1 files changed, 64 insertions, 1 deletions

diff --git a/lib/lib2.c b/lib/lib2.c
index f6088bf..70a7160 100644
--- a/lib/lib2.c
+++ b/lib/lib2.c
@@ -48,6 +48,7 @@ int valid_pkcs7_padding(const char *in, int length_in, char *unpadded, int block
 		return 0;
 
 	memcpy(unpadded, in, (length_in-padding_length));
+	unpadded[length_in-padding_length+1] ='\0';
 	return 1;
 }
 
@@ -99,7 +100,6 @@ int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char
 			}
 		}
 	}
-
 	return 0;
 
 }
@@ -339,3 +339,66 @@ void send_user(char *encrypted_user, int length)
 	printf("Got user: %s\n", unencrypted_user);
 	parse_key_value(unencrypted_user, strlen(unencrypted_user));
 }
+
+
+int challenge16_encrypt(char *input, char **encrypted)
+{
+	char *prepend = "comment1=cooking\%20MCs;userdata=";
+	char *append = ";comment2=\%20like\%20a\%20pound\%20of\%20bacon";
+	char *unencrypted;
+
+
+	char printable_equal[3];
+	char printable_semicolon[3];
+	int i, count;
+	int quote_char = 0;
+
+	for(i=0;i<strlen(input);i++)
+		if(input[i] == ';' || input[i] == '=')
+			quote_char++;
+
+	// = and ; get %3d and %3b
+	char *res = malloc(strlen(input-quote_char) + quote_char*3 +
+			strlen(prepend) + strlen(append));
+
+	hex_binary_to_string("=", printable_equal, 1);
+	hex_binary_to_string(";", printable_semicolon, 1);
+
+
+	memcpy(res, prepend, strlen(prepend));
+
+	for (i=0, count = strlen(prepend);i<strlen(input);i++, count++) {
+		if (input[i] == '=') {
+			res[count++] = '%';
+			res[count++] = printable_equal[0];
+			res[count] = printable_equal[1];
+		} else if (input[i] == ';') {
+			res[count++] = '%';
+			res[count++] = printable_semicolon[0];
+			res[count] = printable_semicolon[1];
+		}
+		else
+			res[count] = input[i];
+	}
+
+	memcpy(&res[strlen(prepend)+strlen(input)+2*quote_char], append, strlen(append));
+	res[strlen(prepend)+strlen(input)+strlen(append)+2*quote_char+1] = '\0';	
+	// padding
+	unencrypted = pkcs7_padding(res, strlen(res), 16);
+	printf("%s\n", unencrypted);
+	*encrypted = malloc(strlen(unencrypted));
+	aes_cbc(unencrypted, strlen(unencrypted), *encrypted, key, iv , 1);
+	return strlen(unencrypted);
+}
+
+void challenge16_decrypt(char *encrypted, int length)
+{
+	char *unencrypted = malloc(length);
+	char *unpadd= malloc(length);
+	
+	aes_cbc(encrypted, length, unencrypted, key, iv, 0);
+	// unpadd
+	valid_pkcs7_padding(unencrypted, length, unpadd, 16);
+	// look for string ;admin=true;
+	printf("unencrpyted string: %s\n", unpadd);
+}