use std::io;
-use std::io::{ TcpStream };
-use std::iter::{ range_inclusive };
+use std::io::TcpStream;
+use std::iter::range_inclusive;
use std::slice::bytes::copy_memory;
use packet;
use packet::{ Packet, Error };
use end_point::EndPoint;
-/// Try to decypher a cyphered data block by using the previous xor operand and an oracle on the provided address and port.
-/// May prints some message on the stdout.
-pub fn decypher(address: &str, port: u16, original_xor_operand: &[u8, ..16], cypherblock: &[u8, ..16], variant: packet::Variant) -> Option<Vec<u8>> {
+/// Try to decipher a ciphered data block by using the previous XOR operand and an oracle on the provided address and port.
+/// May print some message on stdout.
+pub fn decipher(address: &str, port: u16, original_xor_operand: &[u8, ..16], cipherblock: &[u8, ..16], variant: packet::Variant) -> Option<Vec<u8>> {
let mut end_point = EndPoint::new(
match TcpStream::connect(address, port) {
Ok(s) => s,
variant,
);
+ // See 'packet::Packet' documentation for a complete description about the binary packet structure.
let mut final_packet = [0u8, ..2 + 1 + 8 + 32 + 10];
- final_packet[1] = 1 + 8 + 32 + 10; // Data length.
- copy_memory(final_packet.slice_mut(2 + 1 + 8 + 16, 2 + 1 + 8 + 32), cypherblock);
+ final_packet[1] = (final_packet.len() as u8) - 2; // Data length.
+ copy_memory(final_packet.slice_mut(2 + 1 + 8 + 16, 2 + 1 + 8 + 32), cipherblock);
- let mut decypher_block = [0u8, ..16]; // The result.
- let mut x_prime_block = [0u8, ..16]; // The cypher block ('cypherblock') after AES and before XOR.
+ let mut decipher_block = [0u8, ..16]; // The result.
+ let mut x_prime_block = [0u8, ..16]; // The cipher block ('cipherblock') after AES and before XOR.
let mut current_timestamp = 0u64;
let mut first_byte = 0u8; // Used to save the first byte for the first iteration.
forged_xor_operand(&mut final_packet)[byte] = v;
match end_point.send_raw_with_result(final_packet) {
- Ok(Ok(Packet { t: Error(packet::AuthError), .. })) => {
+ Ok(Ok(p @ Packet { t: Error(packet::AuthError), .. })) => {
+ println!("We received a MAC Error: {}", p);
// If we already got a MAC mismatch for the first byte then the second byte is incremented and the loop is replayed.
if byte == 15 && get_mac_mismatch_error {
let padding_value = 16 - byte;
x_prime_block[byte] = v ^ (padding_value as u8);
- decypher_block[byte] = x_prime_block[byte] ^ original_xor_operand[byte];
+ decipher_block[byte] = x_prime_block[byte] ^ original_xor_operand[byte];
- // We set the processed bytes of the forged XOR operand to have the next padding value.
+ // We set the processed bytes of the forged XOR operand to have the next padding value (2, 3, 4, etc..).
for i in range(16 - padding_value, 16) {
forged_xor_operand(&mut final_packet)[i] = x_prime_block[i] ^ ((padding_value as u8) + 1);
}
- // Special case for the first byte: we have to test all the values.
+ // Special case for the first byte: we have to test all the values to avoid a valid padding
+ // which is not [.., 0x01], for instance [.., 0x02, 0x02]. It's a very rare case but not impossible.
if byte == 15 {
first_byte = forged_xor_operand(&mut final_packet)[15];
} else {
byte -= 1;
}
- Some(decypher_block.to_vec())
+ Some(decipher_block.to_vec())
}
\ No newline at end of file
projects / crypto_lab1.git / blobdiff