Question about DES encryption in python
I am trying to create an LM/NTLM response for which I require encrypting the challenge sent by server using DES algorithm
The following is what I did:
from M2Crypto.EVP import Cipher
def encryptChallenge(magic, key):
str_key = ""
for iter1 in key:
str_key = str_key + chr(iter1)
encrypt = 1
cipher = Cipher(alg='des_ede_ecb', key=str_key, op=encrypt, iv='\0'*16)
ciphertext = cipher.update(magic)
ciphertext += cipher.final()
return ciphertext
However when I try encrypting "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" using DES, I get the following result:
Key used to encrypt: ['0xfe', '0x9b', '0xd5', '0x16', '0xcd', '0x15', '0xc8', '0x49']
Challenge after encryption:
Encrypted_server_challenge_using_key_1 : ['0x66', '0xf7', '0xa', '0xf8', '0xda', '0x4e', '0x7', '0xaa', '0x65', '0xc3', '0x8d', '0xaa', '0x48', '0xcc', '0x67', '0x57', '0xe2', '0xb0', '0x6e', '0x10', '0xb', '0x5e', '0xdd', '0xb4']
The above response was not accepted by the server
Tried using a tool called DEScalc.jar (http://www.unsw.adfa.edu.au/~lpb/src/DEScalc/index.html) and found that the encrypted result is:
setKey(fe9bd516cd15c849)
encryptDES(0123456789abcdef)
IP: L0=cc00ccff, R0=f0aaf0aa
Rnd1 f(R0=f0aaf0aa, SK1=0b 2c 23 12 3开发者_开发问答3 1c 2b 09 ) = 988995a0
Rnd2 f(R1=5489595f, SK2=21 15 0d 11 1c 1a 3b 38 ) = 63200664
Rnd3 f(R2=938af6ce, SK3=01 35 2f 05 3e 19 30 1f ) = c206c318
Rnd4 f(R3=968f9a47, SK4=06 37 07 01 03 37 1a 3e ) = bdf738ef
Rnd5 f(R4=2e7dce21, SK5=06 14 17 29 0f 17 27 25 ) = 76c68d3d
Rnd6 f(R5=e049177a, SK6=34 14 06 0d 28 2c 23 37 ) = c182a1c7
Rnd7 f(R6=efff6fe6, SK7=04 18 2e 05 31 3a 3e 17 ) = c3e45497
Rnd8 f(R7=23ad43ed, SK8=04 13 22 27 2f 30 1f 19 ) = 4977a92c
Rnd9 f(R8=a688c6ca, SK9=12 0a 38 0c 3d 33 19 26 ) = 4975507e
Rnd10 f(R9=6ad81393, SK10=10 0b 30 1e 1f 08 2f 2e ) = d52a9361
Rnd11 f(R10=73a255ab, SK11=19 0a 31 22 05 0f 33 1f ) = 38b2a619
Rnd12 f(R11=526ab58a, SK12=38 2e 30 22 1b 3b 13 31 ) = e9dec064
Rnd13 f(R12=9a7c95cf, SK13=3a 0a 1c 12 2a 3e 35 2b ) = d88ee399
Rnd14 f(R13=8ae45613, SK14=19 09 18 1b 0b 2d 3c 16 ) = 9de6ddb2
Rnd15 f(R14=079a487d, SK15=19 39 01 12 37 14 17 36 ) = 5fb60a90
Rnd16 f(R15=d5525c83, SK16=24 05 0d 39 31 1f 2d 34 ) = 6a40b6ea
FP: L=c337cd5c, R=bd44fc97
returns c337cd5cbd44fc97
Noticed that the above result is accepted by the server
Is there a specific algorithm that is used by DEScalc.jar which I am missing, because of which I don't get the results obtained by DEScalc.jar
Hi Everyone, Thanks a lot for your help; The issue was with the way I represented the hexadecimal in python; I used the following function to convert "0123456789abcdef" to hex representation as Keith mentioned and it worked:
def HexToByte( hexStr ):
"""
Convert a string hex byte values into a byte string. The Hex Byte values may
or may not be space separated.
"""
# The list comprehension implementation is fractionally slower in this case
#
# hexStr = ''.join( hexStr.split(" ") )
# return ''.join( ["%c" % chr( int ( hexStr[i:i+2],16 ) ) \
# for i in range(0, len( hexStr ), 2) ] )
bytes = []
hexStr = ''.join( hexStr.split(" ") )
for i in range(0, len(hexStr), 2):
bytes.append( chr( int (hexStr[i:i+2], 16 ) ) )
return ''.join( bytes )
Thanks a lot
The problem here is in your source (plaintext) string. You have each character expanded to two bytes, instead of one byte. The Java program will take the input "0123456789abcdef", and use internally the hex string of that. Using pycrypto and a properly encoded plaintext I get this.
Python2> from Crypto.Cipher import DES
Python2> key
'\xfe\x9b\xd5\x16\xcd\x15\xc8I'
Python2> pw
'\x01#Eg\x89\xab\xcd\xef'
Python2> eng = DES.new(key, DES.MODE_ECB, "\0"*8)
Python2> hexdigest(eng.encrypt(pw))
'c337cd5cbd44fc97'
Which you can see is the same as the Java code.
Are you sure you need to use DES-EDE-ECB?
EDE means that you're actually using Triple DES: you run DES three times (with three different keys), and EDE means that you encrypt-decrypt-encrypt (each time with a different key).
But it sounds like you should just be using plain DES ('des_ecb').
加载中,请稍侯......
精彩评论