crypto-toolbox 0.2.6 → 0.2.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1123ac6ed9d5331c0c2201ba341b68a9841cbe92
-  data.tar.gz: 10885b70c101833936c9b687150737738e9e0d33
+  metadata.gz: 4b760901ea5c2ae1dea432a632e4d9d48e3bb58f
+  data.tar.gz: 866e4c2c574a4ad9f8a43891574087e74022d55f
 SHA512:
-  metadata.gz: 49add99b4bbba46bb5c7f25830a4eeeb52f2b9ab784edf1b8e2e9f572cba52b7085476494a2071b086ea14f4bcb95d55ed5a3cdd3f74f26f4d38304cd8aeab20
-  data.tar.gz: ad20f731508e0a281dc088775d05ca0973f80dcc61b2d1a9ab96b4195b5a055f14c1e2c494cdfb573567511bfd935fd02e0ab29e76b1c678081296446103d869
+  metadata.gz: 90b498603ff15a35d88d7c37295f9d45146ba69b58e3ca3c0348a45d40a61d053e9ea962d8388fa8e31e9879bdce5516857ca696c00e86217011c08585246a40
+  data.tar.gz: 4453d964ccd6f3c10dbf39102ee1cadabf1273d2e7cd0ac3c736bf7eeea0081448a27d716eb56edc19c901134622c0b4743ae8944f1dd96426b7e3feade1e794

data/bin/break-ecb-string-appender

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+
+require 'crypto-toolbox'
+require 'pry'
+require 'stackprof'
+
+
+suffix = plaintext =  Base64.decode64("Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkgaGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBqdXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUgYnkK")
+key       = "my-secret-key" 
+mode      = :ecb
+oracle    = Utils::EcbOracle.new(static_key: key,static_mode: mode,static_suffix: suffix,prepend: false, append: true) 
+
+
+StackProf.run(mode: :cpu, out: 'tmp/stackprof-ecb-decryption.dump') do
+  result = Matasano::Solver.new.solve12(oracle)
+  puts "\nBroke ECB! Result: \n#{result}\n" if result
+end
+
+
+
+

data/lib/crypto-toolbox.rb

@@ -2,6 +2,11 @@
 require 'crypto-toolbox/utils/reporting/console.rb'
 require 'crypto-toolbox/utils/hamming_distance_filter.rb'
 require 'crypto-toolbox/utils/ecb_detector.rb'
+require 'crypto-toolbox/utils/ecb_oracle.rb'
+
+require 'crypto-toolbox/oracles/user_profile_encryption_oracle.rb'
+
+
 
 require 'crypto-toolbox/crypt_buffer_input_converter.rb'
 require 'crypto-toolbox/crypt_buffer.rb'
@@ -12,9 +17,12 @@ require 'crypto-toolbox/analyzers/utils/ascii_language_detector.rb'
 require 'crypto-toolbox/analyzers/utils/spell_checker.rb'
 require 'crypto-toolbox/analyzers/utils/human_language_detector.rb'
 
+
 require 'crypto-toolbox/analyzers/padding_oracle.rb'
 require 'crypto-toolbox/analyzers/cbc_mac.rb'
 require 'crypto-toolbox/analyzers/vigenere_xor.rb'
+require 'crypto-toolbox/analyzers/ecb_string_appender.rb'
+
 
 require 'crypto-toolbox/ciphers/aes.rb'
 require 'crypto-toolbox/ciphers/caesar.rb'
@@ -23,4 +31,4 @@ require 'crypto-toolbox/ciphers/rot13.rb'
 require 'crypto-toolbox/forgers/stream_ciphers/forge_generator.rb'
 
 
-require 'crypto-toolbox/crypto_challanges/solver.rb'
+require 'crypto-toolbox/matasano/solver.rb'

data/lib/crypto-toolbox/analyzers/ecb_string_appender.rb

@@ -0,0 +1,207 @@
+module Analyzers
+
+  # Public: This analyzer attacks oracles that append any unknown string to
+  # its input messages and decrypts the appended string.
+  # In practice Email autoresponders sometimes append a data to a given input.
+  # Thus this analyzer can break any ecb encryption that works this way
+  #
+  # it is also capable of detecting prefixes created by the oracle and pad them
+  # to correctly analyze the target message
+  #
+
+  class EcbStringAppender
+
+    class DuplicateDecryptionDictionaryEntry < RuntimeError; end
+    
+    DUMMY = "A".freeze
+    PREFIX_PAD_DUMMY="P".freeze
+    MAX_KNOWN_BLOCK_LENGTH = 64 # 512 Bit block length
+    attr_reader :oracle
+
+    include ::Utils::Reporting::Console
+    
+    def initialize(oracle)
+      @oracle    = oracle
+      detect_block_size!
+      raise "None-ECB oracle" unless ::Utils::EcbDetector.new.is_ecb?(@oracle.encipher(DUMMY * (block_size * 6)))
+    end
+
+    
+    def analyze
+      analyze_oracle!
+      
+      suffix_block_ids.with_object("") do |block_id, hits|
+        each_block_position do |pos|
+          # stop as soon as we have all the bytes that are appended ( without and ciphermode padding )
+          break if hits.length >= real_suffix_length
+          hits << attempt_match(hits, block_id, pos)
+        end
+      end
+    end
+    
+    private
+    
+    # first we pre calculate all the data we can deduce from the oracle's behaviour
+    def analyze_oracle!
+      detect_prefix
+      detect_suffix
+    end
+
+    
+    # left align our attack vector
+    # this means full any left randomness to a full block
+    # example
+    #
+    # <random[0-16]> || <input-blocks[any]> || <target-data[any]>
+    def detect_prefix
+      # 0 * "X" == "" for no prefix
+      @prefix_pad    = PREFIX_PAD_DUMMY * calculate_prefix_length
+      @prefix_blocks = @prefix_pad.empty? ? 0 : 1
+      @prefix_bytes  = @prefix_blocks * block_size
+      jot("detected oracle prefix with length: #{@prefix_pad.length} (#{@prefix_blocks} blocks)",debug: true) unless @prefix_pad.empty?      
+    end
+
+    def detect_block_size!
+      @block_size = calculate_block_size
+    end
+    
+    def detect_suffix
+      @aligned_suffix_length ||= calculate_aligned_suffix_length
+      @suffix_blocks         ||= aligned_suffix_length / block_size
+      @real_suffix_length    ||= calculate_real_suffix_length(oracle,block_size,aligned_suffix_length) 
+    end
+
+    def block_size
+      @block_size 
+    end
+
+    def aligned_suffix_length
+      @aligned_suffix_length 
+    end
+    
+    def suffix_blocks
+      @suffix_blocks
+    end
+    
+    def real_suffix_length
+      @real_suffix_length 
+    end
+    
+    def each_block_position(&block)
+      1.upto(block_size,&block)
+    end
+
+
+    
+    def attempt_match(hits, block_id, pos)
+      msg = @prefix_pad + (DUMMY * (block_size - pos))
+      relevant_bytes = block_size * (block_id.succ)
+
+      # build a dictionary for the current dummy + all hits
+      # resulting in entries with block_size -1 length
+      dict   = assemble_dict(oracle,msg + hits,relevant_bytes)
+      result = @oracle.encipher(msg)[@prefix_bytes,relevant_bytes] # skip all prefix blocks
+
+      dict[result].tap do |match|
+        jot(match,debug: true,raw: true) unless match.nil?
+        if match.nil?
+          raise "Could not find dictonary entry for block #{block_id}, pos: #{pos}"
+        end
+      end
+    end
+    
+    
