-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathoracle.py
57 lines (40 loc) · 1.34 KB
/
oracle.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
import os
KEY_LENGTH = 16 # AES128
BLOCK_SIZE = (algorithms.AES.block_size)//8
AES = algorithms.AES
CBC = modes.CBC
_backend = default_backend()
_key = os.urandom(KEY_LENGTH)
def _add_padding(msg):
pad_len = BLOCK_SIZE - (len(msg) % BLOCK_SIZE)
padding = bytes([pad_len]) * pad_len
return msg + padding
def _remove_padding(data):
pad_len = data[-1]
if pad_len < 1 or pad_len > BLOCK_SIZE:
return None
for i in range(1, pad_len):
if data[-i-1] != pad_len:
return None
return data[:-pad_len]
def encrypt(msg):
iv = os.urandom(BLOCK_SIZE)
cipher = Cipher(AES(_key), CBC(iv), _backend)
encryptor = cipher.encryptor()
ciphertext = encryptor.update(_add_padding(msg)) + encryptor.finalize()
return iv + ciphertext
def _decrypt(data):
iv = data[:BLOCK_SIZE]
cipher = Cipher(AES(_key), CBC(iv), _backend)
decryptor = cipher.decryptor()
decrypted = decryptor.update(data[BLOCK_SIZE:]) + decryptor.finalize()
return _remove_padding(decrypted)
def is_padding_ok(data):
return _decrypt(data) is not None
if __name__ == '__main__':
#print("decrypted message:", _decrypt( ciphertext ) )
print(BLOCK_SIZE)
print("USE attack.py!!")