Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenSSL Lua library not working as expected with aes-128-cfb #2640

Closed
lucasbritos opened this issue May 11, 2023 · 2 comments
Closed

OpenSSL Lua library not working as expected with aes-128-cfb #2640

lucasbritos opened this issue May 11, 2023 · 2 comments
Assignees

Comments

@lucasbritos
Copy link

lucasbritos commented May 11, 2023

Describe the bug
Openssl lua library doesnt generate the expected encrypted message for "aes-128-cfb" cypher compared to OS openssl (see evidence). It works perfectly for "des-cbc".
I tried to be as minimalistic/representative as possible with the examples, I have scripts/full example if needed.
Im 100% confident the expected encrypted messages are right, based on wireshark encrypted/decrypted messages. I have those if needed also.
Just in case, padding is not added in AES-128-CFB bc is not needed (anyway doesn't works). Im following rfc3414/rfc3826 to implement this.

To Reproduce

--- AES-128-CFB ---

NSE Script

local scopedPdu = stdnse.fromhex("3025040580003a8c040400a11a020430830404020100020100300c300a06062b06010201010500")

local encryptionKey = stdnse.fromhex("626f1f3a9cc13f35d01098c5777cb767")

local iv = stdnse.fromhex("0000000000000000dd7dd2201e33213a")
local encrypted = openssl.encrypt("aes-128-cfb", encryptionKey, iv, scopedPdu)
stdnse.pretty_printer(stdnse.tohex(encrypted))

-- "21a75f66bd6080670afd20ac1d505a38c58299d7058caab0210031f6459dce4b882690e92e6075"
-- expected
-- "1f363c2d3513423fee7c80090ca7bc48cc2611f8350023c6076f88029b094fc6ae2e13a139b698"

As you can see Lua differs from expected, see below openssl run from OS and is OK.

OpenSSL

echo -n 3025040580003a8c040400a11a020430830404020100020100300c300a06062b06010201010500 | xxd -r -p | openssl enc -aes-128-cfb -K 626f1f3a9cc13f35d01098c5777cb767 -iv 0000000000000000dd7dd2201e33213a -nopad | xxd -p
1f363c2d3513423fee7c80090ca7bc48cc2611f8350023c6076f88029b09
4fc6ae2e13a139b698

--- DES-CBC ---

NSE Script

local scopedPdu = stdnse.fromhex("3017040580003a8c040400a00c020275de0201000201003000")
local encryptionKey = stdnse.fromhex("626f1f3a9cc13f35")
local iv = stdnse.fromhex("d01098c489e3fbdc")

local encrypted = openssl.encrypt("des-cbc", encryptionKey, iv, scopedPdu, true)
stdnse.pretty_printer(stdnse.tohex(encrypted))

-- "14eb64bed368ec8dfb7fcc2f8ea4a5f1b7f295eaea4d567a5d90d33cd52257e3"
-- expected
-- "14eb64bed368ec8dfb7fcc2f8ea4a5f1b7f295eaea4d567a5d90d33cd52257e3"

As you can see Lua works fine and OpenSSL also.

OpenSSL

echo -n 3017040580003a8c040400a00c020275de0201000201003000 | xxd -r -p | openssl enc -des-cbc -K 626f1f3a9cc13f35 -iv d01098c489e3fbdc | xxd -p
14eb64bed368ec8dfb7fcc2f8ea4a5f1b7f295eaea4d567a5d90d33cd522
57e3

Expected behavior
As i mentioned, the expected messages are in the above examples.

Version info (please complete the following information):

