Compare commits

...
Sign in to create a new pull request.

7 commits

Author SHA1 Message Date
Fedora Release Engineering
6cfa9581c7 Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild 2026-01-16 03:29:53 +00:00
Fedora Release Engineering
42014b0885 Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild 2025-07-23 16:48:37 +00:00
Fedora Release Engineering
3568cb2be0 Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild 2025-01-16 10:40:46 +00:00
Fedora Release Engineering
1452d227bf Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild 2024-07-17 16:41:16 +00:00
Fedora Release Engineering
71d7e4d131 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-22 22:44:54 +00:00
Fedora Release Engineering
d3986f285c Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-19 12:21:14 +00:00
Michal Ambroz
11414495cd aesfix initial load 2023-07-25 18:44:39 +02:00
6 changed files with 167 additions and 0 deletions

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
/aesfix-*.tar.gz
/aesfix-*.tar.gz.asc

View file

@ -0,0 +1,20 @@
Description: add GCC hardening.
Author: Joao Eriberto Mota Filho <eriberto@debian.org>
Last-Update: 2015-02-23
Index: aesfix-1.0.1/Makefile
===================================================================
--- aesfix-1.0.1.orig/Makefile
+++ aesfix-1.0.1/Makefile
@@ -1,10 +1,10 @@
-CXXFLAGS= -Wall -O4 -funroll-loops
+CXXFLAGS += -Wall -O4 -funroll-loops
OBJS= aesfix.o errvect.o
all: aesfix
aesfix: $(OBJS)
- $(CXX) -o aesfix $(OBJS)
+ $(CXX) $(LDFLAGS) -o aesfix $(OBJS)
clean:
@rm -f aesfix *~ \#* $(OBJS)

38
aesfix.1 Normal file
View file

@ -0,0 +1,38 @@
.TH "aeskeyfind" "1" "2020-02-28" "User Commands" "User Commands"
.SH "NAME"
aeskeyfind \- Locates 128-bit and 256-bit AES keys in a captured memory image.
.SH SYNOPSIS
.B aesfix
SCHEDULE-FILE
.SH DESCRIPTION
SCHEDULE-FILE
The aesfix tool corrects bit errors in an AES key schedule read from the specified hex-encoded file.
.PP
This program is limited to AES-128 key schedules, and it can only correct unidirectional 1->0
bit errors. For the most part it has been optimized for readability
rather than performance.
.PP
The algorithm has these major steps:
.PP
1. Given a key schedule containing bit errors, divide the schedule
into four 7-bit "slices", each of which should be uniquely
determined by its first four bits.
.PP
2. For increasing number of errors w to the key (round 0) bytes:
.PP
a. List possible "decoded" values that could have suffered w
or fewer unidirectional errors to form the slice.
.PP
b. Consider all the key schedules generated by combinations of
these decodings. If one could have decayed into the key
schedule that we're trying to repair, output it and stop.
.SH AUTHOR
.TP
aesfix was written by Nadia Heninger and and J. Alex Halderman.
.SH "SEE ALSO"
\fBaeskeyfind\fR(1),
\fBbiosmemimage\fR(1),
\fBrsakeyfind\fR(1)
.PP
.UR "https://citp.princeton.edu/our-work/memory/"
.BR "https://citp.princeton.edu/our-work/memory/"

105
aesfix.spec Normal file
View file

@ -0,0 +1,105 @@
Name: aesfix
Version: 1.0.1
Release: 9%{?dist}
# 3-clause BSD license
License: BSD-3-Clause
Summary: Correct bit errors in AES-128 key schedule
URL: https://citp.princeton.edu/our-work/memory/
# Current code: https://citp.princeton.edu/our-work/memory/code
# Original URL: https://citp.princeton.edu/research/memory/
# Mirror https://github.com/DonnchaC/coldboot-attacks
# https://citpsite.s3.amazonaws.com/memory-content/src/aesfix-1.0.1.tar.gz
# Original https://citp.princeton.edu/memory-content/src/aesfix-1.0.1.tar.gz
# https://web.archive.org/web/20160501132651/https://citp.princeton.edu/memory-content/src/aesfix-1.0.1.tar.gz
# http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%%{name}-%%{version}.tar.gz
Source0: https://citpsite.s3.amazonaws.com/memory-content/src/%{name}-%{version}.tar.gz
# https://citpsite.s3.amazonaws.com/memory-content/src/aesfix-1.0.1.tar.gz.asc
# https://web.archive.org/web/20160501132651/https://citp.princeton.edu/memory-content/src/aesfix-1.0.1.tar.gz.asc
# http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%%{name}-%%{version}.tar.gz.asc
Source1: https://citpsite.s3.amazonaws.com/memory-content/src/%{name}-%{version}.tar.gz.asc
# The authenticator public key obtained from release 1.0.1
# gpg2 -vv aeskeyfind-1.0.1.tar.gz.asc
# Signed by Jacob Appelbaum <jacob () appelbaum net>
# gpg2 --search-key B8841A919D0FACE4
# gpg2 --search-key 12E404FFD3C931F934052D06B8841A919D0FACE4
# gpg2 --list-public-keys 12E404FFD3C931F934052D06B8841A919D0FACE4
# gpg2 --export --export-options export-minimal 12E404FFD3C931F934052D06B8841A919D0FACE4 > gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg
Source2: gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg
# Manual page from Debian
Source3: aesfix.1
# Original Debian patch to allow build hardening by usage of CFLAGS and LDFLAGS
# Author: Joao Eriberto Mota Filho <eriberto@debian.org>
Patch1: aesfix-10_add-GCC-hardening.patch
Buildrequires: gcc-c++
Buildrequires: make
BuildRequires: gnupg2
%description
The aesfix tool illustrates a technique for correcting bit errors in an
AES key schedule. This program is limited to AES-128 key schedules
and it can only correct unidirectional 1->0 bit errors.
For the most part it has been optimized for readability rather than
performance.
%prep
#check signature
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%autosetup -n %{name}
%build
%set_build_flags
%make_build
%install
install -Dp -m755 %{name} %{buildroot}%{_bindir}/%{name}
install -d %{buildroot}%{_mandir}/man1
install -p -m644 %{SOURCE3} %{buildroot}%{_mandir}/man1
%files
%license LICENSE
%doc README samples
%{_bindir}/%{name}
%{_mandir}/man1/%{name}.1*
%changelog
* Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Jul 25 2023 Michal Ambroz <rebus at, seznam.cz> - 1.0.1-3
- switch to SPDX license reference - BSD-3-Clause
* Fri Feb 28 2020 Michal Ambroz <rebus at, seznam.cz> - 1.0.1-2
- uppercase the summary
* Fri Feb 28 2020 Michal Ambroz <rebus at, seznam.cz> - 1.0.1-1
- package based on the aeskeyfind

Binary file not shown.

2
sources Normal file
View file

@ -0,0 +1,2 @@
SHA512 (aesfix-1.0.1.tar.gz) = 5a50ff0bd13ec5925547072e8a1e417cc1e17b1dd59de22cc573efad4563f44e5264e87658aec5f36e9dc179685913b96d3301111a72678df453682941d783b0
SHA512 (aesfix-1.0.1.tar.gz.asc) = 80b57d4961855c3c5db61e58795c9c5365282332bb3fafc12da58d695bc97d1c7b834a782a74b8d6bc92ce2b5cec030945bd669a965ed5d7e024ba9e5e90ba6f