Commit 6f3b2db1 authored by Sophie Brun's avatar Sophie Brun

New upstream version 0.3.6

parent 8dba5609
Jose Miguel Esparza <jesparza AT eternal-todo.com>
http://eternal-todo.com
http://twitter.com/EternalTodo
\ No newline at end of file
-----------------------------------------------
peepdf 0.3 r235, 2014-06-09
-----------------------------------------------
* New features:
- Added descriptive titles for the vulns found
- Added detection of CVE-2013-2729 (Adobe Reader BMP/RLE heap corruption)
- Added support for more than one script block in objects containing Javascript (e.g. XFA objects)
- Updated colorama to version 3.1 (2014-04-19)
- Added detection of CVE-2013-3346 (ToolButton Use-After-Free)
- Added command "js_vars" to show the variables defined in the Javascript context and their content
- Added command "js_jjdecode" to decode Javascript code using the jjencode algorithm (Thanks to Nahuel Riva @crackinglandia)
- Added static detection for CVE-2010-0188
- Added detection for CoolType.dll SING uniqueName vulnerability (CVE-2010-2883). Better late than never ;p
- Added new command "vtcheck" to check for detection on VirusTotal (API key included)
- Added option to avoid automatic Javascript analysis (useful with endless loops)
- Added PyV8 as Javascript engine and removed Spidermonkey (Windows issues).
* Fixes:
- Fixed bug when encrypting/decrypting hexadecimal objects (Thanks to Timo Hirvonen for the feedback)
- Fixed silly bug related to abbreviated PDF Filters
- Fixed bug related to the GNU readline function not handling correctly colorized prompts
- Fixed log_output function, it was storing the previous command output instead of the current one
- Fixed bug in PDFStream to show the stream content when the stream dictionary is empty (Thanks to Nahuel Riva)
- Fixed Issue 12, related to bad JS code parsing due to HTML entities in the XFA form (Thanks to robomotic)
- Fixed Issue 10 related to bad error handling in the PDFFile.decrypt() method
- Fixed Issue 9, related to an uncaught exception when PyV8 is not installed
- Fixed bug in do_metadata() when objects contain /Metadata but they are not really Metadata objects
* Others
- Removed the old redirection method using the "set" command, it is useless now with the shell-like redirection (>, >>, $>, $>>)
* Known issues
- It exists a problem related to the readline module in Mac OS X (it uses editline instead of GNU readline), not handling correctly colorized prompts.
-----------------------------------------------
peepdf Black Hat Vegas (0.2 r156), 2012-07-25
-----------------------------------------------
* New features:
- Added "grinch mode" execution to avoid colorized output
- Added more colors in the interactive console output: warning, errors, important information...
- Changed sctest command, now it's implemented with pylibemu
- Added decrypt command to parse password protected documents
- Modified analyseJS() to extract JS code from XDP packets and unescape HTML entities
- Added function unescapeHTMLEntities() to unescape HTML entities
- Added AES decryption support (128 and 256 bits).
- Added hashes in objects information (info $object_id)
- Added support for decoding CCITTFaxDecode filters (Thanks to @binjo)
* Fixes:
- Fix to show decrypt errors
- Fixed silly bug with /EncryptMetadata element
- Added missing binary file operations
- Fixed Issue 5: Resolved false positives when monitoring some elements like actions, events, etc. (Thanks to @hiddenillusion)
- Bug in PDFStream.decode and PDFStream.encode, dealing with an array of filter parameters (Thanks to @binjo)
-----------------------------------------------
peepdf Black Hat Arsenal (0.1 r92), 2012-03-16
-----------------------------------------------
* New features:
- Added support for more parameters in Flate/LZW decode (stream filters)
- Encryption algorithm now showing in document information
- Added XML output and SHA hash to file information
- Improved unescape function to support mixed escaped formats (eg. "%u6734%34%u8790")
- Added xor and xor_search commands
- Added easy way of redirect console output (>, >>, $>, $>>)
- Added xor function by Evan Fosmark
- Added detection of CVE-2011-4369 (/PRC)
- Added hash command (Thanks to @binjo for code and comments)
- Added js_beautify command
- Update function added
- Added new vulns and showing information related to non JS vulns
- Added escape sequence in the limited output
- Added ascii85 decode from pdfminer to improve code and avoid bugs (Thanks to Brandon Dixon!)
