// Generate MAC address
void NullGenerateMacAddress(UCHAR *mac, UINT id, UINT seq)
{
UCHAR hash[SHA1_SIZE];
char name[MAX_SIZE];
BUF *b;
// Validate arguments
if (mac == NULL)
{
return;
}
b = NewBuf();
WriteBufInt(b, id);
WriteBufInt(b, seq);
GetMachineHostName(name, sizeof(name));
#ifdef OS_WIN32
WriteBufInt(b, MsGetCurrentProcessId());
#endif // OS_WIN32
WriteBufStr(b, name);
Sha1(hash, b->Buf, b->Size);
FreeBuf(b);
Copy(mac, hash, 6);
mac[0] = 0x7E;
}
main(){
uint8_t buf[9999];
scanf("%s", buf);
int i, n = strlen((char *)buf);
Sha1(buf, n);
for (i = 0;i < 20;++i)
printf("%02X ", buf[i]);
puts("");
}
void MainWindow::clickedSha()
{
ui->textOut->setVisible( true );
QString str;
str = Sha1( ui->openF->text());
ui->textOut->setText( str );
}
template<> Sha1 convert_to(const std::string& from)
{
std::vector<uint8_t> digest(Sha1::HashSize);
for (size_t i=0; i<Sha1::HashSize; ++i) {
if (i*2+1 >= from.size())
break;
digest[i] = convert_to<int>(from.substr(i*2, 2));
}
return Sha1(digest);
}
int btContent::GetHashValue(size_t idx,unsigned char *md)
{
if( ReadPiece(global_piece_buffer,idx) < 0) return -1;
Sha1(global_piece_buffer,GetPieceLength(idx),md);
return 0;
}
int btContent::InitialFromMI(const char *metainfo_fname,const char *saveas)
{
#define ERR_RETURN() {if(b) delete []b; return -1;}
unsigned char *ptr = m_shake_buffer;
char *b;
const char *s;
size_t flen, q, r;
b = _file2mem(metainfo_fname,&flen);
if ( !b ) return -1;
// announce
if( !meta_str("announce",&s,&r) ) ERR_RETURN();
if( r > MAXPATHLEN ) ERR_RETURN();
m_announce = new char [r + 1];
memcpy(m_announce, s, r);
m_announce[r] = '\0';
// infohash
if( !(r = meta_pos("info")) ) ERR_RETURN();
if( !(q = decode_dict(b + r, flen - r, (char *) 0)) ) ERR_RETURN();
Sha1(b + r, q, m_shake_buffer + 28);
if( meta_int("creation date",&r)) m_create_date = (time_t) r;
// hash table
if( !meta_str("info|pieces",&s,&m_hashtable_length) ||
m_hashtable_length % 20 != 0) ERR_RETURN();
m_hash_table = new unsigned char[m_hashtable_length];
#ifndef WINDOWS
if( !m_hash_table ) ERR_RETURN();
#endif
memcpy(m_hash_table, s, m_hashtable_length);
if(!meta_int("info|piece length",&m_piece_length)) ERR_RETURN();
m_npieces = m_hashtable_length / 20;
if( m_piece_length > cfg_max_slice_size * cfg_req_queue_length ){
fprintf(stderr,"error, piece length too long[%u]. please recomplie CTorrent with a larger cfg_max_slice_size in <btconfig.h>.\n", m_piece_length);
ERR_RETURN();
}
if( m_piece_length < cfg_req_slice_size )
cfg_req_slice_size = m_piece_length;
else{
for( ;(m_piece_length / cfg_req_slice_size) >= cfg_req_queue_length; ){
cfg_req_slice_size *= 2;
if( cfg_req_slice_size > cfg_max_slice_size ) ERR_RETURN();
}
}
if( m_btfiles.BuildFromMI(b, flen, saveas) < 0) ERR_RETURN();
delete []b;
PrintOut();
if( arg_flg_exam_only ) return 0;
if( ( r = m_btfiles.CreateFiles() ) < 0) ERR_RETURN();
global_piece_buffer = new char[m_piece_length];
#ifndef WINDOWS
if( !global_piece_buffer ) ERR_RETURN();
#endif
pBF = new BitField(m_npieces);
#ifndef WINDOWS
if( !pBF ) ERR_RETURN();
#endif
m_left_bytes = m_btfiles.GetTotalLength() / m_piece_length;
if( m_btfiles.GetTotalLength() % m_piece_length ) m_left_bytes++;
if( m_left_bytes != m_npieces ) ERR_RETURN();
m_left_bytes = m_btfiles.GetTotalLength();
if( arg_bitfield_file ){
if( !arg_flg_check_only ){
if( pBF->SetReferFile(arg_bitfield_file) >= 0){
size_t idx;
r = 0;
for( idx = 0; idx < m_npieces; idx++ )
if( pBF->IsSet(idx) ) m_left_bytes -= GetPieceLength(idx);
}
else{
fprintf(stderr,"warn, couldn't set bit field refer file %s.\n",arg_bitfield_file);
}
}
if( r ) CheckExist();
}else if( arg_flg_force_seed_mode ){
pBF->SetAll();
m_left_bytes = 0;
}else if( r ){
CheckExist();
}
printf("Already/Total: %u/%u\n",pBF->Count(),m_npieces);
if( arg_flg_check_only ){
if( arg_bitfield_file ) pBF->WriteToFile(arg_bitfield_file);
exit(1);
}
CacheConfigure();
*ptr = (unsigned char) 19; ptr++; // protocol string length
memcpy(ptr,"BitTorrent protocol",19); ptr += 19; // protocol string
memset(ptr,0,8); // reserved set zero.
{ // peer id
int i;
ptr = m_shake_buffer + 48;
for( i = 0; i < 20; i++,ptr++) *ptr = (unsigned char)(rand() & 0xFF);
}
return 0;
}
internal void *
EveEntryPoint(void *Arg)
{
Stopif(Arg, "Arg should be 0 in EveEntryPoint!\n");
EveWaitSlaveMessage("Entered Eve thread!\nEve intercepted A->B send p!\n");
EveInterceptMessage();
printf("Eve intercepted A->B send g!\n");
#if (G_EQUALS_1_ATTACK | G_EQUALS_P_ATTACK | G_EQUALS_P_MINUS_1_ATTACK)
GlobalSlaveMailbox.Message = &GlobalEveScratch;
#endif // some attack
#if G_EQUALS_1_ATTACK // g := 1
BigNumSetToOneUnchecked(&GlobalEveScratch);
#elif G_EQUALS_P_ATTACK // g := p
BigNumCopyUnchecked(&GlobalEveScratch, (bignum *)&NIST_RFC_3526_PRIME_1536);
#elif G_EQUALS_P_MINUS_1_ATTACK // g := p - 1
// TODO(bwd): works half the time... ((-1)^(X*Y) == -1) iff (X*Y) odd
BigNumSetToOneUnchecked(&GlobalEveScratch);
BigNumSubtract(&GlobalEveScratch, (bignum *)&NIST_RFC_3526_PRIME_1536, &GlobalEveScratch);
#endif // some attack
GlobalSlaveMailbox.MsgReceived = true;
while (!GlobalSlaveMailbox.AckMessage)
{
}
EveWaitSlaveMessage("Eve intercepted A->B send A!\n");
EveInterceptMessage();
u8 SessionSymmetricKey[SHA_1_HASH_LENGTH_BYTES];
Sha1(SessionSymmetricKey,
(u8 *)GlobalEveScratch.Num,
sizeof(GlobalEveScratch.Num[0])*GlobalEveScratch.SizeWords);
printf("Eve SessionSymmetricKey:\n");
PrintArray(SessionSymmetricKey, sizeof(SessionSymmetricKey));
ciphertext_iv_payload *MasterPayload = GlobalSlaveMailbox.Message;
u8 DecryptedMasterPt[DH_MALICIOUS_G_MAX_PLAINTEXT_SIZE_BYTES];
Stopif(MasterPayload->CtSizeBytes > sizeof(DecryptedMasterPt),
"Received ciphertext too large in EveEntryPoint!\n");
AesCbcDecrypt(DecryptedMasterPt,
MasterPayload->Ciphertext,
MasterPayload->CtSizeBytes,
SessionSymmetricKey,
MasterPayload->Iv);
printf("Eve intercepted message:\n%s", DecryptedMasterPt);
GlobalSlaveMailbox.MsgReceived = true;
return (void *)0;
}
std::string const &GetSha1(void) const
{
if (m_Sha1.empty())
m_Sha1 = Sha1(m_pBuffer, m_Size);
return m_Sha1;
}
CAnsiString Sha1(const wchar_t* psz)
{
return Sha1((void*)psz, (unsigned int)(wcslen(psz)*sizeof(wchar_t)));
}
CAnsiString Sha1(const char* psz)
{
return Sha1((void*)psz, (unsigned int)strlen(psz));
}
internal MIN_UNIT_TEST_FUNC(TestMitmKeyFixingAttack)
{
// A -> B
bignum A;
GenRandBigNumModNUnchecked(&A, (bignum *)&NIST_RFC_3526_PRIME_1536);
MontModExpRBigNumMax((bignum *)GlobalExchangeBuffer, (bignum *)&NIST_RFC_3526_GEN_BIGNUM, &A,
(bignum *)&NIST_RFC_3526_PRIME_1536);
// B gets session key
bignum B;
GenRandBigNumModNUnchecked(&B, (bignum *)&NIST_RFC_3526_PRIME_1536);
bignum SessionKeyB;
MontModExpRBigNumMax(&SessionKeyB, (bignum *)GlobalExchangeBuffer, &B, (bignum *)&NIST_RFC_3526_PRIME_1536);
// B -> A
MontModExpRBigNumMax((bignum *)GlobalExchangeBuffer, (bignum *)&NIST_RFC_3526_GEN_BIGNUM, &B,
(bignum *)&NIST_RFC_3526_PRIME_1536);
// A gets session key
bignum SessionKeyA;
MontModExpRBigNumMax(&SessionKeyA, (bignum *)GlobalExchangeBuffer, &A, (bignum *)&NIST_RFC_3526_PRIME_1536);
MinUnitAssert(AreVectorsEqual(SessionKeyA.Num, SessionKeyB.Num,
sizeof(u64)*NIST_RFC_3526_PRIME_1536.SizeWords),
"SessionKey mismatch in TestMitmKeyFixingAttack!");
// Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv
u8 Message[sizeof(DH_MITM_TEST_MSG_A) + AES_128_BLOCK_LENGTH_BYTES];
memcpy(Message, DH_MITM_TEST_MSG_A, sizeof(DH_MITM_TEST_MSG_A));
u8 IvA[AES_128_BLOCK_LENGTH_BYTES];
u8 SessionSymmetricKey[SHA_1_HASH_LENGTH_BYTES];
HashSessionKeyGenIvAndEncrypt(GlobalExchangeBuffer,
IvA,
(u8 *)SessionKeyA.Num,
sizeof(u64)*SessionKeyA.SizeWords,
Message,
STR_LEN(DH_MITM_TEST_MSG_A),
SessionSymmetricKey);
AesCbcDecrypt(Message, GlobalExchangeBuffer, STR_LEN(DH_MITM_TEST_MSG_A), SessionSymmetricKey, IvA);
MinUnitAssert(AreVectorsEqual(Message, (u8 *)DH_MITM_TEST_MSG_A, STR_LEN(DH_MITM_TEST_MSG_A)),
"Message mismatch in TestMitmKeyFixingAttack!");
// M -> B/A (sends fake p)
BigNumCopyUnchecked((bignum *)GlobalExchangeBuffer, (bignum *)&NIST_RFC_3526_PRIME_1536);
// B/A get fake session key
MontModExpRBigNumMax(&SessionKeyA, (bignum *)GlobalExchangeBuffer, &A, (bignum *)&NIST_RFC_3526_PRIME_1536);
Sha1(SessionSymmetricKey, (u8 *)SessionKeyA.Num, sizeof(u64)*SessionKeyA.SizeWords);
u8 EveGuessedSymmetricKey[SHA_1_HASH_LENGTH_BYTES];
Sha1(EveGuessedSymmetricKey, (u8 *)"", 0);
MinUnitAssert(AreVectorsEqual(EveGuessedSymmetricKey, SessionSymmetricKey, SHA_1_HASH_LENGTH_BYTES),
"Guessed symmetric-key mismatch in TestMitmKeyFixingAttack!");
}
std::string dxm::util::CCrypto::Sha1( const std::string& content )
{
return Sha1( content.data(), content.size() );
}
