def getPassword(password=None):
from hashlib import md5
if password is None:
from ssl import RAND_bytes
return md5(RAND_bytes(16)).hexdigest()
else:
return md5(password.encode()).hexdigest()
def getOneRandomByte():
byte = RAND_bytes(1)
return byte[0]
def generateAESKey():
return RAND_bytes(16)
# Written against python 3.3.1
# Matasano Problem 14
# Byte-at-a-time ECB decryption, Partial control version
from prob11 import getOneRandomByte
from prob1 import base64toRaw
from prob12 import constant_ecb_encrypt, padStr
from prob8 import chunks
from ssl import RAND_bytes
# Take your oracle function from #12.
# Now generate a random count of random bytes and
# prepend this string to every plaintext. You are now doing:
# AES-128-ECB(random-prefix || attacker-controlled || target-bytes, random-key)
prefixValue = RAND_bytes(getOneRandomByte())
# += bytes(chr(getOneRandomByte()), 'UTF-8');
def prob14Encrypt(rawInput):
unknownB64 = b'Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkg' + \
b'aGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBq' + \
b'dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg' + \
b'YnkK'
unknownRaw = base64toRaw(unknownB64)
return constant_ecb_encrypt(prefixValue + rawInput + unknownRaw)
# Same goal: decrypt the target-bytes.
def recoverBytes():
# first, determine number of bytes needed to push prefix up to a block boundry
def generate_secret(self):
random_bytes = RAND_bytes(self.secret_length)
self.secret = int.from_bytes(random_bytes, byteorder='big')