+    # calculate the block size by detecting the growth
+    # of the resulting ciphertext by sending messages
+    # which length increases by one until a change occurs
+    def calculate_block_size
+      char_amount = 1
+      base_length = @oracle.encipher(DUMMY * char_amount).length
+      result = nil
+      (1..MAX_KNOWN_BLOCK_LENGTH).each do |length|
+        new_length   = @oracle.encipher(DUMMY * char_amount).length
+        if new_length > base_length
+          result = new_length - base_length
+          break
+        end
+        char_amount += 1
+      end
+      result
+    end
+
+    # in case of a prefix some bytes of your 2 duplicate / redundant chars
+    # will be part of the first block, thus need to add enough extra chars
+    # to fill the first block containinig the random + unknown prefix with
+    # dummy chars to align it to the block length. 
+    def calculate_prefix_length
+      duplications = 2
+
+      (0..(block_size() -1)).each do |pad_length|
+        # construct a message like this:
+        # 1 <unknown-prefix>|| prefix_pad * DUMMY
+        # 2 DUMMY * (block_size)
+        # 3 DUMMY * (block_size)
+        # 4 - (n-1) Target Message
+        # 5: target_end + pkcs#7 padding
+        malicious_msg = (PREFIX_PAD_DUMMY * pad_length) + (DUMMY * (block_size * duplications)) 
+        ciphertext = @oracle.encipher(malicious_msg)
+        
+        return pad_length if block_is_left_aligned?(ciphertext,duplications)
+      end
+    end
+
+    # Check whether we need to pad any oracle prefix.
+    # For example: if the oracle prepends 7 bytes to all messages
+    # we have to add block_size - 7 bytes to "left-align" our messages
+    def block_is_left_aligned?(ciphertext,redundant_test_blocks)
+      total_blocks = ciphertext.length / block_size
+      uniq_blocks  = CryptBuffer(ciphertext).chunks_of(block_size).map(&:bytes).uniq.length
+
+      (total_blocks - uniq_blocks ) == (redundant_test_blocks -1) 
+    end
+    
+
+    def suffix_block_ids
+      0.upto(suffix_blocks.pred)
+    end
+    
+
+
+    # prefix_pad can be empty || then prefix_blocks is 0
+    # this results in the simple case of no prefix and no substraction
+    def calculate_aligned_suffix_length
+      # substract the prefix block if given
+      @oracle.encipher(@prefix_pad + "").length() - (@prefix_blocks * block_size)
+    end
+    
+    
+    def calculate_real_suffix_length(oracle,block_size,minimum_length)
+      # map has a smell, that is does not abort and thus create unnecessary
+      # requests... while, count++; break; smells even worse
+      (0..block_size).each do |i|
+        total_length = oracle.encipher(@prefix_pad + (DUMMY * i) ).length
+        result       = total_length - (@prefix_blocks * block_size )
+        if result > minimum_length
+          return minimum_length - (i-1)
+        end
+      end
+    end
+    
+    def assemble_dict(oracle,prefix,relevant_bytes)
+      # we could also iterate over all bytes, but as long as we decrypt plain english we can
+      # reduce the number of iterations by just checking printable chars
+      #   (0..255).map(&:chr).each_with_object({}) do |char,hsh|
+
+      # cache for performance
+      @chars ||= Analyzers::Utils::AsciiLanguageDetector.new.ascii_lingual_chars.map(&:chr)
+
+      @chars.each_with_object({}) do |char,hsh|
+        msg    = prefix + char
+        ciphertext = oracle.encipher(msg)[@prefix_bytes,relevant_bytes].freeze
+        raise DuplicateDecryptionDictionaryEntry,"ciphertext #{ciphertext} is alredy in the dictionary" if hsh.has_key?(ciphertext)
+        hsh[ciphertext] = char  # skip prefix blocks during [] access
+      end
+    end
+      
+  end
+end

data/lib/crypto-toolbox/ciphers/aes.rb

@@ -1,64 +1,88 @@
 module Ciphers
   class Aes
 
-    def initialize(keysize,mode)
-      @cipher = OpenSSL::Cipher::AES.new(keysize,mode)
+    def initialize(key_size: 128)
+      @key_size = key_size
+      @block_size_bits  = 128
+      @block_size_bytes = 16
     end
 
+    # NOTE convert ECB encryption to AES gem or both to openssl
     def decipher_ecb(key,input)
-      @cipher.decrypt
-      @cipher.key = key
-      (@cipher.update(input) + @cipher.final)
+      decipher_ecb_blockwise(CryptBuffer(key),CryptBuffer(input).chunks_of(@block_size_bytes))
     end
 
     def encipher_ecb(key,input)
-      @cipher.encrypt
-      @cipher.key = key
+      encipher_ecb_blockwise(CryptBuffer(key),CryptBuffer(input).chunks_of(@block_size_bytes))
+    end
+    
+    def encipher_cbc(key_str,input_str,iv: nil)
+      unicipher_cbc(:encipher,key_str,input_str,iv)
+    end
+    
+    def decipher_cbc(key_str,input_str,iv: nil)
+      unicipher_cbc(:decipher,key_str,input_str,iv)
+    end
+
 
-      encipher_ecb_blockwise(@cipher,CryptBuffer(input).chunks_of(16)) + @cipher.final
+    private
+
+    def encipher_ecb_blockwise(key,blocks)
+      blocks.map{|block| encipher_ecb_block(key,block)  }.join 
+    end
+
+    def encipher_ecb_block(key,block)
+      need_padding = block.length < @block_size_bytes
+      _,out = AES.encrypt(block.str, key.hex, {:format => :plain,:padding => need_padding,:cipher => "AES-#{@key_size}-ECB"})
+      out
+    end
+
+    def decipher_ecb_blockwise(key,blocks)
+      blocks.map{|block| decipher_ecb_block(key,block)  }.join 
+    end
+
+    def decipher_ecb_block(key,block)
+      need_padding = block.length < @block_size_bytes
+      AES.decrypt(["",block.str], key.hex, {:format => :plain,:padding => need_padding,:cipher => "AES-#{@key_size}-ECB"})
     end
     
-    def encipher_cbc(key,input,iv: nil)
-      blocks = CryptBuffer(input).chunks_of(16)
+    # this method is used for encipher and decipher since most of the code is identical
+    # only the value of the previous block and the internal ecb method differs
+    def unicipher_cbc(direction,key_str,input_str,iv)
+      method="#{direction.to_s}_cbc_block"
+      blocks = CryptBuffer(input_str).chunks_of(@block_size_bytes)
       iv   ||= blocks.shift.str
-      k      = CryptBuffer(key).hex
-      xor_input=iv.to_crypt_buffer
+      key    = CryptBuffer(key_str).hex
+      
+      prev_block=iv.to_crypt_buffer
 
-      data = blocks.map do |block|
-        xored = xor_input ^ block
+      blocks.map do |block|
+        ctext_block = send(method,key,block,prev_block) #encipher_cbc_block(key,block,prev_block)
+        if direction == :encipher
+          prev_block  = ctext_block
+        else
+          prev_block  = block
+        end
 
-        _,out = AES.encrypt(xored.str, k, {:format => :plain,:padding => false,:cipher => "AES-128-ECB",:iv => xor_input.str })
-        ecb_block = CryptBuffer(out)
-        xor_input = ecb_block
-        ecb_block.str
-      end.join
-      (data).to_crypt_buffer
+        ctext_block.str
+      end.join.to_crypt_buffer
     end
     
-    def decipher_cbc(key,input,iv: nil)
-      blocks   = CryptBuffer(input).chunks_of(16)
-      iv     ||= blocks.shift.str
-      k      = CryptBuffer(key).hex
-      xor_input=iv.to_crypt_buffer
+    def encipher_cbc_block(key,block,prev_block)
+      xored =  block ^ prev_block
+      need_padding = block.length != @block_size_bytes
       
