int accept_token_server()
{
FILE *fp_in;
fp_in = fopen("token.txt", "r");
//determine the length of the file
fseek(fp_in, 0, SEEK_END);
int token_len = ftell(fp_in);
//file is hex encoded so we only need half the file length for allocation
token_len = token_len/2;
rewind(fp_in);
//allocate space for the ciphertext token and plaintext
unsigned char *ciphertext = (unsigned char *)calloc(token_len, sizeof(char));
unsigned char *plaintext = (unsigned char *)calloc(token_len, sizeof(char));
int i;
//read the file into a buffer
for(i=0; i<token_len; i++)
{
fscanf(fp_in, "%2hhx", ciphertext+i);
}
//the first 16 bytes are our prepended iv
unsigned char iv[16];
for(i=0; i<16; i++)
{
iv[i]=ciphertext[i];
}
//decrypt the ciphertext
int plaintext_len = decrypt_cbc(ciphertext+16, token_len-16, key, iv, plaintext);
return pkcs7_check_strip(plaintext, token_len-16);
}
int SelfTestGost14Cbc()
{
const size_t svLen = sizeof(kSeltTestGost14CbcSV) / sizeof(kSeltTestGost14CbcSV[0]);
unsigned char outText[textLen14];
unsigned char outTextDec[textLen14];
unsigned char ctx[kCbc14ContextLen];
if (init_cbc_14_impl(kSeltTestGost14MasterKeyData, ctx, kSeltTestGost14CbcSV, svLen))
return -1;
if (encrypt_cbc(ctx, kSeltTestGost14PlainText, outText, textLen14))
return -1;
free_cbc(ctx);
if (init_cbc_14_impl(kSeltTestGost14MasterKeyData, ctx, kSeltTestGost14CbcSV, svLen))
return -1;
if (decrypt_cbc(ctx, outText, outTextDec, textLen14))
return -1;
free_cbc(ctx);
if (memcmp(outTextDec, kSeltTestGost14PlainText, textLen14))
return -1;
return memcmp(outText, kSeltTestGost14CbcEncText, textLen14);
}
bool CCrypt::setKey(const BYTE *pKey, size_t cbKeyLen)
{
// full external key. decode & check password
if (cbKeyLen != sizeof(ExternalKey))
return false;
BYTE tmpHash[32];
slow_hash(m_password, m_password.GetLength(), tmpHash);
BYTE ctx[kCbc14ContextLen];
init_cbc_14(tmpHash, ctx, iv0, _countof(iv0));
ExternalKey tmp = { 0 };
decrypt_cbc(ctx, (BYTE*)pKey, (BYTE*)&tmp, sizeof(tmp));
free_cbc(ctx);
if (tmp.m_crc32 != crc32(0xAbbaDead, (LPCBYTE)m_password.GetString(), m_password.GetLength()))
return false;
memcpy(m_key, &tmp.m_key, KEY_LENGTH);
memcpy(m_iv, &tmp.m_iv, KEY_LENGTH);
init_cbc_14(m_key, m_ctx, m_iv, KEY_LENGTH);
return m_valid = true;
}
void* CCrypt::decodeBuffer(const BYTE *pBuf, size_t bufLen, size_t *cbResultLen)
{
if (cbResultLen)
*cbResultLen = 0;
if (!m_valid || pBuf == NULL || (bufLen % BLOCK_SIZE) != 0)
return NULL;
char *result = (char*)mir_alloc(bufLen + 1);
if (decrypt_cbc(m_ctx, LPBYTE(pBuf), (BYTE*)result, bufLen)) {
mir_free(result);
return NULL;
}
result[bufLen] = 0;
WORD cbLen = *(PWORD)result;
if (cbLen > bufLen) {
mir_free(result);
return NULL;
}
memmove(result, result + 2, cbLen);
if (cbResultLen)
*cbResultLen = cbLen;
return result;
}
int main()
{
unsigned char key[] = "YellowSubmarine", iv[] = "random_IV_so_fun";
FILE *fp_in;
unsigned int ciphertext_len, i, plaintext_len, j=0;
unsigned char *ciphertext, *plaintext, admin[]="admin=true";
if(!(fp_in = fopen("token.txt", "r")))
{
return 0;
}
fseek(fp_in, 0, SEEK_END);
ciphertext_len = ftell(fp_in);
rewind(fp_in);
ciphertext_len = ciphertext_len/2;
ciphertext = (char*)calloc(ciphertext_len, sizeof(char));
plaintext = (char*)calloc(ciphertext_len, sizeof(char));
for(i=0; i<ciphertext_len; i++)
{
fscanf(fp_in,"%2hhx", ciphertext+i);
}
plaintext_len = decrypt_cbc(ciphertext, ciphertext_len, key, iv, plaintext);
plaintext[plaintext_len] = '\0';
//BIO_dump_fp (stdout, (const char *)plaintext, plaintext_len);
//test for presence of string
for(i=0; i<plaintext_len; i++)
{
if(plaintext[i]=='a')
{
j=0;
while(plaintext[i]==admin[j])
{
i++;
j++;
}
}
if(j>=10)
{
puts("Oh SNAP! Now you've got the power too.");
}
}
fclose(fp_in);
return 0;
}
void decrypt_block(uint32_t round_keys[NUM_ROUND_KEYS][ROUND_KEY_LENGTH], uint32_t current_block[BLOCK_LENGTH], uint32_t past_block[BLOCK_LENGTH], char* output, int test) {
int last_byte_loc;
uint32_t next_past_block[BLOCK_LENGTH]; // stores next_block so it can be set to current_block after CBC after decryption
memcpy(next_past_block, current_block, BLOCK_LENGTH * BYTE_CHUNK_SIZE);
/*
* START CODE BLOCK
*
* Following code from serpent.c file in official submission code (http://www.cl.cam.ac.uk/~rja14/Papers/serpent.tar.gz) with minor name changes. See 'sboxes.h' for note on copyright.
