class CryptoToolbox::Oracles::CbcMutatingEncryptionOracle

Attributes

prefix[R]
suffix[R]

Public Class Methods

new(key = SecureRandom.random_bytes(16) ) click to toggle source
# File lib/crypto-toolbox/oracles/cbc_mutating_encryption_oracle.rb, line 7
def initialize(key = SecureRandom.random_bytes(16) )
  @key     = key
  @prefix  = "comment1=cooking%20MCs;userdata="
  @suffix  = ";comment2=%20like%20a%20pound%20of%20bacon"
  @iv      = SecureRandom.random_bytes(16)
end

Public Instance Methods

encrypted_message_for(user) click to toggle source
# File lib/crypto-toolbox/oracles/cbc_mutating_encryption_oracle.rb, line 27
def encrypted_message_for(user)
  Ciphers::Aes.new.encipher_cbc(@key,message_for(user),iv: @iv)
end
is_admin?(ciphertext) click to toggle source
# File lib/crypto-toolbox/oracles/cbc_mutating_encryption_oracle.rb, line 31
def is_admin?(ciphertext)
  data = decrypt_message(ciphertext)
  data.has_key?(:admin) && data[:admin] == "true"
end
message_for(user) click to toggle source

make sure this attack is not possible

fake_user="admin=true;admin=true;"
ciphertext = oracle.encrypted_message_for(fake_user)
oracle.is_admin?(ciphertext)
# File lib/crypto-toolbox/oracles/cbc_mutating_encryption_oracle.rb, line 18
def message_for(user)
  user.gsub!(/[;=]/,"") # sanitize meta chars
  @prefix + user + @suffix
end
parse_message(string) click to toggle source
# File lib/crypto-toolbox/oracles/cbc_mutating_encryption_oracle.rb, line 23
def parse_message(string)
  string.split(";").each_with_object({}){|pair,hsh| k,v = pair.split("="); hsh[k.to_sym] = v }
end

Private Instance Methods

decrypt_message(ciphertext) click to toggle source
# File lib/crypto-toolbox/oracles/cbc_mutating_encryption_oracle.rb, line 37
def decrypt_message(ciphertext)
  plaintext = Ciphers::Aes.new.decipher_cbc(@key,ciphertext,iv: @iv).to_crypt_buffer.strip_padding.str
  parse_message(plaintext)
end