def my_decryption_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext, AES.block_size)
from Crypto.Cipher import AES import cryptanalib as ca from Crypto import Random import random key = b'YELLOW SUBMARINE' iv = Random.new().read(AES.block_size) prefix = 'A'*random.randint(1,4) # suffix = sys.argv[1] suffix = 'lol, u tk him 2 da bar|?duh' cipher = AES.new(key, AES.MODE_ECB, iv) def my_encryption_oracle(plaintext): return cipher.encrypt(ca.pkcs7_pad(prefix + plaintext + suffix, AES.block_size)) print 'Testing ECB secret suffix decryption (simple)' decrypted_suffix = ca.ecb_cpa_decrypt(my_encryption_oracle, AES.block_size, verbose=True, hollywood=True) decrypted_suffix = ca.pkcs7_padding_remove(decrypted_suffix, AES.block_size) if decrypted_suffix != suffix: raise Exception('ECB CPA secret suffix with fixed prefix decryption failed.')
def my_padding_oracle(ciphertext): dat_cipher = AES.new(key,AES.MODE_CBC,iv) if ca.pkcs7_padding_remove(dat_cipher.decrypt(ciphertext),AES.block_size) == False: return False else: return True
return ca.pkcs7_padding_remove(plaintext, AES.block_size) def my_padding_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext, AES.block_size) != False new_plaintext = 'I am the very model of a modern major-general.' print 'Testing CBC-R functionality with plain decryption oracle...' new_ciphertext = ca.cbcr(new_plaintext, my_decryption_oracle, block_size=AES.block_size) cipher = AES.new(key, AES.MODE_CBC, iv) cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size) try: assert (cbcr_plaintext[16:] == new_plaintext) except: exit("CBCR functionality is broken with plain decryption oracles.") print 'Testing CBC-R functionality with padding oracle...' new_ciphertext = ca.cbcr(new_plaintext, my_padding_oracle, is_padding_oracle=True, block_size=AES.block_size) cipher = AES.new(key, AES.MODE_CBC, iv) cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size) try: assert (cbcr_plaintext[16:] == new_plaintext)
def my_padding_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext, AES.block_size) != False new_plaintext = 'I am the very model of a modern major-general.' print 'Testing CBC-R functionality...' print 'Reversing decryption oracle:' new_ciphertext = ca.cbcr(new_plaintext, my_decryption_oracle, block_size=AES.block_size) print 'New ciphertext is %s' % new_ciphertext.encode('hex') cipher = AES.new(key, AES.MODE_CBC, iv) print 'New plaintext is %s' % ca.pkcs7_padding_remove( cipher.decrypt(new_ciphertext), AES.block_size) print 'Reversing padding oracle:' new_ciphertext = ca.cbcr(new_plaintext, my_padding_oracle, is_padding_oracle=True, block_size=AES.block_size) print 'New ciphertext is %s' % new_ciphertext.encode('hex') cipher = AES.new(key, AES.MODE_CBC, iv) print 'New plaintext is %s' % ca.pkcs7_padding_remove( cipher.decrypt(new_ciphertext), AES.block_size) if raw_input('Did this decrypt correctly (yes)?').lower() not in [ 'y', 'yes', '' ]: raise Exception('CBCR failed.')
from Crypto.Cipher import AES import cryptanalib as ca from Crypto import Random import random key = b'YELLOW SUBMARINE' iv = Random.new().read(AES.block_size) suffix = 'lol, u tk him 2 da bar|?duh' cipher = AES.new(key, AES.MODE_ECB, iv) def my_encryption_oracle(plaintext): return cipher.encrypt( ca.pkcs7_pad( 'A' * random.randint(1, AES.block_size) + plaintext + suffix, AES.block_size)) print "Testing ECB secret suffix decryption (hard)" decrypted_suffix = ca.ecb_cpa_decrypt(my_encryption_oracle, AES.block_size, verbose=True, hollywood=True) decrypted_suffix = ca.pkcs7_padding_remove(decrypted_suffix, AES.block_size) if decrypted_suffix != suffix: raise Exception( 'ECB CPA secret suffix with random length prefix decryption failed.')
def my_decryption_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext,AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv) def my_decryption_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext,AES.block_size) def my_padding_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext,AES.block_size) != False new_plaintext = 'I am the very model of a modern major-general.' print 'Testing CBC-R functionality with plain decryption oracle...' new_ciphertext = ca.cbcr(new_plaintext, my_decryption_oracle, block_size=AES.block_size) cipher = AES.new(key, AES.MODE_CBC, iv) cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size) try: assert(cbcr_plaintext[16:] == new_plaintext) except: exit("CBCR functionality is broken with plain decryption oracles.") print 'Testing CBC-R functionality with padding oracle...' new_ciphertext = ca.cbcr(new_plaintext, my_padding_oracle, is_padding_oracle=True, block_size=AES.block_size) cipher = AES.new(key, AES.MODE_CBC, iv) cbcr_plaintext = ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size) try: assert(cbcr_plaintext[16:] == new_plaintext) except: exit("CBCR functionality is broken with padding oracles.")
from Crypto import Random key = b'YELLOW SUBMARINE' iv = Random.new().read(AES.block_size) cipher = AES.new(key, AES.MODE_CBC, iv) def my_decryption_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext,AES.block_size) def my_padding_oracle(ciphertext): plaintext = cipher.decrypt(ciphertext) return ca.pkcs7_padding_remove(plaintext,AES.block_size) != False new_plaintext = 'I am the very model of a modern major-general.' print 'Testing CBC-R functionality...' print 'Reversing decryption oracle:' new_ciphertext = ca.cbcr(new_plaintext, my_decryption_oracle, block_size=AES.block_size) print 'New ciphertext is %s' % new_ciphertext.encode('hex') cipher = AES.new(key, AES.MODE_CBC, iv) print 'New plaintext is %s' % ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size) print 'Reversing padding oracle:' new_ciphertext = ca.cbcr(new_plaintext, my_padding_oracle,is_padding_oracle=True, block_size=AES.block_size) print 'New ciphertext is %s' % new_ciphertext.encode('hex') cipher = AES.new(key, AES.MODE_CBC, iv) print 'New plaintext is %s' % ca.pkcs7_padding_remove(cipher.decrypt(new_ciphertext), AES.block_size) if raw_input('Did this decrypt correctly (yes)?').lower() not in ['y','yes','']: raise Exception('CBCR failed.')