move cipher() to crypto_utils
git-svn-id: svn+ssh://localhost/home/henryk/svn/cyberflex-shell/trunk@128 f711b948-2313-0410-aaa9-d29f33439f0b
This commit is contained in:
parent
3994578708
commit
c21d63752f
|
@ -4,6 +4,50 @@ from Crypto.Cipher import DES3
|
||||||
iv = '\x00' * 8
|
iv = '\x00' * 8
|
||||||
PADDING = '\x80' + '\x00' * 7
|
PADDING = '\x80' + '\x00' * 7
|
||||||
|
|
||||||
|
## *******************************************************************
|
||||||
|
## * Generic methods *
|
||||||
|
## *******************************************************************
|
||||||
|
def cipher(do_encrypt, cipherspec, key, data, iv = None):
|
||||||
|
"""Do a cryptographic operation.
|
||||||
|
operation = do_encrypt ? encrypt : decrypt,
|
||||||
|
cipherspec must be of the form "cipher-mode", or "cipher\""""
|
||||||
|
from Crypto.Cipher import DES3, DES, AES, IDEA, RC5
|
||||||
|
cipherparts = cipherspec.split("-")
|
||||||
|
|
||||||
|
if len(cipherparts) > 2:
|
||||||
|
raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"'
|
||||||
|
elif len(cipherparts) == 1:
|
||||||
|
cipherparts[1] = "ecb"
|
||||||
|
|
||||||
|
c_class = locals().get(cipherparts[0].upper(), None)
|
||||||
|
if c_class is None:
|
||||||
|
raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()]))
|
||||||
|
|
||||||
|
mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None)
|
||||||
|
if mode is None:
|
||||||
|
raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")]))
|
||||||
|
|
||||||
|
cipher = None
|
||||||
|
if iv is None:
|
||||||
|
cipher = c_class.new(key, mode)
|
||||||
|
else:
|
||||||
|
cipher = c_class.new(key, mode, iv)
|
||||||
|
|
||||||
|
|
||||||
|
result = None
|
||||||
|
if do_encrypt:
|
||||||
|
result = cipher.encrypt(data)
|
||||||
|
else:
|
||||||
|
result = cipher.decrypt(data)
|
||||||
|
|
||||||
|
del cipher
|
||||||
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## *******************************************************************
|
||||||
|
## * Cyberflex specific methods *
|
||||||
|
## *******************************************************************
|
||||||
def verify_card_cryptogram(session_key, host_challenge,
|
def verify_card_cryptogram(session_key, host_challenge,
|
||||||
card_challenge, card_cryptogram):
|
card_challenge, card_cryptogram):
|
||||||
message = host_challenge + card_challenge
|
message = host_challenge + card_challenge
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# -*- coding: iso-8859-1 -*-
|
# -*- coding: iso-8859-1 -*-
|
||||||
|
|
||||||
import pycsc, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt
|
import pycsc, crypto_utils, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt
|
||||||
from shell import Shell
|
from shell import Shell
|
||||||
|
|
||||||
def list_readers():
|
def list_readers():
|
||||||
|
@ -62,40 +62,6 @@ class Cyberflex_Shell(Shell):
|
||||||
"List the available readers"
|
"List the available readers"
|
||||||
list_readers()
|
list_readers()
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def cipher(do_encrypt, cipherspec, key, data, iv = None):
|
|
||||||
from Crypto.Cipher import DES3, DES, AES, IDEA, RC5
|
|
||||||
cipherparts = cipherspec.split("-")
|
|
||||||
|
|
||||||
if len(cipherparts) > 2:
|
|
||||||
raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"'
|
|
||||||
elif len(cipherparts) == 1:
|
|
||||||
cipherparts[1] = "ecb"
|
|
||||||
|
|
||||||
c_class = locals().get(cipherparts[0].upper(), None)
|
|
||||||
if c_class is None:
|
|
||||||
raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()]))
|
|
||||||
|
|
||||||
mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None)
|
|
||||||
if mode is None:
|
|
||||||
raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")]))
|
|
||||||
|
|
||||||
cipher = None
|
|
||||||
if iv is None:
|
|
||||||
cipher = c_class.new(key, mode)
|
|
||||||
else:
|
|
||||||
cipher = c_class.new(key, mode, iv)
|
|
||||||
|
|
||||||
|
|
||||||
result = None
|
|
||||||
if do_encrypt:
|
|
||||||
result = cipher.encrypt(data)
|
|
||||||
else:
|
|
||||||
result = cipher.decrypt(data)
|
|
||||||
|
|
||||||
del cipher
|
|
||||||
return result
|
|
||||||
|
|
||||||
def cmd_enc(self, *args):
|
def cmd_enc(self, *args):
|
||||||
"Encrypt or decrypt with openssl-like interface"
|
"Encrypt or decrypt with openssl-like interface"
|
||||||
|
|
||||||
|
@ -143,7 +109,7 @@ class Cyberflex_Shell(Shell):
|
||||||
text = fp.read()
|
text = fp.read()
|
||||||
fp.close()
|
fp.close()
|
||||||
|
|
||||||
result = self.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv)
|
result = crypto_utils.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv)
|
||||||
|
|
||||||
self.card.last_result = utils.R_APDU(result+"\x00\x00")
|
self.card.last_result = utils.R_APDU(result+"\x00\x00")
|
||||||
print utils.hexdump(result)
|
print utils.hexdump(result)
|
||||||
|
|
Loading…
Reference in New Issue