Changes

Jump to navigation Jump to search
29 bytes added ,  05:38, 19 June 2018
Line 26: Line 26:  
=== Part 3 ===
 
=== Part 3 ===
 
# Gets a 0x28 byte response from Syscon with a header <code>30 03 00 0F 00 00 00 00</code> and 0x20 buffer.
 
# Gets a 0x28 byte response from Syscon with a header <code>30 03 00 0F 00 00 00 00</code> and 0x20 buffer.
# Decrypt with AES-128-CBC with IV from part 2 (it is the last ciphertext generated, or the last 16 bytes of the ciphertext sent from F00D) and the key '''Shared Key B'''.
+
# Decrypt with AES-128-CBC with IV from part 2 (it is the last ciphertext generated, or the last 16 bytes of the ciphertext sent from F00D) and the key '''Shared Key B'''. (In class B, the IV is zero)
 
# Check that first 8 byte matches unknown and next 8 byte matches the F00D nonce generated in part 2.1.
 
# Check that first 8 byte matches unknown and next 8 byte matches the F00D nonce generated in part 2.1.
 
# Encrypt the same buffer back using '''Shared Key C''' for 16 bytes. The IV will be the last 16 bytes from the encrypted input buffer.
 
# Encrypt the same buffer back using '''Shared Key C''' for 16 bytes. The IV will be the last 16 bytes from the encrypted input buffer.

Navigation menu