UNPKG

she_decrypt

Version:

Pure JavaScript implementation for deciphering SHE arguments (M1, M2, etc)

github.com/rcoscali/SHE_decrypt

rcoscali/SHE_decrypt

175 lines (161 loc) 6.88 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
#!/usr/bin/env node ((root) => { "use strict"; /*jslint indent: 2, bitwise: false, nomen: false, plusplus: false, white: false, regexp: false */ /*global document, window, escape, unescape, module, require, Uint32Array */ const SHE = require('./SHE_decrypt.js'); test('SHE_decrypt: KDF', () => { var she = new SHE(); var bufferKey = Buffer.from('7c374d4a3f39547b556893861d251195', 'hex'); expect(she.KDF(bufferKey).toString('hex')).toBe('3fd8715cc353ebf1b0b57fe229a383c1'); } ); /* * test001 * * Test deciphering of M2 */ test('SHE_decrypt[test001]: decrypt_M2', () => { var she = new SHE(); var bufferFrame = Buffer.from('000000000000000000000000000000413e38f7c374d4a3f39547b556893861d251195ce2f6f3f989d6460408bda42c33ecc5c11b04af0c85f0f857b6b235a2bd', 'hex'); var bufferKey = Buffer.from('0153F7000099ED9F320451AA8A7D9707', 'hex'); var decM2 = she.decrypt_M2(bufferFrame, bufferKey).subarray(16,48).swap16(); expect(decM2.toString('hex')).toBe('000011000000000000000000000041003510027f89028fad2651ba628f981111'); var cid = decM2.subarray(0, 4).swap16().toString('hex').substring(0, 7); expect(cid).toBe('0000001'); var fid = ((decM2[3] & 0x0F) << 1) + ((decM2[4] >> 7) & 0x01); expect(fid).toBe(2); var key = decM2.subarray(16).swap16().toString('hex'); expect(key.toString('hex')).toBe('10357f020289ad8f512662ba988f1111'); } ); /* * test002 * * test getCID function: this function returns the CID value used * in the message. CID is the anti-replay counter for the SHE messages. */ test('SHE_decrypt[test002]: getCID', () => { var she = new SHE(); var bufferFrame = Buffer.from('000000000000000000000000000000413e38f7c374d4a3f39547b556893861d251195ce2f6f3f989d6460408bda42c33ecc5c11b04af0c85f0f857b6b235a2bd', 'hex'); var bufferKey = Buffer.from('0153F7000099ED9F320451AA8A7D9707', 'hex'); var bufM2 = she.decrypt_M2(bufferFrame, bufferKey); var CID = she.getCID(bufM2); expect(CID).toBe('0000001'); } ); /* * test003 * * test getFID function: this function returns the flags used for the key. * In our infra we use the flag with value 2 for wildcard. It allows us to * use a UID set to NULL to avoid usage of part serial number. We cannot * use this part serial number in key generation because we have a buffer * of two days of production keys in MacDispatcher server (hence we do not * know the S/N at key generation time). */ test('SHE_decrypt[test003]: getFID', () => { var she = new SHE(); var bufferFrame = Buffer.from('000000000000000000000000000000413e38f7c374d4a3f39547b556893861d251195ce2f6f3f989d6460408bda42c33ecc5c11b04af0c85f0f857b6b235a2bd', 'hex'); var bufferKey = Buffer.from('0153F7000099ED9F320451AA8A7D9707', 'hex'); var bufM2 = she.decrypt_M2(bufferFrame, bufferKey); var FID = she.getFID(bufM2); expect(FID).toBe(2); } ); /* * test004 * * test ketKEY function: this function returns the transported key that * we extracted from the SHE message. This key was ciphered with the current * Kmaster. */ test('SHE_decrypt[test004]: getKEY', () => { var she = new SHE(); var bufferFrame = Buffer.from('000000000000000000000000000000413e38f7c374d4a3f39547b556893861d251195ce2f6f3f989d6460408bda42c33ecc5c11b04af0c85f0f857b6b235a2bd', 'hex'); var bufferKey = Buffer.from('0153F7000099ED9F320451AA8A7D9707', 'hex'); var bufM2 = she.decrypt_M2(bufferFrame, bufferKey); var KEY = she.getKEY(bufM2).toString('hex'); expect(KEY).toBe('10357f020289ad8f512662ba988f1111'); } ); /* * test005 * * test getChannel function: this function provides the channel number for * which the message is transporting a key for. This channel number is * deduced from the slot ID the key will be written into. Channel 1 key is * written in slotID 4, channel 2, slotID 5, etc ... until channel 5, for * slotID 8. * This test targets the getChannel function using a string as its message * parameter. */ test('SHE_decrypt[test005]: getChannel (string)', () => { var she = new SHE(); var bufferFrame = Buffer.from('0000000000000000000000000000008187b8104aa73a5b10b5bd0fb5822c70819fa33c51e839f4ad982d4200b78fea3d941a7c4d7ce135a516315a94c9ea5d56', 'hex'); var bufferKey = Buffer.from('0153F7000099ED9F320451AA8A7D9707', 'hex'); var bufM2 = she.decrypt_M2(bufferFrame, bufferKey); var KEY = she.getKEY(bufM2).toString('hex'); var Channel = she.getChannel(bufferFrame.toString('hex')); expect(KEY).toBe('10357f020289ad8f512662ba988f1111'); expect(Channel).toBe(5); } ); /* * test006 * * test getChannel function: this function provides the channel number for * which the message is transporting a key for. This channel number is * deduced from the slot ID the key will be written into. Channel 1 key is * written in slotID 4, channel 2, slotID 5, etc ... until channel 5, for * slotID 8. * This test targets the getChannel function using a buffer as its message * parameter. */ test('SHE_decrypt[test006]: getChannel (Buffer)', () => { var she = new SHE(); var bufferFrame = Buffer.from('0000000000000000000000000000008187b8104aa73a5b10b5bd0fb5822c70819fa33c51e839f4ad982d4200b78fea3d941a7c4d7ce135a516315a94c9ea5d56', 'hex'); var bufferKey = Buffer.from('0153F7000099ED9F320451AA8A7D9707', 'hex'); var bufM2 = she.decrypt_M2(bufferFrame, bufferKey); var KEY = she.getKEY(bufM2).toString('hex'); var Channel = she.getChannel(bufferFrame); expect(KEY).toBe('10357f020289ad8f512662ba988f1111'); expect(Channel).toBe(5); } ); /* * test007 * * test getChannel function: this function provides the channel number for * which the message is transporting a key for. This channel number is * deduced from the slot ID the key will be written into. Channel 1 key is * written in slotID 4, channel 2, slotID 5, etc ... until channel 5, for * slotID 8. * This test targets the getChannel function using a buffer as its message * parameter. */ test('SHE_decrypt[test006]: getChannel (Buffer)', () => { var she = new SHE(); var bufferFrame = Buffer.from('0000000000000000000000000000008187b8104aa73a5b10b5bd0fb5822c70819fa33c51e839f4ad982d4200b78fea3d941a7c4d7ce135a516315a94c9ea5d56', 'hex'); var bufferKey = Buffer.from('0153F7000099ED9F320451AA8A7D9707', 'hex'); var bufM2 = she.decrypt_M2(bufferFrame, bufferKey); var KEY = she.getKEY(bufM2).toString('hex'); var Channel = she.getChannel(bufferFrame); expect(KEY).toBe('10357f020289ad8f512662ba988f1111'); expect(Channel).toBe(5); } ); })(this); /* * vim: et:ts=4:sw=4:sts=4 * -*- mode: JavaScript; coding: utf-8-unix; tab-width: 4 -*- */