Implement groundwork for challenge 13.

src/set2.rs

@@ -2,7 +2,9 @@ use crate::bytes::Bytes;
 use crate::bytes_base64::BytesBase64;
 use crate::cbc;
 use crate::ecb;
+use crate::parser;
 use rand::Rng;
+use std::collections::HashMap;
 
 pub fn challenge9() {
     let mut bytes = Bytes::from_utf8("YELLOW SUBMARINE");
@@ -183,7 +185,11 @@ pub fn challenge12() {
     assert_eq!(is_encryption_ecb(&key), true); // 2. confirm oracle uses ecb
     let rountrip_text = decode(&key); // 3.-6.
     let clear_text = read("data/12.txt");
-    // 138 because I don't know where that additional byte is from
+
+    // 138 (instead of 139); I think we get one additional byte because we guess
+    // the first padding byte. The right approach would be to remove the last
+    // byte, encrypt it, and then compare it to the result of the encryption
+    // oracle, but this approach is fine too.
     assert_eq!(rountrip_text.0[..138], clear_text.0);
     println!(
         "[okay] Challenge 12: {}",
@@ -192,5 +198,27 @@ pub fn challenge12() {
 }
 
 pub fn challenge13() {
+    fn profile_for(input: &str, key: &Bytes) -> Bytes {
+        let mut r = String::new();
+        for c in input.chars() {
+            if !(c.is_ascii_alphabetic() || c == '.' || c == '@') {
+                panic!("profile_for: invalid char {}", c);
+            }
+        }
+        r.push_str("email=");
+        r.push_str(input);
+        r.push_str("&uid=1337&role=user");
+        ecb::encrypt(&key, &Bytes(r.as_bytes().to_vec()))
+    }
+
+    fn decrypt(key: &Bytes, data: &Bytes) -> HashMap<String, String> {
+        let c = ecb::decrypt(&key, &data);
+        parser::parse_key_value(&c.to_utf8())
+    }
+
+    let key = Bytes::random(16); // consistent but unknown key
+    let profile = profile_for("omgitsme@gmail.com", &key);
+    let dict = decrypt(&key, &profile);
+    println!("{:?}", dict);
     println!("[xxxx] Challenge 13: TBD");
 }