From 620f53145792f038bfee9bd40a7b9a971ca0f287 Mon Sep 17 00:00:00 2001 From: rsiddharth Date: Wed, 9 Dec 2020 21:56:49 -0500 Subject: lib/oracle.go: add OracleAESRandomEncrypt --- lib/oracle.go | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 lib/oracle.go diff --git a/lib/oracle.go b/lib/oracle.go new file mode 100644 index 0000000..a77793a --- /dev/null +++ b/lib/oracle.go @@ -0,0 +1,68 @@ +// Copyright © 2020 rsiddharth +// SPDX-License-Identifier: ISC + +package lib + +import ( + "crypto/rand" + "math/big" +) + +// Given an input `in`, this function AES encrypts `in` using a +// randomly generate 16-byte key using ECB or CBC mode and returns the +// cipher. +func OracleAESRandomEncrypt(in []byte) []byte { + // Generate random key. + key := make([]byte, 16) + _, err := rand.Read(key) + if err != nil { + panic(err) + } + // Generate random initialization vector; needed for AES CBC. + iv := make([]byte, 16) + _, err = rand.Read(iv) + if err != nil { + panic(err) + } + + // Add 5-10 bytes at the beginning and end of `in` + in = append(randomBytes(5, 10), in...) + in = append(in, randomBytes(5, 10)...) + + // Randomly encrypt `in` with AES in ECB or CBC mode. + m, err := rand.Int(rand.Reader, big.NewInt(2)) + if err != nil { + panic(err) + } + var out []byte + if m.Int64() == 0 { + // Encrypt with AES in ECB mode. + out = AESEncryptECB(in, key) + } else { + // Encrypt with AES in CBC mode. + out = AESEncryptCBC(in, key, iv) + } + return out +} + +// Randomly generates `min` to `max` bytes. +func randomBytes(min, max int64) []byte { + var rn *big.Int + var err error + for { + rn, err = rand.Int(rand.Reader, big.NewInt(max+1)) + if err != nil { + panic(err) + } + if rn.Int64() >= min { + break + } + } + + bs := make([]byte, rn.Int64()) + _, err = rand.Read(bs) + if err != nil { + panic(err) + } + return bs +} -- cgit v1.2.3