Пример #1
0
class CBCPaddingOracle(object):
    def __init__(self, key, iv):
        self.cipher = AES(key)
        self.iv = iv

    def has_valid_padding(self, ciphertext):
        try:
            self.cipher.decrypt(ciphertext, mode=CBC(self.iv))
            has_valid_padding = True
        except InvalidPaddingException:
            has_valid_padding = False
        return has_valid_padding
Пример #2
0
class CBCPaddingOracle(object):

    def __init__(self, key, iv):
        self.cipher = AES(key)
        self.iv = iv
        
    def has_valid_padding(self, ciphertext):
        try:
            self.cipher.decrypt(ciphertext, mode=CBC(self.iv))
            has_valid_padding = True
        except InvalidPaddingException:
            has_valid_padding = False
        return has_valid_padding
Пример #3
0
 def value(self):
     random_generator = RandomByteGenerator()
     key = random_generator.value(self.BLOCK_SIZE)
     iv = random_generator.value(self.BLOCK_SIZE)
     ciphertext = AES(key).encrypt(self.plaintext, mode=CBC(iv))
     oracle = CBCPaddingOracle(key, iv)
     return CBCPaddingOracleAttack(oracle).value(ciphertext, iv)
Пример #4
0
Файл: toy.py Проект: lukius/mts
 def _init_cipher_from(self, secret, iv=None):
     secret_bytes = IntToBytes(secret).value()
     key = SHA1().hash(secret_bytes)[:self.BLOCK_SIZE]
     self.iv = RandomByteGenerator().value(self.BLOCK_SIZE) if iv is None\
               else iv
     self.cipher = AES(key)
     self.cipher_mode = CBC(iv=self.iv)
Пример #5
0
class UserProfileGenerator(object):
    def __init__(self, key):
        self.cipher = AES(key)
        self.profile_template = 'email=%s&uid=%d&role=user'

    def _rand_uid(self):
        return random.randint(10, 99)

    def profile_for(self, email):
        if '&' in email or '=' in email:
            raise RuntimeError('email address has invalid characters!')
        uid = self._rand_uid()
        profile = self.profile_template % (email, uid)
        return self.cipher.encrypt(profile, mode=ECB())
Пример #6
0
class UserProfileGenerator(object):

    def __init__(self, key):
        self.cipher = AES(key)
        self.profile_template = 'email=%s&uid=%d&role=user'

    def _rand_uid(self):
        return random.randint(10,99)

    def profile_for(self, email):
        if '&' in email or '=' in email:
            raise RuntimeError('email address has invalid characters!')
        uid = self._rand_uid()
        profile = self.profile_template % (email, uid)
        return self.cipher.encrypt(profile, mode=ECB())
Пример #7
0
class UserProfileParser(object):

    def __init__(self, key, decryption_mode):
        self.cipher = AES(key)
        self.mode = decryption_mode
        
    def _unquote(self, text):
        text = text.replace('%3B', ';')
        text = text.replace('%3D', '=')
        return text        

    def parse(self, encrypted_profile):
        profile_string = self.cipher.decrypt(encrypted_profile,
                                             mode=self.mode)
        return self._unquote(profile_string.bytes())
Пример #8
0
class UserProfileGenerator(object):
    
    PREFIX = 'comment1=cooking%20MCs;userdata='
    SUFFIX = ';comment2=%20like%20a%20pound%20of%20bacon'
    
    def __init__(self, key, encryption_mode):
        self.cipher = AES(key)
        self.mode = encryption_mode
        
    def _quote(self, text):
        text = text.replace(';', '%3B')
        text = text.replace('=', '%3D')
        return text
    
    def profile_for(self, user_data):
        plaintext = '%s%s%s' % (self.PREFIX, user_data, self.SUFFIX)
        plaintext = self._quote(plaintext)
        return self.cipher.encrypt(plaintext, mode=self.mode)
Пример #9
0
class ECBEncryptionOracle(object):
    
    BLOCK_SIZE = 16
    
    def __init__(self):
        key = RandomByteGenerator().value(self.BLOCK_SIZE)
        self.cipher = AES(key)
        self.trailing_string = self._decode_trailing_string()
    
    def _trailing_string(self):
        return 'Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXk' +\
               'gaGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZy' +\
               'BqdXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvd' +\
               'mUgYnkK'
               
    def _decode_trailing_string(self):
        string = self._trailing_string()
        return Base64Decoder().decode(string)
    
    def encrypt(self, plaintext):
        plaintext += self.trailing_string
        return self.cipher.encrypt(plaintext, mode=ECB())
Пример #10
0
class UserProfileParser(object):