- Added lzwdecode from pdfminer to improve code and avoid bugs
* Fixes:
- Update process rewritten, now based on hashing of files
- Silly bug in computeUserPass function (Thanks to Christian Martorella!)
- Added binary mode in files operations
- Recursion bug in update function
- Minor bug in do_embed function
- Bug to support encoding following PDF specifications (Issue 3 by czchen)
- Bug to handle negative numbers in P element
- Bug in the xref table when creating a new PDF (Issue 2)
- Silly bug when parsing filter parameters
- Bug related to updating objects and statistics of PDF files
- Some bugs related to offsets calculation
- Fixed "replace" function in PDFObjectStream
- Fix in asciiHexDecode filter function
-----------------------------------------------
peepdf 0.1 r15, 2011-05-05
-----------------------------------------------
- Initial Release
This diff is collapsed.
Metadata-Version: 1.0
Name: peepdf
Version: 0.3.6
Summary: UNKNOWN
Home-page: http://eternal-todo.com
Author: Jose Miguel Esparza
Author-email: UNKNOWN
License: GNU GPLv3
Description: UNKNOWN
Platform: UNKNOWN
......@@ -6,6 +6,7 @@ http://twitter.com/peepdf
** Dependencies **
- In order to analyse Javascript code "PyV8" is needed:
http://code.google.com/p/pyv8/
......@@ -17,19 +18,16 @@ http://twitter.com/peepdf
https://github.com/buffer/pylibemu
- To support XML output "lxml" is needed:
http://lxml.de/installation.html
- Included modules: lzw, colorama, jsbeautifier, ccitt, pythonaes (Thanks to all the developers!!)
- Included modules: lzw, ccitt (Thanks to all the developers!!)
** Installation **
No installation is needed apart of the commented dependencies, just execute it!
Run, in peepdf directory
easy_install .
The setup script handles the installation of jsbeautifier, colorama, pythonaes and lxml
** Execution **
......@@ -44,33 +42,35 @@ There are two important options when peepdf is executed:
Shows the statistics of the file after being decoded/decrypted and analysed:
python peepdf.py [options] pdf_file
peepdf.py [options] pdf_file
* Interactive console
Executes the interactive console to let play with the PDF file:
python peepdf.py -i [options] pdf_file
peepdf.py -i [options] pdf_file
If no PDF file is specified it's possible to use the decode/encode/js*/sctest commands and create a new PDF file:
python peepdf.py -i
peepdf.py -i
* Batch execution
It's possible to use a commands file to specify the commands to be executed in the batch mode. This type of execution is good to automatise analysis of several files:
python peepdf.py [options] -s commands_file pdf_file
peepdf.py [options] -s commands_file pdf_file
** Updating **
Just type this and you will be updated to the latest version from the repository:
The option has been desactivated as it is not working for now.
To update, cd to peepdf directory and type:
python peepdf.py -u
git pull origin master
easy_install .
......@@ -111,6 +111,6 @@ Shows the (raw) content of the stream.
** Bugs **
Send me bugs and comments, please!! ;) You can do it via mail (jesparza AT eternal-todo.com) or through Google Code (http://peepdf.googlecode.com).
Send me bugs and comments, please!! ;) You can do it via mail (jesparza AT eternal-todo.com) or through Github (https://github.com/jesparza/peepdf/issues).
Thanks!!
Pending tasks:
- Add detection of more exploits/vulns
- Documentation of methods in PDFCore.py
- Add the rest of supported stream filters (better testing of existent)
- Automatic analysis of embedded PDF files
- Improve the automatic Javascript analysis, getting code from other parts of the documents (getAnnots, etc)
- GUI
- ...