-      data = blocks.map do |block|
-        out = ::AES.decrypt([xor_input.str,block.str] , k, {:format => :plain,:padding => false,:cipher => "AES-128-ECB",:iv => xor_input.str })
-        ecb_block = CryptBuffer(out)
-        result    = ecb_block ^ xor_input
-        xor_input = block
-        result.str
-      end.join
-      (data).to_crypt_buffer
-    end
-
-    private
-    def encipher_ecb_blockwise(crypter,blocks)
-      blocks.map{|block| encipher_ecb_block(block)  }.join 
+      _,out = AES.encrypt(xored.str, key, {:format => :plain,:padding => need_padding,:cipher => "AES-#{@key_size}-ECB",:iv => prev_block.str })
+      ecb_block = CryptBuffer(out)
     end
-
-    def encipher_ecb_block(crypter,block)
-      crypter.update(block.str)
+    def decipher_cbc_block(key,block,prev_block)
+      need_padding = block.length != @block_size_bytes
+      
+      out = ::AES.decrypt([prev_block.str,block.str] , key, {:format => :plain,:padding => need_padding,:cipher => "AES-#{@key_size}-ECB",:iv => prev_block.str })
+      ecb_block = CryptBuffer(out)
+      ecb_block ^ prev_block
     end
+    
   end
 end
 

data/lib/crypto-toolbox/crypt_buffer/concerns/convertable.rb

@@ -28,6 +28,9 @@ module CryptBufferConcern
       strict ?  Base64.strict_encode64(str) : Base64.encode64(str) 
     end
 
+    def to_crypt_buffer
+      self
+    end
     private
     def bytes2hex(bytes)
       bytes.map{|b| b.to_s(16)}.map{|hs| hs.length == 1 ? "0#{hs}" : hs  }.join

data/lib/crypto-toolbox/matasano/sets/set1.rb

@@ -0,0 +1,52 @@
+
+module Matasano
+  module Sets
+    module Set1
+      def solve1(input)
+        CryptBuffer.from_hex(input).base64
+      end
+      
+      def solve2(c1,c2)
+        (CryptBuffer.from_hex(c1) ^ CryptBuffer.from_hex(c2)).hex.downcase
+      end
+      
+      def solve3(input)
+        candidates = (1..256).map{ |guess| CryptBuffer.from_hex(input).xor_all_with(guess) }
+        detector = Analyzers::Utils::HumanLanguageDetector.new
+        
+        detector.human_language_entries(candidates).first.to_s
+      end
+
+      # challange:
+      # One of the 60-character strings in this file has been encrypted by single-character XOR.
+      def solve4(hexstrings)
+        detector = Analyzers::Utils::HumanLanguageDetector.new
+        result = hexstrings.map{|h| CryptBuffer.from_hex(h)}.map.with_index do |c,i|
+          candidates = (1..256).map{ |guess| c.xor_all_with(guess) }
+          matches = detector.human_language_entries(candidates)
+
+          matches.empty? ? nil : matches
+        end
+        result.flatten.compact.map(&:str).first
+      end
+      
+      def solve5(input,key)
+        CryptBuffer(input).xor(key,expand_input: true).hex
+      end
+
+      def solve6(input)
+        buffer = CryptBuffer.from_base64(input)
+        Analyzers::VigenereXor.new.analyze(buffer.hex,Analyzers::VigenereXor::HammingDistanceKeyLengthFinder.new)
+      end
+
+      def solve7(input,key)
+        data = CryptBuffer.from_base64(input).str
+        Ciphers::Aes.new.decipher_ecb(key,data)
+      end
+
+      def solve8(ciphers)
+        Utils::EcbDetector.new.detect(ciphers).first
+      end
+    end
+  end
+end

