SSH中的Python密码学AES-CTR
现在,我试图(出于教育原因)尝试实施SSH实施,并试图正确获得AES-CTR模式。我将使用Scapy与密码学一起使用。我知道我的明文是正确的,因为它在CBC模式下起作用,并且在CTR上保持不变。
但是,当我加密和解密第一个数据包时,服务器可以由服务器处理,但是之后的所有内容都是错误的。我很确定我的错误在IV(计数器)范围的某个地方,但我无法理解。 我需要自己递增静脉注射吗?我尝试了,它没有用:(
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
class _SSH_Streamcipher:
def __init__(self, key, iv, algorithm, mode, block_length=None, key_length=None):
self.algorithm = algorithm
self.mode = mode
self.block_length = block_length
self.key_length = key_length
self.key = key[:self.key_length]
self.iv = iv[:self.block_length]
self._cipher = Cipher(self.algorithm(self.key), self.mode(self.iv))
# for stream ciphers and aes with ctr mode we need both of them the whole time
self.decryptor = None
self.encryptor = None
def encrypt(self, data: bytes) -> bytes:
if self.encryptor is None:
self.encryptor = self._cipher.encryptor()
ciphertext = self.encryptor.update(data)
return ciphertext
def decrypt(self, data: bytes) -> bytes:
if self.decryptor is None:
self.decryptor = self._cipher.decryptor()
ciphertext = self.decryptor.update(data)
return ciphertext
class SSH_Cipher_AES_256_CTR(_SSH_Streamcipher):
def __init__(self, key, iv):
super(SSH_Cipher_AES_256_CTR, self).__init__(key, iv,
algorithm=algorithms.AES,
mode=modes.CTR,
block_length=16, key_length=32)
right now im trying to implement an SSH implementation (for educational reasons) and im trying to get the aes-ctr mode right. Im using scapy together with cryptography. I know my Plaintext is correct, because its working in the cbc mode and stays the same for ctr.
However when im encrypting and decrypting the first packet is right and can be handled by the server, but everything after that is false. Im pretty sure my mistake is somewhere at the iv (counter) range, but i cant get it.
Do i need to increment the iv by myself? I tried it and it didnt work :(
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
class _SSH_Streamcipher:
def __init__(self, key, iv, algorithm, mode, block_length=None, key_length=None):
self.algorithm = algorithm
self.mode = mode
self.block_length = block_length
self.key_length = key_length
self.key = key[:self.key_length]
self.iv = iv[:self.block_length]
self._cipher = Cipher(self.algorithm(self.key), self.mode(self.iv))
# for stream ciphers and aes with ctr mode we need both of them the whole time
self.decryptor = None
self.encryptor = None
def encrypt(self, data: bytes) -> bytes:
if self.encryptor is None:
self.encryptor = self._cipher.encryptor()
ciphertext = self.encryptor.update(data)
return ciphertext
def decrypt(self, data: bytes) -> bytes:
if self.decryptor is None:
self.decryptor = self._cipher.decryptor()
ciphertext = self.decryptor.update(data)
return ciphertext
class SSH_Cipher_AES_256_CTR(_SSH_Streamcipher):
def __init__(self, key, iv):
super(SSH_Cipher_AES_256_CTR, self).__init__(key, iv,
algorithm=algorithms.AES,
mode=modes.CTR,
block_length=16, key_length=32)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
几个小时后我自己回答的问题。整体布局的错误实施
question answered by myself after many hours. wrong implementation of the overall layout