\ No newline at end of file
#!/usr/bin/env python
"""
AES Block Cipher.
Performs single block cipher decipher operations on a 16 element list of integers.
These integers represent 8 bit bytes in a 128 bit block.
The result of cipher or decipher operations is the transformed 16 element list of integers.
Running this file as __main__ will result in a self-test of the algorithm.
Algorithm per NIST FIPS-197 http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Copyright (c) 2010, Adam Newman http://www.caller9.com/
Licensed under the MIT license http://www.opensource.org/licenses/mit-license.php
"""
__author__ = "Adam Newman"
#Normally use relative import. In test mode use local import.
try:from .aes_tables import sbox,i_sbox,galI,galNI
except ValueError:from aes_tables import sbox,i_sbox,galI,galNI
ups=",".join("s%x"%x for x in range(16))
upr=ups.replace("s","r")
mix=",".join(",".join(("g{0}[s%x]^g{1}[s%x]^g{2}[s%x]^g{3}[s%x]^r%x"%(i+(i[0]+(0,3,2,1)[j],))).format(j&3,j+1&3,j+2&3,j+3&3) for j in (0,3,2,1)) for i in ((0,1,2,3),(4,5,6,7),(8,9,10,11),(12,13,14,15))).replace("g2","g").replace("g3","g")
i=mix.find("g[")
while i!=-1:
mix=mix[:i]+mix[i+2:i+4]+mix[i+5:]
i=mix.find("g[",i)
imix=",".join(",".join(("g{0}[s%x]^g{1}[s%x]^g{2}[s%x]^g{3}[s%x]"%i).format(j&3,j+1&3,j+2&3,j+3&3) for j in (0,3,2,1)) for i in ((0,1,2,3),(4,5,6,7),(8,9,10,11),(12,13,14,15)))
csl=["s%x"%(x*5&15) for x in range(16)]
csr=["s%x"%(x*-3&15) for x in range(16)]
box=",".join("s[%s]"%i for i in csl)
ibox=",".join("s[%s]^r%x"%i for i in zip(csr,range(16)))
xor=",".join("s[%s]^r%x"%i for i in zip(csl,range(16)))
xori=";".join("s%x^=r%x"%(i,i) for i in range(16))
ciph="""def decipher_block(f,s):
g0,g1,g2,g3=galNI;ek=f._expanded_key;S=s+[0]*(16-len(s));s=sbox;R=ek[:16];X
for f in range(!16):R=ek[f:f+16];S=B;S=M
R=ek[f+16:]
return """.replace("S",ups).replace("R",upr).replace("X",xori)
class AESCipher:
def __init__(self,expanded_key):
self._expanded_key=expanded_key
self._Nr=len(expanded_key)-16
exec(ciph.replace("g2,g3","").replace("dec","c").replace("!","16,f._Nr,").replace("B",box).replace("M",mix)+xor)
exec(ciph.replace("NI","I").replace(":16","f._Nr:").replace("f+16:",":16").replace("!","f._Nr-16,0,-").replace("sbox","i_sbox").replace("B",ibox).replace("M",imix)+ibox)
import unittest
class TestCipher(unittest.TestCase):
def test_cipher(self):
"""Test AES cipher with all key lengths"""
import test_keys
import key_expander
test_data = test_keys.TestKeys()
for key_size in 128, 192, 256:
test_key_expander = key_expander.KeyExpander(key_size)
test_expanded_key = test_key_expander.expand(test_data.test_key[key_size])
test_cipher = AESCipher(test_expanded_key)
test_result_ciphertext = test_cipher.cipher_block(test_data.test_block_plaintext)
self.assertEquals(len([i for i, j in zip(test_result_ciphertext, test_data.test_block_ciphertext_validated[key_size]) if i == j]),
16,msg='Test %d bit cipher'%key_size)
test_result_plaintext = test_cipher.decipher_block(test_data.test_block_ciphertext_validated[key_size])
self.assertEquals(len([i for i, j in zip(test_result_plaintext, test_data.test_block_plaintext) if i == j]),
16,msg='Test %d bit decipher'%key_size)
if __name__ == "__main__":
unittest.main()
\ No newline at end of file
This diff is collapsed.
#!/usr/bin/env python
"""
CBC Mode of operation
Running this file as __main__ will result in a self-test of the algorithm.
Algorithm per NIST SP 800-38A http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
Copyright (c) 2010, Adam Newman http://www.caller9.com/
Licensed under the MIT license http://www.opensource.org/licenses/mit-license.php
"""
__author__ = "Adam Newman"
class CBCMode:
"""Perform CBC operation on a block and retain IV information for next operation"""
def __init__(self, block_cipher, block_size):
self._block_cipher = block_cipher
self._block_size = block_size
self._iv = [0] * block_size
def set_iv(self, iv):
if len(iv) == self._block_size:
self._iv = iv
def encrypt_block(self, plaintext):
iv=self._iv=self._block_cipher.cipher_block([i ^ j for i,j in zip (plaintext, self._iv)])
return iv
def decrypt_block(self, ciphertext):
plaintext = list(self._block_cipher.decipher_block(ciphertext))
for i,v in enumerate(self._iv):plaintext[i]^=v
self._iv = ciphertext
return plaintext
import unittest
class TestEncryptionMode(unittest.TestCase):
def test_mode(self):
#Self test
import key_expander
import aes_cipher
import test_keys
test_data = test_keys.TestKeys()
test_expander = key_expander.KeyExpander(256)
test_expanded_key = test_expander.expand(test_data.test_mode_key)
test_cipher = aes_cipher.AESCipher(test_expanded_key)
test_cbc = CBCMode(test_cipher, 16)
test_cbc.set_iv(test_data.test_mode_iv)
for k in range(4):
self.assertEquals(len([i for i, j in zip(test_data.test_cbc_ciphertext[k],test_cbc.encrypt_block(test_data.test_mode_plaintext[k])) if i == j]),
16,
msg='CBC encrypt test block %d'%k)
test_cbc.set_iv(test_data.test_mode_iv)
for k in range(4):
self.assertEquals(len([i for i, j in zip(test_data.test_mode_plaintext[k],test_cbc.decrypt_block(test_data.test_cbc_ciphertext[k])) if i == j]),
16,
msg='CBC decrypt test block %d'%k)
if __name__ == "__main__":
unittest.main()
\ No newline at end of file
#!/usr/bin/env python
"""
CFB Mode of operation
Running this file as __main__ will result in a self-test of the algorithm.
Algorithm per NIST SP 800-38A http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
Copyright (c) 2010, Adam Newman http://www.caller9.com/
Licensed under the MIT license http://www.opensource.org/licenses/mit-license.php
"""
__author__ = "Adam Newman"
class CFBMode:
"""Perform CFB operation on a block and retain IV information for next operation"""
def __init__(self, block_cipher, block_size):
self._block_cipher = block_cipher
self._block_size = block_size
self._iv = [0] * block_size
def set_iv(self, iv):
if len(iv) == self._block_size:
self._iv = iv
def encrypt_block(self, plaintext):
cipher_iv = self._block_cipher.cipher_block(self._iv)
iv = self._iv = [i ^ j for i,j in zip (plaintext, cipher_iv)]
return iv
def decrypt_block(self, ciphertext):
cipher_iv = self._block_cipher.cipher_block(self._iv)
self._iv = ciphertext
return [i ^ j for i,j in zip (cipher_iv, ciphertext)]
import unittest
class TestEncryptionMode(unittest.TestCase):
def test_mode(self):
#Self test
import key_expander
import aes_cipher
import test_keys
test_data = test_keys.TestKeys()
test_expander = key_expander.KeyExpander(256)
test_expanded_key = test_expander.expand(test_data.test_mode_key)
test_cipher = aes_cipher.AESCipher(test_expanded_key)
test_cfb = CFBMode(test_cipher, 16)
test_cfb.set_iv(test_data.test_mode_iv)
for k in range(4):
self.assertEquals(len([i for i, j in zip(test_data.test_cfb_ciphertext[k],test_cfb.encrypt_block(test_data.test_mode_plaintext[k])) if i == j]),
16,
msg='CFB encrypt test block' + str(k))
test_cfb.set_iv(test_data.test_mode_iv)
for k in range(4):
self.assertEquals(len([i for i, j in zip(test_data.test_mode_plaintext[k],test_cfb.decrypt_block(test_data.test_cfb_ciphertext[k])) if i == j]),
16,
msg='CFB decrypt test block' + str(k))
if __name__ == "__main__":
unittest.main()
#!/usr/bin/env python
"""
AES Key Expansion.