  • OS:
    Ubuntu 20 LTS
  • Output of nmap --version:
Nmap version 7.93 ( https://nmap.org )
Platform: x86_64-redhat-linux-gnu
Compiled with: nmap-liblua-5.3.6 openssl-3.0.5 nmap-libssh2-1.10.0 nmap-libz-1.2.12 nmap-libpcre-7.6 nmap-libpcap-1.10.1 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select
  • Output of nmap --iflist
Starting Nmap 7.93 ( https://nmap.org ) at 2023-05-10 23:24 -03
************************INTERFACES************************
DEV             (SHORT)           IP/MASK                      TYPE        UP MTU   MAC
lo              (lo)              127.0.0.1/8                  loopback    up 65536
lo              (lo)              ::1/128                      loopback    up 65536
enp2s0f0        (enp2s0f0)        (none)/0                     ethernet    up 1500  84:A9:38:97:F8:9A
enp5s0          (enp5s0)          (none)/0                     ethernet    up 1500  84:A9:38:97:F8:99
wlp3s0          (wlp3s0)          192.168.88.10/24             ethernet    up 1500  E0:0A:F6:51:AD:89
wlp3s0          (wlp3s0)          fe80::9e1c:5f54:2dc4:bf79/64 ethernet    up 1500  E0:0A:F6:51:AD:89
enxf8ce720a583a (enxf8ce720a583a) (none)/0                     ethernet    up 1500  F8:CE:72:0A:58:3A
br-8e597b0711e4 (br-8e597b0711e4) 172.19.0.1/16                ethernet    up 1500  02:42:5F:E5:49:81
br-8e597b0711e4 (br-8e597b0711e4) fe80::42:5fff:fee5:4981/64   ethernet    up 1500  02:42:5F:E5:49:81
docker0         (docker0)         172.17.0.1/16                ethernet    up 1500  02:42:99:80:05:B3
docker0         (docker0)         fe80::42:99ff:fe80:5b3/64    ethernet    up 1500  02:42:99:80:05:B3
br-fb8efe4686e8 (br-fb8efe4686e8) 172.29.0.1/16                ethernet    up 1500  02:42:3C:04:0C:65
vethbdd09b7     (vethbdd09b7)     (none)/0                     ethernet    up 1500  E2:FF:4A:AE:18:FE
vethbdd09b7     (vethbdd09b7)     fe80::e0ff:4aff:feae:18fe/64 ethernet    up 1500  E2:FF:4A:AE:18:FE
tun0            (tun0)            172.16.0.173/24              point2point up 1500
tun0            (tun0)            fe80::316e:f254:284d:caa3/64 point2point up 1500
br-62095ea4b43a (br-62095ea4b43a) 172.21.0.1/16                ethernet    up 1500  02:42:A5:CD:64:B3
br-62095ea4b43a (br-62095ea4b43a) fe80::42:a5ff:fecd:64b3/64   ethernet    up 1500  02:42:A5:CD:64:B3
vethabfa40d     (vethabfa40d)     (none)/0                     ethernet    up 1500  CE:D0:BD:EB:10:65
vethabfa40d     (vethabfa40d)     fe80::ccd0:bdff:feeb:1065/64 ethernet    up 1500  CE:D0:BD:EB:10:65
veth3d41eb9     (veth3d41eb9)     (none)/0                     ethernet    up 1500  B2:0A:7E:7C:83:54
veth3d41eb9     (veth3d41eb9)     fe80::b00a:7eff:fe7c:8354/64 ethernet    up 1500  B2:0A:7E:7C:83:54
vetha13f819     (vetha13f819)     (none)/0                     ethernet    up 1500  C2:22:33:26:DB:9F
vetha13f819     (vetha13f819)     fe80::c022:33ff:fe26:db9f/64 ethernet    up 1500  C2:22:33:26:DB:9F
veth1a669be     (veth1a669be)     (none)/0                     ethernet    up 1500  92:09:82:FA:23:DD
veth1a669be     (veth1a669be)     fe80::9009:82ff:fefa:23dd/64 ethernet    up 1500  92:09:82:FA:23:DD
vethbd1eeaa     (vethbd1eeaa)     (none)/0                     ethernet    up 1500  D2:6B:71:B2:E7:45
vethbd1eeaa     (vethbd1eeaa)     fe80::d06b:71ff:feb2:e745/64 ethernet    up 1500  D2:6B:71:B2:E7:45
vethb5fe6a1     (vethb5fe6a1)     (none)/0                     ethernet    up 1500  E6:DE:E0:43:8C:DD
vethb5fe6a1     (vethb5fe6a1)     fe80::e4de:e0ff:fe43:8cdd/64 ethernet    up 1500  E6:DE:E0:43:8C:DD
veth0ed80b7     (veth0ed80b7)     (none)/0                     ethernet    up 1500  4E:EE:6B:3A:1E:F9
veth0ed80b7     (veth0ed80b7)     fe80::4cee:6bff:fe3a:1ef9/64 ethernet    up 1500  4E:EE:6B:3A:1E:F9
vethca6a032     (vethca6a032)     (none)/0                     ethernet    up 1500  86:A3:2C:49:01:6E
vethca6a032     (vethca6a032)     fe80::84a3:2cff:fe49:16e/64  ethernet    up 1500  86:A3:2C:49:01:6E
vetha3a137b     (vetha3a137b)     (none)/0                     ethernet    up 1500  36:8B:2B:0A:53:F6
vetha3a137b     (vetha3a137b)     fe80::348b:2bff:fe0a:53f6/64 ethernet    up 1500  36:8B:2B:0A:53:F6
vethafe6a14     (vethafe6a14)     (none)/0                     ethernet    up 1500  4A:EA:90:66:27:63
vethafe6a14     (vethafe6a14)     fe80::48ea:90ff:fe66:2763/64 ethernet    up 1500  4A:EA:90:66:27:63

