From da9d10e96cd5ca243f00f8924f01e76b7f8ca245 Mon Sep 17 00:00:00 2001 From: Luca Rupp Date: Fri, 19 Apr 2024 15:03:28 +0200 Subject: [PATCH 1/3] Add Luhn checksum operation. --- src/main/java/de/usd/cstchef/Utils.java | 3 +- .../usd/cstchef/operations/hashing/Luhn.java | 47 +++++++++++++++++++ 2 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 src/main/java/de/usd/cstchef/operations/hashing/Luhn.java diff --git a/src/main/java/de/usd/cstchef/Utils.java b/src/main/java/de/usd/cstchef/Utils.java index 0e7b4f8..5f74693 100644 --- a/src/main/java/de/usd/cstchef/Utils.java +++ b/src/main/java/de/usd/cstchef/Utils.java @@ -80,6 +80,7 @@ import de.usd.cstchef.operations.hashing.SHA3; import de.usd.cstchef.operations.hashing.Skein; import de.usd.cstchef.operations.hashing.Tiger; +import de.usd.cstchef.operations.hashing.Luhn; import de.usd.cstchef.operations.hashing.Whirlpool; import de.usd.cstchef.operations.misc.ReadFile; import de.usd.cstchef.operations.misc.WriteFile; @@ -228,7 +229,7 @@ public static Class[] getOperationsDev() { Suffix.class, Sum.class, StringContains.class, StringMatch.class, Tiger.class, ToBase64.class, ToHex.class, UnixTimestamp.class, UrlDecode.class, UrlEncode.class, Whirlpool.class, WriteFile.class, XmlFullSignature.class, XmlMultiSignature.class, - Xor.class, SoapMultiSignature.class + Xor.class, SoapMultiSignature.class, Luhn.class }; } diff --git a/src/main/java/de/usd/cstchef/operations/hashing/Luhn.java b/src/main/java/de/usd/cstchef/operations/hashing/Luhn.java new file mode 100644 index 0000000..0d8e2fe --- /dev/null +++ b/src/main/java/de/usd/cstchef/operations/hashing/Luhn.java @@ -0,0 +1,47 @@ +package de.usd.cstchef.operations.hashing; + +import de.usd.cstchef.operations.Operation; +import de.usd.cstchef.operations.OperationCategory; +import de.usd.cstchef.operations.Operation.OperationInfos; + + +@OperationInfos(name = "Luhn", category = OperationCategory.HASHING, description = "Calculate Luhn of a number") +public class Luhn extends Operation { + + @Override + protected byte[] perform(byte[] input) throws Exception { + + for (int i = 0; i < input.length; i++){ + if ((input[i] < '0') || (input[i] > '9')) { + throw new IllegalArgumentException("Luhn can only be applied to numerical values."); + } + } + + int check_digit = calculateLuhnCheckDigit(input); + return new byte[]{ (byte) (check_digit + '0')}; + } + + private int calculateLuhnCheckDigit(byte[] input) { + int sum = 0; + boolean doubleDigit = true; + + for (int i = input.length - 1; i >= 0; i--) { + + + + int digit = Integer.valueOf(Character.toString ((char) input[i])); + + if (doubleDigit) { + digit *= 2; + if (digit > 9) { + digit -= 9; + } + } + sum += digit; + doubleDigit = !doubleDigit; + } + + int mod = sum % 10; + return mod == 0 ? 0 : 10 - mod; + } +} From 5daaa15eb3c2d1ecab40f7125107d4870edaf90b Mon Sep 17 00:00:00 2001 From: Felix Buschbeck Date: Tue, 7 May 2024 05:28:39 -0400 Subject: [PATCH 2/3] resolve conflict --- src/main/java/de/usd/cstchef/Utils.java | 48 ++++++++++++++----------- 1 file changed, 27 insertions(+), 21 deletions(-) diff --git a/src/main/java/de/usd/cstchef/Utils.java b/src/main/java/de/usd/cstchef/Utils.java index 9a8a47e..87cb3ff 100644 --- a/src/main/java/de/usd/cstchef/Utils.java +++ b/src/main/java/de/usd/cstchef/Utils.java @@ -287,27 +287,33 @@ public static Class[] getOperationsBurp() { @SuppressWarnings("unchecked") public static Class[] getOperationsDev() { return new Class[] { - Addition.class, AddKey.class, AesDecryption.class, AesEncryption.class, And.class, - Blake.class, DateTime.class, Deflate.class, DesDecryption.class, DesEncryption.class, - Divide.class, DivideList.class, DSTU7564.class, FromBase64.class, FromHex.class, - GetVariable.class, Gost.class, GUnzip.class, Gzip.class, Hmac.class, - HttpBodyExtractor.class, HttpCookieExtractor.class, HttpGetExtractor.class, - HttpGetSetter.class, HttpHeaderExtractor.class, HttpHeaderSetter.class, - HttpJsonExtractor.class, HttpJsonSetter.class, HttpMethodExtractor.class, - HttpPostExtractor.class, HttpPostSetter.class, HTTPRequest.class, HttpSetBody.class, - HttpSetCookie.class, HttpSetUri.class, HttpUriExtractor.class, HttpXmlExtractor.class, - HttpXmlSetter.class, HtmlEncode.class, HtmlDecode.class, Inflate.class, - JsonExtractor.class, JsonSetter.class, Length.class, LineExtractor.class, - LineSetter.class, MD2.class, MD4.class, MD5.class, Mean.class, Median.class, - Multiply.class, MultiplyList.class, NoOperation.class, NumberCompare.class, Prefix.class, - RandomNumber.class, RandomUUID.class ,ReadFile.class, RegexExtractor.class, Reverse.class, Replace.class, - RIPEMD.class, RsaDecryption.class, RsaEncryption.class, RsaSignature.class, RegexMatch.class, - SetIfEmpty.class, SHA1.class, SHA2.class, SHA3.class, Skein.class, SplitAndSelect.class, - StaticString.class, StoreVariable.class, Sub.class, Substring.class, Uppercase.class, Lowercase.class, Subtraction.class, - Suffix.class, Sum.class, StringContains.class, StringMatch.class, Tiger.class, - ToBase64.class, ToHex.class, UnixTimestamp.class, UrlDecode.class, UrlEncode.class, - Whirlpool.class, WriteFile.class, XmlFullSignature.class, XmlMultiSignature.class, - Xor.class, SoapMultiSignature.class, Luhn.class + Addition.class, AddKey.class, AesDecryption.class, AesEncryption.class, And.class, + Blake.class, Counter.class, DateTime.class, Deflate.class, DesDecryption.class, DesEncryption.class, + Divide.class, DivideList.class, DSTU7564.class, FromBase64.class, FromHex.class, + GetRequestBuilder.class, + GetVariable.class, Gost.class, GUnzip.class, Gzip.class, Hmac.class, + HttpBodyExtractor.class, HttpCookieExtractor.class, HttpGetExtractor.class, + HttpGetSetter.class, HttpHeaderExtractor.class, HttpHeaderSetter.class, + HttpJsonExtractor.class, HttpJsonSetter.class, HttpMethodExtractor.class, HttpMultipartExtractor.class, + HttpMultipartSetter.class, + HttpPostExtractor.class, HttpPostSetter.class, PlainRequest.class, HttpSetBody.class, + HttpSetCookie.class, HttpSetUri.class, HttpUriExtractor.class, HttpXmlExtractor.class, + HttpXmlSetter.class, HtmlEncode.class, HtmlDecode.class, Inflate.class, + JsonExtractor.class, JsonSetter.class, JWTDecode.class, JWTSign.class, Length.class, + LineExtractor.class, + LineSetter.class, MD2.class, MD4.class, MD5.class, Mean.class, Median.class, + Multiply.class, MultiplyList.class, NoOperation.class, NumberCompare.class, Prefix.class, + RandomNumber.class, RandomUUID.class, ReadFile.class, RegexExtractor.class, Reverse.class, + Replace.class, + RIPEMD.class, RsaDecryption.class, RsaEncryption.class, RsaSignature.class, SM2Signature.class, SM3.class, SM4Encryption.class, SM4Decryption.class, RegexMatch.class, + SetIfEmpty.class, SHA1.class, SHA2.class, SHA3.class, Skein.class, SplitAndSelect.class, + StaticString.class, StoreVariable.class, Sub.class, Substring.class, Uppercase.class, Lowercase.class, + Subtraction.class, + Suffix.class, Sum.class, StringContains.class, StringMatch.class, Tiger.class, + TimestampOffset.class, TimestampToDateTime.class, ToBase64.class, ToHex.class, UnixTimestamp.class, + UrlDecode.class, UrlEncode.class, + Whirlpool.class, WriteFile.class, XmlFullSignature.class, XmlMultiSignature.class, + Xor.class, SoapMultiSignature.class, Luhn.class }; } From 88c0e19d4d8c4e1b387b337aa87553dbc9cf1c67 Mon Sep 17 00:00:00 2001 From: Felix Buschbeck Date: Tue, 7 May 2024 05:30:27 -0400 Subject: [PATCH 3/3] fix montoya api issues --- .../de/usd/cstchef/operations/hashing/Luhn.java | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/main/java/de/usd/cstchef/operations/hashing/Luhn.java b/src/main/java/de/usd/cstchef/operations/hashing/Luhn.java index 0d8e2fe..b544a60 100644 --- a/src/main/java/de/usd/cstchef/operations/hashing/Luhn.java +++ b/src/main/java/de/usd/cstchef/operations/hashing/Luhn.java @@ -1,5 +1,7 @@ package de.usd.cstchef.operations.hashing; +import burp.api.montoya.core.ByteArray; +import de.usd.cstchef.Utils.MessageType; import de.usd.cstchef.operations.Operation; import de.usd.cstchef.operations.OperationCategory; import de.usd.cstchef.operations.Operation.OperationInfos; @@ -9,27 +11,27 @@ public class Luhn extends Operation { @Override - protected byte[] perform(byte[] input) throws Exception { + protected ByteArray perform(ByteArray input, MessageType messageType) throws Exception { - for (int i = 0; i < input.length; i++){ - if ((input[i] < '0') || (input[i] > '9')) { + for (int i = 0; i < input.length(); i++){ + if ((input.getByte(i) < '0') || (input.getByte(i) > '9')) { throw new IllegalArgumentException("Luhn can only be applied to numerical values."); } } int check_digit = calculateLuhnCheckDigit(input); - return new byte[]{ (byte) (check_digit + '0')}; + return factory.createByteArray((byte)check_digit + '0'); } - private int calculateLuhnCheckDigit(byte[] input) { + private int calculateLuhnCheckDigit(ByteArray input) { int sum = 0; boolean doubleDigit = true; - for (int i = input.length - 1; i >= 0; i--) { + for (int i = input.length() - 1; i >= 0; i--) { - int digit = Integer.valueOf(Character.toString ((char) input[i])); + int digit = Integer.valueOf(Character.toString ((char)input.getByte(i))); if (doubleDigit) { digit *= 2;