def test_diff_blocks(self):
block_size = randint(5, 20)
byte_1 = cu.random_bytes(10 * block_size)
byte_2 = bytearray(byte_1)
byte_2[2 * block_size:3 * block_size] = cu.random_bytes(block_size)
byte_2[7 * block_size:8 * block_size] = cu.random_bytes(block_size)
diff_blocks = cb.find_diff_blocks(byte_1, byte_2, block_size)
self.assertEqual(diff_blocks, [2, 7])
def check_connection(self):
"""Encrypt a random message, send to server, and check that the
response is a valid encrypted echo of that message."""
iv = cu.random_bytes()
aes = AES.new(self.key, AES.MODE_CBC, iv)
plain = cu.random_bytes(count=256)
cipher = aes.encrypt(plain)
cipher_server, iv_server = self.server.echo(cipher, iv)
aes = AES.new(self.key, AES.MODE_CBC, iv_server)
plain_server = aes.decrypt(cipher_server)
return plain == plain_server, plain
def encryption_oracle(plain):
key = cu.random_bytes()
encrypt_ECB = choice([True, False])
before_bytes = cu.random_bytes(count=randint(5, 10))
after_bytes = cu.random_bytes(count=randint(5, 10))
plain = before_bytes + plain + after_bytes
if encrypt_ECB:
aes = AES.new(key, AES.MODE_ECB)
plain = cb.pad_PKCS7(plain)
return aes.encrypt(plain)
else:
iv = cu.random_bytes()
return cb.encrypt_AES_CBC(plain, key, iv=iv)
def test_25(self):
key = cu.random_bytes()
nonce = cu.random_bytes(count=AES.block_size // 2)
plain = cu.read_base64('data/Set_1_7.txt')
ctr = cb.AES_CTR(key, nonce=nonce)
cipher = ctr.process(plain)
cipher_len = len(cipher)
new_plain = bytes([14] * cipher_len)
new_cipher = ctr.edit(cipher, 0, new_plain)
keystream = cu.XOR_bytes(new_plain, new_cipher)
recovered_plain = cu.XOR_bytes(keystream, cipher)
self.assertEqual(recovered_plain, plain)
def test_19_20(self):
cipher_list = []
plain_list = []
key = cu.random_bytes()
ctr = cb.AES_CTR(key)
with open('data/Set_3_19.txt', 'r') as f:
for line in f:
plain = cu.base64_to_bytes(line)
plain_list.append(plain)
cipher_list.append(ctr.process(plain))
ctr.reset()
with open('data/Set_3_20.txt', 'r') as f:
for line in f:
plain = cu.base64_to_bytes(line)
plain_list.append(plain)
cipher_list.append(ctr.process(plain))
ctr.reset()
min_len = len(min(cipher_list, key=len))
cipher_trunc = [x[:min_len] for x in cipher_list]
cipher_cat = b''.join(cipher_trunc)
keystream = cs.get_repeating_XOR_key(cipher_cat, min_len)
plain_cat = cu.XOR_bytes(keystream, cipher_cat)
plain_trunc = [
plain_cat[x:x + min_len] for x in range(0, len(plain_cat), min_len)
]
total, correct = 0, 0
for real, guess in zip(plain_list, plain_trunc):
total += 1
correct += real[:min_len].decode('utf-8').lower() == guess.decode(
'utf-8').lower()
self.assertTrue(correct / total > 0.95)
def random_stream_encrypt(known):
prefix_num = randint(10, 50)
prefix = cu.random_bytes(count=prefix_num)
plain = prefix + known
key = randint(0, 0xffff)
cipher = cr.MT19937_cipher(plain, key)
return cipher, key
def PKCS1v1p5(plain, N):
num_bytes = N // 8
plain_bytes = cu.int_to_bytes(plain)
num_pad = num_bytes - 3 - len(plain_bytes)
padding = cu.random_bytes(num_pad)
padded = bytes([0, 2]) + padding + bytes([0]) + plain_bytes
return int.from_bytes(padded, 'big')
def register_user(self, email, password):
salt = cu.random_bytes(8)
m = sha256()
m.update(salt + bytes(password, 'utf-8'))
xH = m.digest()
x = int.from_bytes(xH, byteorder='big')
verifier = pow(self.g, x, self.N)
self.login_info[email] = (salt, verifier)
def echo(self, cipher, iv):
key = cbc_keygen(self.secret)
aes = AES.new(key, AES.MODE_CBC, iv)
plain = aes.decrypt(cipher)
iv = cu.random_bytes()
aes = AES.new(key, AES.MODE_CBC, iv)
return aes.encrypt(plain), iv
def test_ctr_edit(self):
plain = cu.random_bytes(count=10 * AES.block_size)
key = cu.random_bytes()
nonce = cu.random_bytes(count=AES.block_size // 2)
ctr = cb.AES_CTR(key, nonce=nonce)
cipher = ctr.process(plain)
new_plain_block = cu.random_bytes(count=2 * AES.block_size + 5)
new_plain = bytearray(plain)
offset_block = 4
offset = offset_block * AES.block_size
new_plain[offset:offset + len(new_plain_block)] = new_plain_block
new_cipher = ctr.edit(cipher, offset_block, new_plain_block)
ctr.reset()
test = ctr.process(new_cipher)
self.assertEqual(new_plain, test)
def test_hmac(self):
file = 'foo'
sig = cu.bytes_to_hex(ch.HMAC(self.secret, file.encode()))
bad_sig = cu.bytes_to_hex(cu.random_bytes(count=20))
good_get = f'/test?file={file}&signature={sig}'
bad_get = f'/test?file={file}&signature={bad_sig}'
response = self.client.get(good_get)
self.assertEqual(response.status_code, 200)
response = self.client.get(bad_get)
self.assertEqual(response.status_code, 500)
def login(self, email, client_public):
salt = cu.random_bytes(8)
"""This is the most important step! Under the simplified SRP
protocol, the one bit of info (aside from the password) we don't
know is the user's private key. But, it enters in form B**a % N.
