Skip to content

Instantly share code, notes, and snippets.

@rqu1

rqu1/mkcrypt.py Secret

Created May 5, 2022 06:37
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rqu1/28eede91348990075229b72681016ece to your computer and use it in GitHub Desktop.
Save rqu1/28eede91348990075229b72681016ece to your computer and use it in GitHub Desktop.
Download ZIP
Simple py2 implementation of PAN-OS masterkey encryption/decryption
Raw
mkcrypt.py
from hashlib import md5, sha1
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from base64 import b64encode, b64decode
class PanCrypt():
def __init__(self, key='p1a2l3o4a5l6t7o8'):
backend=default_backend()
key=self._derivekey(key)
self.c=Cipher(algorithms.AES(key), modes.CBC('\0'*16), backend=backend)
def _derivekey(self,key):
return md5(key+md5("pannetwork").digest()).digest()*2
def _pad(self, d):
plen=16-(len(d)%16)
return d+(chr(plen)*plen)
def _unpad(self,d):
return d[:-(ord(d[-1]))]
def _encrypt(self,data):
e=self.c.encryptor()
return e.update(self._pad(data)) + e.finalize()
def _decrypt(self,data):
d=self.c.decryptor()
return self._unpad(d.update(data)+d.finalize())
def encrypt(self, data):
v=b64encode('\x01')
hash=b64encode(sha1(data).digest())
ct=b64encode(self._encrypt(data))
return '-'+v+hash+ct
def decrypt(self, data):
v=b64decode(data[1:5])
hash=b64decode(data[5:33])
pt=self._decrypt(b64decode(data[33:]))
return (v,hash,pt)
@rqu1
Copy link
Author

rqu1 commented May 5, 2022

encryption:

>>> pc=PanCrypt()
>>> ciphertext=pc.encrypt("AAAA")
>>> print(ciphertext)
'-AQ==4lEhcqv4zJ9n/dSetsrPLfcbutM=X6AkSo4yvy4V9F78nMz4rg=='

verifying the ciphertext string matches the ciphertext returned by cryptod:

sh-4.2# sdb -P3 'sw.cryptod.runtime.api.encr={"ptext-len":4,"plain-text":'AAAA'}'
""""sw.cryptod.runtime.api.encr: { 'encrypted-text': <LUFRPT00bEVoY3F2NHpKOW4vZFNldHNyUExmY2J1dE09WDZBa1NvNHl2eTRWOUY3OG5NejRy
Zz09>, 'etext-len': 57, 'plain-text': <QUFBQQ==>, 'ptext-len': 4, }
sh-4.2# echo 'LUFRPT00bEVoY3F2NHpKOW4vZFNldHNyUExmY2J1dE09WDZBa1NvNHl2eTRWOUY3OG5NejRyZz09'|base64 -d
-AQ==4lEhcqv4zJ9n/dSetsrPLfcbutM=X6AkSo4yvy4V9F78nMz4rg==

decrypting data:

>>> pc.decrypt(ciphertext)
('\x01', '\xe2Q!r\xab\xf8\xcc\x9fg\xfd\xd4\x9e\xb6\xca\xcf-\xf7\x1b\xba\xd3', 'AAAA')

this tuple contains the version code (should be \x01 in valid ciphertexts), the SHA-1 hash of the plaintext, and the plaintext.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment