commit 2c14f2e2a1a97bba3f48503feb90661ec9a5876e
parent 34d51f1d77f4f0a9b59aa6b81a266f541283c9fc
Author: mpizzzle <michael.770211@gmail.com>
Date: Mon, 30 Oct 2017 17:55:46 +0000
padding validation wasn't checking last byte, algorithm now fixed
Diffstat:
3 files changed, 7 insertions(+), 12 deletions(-)
diff --git a/set2/cbc_bitflipping_attacks.py b/set2/cbc_bitflipping_attacks.py
@@ -2,11 +2,8 @@ import re
from Crypto.Cipher import AES
from Crypto import Random
-def random_key():
- return Random.new().read(AES.block_size)
-
-key = random_key()
-iv = random_key()
+key = Random.new().read(AES.block_size)
+iv = Random.new().read(AES.block_size)
def encrypt(msg):
pad_len = AES.block_size - (len(msg) % AES.block_size)
diff --git a/set2/ecb_cut_and_paste.py b/set2/ecb_cut_and_paste.py
@@ -2,10 +2,7 @@ import re
from Crypto.Cipher import AES
from Crypto import Random
-def random_key():
- return Random.new().read(AES.block_size)
-
-key = random_key()
+key = Random.new().read(AES.block_size)
def encrypt(msg):
pad_len = AES.block_size - (len(msg) % AES.block_size)
diff --git a/set2/pkcs7_padding_validation.py b/set2/pkcs7_padding_validation.py
@@ -5,10 +5,11 @@ def pkcs7_padding(msg):
return msg + ''.join([chr(pad_len) for x in range(pad_len)])
def pkcs7_padding_stripper(msg):
- for char in msg[:len(msg) - ord(msg[len(msg) - 1]) : -1]:
- if char != msg[len(msg) - 1]:
+ if ord(msg[len(msg) - 1]) > AES.block_size or ord(msg[len(msg) - 1]) == 0:
+ raise Exception("invalid pkcs7 padding")
+ for c in msg[:len(msg) - ord(msg[len(msg) - 1]) - 1 : -1]:
+ if c != msg[len(msg) - 1]:
raise Exception("invalid pkcs7 padding")
-
return msg[:len(msg) - ord(msg[len(msg) - 1])]
plaintext = "YELLOW SUBMARINE"