data/lib/crypto-toolbox/matasano/sets/set2.rb

@@ -0,0 +1,62 @@
+
+module Matasano
+  module Sets
+    module Set2
+      def solve9(input)
+        CryptBuffer(input).pad(4).str
+      end
+
+      def solve10(key,input,iv)
+        data  = CryptBuffer.from_base64(input).str
+        Ciphers::Aes.new.decipher_cbc(key,data,iv: iv).str
+      end
+      
+      def solve11(oracle,plaintext)
+        puts "see tests"
+      end
+      
+      def solve12(oracle)
+        Analyzers::EcbStringAppender.new(oracle).analyze
+      end
+
+      def solve13(key = SecureRandom.random_bytes(16) )
+        oracle = CryptoToolbox::Oracles::UserProfileEncryptionOracle.new(key)
+        
+        # blocks:
+        # 1) email=[...]@xy.
+        # 2) com&uid=10&role=
+        # 3) (guest|admin)[...]
+
+        block_size        = 16
+        prefix            = "email="
+        infix             = "&uid=10&role="
+        email_suffix      = "@xy.com" 
+        email_user_length = (2*block_size) - (prefix.length + infix.length + email_suffix.length)
+        email_user        = ("a".."z").to_a.sample(email_user_length).join
+        email_address     = email_user + email_suffix
+        ciphertext        = oracle.encrypted_profile_for(email_address)
+
+        # take the first to blocks of the meassage to have a ciphertext of everything up until role=
+        forgery_blocks,_  = ciphertext.to_crypt_buffer[0,2*block_size]
+
+        # Construct a ciphertext containinig three blocks, where the last block
+        # only contains admin...... where . is a valid padding:
+        # 1: email=aaaaaaaaaa
+        # 2: admin...........    . = 0xb
+        # 3: @whatever.com
+        target_role         = "admin"
+        padding_length      = (block_size - target_role.length())
+        malicious_username  = "aaaaaaaaaa#{target_role}".to_crypt_buffer.pad(padding_length).str + email_suffix
+        ciphertext2         = oracle.encrypted_profile_for(malicious_username)
+        role_chunk          = ciphertext2[block_size,block_size]
+
+        oracle.decrypt_profile(forgery_blocks.str + role_chunk)
+      end
+
+      def solve14(oracle)
+        Analyzers::EcbStringAppender.new(oracle).analyze
+      end
+
+    end
+  end
+end

data/lib/crypto-toolbox/matasano/solver.rb

@@ -0,0 +1,9 @@
+require 'crypto-toolbox/matasano/sets/set1.rb'
+require 'crypto-toolbox/matasano/sets/set2.rb'
+
+module Matasano
+  class Solver
+    include Matasano::Sets::Set1
+    include Matasano::Sets::Set2
+  end
+end

data/lib/crypto-toolbox/oracles/user_profile_encryption_oracle.rb

@@ -0,0 +1,28 @@
+module CryptoToolbox
+  module Oracles
+    class UserProfileEncryptionOracle
+      def initialize(key = SecureRandom.random_bytes(16) )
+        @key = key
+      end
+
+      def profile_for(email)
+        email.gsub!(/[&=]/,"") # sanitize meta chars
+        "email=#{email}&uid=10&role=guest"
+      end
+    
+      def parse_profile(string)
+        string.split("&").each_with_object({}){|pair,hsh| k,v = pair.split("="); hsh[k.to_sym] = v }
+      end
+      
+      def encrypted_profile_for(email)
+        Ciphers::Aes.new.encipher_ecb(@key,profile_for(email))
+      end
+
+      def decrypt_profile(ciphertext)
+        plaintext = Ciphers::Aes.new.decipher_ecb(@key,ciphertext).to_crypt_buffer.strip_padding.str
+        parse_profile(plaintext)
+      end
+
+    end
+  end
+end

data/lib/crypto-toolbox/utils/ecb_detector.rb

@@ -1,11 +1,27 @@
 module Utils
   class EcbDetector
+
+    def is_ecb?(ciphertext)
+      is_ecb_aligned?(CryptBuffer(ciphertext)) ||
+        is_ecb_unaligned?(CryptBuffer(ciphertext))
+    end
+    
     def detect(ciphers)
-      result = ciphers.map.with_index{|c,i| detect_ecb_entry(c,i) }
+      result = ciphers.map.with_index do|c,i|
+        ecb_mode?(c) ? [i,c] : []
+      end
       sanitize_result(result)
     end
 
     private
+
+    def is_ecb_aligned?(buffer)
+      ecb_mode?(buffer)
+    end
+
+    def is_ecb_unaligned?(buffer)
+      false
+    end
     
