def decrypt_and_check_url(ciphertext):
plaintext = decrypt_aes_cbc(ciphertext, oracle_key, iv)
plaintext = unpad_pkcs7(plaintext)
for c in plaintext:
if chr(c) not in string.printable:
raise Exception(plaintext)
return True
def decrypt_and_check_admin(ciphertext):
plaintext = decrypt_aes_cbc(ciphertext, oracle_key, iv)
plaintext = unpad_pkcs7(plaintext)
return b';admin=true;' in plaintext
def mitm_attack_3():
p = int(
"ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024"
"e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd"
"3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec"
"6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f"
"24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361"
"c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552"
"bb9ed529077096966d670c354e4abc9804f1746c08ca237327fff"
"fffffffffffff", 16)
g = 2
# initial phase
alice = HonestCryptographer(p, g)
alice.generate_keys()
bob = HonestCryptographer(1, 1) # inactive party with dummy params
# 1st message
message_type = 'p, g'
message = (alice.p, alice.g)
for_bob = send_A_to_B(alice, bob, message_type, message,
active_adversary_g_p_minus_1)
bob.p = for_bob[0]
bob.g = for_bob[1]
bob.generate_keys()
# 2nd mesage
message_type = 'ACK'
message = 'ACK'
_ = send_B_to_A(alice, bob, message_type, message,
active_adversary_g_p_minus_1)
print(f"Bob params: p = {bob.p}, g = {bob.g}")
# 3rd message
message_type = 'A'
message = alice.public_key
for_bob = send_A_to_B(alice, bob, message_type, message,
active_adversary_g_p_minus_1)
bob.compute_shared_secret(for_bob)
print(f'Bob shared secret: {bob.shared_secret}')
# 4th message
message_type = 'B'
message = bob.public_key
for_alice = send_A_to_B(alice, bob, message_type, message,
active_adversary_g_p_minus_1)
alice.compute_shared_secret(for_alice)
print(f'Alice shared secret: {alice.shared_secret}')
# 5th message
message_type = 'A->B message'
message = alice.send_encrypted_message(s2b('YELLOW SUBMARINE'))
for_bob = send_A_to_B(alice, bob, message_type, message,
active_adversary_g_p_minus_1)
print(
f'\nReceived by Bob: {bob.receive_encrypted_message(for_bob[0], for_bob[1])}'
)
key = key = hex_string_to_bytearray(sha1(s2b('1')))[:16]
decrypted = decrypt_aes_cbc(for_bob[0], key, for_bob[1])
print(f'Decrypted by Mallory: {decrypted}')
win_condition_1 = decrypted == b'YELLOW SUBMARINE'
key = hex_string_to_bytearray(sha1(s2b(str(ADVERSARY_STATE_3['p'] -
1))))[:16]
decrypted = decrypt_aes_cbc(for_bob[0], key, for_bob[1])
print(f'Decrypted by Mallory: {decrypted}')
win_condition_2 = decrypted == b'YELLOW SUBMARINE'
# 6th message
message_type = 'B->A message'
message = bob.send_encrypted_message(s2b('SATOSHI NAKAMOTO'))
for_alice = send_A_to_B(alice, bob, message_type, message,
active_adversary_g_p_minus_1)
print(
f'\nReceived by Alice: {alice.receive_encrypted_message(for_alice[0], for_alice[1])}'
)
return win_condition_1 or win_condition_2
def receive_encrypted_message(self, ciphertext, iv):
key = self.hkdf()
return decrypt_aes_cbc(ciphertext, key, iv)
def cbc_padding_oracle(ciphertext):
plaintext_padded = decrypt_aes_cbc(ciphertext, ORACLE_KEY, ORACLE_IV)
return valid_pkcs7_padding(plaintext_padded)