Question

Questions

1. What is the command to compile the files with extra symbols that are useful for GDB?
2. What's the address of stuff?
3. What's the address of stuff[0]?
4. Do we expect these to be the same? Why? Explain what the [ ] operator does in C.
5. In Blowfish_Init( ), what is the value of key?
6. What command(s) did you type in order to learn this?
7. In Blowfish_Init( ), what are the values of i and j after the nested for loops have finished? i.e., after:

     for (i = 0; i < 4; i++) {
       for (j = 0; j < 256; j++)
         ctx->S[i][j] = ORIG_S[i][j];
     }
   

8. What command(s) did you type in order to learn this?
9. Before the Blowfish_Encrypt function is called, what is the value of stuff[3] (for each, print the value, and the command used to obtain the value):
   • in hex?
   • in binary?
   • as a float?
   • as 4 chars?
10. Before the Blowfish_Encrypt function is called, what is the value of stuff if we treat it as a string? (You don't have to write the whole string. Just describe what's there.) What was the command typed in order to obtain this value?
11. What is the value of x the first time that the function F() in Blowfish.c is called?
12. What is the output if we run GDB's backtrace (abbreviated "bt") command inside the function F() in Blowfish.c the first time F() is called? Briefly explain the output of the command in your own words.

Good debuggers can be valuable tools. In this short assignment, you'll get some practice with the debugger GDB.

file name: blowfish.h

/*

* Author : Paul Kocher

* E-mail : [email protected]

* Date : 1997

* Description: C implementation of the Blowfish algorithm.

*/

#include <stdint.h>

#define MAXKEYBYTES 56 /* 448 bits */

typedef struct {

uint32_t P[16 + 2];

uint32_t S[4][256];

} BLOWFISH_CTX;

void Blowfish_Init(BLOWFISH_CTX *ctx, unsigned char *key, int keyLen);

void Blowfish_Encrypt(BLOWFISH_CTX *ctx, uint32_t *xl, uint32_t *xr);

void Blowfish_Decrypt(BLOWFISH_CTX *ctx, uint32_t *xl, uint32_t *xr);

int Blowfish_Test(BLOWFISH_CTX *ctx); /* 0=ok, -1=bad */

file name: blowfish.c

/*

* Author : Paul Kocher

* E-mail : [email protected]

* Date : 1997

* Description: C implementation of the Blowfish algorithm.

*/

#include <stdint.h>

#include "blowfish.h"

#define N 16

static uint32_t F(BLOWFISH_CTX *ctx, uint32_t x);

static const uint32_t ORIG_P[16 + 2] = {

0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,

0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,

0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,

0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,

0x9216D5D9L, 0x8979FB1BL

};

uint32_t F(BLOWFISH_CTX *ctx, uint32_t x) {

unsigned short a, b, c, d;

uint32_t y;

d = x & 0x00FF;

x >>= 8;

c = x & 0x00FF;

x >>= 8;

b = x & 0x00FF;

x >>= 8;

a = x & 0x00FF;

y = ctx->S[0][a] + ctx->S[1][b];

y = y ^ ctx->S[2][c];

y = y + ctx->S[3][d];

return y;

}

void Blowfish_Encrypt(BLOWFISH_CTX *ctx, uint32_t *xl, uint32_t *xr) {

uint32_t Xl;

uint32_t Xr;

uint32_t temp;

short i;

Xl = *xl;

Xr = *xr;

for (i = 0; i < N; ++i) {

Xl = Xl ^ ctx->P[i];

Xr = F(ctx, Xl) ^ Xr;

temp = Xl;

Xl = Xr;

Xr = temp;

}

temp = Xl;

Xl = Xr;

Xr = temp;

Xr = Xr ^ ctx->P[N];

Xl = Xl ^ ctx->P[N + 1];

*xl = Xl;

*xr = Xr;

}

void Blowfish_Decrypt(BLOWFISH_CTX *ctx, uint32_t *xl, uint32_t *xr) {

uint32_t Xl;

uint32_t Xr;

uint32_t temp;

short i;

Xl = *xl;

Xr = *xr;

for (i = N + 1; i > 1; --i) {

Xl = Xl ^ ctx->P[i];

Xr = F(ctx, Xl) ^ Xr;

/* Exchange Xl and Xr */

temp = Xl;

Xl = Xr;

Xr = temp;

}

/* Exchange Xl and Xr */

temp = Xl;

Xl = Xr;

Xr = temp;

Xr = Xr ^ ctx->P[1];

Xl = Xl ^ ctx->P[0];

*xl = Xl;

*xr = Xr;

}

void Blowfish_Init(BLOWFISH_CTX *ctx, unsigned char *key, int keyLen) {

int i, j, k;

uint32_t data, datal, datar;

for (i = 0; i < 4; i++) {

for (j = 0; j < 256; j++)

ctx->S[i][j] = ORIG_S[i][j];

}

j = 0;

for (i = 0; i < N + 2; ++i) {

data = 0x00000000;

for (k = 0; k < 4; ++k) {

data = (data << 8) | key[j];

j = j + 1;

if (j >= keyLen)

j = 0;

}

ctx->P[i] = ORIG_P[i] ^ data;

}

datal = 0x00000000;

datar = 0x00000000;

for (i = 0; i < N + 2; i += 2) {

Blowfish_Encrypt(ctx, &datal, &datar);

ctx->P[i] = datal;

ctx->P[i + 1] = datar;

}

for (i = 0; i < 4; ++i) {

for (j = 0; j < 256; j += 2) {

Blowfish_Encrypt(ctx, &datal, &datar);

ctx->S[i][j] = datal;

ctx->S[i][j + 1] = datar;

