-
Notifications
You must be signed in to change notification settings - Fork 26
/
inic1607e-extract-DEK-from-keyblock.sh
31 lines (25 loc) · 1.04 KB
/
inic1607e-extract-DEK-from-keyblock.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/bin/bash
# usage: bash inic1607e-extract-DEK-from-keyblock.sh <kek file (hex)> <keyblock file (binary)>
KEK="$1"
KEYBLOCK="$2"
TEMPDIR=`mktemp -d ./WDXXXXXXXX`
cat "$KEYBLOCK" | xxd -p -c 32 | grep -o ........ | tac | \
echo "$(tr -d '\n')" | grep -o .. | tac | \
echo "$(tr -d '\n')" | xxd -p -r > $TEMPDIR/kb1.bin
cat "$KEK" | grep -o ................................ | tac | \
echo "$(tr -d '\n')" | grep -o .. | tac | \
echo "$(tr -d '\n')" > $TEMPDIR/kek1.hex
openssl enc -d -aes-256-ecb -K `cat $TEMPDIR/kek1.hex` \
-nopad -in $TEMPDIR/kb1.bin -out $TEMPDIR/kb2.bin
TEST=`dd if=$TEMPDIR/kb2.bin bs=16 skip=25 count=1 status=none | xxd -p | grep "^275dba35"`
if [ -z "$TEST" ]; then
echo "decryption of keyblock failed" 1>&2
rm -rf $TEMPDIR
exit 1;
fi
dd if=$TEMPDIR/kb2.bin bs=4 skip=103 count=8 status=none | xxd -p -c 32 > $TEMPDIR/dek1.hex
cat $TEMPDIR/dek1.hex | grep -o ................................ | tac | \
echo "$(tr -d '\n')" | grep -o ........ | tac | \
echo "$(tr -d '\n')"
rm -rf $TEMPDIR
# end