Function padding_oracle::decrypt

source ·

pub fn decrypt(
    ciphertext: &[u8],
    blocksize: usize,
    oracle: fn(_: &[u8]) -> bool
) -> Result<Vec<u8>, Error>

Expand description

Decrypt a ciphertext using an oracle function. Note that this assumes the IV is prepended to the ciphertext. If that’s not the case, the first block won’t be decrypted.

§Example

use aes::cipher::{
    block_padding::{Pkcs7, RawPadding},
    BlockDecryptMut, BlockEncryptMut, KeyIvInit,
};

type Aes128CbcEnc = cbc::Encryptor<aes::Aes128>;
type Aes128CbcDec = cbc::Decryptor<aes::Aes128>;

const KEY: [u8; 16] = [0u8; 16];
const IV: [u8; 16] = [0u8; 16];

fn oracle(ciphertext: &[u8]) -> bool {
    let mut buf = ciphertext.to_vec();

    Aes128CbcDec::new(&KEY.into(), &IV.into())
        .decrypt_padded_mut::<Pkcs7>(&mut buf)
        .is_ok()
}






// Perform the attack
let plaintext = padding_oracle::decrypt(&ciphertext, 16, oracle).unwrap();