1 files changed, 56 insertions, 0 deletions

diff --git a/set4/task28.c b/set4/task28.c
new file mode 100644
index 0000000..993d5a3
--- /dev/null
+++ b/set4/task28.c
@@ -0,0 +1,56 @@
+#include "../lib/lib.h"
+#include "../lib/lib2.h"
+#include "../lib/lib3.h"
+#include "../lib/lib4.h"
+#include <time.h>
+
+
+int main(int argc, char **argv)
+{
+	if(argc  != 2)
+		printf("Please provide ONE key as argument!\n");
+	unsigned int hex[5];
+	unsigned int hex2[5];
+	int i;
+	char *text = "comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon";
+	char *append = ";admin=true";
+	char *key = argv[1];
+
+	printf("Using secret key: %s\n", key);
+
+	char *padded;
+	int padding_len = sha1_padding(strlen(text), &padded);
+
+	sha1_hmac(hex, text, strlen(text), key, strlen(key));
+	printf("MAC of original message:\n");
+	for(i=0;i<5;i++)
+		printf("%02x", hex[i]);
+
+	printf("\n");
+	
+	/*
+	 * We are appending a text to the original message without knowign the
+	 * key. Actually we don't know the message here, just the length of
+	 * the message.
+	 */
+	sha1_hmac_forge(hex2, append, strlen(append), hex);
+	printf("MAC of forged message:\n");
+	for(i=0;i<5;i++)
+		printf("%02x", hex2[i]);
+
+	printf("\n");
+	
+	/*
+	 * create the message we forged. Send this plus the hmac to the
+	 * victim. He knows the secret and test and will think that
+	 * this is a message from Alice
+	 */
+	unsigned int new_msg_len = strlen(text)+strlen(append)+padding_len;
+	char *new_msg = malloc(new_msg_len);
+	memcpy(new_msg, text, strlen(text));
+	memcpy(&new_msg[strlen(text)], padded, padding_len);
+	memcpy(&new_msg[strlen(text)+padding_len], append, strlen(append));
+
+	if(!sha1_hmac_verify(hex2, new_msg, new_msg_len, key, strlen(key)))
+			printf("Forged MAC got accepted!\n");
+}