k1 for ffff, diagrams int ext

author: cyfraeviolae <cyfraeviolae> 2022-08-28 02:32:00 -0400
committer: cyfraeviolae <cyfraeviolae> 2022-08-28 02:32:00 -0400
commit: c6d2859dd229d6ad058440feac910b9905a761d7 (patch)
tree: 884b4aa604841ccc72ce63d10067ef15744193c9 /aesgcmanalysis.py
parent: 4ab74d6a630b3a8b74bd1f96f00309d157844c43 (diff)
1 files changed, 6 insertions, 9 deletions
diff --git a/aesgcmanalysis.py b/aesgcmanalysis.py
index 13bfca3..b73960e 100644
--- a/aesgcmanalysis.py
+++ b/aesgcmanalysis.py
@@ -828,25 +828,22 @@ def key_search(nonce, init_bytes1, init_bytes2):
 
 def att_merge_jpg_bmp(jpg, bmp, aad):
     # Precomputed with key_search; works for any files
-    k1 = unhexlify('5c3cb198432b0903e58de9c9647bd241')
-    k2 = unhexlify('df923ae8976230008a081d23205d7a4f')
+    k1 = unhexlify('8007941455b5af579bb12fff92ef31a3')
+    k2 = unhexlify('14ef746e8b1792e52b1d22ef124fae97')
     nonce = b'JORGELBORGES'
 
-    total_len = 6 + (0xff<<8) + 0xff + len(jpg)
+    total_len = 6 + (0xffff) + len(jpg) + 0xff # get some extra
     jpgstream, _ = gcm_encrypt(k1, nonce, aad, b'\x00'*total_len)
     bmpstream, _ = gcm_encrypt(k2, nonce, aad, b'\x00'*total_len)
 
-    # 5 bytes
-    r = xor(jpgstream, b'\xff\xd8\xff\xfe\xff')
-
-    # 1 byte
-    r += bmpstream[5:6]
+    # 6 bytes
+    r = xor(jpgstream, b'\xff\xd8\xff\xfe\xff\xff')
 
     # len(bmp) bytes
     bmpenc = xor(bmp[6:], bmpstream[6:6+len(bmp)])
     r += bmpenc
 
-    comlen = (0xff << 8) + (jpgstream[5] ^ bmpstream[5])
+    comlen = 0xffff
 
     # finish comment with padding
     r += b'\x00'*(comlen - len(bmpenc))
author	cyfraeviolae <cyfraeviolae>	2022-08-28 02:32:00 -0400
committer	cyfraeviolae <cyfraeviolae>	2022-08-28 02:32:00 -0400
commit	c6d2859dd229d6ad058440feac910b9905a761d7 (patch)
tree	884b4aa604841ccc72ce63d10067ef15744193c9 /aesgcmanalysis.py
parent	4ab74d6a630b3a8b74bd1f96f00309d157844c43 (diff)