def encryption_oracle(plaintext): paddedPlaintext = addPKCS7Padding(urandom(randint(5,10))+plaintext+urandom(randint(5,10)), AES.block_size) if randint(0, 1): return encryptAES_ECB(paddedPlaintext, urandom(AES.block_size)) else: return encryptAES_ECB_CBC(paddedPlaintext, urandom(AES.block_size), urandom(AES.block_size))
def encryptAES_ECB_CBC(plaintext, key, iv): plaintext = addPKCS7Padding(plaintext, AES.block_size) ciphertext = bytearray(len(plaintext)) for n in range(0, len(plaintext), AES.block_size): ciphertext[n: n+AES.block_size] = encryptAES_ECB(xor(plaintext[n: n+AES.block_size], iv), key) iv = ciphertext[n: n+AES.block_size] return ciphertext
def cryptAES_CTR(key, nonce, plaintext): counter = 0 nonce = bytearray(pack('<Q', nonce)) ciphertext = bytearray() for n in range(0, len(plaintext), AES.block_size): cipher = encryptAES_ECB(nonce + bytearray(pack('<Q', counter)), key) ciphertext += xor(plaintext[n:n + AES.block_size], cipher) counter += 1 return ciphertext
def oracle(knownText): return encryptAES_ECB( addPKCS7Padding(randomPrefix + knownText + unknownText, AES.block_size), RandomAESKey)
def profileFor(email): # oracle assert not ("&".encode('utf-8') in email) and not ("=".encode('utf-8') in email) encoded = ("email=".encode('utf-8'))+email+("&uid=10&role=user".encode('utf-8')) return bytearray(encryptAES_ECB(addPKCS7Padding(encoded, AES.block_size), AESKey))