package fic import ( "bytes" "errors" "regexp" "time" "golang.org/x/crypto/blake2b" ) // Flag represents a flag's challenge, stored as hash. type Flag struct { Id int64 `json:"id"` // IdExercice is the identifier of the underlying challenge IdExercice int64 `json:"idExercice"` // Label is the title of the flag as displayed to players Label string `json:"label"` // Help is a small piece of text that aims to add useful information like flag format, ... Help string `json:"help"` // IgnoreCase indicates if the case is sensitive to case or not IgnoreCase bool `json:"ignorecase"` // ValidatorRegexp extracts a subset of the player's answer, that will be checked. ValidatorRegexp *string `json:"validator_regexp"` // Checksum is the expected hashed flag Checksum []byte `json:"value"` } // GetFlags returns a list of flags comming with the challenge. func (e Exercice) GetFlags() ([]Flag, error) { if rows, err := DBQuery("SELECT id_flag, id_exercice, type, help, ignorecase, validator_regexp, cksum FROM exercice_flags WHERE id_exercice = ?", e.Id); err != nil { return nil, err } else { defer rows.Close() var flags = make([]Flag, 0) for rows.Next() { var k Flag k.IdExercice = e.Id if err := rows.Scan(&k.Id, &k.IdExercice, &k.Label, &k.Help, &k.IgnoreCase, &k.ValidatorRegexp, &k.Checksum); err != nil { return nil, err } flags = append(flags, k) } if err := rows.Err(); err != nil { return nil, err } return flags, nil } } // GetFlagByLabel returns a flag matching the given label. func (e Exercice) GetFlagByLabel(label string) (k Flag, err error) { err = DBQueryRow("SELECT id_flag, id_exercice, type, help, ignorecase, validator_regexp, cksum FROM exercice_flags WHERE type LIKE ? AND id_exercice = ?", label, e.Id).Scan(&k.Id, &k.IdExercice, &k.Label, &k.Help, &k.IgnoreCase, &k.ValidatorRegexp, &k.Checksum) return } // getHashedFlag calculates the expected checksum for the given raw_value. func getHashedFlag(raw_value []byte) [blake2b.Size]byte { hash := blake2b.Sum512(raw_value) return hash } // AddRawFlag creates and fills a new struct Flag, from a non-hashed flag, and registers it into the database. func (e Exercice) AddRawFlag(name string, help string, ignorecase bool, validator_regexp *string, raw_value []byte) (Flag, error) { if ignorecase { raw_value = bytes.ToLower(raw_value) } // Check that raw value passes through the regexp if validator_regexp != nil { if re, err := regexp.Compile(*validator_regexp); err != nil { return Flag{}, err } else if res := re.FindSubmatch(raw_value); res == nil { return Flag{}, errors.New("Expected flag doesn't pass through the validator_regexp") } else { raw_value = bytes.Join(res[1:], []byte("+")) } } hash := getHashedFlag(raw_value) return e.AddFlag(name, help, ignorecase, validator_regexp, hash[:]) } // AddFlag creates and fills a new struct Flag, from a hashed flag, and registers it into the database. func (e Exercice) AddFlag(name string, help string, ignorecase bool, validator_regexp *string, checksum []byte) (Flag, error) { // Check the regexp compile if validator_regexp != nil { if _, err := regexp.Compile(*validator_regexp); err != nil { return Flag{}, err } } if res, err := DBExec("INSERT INTO exercice_flags (id_exercice, type, help, ignorecase, validator_regexp, cksum) VALUES (?, ?, ?, ?, ?, ?)", e.Id, name, help, ignorecase, validator_regexp, checksum); err != nil { return Flag{}, err } else if kid, err := res.LastInsertId(); err != nil { return Flag{}, err } else { return Flag{kid, e.Id, name, help, ignorecase, validator_regexp, checksum}, nil } } // Update applies modifications back to the database. func (k Flag) Update() (int64, error) { if k.ValidatorRegexp != nil { if _, err := regexp.Compile(*k.ValidatorRegexp); err != nil { return 0, err } } if res, err := DBExec("UPDATE exercice_flags SET id_exercice = ?, type = ?, help = ?, ignorecase = ?, validator_regexp = ?, cksum = ? WHERE id_flag = ?", k.IdExercice, k.Label, k.Help, k.IgnoreCase, k.ValidatorRegexp, k.Checksum, k.Id); err != nil { return 0, err } else if nb, err := res.RowsAffected(); err != nil { return 0, err } else { return nb, err } } // Delete the flag from the database. func (k Flag) Delete() (int64, error) { if _, err := DBExec("DELETE FROM exercice_files_deps WHERE id_flag = ?", k.Id); err != nil { return 0, err } else if _, err := DBExec("DELETE FROM flag_choices WHERE id_flag = ?", k.Id); err != nil { return 0, err } else if res, err := DBExec("DELETE FROM exercice_flags WHERE id_flag = ?", k.Id); err != nil { return 0, err } else if nb, err := res.RowsAffected(); err != nil { return 0, err } else { return nb, err } } // WipeFlags deletes flags coming with the challenge. func (e Exercice) WipeFlags() (int64, error) { if _, err := DBExec("DELETE FROM exercice_files_deps WHERE id_flag IN (SELECT id_flag FROM exercice_flags WHERE id_exercice = ?)", e.Id); err != nil { return 0, err } else if _, err := DBExec("DELETE FROM flag_choices WHERE id_flag IN (SELECT id_flag FROM exercice_flags WHERE id_exercice = ?)", e.Id); err != nil { return 0, err } else if res, err := DBExec("DELETE FROM exercice_flags WHERE id_exercice = ?", e.Id); err != nil { return 0, err } else if nb, err := res.RowsAffected(); err != nil { return 0, err } else { return nb, err } } // Check if the given val is the expected one for this flag. func (k Flag) Check(val []byte) bool { if k.IgnoreCase { val = bytes.ToLower(val) } // Check that raw value passes through the regexp if k.ValidatorRegexp != nil { re := regexp.MustCompile(*k.ValidatorRegexp) if res := re.FindSubmatch(val); res != nil { val = bytes.Join(res[1:], []byte("+")) } } // Check that the value is not empty if len(val) == 0 { return false } hash := getHashedFlag(val) if len(k.Checksum) != len(hash) { return false } for i := range hash { if k.Checksum[i] != hash[i] { return false } } return true } // FoundBy registers in the database that the given Team solved the flag. func (k Flag) FoundBy(t Team) { DBExec("INSERT INTO flag_found (id_flag, id_team, time) VALUES (?, ?, ?)", k.Id, t.Id, time.Now()) }