cybersecurity · beginner · ~15 min
Case-insensitive substring scan; per-line iteration.
Given a config string, count how many lines mention any of these known-weak ciphers (case-insensitive substring match): MD5, SHA1, DES, RC4, 3DES. Implement int weak_crypto_count(const char *config).
Auditing config files for deprecated crypto is the kind of grep-able problem real security tools (semgrep, bandit, OpenSSL hardener) solve every day. Implementing one teaches the alert-vs-allow distinction.
Multi-line config buffer, null-terminated.
Number of lines containing any weak algorithm.
Each line counts at most once even if it mentions several.
int weak_crypto_count(const char *config) { /* TODO */ return 0; }
Counting SHA256 as SHA1 (need word boundary or proper token check — for this exercise substring is fine, but watch the test cases); counting the same line twice when two algorithms appear.
Empty input. Line with two weak ciphers — counts once.
O(n * weak_count).
Solve this exercise in the browser editor — compile and run against the test harness, no setup required.