当前位置:网站首页>Wust-ctf2021-re school match WP
Wust-ctf2021-re school match WP
2022-07-28 20:16:00 【After the rain】
WUST-CTF2021-re School competition wp
WUST-CTF2021-re School competition wp
I'm not signing in
64 position , Shell less
Is to input characters plus i Then compare with the ciphertext
therefore EXP
s=[102, 109, 99, 106, 127, 53, 54, 59, 62, 65,
58, 61, 69, 58, 64, 68, 73, 71, 63, 71,
76, 120, 70, 68, 122, 124, 80, 83, 73, 131,
129, 85, 89, 82, 91, 133, 91, 89, 89, 136,
92, 166]
for i in range(len(s)):
s[i]=s[i]-i
print(bytes(s))
#b'flag{00468029-2596-48c0-bc68-fc6919b743a4}'
Pingcheng the fourth outstanding player
Notice that python Reverse packaging of files
utilize pyinstxtractor.py Decompile the file and package the file to make it pyc file
After decompiling, a folder will appear , There are files when linking ,pyd Equivalent to python Dynamic link library for ,pyc There is the source code
Because decompilation will lose version information , Need to use struct File for recovery
Resume
Use uncompy6.exe Analyze the source code locally
I found a little problem , It should be about coding
flag{ I can also become light !!!}
findit
There's a problem with functions
Self decrypt the address
Finally, call the decrypted function
SMC topic
Yes
Lower breakpoint , Let the function execute until after decryption
EXP
int __cdecl ssd(char *Str)
{
int v1; // eax
char v3[20]; // [esp+1Dh] [ebp-4Bh]
char v4[7]; // [esp+31h] [ebp-37h] BYREF
int v5; // [esp+38h] [ebp-30h]
int v6; // [esp+3Ch] [ebp-2Ch]
int jj; // [esp+40h] [ebp-28h]
int ii; // [esp+44h] [ebp-24h]
int n; // [esp+48h] [ebp-20h]
int m; // [esp+4Ch] [ebp-1Ch]
size_t k; // [esp+50h] [ebp-18h]
int j; // [esp+54h] [ebp-14h]
int i; // [esp+58h] [ebp-10h]
int v14; // [esp+5Ch] [ebp-Ch]
qmemcpy(v4, "REVERSE", sizeof(v4));
v3[0] = 81;
v3[1] = -72;
v3[2] = 90;
v3[3] = 18;
v3[4] = 16;
v3[5] = -6;
v3[6] = 13;
v3[7] = 35;
v3[8] = 1;
v3[9] = 23;
v3[10] = 8;
v3[11] = 9;
v3[12] = 27;
v3[13] = 0;
v3[14] = 18;
v3[15] = 44;
v3[16] = -14;
v3[17] = 18;
v3[18] = 17;
v3[19] = 14;
scanf("%s", Str);
v6 = strlen(Str);
for ( i = 0; i < v6; ++i )
Str[i] -= 64;
for ( j = 0; j < v6; ++j )
Str[j] -= Str[j + 1];
for ( k = 0; k < strlen(v4); ++k )
v4[k] %= 64;
for ( m = 0; m < v6; ++m )
Str[m] += v4[m % 7];
for ( n = 0; v6 / 2 > n; ++n )
{
v5 = Str[n];
Str[n] = Str[v6 - n - 1];
Str[v6 - n - 1] = v5;
}
for ( ii = 0; ii < v6; ++ii )
{
if ( (v4[ii % 7] & 1) != 0 )
v1 = Str[ii] + 2;
else
v1 = Str[ii] + 1;
v14 = v1;
Str[ii] = v1;
}
for ( jj = 0; jj < v6; ++jj )
{
if ( Str[jj] != v3[jj] )
{
puts(&Buffer);
return 0;
}
}
puts(aFlag_0);
return 1;
}
A simple audit
EXP
v4="REVERSE"
enc=[0]*20
enc[0] = 81
enc[1] = -72
enc[2] = 90
enc[3] = 18
enc[4] = 16
enc[5] = -6
enc[6] = 13
enc[7] = 35
enc[8] = 1
enc[9] = 23
enc[10] = 8
enc[11] = 9
enc[12] = 27
enc[13] = 0
enc[14] = 18
enc[15] = 44
enc[16] = -14
enc[17] = 18
enc[18] = 17
enc[19] = 14
key=[]
for i in range(len(v4)):
key.append(ord(v4[i])%64)
for i in range(len(enc)):
if key[i%7]&1 != 0:
enc[i]=enc[i] - 2
else:
enc[i]=enc[i] - 1
for n in range(len(enc)//2):
enc[n],enc[len(enc)-n-1]=enc[len(enc)-n-1],enc[n]
for i in range(len(enc)):
enc[i]=enc[i]-key[i%7]
