initial code for dumping imessages in a reasonable format

dump-imessages/iphone-dataprotection/python_scripts/crypto/curve25519.py

@@ -0,0 +1,74 @@
+from Crypto.Util import number
+
+CURVE_P = (2**255 - 19)
+CURVE_A = 121665
+
+def curve25519_monty(x1, z1, x2, z2, qmqp):
+    a = (x1 + z1) * (x2 - z2) % CURVE_P
+    b = (x1 - z1) * (x2 + z2) % CURVE_P
+    x4 = (a + b) * (a + b) % CURVE_P
+
+    e = (a - b) * (a - b) % CURVE_P
+    z4 = e * qmqp % CURVE_P
+
+    a = (x1 + z1) * (x1 + z1) % CURVE_P
+    b = (x1 - z1) * (x1 - z1) % CURVE_P
+    x3 = a * b % CURVE_P
+
+    g = (a - b) % CURVE_P
+    h = (a + CURVE_A * g) % CURVE_P
+    z3 = (g * h) % CURVE_P
+
+    return x3, z3, x4, z4
+
+def curve25519_mult(n, q):
+    nqpqx, nqpqz = q, 1
+    nqx, nqz = 1, 0
+
+    for i in range(255, -1, -1):
+        if (n >> i) & 1:
+            nqpqx,nqpqz,nqx,nqz = curve25519_monty(nqpqx, nqpqz, nqx, nqz, q)
+        else:
+            nqx,nqz,nqpqx,nqpqz = curve25519_monty(nqx, nqz, nqpqx, nqpqz, q)
+    return nqx, nqz
+
+def curve25519(secret, basepoint):
+    a = ord(secret[0])
+    a &= 248
+    b = ord(secret[31])
+    b &= 127
+    b |= 64
+    s = chr(a) + secret[1:-1] + chr(b)
+
+    s = number.bytes_to_long(s[::-1])
+    basepoint = number.bytes_to_long(basepoint[::-1])
+
+    x, z = curve25519_mult(s, basepoint)
+    zmone = number.inverse(z, CURVE_P)
+    z = x * zmone % CURVE_P
+    return number.long_to_bytes(z)[::-1]
+
+
+if __name__ == "__main__":
+    from crypto.aeswrap import AESUnwrap
+    from Crypto.Hash import SHA256
+
+    z="04000000080000000200000048000000000000000000000000000000000000000000000002917dc2542198edeb1078c4d1ebab74d9ca87890657ba02b9825dadf20a002f44360c6f87743fac0236df1f9eedbea801e31677aef3a09adfb4e10a37ae27facf419ab3ea3f39f4".decode("hex")
+
+    mysecret = "99b66345829d8c05041eea1ba1ed5b2984c3e5ec7a756ef053473c7f22b49f14".decode("hex")
+    mypublic = "b1c652786697a5feef36a56f36fde524a21193f4e563627977ab515f600fdb3a".decode("hex")
+    hispublic = z[36:36+32]
+
+    #c4d9fe462a2ebbf0745195ce7dc5e8b49947bbd5b42da74175d5f8125b44582b
+    shared = curve25519(mysecret, hispublic)
+    print shared.encode("hex")
+    
+    h = SHA256.new()
+    h.update('\x00\x00\x00\x01')
+    h.update(shared)
+    h.update(hispublic)
+    h.update(mypublic)
+    md = h.digest()
+
+    #e442c81b91ea876d3cf42d3aea75f4b0c3f90f9fd045e1f5784b91260f3bdc9c
+    print AESUnwrap(md, z[32+36:]).encode("hex")