e.mem_trace = 1
def main_func(inputt):
e[0xd037a0:0xd037a0 + 16] = 0
# Resets the leakage trace
e.reset()
e.trace_reset()
inp = iter(unhexlify(inputt))
def strtol(em):
em["rax"] = next(inp)
return True
e.stubbed_functions["strtol"] = strtol
e.start(0xca9, 0x1038)
print('', end='') # Here to avoid some obscure race condition in unicorn
e.start(0x10BA, 0x13DA, count=5000)
return e.sca_address_trace, e.sca_values_trace
if __name__ == "__main__":
addr, trace = main_func("00112233445566778899aabbccddeeff")
from rainbow.utils import plot
plot(trace)
N = 90
container = LedgerCtf2Container(N)
cpa_engines = [
lascar.CpaEngine(
f'cpa{i}',
lambda plaintext, key_byte, index=i: sbox[plaintext[index] ^ key_byte],
range(256)) for i in range(16)
]
s = lascar.Session(container,
engines=cpa_engines,
output_method=lascar.ConsoleOutputMethod()).run(1)
# Check the results :
print("Key should be : f0 33 1c e0 26 6a da ce 86 a8 a1 3b fa 14 67 40")
K = list(
map(lambda x: int(x, 16),
"f0 33 1c e0 26 6a da ce 86 a8 a1 3b fa 14 67 40".split()))
for i, engine in enumerate(cpa_engines):
print(
hex(K[i]),
(K[i] == np.abs(engine.finalize()).max(1).argmax()) and "found !"
or "not found",
)
# Let's draw one result
from rainbow.utils import plot
plot(cpa_engines[3]._finalize(), highlight=K[3])
[
CpaEngine(f"cpa{i}", lambda v, k, z=i: sbox[v[z] ^ k], range(256))
for i in range(16)
]
)
s.run()
print(s.output_method.finalize())
# Check the results :
print("Key should be : f0 33 1c e0 26 6a da ce 86 a8 a1 3b fa 14 67 40")
K = list(
map(lambda x: int(x, 16), "f0 33 1c e0 26 6a da ce 86 a8 a1 3b fa 14 67 40".split())
)
for i, n in enumerate([f"cpa{i}" for i in range(16)]):
print(
hex(K[i]),
(K[i] == np.abs(s[n]._finalize()).max(1).argmax())
and "found !"
or "not found",
)
# Let's draw one result
v = s["cpa3"]._finalize()
from rainbow.utils import plot
plot(v, highlight=0xE0)
print(hexlify(ref))
return res
if __name__ == "__main__":
e = rainbow_arm(sca_mode=1)
e.load('firmware.elf')
return_addr = 0
# map it to prevent an unmapped fetch exception
e[return_addr] = 0
if e.sca_mode:
from random import getrandbits
from rainbow.utils import hw, plot
import numpy as np
key = b"\x7a" * 16
traces = []
for i in range(5):
print(".", end='')
f_aes(e, key, bytes([getrandbits(8) for i in range(16)]))
traces.append(
np.fromiter(map(hw, e.sca_values_trace), dtype=np.float32))
traces = np.array(traces)
traces += np.random.normal(0, 1, size=traces.shape)
plot(traces, highlight=0)
return trace
if __name__ == "__main__":
from random import getrandbits as rnd
KEY = bytes(range(16))
N = 100
values = np.array([[rnd(8) for j in range(16)] for k in range(N)],
dtype=np.uint8)
traces = np.array([aes_encrypt(KEY, bytes(values[i])) for i in range(N)])
from rainbow.utils import plot
plot(traces[:5])
from lascar.container import TraceBatchContainer
from lascar import Session, CpaEngine, ConsoleOutputMethod
from lascar.tools.aes import sbox
t = TraceBatchContainer(traces, values)
s = Session(t, output_method=ConsoleOutputMethod())
s.add_engines([
CpaEngine(f"cpa{i}", lambda v, k, z=i: sbox[v[z] ^ k], range(256))
for i in range(16)
])
s.run()