for i in range(len(enc)-2,-1,-1):
enc[i]=enc[i]+enc[i+1]
for i in range(len(enc)):
enc[i]=enc[i]+64
print(bytes(enc))
# b'flag{celebrate_you!}'
AskforU
Flower instruction
After recovery
int __cdecl main(int argc, const char **argv, const char **envp)
{
const char *Str1; // eax
const char *Str2; // [esp+14h] [ebp-E4h]
int i; // [esp+20h] [ebp-D8h]
int v7; // [esp+24h] [ebp-D4h]
char v8[100]; // [esp+2Ch] [ebp-CCh] BYREF
char v9[100]; // [esp+90h] [ebp-68h] BYREF
sub_401840("Please input your key:");
sub_4018C0("%s", v9);
Str2 = off_405004;
Str1 = (const char *)sub_401000(v9);
if ( !strcmp(Str1, Str2) )
{
sub_401840("Please input your flag:");
sub_4018C0("%s", v8);
if ( strlen(v8) == 25 )
{
v7 = sub_4011D0(v8, v9);
for ( i = 0; i < 25; ++i )
{
if ( *(unsigned __int8 *)(v7 + i) != (unsigned __int8)byte_405008[i] )
{
sub_401840("Ohh no~~\n");
return 0;
}
}
sub_401840("Congratulation! The answer is flag{md5(your flag)}\n");
}
}
else
{
sub_401840("Wrong Key!\n");
}
return 0;
}
Remove the flower instruction of this interference
RC4 encryption
On the whole
First enter key, Yes key Conduct base64 encryption
be key by i_am_a_ctF3rr
look for flag
We have ciphertext and key, I know rc4 encryption
Put the code directly copy Come down and go straight out
#include<string.h>
#include<stdio.h>
void main( )
{
char v3; // [esp+1Ch] [ebp-130h]
int j; // [esp+20h] [ebp-12Ch]
char temp; // [esp+24h] [ebp-128h]
int v6; // [esp+28h] [ebp-124h]
int v7; // [esp+28h] [ebp-124h]
int v8; // [esp+2Ch] [ebp-120h]
int i; // [esp+30h] [ebp-11Ch]
size_t k; // [esp+30h] [ebp-11Ch]
int a[257]; // [esp+3Bh] [ebp-111h]
char key[]="i_am_a_ctF3rr";
int enc[]={
12, 170, 161, 170, 167, 226, 31, 229, 204, 85,
173, 198, 102, 193, 164, 30, 24, 238, 25, 12,
237, 221, 13, 73, 153};
v6 = 0;
for ( i = 0; i < 256; ++i )
a[i] = i;
for ( j = 0; j < 256; ++j )
{
v6 = ((unsigned __int8)key[j % strlen(key)] + v6 + (unsigned __int8)a[j]) % 256;
v3 = a[j];
a[j] = a[v6];
a[v6] = v3;
}
v8 = 0;
v7 = 0;
for ( k = 0; k < 25; ++k )
{
v8 = (v8 + 1) % 256;
v7 = (v7 + (unsigned __int8)a[v8]) % 256;
temp = a[v8];
a[v8] = a[v7];
a[v7] = temp;
enc[k] ^= a[((unsigned __int8)a[v7] + (unsigned __int8)a[v8]) % 256];
printf("%c",enc[k]);
}
}
I still use it python Write it over
import hashlib
h=hashlib.md5()
enc=[12, 170, 161, 170, 167, 226, 31, 229, 204, 85,
173, 198, 102, 193, 164, 30, 24, 238, 25, 12,
237, 221, 13, 73, 153]
a=[0]*256
key="i_am_a_ctF3rr"
for i in range(256):
a[i]=i
v6 = 0
for j in range(256):
v6=(ord(key[j%len(key)])+v6+a[j])%256
v3 = a[j]
a[j] = a[v6]
a[v6] = v3
v7 = 0
v8 = 0
for k in range(len(enc)):
v8 = (v8 + 1) % 256
v7 = (v7 + a[v8]) % 256
temp = a[v8]
a[v8] = a[v7]
a[v7] = temp
enc[k] ^= a[(a[v7] + a[v8]) % 256]
print(bytes(enc))
# b'HAve-FVn-wiTh-base&Rcfour'
h.update(bytes(enc))
print('flag{'+h.hexdigest()+'}')
#flag{363202359cc5b5ea7b1410a135b41535}
nobabyre
int __cdecl main_0(int argc, const char **argv, const char **envp)
{
char v4; // [esp+0h] [ebp-1C0h]
char v5; // [esp+0h] [ebp-1C0h]
int i; // [esp+D0h] [ebp-F0h]
int v7[10]; // [esp+104h] [ebp-BCh] BYREF
char Str[60]; // [esp+12Ch] [ebp-94h] BYREF
char v9[60]; // [esp+168h] [ebp-58h] BYREF
char v10[24]; // [esp+1A4h] [ebp-1Ch] BYREF
__CheckForDebuggerJustMyCode(&unk_41E00F);
strcpy(v10, "WUSTCTF686?666!~");
j_memset(v9, 0, 0x32u);
printf("input your flag:", v4);
scanf("%s", (char)Str);
if ( j_strlen(Str) != 32 )
return 0;
j_memcpy(v9, Str, 0x20u);
memset(v7, 0, 32);
sub_4110A5(v10, 16, v9, v7, 32);
for ( i = 0; i < 32; ++i )
{
if ( *((unsigned __int8 *)v7 + i) != (unsigned __int8)byte_41C010[i] )
{
printf("G!\n", v5);
return 0;
}
}
printf("Cons!Your flag is flag{your input}\n", v5);
return 0;
}
Enter key code audit
int __cdecl sub_411C20(void *Src, size_t Size, int a3, int a4, unsigned int a5)
{
char v6; // [esp+0h] [ebp-38Ch]
int j; // [esp+190h] [ebp-1FCh]
unsigned int i; // [esp+19Ch] [ebp-1F0h]
char v9[24]; // [esp+1A8h] [ebp-1E4h] BYREF
int v10[6]; // [esp+1C0h] [ebp-1CCh] BYREF
int v11[12]; // [esp+1D8h] [ebp-1B4h] BYREF
char *v12; // [esp+208h] [ebp-184h]
int v13; // [esp+214h] [ebp-178h]
char v14[360]; // [esp+220h] [ebp-16Ch] BYREF
__CheckForDebuggerJustMyCode(&unk_41E00F);
v13 = a4;
v12 = v14;
memset(&v11[6], 0, 16);
memset(v11, 0, 16);
memset(v10, 0, 16);
if ( Src && a3 && a4 )
{
if ( Size <= 0x10 )
{
if ( a5 % 0x10 )
{
sub_4110E1("inLen is invalid.\n", v6);
return -1;
}
else
{
if ( IsDebuggerPresent() )
j_memcpy(v11, Src, Size);
else
j_memcpy(v9, &unk_41C000, Size);
sub_4111D1(v11, 16, v14);
for ( i = 0; i < a5; i += 16 )
{
sub_4112CB(v10, a3);
sub_411064(v10, v12);
for ( j = 1; j < 10; ++j )
{
v12 += 16;
sub_41122B(v10);
sub_411285(v10);
sub_4113A2(v10);
sub_411064(v10, v12);
}
sub_41122B(v10);
sub_411285(v10);
sub_411064(v10, v12 + 16);
sub_411127(v10, v13);
v13 += 16;
a3 += 16;
v12 = v14;
}
return 0;
}
}
else
{
sub_4110E1("keyLen must be 16.\n", v6);
return -1;
}
}
else
{
sub_4110E1("param err.\n", v6);
return -1;
}
}
Actual key=“WUSTCTF_wthHuis6”
aes The inverse of s The box is regarded as s Box use
#include <stdio.h>
#include <stdint.h>
#include <memory.h>
/****************************************************************************************************************/
typedef enum {
AES_CYPHER_128,
AES_CYPHER_192,
AES_CYPHER_256,
} AES_CYPHER_T;
/****************************************************************************************************************/
/* * Encryption Rounds */
int g_aes_key_bits[] = {
/* AES_CYPHER_128 */ 128,
/* AES_CYPHER_192 */ 192,
/* AES_CYPHER_256 */ 256,
};
int g_aes_rounds[] = {
/* AES_CYPHER_128 */ 10,
/* AES_CYPHER_192 */ 12,
/* AES_CYPHER_256 */ 14,
};
int g_aes_nk[] = {
/* AES_CYPHER_128 */ 4,
/* AES_CYPHER_192 */ 6,
/* AES_CYPHER_256 */ 8,
};
int g_aes_nb[] = {
/* AES_CYPHER_128 */ 4,
/* AES_CYPHER_192 */ 4,
/* AES_CYPHER_256 */ 4,
};
/****************************************************************************************************************/
/* * aes Rcon: * * WARNING: Rcon is designed starting from 1 to 15, not 0 to 14. * FIPS-197 Page 9: "note that i starts at 1, not 0" * * i | 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 * -----+------------------------------------------------------------------------------------------ * | [01] [02] [04] [08] [10] [20] [40] [80] [1b] [36] [6c] [d8] [ab] [4d] [9a] * RCON | [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] * | [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] * | [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] [00] */
