Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
marcus.hardt
pluto
Commits
1587414c
Commit
1587414c
authored
Sep 25, 2014
by
marcus-tun
Browse files
added support for blowfish and twofish cbc
parent
4045e28b
Changes
1
Hide whitespace changes
Inline
Side-by-side
client/saml-init
View file @
1587414c
...
...
@@ -25,6 +25,10 @@ use HTTP::Cookies;
use
Term::
ReadKey
;
use
Term::
ReadLine
;
use
MIME::
Base64
qw( encode_base64 )
;
use
Crypt::
GeneratePassword
qw(word chars)
;
use
Crypt::
Twofish
;
use
Crypt::
Blowfish
;
use
Crypt::
CBC
;
# Handle <Ctrl>+C to reset the terminal to non-bold text
$SIG
{
INT
}
=
\
&resetTerm
;
...
...
@@ -239,6 +243,7 @@ if ($response->is_success) {
create_valid_session_via_idp
(
$idpurl
,
$idpuser
,
$idppass
,
$ua
);
# Reset the cookie to prevent CSRF
my
$uri
=
URI
->
new
(
CREDENTIAL_CREATION_URL
);
my
$randstr
=
join
('',
map
{
('
a
'
..
'
z
',
0
..
9
)[
rand
36
]
}
(
1
..
10
));
$cookie_jar
->
set_cookie
(
1
,'
CSRF
',
$randstr
,'
/
',
$uri
->
host
,
$uri
->
port
,
1
,
1
);
...
...
@@ -272,29 +277,49 @@ if ($response->is_success) {
#########################################################################
# # Start with actual code # #
#########################################################################
my
$assertion
=
$response_content
;
#########################################################################
# encrypt and upload assertion #
#########################################################################
my
$encrypted_assertion
=
$response_content
;
################
# ENCRYPTION #
################
my
$restrict
=
'
!@#$%^&*()_-=+/
'
;
my
$symmetric_key
=
chars
(
5
,
32
,
0
,
$restrict
,
0
);
print
"
key:
"
.
$symmetric_key
.
"
\n
";
# encryption
my
$cipher
=
new
Crypt::
CBC
(
$symmetric_key
,
'
Twofish
');
#my $cipher = new Crypt::CBC ($symmetric_key, 'Blowfish');
my
$encrypted_assertion
=
$cipher
->
encrypt
(
$assertion
);
undef
$assertion
;
# decrypt
#$cipher = new Crypt::CBC ($symmetric_key, 'Twofish');
#my $plaintext = $cipher->decrypt($ciphertext);
#print $plaintext;
# base64 encoding
my
$b64_encrypted_assertion
=
encode_base64
(
$encrypted_assertion
);
undef
$encrypted_assertion
;
# upload encrypted assertion
my
$buf
=
encode_base64
(
$encrypted_assertion
);
$response
=
$ua
->
post
(
CREDENTIAL_UPLOAD_URL
,
[
encrypted_assertion
=>
$b
uf
]);
[
encrypted_assertion
=>
$b
64_encrypted_assertion
]);
$response_content
=
$response
->
decoded_content
;
#print $response_content."\n";
# Store the returned URL
(
undef
,
$url_to_assertion
)
=
split
("
url=
",
$response_content
);
my
$url_to_assertion_with_key
=
$url_to_assertion
.
"
&k=
"
.
$symmetric_key
;
open
(
FILE
,
"
>
",
$urlfile
)
or
die
$!
;
print
FILE
$url_to_assertion
;
close
(
FILE
);
print
"
This is your temprary password:
"
.
$url_to_assertion
.
"
\n
";
#TODO ADD ENCRYPTION!
print
"
This is your temprary password:
"
.
$url_to_assertion_with_key
.
"
\n
";
exit
0
;
##########################################################################
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
