Decrypt a PSP packet :param key: the secret key used for encryption :raise scapy.layers.psp.PSPIntegrityError: if the integrity check fails with an AEAD algorithm :raise scapy.layers.psp.PSPCipherError: if the requested cipher is unsupported
(self, key)
| 135 | self.data = plain + payload |
| 136 | |
| 137 | def decrypt(self, key): |
| 138 | """ |
| 139 | Decrypt a PSP packet |
| 140 | |
| 141 | :param key: the secret key used for encryption |
| 142 | :raise scapy.layers.psp.PSPIntegrityError: if the integrity check |
| 143 | fails with an AEAD algorithm |
| 144 | :raise scapy.layers.psp.PSPCipherError: if the requested cipher |
| 145 | is unsupported |
| 146 | """ |
| 147 | cipher = self.sanitize_cipher() |
| 148 | self.icv_size = 16 |
| 149 | iv = struct.pack("!L", self.spi) + self.iv |
| 150 | data = self.data[:len(self.data) - self.icv_size] |
| 151 | icv = self.data[len(self.data) - self.icv_size:] |
| 152 | |
| 153 | decrypt_start_offset = 16 + self.cryptoffset * 4 |
| 154 | plain = b'' |
| 155 | to_decrypt = bytes(data) |
| 156 | self.data = b'' |
| 157 | psp_header = bytes(self) |
| 158 | header_length = len(psp_header) |
| 159 | # Header should always be fully plaintext |
| 160 | if header_length < decrypt_start_offset: |
| 161 | plain = to_decrypt[:decrypt_start_offset - header_length] |
| 162 | to_decrypt = to_decrypt[decrypt_start_offset - header_length:] |
| 163 | cipher = cipher(key) |
| 164 | try: |
| 165 | data = cipher.decrypt(iv, to_decrypt + icv, psp_header + plain) |
| 166 | self.data = plain + data |
| 167 | except InvalidTag as err: |
| 168 | raise PSPIntegrityError(err) |
| 169 | |
| 170 | |
| 171 | bind_bottom_up(UDP, PSP, dport=1000) |
no test coverage detected