    FIELDS = ['email', 'uid', 'role']

    def __init__(self, key):
        self.cipher = AES(key)

    def _parse(self, profile):
        tuples = profile.split('&')
        return dict(map(lambda item: item.split('='), tuples))

    def _profile_has_valid_fields(self, profile):
        return set(profile.keys()) == set(self.FIELDS)

    def _validate(self, profile):
        if not self._profile_has_valid_fields(profile):
            raise RuntimeError('invalid profile!')

    def parse(self, encrypted_profile):
        profile_string = self.cipher.decrypt(encrypted_profile, mode=ECB())
        profile = self._parse(profile_string.bytes())
        self._validate(profile)
        return profile
Пример #11
0
class UserProfileParser(object):

    FIELDS = ['email', 'uid', 'role']

    def __init__(self, key):
        self.cipher = AES(key)

    def _parse(self, profile):
        tuples = profile.split('&')
        return dict(map(lambda item: item.split('='), tuples))
    
    def _profile_has_valid_fields(self, profile):
        return set(profile.keys()) == set(self.FIELDS)
    
    def _validate(self, profile):
        if not self._profile_has_valid_fields(profile):
            raise RuntimeError('invalid profile!')

    def parse(self, encrypted_profile):
        profile_string = self.cipher.decrypt(encrypted_profile, mode=ECB())
        profile = self._parse(profile_string.bytes())
        self._validate(profile)
        return profile
Пример #12
0
 def __init__(self, key, iv):
     self.cipher = AES(key)
     self.iv = iv
Пример #13
0
 def __init__(self, key):
     self.cipher = AES(key)
     self.profile_template = 'email=%s&uid=%d&role=user'
Пример #14
0
 def encrypt(self, plaintext):
     plaintext = self._prepare_plaintext(plaintext)
     key = self.random_generator.value(self.block_size)
     self.mode = self._get_random_mode()
     return AES(key).encrypt(plaintext, mode=self.mode)
Пример #15
0
 def __init__(self, key):
     self.cipher = AES(key)
     self.profile_template = 'email=%s&uid=%d&role=user'
Пример #16
0
 def _encrypt(self, message):
     key = RandomByteGenerator().value(BlockCipherMode.DEFAULT_BLOCK_SIZE)
     cipher = AES(key)
     mode = self._get_encryption_mode()
     return cipher.encrypt(message, mode=mode)
Пример #17
0
 def __init__(self, key):
     self.cipher = AES(key)
Пример #18
0
 def __init__(self):
     MatasanoChallenge.__init__(self)
     ciphertext = Base64Decoder().decode_file(self.FILE)
     self.plaintext = AES(self.KEY).decrypt(ciphertext, mode=ECB()).bytes()
Пример #19
0
 def __init__(self):
     key = RandomByteGenerator().value(self.BLOCK_SIZE)
     self.cipher = AES(key)
     self.trailing_string = self._decode_trailing_string()
Пример #20
0
 def _encrypt(self, message):
     key = RandomByteGenerator().value(BlockCipherMode.DEFAULT_BLOCK_SIZE)
     cipher = AES(key)
     mode = self._get_encryption_mode()
     return cipher.encrypt(message, mode=mode)
Пример #21
0
 def _process_chunk(self, chunk):
     key = self._build_key_from_register()
     result = AES(key).encrypt(chunk).bytes()
     return [self.endianness().to_int(result[:byte_size]).value()]
Пример #22
0
 def __init__(self, key, iv):
     self.cipher = AES(key)
     self.iv = iv
Пример #23
0
 def _encrypt(self, plaintexts):
     key = RandomByteGenerator().value(self.BLOCK_SIZE)
     aes = AES(key)
     return map(lambda text: aes.encrypt(text, mode=CTR(nonce=0)).bytes(),
                plaintexts)
Пример #24
0
 def _encrypt(self, plaintexts):
     key = RandomByteGenerator().value(self.BLOCK_SIZE)
     aes = AES(key)
     return map(lambda text: aes.encrypt(text, mode=CTR(nonce=0)).bytes(),
                plaintexts)
Пример #25
0
 def value(self):
     key = 'YELLOW SUBMARINE'
     ciphertext = Base64Decoder().decode_file(self.FILE)
     return AES(key).decrypt(ciphertext, mode=ECB()).bytes()
Пример #26
0
 def __init__(self, key, encryption_mode):
     self.cipher = AES(key)
     self.mode = encryption_mode
Пример #27
0
 def value(self):
     ciphertext = Base64Decoder().decode_file(self.FILE)
     return AES(self.KEY).decrypt(ciphertext, mode=CBC(self.IV)).bytes()
Пример #28
0
 def __init__(self, key):
     self.cipher = AES(key)