rpms/aeskeyfind
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: rpms:epel8-playground
Branches Tags
rpms:rawhide
rpms:main
rpms:f43
rpms:f42
rpms:epel10
rpms:epel10.0
rpms:epel10.1
rpms:f41
rpms:f40
rpms:epel8
rpms:epel7
rpms:epel9
rpms:f37
rpms:f38
rpms:f39
rpms:epel8-playground
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f30
rpms:f31
rpms:f32
..
compare: rpms:rawhide
Branches Tags
rpms:main
rpms:rawhide
rpms:f43
rpms:f42
rpms:epel10
rpms:epel10.0
rpms:epel10.1
rpms:f41
rpms:f40
rpms:epel8
rpms:epel7
rpms:epel9
rpms:f37
rpms:f38
rpms:f39
rpms:epel8-playground
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f30
rpms:f31
rpms:f32

24 commits
epel8-play ... rawhide

Author SHA1 Message Date
Fedora Release Engineering
94fe64394a Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild 2026-01-16 03:29:59 +00:00
Fedora Release Engineering
dbc3dbd349 Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild 2025-07-23 16:48:42 +00:00
Fedora Release Engineering
f02c3f946b Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild 2025-01-16 10:40:57 +00:00
Miroslav Suchý
05e732cce1 convert license to SPDX 
This is part of https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_4
 2024-08-28 07:47:27 +02:00
Fedora Release Engineering
5bbef76072 Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild 2024-07-17 16:41:26 +00:00
Fedora Release Engineering
89c4d0bb75 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-22 22:45:04 +00:00
Fedora Release Engineering
3d73710018 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-19 12:21:36 +00:00
Michal Ambroz
98b02b7e2a update the changelog 2023-09-07 02:11:54 +02:00
Michal Ambroz
bf59f845e5 rename the patches 2023-09-07 01:42:38 +02:00
Samuel Henrique (samueloph)
e134bf629d Import 2 Debian patches for large file support and fix silent regression 
Check patches' description for details.
 2023-09-06 15:53:30 +00:00
Fedora Release Engineering
7bb79064e7 Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-07-19 12:59:17 +00:00
Fedora Release Engineering
fa36058761 Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-01-18 21:28:17 +00:00
Fedora Release Engineering
1d46e79409 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-07-20 20:31:01 +00:00
Fedora Release Engineering
27baab1043 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-01-19 21:00:00 +00:00
Fedora Release Engineering
d00fc31403 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-07-21 17:19:46 +00:00
Fedora Release Engineering
06820fe272 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-07-21 12:24:27 +00:00
Michal Ambroz
08ad49b8c0 readme cosmetics 2021-04-22 09:04:06 +02:00
Fedora Release Engineering
897b3049d9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-25 23:52:12 +00:00
Fedora Release Engineering
93be29dd51 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-31 23:50:04 +00:00
Fedora Release Engineering
aa45010583 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-27 11:48:34 +00:00
Michal Ambroz
d40c25664e README.md cosmetics 2020-05-30 10:35:21 +00:00
rpmbuild
8f2b7a5554 update the package description in README.md 2020-05-30 10:07:21 +00:00
rpmbuild
069c652eaa upload sources 2020-02-24 00:19:35 +01:00
rpmbuild
f384a1c272 initial load of the aeskeyfind package 2020-02-24 00:14:08 +01:00
11 changed files with 322 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
/aeskeyfind-1.0.tar.gz
/aeskeyfind-1.0.tar.gz.asc

16
README.md Normal file
View file

@ -0,0 +1,16 @@
# aeskeyfind
The aeskeyfind rpm package.
This program illustrates automatic techniques for locating 128-bit and
256-bit AES keys in a captured memory image.
The program uses various algorithms and also performs a simple entropy
test to filter out blocks that are not keys. It counts the number of
repeated bytes and skips blocks that have too many repeats.
This method works even if several bits of the key schedule have been
corrupted due to memory decay.
This package is useful to several activities, as forensics investigations.

20
aeskeyfind-10_add-GCC-hardening.patch Normal file
View file

@ -0,0 +1,20 @@
Description: add GCC hardening.
Author: Joao Eriberto Mota Filho <eriberto@debian.org>
Last-Update: 2015-02-26
Index: aeskeyfind-1.0/Makefile
===================================================================
--- aeskeyfind-1.0.orig/Makefile
+++ aeskeyfind-1.0/Makefile
@@ -1,10 +1,10 @@
-CFLAGS= -Wall -O4 -std=c99
+CFLAGS += -Wall -O4 -std=c99
OBJS= aeskeyfind.o aes.o util.o
all: aeskeyfind
aeskeyfind: $(OBJS)
- $(CC) -o aeskeyfind $(OBJS)
+ $(CC) $(LDFLAGS) -o aeskeyfind $(OBJS)
clean:
@rm -f aeskeyfind *~ \#* $(OBJS)

17
aeskeyfind-20_sbox-size.patch Normal file
View file

@ -0,0 +1,17 @@
Description: Fix sbox array size
See #692293 for details.
Author: Samuel Henrique <samueloph@gmail.com>
Last-Update: 2017-01-01
Index: aeskeyfind/aes.h
===================================================================
--- aeskeyfind.orig/aes.h
+++ aeskeyfind/aes.h
@@ -4,7 +4,7 @@
typedef uint32_t aeskey_t[4];
typedef uint32_t keyexp_t[44];
-extern uint8_t sbox[255];
+extern uint8_t sbox[256];
extern uint8_t rcon[255];
// Perform the AES key core operation on a word.

55
aeskeyfind-30_big-files-support.patch Normal file
View file

@ -0,0 +1,55 @@
Description: Support for files bigger than 4GB
aeskeyfind has a bug where it fails to process a file larger than 4GB properly.
Instead it will process only filesize & 0xffffffff. Sign confusion in entropy
function can also lead to a crash when processing a large file. Finally, on
32-bit systems size parameter to mmap would get quietly truncated.
PS. Due to the design limitations the application cannot scan very large files
on 32-bit systems. This patch doesn't address that limitation, it however makes
the application fail gracefully if the situation is met.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926786
Author: Harry Sintonen <debianbugs@kyber.fi>
Index: aeskeyfind/aeskeyfind.c
===================================================================
--- aeskeyfind.orig/aeskeyfind.c
+++ aeskeyfind/aeskeyfind.c
@@ -90,7 +90,7 @@ static void print_key(uint32_t* map, int
// more than 8 repeats of any byte. This is a primitive measure of
// entropy, but it works well enough. The function keeps track of a
// sliding window of byte counts.
-static int entropy(const uint8_t* bmap, int i)
+static int entropy(const uint8_t* bmap, size_t i)
{
static int new_call = 1;
static int byte_freq[256] = {0};
@@ -208,7 +208,7 @@ static void find_keys(const uint8_t* bma
// Memory maps filename and return a pointer on success, setting len
// to the length of the file (does not return on error)
-unsigned char *map_file(char *filename, unsigned int *len) {
+unsigned char *map_file(char *filename, size_t *len) {
int fd = open(filename, O_RDONLY);
if (fd < 0)
err(1, "image open failed");
@@ -217,6 +217,11 @@ unsigned char *map_file(char *filename,
if (fstat(fd, &st) != 0)
err(1, "image fstat failed");
+ if (st.st_size > SIZE_MAX) {
+ errno = EINVAL;
+ err(1, "image too large to mmap");
+ }
+
unsigned char *map;
map = (unsigned char*)mmap(0, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
if (map == MAP_FAILED)
@@ -265,7 +270,7 @@ int main(int argc, char * argv[])
exit(1);
}
- unsigned int len;
+ size_t len;
unsigned char *image = map_file(argv[0], &len);
if (len < 240) {
fprintf(stderr, "memory image too small\n");

17
aeskeyfind-40_fix-undefined-left-shift.patch Normal file
View file

@ -0,0 +1,17 @@
Description: Fix bug caused by code with undefined behavior (left shift with negative exponent)
Bug-Debian: https://bugs.debian.org/989179
Bug-Ubuntu: https://bugs.launchpad.net/debian/+source/aeskeyfind/+bug/1838334
Author: Adrian Bunk <bunk@debian.org>
Index: aeskeyfind/aes.h
===================================================================
--- aeskeyfind.orig/aes.h
+++ aeskeyfind/aes.h
@@ -12,7 +12,7 @@ extern uint8_t rcon[255];
static inline uint32_t key_core(uint32_t k, int i) {
uint32_t t = 0;
for (int j=0; j<4; j++)
- t = set_byte(t, (j-1)%4, sbox[get_byte(k,j)]);
+ t = set_byte(t, (j-1+4)%4, sbox[get_byte(k,j)]);
return set_byte(t, 0, get_byte(t,0) ^ rcon[i]);
}

36
aeskeyfind.1 Normal file
View file

@ -0,0 +1,36 @@
.TH "aeskeyfind" "1" "07-23-2011" "User Commands" "User Commands"
.SH "NAME"
aeskeyfind \- Locates 128-bit and 256-bit AES keys in a captured memory image.
.SH SYNOPSIS
.B aeskeyfind
[OPTION] MEMORY-IMAGE
.SH DESCRIPTION
aeskeyfind is a tool that illustrates automatic techniques for locating 128-bit and 256-bit AES keys in a captured memory image.
.SH OPTIONS
.LP
.ne 3
.TP
.BI -v\c
verbose output -- prints the extended keys and the constraints on the rows of the key schedule
.ne 3
.TP
.BI -q\c
don't display a progress bar
.ne 3
.TP
.BI -t\ THRESHOLD\c
sets the maximum number of bit errors allowed in a candidate key schedule
.ne 3
.TP
.BI -h\c
displays usage help
.SH BUGS
Likely.
.SH "SEE ALSO"
\fBbiosmemimage\fR(1),
\fBrsakeyfind\fR(1)
.SH AUTHOR
.TP
aeskeyfind was written by Nadia Heninger and Ariel Feldman.
.TP
This manual page was adapted by Julien Valroff <julien@debian.org> from rsakeyfind.1, originally written by Jacob Appelbaum <jacob@appelbaum.net> for the \fBDebian\fP system (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.

