diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/lib2.c | 65 | ||||
| -rw-r--r-- | lib/lib2.h | 3 |
2 files changed, 67 insertions, 1 deletions
@@ -48,6 +48,7 @@ int valid_pkcs7_padding(const char *in, int length_in, char *unpadded, int block return 0; memcpy(unpadded, in, (length_in-padding_length)); + unpadded[length_in-padding_length+1] ='\0'; return 1; } @@ -99,7 +100,6 @@ int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char } } } - return 0; } @@ -339,3 +339,66 @@ void send_user(char *encrypted_user, int length) printf("Got user: %s\n", unencrypted_user); parse_key_value(unencrypted_user, strlen(unencrypted_user)); } + + +int challenge16_encrypt(char *input, char **encrypted) +{ + char *prepend = "comment1=cooking\%20MCs;userdata="; + char *append = ";comment2=\%20like\%20a\%20pound\%20of\%20bacon"; + char *unencrypted; + + + char printable_equal[3]; + char printable_semicolon[3]; + int i, count; + int quote_char = 0; + + for(i=0;i<strlen(input);i++) + if(input[i] == ';' || input[i] == '=') + quote_char++; + + // = and ; get %3d and %3b + char *res = malloc(strlen(input-quote_char) + quote_char*3 + + strlen(prepend) + strlen(append)); + + hex_binary_to_string("=", printable_equal, 1); + hex_binary_to_string(";", printable_semicolon, 1); + + + memcpy(res, prepend, strlen(prepend)); + + for (i=0, count = strlen(prepend);i<strlen(input);i++, count++) { + if (input[i] == '=') { + res[count++] = '%'; + res[count++] = printable_equal[0]; + res[count] = printable_equal[1]; + } else if (input[i] == ';') { + res[count++] = '%'; + res[count++] = printable_semicolon[0]; + res[count] = printable_semicolon[1]; + } + else + res[count] = input[i]; + } + + memcpy(&res[strlen(prepend)+strlen(input)+2*quote_char], append, strlen(append)); + res[strlen(prepend)+strlen(input)+strlen(append)+2*quote_char+1] = '\0'; + // padding + unencrypted = pkcs7_padding(res, strlen(res), 16); + printf("%s\n", unencrypted); + *encrypted = malloc(strlen(unencrypted)); + aes_cbc(unencrypted, strlen(unencrypted), *encrypted, key, iv , 1); + return strlen(unencrypted); +} + +void challenge16_decrypt(char *encrypted, int length) +{ + char *unencrypted = malloc(length); + char *unpadd= malloc(length); + + aes_cbc(encrypted, length, unencrypted, key, iv, 0); + // unpadd + valid_pkcs7_padding(unencrypted, length, unpadd, 16); + // look for string ;admin=true; + printf("unencrpyted string: %s\n", unpadd); +} @@ -12,6 +12,7 @@ struct key_value_pair { }; char key[17]; +char iv[17]; char *pkcs7_padding(char *string, int length_string, int blocksize); int aes_cbc(char *in, int length_in, char *out, unsigned char *string_key, char *init_vector, int encrypt); @@ -27,4 +28,6 @@ int crack_aes_ecb(char *text, int length_text, char *plaintext_block, char *key, struct key_value_pair *parse_key_value(char *string, int length_string); char *profile_for(char *email); void send_user(char *encrypted_user, int length); +int challenge16_encrypt(char *input, char **encrypted); +void challenge16_decrypt(char *encrypted, int length); #endif |