Changeset 66 for trunk


Ignore:
Timestamp:
11/04/13 11:54:59 (11 years ago)
Author:
tmorgan
Message:

added Microsoft-style intpad notation for base64

Location:
trunk/lib/bletchley
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/bletchley/CBC/__init__.py

    r58 r66  
    6666         otherwise.  This function should implement the prototype:
    6767           def myOracle(ciphertext, iv): ...
    68          If the initialization vector (iv) is unknown is not included in
    69          the ciphertext message, it can be ignored in the oracle
     68         If the initialization vector (iv) is unknown or not included in
     69         the ciphertext message, it can be ignored in your oracle
    7070         implementation (though some limitations will result from this).
    7171

  • trunk/lib/bletchley/blobtools.py

    r65 r66  
    22A collection of tools to assist in analyzing encrypted blobs of data
    33
    4 Copyright (C) 2011-2012 Virtual Security Research, LLC
     4Copyright (C) 2011-2013 Virtual Security Research, LLC
    55Author: Timothy D. Morgan, Jason A. Donenfeld
    66
     
    165165            blob = blob.replace(bytes([c]), b'')
    166166
    167         nopad = blob.rstrip(self.pad)
     167        if self.dialect.endswith('intpad'):
     168            if blob[-1] not in b'012':
     169                return False
     170            nopad = blob[:-1]
     171            padlen = blob[-1] - 48 # see the ascii table
     172        else:
     173            nopad = blob.rstrip(self.pad)
     174            padlen = len(blob) - len(nopad)
     175
     176        # what the pad length ought to be
    168177        padlen_guess = self._guessPadLength(len(nopad))
    169178        if padlen_guess == None:
     
    176185        # pad must not appear in the middle of the
    177186        # string and must be the correct length at the end
    178         return (self.pad not in nopad) and (len(blob) == len(nopad)+padlen_guess)
     187        return (self.pad not in nopad) and (padlen == padlen_guess)
    179188
    180189    def decode(self, blob):
     
    182191            blob = blob.replace(bytes(c), b'')
    183192
     193        if self.dialect.endswith('intpad'):
     194            padlen = blob[-1] - 48 # see the ascii table
     195            padlen_guess = self._guessPadLength(len(blob[:-1]))
     196            if padlen != padlen_guess:
     197                raise Exception("Invalid length for int-padded base64 string. (%d != %d)"
     198                                % (padlen, padlen_guess))
     199
     200            blob = blob[:-1] + (self.pad*padlen)
     201
    184202        if self.dialect.endswith('nopad'):
    185203            if self.pad in blob:
     
    208226        if ret_val != None and self.dialect.endswith('nopad'):
    209227            ret_val = ret_val.rstrip(self.pad)
     228
     229        if ret_val != None and self.dialect.endswith('intpad'):
     230            stripped = ret_val.rstrip(self.pad)
     231            ret_val = stripped + ("%d" % (len(ret_val) - len(stripped))).encode('utf-8')
    210232
    211233        return ret_val
     
    337359        return _percentEncode(blob, plus=plus, upper=upper)
    338360
    339 
     361# XXX: need a better way to organize these with the possible combinations of dialects, padding, etc
     362#      for instance, can we have rfc3548-newline-nopad ?
    340363priorities = [
    341364    (hexEncoding, 'upper', 100),
     
    349372    (base64Encoding, 'rfc3548-nopad', 201),
    350373    (base64Encoding, 'rfc3548-newline', 202),
     374    (base64Encoding, 'rfc3548-intpad', 203),
    351375    (base64Encoding, 'filename', 210),
    352376    (base64Encoding, 'filename-nopad', 211),
     377    (base64Encoding, 'filename-intpad', 212),
    353378    (base64Encoding, 'url1', 230),
    354379    (base64Encoding, 'url1-nopad', 231),
     380    (base64Encoding, 'url1-intpad', 232),
    355381    (base64Encoding, 'otkurl', 235),
    356382    (base64Encoding, 'otkurl-nopad', 236),
     383    (base64Encoding, 'otkurl-intpad', 237),
    357384    (base64Encoding, 'url2', 240),
    358385    (base64Encoding, 'url2-nopad', 241),
     386    (base64Encoding, 'url2-intpad', 242),
    359387    (base64Encoding, 'url3', 250),
    360388    (base64Encoding, 'url3-nopad', 251),
     389    (base64Encoding, 'url3-intpad', 252),
    361390    (base64Encoding, 'url4', 260),
    362391    (base64Encoding, 'url4-nopad', 261),
     392    (base64Encoding, 'url4-intpad', 262),
    363393    (base64Encoding, 'url5', 265),
    364394    (base64Encoding, 'url5-nopad', 266),
     395    (base64Encoding, 'url5-intpad', 267),
    365396    (base64Encoding, 'url6', 267),
    366397    (base64Encoding, 'url6-nopad', 268),
     398    (base64Encoding, 'url6-intpad', 269),
    367399    (base64Encoding, 'xmlnmtoken', 270),
    368400    (base64Encoding, 'xmlnmtoken-nopad', 271),
     401    (base64Encoding, 'xmlnmtoken-intpad', 272),
    369402    (base64Encoding, 'xmlname', 280),
    370403    (base64Encoding, 'xmlname-nopad', 281),
     404    (base64Encoding, 'xmlname-intpad', 282),
    371405    (percentEncoding, 'upper-plus', 400),
    372406    (percentEncoding, 'upper', 401),
Note: See TracChangeset for help on using the changeset viewer.