Differences

This shows you the differences between two versions of the page.

--- courses:a4m36bis:start [2015/11/12 16:23]
stiboja2 [Homework:]
+++ courses:a4m36bis:start [2015/12/10 13:49]
stiboja2 [Points]
@@ Line 20: / Line 20: @@
 | AVAST - part 1                 | 2 points        | 3 points     |
 | AVAST - part 2                 | 2 points        | 3 points     |
-^ Total                          ^ 24 points       ^ 14 points    ^
+^ Total                          ^ 22 points       ^ 14 points    ^
 ^ Grade ^ Points ^
@@ Line 87: / Line 87: @@
     * HARD - 7 points
     * HARDEST - 10 points
+Example how to run the HMAC verifier:
+<code java>
+Verifier keyCzarVerifier = new Verifier("keys"); //Directory containing a key set - for more info see JavaDoc
+byte[] message = "Hello world".getBytes(); //original message in plain-text
+byte[] hMAC = new byte[]{}; //HMAC signature of the message
+boolean result = keyCzarVerifier.verify(message, hMAC);
+</code>
 Extra points (3 extra points) for performing the attack by interprocess communication (via stdin/out - class cz.cvut.keyczar.homework.VerificationServer) instead of directly calling and timing the verifier.
@@ Line 95: / Line 103: @@
   - You can help the timing by issuing a longer sleep, but justification is required.
   - You can use keyczar bindings for another language, eg. python or C++. Make sure you’ve got the correct (vulnerable) version: revision 412. You can modify the array comparison to include a sleep or similar call.
 === Lab 6 - 12.11.2015 - Penetration testing - Intro, information gathering ===