So, if we set B == g, this turns into the user's public key, which
we do know."""
public = self.g
scramble = randbelow(2**128)
self.login_info[email] = (client_public, salt, scramble)
return salt, public, scramble
from datetime import datetime
from random import choice, randint
from statistics import median
from string import printable
from time import perf_counter
from unittest import TestCase
from Crypto.Cipher import AES
import crypto.block as cb
import crypto.hash as ch
import crypto.utils as cu
import set4_server as server
from test_set2 import encrypt16, decrypt16
SECRET_KEY = cu.random_bytes(count=randint(4, 32))
def encrypt27():
key = cu.random_bytes()
plain = b"For you to even touch my skill, you gotta put the one killer bee and he ain't gonna kill"
return cb.encrypt_AES_CBC(plain, key, iv=key), key
def decrypt27(cipher, key):
plain = cb.decrypt_AES_CBC(cipher, key, iv=key)
if not all([x > 31 and x < 128 for x in plain]):
raise ValueError(plain)
def key_MAC(message, algo):
#import crypto_utils as cu
from math import inf
from random import choice, randint
from unittest import TestCase
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
import crypto.block as cb
import crypto.utils as cu
UNKNOWN_KEY = cu.random_bytes()
UNKNOWN_PLAIN = cu.base64_to_bytes(
'Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkgaGFpciBjYW4gYm'\
+'xvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBqdXN0IHRvIHNheSBoaQpEaWQgeW91'\
+'IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUgYnkK')
UNKNOWN_PREFIX = cu.random_bytes(randint(0, 24))
UNKNOWN_KEY_TWO = cu.random_bytes()
UNKNOWN_IV = cu.random_bytes()
UNKNOWN_NONCE = cu.random_bytes(count=AES.block_size // 2)
PREFIX_TWO = b'comment1=cooking%20MCs;userdata='
SUFFIX_TWO = b';comment2=%20like%20a%20pound%20of%20bacon'
def encryption_oracle(plain):
key = cu.random_bytes()
encrypt_ECB = choice([True, False])
before_bytes = cu.random_bytes(count=randint(5, 10))
after_bytes = cu.random_bytes(count=randint(5, 10))
plain = before_bytes + plain + after_bytes
def test_DSA(self):
public, private = ck.gen_DSA_keys()
message = cu.random_bytes(count=128)
message_hash = get_sha1_int(message)
signature = ck.sign_DSA(message_hash, private)
self.assertTrue(ck.verify_DSA(message_hash, signature, public))
def encrypt27():
key = cu.random_bytes()
plain = b"For you to even touch my skill, you gotta put the one killer bee and he ain't gonna kill"
return cb.encrypt_AES_CBC(plain, key, iv=key), key
import crypto.utils as cu
RANDOM_PLAINS = [
b'MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=',
b'MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=',
b'MDAwMDAyUXVpY2sgdG8gdGhlIHBvaW50LCB0byB0aGUgcG9pbnQsIG5vIGZha2luZw==',
b'MDAwMDAzQ29va2luZyBNQydzIGxpa2UgYSBwb3VuZCBvZiBiYWNvbg==',
b'MDAwMDA0QnVybmluZyAnZW0sIGlmIHlvdSBhaW4ndCBxdWljayBhbmQgbmltYmxl',
b'MDAwMDA1SSBnbyBjcmF6eSB3aGVuIEkgaGVhciBhIGN5bWJhbA==',
b'MDAwMDA2QW5kIGEgaGlnaCBoYXQgd2l0aCBhIHNvdXBlZCB1cCB0ZW1wbw==',
b'MDAwMDA3SSdtIG9uIGEgcm9sbCwgaXQncyB0aW1lIHRvIGdvIHNvbG8=',
b'MDAwMDA4b2xsaW4nIGluIG15IGZpdmUgcG9pbnQgb2g=',
b'MDAwMDA5aXRoIG15IHJhZy10b3AgZG93biBzbyBteSBoYWlyIGNhbiBibG93'
]
UNKNOWN_KEY = cu.random_bytes()
UNKNOWN_IV = cu.random_bytes()
def encrypt_random():
plain = choice(RANDOM_PLAINS)
return UNKNOWN_IV + cb.encrypt_AES_CBC(plain, UNKNOWN_KEY, iv=UNKNOWN_IV)
def pad_check(cipher):
iv = cipher[:AES.block_size]
cipher = cipher[AES.block_size:]
plain = cb.decrypt_AES_CBC(cipher, UNKNOWN_KEY, iv=iv)
try:
_ = cb.unpad_PKCS7(plain)
return True
