| 1 | #!/usr/bin/env python3 |
|---|
| 2 | |
|---|
| 3 | ''' |
|---|
| 4 | Sample library to create tokens vulnerable to padding oracle attacks |
|---|
| 5 | |
|---|
| 6 | Copyright (C) 2016-2017 Blindspot Security LLC |
|---|
| 7 | Author: Timothy D. Morgan |
|---|
| 8 | |
|---|
| 9 | This program is free software: you can redistribute it and/or modify |
|---|
| 10 | it under the terms of the GNU Lesser General Public License, version 3, |
|---|
| 11 | as published by the Free Software Foundation. |
|---|
| 12 | |
|---|
| 13 | This program is distributed in the hope that it will be useful, |
|---|
| 14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| 15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|---|
| 16 | GNU General Public License for more details. |
|---|
| 17 | |
|---|
| 18 | You should have received a copy of the GNU General Public License |
|---|
| 19 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
|---|
| 20 | ''' |
|---|
| 21 | |
|---|
| 22 | import time |
|---|
| 23 | import json |
|---|
| 24 | |
|---|
| 25 | from Crypto.Cipher import AES |
|---|
| 26 | from Crypto import Random |
|---|
| 27 | |
|---|
| 28 | from bletchley.buffertools import pkcs7PadBuffer,stripPKCS7Pad |
|---|
| 29 | from bletchley.blobtools import encodeChain,decodeChain |
|---|
| 30 | |
|---|
| 31 | |
|---|
| 32 | key = Random.new().read(32) # Never breaking AES256!!! |
|---|
| 33 | |
|---|
| 34 | |
|---|
| 35 | def encodeToken(ciphertext): |
|---|
| 36 | return encodeChain(['base64/rfc3548','percent/upper'], ciphertext) |
|---|
| 37 | |
|---|
| 38 | |
|---|
| 39 | def decodeToken(token): |
|---|
| 40 | return decodeChain(['percent/upper','base64/rfc3548'], token) |
|---|
| 41 | |
|---|
| 42 | |
|---|
| 43 | def _encrypt(plaintext): |
|---|
| 44 | iv = Random.new().read(AES.block_size) |
|---|
| 45 | cipher = AES.new(key, AES.MODE_CBC, iv) |
|---|
| 46 | ciphertext = iv + cipher.encrypt(pkcs7PadBuffer(plaintext.encode('utf-8'), AES.block_size)) |
|---|
| 47 | |
|---|
| 48 | return encodeToken(ciphertext) |
|---|
| 49 | |
|---|
| 50 | |
|---|
| 51 | def _decrypt(token): |
|---|
| 52 | plaintext = None |
|---|
| 53 | ciphertext = decodeToken(token) |
|---|
| 54 | iv = ciphertext[0:AES.block_size] |
|---|
| 55 | cipher = AES.new(key, AES.MODE_CBC, iv) |
|---|
| 56 | plaintext = stripPKCS7Pad(cipher.decrypt(ciphertext[AES.block_size:]), AES.block_size) |
|---|
| 57 | if plaintext == None: |
|---|
| 58 | raise Exception('Padding Error') |
|---|
| 59 | |
|---|
| 60 | return plaintext |
|---|
| 61 | |
|---|
| 62 | |
|---|
| 63 | def generateResetToken(user): |
|---|
| 64 | seven_days = 7*24*60*60 |
|---|
| 65 | reset_info = {'user':user,'expires':int(time.time()+seven_days)} |
|---|
| 66 | return _encrypt(json.dumps(reset_info)).decode('utf-8') |
|---|
| 67 | |
|---|
| 68 | |
|---|
| 69 | def validateResetToken(token): |
|---|
| 70 | try: |
|---|
| 71 | plaintext = _decrypt(token) |
|---|
| 72 | except Exception as e: |
|---|
| 73 | return (False, 'Reset Token Corrupt!') |
|---|
| 74 | |
|---|
| 75 | try: |
|---|
| 76 | decoded = plaintext.decode('utf-8') |
|---|
| 77 | except Exception as e: |
|---|
| 78 | return (False, 'Bad Token!') |
|---|
| 79 | |
|---|
| 80 | try: |
|---|
| 81 | reset_info = json.loads(decoded) |
|---|
| 82 | except Exception as e: |
|---|
| 83 | return (False, 'Parse Error!') |
|---|
| 84 | |
|---|
| 85 | if reset_info.get('expires', 0) < int(time.time()): |
|---|
| 86 | return (False, 'Token Expired!') |
|---|
| 87 | |
|---|
| 88 | return (True, reset_info) |
|---|
| 89 | |
|---|
| 90 | |
|---|
| 91 | if __name__ == "__main__": |
|---|
| 92 | token = generateResetToken('bob') |
|---|
| 93 | print(token) |
|---|
| 94 | print(validateResetToken(token)) |
|---|
