Conversation
mathoudebine
changed the title
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| cipher = DES.new(key, DES.MODE_CBC, key) | ||
| padded_len = (len(data) + 7) // 8 * 8 | ||
| padded_data = data.ljust(padded_len, b'\x00') | ||
| return cipher.encrypt(padded_data) |
Check failure
Code scanning / CodeQL
Use of a broken or weak cryptographic algorithm High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 3 months ago
To fix the issue, replace the use of DES with AES. Update both imports and code so that encrypt_with_des is converted to encrypt_with_aes, using parameters suitable for AES. This involves importing AES from Crypto.Cipher, replacing the key and IV to match AES requirements (key lengths of 16, 24, or 32 bytes; IV length of exactly 16 bytes for AES-CBC), and padding plaintext to a multiple of AES block size (16 bytes). Update usages of both the encryption method and key/IV selection. You should edit the regions touching lines 33 (import), the definition of encrypt_with_des (~lines 56–61), and the related usages in encrypt_command_packet.
We need to:
- Replace
from Crypto.Cipher import DESwithfrom Crypto.Cipher import AES. - Replace
encrypt_with_desand its logic with an AES version (encrypt_with_aes), updating padding and key sizing. - Update any references to DES keys/constants and method calls to match AES requirements (key/IV).
- Update usages in
encrypt_command_packetaccordingly.
| @@ -30,7 +30,7 @@ | ||
|
|
||
| import usb.core | ||
| import usb.util | ||
| from Crypto.Cipher import DES | ||
| from Crypto.Cipher import AES | ||
| from PIL import Image | ||
|
|
||
| from library.log import logger | ||
| @@ -53,16 +53,18 @@ | ||
| return packet | ||
|
|
||
|
|
||
| def encrypt_with_des(key: bytes, data: bytes) -> bytes: | ||
| cipher = DES.new(key, DES.MODE_CBC, key) | ||
| padded_len = (len(data) + 7) // 8 * 8 | ||
| def encrypt_with_aes(key: bytes, iv: bytes, data: bytes) -> bytes: | ||
| cipher = AES.new(key, AES.MODE_CBC, iv) | ||
| block_size = AES.block_size # 16 bytes | ||
| padded_len = (len(data) + block_size - 1) // block_size * block_size | ||
| padded_data = data.ljust(padded_len, b'\x00') | ||
| return cipher.encrypt(padded_data) | ||
|
|
||
|
|
||
| def encrypt_command_packet(data: bytearray) -> bytearray: | ||
| des_key = b'slv3tuzx' | ||
| encrypted = encrypt_with_des(des_key, data) | ||
| # AES requires key of length 16, 24, or 32 bytes, and IV of length 16 bytes (block size) | ||
| aes_key = b'slv3tuzx12345678' # NOTE: must be 16 bytes for AES-128; adjust as needed. | ||
| aes_iv = b'\x00' * 16 # Fixed IV for example; ideally, use a random IV and transmit it with the packet. | ||
| encrypted = encrypt_with_aes(aes_key, aes_iv, data) | ||
| final_packet = bytearray(512) | ||
| final_packet[:len(encrypted)] = encrypted | ||
| final_packet[510] = 161 |
|
any news for this ? =) |
|
Any update on this PR? I would really be happy to find the 8.8 support in the main release. |
|
9.2" is working with the patch. |
Thank you for the heads up, how do i patch this? sorry if it sounds like a stupid question just very new to it all still |
|
Hi all, just so you know this PR is not merged yet because there is an issue with some themes: the frames sent to the display cannot exceed 1MB for now which means that the background of some 8.8" themes cannot be loaded |
|
For 9.2" the product ID is 0x0092 Also thanks for the patch :) |
You can clone my fork (https://github.com/drivin/turing-smart-screen-python). That should work. |
|
Hi, Any updates on whether this project would work with Turing 5.2" display? |
Do you have any idea what might be causing this, or perhaps already have a solution? Otherwise, I would take a look at the issue over the next few days and try to work out a solution. |
7 participants
Might also add support for the following models: