def my_decryption_oracle(ciphertext):
plaintext = cipher.decrypt(ciphertext)
return ca.pkcs7_padding_remove(plaintext, AES.block_size)
from Crypto.Cipher import AES
import cryptanalib as ca
from Crypto import Random
import random
key = b'YELLOW SUBMARINE'
iv = Random.new().read(AES.block_size)
prefix = 'A'*random.randint(1,4)
# suffix = sys.argv[1]
suffix = 'lol, u tk him 2 da bar|?duh'
cipher = AES.new(key, AES.MODE_ECB, iv)
def my_encryption_oracle(plaintext):
return cipher.encrypt(ca.pkcs7_pad(prefix + plaintext + suffix, AES.block_size))
print 'Testing ECB secret suffix decryption (simple)'
decrypted_suffix = ca.ecb_cpa_decrypt(my_encryption_oracle, AES.block_size, verbose=True, hollywood=True)
decrypted_suffix = ca.pkcs7_padding_remove(decrypted_suffix, AES.block_size)
if decrypted_suffix != suffix:
raise Exception('ECB CPA secret suffix with fixed prefix decryption failed.')
def my_padding_oracle(ciphertext):
dat_cipher = AES.new(key,AES.MODE_CBC,iv)
if ca.pkcs7_padding_remove(dat_cipher.decrypt(ciphertext),AES.block_size) == False:
return False
else:
return True
return ca.pkcs7_padding_remove(plaintext, AES.block_size)
def my_padding_oracle(ciphertext):
plaintext = cipher.decrypt(ciphertext)
return ca.pkcs7_padding_remove(plaintext, AES.block_size) != False
new_plaintext = 'I am the very model of a modern major-general.'
print 'Testing CBC-R functionality with plain decryption oracle...'
new_ciphertext = ca.cbcr(new_plaintext,
my_decryption_oracle,
block_size=AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext),
AES.block_size)
try:
assert (cbcr_plaintext[16:] == new_plaintext)
except:
exit("CBCR functionality is broken with plain decryption oracles.")
print 'Testing CBC-R functionality with padding oracle...'
new_ciphertext = ca.cbcr(new_plaintext,
my_padding_oracle,
is_padding_oracle=True,
block_size=AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext),
AES.block_size)
try:
assert (cbcr_plaintext[16:] == new_plaintext)
def my_padding_oracle(ciphertext):
plaintext = cipher.decrypt(ciphertext)
return ca.pkcs7_padding_remove(plaintext, AES.block_size) != False
new_plaintext = 'I am the very model of a modern major-general.'
print 'Testing CBC-R functionality...'
print 'Reversing decryption oracle:'
new_ciphertext = ca.cbcr(new_plaintext,
my_decryption_oracle,
block_size=AES.block_size)
print 'New ciphertext is %s' % new_ciphertext.encode('hex')
cipher = AES.new(key, AES.MODE_CBC, iv)
print 'New plaintext is %s' % ca.pkcs7_padding_remove(
cipher.decrypt(new_ciphertext), AES.block_size)
print 'Reversing padding oracle:'
new_ciphertext = ca.cbcr(new_plaintext,
my_padding_oracle,
is_padding_oracle=True,
block_size=AES.block_size)
print 'New ciphertext is %s' % new_ciphertext.encode('hex')
cipher = AES.new(key, AES.MODE_CBC, iv)
print 'New plaintext is %s' % ca.pkcs7_padding_remove(
cipher.decrypt(new_ciphertext), AES.block_size)
if raw_input('Did this decrypt correctly (yes)?').lower() not in [
'y', 'yes', ''
]:
raise Exception('CBCR failed.')
from Crypto.Cipher import AES
import cryptanalib as ca
from Crypto import Random
import random
key = b'YELLOW SUBMARINE'
iv = Random.new().read(AES.block_size)
suffix = 'lol, u tk him 2 da bar|?duh'
cipher = AES.new(key, AES.MODE_ECB, iv)
def my_encryption_oracle(plaintext):
return cipher.encrypt(
ca.pkcs7_pad(
'A' * random.randint(1, AES.block_size) + plaintext + suffix,
AES.block_size))
print "Testing ECB secret suffix decryption (hard)"
decrypted_suffix = ca.ecb_cpa_decrypt(my_encryption_oracle,
AES.block_size,
verbose=True,
hollywood=True)
decrypted_suffix = ca.pkcs7_padding_remove(decrypted_suffix, AES.block_size)
if decrypted_suffix != suffix:
raise Exception(
'ECB CPA secret suffix with random length prefix decryption failed.')
def my_decryption_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext,AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
def my_decryption_oracle(ciphertext):
plaintext = cipher.decrypt(ciphertext)
return ca.pkcs7_padding_remove(plaintext,AES.block_size)
def my_padding_oracle(ciphertext):
plaintext = cipher.decrypt(ciphertext)
return ca.pkcs7_padding_remove(plaintext,AES.block_size) != False
new_plaintext = 'I am the very model of a modern major-general.'
print 'Testing CBC-R functionality with plain decryption oracle...'
new_ciphertext = ca.cbcr(new_plaintext, my_decryption_oracle, block_size=AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size)
try:
assert(cbcr_plaintext[16:] == new_plaintext)
except:
exit("CBCR functionality is broken with plain decryption oracles.")
print 'Testing CBC-R functionality with padding oracle...'
new_ciphertext = ca.cbcr(new_plaintext, my_padding_oracle, is_padding_oracle=True, block_size=AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size)
try:
assert(cbcr_plaintext[16:] == new_plaintext)
except:
exit("CBCR functionality is broken with padding oracles.")
from Crypto import Random
key = b'YELLOW SUBMARINE'
iv = Random.new().read(AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
def my_decryption_oracle(ciphertext):
plaintext = cipher.decrypt(ciphertext)
return ca.pkcs7_padding_remove(plaintext,AES.block_size)
def my_padding_oracle(ciphertext):
plaintext = cipher.decrypt(ciphertext)
return ca.pkcs7_padding_remove(plaintext,AES.block_size) != False
new_plaintext = 'I am the very model of a modern major-general.'
print 'Testing CBC-R functionality...'
print 'Reversing decryption oracle:'
new_ciphertext = ca.cbcr(new_plaintext, my_decryption_oracle, block_size=AES.block_size)
print 'New ciphertext is %s' % new_ciphertext.encode('hex')
cipher = AES.new(key, AES.MODE_CBC, iv)
print 'New plaintext is %s' % ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size)
print 'Reversing padding oracle:'
new_ciphertext = ca.cbcr(new_plaintext, my_padding_oracle,is_padding_oracle=True, block_size=AES.block_size)
print 'New ciphertext is %s' % new_ciphertext.encode('hex')
cipher = AES.new(key, AES.MODE_CBC, iv)
print 'New plaintext is %s' % ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size)
if raw_input('Did this decrypt correctly (yes)?').lower() not in ['y','yes','']:
raise Exception('CBCR failed.')
