class CookieFactoryCBC(): def __init__(self): self.oracle = Oracle(None, prefix, postfix) self.sep_field = Message(b';') self.sep_key = Message(b'=') self.default_keys = [ Message(b'comment1'), Message(b'userdata'), Message(b'comment2') ] def newCookie(self, user_input): user_input_msg = Message(user_input, 'ascii') return self.oracle.encryptCBC(user_input_msg) def isAdminCookie(self, msg): decr_msg = self.oracle.decryptCBC(msg) try: token = Token.fromMsg(decr_msg, Message(b';'), Message(b'=')) except IndexError: raise InvalidToken try: return token.data[Message(b'admin')] == Message(b'true') except KeyError: return False
def AESOracle(msg, test_mode=False): """ An oracle which does the following, given a message: chooses an integer m uniformly from [5, 10] and prepends a random string of m bytes to a message, then chooses an integer n uniformly from [5, 10] and appends a random string of n bytes to the message; generates a random 16-byte key; then flips a fair coin and encrypts the enlarged message with either AES-ECB or AES-CBC (using another random 16-byte string as the IV) depending on the result. The oracle can be used in a simple model of a chosen- plaintext attack on an unknown cipher. To verify the success of such an attack, the function has an optional "test mode" which exposes the mode of AES used for each encryption. Args: msg (string): the message to be affixed-to and encrypted. msg_format (string): the format in which the bytes of 'filename' are encoded. Options are 'ascii' (default), 'hex', and 'base64'. test_mode (bool): if test_mode=True, the function returns a boolean together with each encryption which reveals which mode of AES was used. If test_mode=False, encryption mode is not revealed. Returns: (if test_mode=False) string : the encryption using either AES_ECB or AES_CBC, and a random key (and IV, if applicable), of the concatenation of 'msg' with random pre/suffixes of small random length. (if test_mode=True) tuple (bool, string): string arg is as described in the case test_mode=False. bool arg is True if AES-ECB was used, False if AES-CBC was used. """ prefix = randMsg(5, 10) postfix = randMsg(5, 10) oracle = Oracle(None, prefix, postfix) coin = randint(0, 1) if coin: ciphertext = oracle.encryptECB(msg) else: ciphertext = oracle.encryptCBC(msg) if test_mode: return (coin, ciphertext) else: return ciphertext