1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
#include "lib3.h"
#include "lib2.h"
#include "lib.h"
#define NR_STIRNGS_CHALLENGE17 10
char *challenge17_encrypt(int *length)
{
int i, t;
char **string;
char **decoded;
string = malloc(sizeof(char *)*NR_STIRNGS_CHALLENGE17);
decoded = malloc(sizeof(char *)*NR_STIRNGS_CHALLENGE17);
char filename[] = "task17_0";
for(i=0;i<10;i++) {
filename[strlen(filename)-1] = (char) (i+'0');
t = read_base64_file(filename, &string[i]);
decoded[i] = malloc(t);
length[i] = decode_base64(string[i], decoded[i]);
printf("read: %s\n", string[i]);
}
// choose one randomly
int random = rand() % NR_STIRNGS_CHALLENGE17;
int padding;
printf("plaintext: %s\n", string[random]);
*length = strlen(string[random]);
char *padded_string = __pkcs7_padding(string[random], *length, 16, &padding);
char *encrypted = malloc(strlen(padded_string));
*length += padding;
aes_cbc(padded_string, strlen(padded_string), encrypted, key, iv, 1);
return encrypted;
}
int cbc_padding_oracle(char *encrypted, int length)
{
char *decrypted = malloc(length);
char *unpadded= malloc(length);
aes_cbc(encrypted, length, decrypted, key, iv, 0);
int valid = valid_pkcs7_padding(decrypted, length, unpadded, 16);
free(decrypted);
free(unpadded);
return valid;
}
int convert_to_little_endian(char *string)
{
}
/**
* format is: 64 nonce concat with 64 bit counter
* calle has to make sure that nonce is at least 8 bytes
* its all little endian
*/
int aes_ctr(char *in, int length_in, char *out, char *string_key, char *nonce)
{
long counter;
unsigned char tmp[16];
char keystream[16];
long nr_blocks = length_in / BLOCKSIZE;
int length_last_block = length_in % BLOCKSIZE;
memcpy(tmp, nonce, 16);
for(counter=0;counter<nr_blocks-1;counter++) {
// right now it only works for 256 block :P
tmp[8] = counter % 256;
// encrypt nonce and counter and produce keystream
aes_ecb(tmp, 16, keystream, string_key, 16, 1);
// xor against keystream to encrpy/decrypt
xor_string(&in[counter*BLOCKSIZE], keystream, &out[counter*BLOCKSIZE], 16, 16);
}
// do last block
tmp[8] = counter % 256;
aes_ecb(tmp, 16, keystream, string_key, 16, 1);
xor_string(&in[counter*BLOCKSIZE], keystream, &out[counter*BLOCKSIZE],
16, length_last_block);
}
|
