Skip to content

Instantly share code, notes, and snippets.

@rgerganov

rgerganov/softhsmv2.py

Last active April 13, 2021 07:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rgerganov/fa58a7308c5d25f6652a0f25196d4181 to your computer and use it in GitHub Desktop.
Save rgerganov/fa58a7308c5d25f6652a0f25196d4181 to your computer and use it in GitHub Desktop.
Download ZIP
SoftHSMv2
Raw
softhsmv2.py
#!/usr/bin/env python3
# This script derives the masterKey and tokenKey from a SoftHSMv2 token.
# For more details: https://xakcop.com/post/softhsmv2/
import sys
from Cryptodome.Hash import SHA256
from Cryptodome.Cipher import AES
from Cryptodome.Util.Padding import unpad
PBE_ITERATION_BASE_COUNT = 1500
def kdf(salt, pin):
h = SHA256.new()
h.update(salt)
h.update(pin)
tmp = h.digest()
iter = PBE_ITERATION_BASE_COUNT + salt[-1]
for _ in range(iter-1):
h = SHA256.new()
h.update(tmp)
tmp = h.digest()
return tmp
def decrypt(master_key, iv, blob):
cipher = AES.new(master_key, mode=AES.MODE_CBC, iv=iv)
data = cipher.decrypt(blob)
data = unpad(data, 16)
if data[0:3] != b'RJR':
print("Incorrect magic")
return None
return data[3:]
if __name__ == '__main__':
if len(sys.argv) < 3:
print("Usage: {} <pin> <salt> [iv] [blob]".format(sys.argv[0]))
sys.exit(1)
pin = sys.argv[1].encode('ascii')
salt = bytes.fromhex(sys.argv[2])
master_key = kdf(salt, pin)
print("masterKey: {}".format(master_key.hex()))
if len(sys.argv) == 5:
iv = bytes.fromhex(sys.argv[3])
blob = bytes.fromhex(sys.argv[4])
key = decrypt(master_key, iv, blob)
print("tokenKey: {}".format(key.hex()))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment