diff options
| -rw-r--r-- | lib/lib.c | 50 | ||||
| -rw-r--r-- | lib/lib.h | 4 | ||||
| -rw-r--r-- | lib/lib2.c | 55 | ||||
| -rw-r--r-- | lib/lib2.h | 4 | ||||
| -rw-r--r-- | set1/task1.c | 3 | ||||
| -rw-r--r-- | set1/task8.c | 27 | ||||
| -rw-r--r-- | set2/Makefile | 2 | ||||
| -rw-r--r-- | set2/task10.c | 4 | ||||
| -rw-r--r-- | set2/task11.c | 83 |
9 files changed, 188 insertions, 44 deletions
@@ -81,7 +81,6 @@ static void three_bytes_to_base64(char * encode, int bytes_to_print, char *resul // last six bit11s four = encode[2] & 0x3F; ret[3] = base64_encode[four]; - ret[4] = '\0'; if(bytes_to_print-- > 0) result[3] = ret[3]; } @@ -378,12 +377,11 @@ static int frequent_histogramm_matchs(char *string, int length) * encode the given string into base64 and stores it in result */ -void encode_to_base64(char *encode, char *result) +void encode_to_base64(char *encode, int length_encode, char *result) { - int length = strlen(encode); - int rounds = length / 3; - int bytes_last_round = length % 3; + int rounds = length_encode / 3; + int bytes_last_round = length_encode % 3; int i; for (i=0;i<rounds;i++) { @@ -391,11 +389,15 @@ void encode_to_base64(char *encode, char *result) } // in der letzen runde nicht mehr alle ausgeben // nur noch 3-leftover + result[rounds*4] = '\0'; + if (bytes_last_round > 0) { - three_bytes_to_base64(encode + i*3, 1+bytes_last_round, &result[i*4]); + three_bytes_to_base64(&encode[i*3], (4-bytes_last_round), &result[i*4]); + + for(i=bytes_last_round;i>=0;i--) + result[rounds*4+(4-bytes_last_round)] = '='; - for(i=0;i<(3-bytes_last_round);i++) - result[i*4+(1+bytes_last_round)] = '='; + result[rounds*4+4] = '\0'; } } @@ -522,3 +524,35 @@ int read_base64_file(const char *file, char **out) return file_pos; } + +int count_equal_blocks(char *string, int length_string, int blocksize) +{ + int number_blocks = length_string / blocksize; + printf("number_blocks: %i", number_blocks); + int hits = 0, i, j, k; + + for(i=0;i<number_blocks;i++) { + for(j=1;j<number_blocks;j++) { + for(k=0;k<blocksize;k++) { + if(string[i*blocksize+k] != string[j*blocksize+k]) + break; + if ( k == (blocksize-1)) + hits++; + } + } + } + printf("hits:%i\n", hits); + return hits; + +} + +int string_is_ecb_encrypted(char *string, int length_string, int blocksize) +{ + /** + * equal cleartext blocks results in equal ciphertext blocks + * in ECB mode, so basically we are just counting equal blocks... + */ + return (count_equal_blocks(string, length_string, blocksize) > (length_string/blocksize)); +} + + @@ -16,12 +16,14 @@ void print_char_bit(char); void xor_string(char *str1, char *key, char *result, int length_key, int length_str1); void hex_binary_to_string(char *str1, char *result, int length); int decode_hex_string(char *encode, char* result); -void encode_to_base64(char *encode, char *result); +void encode_to_base64(char *encode, int encode_lengt, char *result); int decode_base64(char *string1, char *result); void print_base64_string(char *string); int hamming_distance_equal_length(char *string1, char *string2, int length); char brute_force_single_byte_xor(char *string, int length, struct key_and_freq *tmp); int isprintable(char *string, int length); int read_base64_file(const char *file, char **out); +int string_is_ecb_encrypted(char *string, int length_string, int blocksize); + #endif /* __CYRPTO_LIB__ */ @@ -59,7 +59,7 @@ int valid_pkcs7_padding(const char *in, int length_in, char *unpadded, int block * @param string_key key with which the content in in has been decrypted * @param iv initalization vector */ -int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char *init_vector) +int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char *init_vector, int encrypt) { char iv[16]; AES_KEY key; @@ -69,22 +69,59 @@ int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char unsigned char tmp_after_aes[128+1]; unsigned char cleartext[128+1]; // set the key and bits - AES_set_decrypt_key(string_key, 128, &key); + if(encrypt) + AES_set_encrypt_key(string_key, 128, &key); + else + AES_set_decrypt_key(string_key, 128, &key); memcpy(init_vector, iv, 16); // implement cbc mode for(i=0;i<number_blocks;i++) { - //do aes decryption - AES_decrypt(&in[i*16], tmp_after_aes, &key); - // xor - xor_string(iv, tmp_after_aes, &out[i*16], 16, 16); - // this ciphertext block is the next iv - for(j=0;j<16;j++) { - iv[j] = in[i*16+j]; + if (!encrypt) { + //do aes decryption + AES_decrypt(&in[i*16], tmp_after_aes, &key); + // xor + xor_string(iv, tmp_after_aes, &out[i*16], 16, 16); + // this ciphertext block is the next iv + for(j=0;j<16;j++) { + iv[j] = in[i*16+j]; + } + } + else { + // first xor + xor_string(iv, &in[i*16], tmp_after_aes, 16, 16); + // aes encrypt + AES_encrypt(tmp_after_aes, &out[i*16], &key); + // ciphertext is next iv + for(j=0;j<16;j++) { + iv[j] = out[i*16+j]; + } } } return 0; } + +int aes_ecb(char *in, int length_in, char *out, unsigned char *string_key, + int blocksize, int encrypt) +{ + AES_KEY key; + int number_blocks = length_in / blocksize; + int i; + + if(encrypt) + AES_set_encrypt_key(string_key, blocksize, &key); + else + AES_set_decrypt_key(string_key, blocksize, &key); + + for(i=0;i<number_blocks;i++) { + if(encrypt) { + AES_encrypt(&in[i*blocksize], &out[i*blocksize],&key); + } + else { + AES_decrypt(&in[i*blocksize], &out[i*blocksize],&key); + } + } +} @@ -7,7 +7,9 @@ #include <openssl/aes.h> char *pkcs7_padding(char *string, int length_string, int blocksize); -int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char *init_vector); +int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char *init_vector, int encrypt); int valid_pkcs7_padding(const char *in, int length_in, char *unpadded, int blocksize); +int aes_ecb(char *in, int length_in, char *out, unsigned char *string_key, + int blocksize, int encrypt); #endif diff --git a/set1/task1.c b/set1/task1.c index 945964a..7d2a87a 100644 --- a/set1/task1.c +++ b/set1/task1.c @@ -6,12 +6,11 @@ int main(int argc, char **argv) if (argc != 2) return 0; - char *result = malloc(strlen(argv[1])); char *base64 = malloc(strlen(argv[1])); decode_hex_string(argv[1], result); - encode_to_base64(result, base64); + encode_to_base64(result, strlen(argv[1])/2, base64); printf("%s\n", base64); diff --git a/set1/task8.c b/set1/task8.c index 98b3380..d3aa8a8 100644 --- a/set1/task8.c +++ b/set1/task8.c @@ -4,9 +4,9 @@ int main(int arc, char **argv) { // detect AEC in ECB mode, do NOT break it - int number_blocks, i, j, k, read = 0; + int read = 0; size_t len = 0; - int max_hits = 0, hits = 0, line_number= 0, aes_ecb_line = 0; + int line_number= 0, aes_ecb_line = 0; char *line_hex = NULL; // read file FILE *f = fopen("8.txt", "r"); @@ -19,29 +19,12 @@ int main(int arc, char **argv) while( (read = getline(&line_hex, &len, f)) != -1) { // line is hex encoded char *line = malloc(read/2+1); - decode_hex_string(line_hex, line); - - number_blocks = read / 2 / 16; - // count 16 byte blocks which are equal - for(i=0;i<number_blocks;i++) { - for(j=1;j<number_blocks;j++) { - for(k=0;k<16;k++) { - if(line[i*16+k] != line[j*16+k]) - break; - - if ( k == 15) - hits++; - } - } - } - printf("line: %i, hits: %i\n", line_number, hits); - if (hits > max_hits) { - max_hits = hits; + printf("line %i: ", line_number); + if (string_is_ecb_encrypted(line, read/2+1, 16)) { aes_ecb_line = line_number; } line_number++; - hits = 0; free(line_hex); free(line); // set line and len to null @@ -49,7 +32,7 @@ int main(int arc, char **argv) len = 0; } - printf("found AES-128-ECB at line: %i\n with %i hits", aes_ecb_line, max_hits); + printf("found AES-128-ECB at line: %i\n", aes_ecb_line); return 0; } diff --git a/set2/Makefile b/set2/Makefile index 1f8f890..9c5f43e 100644 --- a/set2/Makefile +++ b/set2/Makefile @@ -9,6 +9,8 @@ task9: $(CC) $(CFLAGS) task9.c $(LIB) $(CLIBS) -o task9 task10: $(CC) $(CFLAGS) task10.c $(LIB) $(CLIBS) -o task10 +task11: + $(CC) $(CFLAGS) task11.c $(LIB) $(CLIBS) -o task11 task15: $(CC) $(CFLAGS) task15.c $(LIB) $(CLIBS) -o task15 clean: diff --git a/set2/task10.c b/set2/task10.c index fb8d0c1..19a7235 100644 --- a/set2/task10.c +++ b/set2/task10.c @@ -22,8 +22,10 @@ int main(int argc, char **argv) decoded_content_length = decode_base64(file_content, decoded_content); cleartext = malloc(decoded_content_length+1); // aes cbc - aes_cbc(decoded_content, decoded_content_length, cleartext, string_key, iv); + aes_cbc(decoded_content, decoded_content_length, cleartext, string_key, iv, 0); printf("%s\n", cleartext); + + free(decoded_content); free(cleartext); return 0; diff --git a/set2/task11.c b/set2/task11.c new file mode 100644 index 0000000..60483e0 --- /dev/null +++ b/set2/task11.c @@ -0,0 +1,83 @@ +#include "../lib/lib2.h" +#include "../lib/lib.h" + +int random_number_between(int min, int max) +{ + return (rand() % (max-min) + min); +} + + +int generate_random_bytes(char *buf, int length_key_bytes) +{ + int random_number; + int i; + for(i=0;i<length_key_bytes;i++) { + buf[i] = (char) random_number_between(0,255); + } + +} + +char *encrypt_with_random_bytes(char *toencrypt, int length, int ecb) +{ + int toappend_before = random_number_between(5,10); + int toappend_after= random_number_between(5,10); + + char random_bytes[10]; + char key[16]; + + char *result = malloc(length+toappend_before+toappend_after+1); + char *ciphertext = malloc(length+toappend_before+toappend_after+1); + + generate_random_bytes(random_bytes, toappend_before); + + memcpy(result, random_bytes, toappend_before); + memcpy(&result[toappend_before], toencrypt, length); + + generate_random_bytes(random_bytes, toappend_after); + + memcpy(&result[length+toappend_before], random_bytes, toappend_after); + + generate_random_bytes(key, 16); + + + if(ecb) + aes_ecb(result, (length+toappend_before+toappend_after), ciphertext, key, 128, 1); + else { + char iv[16]; + memset(iv, 0, 16); + aes_cbc(result, (length+toappend_before+toappend_after), ciphertext, key, iv, 1); + } + + return ciphertext; +} + +int main(int argc, char **argv) +{ + // set seed +// srand(1); + int i; + // encrypt ecb mode + char *cleartext = "Ok, dann mach ich mal einen richtigen Satz. Vielleicht ist das ECB mit so vielen gleichen Bloecken total ueberfordert. Oder der Satz muss einfach laenger sein. Man brauch also wirklich wohl erstmal ein bisschen Text, bevor man ECB erkennen kann"; + char *ciphertext; + char *ciphertext_cbc; + char iv[16]; + + memset(iv, 0, 16); + + ciphertext = encrypt_with_random_bytes(cleartext, strlen(cleartext), 1); + ciphertext_cbc = encrypt_with_random_bytes(cleartext, strlen(cleartext), 0); + //aes_ecb(cleartext, strlen(cleartext), ciphertext, "BUMMS", 128, 1); + //aes_cbc(cleartext, strlen(cleartext), ciphertext_cbc, "BUMMS", iv, 1); + + if(string_is_ecb_encrypted(ciphertext_cbc, strlen(cleartext), 16)) + printf("Das ist wohl ECB (ist es aber nicht!)\n"); + + if(string_is_ecb_encrypted(ciphertext, strlen(cleartext), 16)) + printf("Das ist wohl ECB (richtig)\n"); +/* + for(i=0;i<strlen(cleartext);i++) + printf("%c", ciphertext_cbc[i]); + +*/ + return 0; +} |