static const uint32_t g_aes_rcon[] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000,
0x1b000000, 0x36000000, 0x6c000000, 0xd8000000, 0xab000000, 0xed000000, 0x9a000000
};
/****************************************************************************************************************/
/* * aes sbox and invert-sbox */
static const uint8_t g_inv_sbox[256] = {
/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
};
static const uint8_t g_aes_sbox[256] = {
/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
};
/****************************************************************************************************************/
uint8_t aes_sub_sbox(uint8_t val)
{
return g_aes_sbox[val];
}
/****************************************************************************************************************/
uint32_t aes_sub_dword(uint32_t val)
{
uint32_t tmp = 0;
tmp |= ((uint32_t)aes_sub_sbox((uint8_t)((val >> 0) & 0xFF))) << 0;
tmp |= ((uint32_t)aes_sub_sbox((uint8_t)((val >> 8) & 0xFF))) << 8;
tmp |= ((uint32_t)aes_sub_sbox((uint8_t)((val >> 16) & 0xFF))) << 16;
tmp |= ((uint32_t)aes_sub_sbox((uint8_t)((val >> 24) & 0xFF))) << 24;
return tmp;
}
/****************************************************************************************************************/
uint32_t aes_rot_dword(uint32_t val)
{
uint32_t tmp = val;
return (val >> 8) | ((tmp & 0xFF) << 24);
}
/****************************************************************************************************************/
uint32_t aes_swap_dword(uint32_t val)
{
return (((val & 0x000000FF) << 24) |
((val & 0x0000FF00) << 8) |
((val & 0x00FF0000) >> 8) |
((val & 0xFF000000) >> 24));
}
/****************************************************************************************************************/
/* * nr: number of rounds * nb: number of columns comprising the state, nb = 4 dwords (16 bytes) * nk: number of 32-bit words comprising cipher key, nk = 4, 6, 8 (KeyLength/(4*8)) */
void aes_key_expansion(AES_CYPHER_T mode, uint8_t *key, uint8_t *round)
{
uint32_t *w = (uint32_t *)round;
uint32_t t;
int i = 0;
do {
w[i] = *((uint32_t *)&key[i * 4 + 0]);
} while (++i < g_aes_nk[mode]);
do {
if ((i % g_aes_nk[mode]) == 0) {
t = aes_rot_dword(w[i - 1]);
t = aes_sub_dword(t);
t = t ^ aes_swap_dword(g_aes_rcon[i / g_aes_nk[mode] - 1]);
}
else if (g_aes_nk[mode] > 6 && (i % g_aes_nk[mode]) == 4) {
t = aes_sub_dword(w[i - 1]);
}
else {
t = w[i - 1];
}
w[i] = w[i - g_aes_nk[mode]] ^ t;
} while (++i < g_aes_nb[mode] * (g_aes_rounds[mode] + 1));
}
/****************************************************************************************************************/
void aes_add_round_key(AES_CYPHER_T mode, uint8_t *state,
uint8_t *round, int nr)
{
uint32_t *w = (uint32_t *)round;
uint32_t *s = (uint32_t *)state;
int i;
for (i = 0; i < g_aes_nb[mode]; i++) {
s[i] ^= w[nr * g_aes_nb[mode] + i];
}
}
/****************************************************************************************************************/
void aes_sub_bytes(AES_CYPHER_T mode, uint8_t *state)
{
int i, j;