     def sanitize_result(result)
       result.reject(&:empty?)
@@ -16,14 +32,11 @@ module Utils
     def duplicate_chunk?(chunks)
       chunks.map(&:bytes).uniq.length < chunks.length
     end
-
-    def detect_ecb_entry(ciphertext,index)
-      if duplicate_chunk?(ciphertext.chunks_of(16))
-        [index,ciphertext]
-      else
-        []
-      end
+    
+    def ecb_mode?(ciphertext)
+      duplicate_chunk?(ciphertext.chunks_of(16))
     end
     
   end
 end
+

data/lib/crypto-toolbox/utils/ecb_oracle.rb

@@ -0,0 +1,65 @@
+module Utils
+  class EcbOracle
+    attr_reader :mode,:prefix,:suffix
+    
+    def initialize(static_key: nil,static_mode: nil,block_size: 128,static_prefix: nil,static_suffix: nil,append: false, prepend: false)
+      @key  = CryptBuffer(static_key)
+      @mode = static_mode
+      @iv   = nil
+      @c    = nil
+      @block_size = block_size
+      
+      @append  = append
+      @prepend = prepend
+      @suffix = static_suffix
+      @prefix = static_prefix
+    end
+    
+    def encipher(plaintext)
+      #support reproducable keys and mode
+      @key      ||= CryptBuffer.random(16)
+      @mode     ||= [:cbc,:ecb][SecureRandom.random_number(2)]
+      message   = pad_message(plaintext) 
+      method  = "encipher_#{@mode}".to_sym
+      # we dispatch the method to avoid if-else dispatches
+      # due to the difference of IV usage
+      @c = send(method,message)
+    end
+
+    private
+    
+    def pad_message(msg)
+      pad_range = (5..10).to_a
+      lpad_size = pad_range.sample
+      rpad_size = pad_range.sample
+      @prefix ||= SecureRandom.random_bytes(lpad_size)
+      @suffix ||= SecureRandom.random_bytes(rpad_size)
+
+      # NOTE PLEASE rewrite ME !!!
+      msg = @prefix + msg if prepend?
+      msg = msg + @suffix if append?
+      
+      msg
+    end
+    
+    def encipher_cbc(plaintext)
+      @iv     = CryptBuffer.random(16)
+      crypter = Ciphers::Aes.new
+      crypter.send(:encipher_cbc,@key,plaintext,iv: @iv.str)
+    end
+    
+    def encipher_ecb(plaintext)
+      crypter = Ciphers::Aes.new
+      crypter.send(:encipher_ecb,@key,plaintext)
+    end
+
+    private
+    def append?
+      @append == true
+    end
+    def prepend?
+      @prepend == true
+    end
+    
+  end
+end

