Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
ashutosh1206
GitHub Repository: ashutosh1206/crypton
 Path: blob/master/Block-Cipher/Attack-CBC-Bit-Flipping/Challenges/CNVService/AES_CNV_COOKIE.py
1402 views
1
from hashlib import md5

2
from base64 import b64decode

3
from base64 import b64encode

4
from Crypto.Cipher import AES

5
from time import ctime

6
from Secret import __HIDDEN__, __SECRET__

7


8
BLOCK_SIZE = 16

9


10
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * \

11
                chr(BLOCK_SIZE - len(s) % BLOCK_SIZE)

12
unpad = lambda s: s[:-ord(s[len(s) - 1:])]

13


14
def xor(dest, src):

15
    if len(dest) == 0:

16
        return src

17
    elif len(src) == 0:

18
        return dest

19
    elif len(dest) >= len(src):

20
        return ''.join(chr(ord(dest[i])^ord(src[i])) for i in range(len(src)))

21
    else:

22
        return ''.join(chr(ord(dest[i])^ord(src[i])) for i in range(len(dest)))

23


24


25
class AES_CNV:

26


27
    def __init__(self, key):

28
        assert len(key) == BLOCK_SIZE

29
        self.key = key

30


31
    def encrypt(self, plain_text, iv):

32
        assert len(iv) == 16

33
        plain_text = pad(plain_text)

34
        assert len(plain_text)%BLOCK_SIZE == 0

35
        cipher_text = ''

36
        aes = AES.new(self.key, AES.MODE_ECB)

37
        h = iv

38
        for i in range(len(plain_text)//BLOCK_SIZE):

39
            block = plain_text[i*16:i*16+16]

40
            block = xor(block, h)

41
            cipher_block = aes.encrypt(block)

42
            cipher_text += cipher_block

43
            h = md5(cipher_block).digest()

44
        return iv+cipher_text

45


46
    def decrypt(self, cipher_text):

47
        assert len(cipher_text)%BLOCK_SIZE == 0

48
        iv = cipher_text[:16]

49
        cipher_text = cipher_text[16:]

50
        aes = AES.new(self.key, AES.MODE_ECB)

51
        h = iv

52
        plain_text = ''

53
        for i in range(len(cipher_text)//BLOCK_SIZE):

54
            block = cipher_text[i*16:i*16+16]

55
            plain_block = aes.decrypt(block)

56
            plain_block = xor(plain_block, h)

57
            plain_text += plain_block

58
            h = md5(block).digest()

59
        return unpad(plain_text)

60


61
class Cookie:

62


63
    def __init__(self, key):

64
        assert len(key) == BLOCK_SIZE

65
        self.key = key

66


67
    def register(self, name, username):

68
        name = pad(name)

69
        iv = xor(name, md5(__HIDDEN__).digest())

70
        cookie = "CNVService" + "*" + "user="+ username + "*" + ctime() + "*" + __SECRET__

71
        aescnv = AES_CNV(self.key)

72
        cookie = aescnv.encrypt(cookie, iv)

73
        return b64encode(cookie)

74


75
    def authentication(self, cookie):

76
        cookie = b64decode(cookie)

77
        name = cookie[:16]

78
        name = xor(name, md5(__HIDDEN__).digest())

79
        if ord(name[-1]) < 16:

80
            name = unpad(name)

81
        aescnv = AES_CNV(self.key)

82
        cookie = aescnv.decrypt(cookie)

83
        info = cookie.split("*")

84
        if info[0] != "CNVService":

85
            return None, None, None

86
        elif info[-1] != __SECRET__:

87
            return None, None, None

88
        elif "user=" != info[1][:5]:

89
            return None, None, None

90
        elif len(info[1].split("=")) == 2:

91
            return name, info[1].split("=")[1], info[2]

92
        else:

93
            return None, None, None

94


95