I'm pretty much a massive nub when it comes to c programming so please bear with me.
Is it possible to take an int, determine it's hex value then store that hex value in one byte of a char array? I've been more than successful in turning an int into an array of chars such as buffer = 0xAF using sprintf, but I have been failing miserably int getting 0xAF into one byte of a char array. To give a better idea, I'm trying to brute force an AES key with openssl. I've got 13 of the bytes, but I need the other 3. so my initial char array for the key is :
char key[16] = "\x01\x23\x45\x67\x89\x1a\xbc\xde\xf0\x01\x23\x45\x67";
and I'm trying to put a hex value in key[13], key[14], and key[15].
Is it possible to take an int, determine it's hex value then store that hex value in one byte of a char array? I've been more than successful in turning an int into an array of chars such as buffer = 0xAF using sprintf, but I have been failing miserably int getting 0xAF into one byte of a char array. To give a better idea, I'm trying to brute force an AES key with openssl. I've got 13 of the bytes, but I need the other 3. so my initial char array for the key is :
char key[16] = "\x01\x23\x45\x67\x89\x1a\xbc\xde\xf0\x01\x23\x45\x67";
and I'm trying to put a hex value in key[13], key[14], and key[15].
welp, i think i'm a dunce. i think i figured it out. i can just assign the int value to the array space and isn't it basically equivalent?
yes. numbers are numbers
ok, thats solved. now another question i have is, i'm printing each key that i try using printf (just to make sure the key is incrementing properly). What I'm getting is that any hex value >=8 causes there to be 6 F's to pad it. so for hex 0x89 printf prints 0xFFFFFF89. The exact command I'm using is
printf("%#X ",key[i]); in a for look.
here's the sourcecode: http://pastebin.com/pumyknjL
printf("%#X ",key[i]); in a for look.
here's the sourcecode: http://pastebin.com/pumyknjL
%x prints an unsigned int which is 4 bytes and your value is a single byte. This should work:
printf("%#X ", key[i] & 0xff);
printf("%#X ", key[i] & 0xff);
ahhh, ok thank you! I guess that would explain why if i did printf("%i ",key[i]) it would give me negative numbers for numbers over 128. I cast the key char array as unsigned char instead.
werd. good on yah for learnin the C
I have one more question. Take this program for example: http://pastebin.com/K0tv4nnC
So for example, line 34. If I were to replace strlen(plaintext) by strlen(ciphertext) I would get an incorrect answer, mainly it would only encode 36 bytes of the ciphertext and not the whole 174 bytes. This is because strlen is returning an incorrect value. I put in some printf's to see if things were being placed in the other byte slots of the ciphertext char array and yes they were being populated. This makes me think that theres some character in the ciphertext that is making strlen return the wrong value. Is this possible or am I just doing something dumb?
So for example, line 34. If I were to replace strlen(plaintext) by strlen(ciphertext) I would get an incorrect answer, mainly it would only encode 36 bytes of the ciphertext and not the whole 174 bytes. This is because strlen is returning an incorrect value. I put in some printf's to see if things were being placed in the other byte slots of the ciphertext char array and yes they were being populated. This makes me think that theres some character in the ciphertext that is making strlen return the wrong value. Is this possible or am I just doing something dumb?
Couldn't you just use some variation of sizeof(unsigned char) and come up with the correct length from bytes used?
Yeah that's probably safer there than treating it as a string.
I never used the OpenSSL API but looking at the man page, I think you should be able to use the lengths returned by the EVP_Encrypt* functions:
... EVP_EncryptInit(&ctx, EVP_aes_128_cfb(), key, iv); EVP_EncryptUpdate(&ctx, encnum, &c_len, counter, byte); EVP_EncryptFinal(&ctx, &encnum[c_len], &out_len); ... EVP_EncodeBlock(encoded, ciphertext, c_len + out_len);
openssl lib is enormous btw... so it would be bad to include it just for a few functions.
These are just practice, so I can get my feet wet basically. not like any of this will ever be used in any type of real program.
this will not be used in a production environment
Also not to run nuclear power plants!