crypto-toolbox 0.1.12 → 0.1.13

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 892b1c0437402343855d625ad56512dbb7ea973a
-  data.tar.gz: afb0e92074b090c3fc5c252e9fdd00b3cf94659d
+  metadata.gz: 6d44c3eb26aa94b3c7b941235ae67cfd42d1d7e4
+  data.tar.gz: 9e9c64094502898955d362e5fe5ff30d7563c056
 SHA512:
-  metadata.gz: 605c120ec492c10472f7119b62f46217b062d268a9c07818ea96da31365f3dd8cd392ef04e2d0278e321cb3271f17021afa66cec14af583e9f1de5b4620bfc53
-  data.tar.gz: 10cb8542f4a3fdf662622be45d03a417a336e968a5dee04317b5afc855e3e5165465f3ed8ec14fdee6ea833fb2312ae3a73d754ec3ba0f4fdd8e0e168746eb62
+  metadata.gz: 6b72ad40abe63b30723d5bc392ab470cdca4e4bf9d24fa5fbf7ad2ecb1b280b5a1d66c8753a548a9922c9df61e834e7f61d77bfd888fd6dd5780baf5ce862883
+  data.tar.gz: be527c12832e261bc5223262034ac8774b030383cb9ba1b28f751417ca68cb990e3f83e06f7951225c57a2d429ed4a3e12d9defc4a0acb3dd5c94de47b54aa1c

data/lib/crypto-toolbox.rb

@@ -6,6 +6,7 @@ require 'crypto-toolbox/crypt_buffer.rb'
 require 'crypto-toolbox/analyzers/utils/key_filter.rb'
 require 'crypto-toolbox/analyzers/utils/spell_checker.rb'
 require 'crypto-toolbox/analyzers/padding_oracle.rb'
+require 'crypto-toolbox/analyzers/cbc_mac.rb'
 require 'crypto-toolbox/analyzers/vigenere_xor.rb'
 
 

data/lib/crypto-toolbox/analyzers/cbc_mac.rb

@@ -0,0 +1 @@
+require 'crypto-toolbox/analyzers/cbc_mac/variable_length/analyzer.rb'

data/lib/crypto-toolbox/analyzers/cbc_mac/variable_length/analyzer.rb

@@ -0,0 +1,64 @@
+require 'crypto-toolbox/analyzers/cbc_mac/variable_length/oracles/tcp.rb'
+
+module Analyzers
+  module CbcMac
+    module VariableLength
+      
+      class Analyzer
+        # This class implements an attack on CBC-MAC with variable length. 
+        # This issue is known for a long time and thus should be avoided by any implementation.
+        # However this code shows how to forge a tag in this mode and can be seen das a PoC.
+        #
+        #
+        # Thanks to Matthew Green for this great article about the potential implementation problems
+        # of CBC-MAC: http://blog.cryptographyengineering.com/2013/02/why-i-hate-cbc-mac.html
+        #
+        # This class has the VL (variable length) suffix it its name
+        # to make100% clear that this attack works only on this condition
+        def initialize(oracle_class = ::Analyzers::CbcMac::VariableLength::Oracles::Tcp,block_length=32)
+          @oracle = oracle_class.new
+        end
+        # NOTE: handle too short messages properly
+        
+        def analyze(target_message)
+          @oracle.connect
+
+          #target_msg = "I, the server, hereby agree that I will pay $100 to this student"
+          target_bufs = CryptBuffer(target_message).chunks_of(32)
+
+          # add to_crypt_buffer to String!
+          target_tag1 = CryptBuffer(@oracle.mac(target_bufs[0].chars,target_bufs[0].length)) #.split("").map{|i| i.bytes.first }
+
+          # NOTE  t''  = m || [ (m_1' + t ) ||m_2'||...||m_x']
+          m2_blocks = target_bufs[1].chunks_of(16)
+          msg2 = CryptBuffer((m2_blocks[0].xor(target_tag1)).bytes + m2_blocks[1].bytes)
+
+          # @oracle.tag_for(msg2.chars,msg2.length)
+          forge_tag = @oracle.mac(msg2.chars,msg2.length)
+
+          # @oracle.verify(target_msg.chars, target_msg.length, forge_tag)
+          ret = @oracle.verify(target_message.chars, target_message.length, forge_tag)
+
+          
+          if forge_successfull?(ret)
+            puts "result is: #{CryptBuffer(forge_tag).hex}"
+            puts "Message verified successfully!"
+          else
+            puts "Message verification failed."
+          end
+          @oracle.disconnect
+        end
+        
+        private
+        
+        def forge_successfull?(retval)
+          retval == 1
+        end
+        
+      end
+      
+
+      
+    end
+  end
+end

data/lib/crypto-toolbox/analyzers/cbc_mac/variable_length/oracles/tcp.rb

@@ -0,0 +1,55 @@
+require 'socket'
+
+module Analyzers
+  module CbcMac
+    module VariableLength
+      module Oracles
+        class Tcp
+          def initialize(mac_host = '54.165.60.84', mac_port = 81, verify_host = '54.165.60.84', verify_port = 82)
+            @mac_host      = mac_host
+            @mac_port      = mac_port
+            @verify_host   = verify_host
+            @verify_port   = verify_port
+            @mac_socket    = nil
+            @verify_socket = nil
+          end
+          def connect
+            @mac_socket    = TCPSocket.open(@mac_host,@mac_port)
+            @verify_socket = TCPSocket.open(@verify_host,@verify_port)
+            #puts "Connected to server successfully."
+          end
+          def disconnect
+            @verify_socket.close if @verfiy_socket
+            @mac_socket.close    if @mac_socket
+          end
+
+          def mac(message,len)
+            connect unless @mac_socket
+
+            packet = ([message.length] + message + [0]).map(&:chr).join("")
+
+            @mac_socket.write(packet)
+            @mac_socket.read(16)
+          end
+
+          def verify(message,len,tag)
+            connect unless @verify_socket
+
+            # Message-length + message-chars + tag-chars + 0
+            packet = ([message.length] + message + tag.split("") + [0]).map(&:chr).join("")
+
+            @verify_socket.write(packet)
+            @verify_socket.read(2).to_i
+          end
+
+          
+        end
+      end
+    end
+  end
+end
+
+
+
+
+

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: crypto-toolbox
 version: !ruby/object:Gem::Version
-  version: 0.1.12
+  version: 0.1.13
 platform: ruby
 authors:
 - Dennis Sivia
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-23 00:00:00.000000000 Z
+date: 2015-04-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aes
@@ -50,6 +50,9 @@ files:
 - bin/break-padding-oracle
 - bin/break-vigenere-xor
 - lib/crypto-toolbox.rb
+- lib/crypto-toolbox/analyzers/cbc_mac.rb
+- lib/crypto-toolbox/analyzers/cbc_mac/variable_length/analyzer.rb
+- lib/crypto-toolbox/analyzers/cbc_mac/variable_length/oracles/tcp.rb
 - lib/crypto-toolbox/analyzers/padding_oracle.rb
 - lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb
 - lib/crypto-toolbox/analyzers/padding_oracle/oracles/http_oracle.rb