summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrsiddharth <s@ricketyspace.net>2021-02-24 18:20:55 -0500
committerrsiddharth <s@ricketyspace.net>2021-02-24 18:20:55 -0500
commitd8272421760fd310f1f2e237f5c5d48952d3a4ef (patch)
tree9a1cc41178207420677ad7190344f7bc2713f7f6
parent7db89aa66b95d67a82963996b26dccbc7384a926 (diff)
challenge: ch17.go: don't use lib.OracleKey and lib.OracleIV
-rw-r--r--challenge/c17.go13
-rw-r--r--lib/oracle.go14
2 files changed, 14 insertions, 13 deletions
diff --git a/challenge/c17.go b/challenge/c17.go
index 45c53bd..78c949c 100644
--- a/challenge/c17.go
+++ b/challenge/c17.go
@@ -11,6 +11,10 @@ import (
// Cryptopals #17 - CBC padding oracle attack
func C17() {
+ key, err := lib.RandomKey(16)
+ if err != nil {
+ fmt.Printf("key generation: error: %v\n", err)
+ }
cookies := []string{
"MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=",
"MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=",
@@ -26,14 +30,17 @@ func C17() {
encrypt := func() ([]byte, []byte) {
r := lib.RandomInt(0, int64(len(cookies)-1))
p := lib.Base64ToBytes(cookies[r])
- k := lib.OracleKey
- iv := lib.OracleIV
+ k := key
+ iv, err := lib.RandomKey(16)
+ if err != nil {
+ fmt.Printf("iv generation: error: %v\n", err)
+ }
c := lib.AESEncryptCBC(p, k, iv)
return c, iv
}
decrypt := func(c, iv []byte) bool {
- k := lib.OracleKey
+ k := key
_, err := lib.AESDecryptCBC(c, k, iv)
if err != nil {
return false
diff --git a/lib/oracle.go b/lib/oracle.go
index 8c7a52b..e2ee5fe 100644
--- a/lib/oracle.go
+++ b/lib/oracle.go
@@ -8,19 +8,13 @@ aGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBq
dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg
YnkK`
-var OracleKey []byte
-var OracleIV []byte
+var oracleKey []byte
var oracleRandom []byte
func init() {
var err error
- OracleKey, err = RandomKey(16)
- if err != nil {
- panic(err)
- }
-
- OracleIV, err = RandomKey(16)
+ oracleKey, err = RandomKey(16)
if err != nil {
panic(err)
}
@@ -64,11 +58,11 @@ func OracleAESRandomEncrypt(in []byte) []byte {
}
func OracleAESEncryptECB(in []byte) []byte {
- return AESEncryptECB(append(in, Base64ToBytes(oracleUnknown)...), OracleKey)
+ return AESEncryptECB(append(in, Base64ToBytes(oracleUnknown)...), oracleKey)
}
func OracleAESVarEncryptECB(in []byte) []byte {
in = append(oracleRandom, in...)
in = append(in, Base64ToBytes(oracleUnknown)...)
- return AESEncryptECB(in, OracleKey)
+ return AESEncryptECB(in, oracleKey)
}