def seek_and_reencrypt_api(ct, key_f, offset, replace_text):
# read in the key, format is
# KEY \n
# NONCE \n
key, nonce = key_file_read(key_f)
key_in_gf28 = CryptoPals7.modify_list_into_GF28(key)
nonce_in_gf28 = CryptoPals7.modify_list_into_GF28(nonce)
if (len(ct) - offset) < len(replace_text):
return False
key_stream_input = []
start_block = offset // 16
end_block = (offset + len(replace_text)) // 16
for idx in range(start_block, end_block + 1):
temp_val = CryptoPals18.counter_function(idx, nonce_in_gf28)
padd_to_add = CryptoPals7.encrypt_aes(key_in_gf28, temp_val)
key_stream_input.extend(padd_to_add)
start_idx = offset % 16
end_idx = ((offset + len(replace_text)) % 16) + (
(end_block - start_block) * 16)
key_stream_input = key_stream_input[start_idx:end_idx]
pt_in_GF28 = CryptoPals7.modify_list_into_GF28(replace_text)
input = []
for idx, _ in enumerate(key_stream_input):
input.append(key_stream_input[idx] + pt_in_GF28[idx])
result = ct[:start_idx] + CryptoPals7.GF28_to_string(input)
if (end_idx + 1) < len(ct):
result = result + ct[end_idx:]
return result
def encryption_oracle(input):
padd_front = random.randrange(5, 10)
padd_front_text = ""
feed_input = ""
for i in range(padd_front):
padd_front_text += chr(random.randrange(256))
feed_input = padd_front_text + input
padd_back = random.randrange(5, 10)
for i in range(padd_back):
feed_input += chr(random.randrange(256))
### If the IV is not generated no matter what
# this would introduce a side channel
IV = generate_rand_IV()
key = generate_rand_AES_key()
# randomly choose ECB or CBC now
decision = random.randrange(2)
if (decision == 0):
# ECB
print("From encryption oracle: ECB mode")
res = CryptoPals7.encryption_mode_ECB(key, feed_input,
CryptoPals7.encrypt_aes)
return res
else:
# CBC
print("From encryption oracle: CBC mode")
res = CryptoPals7.ENCRYPTION_CBC_MODE(IV, key, feed_input,
CryptoPals7.encrypt_aes)
return res
def close_oracle_copy(plaintext):
if type(plaintext) is str:
plaintext = plaintext + str(append_this, encoding='utf-8')
res = CryptoPals7.encryption_mode_ECB(AES_RAND_KEY, plaintext,
CryptoPals7.encrypt_aes)
plaintext = plaintext[:len(plaintext) - len(append_this)]
else:
plaintext.extend(append_this)
res = CryptoPals7.encryption_mode_ECB(AES_RAND_KEY, bytes(plaintext),
CryptoPals7.encrypt_aes)
del plaintext[-1 * len(append_this):]
return res
def CTR_ENCRYPTION_MODE(encryption_alg, plaintext, key, ctr_func, nonce):
nonce_curr = CryptoPals7.modify_list_into_GF28(nonce)
number_blocks = math.ceil(len(plaintext) / BLOCK_SIZE)
key_GF28 = CryptoPals7.modify_list_into_GF28(key)
ctr = 0
gf28_key_stream = []
for idx in range(number_blocks):
gf28_key_stream += encryption_alg(key_GF28, ctr_func(idx, nonce_curr))
pt_GF28 = CryptoPals7.modify_list_into_GF28(plaintext)
res = []
for i in range(len(pt_GF28)):
res.append(pt_GF28[i] + gf28_key_stream[i])
return CryptoPals7.GF28_to_string(res)
def enc_url_params(params):
for character in params:
if not character in string.ascii_letters:
raise ValueError("Error -- can only encode ascii characters not " +
params)
return CryptoPals7.ENCRYPTION_CBC_MODE(STATIC_IV, STATIC_AES_KEY, params,
CryptoPals7.encrypt_aes)
def main():
print("Beginning attack... ")
normal_block = enc_user_data('a' * BLOCK_SIZE)
encrypted_string = CryptoPals7.modify_list_into_GF28(
normal_block[1 * BLOCK_SIZE:2 * BLOCK_SIZE])
a_string = CryptoPals7.modify_list_into_GF28('a' * 16)
pt_string = CryptoPals7.modify_list_into_GF28(';admin=true;' + 'a' * 4)
modified_block = []
for idx in range(BLOCK_SIZE):
modified_block.append(encrypted_string[idx] + a_string[idx] +
pt_string[idx])
modified_text = CryptoPals7.GF28_to_string(modified_block)
admin_text = normal_block[:BLOCK_SIZE] + modified_text + normal_block[
2 * BLOCK_SIZE:]
print("Result of ciphertext on oracle is: {}".format(is_admin(admin_text)))
return
def is_admin(enc_text):
decrypted = CryptoPals7.DECRYPTION_CBC_MODE(IV, AES_KEY, enc_text,
CryptoPals7.decrypt_aes)
args = decrypted.split(';')
for pair in args:
if pair == 'admin=true':
return True
return False
def decrypt(key, message):
iv_start_idx = message.find(":")
iv_end_idx = message.find("|")
iv = message[iv_start_idx + 1:iv_end_idx]
decrypted = CryptoPals7.DECRYPTION_CBC_MODE(iv, key,
message[iv_end_idx + 1:],
CryptoPals7.decrypt_aes)
return decrypted
def decryption_oracle(ciphertext):
try:
result = CryptoPals7.DECRYPTION_CBC_MODE(iv, key, ciphertext,
CryptoPals7.decrypt_aes)
# if it got this far, padding must be correct
return 1
except ValueError:
return 0
def enc_user_data(plaintext):
prepend_str = "comment1=cooking%20MCs;userdata="
append_str = ";comment2=%20like%20a%20pound%20of%20bacon"
disqualified = [';', '=']
for val in disqualified:
plaintext = plaintext.replace(val, "\"" + val + "\"")
text_to_enc = prepend_str + plaintext + append_str
res = CryptoPals7.ENCRYPTION_CBC_MODE(IV, AES_KEY, text_to_enc,
CryptoPals7.encrypt_aes)
return res
def modified_oracle_copy(plaintext_array):
test_arr = []
mod_pt_arr = plaintext_array
if type(plaintext_array) is list:
mod_pt_arr = bytearray(plaintext_array)
try:
test_arr = prepend_array + mod_pt_arr + append_this
except TypeError:
import pdb
pdb.set_trace()
res = CryptoPals7.encryption_mode_ECB(AES_RAND_KEY, test_arr,
CryptoPals7.encrypt_aes)
return res
def dec_verify(ctext):
plaintxt = ""
try:
plaintxt = CryptoPals7.DECRYPTION_CBC_MODE(STATIC_IV, STATIC_AES_KEY,
ctext,
CryptoPals7.encrypt_aes)
except ValueError:
info = str(sys.exc_info()[1])
info = info.replace("Padding Error:", "")
print("An error occurred, attempted decrypted plaintext was {}".format(
info))
plaintxt = info
for character in plaintxt:
if not character in string.ascii_letters:
print("Character is non-ascii, the text is {}".format(plaintxt))
return plaintxt
return "Successfully Decrypted"
def main():
with open("25.txt", "r") as read_b64:
res = read_b64.read()
res = base64.b64decode(res)
res = CryptoPals7.decryption_mode_ECB("YELLOW SUBMARINE", res,
CryptoPals7.decrypt_aes)
enc_file(res, "key_25.txt", "ct_25.txt")
txt = ""
with open("ct_25.txt", "r") as curr_r:
txt = curr_r.read()
print(txt)
zeroed_pt = bytearray([57] * len(txt))
new_res = seek_and_reencrypt_api(txt, "key_25.txt", 0, zeroed_pt)
#dec_file(new_res, "key_25.txt")
recovered_txt = ""
for idx, _ in enumerate(new_res):
recovered_txt += chr((ord(txt[idx]) ^ ord(new_res[idx]) ^ 57) % 256)
print(recovered_txt)
return
def counter_function(ctr, nonce):
bytes_str = struct.pack("<Q", ctr)
key_stream_enc = nonce + CryptoPals7.modify_list_into_GF28(bytes_str)
return key_stream_enc
def encrypt_profile(profile):
return CryptoPals7.encryption_mode_ECB(GLOBAL_AES_KEY, profile,
CryptoPals7.encrypt_aes)
def decrypt_and_parse_encrypted_prof(profile):
decrypted_text = CryptoPals7.decryption_mode_ECB(GLOBAL_AES_KEY, profile,
CryptoPals7.decrypt_aes)
results = parse_url_string(decrypted_text)
print(results)
def encrypt_random_string():
chosen_text = list_of_strs[random.randint(0, len(list_of_strs) - 1)]
res = CryptoPals7.ENCRYPTION_CBC_MODE(iv, key, chosen_text,
CryptoPals7.encrypt_aes)
return (res, iv)
def encrypt(key, message):
new_IV = CryptoPals11.generate_rand_IV()
new_msg = CryptoPals7.ENCRYPTION_CBC_MODE(new_IV, key, message,
CryptoPals7.encrypt_aes)
new_msg = bytearray(new_IV, encoding='utf-8') + b"|" + new_msg.encode()
return new_msg