diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ea069ec --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/aeskeyfind-1.0.tar.gz +/aeskeyfind-1.0.tar.gz.asc diff --git a/README.md b/README.md index e7150ae..3761b5b 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,16 @@ # aeskeyfind -The aeskeyfind package \ No newline at end of file +The aeskeyfind rpm package. + +This program illustrates automatic techniques for locating 128-bit and +256-bit AES keys in a captured memory image. + +The program uses various algorithms and also performs a simple entropy +test to filter out blocks that are not keys. It counts the number of +repeated bytes and skips blocks that have too many repeats. + +This method works even if several bits of the key schedule have been +corrupted due to memory decay. + +This package is useful to several activities, as forensics investigations. + diff --git a/aeskeyfind-10_add-GCC-hardening.patch b/aeskeyfind-10_add-GCC-hardening.patch new file mode 100644 index 0000000..5446af4 --- /dev/null +++ b/aeskeyfind-10_add-GCC-hardening.patch @@ -0,0 +1,20 @@ +Description: add GCC hardening. +Author: Joao Eriberto Mota Filho +Last-Update: 2015-02-26 +Index: aeskeyfind-1.0/Makefile +=================================================================== +--- aeskeyfind-1.0.orig/Makefile ++++ aeskeyfind-1.0/Makefile +@@ -1,10 +1,10 @@ +-CFLAGS= -Wall -O4 -std=c99 ++CFLAGS += -Wall -O4 -std=c99 + OBJS= aeskeyfind.o aes.o util.o + + all: aeskeyfind + + aeskeyfind: $(OBJS) +- $(CC) -o aeskeyfind $(OBJS) ++ $(CC) $(LDFLAGS) -o aeskeyfind $(OBJS) + + clean: + @rm -f aeskeyfind *~ \#* $(OBJS) diff --git a/aeskeyfind-20_sbox-size.patch b/aeskeyfind-20_sbox-size.patch new file mode 100644 index 0000000..533580e --- /dev/null +++ b/aeskeyfind-20_sbox-size.patch @@ -0,0 +1,17 @@ +Description: Fix sbox array size + See #692293 for details. +Author: Samuel Henrique +Last-Update: 2017-01-01 +Index: aeskeyfind/aes.h +=================================================================== +--- aeskeyfind.orig/aes.h ++++ aeskeyfind/aes.h +@@ -4,7 +4,7 @@ + typedef uint32_t aeskey_t[4]; + typedef uint32_t keyexp_t[44]; + +-extern uint8_t sbox[255]; ++extern uint8_t sbox[256]; + extern uint8_t rcon[255]; + + // Perform the AES key core operation on a word. diff --git a/aeskeyfind-30_big-files-support.patch b/aeskeyfind-30_big-files-support.patch new file mode 100644 index 0000000..4e477a7 --- /dev/null +++ b/aeskeyfind-30_big-files-support.patch @@ -0,0 +1,55 @@ +Description: Support for files bigger than 4GB + aeskeyfind has a bug where it fails to process a file larger than 4GB properly. + Instead it will process only filesize & 0xffffffff. Sign confusion in entropy + function can also lead to a crash when processing a large file. Finally, on + 32-bit systems size parameter to mmap would get quietly truncated. + + PS. Due to the design limitations the application cannot scan very large files + on 32-bit systems. This patch doesn't address that limitation, it however makes + the application fail gracefully if the situation is met. + + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926786 +Author: Harry Sintonen +Index: aeskeyfind/aeskeyfind.c +=================================================================== +--- aeskeyfind.orig/aeskeyfind.c ++++ aeskeyfind/aeskeyfind.c +@@ -90,7 +90,7 @@ static void print_key(uint32_t* map, int + // more than 8 repeats of any byte. This is a primitive measure of + // entropy, but it works well enough. The function keeps track of a + // sliding window of byte counts. +-static int entropy(const uint8_t* bmap, int i) ++static int entropy(const uint8_t* bmap, size_t i) + { + static int new_call = 1; + static int byte_freq[256] = {0}; +@@ -208,7 +208,7 @@ static void find_keys(const uint8_t* bma + + // Memory maps filename and return a pointer on success, setting len + // to the length of the file (does not return on error) +-unsigned char *map_file(char *filename, unsigned int *len) { ++unsigned char *map_file(char *filename, size_t *len) { + int fd = open(filename, O_RDONLY); + if (fd < 0) + err(1, "image open failed"); +@@ -217,6 +217,11 @@ unsigned char *map_file(char *filename, + if (fstat(fd, &st) != 0) + err(1, "image fstat failed"); + ++ if (st.st_size > SIZE_MAX) { ++ errno = EINVAL; ++ err(1, "image too large to mmap"); ++ } ++ + unsigned char *map; + map = (unsigned char*)mmap(0, st.st_size, PROT_READ, MAP_SHARED, fd, 0); + if (map == MAP_FAILED) +@@ -265,7 +270,7 @@ int main(int argc, char * argv[]) + exit(1); + } + +- unsigned int len; ++ size_t len; + unsigned char *image = map_file(argv[0], &len); + if (len < 240) { + fprintf(stderr, "memory image too small\n"); diff --git a/aeskeyfind-40_fix-undefined-left-shift.patch b/aeskeyfind-40_fix-undefined-left-shift.patch new file mode 100644 index 0000000..69f0600 --- /dev/null +++ b/aeskeyfind-40_fix-undefined-left-shift.patch @@ -0,0 +1,17 @@ +Description: Fix bug caused by code with undefined behavior (left shift with negative exponent) +Bug-Debian: https://bugs.debian.org/989179 +Bug-Ubuntu: https://bugs.launchpad.net/debian/+source/aeskeyfind/+bug/1838334 +Author: Adrian Bunk +Index: aeskeyfind/aes.h +=================================================================== +--- aeskeyfind.orig/aes.h ++++ aeskeyfind/aes.h +@@ -12,7 +12,7 @@ extern uint8_t rcon[255]; + static inline uint32_t key_core(uint32_t k, int i) { + uint32_t t = 0; + for (int j=0; j<4; j++) +- t = set_byte(t, (j-1)%4, sbox[get_byte(k,j)]); ++ t = set_byte(t, (j-1+4)%4, sbox[get_byte(k,j)]); + return set_byte(t, 0, get_byte(t,0) ^ rcon[i]); + } + diff --git a/aeskeyfind.1 b/aeskeyfind.1 new file mode 100644 index 0000000..f07aed9 --- /dev/null +++ b/aeskeyfind.1 @@ -0,0 +1,36 @@ +.TH "aeskeyfind" "1" "07-23-2011" "User Commands" "User Commands" +.SH "NAME" +aeskeyfind \- Locates 128-bit and 256-bit AES keys in a captured memory image. +.SH SYNOPSIS +.B aeskeyfind +[OPTION] MEMORY-IMAGE +.SH DESCRIPTION +aeskeyfind is a tool that illustrates automatic techniques for locating 128-bit and 256-bit AES keys in a captured memory image. +.SH OPTIONS +.LP +.ne 3 +.TP +.BI -v\c +verbose output -- prints the extended keys and the constraints on the rows of the key schedule +.ne 3 +.TP +.BI -q\c +don't display a progress bar +.ne 3 +.TP +.BI -t\ THRESHOLD\c +sets the maximum number of bit errors allowed in a candidate key schedule +.ne 3 +.TP +.BI -h\c +displays usage help +.SH BUGS +Likely. +.SH "SEE ALSO" +\fBbiosmemimage\fR(1), +\fBrsakeyfind\fR(1) +.SH AUTHOR +.TP +aeskeyfind was written by Nadia Heninger and Ariel Feldman. +.TP +This manual page was adapted by Julien Valroff from rsakeyfind.1, originally written by Jacob Appelbaum for the \fBDebian\fP system (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation. diff --git a/aeskeyfind.spec b/aeskeyfind.spec new file mode 100644 index 0000000..9406b80 --- /dev/null +++ b/aeskeyfind.spec @@ -0,0 +1,157 @@ +Name: aeskeyfind +Version: 1.0 +Release: 23%{?dist} +# 3-clause BSD license +# Automatically converted from old format: BSD - review is highly recommended. +License: LicenseRef-Callaway-BSD +Summary: Locate 128-bit and 256-bit AES keys in a captured memory image + + +# Original URL: https://citp.princeton.edu/research/memory/ +# https://citp.princeton.edu/our-work/memory/ +# https://citp.princeton.edu/our-work/memory/code +URL: https://citp.princeton.edu/our-work/memory/ +# New mirror on github +# Mirror https://github.com/DonnchaC/coldboot-attacks +# Fork https://github.com/makomk/aeskeyfind + +# https://citp.princeton.edu/memory-content/src/aeskeyfind-1.0.tar.gz +# https://web.archive.org/web/20160501132651/https://citp.princeton.edu/memory-content/src/aeskeyfind-1.0.tar.gz +# http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%%{name}-%%{version}.tar.gz +Source0: http://citpsite.s3-website-us-east-1.amazonaws.com/memory-content/src/%{name}-%{version}.tar.gz + +# https://web.archive.org/web/20160501132651/https://citp.princeton.edu/memory-content/src/aeskeyfind-1.0.tar.gz.asc +# http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%%{name}-%%{version}.tar.gz.asc +Source1: http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%{name}-%{version}.tar.gz.asc + +# The authenticator public key obtained from release 1.0 +# gpg2 -vv aeskeyfind-1.0.tar.gz.asc +# Signed by Jacob Appelbaum +# gpg2 --search-key B8841A919D0FACE4 +# gpg2 --search-key 12E404FFD3C931F934052D06B8841A919D0FACE4 +# gpg2 --list-public-keys 12E404FFD3C931F934052D06B8841A919D0FACE4 +# gpg2 --export --export-options export-minimal 12E404FFD3C931F934052D06B8841A919D0FACE4 > gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg +Source2: gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg + +# Manual page from Debian +Source3: aeskeyfind.1 + +# Original Debian patch to allow build hardening by usage of CFLAGS and LDFLAGS +# Author: Joao Eriberto Mota Filho +Patch1: aeskeyfind-10_add-GCC-hardening.patch + +# Original Debian patch to fix the size of the sbox +# Author: Samuel Henrique +Patch2: aeskeyfind-20_sbox-size.patch + +# Original Debian patch to support for files bigger than 4GB +# Author: Harry Sintonen +Patch3: aeskeyfind-30_big-files-support.patch + +# Original Debian patch to fix silent regression caused by UC +# Author: Adrian Bunk +Patch4: aeskeyfind-40_fix-undefined-left-shift.patch + +Buildrequires: gcc +Buildrequires: make +BuildRequires: gnupg2 + + + +%description +This program illustrates automatic techniques for locating 128-bit and +256-bit AES keys in a captured memory image. + +The program uses various algorithms and also performs a simple entropy +test to filter out blocks that are not keys. It counts the number of +repeated bytes and skips blocks that have too many repeats. + +This method works even if several bits of the key schedule have been +corrupted due to memory decay. + +This package is useful to several activities, as forensics investigations. + + +%prep +#check signature +%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' +%autosetup -n %{name} + + +%build +%set_build_flags +%make_build %{?_smp_mflags} + + +%install +install -Dp -m755 %{name} %{buildroot}%{_bindir}/%{name} +install -d %{buildroot}%{_mandir}/man1 +install -p -m644 %{SOURCE3} %{buildroot}%{_mandir}/man1 + + +%files +%license LICENSE +%doc README +%{_bindir}/%{name} +%{_mandir}/man1/%{name}.1* + + +%changelog +* Fri Jan 16 2026 Fedora Release Engineering - 1.0-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild + +* Wed Jul 23 2025 Fedora Release Engineering - 1.0-22 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Thu Jan 16 2025 Fedora Release Engineering - 1.0-21 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Wed Aug 28 2024 Miroslav Suchý - 1.0-20 +- convert license to SPDX + +* Wed Jul 17 2024 Fedora Release Engineering - 1.0-19 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 1.0-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 1.0-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Sep 07 2023 Samuel Henrique - 1.0-16 +- sync with the bugfix patches with Debian + +* Wed Jul 19 2023 Fedora Release Engineering - 1.0-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Jan 18 2023 Fedora Release Engineering - 1.0-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Jul 20 2022 Fedora Release Engineering - 1.0-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Jan 19 2022 Fedora Release Engineering - 1.0-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Jul 21 2021 Fedora Release Engineering - 1.0-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon Jan 25 2021 Fedora Release Engineering - 1.0-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Jul 31 2020 Fedora Release Engineering - 1.0-9 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 1.0-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Feb 10 2020 Michal Ambroz - 1.0-7 +- cosmetic changes in the signature verification + +* Sun Oct 20 2019 Michal Ambroz - 1.0-6 +- check the signatures, fix man permission, comment patch + +* Mon Apr 01 2019 Michal Ambroz - 1.0-5 +- package based on the cert.ord package by Lawrence R. Rogers (lrr@cert.org) + diff --git a/gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg b/gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg new file mode 100644 index 0000000..d161def Binary files /dev/null and b/gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg differ diff --git a/sources b/sources new file mode 100644 index 0000000..dccac5e --- /dev/null +++ b/sources @@ -0,0 +1,2 @@ +SHA512 (aeskeyfind-1.0.tar.gz) = a523e0edb47c4f0386fc692c5ba7a858e6bf79e870980c7e7338f41fbdd29ecd9855269801c8581047a039d014d242652632676650c3b859c2d23f47bc231713 +SHA512 (aeskeyfind-1.0.tar.gz.asc) = 9623a8fda5545108ca93c0f4b291b9760a2a5a75380585862f47d3c00096f9b2e43c68e14450e8a4c001a2a10db65a626e6eaae7d77f8305113862f2dff4315f