chris/OSCAR-code
1
0
Fork 0
mirror of https://gitlab.com/pholy/OSCAR-code.git synced 2025-04-06 03:00:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for incomplete DS2 flow data with a zero tag.

Browse Source
This commit is contained in:
sawinglogz 2022-05-02 15:32:28 -04:00
parent 0c586f92b6
commit 1098cab272
5 changed files with 69 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
oscar/SleepLib/crypto.cpp
View File

@ -68,6 +68,38 @@ CryptoResult decrypt_aes256_gcm(const QByteArray & key,
return result; return result;
} }
CryptoResult encrypt_aes256_gcm(const QByteArray & key,
const QByteArray & iv, const QByteArray & plaintext,
QByteArray & ciphertext, QByteArray & tag)
{
CryptoResult result = OK;
ciphertext.clear();
try {
const std::vector<uint8_t> botan_key(key.begin(), key.end());
const std::vector<uint8_t> botan_iv(iv.begin(), iv.end());
Botan::secure_vector<uint8_t> botan_message(plaintext.begin(), plaintext.end());
std::unique_ptr<Botan::Cipher_Mode> enc = Botan::Cipher_Mode::create("AES-256/GCM", Botan::ENCRYPTION);
enc->set_key(botan_key);
enc->start(botan_iv);
enc->finish(botan_message);
//qDebug() << QString::fromStdString(Botan::hex_encode(botan_message.data(), botan_message.size()));
size_t tag_size = enc->tag_size();
QByteArray message((char*) botan_message.data(), botan_message.size());
tag = message.right(tag_size);
ciphertext = message.left(message.size() - tag_size);
}
catch (std::exception& e) {
// Make sure no Botan exceptions leak out and terminate the application.
qWarning() << "Unexpected exception in encrypt_aes256_gcm:" << e.what();
result = UnknownError;
}
return result;
}
CryptoResult pbkdf2_sha256(const QByteArray & passphrase, const QByteArray & salt, int iterations, QByteArray & key) CryptoResult pbkdf2_sha256(const QByteArray & passphrase, const QByteArray & salt, int iterations, QByteArray & key)
{ {
CryptoResult result = OK; CryptoResult result = OK;

3
oscar/SleepLib/crypto.h
View File

@ -22,6 +22,9 @@ CryptoResult decrypt_aes256(const QByteArray & key, const QByteArray & ciphertex
CryptoResult decrypt_aes256_gcm(const QByteArray & key, CryptoResult decrypt_aes256_gcm(const QByteArray & key,
const QByteArray & iv, const QByteArray & ciphertext, const QByteArray & tag, const QByteArray & iv, const QByteArray & ciphertext, const QByteArray & tag,
QByteArray & plaintext); QByteArray & plaintext);
CryptoResult encrypt_aes256_gcm(const QByteArray & key,
const QByteArray & iv, const QByteArray & plaintext,
QByteArray & ciphertext, QByteArray & tag);
CryptoResult pbkdf2_sha256(const QByteArray & passphrase, const QByteArray & salt, int iterations, QByteArray & key); CryptoResult pbkdf2_sha256(const QByteArray & passphrase, const QByteArray & salt, int iterations, QByteArray & key);
#endif // CRYPTO_H #endif // CRYPTO_H

15
oscar/SleepLib/loader_plugins/prs1_loader.cpp
View File

@ -365,12 +365,23 @@ bool PRDS2File::decryptData()
if (error) { if (error) {
if (error == InvalidTag) { if (error == InvalidTag) {
static const QByteArray s_zero_tag(16, 0);
if (m_payload_tag == s_zero_tag) {
// This has been observed where the tag is zero and the data appears truncated. // This has been observed where the tag is zero and the data appears truncated.
qWarning() << name() << "DS2 payload doesn't match tag, skipping"; // Decrypt and ignore the tag. Rely on the decrypted payload's CRC for integrity.
} else { qWarning() << name() << "DS2 payload has zero tag, recovering data";
error = encrypt_aes256_gcm(m_payload_key, m_iv, ciphertext, plaintext, m_payload_tag);
if (error) {
qWarning() << "*** DS2 unexpected exception decrypting" << name(); qWarning() << "*** DS2 unexpected exception decrypting" << name();
} }
} else { } else {
qWarning() << name() << "DS2 payload doesn't match tag, skipping";
}
} else {
qWarning() << "*** DS2 unexpected exception decrypting" << name();
}
}
if (!error) {
m_payload.setData(plaintext); m_payload.setData(plaintext);
m_payload.open(QIODevice::ReadOnly); m_payload.open(QIODevice::ReadOnly);
valid = true; valid = true;

19
oscar/tests/cryptotests.cpp
View File

@ -85,6 +85,25 @@ void CryptoTests::testAES256GCM()
} }
} }
void CryptoTests::testAES256GCMencrypt()
{
QByteArray empty;
for (int i = 0; i < s_AES256GCMVectorCount; i++) {
const AES256GCMVector_t* v = &s_AES256GCMVectors[i];
QByteArray key = QByteArray::fromHex(v->key);
QByteArray plaintext = QByteArray::fromHex(v->p);
QByteArray iv = QByteArray::fromHex(v->iv);
QByteArray expected_ciphertext = QByteArray::fromHex(v->c);
QByteArray expected_tag = QByteArray::fromHex(v->tag);
QByteArray ciphertext;
QByteArray tag;
CryptoResult result = encrypt_aes256_gcm(key, iv, plaintext, ciphertext, tag);
Q_ASSERT(result == OK);
Q_ASSERT(ciphertext == expected_ciphertext);
Q_ASSERT(tag == expected_tag);
}
}
void CryptoTests::testPBKDF2_SHA256() void CryptoTests::testPBKDF2_SHA256()
{ {

1
oscar/tests/cryptotests.h
View File

@ -14,6 +14,7 @@ class CryptoTests : public QObject
private slots: private slots:
void testAES256(); void testAES256();
void testAES256GCM(); void testAES256GCM();
void testAES256GCMencrypt();
void testPBKDF2_SHA256(); void testPBKDF2_SHA256();
void testPRS1Benchmarks(); void testPRS1Benchmarks();
}; };