q13

2019-09-03 21:28:56 +02:00 · 2019-09-03 21:28:56 +02:00 · 62c92eecbb
commit 62c92eecbb
parent 9f86bb4b27
1 changed files with 49 additions and 2 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -204,7 +204,7 @@ fn q12()
    };
    let starting_size = blackbox(Vec::new()).len();
-    let (first_increment, next_size) = (0..).map(|x:usize| (x, blackbox(std::iter::repeat(0u8).take(x).collect()).len())).find(|(i,x)| *x != starting_size).unwrap();
+    let (first_increment, next_size) = (0..).map(|x:usize| (x, blackbox(std::iter::repeat(0u8).take(x).collect()).len())).find(|(_,x)| *x != starting_size).unwrap();
    let block_size = next_size - starting_size;
    println!("  Block size is {}", block_size);
    assert!(block_size == 16);
@ -220,7 +220,7 @@ fn q12()
    let mut known: Vec<u8> = Vec::with_capacity(data_length);
    println!("  Data length: {}", data_length);
-    for byte_index in 0..data_length
+    for _ in 0..data_length
    {
        let nulls: Vec<u8> = std::iter::repeat(0u8).take(starting_size - known.len() - 1).collect();
        let target_block = &blackbox(nulls.clone())[0..starting_size];
@ -239,6 +239,52 @@ fn q12()
    // println!("  {}", String::from_utf8(known).unwrap().replace("\n", "\n  "));
 }
 fn q13()
 {
    println!("Running q13");
    let key: Vec<u8> = rand::thread_rng().sample_iter(rand::distributions::Standard).take(16).collect();
    let parse = |x: &str| -> std::collections::HashMap<String, String> {
        let mut out = std::collections::HashMap::new();
        for pair in x.split(|y| y == '&') {
            let elements: Vec<&str> = pair.split(|z| z == '=').collect();
            if elements.len() == 2 {
                out.insert(elements[0].to_owned(), elements[1].to_owned());
            }
        };
        out
    };
    let profile_for = |mail: &str| -> String {
        format!("email={}&uid=10&role=user", mail.replace("&","").replace("=",""))
    };
    let encrypt = |profile: &str| -> Vec<u8> {
        let profile: Vec<u8> = profile.bytes().collect();
        let aes = crypto::Aes::new(&key, true).unwrap();
        aes.ecb(profile, Mode::Encrypt).unwrap()
    };
    let is_admin = |profile: Vec<u8>| -> bool {
        let aes = crypto::Aes::new(&key, true).unwrap();
        let profile = aes.ecb(profile, Mode::Decrypt).unwrap();
        let profile = String::from_utf8(profile).unwrap();
        parse(&profile)["role"] == "admin"
    };
    let mail1 = "a".repeat(32 - "email=".len() - "@example.com&uid=10&role=".len());
    let mail1 = mail1 + "@example.com";
    let part1: &[u8] = &encrypt(&profile_for(&mail1))[0..32];
    let mail2 = " ".repeat(16 - "email=".len());
    let mail2 = mail2 + "admin";
    let padding_char = (16 - "admin".len()) as u8;
    let mail2 = mail2 + &String::from_utf8(vec![padding_char]).unwrap().repeat(padding_char as usize);
    let part2: &[u8] = &encrypt(&profile_for(&mail2))[16..32];
    let whole: Vec<u8> = part1.iter().chain(part2.iter()).cloned().collect();
    assert!(is_admin(whole));
 }
 fn main() {
    q01();
    q02();
@ -252,4 +298,5 @@ fn main() {
    q10();
    q11();
    q12();
    q13();
 }