don't take the raw flag string as the private key, process it through Keccak-256 for proper diffusion
this alleviates the need to manually write flags that are 64 characters long to protect against cryptanalysis this changes the encoding -- players need to use the same encoding for submissions as the one used to post challengesmain
parent
0a7fca68dd
commit
1eabc67732
|
@ -25,19 +25,14 @@
|
||||||
|
|
||||||
function getPrivateKey() {
|
function getPrivateKey() {
|
||||||
var s = inpFlag.value;
|
var s = inpFlag.value;
|
||||||
var k = new BN(0);
|
|
||||||
var h = "0x";
|
var h = "0x";
|
||||||
if (s.slice(0, 5) !== "CCTF{" || s.slice(-1) !== "}")
|
if (s.slice(0, 5) !== "CCTF{" || s.slice(-1) !== "}")
|
||||||
return null;
|
return null;
|
||||||
for (i in s) {
|
for (i in s) {
|
||||||
var c = s.charCodeAt(i);
|
var c = s.charCodeAt(i);
|
||||||
k = k.muln(16).addn(c);
|
|
||||||
h += c.toString(16).padStart(2, "0");
|
h += c.toString(16).padStart(2, "0");
|
||||||
}
|
}
|
||||||
if (k.mod(secp256k1n).eqn(0)) {
|
return "0x" + new BN(keccak256(h).slice(2), 16).mod(secp256k1n).toString(16).padStart(64, 0);
|
||||||
return null;
|
|
||||||
}
|
|
||||||
return h;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function updateOutputValues(ev) {
|
function updateOutputValues(ev) {
|
||||||
|
|
Loading…
Reference in New Issue