2025熵密杯 -- 初始谜题 -- Reproducibility

2025熵密杯 -- 初始谜题 -- Reproducibility

前言

本文记录2025熵密杯初始谜题赛题复现过程，参考languag3师傅的熵密杯题解博客。膜拜大佬~

1. https://languag3.github.io/

复制代码

初始谜题1

sm4_encrypt.py

1. import binascii
2. from pyasn1.codec.der.decoder import decode
3. from pyasn1.type import univ, namedtype
4. from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
5. from cryptography.hazmat.backends import default_backend
6. from gmssl import sm3, func, sm2
7. from pyasn1.codec.der.encoder import encode
10. class SM2Cipher(univ.Sequence):
11.     componentType = namedtype.NamedTypes(
12.         namedtype.NamedType('xCoordinate', univ.Integer()), # -- x 分量
13.         namedtype.NamedType('yCoordinate', univ.Integer()),             # -- y 分量
14.         namedtype.NamedType('hash', univ.OctetString()),                # --哈希值
15.         namedtype.NamedType('cipherText', univ.OctetString())           # -- SM4密钥密文
16.     )
18. class EncryptedData(univ.Sequence):
19.     componentType = namedtype.NamedTypes(
20.         namedtype.NamedType('algorithm', univ.ObjectIdentifier('1.2.156.10197.1.104.2')), # -- SM4-CBC OID
21.         namedtype.NamedType('iv', univ.OctetString()),                                                # -- SM4-CBC加密使用的初始化向量（IV）
22.         namedtype.NamedType('cipherText', univ.OctetString())                                         # -- SM4加密的密文
23.     )
25. class EnvelopedData(univ.Sequence):
26.     componentType = namedtype.NamedTypes(
27.         namedtype.NamedType('encryptedKey', SM2Cipher()),                           # -- 使用SM2公钥加密SM4密钥的密文
28.         namedtype.NamedType('encryptedData', EncryptedData()),                                  #  -- 使用SM4密钥对明文加密的密文
29.         namedtype.NamedType('digestAlgorithm', univ.ObjectIdentifier('1.2.156.10197.1.401.1')), # -- SM3算法OID
30.         namedtype.NamedType('digest', univ.OctetString())                                       # -- 对明文计算的摘要值
31.     )
33. def sm4_cbc_encrypt(plaintext: bytes, key: bytes, iv: bytes):
34.     backend = default_backend()
35.     cipher = Cipher(algorithms.SM4(key), modes.CBC(iv), backend=backend) #填充模式 nopadding
36.     encryptor = cipher.encryptor()
37.     ciphertext = encryptor.update(plaintext) + encryptor.finalize()
38.     return ciphertext
40. def sm2_encrypt(plaintext: bytes,public_key:bytes) -> bytes:
41.     sm2_crypt = sm2.CryptSM2(private_key="",public_key=public_key.hex())
42.     ciphertext = sm2_crypt.encrypt(plaintext)
43.     return ciphertext
45. def sm3_hash(text:bytes):
46.     hash_value = sm3.sm3_hash(func.bytes_to_list(text))
47.     return hash_value
49. def read_key_from_file(file_path):
50.     try:
51.         with open(file_path, 'r') as file:
52.             key = file.read().strip()
53.             return key
54.     except FileNotFoundError:
55.         print(f"错误: 文件 {file_path} 未找到。")
56.     except Exception as e:
57.         print(f"错误: 发生了未知错误 {e}。")
58.     return None
60. # 对由abcd组成的字符串加密的方法
61. def sm4_encrypt(plaintext:str,sm2_public_key: str,sm4_iv:str):
62.     sm4_key = bytes.fromhex(read_key_from_file("key.txt")) #从文件读取固定的key
63.     # sm4
64.     envelope = EnvelopedData()
65.     plaintext_bytes = plaintext.encode('utf-8')
66.     ciphertext = sm4_cbc_encrypt(plaintext_bytes,sm4_key,bytes.fromhex(sm4_iv))
68.     # sm2
69.     encrypted_key = sm2_encrypt(sm4_key,bytes.fromhex(sm2_public_key))
71.     # sm3
72.     digest = sm3_hash(plaintext_bytes)
74.     envelope['encryptedData'] = EncryptedData()
75.     envelope['encryptedData']['iv'] = univ.OctetString(bytes.fromhex(sm4_iv))
76.     envelope['encryptedData']['cipherText'] = univ.OctetString(ciphertext)
78.     envelope['encryptedKey'] = SM2Cipher()
79.     envelope['encryptedKey']['xCoordinate'] = univ.Integer(int.from_bytes(encrypted_key[:32], 'big'))
80.     envelope['encryptedKey']['yCoordinate'] = univ.Integer(int.from_bytes(encrypted_key[32:64], 'big'))
81.     envelope['encryptedKey']['hash'] = univ.OctetString(encrypted_key[64:96])
82.     envelope['encryptedKey']['cipherText'] = univ.OctetString(encrypted_key[96:])
84.     envelope['digest'] = univ.OctetString(bytes.fromhex(digest))
85.     return encode(envelope).hex()
87. # 从asn1格式的16进制字符串提取参数
88. def asn1_parse(asn1_hex_str:str,asn1_spec):
89.     # 将16进制字符串转换为字节
90.     der_bytes = binascii.unhexlify(asn1_hex_str)
91.     # 解码为ASN.1对象
92.     enveloped_data, _ = decode(der_bytes, asn1Spec=asn1_spec)
93.     # sm2
94.     sm2_x = hex(int(enveloped_data['encryptedKey']['xCoordinate']))[2:]
95.     sm2_y = hex(int(enveloped_data['encryptedKey']['yCoordinate']))[2:]
96.     sm2_hash = enveloped_data['encryptedKey']['hash'].asOctets().hex()
97.     sm2_ciphertext = enveloped_data['encryptedKey']['cipherText'].asOctets().hex()
99.     # sm4
100.     sm4_algorithm = str(enveloped_data['encryptedData']['algorithm'])
101.     sm4_iv = enveloped_data['encryptedData']['iv'].asOctets().hex()
102.     sm4_cipherText = enveloped_data['encryptedData']['cipherText'].asOctets().hex()
104.     # sm3
105.     digestAlgorithm = str(enveloped_data['digestAlgorithm'])
106.     digest = enveloped_data['digest'].asOctets().hex()
108.     # 输出提取的值
109.     print("asn1格式的16进制字符串:")
110.     print(f"  asn1: {asn1_hex_str}")
111.     print("SM2参数:")
112.     print(f"  xCoordinate: {sm2_x}")
113.     print(f"  yCoordinate: {sm2_y}")
114.     print(f"  hash: {sm2_hash}")
115.     print(f"  cipherText: {sm2_ciphertext}")
117.     print("SM4参数:")
118.     print(f"  algorithm: {sm4_algorithm}")
119.     print(f"  iv: {sm4_iv}")
120.     print(f"  cipherText: {sm4_cipherText}")
122.     print("SM3参数:")
123.     print(f"  digestAlgorithm: {digestAlgorithm}")
124.     print(f"  digest: {digest}")
127. if __name__ == "__main__":
128.     plaintext = "6163616263626161626461646464636361626263626464626361616164636462636462646461646461626462646361636264616364646462646462626261636261646163626463636262616462646462616362616363646463646361616263646261636164636263646163646161636164646364646261626463636462636162636162646261626163636161616463616261646264616162646162626162626462616363616161636362616461626463616462646261626264626464626262636363636162616261626163616164616462626163636164646161646361626363646462626261636261636164646262646362616263636363626461636164646261636361646463616161626164626461636163636461646164616161616163616164636164646261646163626163636164616162636263616461636261646264626263626264636164646263616164626463626461646364616362626261616262616264616361626264636264616461646163626364626462636161636262636163616261616262626362636463616263616364616363626163636363636262646363616464626461616363646361626162636261636364646362626462616364626462626161616264636162626263626462626264646162626462616261616264626161616363636364616263626461636162616462616363616461646363636261636363616162646164626361616464646463646263646363636164626164646463646361636364616261626261646461646463626161616361626161626362626262636164626463636163626163616163636262646463646162616363616364636164646364626464626164626162636161616263646164636461626161636262646463636462646161636462626264626463646364636362626264616362646462636263616361626262616464636263616464616363646163616262616162626261626261616461636361636164636162626461646264636162646363636263616363646161636464626161616462636464646164616361646264616361626263646264616162636164636462616164646163616461646362626464"
129.     sm2_key = "044f66804d1d30f4499377b96dc8e18faab8300ebddf3eb0fa2065214c260d64c08c6dfe7d9923d6d5baa3a0512a2ede03357c723230ebf77906f82dc1b0fccc1e"
130.     iv = "43d4192f9f74e90543d4192f9f74e905"
131.     asn1_hex_str = sm4_encrypt(bytes.fromhex(plaintext).decode('utf-8'),sm2_key,iv)
132.     asn1_parse(asn1_hex_str,EnvelopedData())

复制代码

1. (m, c) = (6362646264646264646361636463646261636164626362646264616161636162636261616461646263626362626264636163616264626164616161616361616161636163636361626463616361626263626263646462626261616462646362626162646162646461646264626361646264636164626262626264646464626362626462626364646463636362636264616161636461626363626362616263636264636164636261646262626161636161616461616163616461626461646464616363646462636464646464636462636264636464636162616461646263646264636363616263616164646263646362646161616361646261616161626261626462636261646362626362626462636463616164636263646164636461646364646464616461626463616463636362626464646463636461626264636363636263646463626163636362646264616261636464626164646363626164626264616462626264646463646163646162626364616264646163636362646164616263616461626164636261646361636162616162646161646162636364646162626361646362646361626463616262646362636261616464626162636161616362616464616261626363616464626164616362616262616463626364646461636461636164636261626364646362626263636164626161636264646261636264626164626264636463616263646462646464636461626264626262626263626362636463636362636264646262626162626364616363636264626462636163646361636163616464626361616262646361626261646364646461636164626164646361626264616364626361636163626163636363626464626462646364646364616461616161616361646264626364636364626261636363636361616264636262646262616263636361616361616261616162636163646363646264636364616362626362626463616264646261626164646263646164646264616463646462626261616461636461626262636462646163636461646362616363616163616361626162636462616362636361646363626161636362636361616261636362636463, 308203ec30790220467b2389364b2ebd2eadfa624d668c9b0d530b89edbaf9676c1d7db18c7da40502210099f160a4fc540baa3c316e0b28db789f366fc4c84ba1a98e3aaf0806667a82d804204452c9104b87f44ac026d449cb5b5b5f306b2deab5187db7b3cb845659b1714b0410443c9a3f4f7b0083ddd323d6a1f576503082034006082a811ccf550168020410f414bdfbca9d9e902114536a3b9c443204820320d76516cc03294caaa08df866f53ac3ddc8331f5aa82c09d1ae49c41746165293d70f8d2e7578e4a6c59c9a2adb7b446fd7139e6e1d9f4fef7dca09425b574dfd30c24d773c59bcd86384f013439e7b0f61439192f9b7889a72d4fb59d20eaa7dc7191594aa5cdb855410f0b6be69cb5eb5f303a605300d48c8ca0b86549ba2c586009fa7a24e4b71a2c304