From d8272421760fd310f1f2e237f5c5d48952d3a4ef Mon Sep 17 00:00:00 2001
From: rsiddharth <s@ricketyspace.net>
Date: Wed, 24 Feb 2021 18:20:55 -0500
Subject: challenge: ch17.go: don't use lib.OracleKey and lib.OracleIV

---
 challenge/c17.go | 13 ++++++++++---
 lib/oracle.go    | 14 ++++----------
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/challenge/c17.go b/challenge/c17.go
index 45c53bd..78c949c 100644
--- a/challenge/c17.go
+++ b/challenge/c17.go
@@ -11,6 +11,10 @@ import (
 
 // Cryptopals #17 - CBC padding oracle attack
 func C17() {
+	key, err := lib.RandomKey(16)
+	if err != nil {
+		fmt.Printf("key generation: error: %v\n", err)
+	}
 	cookies := []string{
 		"MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=",
 		"MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=",
@@ -26,14 +30,17 @@ func C17() {
 	encrypt := func() ([]byte, []byte) {
 		r := lib.RandomInt(0, int64(len(cookies)-1))
 		p := lib.Base64ToBytes(cookies[r])
-		k := lib.OracleKey
-		iv := lib.OracleIV
+		k := key
+		iv, err := lib.RandomKey(16)
+		if err != nil {
+			fmt.Printf("iv generation: error: %v\n", err)
+		}
 		c := lib.AESEncryptCBC(p, k, iv)
 
 		return c, iv
 	}
 	decrypt := func(c, iv []byte) bool {
-		k := lib.OracleKey
+		k := key
 		_, err := lib.AESDecryptCBC(c, k, iv)
 		if err != nil {
 			return false
diff --git a/lib/oracle.go b/lib/oracle.go
index 8c7a52b..e2ee5fe 100644
--- a/lib/oracle.go
+++ b/lib/oracle.go
@@ -8,19 +8,13 @@ aGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBq
 dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg
 YnkK`
 
-var OracleKey []byte
-var OracleIV []byte
+var oracleKey []byte
 var oracleRandom []byte
 
 func init() {
 	var err error
 
-	OracleKey, err = RandomKey(16)
-	if err != nil {
-		panic(err)
-	}
-
-	OracleIV, err = RandomKey(16)
+	oracleKey, err = RandomKey(16)
 	if err != nil {
 		panic(err)
 	}
@@ -64,11 +58,11 @@ func OracleAESRandomEncrypt(in []byte) []byte {
 }
 
 func OracleAESEncryptECB(in []byte) []byte {
-	return AESEncryptECB(append(in, Base64ToBytes(oracleUnknown)...), OracleKey)
+	return AESEncryptECB(append(in, Base64ToBytes(oracleUnknown)...), oracleKey)
 }
 
 func OracleAESVarEncryptECB(in []byte) []byte {
 	in = append(oracleRandom, in...)
 	in = append(in, Base64ToBytes(oracleUnknown)...)
-	return AESEncryptECB(in, OracleKey)
+	return AESEncryptECB(in, oracleKey)
 }
-- 
cgit v1.2.3