Expands 128, 192, or 256 bit key for use with AES
Running this file as __main__ will result in a self-test of the algorithm.
Algorithm per NIST FIPS-197 http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Copyright (c) 2010, Adam Newman http://www.caller9.com/
Licensed under the MIT license http://www.opensource.org/licenses/mit-license.php
"""
__author__ = "Adam Newman"
#Normally use relative import. In test mode use local import.
try:from .aes_tables import sbox,rcon
except ValueError:from aes_tables import sbox,rcon
from operator import xor
class KeyExpander:
"""Perform AES Key Expansion"""
_expanded_key_length = {128 : 176, 192 : 208, 256 : 240}
def __init__(self, key_length):
self._key_length = key_length
self._n = key_length>>3
if key_length in self._expanded_key_length:
self._b = self._expanded_key_length[key_length]
else:
raise LookupError('Invalid Key Size')
def expand(self, new_key):
"""
Expand the encryption key per AES key schedule specifications
http://en.wikipedia.org/wiki/Rijndael_key_schedule#Key_schedule_description
"""
#First n bytes are copied from key
len_new_key = len(new_key)
if len_new_key != self._n:
raise RuntimeError('expand(): key size is invalid')
rcon_iter = 1
nex=new_key.extend
#Grow the key until it is the correct length
while 1:
#Copy last 4 bytes of extended key, apply core, increment i(rcon_iter),
#core Append the list of elements 1-3 and list comprised of element 0 (circular rotate left)
#core For each element of this new list, put the result of sbox into output array.
#xor with 4 bytes n bytes from end of extended key
keyarr=[sbox[i] for i in new_key[-3:]+new_key[-4:-3]]
#First byte of output array is XORed with rcon(iter)
keyarr[0] ^= rcon[rcon_iter]
nex(map(xor,keyarr, new_key[-self._n:4-self._n]))
rcon_iter += 1
len_new_key += 4
#Run three passes of 4 byte expansion using copy of 4 byte tail of extended key
#which is then xor'd with 4 bytes n bytes from end of extended key
for j in 0,1,2:
nex(map(xor,new_key[-4:], new_key[-self._n:4-self._n]))
len_new_key += 4
if len_new_key >= self._b:return new_key
else:
#If key length is 256 and key is not complete, add 4 bytes tail of extended key
#run through sbox before xor with 4 bytes n bytes from end of extended key
if self._key_length == 256:
nex(map(xor,[sbox[x] for x in new_key[-4:]], new_key[-self._n:4-self._n]))
len_new_key += 4
if len_new_key >= self._b:return new_key
#If key length is 192 or 256 and key is not complete, run 2 or 3 passes respectively
#of 4 byte tail of extended key xor with 4 bytes n bytes from end of extended key
if self._key_length != 128:
for j in ((0,1) if self._key_length == 192 else (0,1,2)):
nex(map(xor,new_key[-4:], new_key[-self._n:4-self._n]))
len_new_key += 4
if len_new_key >= self._b:return new_key
import unittest
class TestKeyExpander(unittest.TestCase):
def test_keys(self):
"""Test All Key Expansions"""
import test_keys
test_data = test_keys.TestKeys()
for key_size in 128, 192, 256:
test_expander = KeyExpander(key_size)
test_expanded_key = test_expander.expand(test_data.test_key[key_size])
self.assertEqual (len([i for i, j in zip(test_expanded_key, test_data.test_expanded_key_validated[key_size]) if i == j]),
len(test_data.test_expanded_key_validated[key_size]),
msg='Key expansion ' + str(key_size) + ' bit')
if __name__ == "__main__":
unittest.main()
\ No newline at end of file
#!/usr/bin/env python
"""
OFB Mode of operation
Running this file as __main__ will result in a self-test of the algorithm.
