Skip to content

Add Ki recovery from eKi and fix OPC return type #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Takuto88 wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add Ki recovery from eKi and fix OPC return type #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c26e6c9
fix: decode OPC hexlify result to string
Takuto88 Jun 21, 2026
111a086
feat: add Ki recovery from eKi
Takuto88 Jun 21, 2026
07a04ed
docs: add recover_ki usage to README
Takuto88 Jun 21, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ Options:
-o OP, --op=OP 32 char OP key
-t TRANS, --transport=TRANS 32 char Transport key
-k KI, --ki=KI Optional 32 char Ki key (to avoid random generation)
-e EKI, --eki=EKI 32 char eKI key (to recover Ki)

$ kiopcgen -o D7DECB1F50404CC29ECBF989FE73AFC5 -t 2257CC6E9746434B89F346F0276CCAEC
{'KI': '780E6AC95A2E43449C15BDCDD0450982',
Expand All @@ -51,6 +52,13 @@ $ kiopcgen -o D7DECB1F50404CC29ECBF989FE73AFC5 -t 2257CC6E9746434B89F346F0276CCA
{'KI': '8978B79E7C104F678FA5C336509DB188',
'OPC': '6F2E82855DEE7C893CB1F7A72FD08B57',
'eKI': 'FBE8C170F6A5C6C257E5324719674818'}

Or recover Ki from an encrypted eKi:

$ kiopcgen -o D7DECB1F50404CC29ECBF989FE73AFC5 -t 2257CC6E9746434B89F346F0276CCAEC -e 4601138387FCF7D666ED24BBB3EE37B8
{'KI': '780E6AC95A2E43449C15BDCDD0450982',
'OPC': '2274B84B8043105A28AABBE53EF1D014',
'eKI': '4601138387FCF7D666ED24BBB3EE37B8'}
```

Or import the kiopcgenerator module to use in your scripts
Expand All @@ -72,6 +80,10 @@ print (kiopcgenerator.gen_eki(transport, ki))
# 8FAC9FE22D306EA4CB86279B3473D8CB
print (kiopcgenerator.gen_opc_eki(op, transport, ki))
# {'KI': 'EBD77DF6CFF949448ACF82B8FE4E59E3', 'eKI': '8FAC9FE22D306EA4CB86279B3473D8CB', 'OPC': '33244F04A86408A53110D1FCAFD04288'}

# Recover Ki from eKi
print (kiopcgenerator.recover_ki(op, transport, eki))
# {'KI': 'EBD77DF6CFF949448ACF82B8FE4E59E3', 'eKI': '8FAC9FE22D306EA4CB86279B3473D8CB', 'OPC': '33244F04A86408A53110D1FCAFD04288'}
```

## Installation
Expand Down
7 changes: 6 additions & 1 deletion kiopcgen
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,14 @@ parser = OptionParser()
parser.add_option("-o", "--op", dest="op", help="32 char OP key")
parser.add_option("-t", "--transport", dest="trans", help="32 char Transport key")
parser.add_option("-k", "--ki", dest="ki", help="Optional 32 char Ki key (to avoid random generation)")
parser.add_option("-e", "--eki", dest="eki", help="32 char eKI key (to recover Ki)")
(options, args) = parser.parse_args()

if options.op and options.trans:
if options.eki and options.trans and options.op:
result = kiopcgenerator.recover_ki(options.op, options.trans, options.eki)
pprint.pprint(result)
sys.exit(0)
elif options.op and options.trans:
if not options.ki:
options.ki = kiopcgenerator.gen_ki()

Expand Down
21 changes: 20 additions & 1 deletion kiopcgenerator/lib.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ def calc_opc_hex(self, k_hex, op_hex=None):
aes_crypt = AES.new(ki, mode=AES.MODE_CBC, IV=iv)
data = op
o_pc = self._xor_str(data, aes_crypt.encrypt(data))
return binascii.hexlify(o_pc)
return binascii.hexlify(o_pc).decode('utf-8')

def _xor_str(self, s, t):
"""xor two strings together"""
Expand Down Expand Up @@ -79,12 +79,31 @@ def gen_opc(op, ki):
return hss.calc_opc_hex(ki, op).upper()


def aes_128_cbc_decrypt(key, ciphertext):
"""
implements aes 128b decryption with cbc.
"""
keyb = binascii.unhexlify(key)
ciphertextb = binascii.unhexlify(ciphertext)
decryptor = AES.new(keyb, AES.MODE_CBC, IV=IV)
plaintext = decryptor.decrypt(ciphertextb)
return plaintext.hex().upper()


def gen_eki(transport, ki):
"""
generates eKI based on ki and transport key
"""
return aes_128_cbc_encrypt(transport, ki)


def recover_ki(op, transport, eki):
"""
recovers ki from eKI and generates opc using the transport key and op
"""
ki = aes_128_cbc_decrypt(transport, eki)
return {"KI": ki, "OPC": gen_opc(op, ki), "eKI": eki}


def gen_opc_eki(op, transport, ki):
return {"KI": ki, "OPC": gen_opc(op, ki), "eKI": gen_eki(transport, ki)}