for (i = 0; i < g_aes_nb[mode]; i++) {
for (j = 0; j < 4; j++) {
state[i * 4 + j] = aes_sub_sbox(state[i * 4 + j]);
}
}
}
/****************************************************************************************************************/
void aes_shift_rows(AES_CYPHER_T mode, uint8_t *state)
{
uint8_t *s = (uint8_t *)state;
int i, j, r;
for (i = 1; i < g_aes_nb[mode]; i++) {
for (j = 0; j < i; j++) {
uint8_t tmp = s[i];
for (r = 0; r < g_aes_nb[mode]; r++) {
s[i + r * 4] = s[i + (r + 1) * 4];
}
s[i + (g_aes_nb[mode] - 1) * 4] = tmp;
}
}
}
/****************************************************************************************************************/
uint8_t aes_xtime(uint8_t x)
{
return ((x << 1) ^ (((x >> 7) & 1) * 0x1b));
}
/****************************************************************************************************************/
uint8_t aes_xtimes(uint8_t x, int ts)
{
while (ts-- > 0) {
x = aes_xtime(x);
}
return x;
}
/****************************************************************************************************************/
uint8_t aes_mul(uint8_t x, uint8_t y)
{
/* * encrypt: y has only 2 bits: can be 1, 2 or 3 * decrypt: y could be any value of 9, b, d, or e */
return ((((y >> 0) & 1) * aes_xtimes(x, 0)) ^
(((y >> 1) & 1) * aes_xtimes(x, 1)) ^
(((y >> 2) & 1) * aes_xtimes(x, 2)) ^
(((y >> 3) & 1) * aes_xtimes(x, 3)) ^
(((y >> 4) & 1) * aes_xtimes(x, 4)) ^
(((y >> 5) & 1) * aes_xtimes(x, 5)) ^
(((y >> 6) & 1) * aes_xtimes(x, 6)) ^
(((y >> 7) & 1) * aes_xtimes(x, 7)));
}
/****************************************************************************************************************/
void aes_mix_columns(AES_CYPHER_T mode, uint8_t *state)
{
uint8_t y[16] = {
2, 3, 1, 1, 1, 2, 3, 1, 1, 1, 2, 3, 3, 1, 1, 2 };
uint8_t s[4];
int i, j, r;
for (i = 0; i < g_aes_nb[mode]; i++) {
for (r = 0; r < 4; r++) {
s[r] = 0;
for (j = 0; j < 4; j++) {
s[r] = s[r] ^ aes_mul(state[i * 4 + j], y[r * 4 + j]);
}
}
for (r = 0; r < 4; r++) {
state[i * 4 + r] = s[r];
}
}
}
/****************************************************************************************************************/
int aes_encrypt(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key)
{
uint8_t w[4 * 4 * 15] = {
0 }; /* round key */
uint8_t s[4 * 4] = {
0 }; /* state */
int nr, i, j;
/* key expansion */
aes_key_expansion(mode, key, w);
/* start data cypher loop over input buffer */
for (i = 0; i < len; i += 4 * g_aes_nb[mode]) {
/* init state from user buffer (plaintext) */
for (j = 0; j < 4 * g_aes_nb[mode]; j++)
s[j] = data[i + j];
/* start AES cypher loop over all AES rounds */
for (nr = 0; nr <= g_aes_rounds[mode]; nr++) {
if (nr > 0) {
/* do SubBytes */
aes_sub_bytes(mode, s);
/* do ShiftRows */
aes_shift_rows(mode, s);
if (nr < g_aes_rounds[mode]) {
/* do MixColumns */
aes_mix_columns(mode, s);
}
}
/* do AddRoundKey */
aes_add_round_key(mode, s, w, nr);
}
/* save state (cypher) to user buffer */
for (j = 0; j < 4 * g_aes_nb[mode]; j++)
data[i + j] = s[j];
}
return 0;
}
/****************************************************************************************************************/
int aes_encrypt_ecb(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key)
{