Algorithm per NIST SP 800-38A http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
Copyright (c) 2010, Adam Newman http://www.caller9.com/
Licensed under the MIT license http://www.opensource.org/licenses/mit-license.php
"""
__author__ = "Adam Newman"
class OFBMode:
"""Perform OFB operation on a block and retain IV information for next operation"""
def __init__(self, block_cipher, block_size):
self._block_cipher = block_cipher
self._block_size = block_size
self._iv = [0] * block_size
def set_iv(self, iv):
if len(iv) == self._block_size:
self._iv = iv
def encrypt_block(self, plaintext):
self._iv = cipher_iv = self._block_cipher.cipher_block(self._iv)
return [i ^ j for i,j in zip (plaintext, cipher_iv)]
def decrypt_block(self, ciphertext):
self._iv = cipher_iv = self._block_cipher.cipher_block(self._iv)
return [i ^ j for i,j in zip (cipher_iv, ciphertext)]
import unittest
class TestEncryptionMode(unittest.TestCase):
def test_mode(self):
#Self test
import key_expander
import aes_cipher
import test_keys
test_data = test_keys.TestKeys()
test_expander = key_expander.KeyExpander(256)
test_expanded_key = test_expander.expand(test_data.test_mode_key)
test_cipher = aes_cipher.AESCipher(test_expanded_key)
test_ofb = OFBMode(test_cipher, 16)
test_ofb.set_iv(test_data.test_mode_iv)
for k in range(4):
self.assertEquals(len([i for i, j in zip(test_data.test_ofb_ciphertext[k],test_ofb.encrypt_block(test_data.test_mode_plaintext[k])) if i == j]),
16,
msg='OFB encrypt test block' + str(k))
test_ofb.set_iv(test_data.test_mode_iv)
for k in range(4):
self.assertEquals(len([i for i, j in zip(test_data.test_mode_plaintext[k],test_ofb.decrypt_block(test_data.test_ofb_ciphertext[k])) if i == j]),
16,
msg='OFB decrypt test block' + str(k))
if __name__ == "__main__":
unittest.main()
\ No newline at end of file
"""
Test keys and data for self-test operations.
Test data from:
NIST SP 800-38A http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
NIST FIPS-197 http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Copyright (c) 2010, Adam Newman http://www.caller9.com/
Licensed under the MIT license http://www.opensource.org/licenses/mit-license.php
"""
__author__ = "Adam Newman"
class TestKeys:
"""Test data, keys, IVs, and output to use in self-tests"""
test_key = {
128 : [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f]
, 192 : [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17]
, 256 : [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f]
}
test_expanded_key_validated = {
