + + if len(cipherparts) > 2: + raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"' + elif len(cipherparts) == 1: + cipherparts[1] = "ecb" + + c_class = locals().get(cipherparts[0].upper(), None) + if c_class is None: + raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()])) + + mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None) + if mode is None: + raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")])) + + cipher = None + if iv is None: + cipher = c_class.new(key, mode) + else: + cipher = c_class.new(key, mode, iv) + + + result = None + if do_encrypt: + result = cipher.encrypt(data) + else: + result = cipher.decrypt(data) + + del cipher + return result + + + +## ******************************************************************* +## * Cyberflex specific methods * +## ******************************************************************* def verify_card_cryptogram(session_key, host_challenge, card_challenge, card_cryptogram): message = host_challenge + card_challenge diff --git a/cyberflex-shell.py b/cyberflex-shell.py index 83586bb..2d86f18 100755 --- a/cyberflex-shell.py +++ b/cyberflex-shell.py @@ -1,7 +1,7 @@ #!/usr/bin/env python # -*- coding: iso-8859-1 -*- -import pycsc, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt +import pycsc, crypto_utils, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt from shell import Shell def list_readers(): @@ -62,40 +62,6 @@ class Cyberflex_Shell(Shell): "List the available readers" list_readers() - @staticmethod - def cipher(do_encrypt, cipherspec, key, data, iv = None): - from Crypto.Cipher import DES3, DES, AES, IDEA, RC5 - cipherparts = cipherspec.split("-") - - if len(cipherparts) > 2: - raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"' - elif len(cipherparts) == 1: - cipherparts[1] = "ecb" - - c_class = locals().get(cipherparts[0].upper(), None) - if c_class is None: - raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()])) - - mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None) - if mode is None: - raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")])) - - cipher = None - if iv is None: - cipher = c_class.new(key, mode) - else: - cipher = c_class.new(key, mode, iv) - - - result = None - if do_encrypt: - result = cipher.encrypt(data) - else: - result = cipher.decrypt(data) - - del cipher - return result - def cmd_enc(self, *args): "Encrypt or decrypt with openssl-like interface" @@ -143,7 +109,7 @@ class Cyberflex_Shell(Shell): text = fp.read() fp.close() - result = self.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv) + result = crypto_utils.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv) self.card.last_result = utils.R_APDU(result+"\x00\x00") print utils.hexdump(result)