return aes_encrypt(mode, data, len, key);
}
/****************************************************************************************************************/
int aes_encrypt_cbc(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key, uint8_t *iv)
{
uint8_t w[4 * 4 * 15] = {
0 }; /* round key */
uint8_t s[4 * 4] = {
0 }; /* state */
uint8_t v[4 * 4] = {
0 }; /* iv */
int nr, i, j;
/* key expansion */
aes_key_expansion(mode, key, w);
memcpy(v, iv, sizeof(v));
/* start data cypher loop over input buffer */
for (i = 0; i < len; i += 4 * g_aes_nb[mode]) {
/* init state from user buffer (plaintext) */
for (j = 0; j < 4 * g_aes_nb[mode]; j++)
s[j] = data[i + j] ^ v[j];
/* start AES cypher loop over all AES rounds */
for (nr = 0; nr <= g_aes_rounds[mode]; nr++) {
if (nr > 0) {
/* do SubBytes */
aes_sub_bytes(mode, s);
/* do ShiftRows */
aes_shift_rows(mode, s);
if (nr < g_aes_rounds[mode]) {
/* do MixColumns */
aes_mix_columns(mode, s);
}
}
/* do AddRoundKey */
aes_add_round_key(mode, s, w, nr);
}
/* save state (cypher) to user buffer */
for (j = 0; j < 4 * g_aes_nb[mode]; j++)
data[i + j] = v[j] = s[j];
}
return 0;
}
/****************************************************************************************************************/
void inv_shift_rows(AES_CYPHER_T mode, uint8_t *state)
{
uint8_t *s = (uint8_t *)state;
int i, j, r;
for (i = 1; i < g_aes_nb[mode]; i++) {
for (j = 0; j < g_aes_nb[mode] - i; j++) {
uint8_t tmp = s[i];
for (r = 0; r < g_aes_nb[mode]; r++) {
s[i + r * 4] = s[i + (r + 1) * 4];
}
s[i + (g_aes_nb[mode] - 1) * 4] = tmp;
}
}
}
/****************************************************************************************************************/
uint8_t inv_sub_sbox(uint8_t val)
{
return g_inv_sbox[val];
}
/****************************************************************************************************************/
void inv_sub_bytes(AES_CYPHER_T mode, uint8_t *state)
{
int i, j;
for (i = 0; i < g_aes_nb[mode]; i++) {
for (j = 0; j < 4; j++) {
state[i * 4 + j] = inv_sub_sbox(state[i * 4 + j]);
}
}
}
/****************************************************************************************************************/
void inv_mix_columns(AES_CYPHER_T mode, uint8_t *state)
{
uint8_t y[16] = {
0x0e, 0x0b, 0x0d, 0x09, 0x09, 0x0e, 0x0b, 0x0d,
0x0d, 0x09, 0x0e, 0x0b, 0x0b, 0x0d, 0x09, 0x0e };
uint8_t s[4];
int i, j, r;
for (i = 0; i < g_aes_nb[mode]; i++) {
for (r = 0; r < 4; r++) {
s[r] = 0;
for (j = 0; j < 4; j++) {
s[r] = s[r] ^ aes_mul(state[i * 4 + j], y[r * 4 + j]);
}
}
for (r = 0; r < 4; r++) {
state[i * 4 + r] = s[r];
}
}
}
/****************************************************************************************************************/
int aes_decrypt(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key)
{
uint8_t w[4 * 4 * 15] = {
0 }; /* round key */
uint8_t s[4 * 4] = {
0 }; /* state */
int nr, i, j;
/* key expansion */
aes_key_expansion(mode, key, w);
/* start data cypher loop over input buffer */
for (i = 0; i < len; i += 4 * g_aes_nb[mode]) {
/* init state from user buffer (cyphertext) */
for (j = 0; j < 4 * g_aes_nb[mode]; j++)
s[j] = data[i + j];
/* start AES cypher loop over all AES rounds */