128 : [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0xd6, 0xaa, 0x74, 0xfd, 0xd2, 0xaf, 0x72, 0xfa, 0xda, 0xa6, 0x78, 0xf1, 0xd6, 0xab, 0x76, 0xfe,
0xb6, 0x92, 0xcf, 0x0b, 0x64, 0x3d, 0xbd, 0xf1, 0xbe, 0x9b, 0xc5, 0x00, 0x68, 0x30, 0xb3, 0xfe,
0xb6, 0xff, 0x74, 0x4e, 0xd2, 0xc2, 0xc9, 0xbf, 0x6c, 0x59, 0x0c, 0xbf, 0x04, 0x69, 0xbf, 0x41,
0x47, 0xf7, 0xf7, 0xbc, 0x95, 0x35, 0x3e, 0x03, 0xf9, 0x6c, 0x32, 0xbc, 0xfd, 0x05, 0x8d, 0xfd,
0x3c, 0xaa, 0xa3, 0xe8, 0xa9, 0x9f, 0x9d, 0xeb, 0x50, 0xf3, 0xaf, 0x57, 0xad, 0xf6, 0x22, 0xaa,
0x5e, 0x39, 0x0f, 0x7d, 0xf7, 0xa6, 0x92, 0x96, 0xa7, 0x55, 0x3d, 0xc1, 0x0a, 0xa3, 0x1f, 0x6b,
0x14, 0xf9, 0x70, 0x1a, 0xe3, 0x5f, 0xe2, 0x8c, 0x44, 0x0a, 0xdf, 0x4d, 0x4e, 0xa9, 0xc0, 0x26,
0x47, 0x43, 0x87, 0x35, 0xa4, 0x1c, 0x65, 0xb9, 0xe0, 0x16, 0xba, 0xf4, 0xae, 0xbf, 0x7a, 0xd2,
0x54, 0x99, 0x32, 0xd1, 0xf0, 0x85, 0x57, 0x68, 0x10, 0x93, 0xed, 0x9c, 0xbe, 0x2c, 0x97, 0x4e,
0x13, 0x11, 0x1d, 0x7f, 0xe3, 0x94, 0x4a, 0x17, 0xf3, 0x07, 0xa7, 0x8b, 0x4d, 0x2b, 0x30, 0xc5]
, 192 : [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x58, 0x46, 0xf2, 0xf9, 0x5c, 0x43, 0xf4, 0xfe,
0x54, 0x4a, 0xfe, 0xf5, 0x58, 0x47, 0xf0, 0xfa, 0x48, 0x56, 0xe2, 0xe9, 0x5c, 0x43, 0xf4, 0xfe,
0x40, 0xf9, 0x49, 0xb3, 0x1c, 0xba, 0xbd, 0x4d, 0x48, 0xf0, 0x43, 0xb8, 0x10, 0xb7, 0xb3, 0x42,
0x58, 0xe1, 0x51, 0xab, 0x04, 0xa2, 0xa5, 0x55, 0x7e, 0xff, 0xb5, 0x41, 0x62, 0x45, 0x08, 0x0c,
0x2a, 0xb5, 0x4b, 0xb4, 0x3a, 0x02, 0xf8, 0xf6, 0x62, 0xe3, 0xa9, 0x5d, 0x66, 0x41, 0x0c, 0x08,
0xf5, 0x01, 0x85, 0x72, 0x97, 0x44, 0x8d, 0x7e, 0xbd, 0xf1, 0xc6, 0xca, 0x87, 0xf3, 0x3e, 0x3c,
0xe5, 0x10, 0x97, 0x61, 0x83, 0x51, 0x9b, 0x69, 0x34, 0x15, 0x7c, 0x9e, 0xa3, 0x51, 0xf1, 0xe0,
0x1e, 0xa0, 0x37, 0x2a, 0x99, 0x53, 0x09, 0x16, 0x7c, 0x43, 0x9e, 0x77, 0xff, 0x12, 0x05, 0x1e,
0xdd, 0x7e, 0x0e, 0x88, 0x7e, 0x2f, 0xff, 0x68, 0x60, 0x8f, 0xc8, 0x42, 0xf9, 0xdc, 0xc1, 0x54,
0x85, 0x9f, 0x5f, 0x23, 0x7a, 0x8d, 0x5a, 0x3d, 0xc0, 0xc0, 0x29, 0x52, 0xbe, 0xef, 0xd6, 0x3a,
0xde, 0x60, 0x1e, 0x78, 0x27, 0xbc, 0xdf, 0x2c, 0xa2, 0x23, 0x80, 0x0f, 0xd8, 0xae, 0xda, 0x32,
0xa4, 0x97, 0x0a, 0x33, 0x1a, 0x78, 0xdc, 0x09, 0xc4, 0x18, 0xc2, 0x71, 0xe3, 0xa4, 0x1d, 0x5d]
, 256 : [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0xa5, 0x73, 0xc2, 0x9f, 0xa1, 0x76, 0xc4, 0x98, 0xa9, 0x7f, 0xce, 0x93, 0xa5, 0x72, 0xc0, 0x9c,
0x16, 0x51, 0xa8, 0xcd, 0x02, 0x44, 0xbe, 0xda, 0x1a, 0x5d, 0xa4, 0xc1, 0x06, 0x40, 0xba, 0xde,
0xae, 0x87, 0xdf, 0xf0, 0x0f, 0xf1, 0x1b, 0x68, 0xa6, 0x8e, 0xd5, 0xfb, 0x03, 0xfc, 0x15, 0x67,
0x6d, 0xe1, 0xf1, 0x48, 0x6f, 0xa5, 0x4f, 0x92, 0x75, 0xf8, 0xeb, 0x53, 0x73, 0xb8, 0x51, 0x8d,
