def mkfile(self, filename, location): data = { 'name': filename, 'type': 'file', 'nonce': b64encode(rand(12)), 'contents': '' } if location == '/': root = self.fs['contents']['files'] for i in root: if i['name'] == filename: return 1 root.append(data) return 0 path = location.strip('/').split('/') root = self.fs['contents']['files'] for j in path: for i in root: if j == i['name'] and i['type'] == 'dir': root = i['files'] break else: return 1 for i in root: if i['name'] == filename: return 1 root.append(data) return 0
def app_init(): # Check to make sure tables are set up properly mysql_do( "CREATE TABLE IF NOT EXISTS Users ( uid INT NOT NULL AUTO_INCREMENT PRIMARY KEY, user VARCHAR(255) NOT NULL UNIQUE, realname VARCHAR(255) NOT NULL, password VARCHAR(255), isadmin BIT NOT NULL);" ) mysql_do( "CREATE TABLE IF NOT EXISTS Quotes ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, quote VARCHAR(2048) NOT NULL, date VARCHAR(255) NOT NULL, user INT NOT NULL, context VARCHAR(8000), addedby INT NOT NULL, FOREIGN KEY (user) REFERENCES Users(uid) );" ) # Generate random key for session cookies app.secret_key = rand(24) # Init the counter, then run a query global numusers numusers = 0 get_userdb()
def goEnc(pk, m, H=sha1): mlen = len(m) k = pk.size() lhash = H(pk._magic).digest() hlen = len(lhash) if mlen > k - 2 * hlen - 2: raise ValueError('message too long') padding = bytes([0x00] * (k - mlen - 2 * hlen - 2)) text = lhash + padding + b'\x01' + m seed = rand(hlen) textmask = MGF1(seed, k - hlen - 1) maskedtext = xor(text, textmask) seedmask = MGF1(maskedtext, hlen) maskedseed = xor(seed, seedmask) em = b'\x00' + maskedseed + maskedtext # encryption c = pk.encrypt(em) return hex(c)
def oaep_enc(pk, m, H=sha1): hlen = H().digest_size mlen = len(m) k = pk.size() if mlen > k - 2 * hlen - 2: raise ValueError('message too long') # Encoding lhash = H(b'').digest() ps = bytes([0x00] * (k - mlen - 2 * hlen - 2)) db = lhash + ps + b'\x01' + m seed = rand(hlen) dbmask = MGF1(seed, k - hlen - 1) maskeddb = xor(db, dbmask) seedmask = MGF1(maskeddb, hlen) maskedseed = xor(seed, seedmask) em = b'\x00' + maskedseed + maskeddb # encryption c = pk.encrypt(em) return c
from oaep import RSA_key, oaep_enc, oaep_dec from flask import Flask, request, jsonify from os import urandom as rand app = Flask(__name__) flag = b'flag{' + bytes(rand(32).hex(), 'ascii') + b'}' key = RSA_key() # create a 1024-bit key print(f'Flag: {flag}') @app.route('/encrypted_flag') def get_encrypted_flag(): c = oaep_enc(key, flag) oaep_dec(key, c, debug=True) return str(c) + '\n' @app.route('/publickey') def get_publickey(): return jsonify(e=key._key.e, n=key._key.n) @app.route('/decrypt') def decrypt(): c = 0 try: c = next(request.args.keys()) except: return 'No ciphertext given'