Commit ef7e7892 authored by marcus-tun's avatar marcus-tun
Browse files

fixed the wrong parameter

parent b98f8017
......@@ -288,21 +288,22 @@ my $assertion=$response_content;
################
my $restrict='!@#$%^&*()_-=+/' ;
my $symmetric_key =chars(5,32,0,$restrict,0);
my $iv='12333123';
print "key: ".$symmetric_key."\n";
my $iv='';
# encryption
#my $encryption_algorithm='Twofish';
my $encryption_algorithm='Blowfish';
#my $encryption_algorithm='Blowfish';
my $encryption_algorithm='Rijndael';
my $encryption_algorithm_name='AES'; # only for the post, so the server knows what to use
my $cipher = new Crypt::CBC ($symmetric_key, $encryption_algorithm, -iv=>$iv, -header=>'none');
print ("length(assertion):". length($assertion)."\n");
my $encrypted_assertion= $cipher->encrypt($assertion);
my $encrypted_assertion_tmp= $cipher->encrypt($assertion);
# Remove the first 16 bytes => TODO REMOVE THIS!!!!!
my $encrypted_assertion=substr($encrypted_assertion_tmp, 16);
undef $assertion;
# extract actual password and initialisation vector
my $perl_pass = unpack('H*', $cipher->key());
#my $perl_pass = $cipher->key();
my $perl_iv = $cipher->iv();
## log to file
......@@ -314,6 +315,7 @@ my $perl_iv = $cipher->iv();
## decrypt
#my $de_cipher = new Crypt::CBC ($symmetric_key, $encryption_algorithm, -iv=>'asdlsdff', -header=>'asdf');
#$de_cipher->iv('asdfasdf');
##$cipher = new Crypt::ECB ($symmetric_key, $encryption_algorithm);
#my $plaintext = $de_cipher->decrypt($encrypted_assertion);
#print ("\n".$plaintext."\n");
......@@ -325,9 +327,9 @@ undef $encrypted_assertion;
# upload encrypted assertion
$response=$ua->post(CREDENTIAL_UPLOAD_URL,
[encrypted_assertion =>$b64_encrypted_assertion,
#key => $perl_pass,
perl_iv => $perl_iv,
crypto_algo => $encryption_algorithm,
key => $perl_pass,
iv => $perl_iv,
encryption_algorithm => $encryption_algorithm_name,
client => "perl",
client_verion => VERSION]);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment