fn print_usage() {
println!(
- r"{} genkey | tests | oracle-weak | oracle-fixed
+ r"{} [genkey | tests | oracle-weak | oracle-fixed]
genkey: Generate a 256 bits key
tests: launch some tests between a client and a weak server
oracle-weak: launch a padding oracle attack against a weak server
);
}
-fn main() {
+fn do_oracle_attack(address: &str, variant: packet::Variant) {
+ // 16 bytes encrypted data from 'Packet::random_packet_data([4])'.
+ let cypher_block: [u8, ..16] = [254, 9, 228, 149, 60, 42, 165, 34, 233, 75, 112, 57, 37, 9, 116, 103]; // Known by the attacker.
+ let xor_operand: [u8, ..16] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3]; // This is the IV or the previous 16 bytes cypherblock. In our case we took the IV.
+
+ let expected_clear_block: [u8, ..16] = [44, 92, 31, 98, 220, 84, 226, 53, 58, 94, 45, 25, 242, 6, 199, 1]; // To be found by the attacker.
+
+ match oracle_machine::decypher(address, PORT, &xor_operand, &cypher_block, variant) {
+ Some(ref decyphered) if decyphered.as_slice() == expected_clear_block => {
+ println!("The oracle machine has found the clear block!:");
+ println!(" Expected block: {}", expected_clear_block.to_vec());
+ println!(" Decrypted block: {}", decyphered)
+ }
+ Some(ref other) =>
+ println!("The oracle machine hasn't found the clear block: {}", other),
+ _ =>
+ println!("The oracle machine hasn't found the clear block"),
+ }
+}
+
+enum Mode {
+ Help,
+ ServerAlone,
+ GenKey,
+ Tests,
+ OracleWeak,
+ OracleFixed,
+}
+
+fn mode() -> Mode {
let args = os::args();
if args.iter().any(|a| a.as_slice() == "--help" || a.as_slice() == "-h") {
- print_usage();
- } else if args.len() > 1 && args[1].as_slice() == "genkey" {
- match crypto::generate_key(256 / 8) {
- Ok(key) => println!("key: {}", key),
- Err(e) => println!("Unable to generate a key. Error: {}", e)
- }
+ return Help
+ }
+
+ if args.len() <= 1 {
+ ServerAlone
} else {
- println!("Starting server...");
+ match args[1].as_slice() {
+ "genkey" => GenKey,
+ "tests" => Tests,
+ "oracle-weak" => OracleWeak,
+ "oracle-fixed" => OracleFixed,
+ _ => ServerAlone,
+ }
+ }
+}
- match Server::new("::1", PORT) {
- Ok(mut server) => {
- println!("Server started");
+fn main() {
+ let mode = mode();
+
+ match mode {
+ Help => print_usage(),
+ GenKey =>
+ match crypto::generate_key(256 / 8) {
+ Ok(key) => println!("key: {}", key),
+ Err(e) => println!("Unable to generate a key. Error: {}", e)
+ },
+ _ => {
+ let address = "::1";
+ println!("Starting server on [{}]:{}...", address, PORT);
- if args.len() > 1 && args[1].as_slice() == "tests" {
- Client::start_tests("::1", PORT);
- }
+ match Server::new(address, PORT, match mode { OracleFixed => packet::Fixed, _ => packet::Weak }) {
+ Ok(mut server) => {
+ println!("Server started");
- println!("Press any key to quit");
- io::stdin().read_line().ok().expect("Failed to read line");
+ match mode {
+ Tests => Client::start_tests(address, PORT, packet::Weak),
+ OracleWeak => do_oracle_attack(address, packet::Weak),
+ OracleFixed => do_oracle_attack(address, packet::Fixed),
+ _ => {
+ println!("Press any key to quit");
+ io::stdin().read_line().ok().expect("Failed to read line");
+ }
+ }
- server.close().ok().expect("Failed to close the server");
- },
- Err(e) =>
- println!("Unable to create a new server. Error: {}", e)
+ server.close().ok().expect("Failed to close the server");
+ },
+ Err(e) =>
+ println!("Unable to create a new server. Error: {}", e)
+ }
}
}
}