def encrypt_profile(email: str) -> bytes: global key if key is None: key = generate_bytes() data = profile_for(email) data = pkcs7_pad(bytes(data, "ascii")) return encrypt_aes_128_ecb(data, key)
def attack_profile() -> bytes: email = "*****@*****.**" admin = pkcs7_pad(b"admin").decode("ascii") padding = "x" * (16 - len("email=")) enc_bytes = encrypt_profile(email) enc_admin = encrypt_profile(padding + admin + "@foo.bar") return enc_bytes[0:32] + enc_admin[16:32]
def test_challenge09(self): if 9 not in self.tests: self.skipTest("") test = b"YELLOW SUBMARINE" expected = b"YELLOW SUBMARINE\x04\x04\x04\x04" actual = pkcs7_pad(test, 20) self.assertEqual(expected, actual) expected = b"\x10" * 16 actual = pkcs7_pad(b"") self.assertEqual(expected, actual) expected = b"1234567890abcdef" + b"\x10" * 16 actual = pkcs7_pad(b"1234567890abcdef") self.assertEqual(expected, actual) expected = b"1" + b"\x0f" * 15 actual = pkcs7_pad(b"1") self.assertEqual(expected, actual)
def encryption_oracle_ecb_cbc(data: bytes, is_ecb: bool) -> bytes: key = generate_bytes() before = generate_bytes(randint(5, 10)) after = generate_bytes(randint(5, 10)) data = before + data + after data = pkcs7_pad(data) if is_ecb: output = encrypt_aes_128_ecb(data, key) else: iv = generate_bytes() output = encrypt_cbc(data, key, iv) return output
def encrypt_cbc(block: bytes, key: bytes, vector: bytes = b'\0' * 16, block_size: int = 16, self=None) -> bytes: if not block: return b"" left = pkcs7_pad(block[:block_size], block_size) right = block[block_size:] xored = fixed_xor(left, vector) left_res = encrypt_aes_128_ecb(xored, key) right_res = encrypt_cbc(right, key, left_res) return left_res + right_res
def test_cbc(self): if "cbc" not in self.tests: self.skipTest("") data = b"1234567890" key = b"YELLOW SUBMARINE" iv = 16 * b"\0" cipher = AES.new(key, AES.MODE_CBC, iv) expected = cipher.encrypt(pkcs7_pad(data, AES.block_size)) actual = encrypt_cbc(data, key, iv) self.assertEqual(expected, actual) cipher = AES.new(key, AES.MODE_CBC, iv) expected = strip_padding(cipher.decrypt(expected)) actual = decrypt_cbc(actual, key, iv) self.assertEqual(expected, actual) data = b"1234567890abcdef" cipher = AES.new(key, AES.MODE_CBC, iv) expected = cipher.encrypt(data) actual = encrypt_cbc(data, key, iv) self.assertEqual(expected, actual)
def encryption_oracle_ecb(data: bytes) -> bytes: global key data = pkcs7_pad(data + unknown_string) return encrypt_aes_128_ecb(data, key)