}

}

}

int Blowfish_Test(BLOWFISH_CTX *ctx) {

uint32_t L = 1, R = 2;

Blowfish_Init (ctx, (unsigned char*)"TESTKEY", 7);

Blowfish_Encrypt(ctx, &L, &R);

if (L != 0xDF333FD2L || R != 0x30A71BB4L)

return (-1);

Blowfish_Decrypt(ctx, &L, &R);

if (L != 1 || R != 2)

return (-1);

return (0);

}

file name : GDBassign.c

#include <stdio.h>

#include <stdint.h>

#include <string.h>

#include "blowfish.h"

int main(void)

{

uint32_t stuff[] = {

0x202c684f,0x206f6877,0x20657261,0x20656874,

0x706f6570,0x6920656c,0x6f79206e,0x6e207275,

0x68676965,0x68726f62,0x3f646f6f,0x206e490a,

0x72756f79,0x69656e20,0x6f626867,0x6f6f6872,

0xa203f64,0x206e4920,0x72756f79,0x69656e20,

0x6f626867,0x6f6f6872,0xa203f64,0x79615320,

0x6877202c,0x7261206f,0x68742065,0x65702065,

0x656c706f,0x206e6920,0x72756f79,0x69656e20,

0x6f626867,0x6f6f6872,0xa203f64,0x65685420,

0x6f657020,0x20656c70,0x74616874,0x756f7920,

0x65656d20,0x61652074,0x64206863,0xa207961,

0x5b200a20,0x74796e41,0x676e6968,0x70754d20,

0x20746570,0x203a3123,0x276e6f44,0x6f792074,

0x696c2075,0x4320656b,0x73697268,0x73616d74,

0xa205d3f,0x6f425b20,0x4f2

char *key = "LAME_KEY";

BLOWFISH_CTX ctx;

int i,

stufflen, /* length of the stuff array */

keylen; /* length of the key */

char *p;

/* remember that we have to be careful with such

uses of sizeof */

stufflen=sizeof(stuff)/4;

keylen=strlen(key);

Blowfish_Init(&ctx, (unsigned char*)key, keylen);

printf("Encrypting buffer ...\n");

for (i=0; i<stufflen; i++) {

Blowfish_Encrypt(&ctx, &stuff[i], &more_stuff[i]);

}

printf("Decrypting buffer ...\n");

for (i=0; i<stufflen; i++) {

Blowfish_Decrypt(&ctx, &stuff[i], &more_stuff[i]);

}

printf("Done.\n");

return 0;

}

Answer 1

1. The command used to compile the files with extra symbols that are useful for GDB:-

gcc -g GDBassign.c blowfish.c

2. The address of the stuff:-

gdb a.out

break main

run

x stuff

0x7fffffffde50: 0x72657645

3. The address of stuff[0]:-

x &stuff[0]

0x7fffffffde50: 0x72657645

4. We expect these to be the same because the pointer to the entire array will refer the first element of that array. The [] operator is short for

*(ptr + i). Where i would be the index.

5. In Blowfish_Init( ), the value for the key is :

key = 0x400be0 "LAME_KEY"

6. In order to learn this you have to type:

break Blowfish_Init

d key

c

7. The values of i and j after the nested for loops have finished:

i = 4

j = 256

8. The commands i write in order to learn this:

break Blowfish_Init

s //until reach blowfish function

s //until in for loop

u //to finish for loop

p i

p j

9. Before the Blowfish_Encrypt function is called, the value of stuff[3] (for each, print the value, and the command used to obtain the value):

break main

n //until printf("Encrypting buffer ..\n"); //This is code just before Blowfish_Encrypt is called

In hex:-

p /x stuff[3]

0x77612073

in Binary:-

p /t stuff[3]

1110111011000010010000001110011

as a float:-

p /f stuff[3]

4.56611305e+33

as 4 chars:-

x /4c &stuff[3]

115 's', 32 ' ' , 97 'a', 119 'w'

10.  Before the Blowfish_Encrypt function is called, the value of stuff if we treat it as a string is x /s stuff

the command typed in order to obtain this value

"Everything is awesome\n Everything is cool when you're part of a team\n Everything is awesome\n When we're living our dream\n \n Everything is better when we stick together\n Side by side\n You and I\n Gonna "...

11. The value of x when the first time that the function F() in Blowfish.c is called:-

Breakpoint 2, F (ctx=0x7fffffffc7d0, x=1753098189) at blowfish.c:550

550 d = x & 0x00FF;

(gdb) p x

$10 = 1753098189

12. output and the explanation of the output:-

(gdb) bt

#0 F (ctx=0x7fffffffc7d0, x=1753098189) at blowfish.c:550

#1 0x0000000000400749 in Blowfish_Encrypt (ctx=0x7fffffffc7d0, xl=0x7fffffffc7a4, xr=0x7fffffffc7a0) at blowfish.c:602

#2 0x0000000000400974 in Blowfish_Init (ctx=0x7fffffffc7d0, key=0x400be0 "LAME_KEY", keyLen=8) at blowfish.c:754

#3 0x0000000000400581 in main () at GDBassign.c:228

Backtrace was run inside the function F() the arguments of the Function Call F() are listed along with the value of each variable. Next, the Blowfish_Encrypt method which contains the F method, and the arguments for the Blowfish_Encrypt call that has F() in its scope.After that, the Blowfish_init function with its arguments, values of the arguments, and it has Blowfish_Encrypt in its scope.

So, backtrace is showing the functions that were called to get me to my current frame, the first time F() is called, and also it indicates the line number and the source file of the relevant methods.