q13
This commit is contained in:
parent
9f86bb4b27
commit
62c92eecbb
51
src/main.rs
51
src/main.rs
|
@ -204,7 +204,7 @@ fn q12()
|
|||
};
|
||||
|
||||
let starting_size = blackbox(Vec::new()).len();
|
||||
let (first_increment, next_size) = (0..).map(|x:usize| (x, blackbox(std::iter::repeat(0u8).take(x).collect()).len())).find(|(i,x)| *x != starting_size).unwrap();
|
||||
let (first_increment, next_size) = (0..).map(|x:usize| (x, blackbox(std::iter::repeat(0u8).take(x).collect()).len())).find(|(_,x)| *x != starting_size).unwrap();
|
||||
let block_size = next_size - starting_size;
|
||||
println!(" Block size is {}", block_size);
|
||||
assert!(block_size == 16);
|
||||
|
@ -220,7 +220,7 @@ fn q12()
|
|||
let mut known: Vec<u8> = Vec::with_capacity(data_length);
|
||||
println!(" Data length: {}", data_length);
|
||||
|
||||
for byte_index in 0..data_length
|
||||
for _ in 0..data_length
|
||||
{
|
||||
let nulls: Vec<u8> = std::iter::repeat(0u8).take(starting_size - known.len() - 1).collect();
|
||||
let target_block = &blackbox(nulls.clone())[0..starting_size];
|
||||
|
@ -239,6 +239,52 @@ fn q12()
|
|||
// println!(" {}", String::from_utf8(known).unwrap().replace("\n", "\n "));
|
||||
}
|
||||
|
||||
fn q13()
|
||||
{
|
||||
println!("Running q13");
|
||||
let key: Vec<u8> = rand::thread_rng().sample_iter(rand::distributions::Standard).take(16).collect();
|
||||
|
||||
let parse = |x: &str| -> std::collections::HashMap<String, String> {
|
||||
let mut out = std::collections::HashMap::new();
|
||||
for pair in x.split(|y| y == '&') {
|
||||
let elements: Vec<&str> = pair.split(|z| z == '=').collect();
|
||||
if elements.len() == 2 {
|
||||
out.insert(elements[0].to_owned(), elements[1].to_owned());
|
||||
}
|
||||
};
|
||||
out
|
||||
};
|
||||
|
||||
let profile_for = |mail: &str| -> String {
|
||||
format!("email={}&uid=10&role=user", mail.replace("&","").replace("=",""))
|
||||
};
|
||||
|
||||
let encrypt = |profile: &str| -> Vec<u8> {
|
||||
let profile: Vec<u8> = profile.bytes().collect();
|
||||
let aes = crypto::Aes::new(&key, true).unwrap();
|
||||
aes.ecb(profile, Mode::Encrypt).unwrap()
|
||||
};
|
||||
|
||||
let is_admin = |profile: Vec<u8>| -> bool {
|
||||
let aes = crypto::Aes::new(&key, true).unwrap();
|
||||
let profile = aes.ecb(profile, Mode::Decrypt).unwrap();
|
||||
let profile = String::from_utf8(profile).unwrap();
|
||||
parse(&profile)["role"] == "admin"
|
||||
};
|
||||
|
||||
let mail1 = "a".repeat(32 - "email=".len() - "@example.com&uid=10&role=".len());
|
||||
let mail1 = mail1 + "@example.com";
|
||||
let part1: &[u8] = &encrypt(&profile_for(&mail1))[0..32];
|
||||
let mail2 = " ".repeat(16 - "email=".len());
|
||||
let mail2 = mail2 + "admin";
|
||||
let padding_char = (16 - "admin".len()) as u8;
|
||||
let mail2 = mail2 + &String::from_utf8(vec![padding_char]).unwrap().repeat(padding_char as usize);
|
||||
let part2: &[u8] = &encrypt(&profile_for(&mail2))[16..32];
|
||||
let whole: Vec<u8> = part1.iter().chain(part2.iter()).cloned().collect();
|
||||
|
||||
assert!(is_admin(whole));
|
||||
}
|
||||
|
||||
fn main() {
|
||||
q01();
|
||||
q02();
|
||||
|
@ -252,4 +298,5 @@ fn main() {
|
|||
q10();
|
||||
q11();
|
||||
q12();
|
||||
q13();
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user