User Tools

Site Tools


dump_ekb

This python code parses a binary .EKB file. No decryption is done, though.

#!/usr/bin/python
#
# This file is part of FreeMD.
# 
# FreeMD is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# 
# FreeMD is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA

import struct
import sys
import binascii

def bin(a):
        s=''
        t={0:'0000',1:'0001',2:'0010',3:'0011',
           4:'0100',5:'0101',6:'0110',7:'0111',
           8:'1000',9:'1001',10:'1010',11:'1011',
           12:'1100',13:'1101',14:'1110',15:'1111'}
        for c in a[0:]:
                s+=t[ord(c) >> 4]
                s+=t[ord(c) & 0xf]
        return s

filename = sys.argv[1]

data = open(filename, 'rb').read()

start = 0

fields = struct.unpack ('>II', data[start:start+8])
ekbid, reserved = fields
start += 8

unknown3 = data[start:start+24]
start += 24

fields = struct.unpack ('>III', data[start:start+12])
taglen, keydatalen, siglen = fields
start += 12

tag = data[start:start+taglen]
start += taglen

keydata = data[start:start+keydatalen]
start += keydatalen

sig = data[start:start+siglen]
start += siglen


# Signatures

sigstart = 0
fields = struct.unpack('>IBxxx', sig[sigstart:sigstart+8]);
tagsiglen, sigcount = fields
sigstart += 8

sigs = []

for signum in range(0, sigcount):
  fields = struct.unpack ('>BxH', sig[sigstart:sigstart+4])
  sigtype,sigdatalen = fields
  sigstart += 4
  sigdata = sig[sigstart:sigstart + sigdatalen]
  sigstart += sigdatalen
  sigs.append( [sigtype, sigdata] )
  


# Interpretation:

tags = bin (tag)
# The bitfield is an array of triplets with the following meaning:
# Bit 0: Does the current node have a key in DATA?
# Bit 1: Does the left child not exist?
# Bit 2: Does the right child not exist?

# Note that the bit 0 of the root node is always set, but the key
# never exists.  This is an exception to the rule.

# Active nodes
nodes = [ "K" ]
# Parent of active node with key.
parents = [ "KR" ]
# This is the result.
keyinfo = []

# Index into tags.
tagidx = 0
# Bit 0 in the root has different meaning.
seenroot = False

while len(nodes) != 0:
    newnodes = []
    newparents = []
    for j in range (0, len(nodes)):
        newparent = parents[j]
        # Bit 0: Key included.
        if seenroot == True:
            if tags[tagidx] == '1':
                keyinfo.append ("Enc(" + nodes[j] + "," + parents[j] + ")")
                newparent = nodes[j]
        seenroot = True
        tagidx += 1
        # Bit 1: No left child.
        if tags[tagidx] == '0':
# Use this for graphviz
#            print nodes[j] + " -> " + nodes[j] + "0"
            newnodes.append (nodes[j] + "0")
            newparents.append (newparent)
        tagidx += 1
        # Bit 2: No right child.
        if tags[tagidx] == '0':
# Use this for graphviz
#            print nodes[j] + " -> " + nodes[j] + "1"
            newnodes.append (nodes[j] + "1")
            newparents.append (newparent)
        tagidx += 1
    nodes = newnodes
    parents = newparents



  

print "EKB ", filename
print "EKB ID:      ", hex (ekbid)
print "Reserved:    ", hex (reserved)
print "Unknown 3:   ", binascii.hexlify (unknown3)

print "Tag Length:  ", hex (taglen)
print "Data Length: ", hex (keydatalen)
print "Sig Length:  ", hex (siglen)

print "Tags:        ", binascii.hexlify (tag)
print "Data:        ", binascii.hexlify (keydata[0:16]), keyinfo[0]
for i in range (16, keydatalen, 16):
  print "             ", binascii.hexlify (keydata[i:i+16]), keyinfo[i/16]

print "Significant Tag Length: ", hex(tagsiglen)
for sig in sigs:
  sigtype, sigdata = sig
  print "Sig ID:      ", hex (sigtype)
  print "Sig Len:     ", hex (len(sigdata))
  print "Sig:         ", binascii.hexlify (sigdata[0:16])
  for i in range (16, len(sigdata), 16):
    print "             ", binascii.hexlify (sigdata[i:i+16])
dump_ekb.txt · Last modified: 2010/03/13 22:44 by megadiscman

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki