// Test CBC encryption according to NIST 800-38A.
void TestRijndael()
{
byte IV[16]={0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
byte PT[64]={
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10,
};
byte Key128[16]={0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c};
byte Chk128[16]={0x3f,0xf1,0xca,0xa1,0x68,0x1f,0xac,0x09,0x12,0x0e,0xca,0x30,0x75,0x86,0xe1,0xa7};
byte Key192[24]={0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b};
byte Chk192[16]={0x08,0xb0,0xe2,0x79,0x88,0x59,0x88,0x81,0xd9,0x20,0xa9,0xe6,0x4f,0x56,0x15,0xcd};
byte Key256[32]={0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4};
byte Chk256[16]={0xb2,0xeb,0x05,0xe2,0xc3,0x9b,0xe9,0xfc,0xda,0x6c,0x19,0x07,0x8c,0x6a,0x9d,0x1b};
byte *Key[3]={Key128,Key192,Key256};
byte *Chk[3]={Chk128,Chk192,Chk256};
Rijndael rij; // Declare outside of loop to test re-initialization.
for (uint L=0;L<3;L++)
{
byte Out[16];
wchar Str[sizeof(Out)*2+1];
uint KeyLength=128+L*64;
rij.Init(true,Key[L],KeyLength,IV);
for (uint I=0;I<sizeof(PT);I+=16)
rij.blockEncrypt(PT+I,16,Out);
BinToHex(Chk[L],16,NULL,Str,ASIZE(Str));
mprintf(L"\nAES-%d expected: %s",KeyLength,Str);
BinToHex(Out,sizeof(Out),NULL,Str,ASIZE(Str));
mprintf(L"\nAES-%d result: %s",KeyLength,Str);
if (memcmp(Out,Chk[L],16)==0)
mprintf(L" OK");
else
{
mprintf(L" FAILED");
getchar();
}
}
}
void VerifyCertificate()
{
X509* cert;
ssl_cert* certinfo = new ssl_cert;
this->certificate = certinfo;
unsigned int n;
unsigned char md[EVP_MAX_MD_SIZE];
cert = SSL_get_peer_certificate(sess);
if (!cert)
{
certinfo->error = "Could not get peer certificate: "+std::string(get_error());
return;
}
certinfo->invalid = (SSL_get_verify_result(sess) != X509_V_OK);
if (!SelfSigned)
{
certinfo->unknownsigner = false;
certinfo->trusted = true;
}
else
{
certinfo->unknownsigner = true;
certinfo->trusted = false;
}
char buf[512];
X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
certinfo->dn = buf;
X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf));
certinfo->issuer = buf;
if (!X509_digest(cert, profile->GetDigest(), md, &n))
{
certinfo->error = "Out of memory generating fingerprint";
}
else
{
certinfo->fingerprint = BinToHex(md, n);
}
if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), ServerInstance->Time()) == 0))
{
certinfo->error = "Not activated, or expired certificate";
}
X509_free(cert);
}
int SendSMS(int fd, const char *to, const char *from,const char *text)
{
UCHAR buf[200];
UCHAR at_cmd[1024];
LPSTR strHex;
int len;
int pdu_len;
int retry = 10;
fd = InitConn(115200);
SetPDUMode(fd);
len = ComposeSubmitSms(buf, sizeof(buf), to,from, NULL, text);
strHex = BinToHex(buf, len);
pdu_len = strlen(strHex)/2-1;
printf("%d: %s\n",strlen(strHex)/2-1, strHex);
sprintf(at_cmd,"AT+CMGS=%d\r",pdu_len);
fprintf(stderr,"S");
//return 0;
SendStrCmd(fd, at_cmd);
do{
len = ReadResp(fd);
}while(!strstr(readbuf,">") && retry-- > 0);
if(retry > 0)
{
fprintf(stderr,">");
sprintf(at_cmd,"%s\032",strHex); //CTRL-Z
SendStrCmd(fd, at_cmd);
do{
fprintf(stderr,".");
len = ReadResp(fd);
}while(!strstr(readbuf,"+CMGS:") && retry-- > 0);
}
if(retry > 0)
{
fprintf(stderr,"OK\n");
CloseConn(fd);
return 0;//success
}
else{
fprintf(stderr,"%s: %s\n",at_cmd,readbuf);
free(strHex);
}
CloseConn(fd);
return -1;//failed
}
void ListFileHeader(Archive &Arc,FileHeader &hd,bool &TitleShown,bool Verbose,bool Technical,bool Bare)
{
wchar *Name=hd.FileName;
RARFORMAT Format=Arc.Format;
if (Bare)
{
mprintf(L"%s\n",Name);
return;
}
if (!TitleShown && !Technical)
{
if (Verbose)
{
mprintf(L"\n%ls",St(MListTitleV));
mprintf(L"\n----------- --------- -------- ----- -------- ----- -------- ----");
}
else
{
mprintf(L"\n%ls",St(MListTitleL));
mprintf(L"\n----------- --------- -------- ----- ----");
}
TitleShown=true;
}
wchar UnpSizeText[20],PackSizeText[20];
if (hd.UnpSize==INT64NDF)
wcscpy(UnpSizeText,L"?");
else
itoa(hd.UnpSize,UnpSizeText);
itoa(hd.PackSize,PackSizeText);
wchar AttrStr[30];
if (hd.HeaderType==HEAD_SERVICE)
swprintf(AttrStr,ASIZE(AttrStr),L"%cB",hd.Inherited ? 'I' : '.');
else
ListFileAttr(hd.FileAttr,hd.HSType,AttrStr,ASIZE(AttrStr));
wchar RatioStr[10];
if (hd.SplitBefore && hd.SplitAfter)
wcscpy(RatioStr,L"<->");
else
if (hd.SplitBefore)
wcscpy(RatioStr,L"<--");
else
if (hd.SplitAfter)
wcscpy(RatioStr,L"-->");
else
swprintf(RatioStr,ASIZE(RatioStr),L"%d%%",ToPercentUnlim(hd.PackSize,hd.UnpSize));
wchar DateStr[50];
hd.mtime.GetText(DateStr,ASIZE(DateStr),Technical,Technical);
if (Technical)
{
mprintf(L"\n%12s: %s",St(MListName),Name);
bool FileBlock=hd.HeaderType==HEAD_FILE;
if (!FileBlock && Arc.SubHead.CmpName(SUBHEAD_TYPE_STREAM))
{
mprintf(L"\n%12ls: %ls",St(MListType),St(MListStream));
wchar StreamName[NM];
GetStreamNameNTFS(Arc,StreamName,ASIZE(StreamName));
mprintf(L"\n%12ls: %ls",St(MListTarget),StreamName);
}
else
{
const wchar *Type=St(FileBlock ? (hd.Dir ? MListDir:MListFile):MListService);
if (hd.RedirType!=FSREDIR_NONE)
switch(hd.RedirType)
{
case FSREDIR_UNIXSYMLINK:
Type=St(MListUSymlink); break;
case FSREDIR_WINSYMLINK:
Type=St(MListWSymlink); break;
case FSREDIR_JUNCTION:
Type=St(MListJunction); break;
case FSREDIR_HARDLINK:
Type=St(MListHardlink); break;
case FSREDIR_FILECOPY:
Type=St(MListCopy); break;
}
mprintf(L"\n%12ls: %ls",St(MListType),Type);
if (hd.RedirType!=FSREDIR_NONE)
if (Format==RARFMT15)
{
char LinkTargetA[NM];
if (Arc.FileHead.Encrypted)
{
// Link data are encrypted. We would need to ask for password
// and initialize decryption routine to display the link target.
strncpyz(LinkTargetA,"*<-?->",ASIZE(LinkTargetA));
}
else
{
int DataSize=(int)Min(hd.PackSize,ASIZE(LinkTargetA)-1);
Arc.Read(LinkTargetA,DataSize);
LinkTargetA[DataSize > 0 ? DataSize : 0] = 0;
}
wchar LinkTarget[NM];
CharToWide(LinkTargetA,LinkTarget,ASIZE(LinkTarget));
mprintf(L"\n%12ls: %ls",St(MListTarget),LinkTarget);
}
else
mprintf(L"\n%12ls: %ls",St(MListTarget),hd.RedirName);
}
if (!hd.Dir)
{
mprintf(L"\n%12ls: %ls",St(MListSize),UnpSizeText);
mprintf(L"\n%12ls: %ls",St(MListPacked),PackSizeText);
mprintf(L"\n%12ls: %ls",St(MListRatio),RatioStr);
}
if (hd.mtime.IsSet())
mprintf(L"\n%12ls: %ls",St(MListMtime),DateStr);
if (hd.ctime.IsSet())
{
hd.ctime.GetText(DateStr,ASIZE(DateStr),true,true);
mprintf(L"\n%12ls: %ls",St(MListCtime),DateStr);
}
if (hd.atime.IsSet())
{
hd.atime.GetText(DateStr,ASIZE(DateStr),true,true);
mprintf(L"\n%12ls: %ls",St(MListAtime),DateStr);
}
mprintf(L"\n%12ls: %ls",St(MListAttr),AttrStr);
if (hd.FileHash.Type==HASH_CRC32)
mprintf(L"\n%12ls: %8.8X",
hd.UseHashKey ? L"CRC32 MAC":hd.SplitAfter ? L"Pack-CRC32":L"CRC32",
hd.FileHash.CRC32);
if (hd.FileHash.Type==HASH_BLAKE2)
{
wchar BlakeStr[BLAKE2_DIGEST_SIZE*2+1];
BinToHex(hd.FileHash.Digest,BLAKE2_DIGEST_SIZE,NULL,BlakeStr,ASIZE(BlakeStr));
mprintf(L"\n%12ls: %ls",
hd.UseHashKey ? L"BLAKE2 MAC":hd.SplitAfter ? L"Pack-BLAKE2":L"BLAKE2",
BlakeStr);
}
const wchar *HostOS=L"";
if (Format==RARFMT50 && hd.HSType!=HSYS_UNKNOWN)
HostOS=hd.HSType==HSYS_WINDOWS ? L"Windows":L"Unix";
if (Format==RARFMT15)
{
static const wchar *RarOS[]={
L"DOS",L"OS/2",L"Windows",L"Unix",L"Mac OS",L"BeOS",L"WinCE",L"",L"",L""
};
if (hd.HostOS<ASIZE(RarOS))
HostOS=RarOS[hd.HostOS];
}
if (*HostOS!=0)
mprintf(L"\n%12ls: %ls",St(MListHostOS),HostOS);
mprintf(L"\n%12ls: RAR %ls(v%d) -m%d -md=%d%s",St(MListCompInfo),
Format==RARFMT15 ? L"3.0":L"5.0",hd.UnpVer,hd.Method,
hd.WinSize>=0x100000 ? hd.WinSize/0x100000:hd.WinSize/0x400,
hd.WinSize>=0x100000 ? L"M":L"K");
if (hd.Solid || hd.Encrypted)
{
mprintf(L"\n%12ls: ",St(MListFlags));
if (hd.Solid)
mprintf(L"%ls ",St(MListSolid));
if (hd.Encrypted)
mprintf(L"%ls ",St(MListEnc));
}
if (hd.Version)
{
uint Version=ParseVersionFileName(Name,false);
if (Version!=0)
mprintf(L"\n%12ls: %u",St(MListFileVer),Version);
}
if (hd.UnixOwnerSet)
{
mprintf(L"\n%12ls: ",L"Unix owner");
if (*hd.UnixOwnerName!=0)
mprintf(L"%ls:",GetWide(hd.UnixOwnerName));
if (*hd.UnixGroupName!=0)
mprintf(L"%ls",GetWide(hd.UnixGroupName));
if ((*hd.UnixOwnerName!=0 || *hd.UnixGroupName!=0) && (hd.UnixOwnerNumeric || hd.UnixGroupNumeric))
mprintf(L" ");
if (hd.UnixOwnerNumeric)
mprintf(L"#%d:",hd.UnixOwnerID);
if (hd.UnixGroupNumeric)
mprintf(L"#%d:",hd.UnixGroupID);
}
mprintf(L"\n");
return;
}
mprintf(L"\n%c%10ls %9ls ",hd.Encrypted ? '*' : ' ',AttrStr,UnpSizeText);
if (Verbose)
mprintf(L"%9ls %4ls ",PackSizeText,RatioStr);
mprintf(L" %ls ",DateStr);
if (Verbose)
{
if (hd.FileHash.Type==HASH_CRC32)
mprintf(L"%8.8X ",hd.FileHash.CRC32);
else
if (hd.FileHash.Type==HASH_BLAKE2)
{
byte *S=hd.FileHash.Digest;
mprintf(L"%02x%02x..%02x ",S[0],S[1],S[31]);
}
else
mprintf(L"???????? ");
}
mprintf(L"%-12ls",Name);
}
void VerifyCertificate(issl_session* session, StreamSocket* user)
{
if (!session->sess || !user)
return;
unsigned int status;
const gnutls_datum_t* cert_list;
int ret;
unsigned int cert_list_size;
gnutls_x509_crt_t cert;
char str[512];
unsigned char digest[512];
size_t digest_size = sizeof(digest);
size_t name_size = sizeof(str);
ssl_cert* certinfo = new ssl_cert;
session->cert = certinfo;
/* This verification function uses the trusted CAs in the credentials
* structure. So you must have installed one or more CA certificates.
*/
ret = gnutls_certificate_verify_peers2(session->sess, &status);
if (ret < 0)
{
certinfo->error = std::string(gnutls_strerror(ret));
return;
}
certinfo->invalid = (status & GNUTLS_CERT_INVALID);
certinfo->unknownsigner = (status & GNUTLS_CERT_SIGNER_NOT_FOUND);
certinfo->revoked = (status & GNUTLS_CERT_REVOKED);
certinfo->trusted = !(status & GNUTLS_CERT_SIGNER_NOT_CA);
/* Up to here the process is the same for X.509 certificates and
* OpenPGP keys. From now on X.509 certificates are assumed. This can
* be easily extended to work with openpgp keys as well.
*/
if (gnutls_certificate_type_get(session->sess) != GNUTLS_CRT_X509)
{
certinfo->error = "No X509 keys sent";
return;
}
ret = gnutls_x509_crt_init(&cert);
if (ret < 0)
{
certinfo->error = gnutls_strerror(ret);
return;
}
cert_list_size = 0;
cert_list = gnutls_certificate_get_peers(session->sess, &cert_list_size);
if (cert_list == NULL)
{
certinfo->error = "No certificate was found";
goto info_done_dealloc;
}
/* This is not a real world example, since we only check the first
* certificate in the given chain.
*/
ret = gnutls_x509_crt_import(cert, &cert_list[0], GNUTLS_X509_FMT_DER);
if (ret < 0)
{
certinfo->error = gnutls_strerror(ret);
goto info_done_dealloc;
}
gnutls_x509_crt_get_dn(cert, str, &name_size);
certinfo->dn = str;
gnutls_x509_crt_get_issuer_dn(cert, str, &name_size);
certinfo->issuer = str;
if ((ret = gnutls_x509_crt_get_fingerprint(cert, hash, digest, &digest_size)) < 0)
{
certinfo->error = gnutls_strerror(ret);
}
else
{
certinfo->fingerprint = BinToHex(digest, digest_size);
}
/* Beware here we do not check for errors.
*/
if ((gnutls_x509_crt_get_expiration_time(cert) < ServerInstance->Time()) || (gnutls_x509_crt_get_activation_time(cert) > ServerInstance->Time()))
{
certinfo->error = "Not activated, or expired certificate";
}
info_done_dealloc:
gnutls_x509_crt_deinit(cert);
}
std::string hash(const unsigned char* input, size_t length) const
{
mbedtls_md(md, input, length, &buf.front());
return BinToHex(&buf.front(), buf.size());
}
std::string reversedip;
if (user->client_sa.family() == AF_INET)
{
unsigned int a, b, c, d;
d = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 24) & 0xFF;
c = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 16) & 0xFF;
b = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 8) & 0xFF;
a = (unsigned int) user->client_sa.in4.sin_addr.s_addr & 0xFF;
reversedip = ConvToStr(d) + "." + ConvToStr(c) + "." + ConvToStr(b) + "." + ConvToStr(a);
}
else if (user->client_sa.family() == AF_INET6)
{
const unsigned char* ip = user->client_sa.in6.sin6_addr.s6_addr;
std::string buf = BinToHex(ip, 16);
for (std::string::const_reverse_iterator it = buf.rbegin(); it != buf.rend(); ++it)
{
reversedip.push_back(*it);
reversedip.push_back('.');
}
}
else
return;
ServerInstance->Logs.Log(MODNAME, LOG_DEBUG, "Reversed IP %s -> %s", user->GetIPString().c_str(), reversedip.c_str());
countExt.set(user, DNSBLConfEntries.size());
// For each DNSBL, we will run through this lookup
for (unsigned i = 0; i < DNSBLConfEntries.size(); ++i)
//---------------------------------------------------------------------------
void __fastcall TForm1::cmdExecuteClick(TObject *Sender)
{
#define BUF_SIZE 20480
int fh;
String FilePath;
int bytes;
unsigned char buffer[BUF_SIZE];
// progress values
__int64 TotalSize = 0;
__int64 FileSize;
float percent;
int PercentNum;
// Keccak bit
int KeccakBit = 256;
switch (ComboBox1->ItemIndex) {
case 0: // Keccak-224
KeccakBit = 224;
break;
case 1: // Keccak-256
KeccakBit = 256;
break;
case 2: // Keccak-384
KeccakBit = 384;
break;
case 3: // Keccak-512
KeccakBit = 512;
break;
default:
Memo1->Lines->Add("Keccak bit is unexcepted to select.");
return;
}
// Keccak result
BitSequence result[64];
// result hex string
char hashval[1024];
for (int i = 0; i < 1024; i++){
hashval[i] = NULL;
}
// Keccak return value
HashReturn ret;
// Keccak hash state structure
hashState st;
//-----------------------------------
// Keccak Init
//-----------------------------------
if ( (ret = KeccakInit(&st, KeccakBit)) != 0 ){
Memo1->Lines->Add("Keccak init error:" + IntToStr(ret));
return;
}
else{
Memo1->Lines->Add("Keccak init ok.");
}
//-----------------------------------
// String to Keccak hash.
//-----------------------------------
if (RadioButton1->Checked == true) {
Memo1->Lines->Add("Test string:" + Edit1->Text);
KeccakUpdate(&st, Edit1->Text.t_str(), Edit1->Text.Length()*8); // <- "bit"!
}
//-----------------------------------
// File to Keccak hash.
//-----------------------------------
else{
FilePath = Label1->Caption;
Memo1->Lines->Add(FilePath);
if ( FileExists(FilePath) == false){
Memo1->Lines->Add("...file is not found.");
return;
}
fh = FileOpen(FilePath, fmOpenRead);
if (fh < 0) {
Memo1->Lines->Add("...file could not open.");
return;
}
FileSize = FileSeek(fh, (__int64)0, 2);
FileSeek(fh, 0, 0);
Memo1->Lines->Add("Keccak update...");
// read file...
while ((bytes = FileRead (fh, buffer, BUF_SIZE)) != 0){
KeccakUpdate(&st, buffer, bytes*8); // <- "bit"!
TotalSize+=bytes;
percent = (float)TotalSize/FileSize;
if ( PercentNum != int(percent*100) ){
PercentNum = int(percent*100);
Memo1->Lines->Strings[Memo1->Lines->Count-1] = "Keccak update..." + IntToStr(PercentNum)+"%";
Memo1->Invalidate();
}
}
FileClose(fh);
}
//-----------------------------------
// Final
//-----------------------------------
KeccakFinal(&st, result);
// convert result data to hex strings.
BinToHex( result, hashval, KeccakBit/8);
Memo1->Lines->Add("Keccak-" + IntToStr(KeccakBit) + " result:\n" + (String)hashval);
}
//calcula o CRC a partir de uma sequencia de binarios e do polinomio definido
void CalculaCRC(char* bin, char* polinomio)
{
int i, j, pointer = 0; //i e j = contadores; pointer aponta para uma posicao do vetor de bits
char *hex; //irá armazenar o CRC em hexadecimal
//armazenam o tamanho dos vetores de binarios e do polinomio
int tamBin = strlen(bin);
int tamPol = strlen(polinomio);
//aloca espacao para o vetor HEX
hex = (char*) malloc ((tamPol/4)+3);
*hex = NULL;
hex[tamPol/4+2]='\0';
//adiciona tamPol-1 zeros ao final do vetor de binários
for(i=tamBin; i<tamBin+tamPol-1;i++)
{
bin[i]='0';
}
//calcula novo tamBin após adição dos 0's ao final
tamBin = strlen(bin);
//armazena os dividendos das divisões consecutivas até encontrar o resto
char dividendo[tamPol+1];
//inicializa o dividendo com os primeiros tamPol bits do vetor binário
for(i=0;i<tamPol;i++)
{
dividendo[i]=bin[i];
}
dividendo[tamPol]='\0';
//realiza as divisões sucessivas até encontrar o resto que é o CRC
for(i=0;i<tamBin-tamPol+1;i++)
{
//verifica se o dividendo é divisível pelo polinômio
if(dividendo[0]!='0')
{
//realiza o XOR bit a bit da divisão
for(j=0;j<tamPol-1;j++)
{
dividendo[j]=xor(dividendo[j+1], polinomio[j+1]);
}
//adiciona o próximo bit ao dividendo, exceto na ultima interação
if(tamBin!=tamPol+pointer+1)
dividendo[tamPol-1]=bin[tamPol+pointer];
}
else //dividendo não é divisível pelo polinômio
{
//realiza o XOR de cada bit do dividendo XOR 0
for(j=0;j<tamPol-1;j++)
{
dividendo[j]=xor(dividendo[j+1], '0');
}
//adiciona o próximo bit ao dividendo, exceto na ultima interação
if(tamBin!=tamPol+pointer+1)
dividendo[tamPol-1]=bin[tamPol+pointer];
}
pointer++;
//printf("\ndividendo: %s\n", dividendo);
}
printf("\nCRC binario: %s\n", dividendo);
//calcula o CRC na base hexadecimal
BinToHex(dividendo, hex);
printf("\nCRC em hex: %s\n", hex);
free(hex);
}
