challenge: ch17.go: don't use lib.OracleKey and lib.OracleIV

author: rsiddharth <s@ricketyspace.net> 2021-02-24 18:20:55 -0500
committer: rsiddharth <s@ricketyspace.net> 2021-02-24 18:20:55 -0500
commit: d8272421760fd310f1f2e237f5c5d48952d3a4ef (patch)
tree: 9a1cc41178207420677ad7190344f7bc2713f7f6 /challenge/c17.go
parent: 7db89aa66b95d67a82963996b26dccbc7384a926 (diff)
1 files changed, 10 insertions, 3 deletions
diff --git a/challenge/c17.go b/challenge/c17.go
index 45c53bd..78c949c 100644
--- a/challenge/c17.go
+++ b/challenge/c17.go
@@ -11,6 +11,10 @@ import (
 
 // Cryptopals #17 - CBC padding oracle attack
 func C17() {
+	key, err := lib.RandomKey(16)
+	if err != nil {
+		fmt.Printf("key generation: error: %v\n", err)
+	}
 	cookies := []string{
 		"MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=",
 		"MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=",
@@ -26,14 +30,17 @@ func C17() {
 	encrypt := func() ([]byte, []byte) {
 		r := lib.RandomInt(0, int64(len(cookies)-1))
 		p := lib.Base64ToBytes(cookies[r])
-		k := lib.OracleKey
-		iv := lib.OracleIV
+		k := key
+		iv, err := lib.RandomKey(16)
+		if err != nil {
+			fmt.Printf("iv generation: error: %v\n", err)
+		}
 		c := lib.AESEncryptCBC(p, k, iv)
 
 		return c, iv
 	}
 	decrypt := func(c, iv []byte) bool {
-		k := lib.OracleKey
+		k := key
 		_, err := lib.AESDecryptCBC(c, k, iv)
 		if err != nil {
 			return false
author	rsiddharth <s@ricketyspace.net>	2021-02-24 18:20:55 -0500
committer	rsiddharth <s@ricketyspace.net>	2021-02-24 18:20:55 -0500
commit	d8272421760fd310f1f2e237f5c5d48952d3a4ef (patch)
tree	9a1cc41178207420677ad7190344f7bc2713f7f6 /challenge/c17.go
parent	7db89aa66b95d67a82963996b26dccbc7384a926 (diff)