*/
register uint32_t x0, x1, x2, x3;
register uint32_t y0, y1, y2, y3;
x0 = current_block[0];
x1 = current_block[1];
x2 = current_block[2];
x3 = current_block[3];
/* Start to decrypt the ciphertext x */
keying(x0, x1, x2, x3, round_keys[32]);
InvRND31(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[31]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND30(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[30]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND29(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[29]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND28(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[28]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND27(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[27]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND26(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[26]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND25(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[25]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND24(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[24]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND23(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[23]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND22(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[22]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND21(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[21]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND20(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[20]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND19(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[19]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND18(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[18]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND17(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[17]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND16(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[16]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND15(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[15]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND14(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[14]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND13(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[13]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND12(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[12]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND11(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[11]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND10(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[10]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND09(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 9]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND08(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 8]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND07(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 7]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND06(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 6]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND05(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 5]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND04(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 4]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND03(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 3]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND02(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 2]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND01(x0, x1, x2, x3, y0, y1, y2, y3);
keying(y0, y1, y2, y3, round_keys[ 1]);
inv_transform(y0, y1, y2, y3, x0, x1, x2, x3);
InvRND00(x0, x1, x2, x3, y0, y1, y2, y3);
x0 = y0; x1 = y1; x2 = y2; x3 = y3;
keying(x0, x1, x2, x3, round_keys[ 0]);
/* The plaintext is now in x */
current_block[0] = x0;
current_block[1] = x1;
current_block[2] = x2;
current_block[3] = x3;
/*
* END CODE BLOCK
*/
if (!test) {
decrypt_cbc(current_block, past_block);
}
last_byte_loc = unpad(current_block);
decrypt_export_block(output, current_block, last_byte_loc);
memcpy(past_block, next_past_block, BLOCK_LENGTH * BYTE_CHUNK_SIZE);
}
