This forum is provided to promote discussion amongst students enrolled in
CITS3007 Secure Coding.
If posting a question, it's suggested you check first whether your question
is answered in the unit Frequently Asked Questions (FAQ) list, and use the search box
(on the right) to see if an answer to your question has already been posted.
Please consider offering answers and suggestions to help other students!
And if you fix a problem by following a suggestion here,
it would be great if other interested students could see a short
"Great, fixed it!" followup message.
Hi,
Are we able to assume that the given range does not apply to the output of an encrypt function call or do we need to fit the output of the function to match this range?
For example, if encrypting from 'A' to 'Z', can the cipher text go outside these bounds and contain punctuation? The project only mentions that the plain text must be between this range.
Thank you
Can you clarify, what part of the spec or code are you referring to, when you say "The project only mentions that the plain text must be between this range"? I can't spot anything in the spec which imposes such a requirement.
Amongst other things, the spec says (in section 3.1.1):
characters in plain_text that fall within the range range_low to range_highare encrypted, but everything
outside that range is not -- it is simply copied directly into ciphertext.
If there were a requirement that the plaintext fall within the range, it wouldn't make any sense to talk about "everything outside that range".
Cheers
Arran
ANONYMOUS wrote:
Hi,
Are we able to assume that the given range does not apply to the output of an encrypt function call or do we need to fit the output of the function to match this range?
For example, if encrypting from 'A' to 'Z', can the cipher text go outside these bounds and contain punctuation? The project only mentions that the plain text must be between this range.
Yes, sorry for not clarifying, the section that you mentioned is what I was referring to. My understanding is that we should encrypt and decrypt according to those range_low and range_high values, incorporating wraparound. I have since had a closer look at the brief and this seems to be the case.
No worries. Just to explain why it's done this way: often, example presentations of e.g. the Caesar cipher will operate only on uppercase alphabetic characters, and everything else is "passed through". But sometimes you might want to treat, say, punctuation or lowercase letters as being part of the "alphabet" the cipher uses. So the spec allows you to specify which characters will be encrypted and which won't.
cheers
Arran
Hi again,
Yes, sorry for not clarifying, the section that you mentioned is what I was referring to. My understanding is that we should encrypt and decrypt according to those range_low and range_high values, incorporating wraparound. I have since had a closer look at the brief and this seems to be the case.
Hi,
I don't understand what the function call would look like if we were including punctuation within the range.
Would you be able to provide an example of this?
Thanks.
I think you may have a fairly major misunderstanding of the project specification and the header file you're provided with. My first suggestion would be to first make sure you've read through the whole of the specification and the provided header file. My next suggestion would be to discuss it in your lab with the lab facilitation staff.
If that doesn't help, then perhaps post again, saying what you currently understand, and what you're still unclear about.
cheers,
Arran
ANONYMOUS wrote:
Hi Arran, does this mean we are free to decide whether our function encrypts lower case alphabets and punctuation characters?
As a first step, I'd suggest you show what you think it might look like - presumably you can make some guesses?
Cheers
Arran
Hi,
I don't understand what the function call would look like if we were including punctuation within the range.
Would you be able to provide an example of this?
