Commit ab94277e authored by marcus-tun's avatar marcus-tun
Browse files

renamed perl_pass=>perl_key and symmetric_key=>symmetric_passwd

parent 6921750c
......@@ -287,7 +287,7 @@ my $assertion=$response_content;
# ENCRYPTION #
################
my $restrict='!@#$%^&*()_-=+/' ;
my $symmetric_key =chars(5,32,0,$restrict,0);
my $symmetric_passwd =chars(5,32,0,$restrict,0);
my $iv='';
# encryption
......@@ -295,28 +295,28 @@ my $iv='';
#my $encryption_algorithm='Blowfish';
my $encryption_algorithm='Rijndael';
my $encryption_algorithm_name='AES'; # only for the post, so the server knows what to use
my $cipher = new Crypt::CBC ($symmetric_key, $encryption_algorithm, -iv=>$iv, -header=>'none');
my $cipher = new Crypt::CBC ($symmetric_passwd, $encryption_algorithm, -iv=>$iv, -header=>'none');
my $encrypted_assertion_tmp= $cipher->encrypt($assertion);
# Remove the first 16 bytes => TODO REMOVE THIS!!!!!
my $encrypted_assertion=substr($encrypted_assertion_tmp, 16);
undef $assertion;
# extract actual password and initialisation vector
my $perl_pass = unpack('H*', $cipher->key());
#my $perl_pass = $cipher->key();
my $perl_key = unpack('H*', $cipher->key());
#my $perl_key = $cipher->key();
my $perl_iv = $cipher->iv();
## log to file
#open (FILE, ">", 'log.perl');
#print FILE "pass: ".$perl_pass."\n";
#print FILE "pass: ".$perl_key."\n";
#print FILE "iv: ".$perl_iv."\n";
#print FILE $encrypted_assertion."\n";
#close (FILE);
## decrypt
#my $de_cipher = new Crypt::CBC ($symmetric_key, $encryption_algorithm, -iv=>'asdlsdff', -header=>'asdf');
#my $de_cipher = new Crypt::CBC ($symmetric_passwd, $encryption_algorithm, -iv=>'asdlsdff', -header=>'asdf');
#$de_cipher->iv('asdfasdf');
##$cipher = new Crypt::ECB ($symmetric_key, $encryption_algorithm);
##$cipher = new Crypt::ECB ($symmetric_passwd, $encryption_algorithm);
#my $plaintext = $de_cipher->decrypt($encrypted_assertion);
#print ("\n".$plaintext."\n");
......@@ -327,7 +327,7 @@ undef $encrypted_assertion;
# upload encrypted assertion
$response=$ua->post(CREDENTIAL_UPLOAD_URL,
[encrypted_assertion =>$b64_encrypted_assertion,
key => $perl_pass,
key => $perl_key,
iv => $perl_iv,
encryption_algorithm => $encryption_algorithm_name,
client => "perl",
......@@ -342,7 +342,7 @@ print Dumper($response_content);
# Store the returned URL
(undef, $url_to_assertion) = split("url=", $response_content);
my $url_to_assertion_with_key = $url_to_assertion."&k=".$symmetric_key;
my $url_to_assertion_with_key = $url_to_assertion."&k=".$symmetric_passwd;
open (FILE, ">", $urlfile) or die $!;
print FILE $url_to_assertion_with_key."\n";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment