def mkfile(self, filename, location):
data = {
'name': filename,
'type': 'file',
'nonce': b64encode(rand(12)),
'contents': ''
}
if location == '/':
root = self.fs['contents']['files']
for i in root:
if i['name'] == filename:
return 1
root.append(data)
return 0
path = location.strip('/').split('/')
root = self.fs['contents']['files']
for j in path:
for i in root:
if j == i['name'] and i['type'] == 'dir':
root = i['files']
break
else:
return 1
for i in root:
if i['name'] == filename:
return 1
root.append(data)
return 0
def app_init():
# Check to make sure tables are set up properly
mysql_do(
"CREATE TABLE IF NOT EXISTS Users ( uid INT NOT NULL AUTO_INCREMENT PRIMARY KEY, user VARCHAR(255) NOT NULL UNIQUE, realname VARCHAR(255) NOT NULL, password VARCHAR(255), isadmin BIT NOT NULL);"
)
mysql_do(
"CREATE TABLE IF NOT EXISTS Quotes ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, quote VARCHAR(2048) NOT NULL, date VARCHAR(255) NOT NULL, user INT NOT NULL, context VARCHAR(8000), addedby INT NOT NULL, FOREIGN KEY (user) REFERENCES Users(uid) );"
)
# Generate random key for session cookies
app.secret_key = rand(24)
# Init the counter, then run a query
global numusers
numusers = 0
get_userdb()
def goEnc(pk, m, H=sha1):
mlen = len(m)
k = pk.size()
lhash = H(pk._magic).digest()
hlen = len(lhash)
if mlen > k - 2 * hlen - 2:
raise ValueError('message too long')
padding = bytes([0x00] * (k - mlen - 2 * hlen - 2))
text = lhash + padding + b'\x01' + m
seed = rand(hlen)
textmask = MGF1(seed, k - hlen - 1)
maskedtext = xor(text, textmask)
seedmask = MGF1(maskedtext, hlen)
maskedseed = xor(seed, seedmask)
em = b'\x00' + maskedseed + maskedtext
# encryption
c = pk.encrypt(em)
return hex(c)
def oaep_enc(pk, m, H=sha1):
hlen = H().digest_size
mlen = len(m)
k = pk.size()
if mlen > k - 2 * hlen - 2:
raise ValueError('message too long')
# Encoding
lhash = H(b'').digest()
ps = bytes([0x00] * (k - mlen - 2 * hlen - 2))
db = lhash + ps + b'\x01' + m
seed = rand(hlen)
dbmask = MGF1(seed, k - hlen - 1)
maskeddb = xor(db, dbmask)
seedmask = MGF1(maskeddb, hlen)
maskedseed = xor(seed, seedmask)
em = b'\x00' + maskedseed + maskeddb
# encryption
c = pk.encrypt(em)
return c
from oaep import RSA_key, oaep_enc, oaep_dec
from flask import Flask, request, jsonify
from os import urandom as rand
app = Flask(__name__)
flag = b'flag{' + bytes(rand(32).hex(), 'ascii') + b'}'
key = RSA_key() # create a 1024-bit key
print(f'Flag: {flag}')
@app.route('/encrypted_flag')
def get_encrypted_flag():
c = oaep_enc(key, flag)
oaep_dec(key, c, debug=True)
return str(c) + '\n'
@app.route('/publickey')
def get_publickey():
return jsonify(e=key._key.e, n=key._key.n)
@app.route('/decrypt')
def decrypt():
c = 0
try:
c = next(request.args.keys())
except:
return 'No ciphertext given'