0xc6, 0x56, 0x82, 0x7f, 0xc9, 0xa7, 0x99, 0x17, 0x6f, 0x29, 0x4c, 0xec, 0x6c, 0xd5, 0x59, 0x8b,
0x3d, 0xe2, 0x3a, 0x75, 0x52, 0x47, 0x75, 0xe7, 0x27, 0xbf, 0x9e, 0xb4, 0x54, 0x07, 0xcf, 0x39,
0x0b, 0xdc, 0x90, 0x5f, 0xc2, 0x7b, 0x09, 0x48, 0xad, 0x52, 0x45, 0xa4, 0xc1, 0x87, 0x1c, 0x2f,
0x45, 0xf5, 0xa6, 0x60, 0x17, 0xb2, 0xd3, 0x87, 0x30, 0x0d, 0x4d, 0x33, 0x64, 0x0a, 0x82, 0x0a,
0x7c, 0xcf, 0xf7, 0x1c, 0xbe, 0xb4, 0xfe, 0x54, 0x13, 0xe6, 0xbb, 0xf0, 0xd2, 0x61, 0xa7, 0xdf,
0xf0, 0x1a, 0xfa, 0xfe, 0xe7, 0xa8, 0x29, 0x79, 0xd7, 0xa5, 0x64, 0x4a, 0xb3, 0xaf, 0xe6, 0x40,
0x25, 0x41, 0xfe, 0x71, 0x9b, 0xf5, 0x00, 0x25, 0x88, 0x13, 0xbb, 0xd5, 0x5a, 0x72, 0x1c, 0x0a,
0x4e, 0x5a, 0x66, 0x99, 0xa9, 0xf2, 0x4f, 0xe0, 0x7e, 0x57, 0x2b, 0xaa, 0xcd, 0xf8, 0xcd, 0xea,
0x24, 0xfc, 0x79, 0xcc, 0xbf, 0x09, 0x79, 0xe9, 0x37, 0x1a, 0xc2, 0x3c, 0x6d, 0x68, 0xde, 0x36]
}
test_block_ciphertext_validated = {
128 : [
0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30, 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a]
, 192 : [
0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0, 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91]
, 256 : [
0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf, 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89]
}
test_block_plaintext = [
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff]
#After initial validation, these deviated from test in SP 800-38A to use same key, iv, and plaintext on tests.
#Still valid, just easier to test with.
test_mode_key= [
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4]
test_mode_iv = [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f]
test_mode_plaintext = [
[0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a],
[0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51],
[0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef],
[0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10]]
test_cbc_ciphertext = [
[0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6],
[0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d, 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d],
[0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf, 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61],
[0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc, 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b]]
test_cfb_ciphertext = [
[0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60],
[0x39, 0xff, 0xed, 0x14, 0x3b, 0x28, 0xb1, 0xc8, 0x32, 0x11, 0x3c, 0x63, 0x31, 0xe5, 0x40, 0x7b],
[0xdf</