for (nr = g_aes_rounds[mode]; nr >= 0; nr--) {
/* do AddRoundKey */
aes_add_round_key(mode, s, w, nr);
if (nr > 0) {
if (nr < g_aes_rounds[mode]) {
/* do MixColumns */
inv_mix_columns(mode, s);
}
/* do ShiftRows */
inv_shift_rows(mode, s);
/* do SubBytes */
inv_sub_bytes(mode, s);
}
}
/* save state (cypher) to user buffer */
for (j = 0; j < 4 * g_aes_nb[mode]; j++)
data[i + j] = s[j];
}
return 0;
}
/****************************************************************************************************************/
int aes_decrypt_ecb(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key)
{
return aes_decrypt(mode, data, len, key);
}
/****************************************************************************************************************/
int aes_decrypt_cbc(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key, uint8_t *iv)
{
uint8_t w[4 * 4 * 15] = {
0 }; /* round key */
uint8_t s[4 * 4] = {
0 }; /* state */
uint8_t v[4 * 4] = {
0 }; /* iv */
int nr, i, j;
/* key expansion */
aes_key_expansion(mode, key, w);
memcpy(v, iv, sizeof(v));
/* start data cypher loop over input buffer */
for (i = 0; i < len; i += 4 * g_aes_nb[mode]) {
/* init state from user buffer (cyphertext) */
for (j = 0; j < 4 * g_aes_nb[mode]; j++)
s[j] = data[i + j];
/* start AES cypher loop over all AES rounds */
for (nr = g_aes_rounds[mode]; nr >= 0; nr--) {
/* do AddRoundKey */
aes_add_round_key(mode, s, w, nr);
if (nr > 0) {
if (nr < g_aes_rounds[mode]) {
/* do MixColumns */
inv_mix_columns(mode, s);
}
/* do ShiftRows */
inv_shift_rows(mode, s);
/* do SubBytes */
inv_sub_bytes(mode, s);
}
}
/* save state (cypher) to user buffer */
for (j = 0; j < 4 * g_aes_nb[mode]; j++) {
uint8_t p = s[j] ^ v[j];
v[j] = data[i + j];
data[i + j] = p;
}
}
return 0;
}
/****************************************************************************************************************/
void aes_cypher_128_test()
{
#if 1
uint8_t buf[] = {
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
uint8_t key[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
#else
uint8_t buf[] = {
0x32, 0x43, 0xf6, 0xa8, 0x88, 0x5a, 0x30, 0x8d,
0x31, 0x31, 0x98, 0xa2, 0xe0, 0x37, 0x07, 0x34 };
uint8_t key[] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c };
#endif
aes_encrypt(AES_CYPHER_128, buf, sizeof(buf), key);
aes_decrypt(AES_CYPHER_128, buf, sizeof(buf), key);
}
/****************************************************************************************************************/
void aes_cypher_192_test()
{
uint8_t buf[] = {
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
uint8_t key[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 };
aes_encrypt(AES_CYPHER_192, buf, sizeof(buf), key);
aes_decrypt(AES_CYPHER_192, buf, sizeof(buf), key);
}
/****************************************************************************************************************/
void aes_cypher_256_test()
{
uint8_t buf[] = {
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
uint8_t key[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f };
aes_encrypt(AES_CYPHER_256, buf, sizeof(buf), key);
aes_decrypt(AES_CYPHER_256, buf, sizeof(buf), key);
}
/****************************************************************************************************************/