data/lib/crypto-toolbox/utils/reporting/console.rb

@@ -3,14 +3,21 @@ module Utils
     module Console
       # Print to stdout with support of debug conditions
       # This is especially helpfull if the analysis fails or is too slow
-      def jot(message, debug: false)
+      def jot(message, debug: false,raw: false)
         if debug == false || ENV["DEBUG_ANALYSIS"]
-          puts message
+          raw ? print_raw(message) : print_nice(message)
         end
       end
       def print_delimiter_line
         puts "=====================================================================" 
       end
+
+      def print_raw(msg)
+        print msg
+      end
+      def print_nice(msg)
+        puts msg
+      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: crypto-toolbox
 version: !ruby/object:Gem::Version
-  version: 0.2.6
+  version: 0.2.7
 platform: ruby
 authors:
 - Dennis Sivia
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-20 00:00:00.000000000 Z
+date: 2015-05-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aes
@@ -45,16 +45,19 @@ executables:
 - break-vigenere-xor
 - break-padding-oracle
 - break-cbc-mac-variable-length
+- break-ecb-string-appender
 extensions: []
 extra_rdoc_files: []
 files:
 - bin/break-cbc-mac-variable-length
+- bin/break-ecb-string-appender
 - bin/break-padding-oracle
 - bin/break-vigenere-xor
 - lib/crypto-toolbox.rb
 - lib/crypto-toolbox/analyzers/cbc_mac.rb
 - lib/crypto-toolbox/analyzers/cbc_mac/variable_length/analyzer.rb
 - lib/crypto-toolbox/analyzers/cbc_mac/variable_length/oracles/tcp.rb
+- lib/crypto-toolbox/analyzers/ecb_string_appender.rb
 - lib/crypto-toolbox/analyzers/padding_oracle.rb
 - lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb
 - lib/crypto-toolbox/analyzers/padding_oracle/oracles/http_oracle.rb
@@ -80,9 +83,13 @@ files:
 - lib/crypto-toolbox/crypt_buffer/concerns/random.rb
 - lib/crypto-toolbox/crypt_buffer/concerns/xor.rb
 - lib/crypto-toolbox/crypt_buffer_input_converter.rb
-- lib/crypto-toolbox/crypto_challanges/solver.rb
 - lib/crypto-toolbox/forgers/stream_ciphers/forge_generator.rb
+- lib/crypto-toolbox/matasano/sets/set1.rb
+- lib/crypto-toolbox/matasano/sets/set2.rb
+- lib/crypto-toolbox/matasano/solver.rb
+- lib/crypto-toolbox/oracles/user_profile_encryption_oracle.rb
 - lib/crypto-toolbox/utils/ecb_detector.rb
+- lib/crypto-toolbox/utils/ecb_oracle.rb
 - lib/crypto-toolbox/utils/hamming_distance_filter.rb
 - lib/crypto-toolbox/utils/reporting/console.rb
 homepage: https://github.com/scepticulous/crypto-toolbox
@@ -110,3 +117,4 @@ signing_key:
 specification_version: 4
 summary: Toolbox for crypto analysis
 test_files: []
+has_rdoc: 

data/lib/crypto-toolbox/crypto_challanges/solver.rb

@@ -1,59 +0,0 @@
-
-module CryptoChallanges
-  class Solver
-    def solve1(input)
-      #CryptoChallanges::Set1::Challange1::Solver.run(input)
-      CryptBuffer.from_hex(input).base64
-    end
-    def solve2(c1,c2)
-      (CryptBuffer.from_hex(c1) ^ CryptBuffer.from_hex(c2)).hex.downcase
-    end
-    
-    def solve3(input)
-      candidates = (1..256).map{ |guess| CryptBuffer.from_hex(input).xor_all_with(guess) }
-      detector = Analyzers::Utils::HumanLanguageDetector.new
-      
-      detector.human_language_entries(candidates).first.to_s
-    end
-
-    # challange:
-    # One of the 60-character strings in this file has been encrypted by single-character XOR.
-    def solve4(hexstrings)
-      detector = Analyzers::Utils::HumanLanguageDetector.new
-      result = hexstrings.map{|h| CryptBuffer.from_hex(h)}.map.with_index do |c,i|
-        candidates = (1..256).map{ |guess| c.xor_all_with(guess) }
-        matches = detector.human_language_entries(candidates)
-
-        matches.empty? ? nil : matches
-      end
-      result.flatten.compact.map(&:str).first
-    end
-    
-    def solve5(input,key)
-      CryptBuffer(input).xor(key,expand_input: true).hex
-    end
-
-    def solve6(input)
-      buffer = CryptBuffer.from_base64(input)
-      Analyzers::VigenereXor.new.analyze(buffer.hex,Analyzers::VigenereXor::HammingDistanceKeyLengthFinder.new)
-    end
-
-    def solve7(input,key)
-      data = CryptBuffer.from_base64(input).str
-      Ciphers::Aes.new(128,:ECB).decipher_ecb(key,data)
-    end
-
-    def solve8(ciphers)
-      Utils::EcbDetector.new.detect(ciphers).first
-    end
-
-    def solve9(input)
-      CryptBuffer(input).pad(4).str
-    end
-
-    def solve10(key,input,iv)
-      data  = CryptBuffer.from_base64(input).str
-      Ciphers::Aes.new(128,:ECB).decipher_cbc(key,data,iv: iv).str
-    end
-  end
-end