Commit Graph

20 Commits (d451db013762a7089c6f2962e5079950862b9f8e)

Author SHA1 Message Date
SI d451db0137 implement an option to reject non-checksum addresses put in the contestant's address field 2024-04-05 16:43:03 +02:00
SI 410bc147de add some field value length limits 2024-04-05 02:50:03 +02:00
SI 495e871d1a update the input field's acceptable-pattern to allow only printable ASCII, and tweak the (recommended) field width 2024-04-05 02:43:29 +02:00
SI 1eb8b5d97e test the contestant address field for validity 2024-04-05 02:26:00 +02:00
SI 512ecf13d6 use "1 + (h mod (n - 1))" instead of "mod n" to cast a hash to a private key
a private key must be in range [1, n - 1]

this change neatly eliminates the scenario where the private key value ends up being 0, though it was extremely unlikely to occur in the first place (and could not even be easily forced)

this changes the encoding -- players need to use the same encoding for submissions as the one used to post challenges
2024-04-05 01:40:07 +02:00
SI 470a92264d allow only printable ASCII characters in flag strings 2024-04-04 02:34:13 +02:00
SI 1eabc67732 don't take the raw flag string as the private key, process it through Keccak-256 for proper diffusion
this alleviates the need to manually write flags that are 64 characters long to protect against cryptanalysis

this changes the encoding -- players need to use the same encoding for submissions as the one used to post challenges
2024-04-04 02:21:47 +02:00
SI 0a7fca68dd ensure that the flag field is formatted as CCTF{...}, otherwise treat it as invalid 2024-04-04 02:16:55 +02:00
SI c186f2b318 properly handle the case where the (flag-derived) key is invalid (e.g., namely, unpopulated field)
this practically rewrites the JavaScript code in the index.html file

now the tool works without manual intervention
2023-11-22 20:10:27 +01:00
SI d2a8c1eba8 rewrite pattern using \{ instead of [{] 2023-11-21 02:12:47 +01:00
SI c7cdc0631d add type="text/javascript" to <script>s 2023-11-21 02:12:07 +01:00
SI 5afb8c91ca implement a proper flag encoder tool as an HTML+JS app 2023-08-20 01:20:23 +00:00
SI 7afa16d86b bump Solidity version pragma 2023-08-20 01:16:49 +00:00
SI bbf820eac4 tweak docs 2023-08-20 01:16:43 +00:00
SI a9e5739f9f implement block-timestamp-based (automatic) deadlines, replacing opening/closing feature 2023-08-20 01:16:40 +00:00
SI bb84619a9a allow the password to be choosable 2023-08-20 01:16:36 +00:00
SI 92fb1016d8 use big endian, a more standard interpretation 2023-08-20 01:16:10 +00:00
money36 d175acecd6 nuke the old flag encoder shit 2022-12-10 12:19:03 +01:00
money36 af8ee3f01b import solutions 2022-12-07 10:46:50 +01:00
droka 79048ae42d flag encoder beta 2022-12-06 22:15:22 +01:00