aa34f9a6cb45d1e5d97e6d768dd63a1bfbe7a975be13585742aed7e3e606450530c05c0cd1c41dea44603f628bc2398cdd706abb66ca964178122b99c879bf1ded48268f662cbb1d06798e19ecb61c5719fd85b4bf72b25226778632e4510009f101a50fc66ef8f12088357ccac4749262f2eb07b6ea6d800ed3897a02d530b0e6f22b378354edddd8bf4a8df07d020986c1f49570853f4875e00fac96b2f8054288ebebb4d86ebfb644f53b1195fc2ff04effe18d419da605ba949ff7a3cc3624fdb71af173a8b8e0c721ff0095f1cfb08d1f236835013811502da499408de1ed0d329027d65b62790043f0b2f67a71f2056ca1c2e431147b145d8817b86a49d08e82c5d710e999078fa8bc1144bb77654a53d91591522540f3ac835ad1df444f94db2c07f223be6db215034ef39c2123690d0457877c40ea91f5662f2efb57cefa4d8b3bb6ce18bed2de4de3c8d53c9bd2f0be84471a88719f74a3e2193915db3c455c597e897ada24e6c3e628e03416a759ed1a7886525569a2b7e7431311504e27add6b43d85e704d364fe6446c29c314e95c498fea6b8123d811480a1add915a34d4ffeda304e0ee8456f842786a385eaac42c0beec3b37d30906a982340a1a9a0151eca11040fd2c467a8a014e2db9ccec96f0d927208de545fddd0cae8b7da3ce113d0ac95fb84ec74ed266ae8676ac662f21bb93034064a043e5969c378e825b3751d6c54e9d8d79a905c942857103564ce7ed5c61c899420d02170f42e41e3193cd5de116701c59043fc42ec596fc8cd05c75ed9fd514c9323ce01143b84080cc2d81ac477c7c2a9ef97ea0b76159fc2ea24e18c8511046f4e500d1653b16b71f0a1028155173a11c55e777dd13c23e67f9fa5e6a8c32162dcf01b09a3c50c106c63d13ce2a9e2fff014665ec490f947706092a811ccf5501831101042024d458eef08943e27b496fd180de68c18f467bee9d3c802bb56d607a364ddc70)
2. c = 3081e830790220467b2389364b2ebd2eadfa624d668c9b0d530b89edbaf9676c1d7db18c7da40502210099f160a4fc540baa3c316e0b28db789f366fc4c84ba1a98e3aaf0806667a82d804204452c9104b87f44ac026d449cb5b5b5f306b2deab5187db7b3cb845659b1714b0410443c9a3f4f7b0083ddd323d6a1f57650303e06082a811ccf550168020410b63a85e103d362fb6247c19e324e97c4042098fea6b8123d811480a1add915a34d4fdbbfd86515a457e1b20bf4751ea0010706092a811ccf55018311010420aab05fca300811223b3b957bfe33130770fb7a6b55b030a5809c559344f66f79

复制代码

analysis

• 基于当时现场的分析，该题目实现了当前通信中常用的数字信封，使用对称密码加密明文信息，使用非对称密码加密对称密码所使用的密钥，同时利用杂凑函数计算相应的信息摘要。体现在这道题中就是SM4-CBC加密明文信息，SM2加密SM4-CBC密钥，SM3计算消息杂凑值。
  
• 本题目中将以下参数加入到asn1证书中，同时明文信息为abcd的组合。
  
  
  
  • SM2的公钥以及SM2针对于SM4-CBC密钥加密后的密文
    
  • SM4-CBC使用的iv以及对明文加密之后的密文
    
  • SM3针对于明文进行的杂凑值
    
  • 交互得到的一对(m, c)和待解密密文
    
  
  
• asn1解析结果如下：
  1. from sm4_encrypt import asn1_parse, EnvelopedData
  3. print("#########################c1 asn_parse")
  4. c1 = ...
  5. asn1_parse(c1, EnvelopedData())
  6. print("#########################c asn_parse")
  7. c = ...
  8. asn1_parse(c, EnvelopedData())
  10. """
  11. #########################c1 asn_parse
  12. asn1格式的16进制字符串:
  13.   asn1: 308203ec30790220467b2389364b2ebd2eadfa624d668c9b0d530b89edbaf9676c1d7db18c7da40502210099f160a4fc540baa3c316e0b28db789f366fc4c84ba1a98e3aaf0806667a82d804204452c9104b87f44ac026d449cb5b5b5f306b2deab5187db7b3cb845659b1714b0410443c9a3f4f7b0083ddd323d6a1f576503082034006082a811ccf550168020410f414bdfbca9d9e902114536a3b9c443204820320d76516cc03294caaa08df866f53ac3ddc8331f5aa82c09d1ae49c41746165293d70f8d2e7578e4a6c59c9a2adb7b446fd7139e6e1d9f4fef7dca09425b574dfd30c24d773c59bcd86384f013439e7b0f61439192f9b7889a72d4fb59d20eaa7dc7191594aa5cdb855410f0b6be69cb5eb5f303a605300d48c8ca0b86549ba2c586009fa7a24e4b71a2c304aa34f9a6cb45d1e5d97e6d768dd63a1bfbe7a975be13585742aed7e3e606450530c05c0cd1c41dea44603f628bc2398cdd706abb66ca964178122b99c879bf1ded48268f662cbb1d06798e19ecb61c5719fd85b4bf72b25226778632e4510009f101a50fc66ef8f12088357ccac4749262f2eb07b6ea6d800ed3897a02d530b0e6f22b378354edddd8bf4a8df07d020986c1f49570853f4875e00fac96b2f8054288ebebb4d86ebfb644f53b1195fc2ff04effe18d419da605ba949ff7a3cc3624fdb71af173a8b8e0c721ff0095f1cfb08d1f236835013811502da499408de1ed0d329027d65b62790043f0b2f67a71f2056ca1c2e431147b145d8817b86a49d08e82c5d710e999078fa8bc1144bb77654a53d91591522540f3ac835ad1df444f94db2c07f223be6db215034ef39c2123690d0457877c40ea91f5662f2efb57cefa4d8b3bb6ce18bed2de4de3c8d53c9bd2f0be84471a88719f74a3e2193915db3c455c597e897ada24e6c3e628e03416a759ed1a7886525569a2b7e7431311504e27add6b43d85e704d364fe6446c29c314e95c498fea6b8123d811480a1add915a34d4ffeda304e0ee8456f842786a385eaac42c0beec3b37d30906a982340a1a9a0151eca11040fd2c467a8a014e2db9ccec96f0d927208de545fddd0cae8b7da3ce113d0ac95fb84ec74ed266ae8676ac662f21bb93034064a043e5969c378e825b3751d6c54e9d8d79a905c942857103564ce7ed5c61c899420d02170f42e41e3193cd5de116701c59043fc42ec596fc8cd05c75ed9fd514c9323ce01143b84080cc2d81ac477c7c2a9ef97ea0b76159fc2ea24e18c8511046f4e500d1653b16b71f0a1028155173a11c55e777dd13c23e67f9fa5e6a8c32162dcf01b09a3c50c106c63d13ce2a9e2fff014665ec490f947706092a811ccf5501831101042024d458eef08943e27b496fd180de68c18f467bee9d3c802bb56d607a364ddc70
  14. SM2参数:
  15.   xCoordinate: 467b2389364b2ebd2eadfa624d668c9b0d530b89edbaf9676c1d7db18c7da405
  16.   yCoordinate: 99f160a4fc540baa3c316e0b28db789f366fc4c84ba1a98e3aaf0806667a82d8
  17.   hash: 4452c9104b87f44ac026d449cb5b5b5f306b2deab5187db7b3cb845659b1714b
  18.   cipherText: 443c9a3f4f7b0083ddd323d6a1f57650
  19. SM4参数:
  20.   algorithm: 1.2.156.10197.1.104.2
  21.   iv: f414bdfbca9d9e902114536a3b9c4432
  22.   cipherText: d76516cc03294caaa08df866f53ac3ddc8331f5aa82c09d1ae49c41746165293d70f8d2e7578e4a6c59c9a2adb7b446fd7139e6e1d9f4fef7dca09425b574dfd30c24d773c59bcd86384f013439e7b0f61439192f9b7889a72d4fb59d20eaa7dc7191594aa5cdb855410f0b6be69cb5eb5f303a605300d48c8ca0b86549ba2c586009fa7a24e4b71a2c304aa34f9a6cb45d1e5d97e6d768dd63a1bfbe7a975be13585742aed7e3e606450530c05c0cd1c41dea44603f628bc2398cdd706abb66ca964178122b99c879bf1ded48268f662cbb1d06798e19ecb61c5719fd85b4bf72b25226778632e4510009f101a50fc66ef8f12088357ccac4749262f2eb07b6ea6d800ed3897a02d530b0e6f22b378354edddd8bf4a8df07d020986c1f49570853f4875e00fac96b2f8054288ebebb4d86ebfb644f53b1195fc2ff04effe18d419da605ba949ff7a3cc3624fdb71af173a8b8e0c721ff0095f1cfb08d1f236835013811502da499408de1ed0d329027d65b62790043f0b2f67a71f2056ca1c2e431147b145d8817b86a49d08e82c5d710e999078fa8bc1144bb77654a53d91591522540f3ac835ad1df444f94db2c07f223be6db215034ef39c2123690d0457877c40ea91f5662f2efb57cefa4d8b3bb6ce18bed2de4de3c8d53c9bd2f0be84471a88719f74a3e2193915db3c455c597e897ada24e6c3e628e03416a759ed1a7886525569a2b7e7431311504e27add6b43d85e704d364fe6446c29c314e95c498fea6b8123d811480a1add915a34d4ffeda304e0ee8456f842786a385eaac42c0beec3b37d30906a982340a1a9a0151eca11040fd2c467a8a014e2db9ccec96f0d927208de545fddd0cae8b7da3ce113d0ac95fb84ec74ed266ae8676ac662f21bb93034064a043e5969c378e825b3751d6c54e9d8d79a905c942857103564ce7ed5c61c899420d02170f42e41e3193cd5de116701c59043fc42ec596fc8cd05c75ed9fd514c9323ce01143b84080cc2d81ac477c7c2a9ef97ea0b76159fc2ea24e18c8511046f4e500d1653b16b71f0a1028155173a11c55e777dd13c23e67f9fa5e6a8c32162dcf01b09a3c50c106c63d13ce2a9e2fff014665ec490f9477
  23. SM3参数:
  24.   digestAlgorithm: 1.2.156.10197.1.401.1
  25.   digest: 24d458eef08943e27b496fd180de68c18f467bee9d3c802bb56d607a364ddc70
  26. #########################c asn_parse
  27. asn1格式的16进制字符串:
  28.   asn1: 3081e830790220467b2389364b2ebd2eadfa624d668c9b0d530b89edbaf9676c1d7db18c7da40502210099f160a4fc540baa3c316e0b28db789f366fc4c84ba1a98e3aaf0806667a82d804204452c9104b87f44ac026d449cb5b5b5f306b2deab5187db7b3cb845659b1714b0410443c9a3f4f7b0083ddd323d6a1f57650303e06082a811ccf550168020410b63a85e103d362fb6247c19e324e97c4042098fea6b8123d811480a1add915a34d4fdbbfd86515a457e1b20bf4751ea0010706092a811ccf55018311010420aab05fca300811223b3b957bfe33130770fb7a6b55b030a5809c559344f66f79
  29. SM2参数:
  30.   xCoordinate: 467b2389364b2ebd2eadfa624d668c9b0d530b89edbaf9676c1d7db18c7da405
  31.   yCoordinate: 99f160a4fc540baa3c316e0b28db789f366fc4c84ba1a98e3aaf0806667a82d8
  32.   hash: 4452c9104b87f44ac026d449cb5b5b5f306b2deab5187db7b3cb845659b1714b
  33.   cipherText: 443c9a3f4f7b0083ddd323d6a1f57650
  34. SM4参数:
  35.   algorithm: 1.2.156.10197.1.104.2
  36.   iv: b63a85e103d362fb6247c19e324e97c4
  37.   cipherText: 98fea6b8123d811480a1add915a34d4fdbbfd86515a457e1b20bf4751ea00107
  38. SM3参数:
  39.   digestAlgorithm: 1.2.156.10197.1.401.1
  40.   digest: aab05fca300811223b3b957bfe33130770fb7a6b55b030a5809c559344f66f79
  41. """

  复制代码
• 针对于此等加密，刚学完课程《密码学概论》的我，当前安全且高效的通信加密技术，赛场上看着这道题非常怅惘。后续看到大佬的解题思路如下：针对于国密算法以及数字信封的实现上而言，我们很难找到其漏洞点，但是出了穷举攻击以外，可能出现的漏洞点就在于分组密码的CBC工作模式。由于给出的明密文对的长度很长，而我们要恢复的密文却很短。cipherText = "98fea6b8123d811480a1add915a34d4fdbbfd86515a457e1b20bf4751ea00107"
  
• 看到languag3师傅的博客，同时验证待解密密文的第一组密文在明密文对的密文中存在，那么可以判断此处在黑盒处理之前，两者对应的分组的key和input是相同的，则通过异或处理可以恢复明文的第一块。但是并不能推出该组黑盒使用的key以及其他分组的key和input的关系。
  
• 此后怎对于后续的16字节进行爆破，即为32bit的abcd爆破。
  

exp

1. # part1 Solve
2. from pwn import xor
3. m1 = "6362646264646264646361636463646261636164626362646264616161636162636261616461646263626362626264636163616264626164616161616361616161636163636361626463616361626263626263646462626261616462646362626162646162646461646264626361646264636164626262626264646464626362626462626364646463636362636264616161636461626363626362616263636264636164636261646262626161636161616461616163616461626461646464616363646462636464646464636462636264636464636162616461646263646264636363616263616164646263646362646161616361646261616161626261626462636261646362626362626462636463616164636263646164636461646364646464616461626463616463636362626464646463636461626264636363636263646463626163636362646264616261636464626164646363626164626264616462626264646463646163646162626364616264646163636362646164616263616461626164636261646361636162616162646161646162636364646162626361646362646361626463616262646362636261616464626162636161616362616464616261626363616464626164616362616262616463626364646461636461636164636261626364646362626263636164626161636264646261636264626164626264636463616263646462646464636461626264626262626263626362636463636362636264646262626162626364616363636264626462636163646361636163616464626361616262646361626261646364646461636164626164646361626264616364626361636163626163636363626464626462646364646364616461616161616361646264626364636364626261636363636361616264636262646262616263636361616361616261616162636163646363646264636364616362626362626463616264646261626164646263646164646264616463646462626261616461636461626262636462646163636461646362616363616163616361626162636462616362636361646363626161636362636361616261636362636463"
4. c1 = "d76516cc03294caaa08df866f53ac3ddc8331f5aa82c09d1ae49c41746165293d70f8d2e7578e4a6c59c9a2adb7b446fd7139e6e1d9f4fef7dca09425b574dfd30c24d773c59bcd86384f013439e7b0f61439192f9b7889a72d4fb59d20eaa7dc7191594aa5cdb855410f0b6be69cb5eb5f303a605300d48c8ca0b86549ba2c586009fa7a24e4b71a2c304aa34f9a6cb45d1e5d97e6d768dd63a1bfbe7a975be13585742aed7e3e606450530c05c0cd1c41dea44603f628bc2398cdd706abb66ca964178122b99c879bf1ded48268f662cbb1d06798e19ecb61c5719fd85b4bf72b25226778632e4510009f101a50fc66ef8f12088357ccac4749262f2eb07b6ea6d800ed3897a02d530b0e6f22b378354edddd8bf4a8df07d020986c1f49570853f4875e00fac96b2f8054288ebebb4d86ebfb644f53b1195fc2ff04effe18d419da605ba949ff7a3cc3624fdb71af173a8b8e0c721ff0095f1cfb08d1f236835013811502da499408de1ed0d329027d65b62790043f0b2f67a71f2056ca1c2e431147b145d8817b86a49d08e82c5d710e999078fa8bc1144bb77654a53d91591522540f3ac835ad1df444f94db2c07f223be6db215034ef39c2123690d0457877c40ea91f5662f2efb57cefa4d8b3bb6ce18bed2de4de3c8d53c9bd2f0be84471a88719f74a3e2193915db3c455c597e897ada24e6c3e628e03416a759ed1a7886525569a2b7e7431311504e27add6b43d85e704d364fe6446c29c314e95c498fea6b8123d811480a1add915a34d4ffeda304e0ee8456f842786a385eaac42c0beec3b37d30906a982340a1a9a0151eca11040fd2c467a8a014e2db9ccec96f0d927208de545fddd0cae8b7da3ce113d0ac95fb84ec74ed266ae8676ac662f21bb93034064a043e5969c378e825b3751d6c54e9d8d79a905c942857103564ce7ed5c61c899420d02170f42e41e3193cd5de116701c59043fc42ec596fc8cd05c75ed9fd514c9323ce01143b84080cc2d81ac477c7c2a9ef97ea0b76159fc2ea24e18c8511046f4e500d1653b16b71f0a1028155173a11c55e777dd13c23e67f9fa5e6a8c32162dcf01b09a3c50c106c63d13ce2a9e2fff014665ec490f9477"
5. c = "98fea6b8123d811480a1add915a34d4fdbbfd86515a457e1b20bf4751ea00107"
6. iv1 = "f414bdfbca9d9e902114536a3b9c4432"
7. iv = "b63a85e103d362fb6247c19e324e97c4"
8. # print(len(c)) 64 -- 分组后为2组
9. c_list = [c[32 * i:32 * (i + 1)] for i in range(2)]
10. # print(c_list)
11. # print(c1.index(c_list[0])); print(c1.index(c_list[1])) 1088 Error
12. # Black Cipher Encrypt之前的结果相同
13. temp = bytes.fromhex(m1[1088:1088 + 32])
14. c1_block = bytes.fromhex(c1[1088 - 32:1088])
15. iv = bytes.fromhex(iv)
16. m_part1 = xor(xor(c1_block, temp), iv)
17. # print(m_part1) adcddbbadcacabad

复制代码

[code]// part2 Solve#include #include #include #include #include #include #include #include #include using namespace std;// 线程通信全局变量bool found = false;mutex mtx; // 信号量condition_variable cv;// 字符集以及前16个字节内容固定const unsigned char char_set[] = "adcddbbadcacabad";const unsigned char char_map[] = "abcd";const string tar_hex = "aab05fca300811223b3b957bfe33130770fb7a6b55b030a5809c559344f66f79";// 生成索引对应的16字节字符void index_to_char(uint64_t index, unsigned char *result){    int len = 0;    while (len < 15)    {        result[len++] = char_map[index % 4];        index /= 4;    }    result[len] = char_map[index];}// 有结果后终止线程bool should_terminate(){    lock_guard lock(mtx);    return found;}// 线程void thread_worker(uint64_t j){    const size_t prefix_len = strlen(reinterpret_cast(char_set));    vector data(prefix_len + 16);    memcpy(data.data(), char_set, prefix_len);    unsigned char hash[32];    char hash_hex[65];    hash_hex[64] = '\0';    for (uint64_t i = 0; i