**************************ROUTES**************************
DST/MASK                      DEV             METRIC GATEWAY
54.172.125.238/32             wlp3s0          600    192.168.88.1
192.168.88.1/32               wlp3s0          600
10.0.0.0/24                   tun0            50     172.16.0.1
10.0.1.0/24                   tun0            50     172.16.0.1
10.0.2.0/24                   tun0            50     172.16.0.1
10.0.128.0/24                 tun0            50     172.16.0.1
10.0.129.0/24                 tun0            50     172.16.0.1
10.0.130.0/24                 tun0            50     172.16.0.1
172.16.0.0/24                 tun0            50
192.168.88.0/24               wlp3s0          600
10.10.98.0/23                 tun0            50     172.16.0.1
10.10.200.0/23                tun0            50     172.16.0.1
10.10.210.0/23                tun0            50     172.16.0.1
10.0.64.0/20                  tun0            50     172.16.0.1
10.0.80.0/20                  tun0            50     172.16.0.1
10.0.96.0/20                  tun0            50     172.16.0.1
10.1.64.0/20                  tun0            50     172.16.0.1
10.1.80.0/20                  tun0            50     172.16.0.1
10.1.96.0/20                  tun0            50     172.16.0.1
10.3.64.0/20                  tun0            50     172.16.0.1
10.3.80.0/20                  tun0            50     172.16.0.1
10.3.96.0/20                  tun0            50     172.16.0.1
172.17.0.0/16                 docker0         0
172.19.0.0/16                 br-8e597b0711e4 0
172.21.0.0/16                 br-62095ea4b43a 0
172.29.0.0/16                 br-fb8efe4686e8 0
10.1.0.0/16                   tun0            50     172.16.0.1
10.3.0.0/16                   tun0            50     172.16.0.1
10.6.0.0/16                   tun0            50     172.16.0.1
169.254.0.0/16                wlp3s0          1000
0.0.0.0/0                     wlp3s0          600    192.168.88.1
::1/128                       lo              0
fe80::42:5fff:fee5:4981/128   br-8e597b0711e4 0
fe80::42:99ff:fe80:5b3/128    docker0         0
fe80::42:a5ff:fecd:64b3/128   br-62095ea4b43a 0
fe80::316e:f254:284d:caa3/128 tun0            0
fe80::348b:2bff:fe0a:53f6/128 vetha3a137b     0
fe80::48ea:90ff:fe66:2763/128 vethafe6a14     0
fe80::4cee:6bff:fe3a:1ef9/128 veth0ed80b7     0
fe80::84a3:2cff:fe49:16e/128  vethca6a032     0
fe80::9009:82ff:fefa:23dd/128 veth1a669be     0
fe80::9e1c:5f54:2dc4:bf79/128 wlp3s0          0
fe80::b00a:7eff:fe7c:8354/128 veth3d41eb9     0
fe80::c022:33ff:fe26:db9f/128 vetha13f819     0
fe80::ccd0:bdff:feeb:1065/128 vethabfa40d     0
fe80::d06b:71ff:feb2:e745/128 vethbd1eeaa     0
fe80::e0ff:4aff:feae:18fe/128 vethbdd09b7     0
fe80::e4de:e0ff:fe43:8cdd/128 vethb5fe6a1     0
::1/128                       lo              256
fe80::/64                     vethbdd09b7     256
fe80::/64                     br-8e597b0711e4 256
fe80::/64                     tun0            256
fe80::/64                     br-62095ea4b43a 256
fe80::/64                     veth3d41eb9     256
fe80::/64                     vethabfa40d     256
fe80::/64                     vethb5fe6a1     256
fe80::/64                     veth1a669be     256
fe80::/64                     vetha13f819     256
fe80::/64                     vethbd1eeaa     256
fe80::/64                     vethca6a032     256
fe80::/64                     veth0ed80b7     256
fe80::/64                     vetha3a137b     256
fe80::/64                     docker0         256
fe80::/64                     vethafe6a14     256
fe80::/64                     wlp3s0          600
ff00::/8                      wlp3s0          256
ff00::/8                      vethbdd09b7     256
ff00::/8                      br-8e597b0711e4 256
ff00::/8                      tun0            256
ff00::/8                      br-62095ea4b43a 256
ff00::/8                      veth3d41eb9     256
ff00::/8                      vethabfa40d     256
ff00::/8                      vethb5fe6a1     256
ff00::/8                      veth1a669be     256
ff00::/8                      vetha13f819     256
ff00::/8                      vethbd1eeaa     256
ff00::/8                      vethca6a032     256
ff00::/8                      veth0ed80b7     256
ff00::/8                      vetha3a137b     256
ff00::/8                      docker0         256
ff00::/8                      vethafe6a14     256
@lucasbritos
Copy link
Author

lucasbritos commented Jul 13, 2023

Looks like the issue is on the wrapper. Elsewhere i try this operation works fine, except openssl nmap.

In python:

from Crypto.Cipher import AES
import binascii
key = binascii.unhexlify('626f1f3a9cc13f35d01098c5777cb767')
iv = binascii.unhexlify('0000000000000000dd7dd2201e33213a')
encryptor = AES.new(key, AES.MODE_CFB, IV=iv, segment_size=128)

text = binascii.unhexlify('3025040580003a8c040400a11a020430830404020100020100300c300a06062b06010201010500')
ciphertext = encryptor.encrypt(text)
print(binascii.hexlify(ciphertext).upper())
## b'1F363C2D3513423FEE7C80090CA7BC48CC2611F8350023C6076F88029B094FC6AE2E13A139B698'

Is there a possible workarround for this?

@nnposter nnposter self-assigned this Sep 3, 2024
@nnposter nnposter added bug NSE and removed Nmap labels Sep 3, 2024
@nnposter
Copy link

nnposter commented Sep 4, 2024

PR #2928 should rectify the issue.

@nnposter nnposter linked a pull request Sep 9, 2024 that will close this issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants