rpms/aeskeyfind
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:f30
Branches Tags
rpms:rawhide
rpms:main
rpms:f43
rpms:f42
rpms:epel10
rpms:epel10.0
rpms:epel10.1
rpms:f41
rpms:f40
rpms:epel8
rpms:epel7
rpms:epel9
rpms:f37
rpms:f38
rpms:f39
rpms:epel8-playground
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f30
rpms:f31
rpms:f32
...
pull from: rpms:rawhide
Branches Tags
rpms:main
rpms:rawhide
rpms:f43
rpms:f42
rpms:epel10
rpms:epel10.0
rpms:epel10.1
rpms:f41
rpms:f40
rpms:epel8
rpms:epel7
rpms:epel9
rpms:f37
rpms:f38
rpms:f39
rpms:epel8-playground
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f30
rpms:f31
rpms:f32
Sign in to create a new pull request.

22 commits
f30 ... rawhide

Author SHA1 Message Date
Fedora Release Engineering
94fe64394a Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild 2026-01-16 03:29:59 +00:00
Fedora Release Engineering
dbc3dbd349 Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild 2025-07-23 16:48:42 +00:00
Fedora Release Engineering
f02c3f946b Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild 2025-01-16 10:40:57 +00:00
Miroslav Suchý
05e732cce1 convert license to SPDX 
This is part of https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_4
 2024-08-28 07:47:27 +02:00
Fedora Release Engineering
5bbef76072 Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild 2024-07-17 16:41:26 +00:00
Fedora Release Engineering
89c4d0bb75 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-22 22:45:04 +00:00
Fedora Release Engineering
3d73710018 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-19 12:21:36 +00:00
Michal Ambroz
98b02b7e2a update the changelog 2023-09-07 02:11:54 +02:00
Michal Ambroz
bf59f845e5 rename the patches 2023-09-07 01:42:38 +02:00
Samuel Henrique (samueloph)
e134bf629d Import 2 Debian patches for large file support and fix silent regression 
Check patches' description for details.
 2023-09-06 15:53:30 +00:00
Fedora Release Engineering
7bb79064e7 Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-07-19 12:59:17 +00:00
Fedora Release Engineering
fa36058761 Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-01-18 21:28:17 +00:00
Fedora Release Engineering
1d46e79409 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-07-20 20:31:01 +00:00
Fedora Release Engineering
27baab1043 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-01-19 21:00:00 +00:00
Fedora Release Engineering
d00fc31403 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-07-21 17:19:46 +00:00
Fedora Release Engineering
06820fe272 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-07-21 12:24:27 +00:00
Michal Ambroz
08ad49b8c0 readme cosmetics 2021-04-22 09:04:06 +02:00
Fedora Release Engineering
897b3049d9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-25 23:52:12 +00:00
Fedora Release Engineering
93be29dd51 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-31 23:50:04 +00:00
Fedora Release Engineering
aa45010583 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-27 11:48:34 +00:00
Michal Ambroz
d40c25664e README.md cosmetics 2020-05-30 10:35:21 +00:00
rpmbuild
8f2b7a5554 update the package description in README.md 2020-05-30 10:07:21 +00:00
4 changed files with 147 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

15
README.md
View file

@ -1,3 +1,16 @@
# aeskeyfind
The aeskeyfind package
The aeskeyfind rpm package.
This program illustrates automatic techniques for locating 128-bit and
256-bit AES keys in a captured memory image.
The program uses various algorithms and also performs a simple entropy
test to filter out blocks that are not keys. It counts the number of
repeated bytes and skips blocks that have too many repeats.
This method works even if several bits of the key schedule have been
corrupted due to memory decay.
This package is useful to several activities, as forensics investigations.

55
aeskeyfind-30_big-files-support.patch Normal file
View file

@ -0,0 +1,55 @@
Description: Support for files bigger than 4GB
aeskeyfind has a bug where it fails to process a file larger than 4GB properly.
Instead it will process only filesize & 0xffffffff. Sign confusion in entropy
function can also lead to a crash when processing a large file. Finally, on
32-bit systems size parameter to mmap would get quietly truncated.
PS. Due to the design limitations the application cannot scan very large files
on 32-bit systems. This patch doesn't address that limitation, it however makes
the application fail gracefully if the situation is met.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926786
Author: Harry Sintonen <debianbugs@kyber.fi>
Index: aeskeyfind/aeskeyfind.c
===================================================================
--- aeskeyfind.orig/aeskeyfind.c
+++ aeskeyfind/aeskeyfind.c
@@ -90,7 +90,7 @@ static void print_key(uint32_t* map, int
// more than 8 repeats of any byte. This is a primitive measure of
// entropy, but it works well enough. The function keeps track of a
// sliding window of byte counts.
-static int entropy(const uint8_t* bmap, int i)
+static int entropy(const uint8_t* bmap, size_t i)
{
static int new_call = 1;
static int byte_freq[256] = {0};
@@ -208,7 +208,7 @@ static void find_keys(const uint8_t* bma
// Memory maps filename and return a pointer on success, setting len
// to the length of the file (does not return on error)
-unsigned char *map_file(char *filename, unsigned int *len) {
+unsigned char *map_file(char *filename, size_t *len) {
int fd = open(filename, O_RDONLY);
if (fd < 0)
err(1, "image open failed");
@@ -217,6 +217,11 @@ unsigned char *map_file(char *filename,
if (fstat(fd, &st) != 0)
err(1, "image fstat failed");
+ if (st.st_size > SIZE_MAX) {
+ errno = EINVAL;
+ err(1, "image too large to mmap");
+ }
+
unsigned char *map;
map = (unsigned char*)mmap(0, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
if (map == MAP_FAILED)
@@ -265,7 +270,7 @@ int main(int argc, char * argv[])
exit(1);
}
- unsigned int len;
+ size_t len;
unsigned char *image = map_file(argv[0], &len);
if (len < 240) {
fprintf(stderr, "memory image too small\n");

17
aeskeyfind-40_fix-undefined-left-shift.patch Normal file
View file

@ -0,0 +1,17 @@
Description: Fix bug caused by code with undefined behavior (left shift with negative exponent)
Bug-Debian: https://bugs.debian.org/989179
Bug-Ubuntu: https://bugs.launchpad.net/debian/+source/aeskeyfind/+bug/1838334
Author: Adrian Bunk <bunk@debian.org>
Index: aeskeyfind/aes.h
===================================================================
--- aeskeyfind.orig/aes.h
+++ aeskeyfind/aes.h
@@ -12,7 +12,7 @@ extern uint8_t rcon[255];
static inline uint32_t key_core(uint32_t k, int i) {
uint32_t t = 0;
for (int j=0; j<4; j++)
- t = set_byte(t, (j-1)%4, sbox[get_byte(k,j)]);
+ t = set_byte(t, (j-1+4)%4, sbox[get_byte(k,j)]);
return set_byte(t, 0, get_byte(t,0) ^ rcon[i]);
}

64
aeskeyfind.spec
View file

@ -1,8 +1,9 @@
Name: aeskeyfind
Version: 1.0
Release: 7%{?dist}
Release: 23%{?dist}
# 3-clause BSD license
License: BSD
# Automatically converted from old format: BSD - review is highly recommended.
License: LicenseRef-Callaway-BSD
Summary: Locate 128-bit and 256-bit AES keys in a captured memory image
@ -40,9 +41,17 @@ Source3: aeskeyfind.1
Patch1: aeskeyfind-10_add-GCC-hardening.patch
# Original Debian patch to fix the size of the sbox
# Author: Samuel Henrique <samueloph@gmail.com>
# Author: Samuel Henrique <samueloph@debian.org>
Patch2: aeskeyfind-20_sbox-size.patch
# Original Debian patch to support for files bigger than 4GB
# Author: Harry Sintonen <debianbugs@kyber.fi>
Patch3: aeskeyfind-30_big-files-support.patch
# Original Debian patch to fix silent regression caused by UC
# Author: Adrian Bunk <bunk@debian.org>
Patch4: aeskeyfind-40_fix-undefined-left-shift.patch
Buildrequires: gcc
Buildrequires: make
BuildRequires: gnupg2
@ -88,6 +97,55 @@ install -p -m644 %{SOURCE3} %{buildroot}%{_mandir}/man1
%changelog
* Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Aug 28 2024 Miroslav Suchý <msuchy@redhat.com> - 1.0-20
- convert license to SPDX
* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Sep 07 2023 Samuel Henrique <samueloph@debian.org> - 1.0-16
- sync with the bugfix patches with Debian
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jul 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-9
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Feb 10 2020 Michal Ambroz <rebus at, seznam.cz> - 1.0-7
- cosmetic changes in the signature verification