diff --git a/authentic2_idp_ltpa/utils.py b/authentic2_idp_ltpa/utils.py index 77b6ede..9d53b1a 100644 --- a/authentic2_idp_ltpa/utils.py +++ b/authentic2_idp_ltpa/utils.py @@ -55,7 +55,7 @@ def parse_token(token, secret=None, user_charset='utf8'): digest, computed_digest) return user, creation, expire -if __name__ == '__main__': +def main(): import argparse import datetime @@ -71,10 +71,15 @@ if __name__ == '__main__': parser_generate.add_argument('user', help='user\'s username') # create the parser for the "b" command - parser_parse = subparsers.add_parser('parse', help='b help') + parser_parse = subparsers.add_parser('parse', help='parse an LtpaToken') parser_parse.set_defaults(command='parse') parser_parse.add_argument('token', help='the LTPA cookie content') + parser_decryptkey = subparsers.add_parser('decryptkey', help='decrypt an exported shared key for LtpaToken') + parser_decryptkey.set_defaults(command='decryptkey') + parser_parse.add_argument('file', help='file containing an exported shared key') + parser_parse.add_argument('password', help='password for the encryption') + args = parser.parse_args() if args.secret: if args.secret.startswith('hex:'): @@ -97,3 +102,15 @@ if __name__ == '__main__': print 'User:', user print 'Creation timestamp:', from_timestamp(creation) print 'Expire timestamp:', from_timestamp(expire) + elif args.command == 'decryptkey': + from pyDes import des, ECB, PAD_PKCS5 + + content = file(args.file).read() + key = hashlib.sha1(args.password).digest() + '\x00' * 4 + + data = "Please encrypt my data" + k = des(key, ECB, padmode=PAD_PKCS5) + print 'hex:' + k.decrypt(content).encode('hex') + +if __name__ == '__main__': + main() diff --git a/setup.py b/setup.py index 22122c4..9d37a28 100755 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ setup(name='authentic2-idp-ltpa', author_email="info@entrouvert.com", packages=find_packages(os.path.dirname(__file__) or '.'), install_requires=[ - 'djangorestframework', + 'pyDes', ], entry_points={ 'authentic2.plugin': [