void main()
{
// data
uint8_t buf[] = {
0xAD, 0xE4, 0xD9, 0x95, 0x44, 0xE2, 0x65, 0x5C, 0xD6, 0x82, 0x1B, 0xE2, 0xBD, 0xA6, 0xDB, 0x55, 0xC7, 0x39, 0x61, 0x79, 0xD2, 0x9A, 0x54, 0x4D, 0x7E, 0x24, 0x26, 0xEF, 0x24, 0x64, 0x1A, 0x19};
// secret key
uint8_t key[] = {
87,85,83,84,67,84,70,95,119,116,104,72,117,105,115,54, };
// vector
//uint8_t iv[] = {};
switch (sizeof(key))
{
//ECB
case 16:aes_decrypt(AES_CYPHER_128, buf, sizeof(buf), key); break;
case 24:aes_decrypt(AES_CYPHER_192, buf, sizeof(buf), key); break;
case 32:aes_decrypt(AES_CYPHER_256, buf, sizeof(buf), key); break;
//CBC
/* case 16:aes_decrypt_cbc(AES_CYPHER_128, buf, sizeof(buf), key, iv); break; case 24:aes_decrypt_cbc(AES_CYPHER_192, buf, sizeof(buf), key, iv); break; case 32:aes_decrypt_cbc(AES_CYPHER_256, buf, sizeof(buf), key, iv); break; */
}
for (int i = 0; i < sizeof(buf); i++)
{
printf("%c", buf[i] & 0xFF);
}
printf("\n");
return;
}
边栏推荐
- [C language] initial C language reflection and summary
- Digital filter design matlab
- Richpedia: A Large-Scale, Comprehensive Multi-Modal Knowledge Graph
- English translation Portuguese - batch English conversion Portuguese - free translation and conversion of various languages
- [C language] simulation implementation of pow function (recursion)
- Sequential linear table - practice in class
- Solve the kangaroo crossing problem (DP)
- [C language] step jumping problem [recursion]
- C+ + core programming
- How to automatically store email attachments in SharePoint
猜你喜欢
![[C language] print pattern summary](/img/48/d8ff17453e810fcd9269f56eda4d47.png)
[C language] print pattern summary
![[experiment sharing] CCIE BGP reflector experiment](/img/e4/1ddd611c8438cb6ca1be32f34fa67a.png)
[experiment sharing] CCIE BGP reflector experiment
Implementation of strstr in C language
![[C language] guessing numbers game [function]](/img/db/8ebdb02f137878224367503b730803.png)
[C language] guessing numbers game [function]
Quick sort template
zfoo增加类似于mydog的路由
C+ + core programming
Intermediate soft test (system integration project management engineer) high frequency test site
云原生编程挑战赛火热开赛,51 万奖金等你来挑战!
ssm中项目异常处理
随机推荐
BeanFactory not initialized or already closed - call ‘refresh‘ before accessing beans via the Applic
通配符 SSL/TLS 证书
English translation Arabic - batch English translation Arabic tools free of charge
ssm中项目异常处理
Use of strtok and strError
C语言数据 3(2)
Quick sort template
mmo及时战斗游戏中的场景线程分配
Common modules of saltstack
The cloud native programming challenge is hot, with 510000 bonus waiting for you to challenge!
[C language] print pattern summary
English translation Portuguese - batch English conversion Portuguese - free translation and conversion of various languages
跨区域网络的通信学习静态路由
5. Difference between break and continue (easy to understand version)
Implementation of memcpy in C language
plt. What does it mean when linestyle, marker, color equals none in plot()
Method number problem for solving sum of numbers (knapsack problem)
MySQL command statement (personal summary)
Sequential linear table - practice in class
Communication learning static routing across regional networks