157
aeskeyfind.spec Normal file
View file

@ -0,0 +1,157 @@
Name: aeskeyfind
Version: 1.0
Release: 23%{?dist}
# 3-clause BSD license
# Automatically converted from old format: BSD - review is highly recommended.
License: LicenseRef-Callaway-BSD
Summary: Locate 128-bit and 256-bit AES keys in a captured memory image
# Original URL: https://citp.princeton.edu/research/memory/
# https://citp.princeton.edu/our-work/memory/
# https://citp.princeton.edu/our-work/memory/code
URL: https://citp.princeton.edu/our-work/memory/
# New mirror on github
# Mirror https://github.com/DonnchaC/coldboot-attacks
# Fork https://github.com/makomk/aeskeyfind
# https://citp.princeton.edu/memory-content/src/aeskeyfind-1.0.tar.gz
# https://web.archive.org/web/20160501132651/https://citp.princeton.edu/memory-content/src/aeskeyfind-1.0.tar.gz
# http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%%{name}-%%{version}.tar.gz
Source0: http://citpsite.s3-website-us-east-1.amazonaws.com/memory-content/src/%{name}-%{version}.tar.gz
# https://web.archive.org/web/20160501132651/https://citp.princeton.edu/memory-content/src/aeskeyfind-1.0.tar.gz.asc
# http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%%{name}-%%{version}.tar.gz.asc
Source1: http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/memory-content/src/%{name}-%{version}.tar.gz.asc
# The authenticator public key obtained from release 1.0
# gpg2 -vv aeskeyfind-1.0.tar.gz.asc
# Signed by Jacob Appelbaum <jacob () appelbaum net>
# gpg2 --search-key B8841A919D0FACE4
# gpg2 --search-key 12E404FFD3C931F934052D06B8841A919D0FACE4
# gpg2 --list-public-keys 12E404FFD3C931F934052D06B8841A919D0FACE4
# gpg2 --export --export-options export-minimal 12E404FFD3C931F934052D06B8841A919D0FACE4 > gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg
Source2: gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg
# Manual page from Debian
Source3: aeskeyfind.1
# Original Debian patch to allow build hardening by usage of CFLAGS and LDFLAGS
# Author: Joao Eriberto Mota Filho <eriberto@debian.org>
Patch1: aeskeyfind-10_add-GCC-hardening.patch
# Original Debian patch to fix the size of the sbox
# Author: Samuel Henrique <samueloph@debian.org>
Patch2: aeskeyfind-20_sbox-size.patch
# Original Debian patch to support for files bigger than 4GB
# Author: Harry Sintonen <debianbugs@kyber.fi>
Patch3: aeskeyfind-30_big-files-support.patch
# Original Debian patch to fix silent regression caused by UC
# Author: Adrian Bunk <bunk@debian.org>
Patch4: aeskeyfind-40_fix-undefined-left-shift.patch
Buildrequires: gcc
Buildrequires: make
BuildRequires: gnupg2
%description
This program illustrates automatic techniques for locating 128-bit and
256-bit AES keys in a captured memory image.
The program uses various algorithms and also performs a simple entropy
test to filter out blocks that are not keys. It counts the number of
repeated bytes and skips blocks that have too many repeats.
This method works even if several bits of the key schedule have been
corrupted due to memory decay.
This package is useful to several activities, as forensics investigations.
%prep
#check signature
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%autosetup -n %{name}
%build
%set_build_flags
%make_build %{?_smp_mflags}
%install
install -Dp -m755 %{name} %{buildroot}%{_bindir}/%{name}
install -d %{buildroot}%{_mandir}/man1
install -p -m644 %{SOURCE3} %{buildroot}%{_mandir}/man1
%files
%license LICENSE
%doc README
%{_bindir}/%{name}
%{_mandir}/man1/%{name}.1*
%changelog
* Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Aug 28 2024 Miroslav Suchý <msuchy@redhat.com> - 1.0-20
- convert license to SPDX
* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Sep 07 2023 Samuel Henrique <samueloph@debian.org> - 1.0-16
- sync with the bugfix patches with Debian
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jul 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-9
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Feb 10 2020 Michal Ambroz <rebus at, seznam.cz> - 1.0-7
- cosmetic changes in the signature verification
* Sun Oct 20 2019 Michal Ambroz <rebus at, seznam.cz> - 1.0-6
- check the signatures, fix man permission, comment patch
* Mon Apr 01 2019 Michal Ambroz <rebus at, seznam.cz> - 1.0-5
- package based on the cert.ord package by Lawrence R. Rogers (lrr@cert.org)

1
dead.package
View file

@ -1 +0,0 @@
epel8-playground decommissioned : https://pagure.io/epel/issue/136

BIN
gpgkey-12E404FFD3C931F934052D06B8841A919D0FACE4.gpg Normal file
View file

Binary file not shown.

2
sources Normal file
View file

@ -0,0 +1,2 @@
SHA512 (aeskeyfind-1.0.tar.gz) = a523e0edb47c4f0386fc692c5ba7a858e6bf79e870980c7e7338f41fbdd29ecd9855269801c8581047a039d014d242652632676650c3b859c2d23f47bc231713
SHA512 (aeskeyfind-1.0.tar.gz.asc) = 9623a8fda5545108ca93c0f4b291b9760a2a5a75380585862f47d3c00096f9b2e43c68e14450e8a4c001a2a10db65a626e6eaae7d77f8305113862f2dff4315f