EXPORTED const char *message_guid_encode(const struct message_guid *guid) { static char text[2*MESSAGE_GUID_SIZE+1]; int r = bin_to_hex(&guid->value, MESSAGE_GUID_SIZE, text, BH_LOWER); assert(r == 2*MESSAGE_GUID_SIZE); return text; }
EXPORTED char *jmapauth_tokenid(const struct jmapauth_token *tok) { struct buf buf = BUF_INITIALIZER; unsigned mdlen, hexlen; char macbuf[EVP_MAX_MD_SIZE]; char hexbuf[(JMAPAUTH_KEY_LEN + EVP_MAX_MD_SIZE)*2]; int r; /* Build the key */ r = make_key(&buf, tok); if (r) return NULL; /* Sign the extended key */ if (!(HMAC(EVP_sha1(), tok->secret, JMAPAUTH_SECRET_LEN, (unsigned char*) buf.s, buf.len, (unsigned char*) macbuf, &mdlen))) { buf_free(&buf); return NULL; } buf_appendmap(&buf, macbuf, mdlen); /* And return it hex-encoded */ hexlen = bin_to_hex(buf.s, buf.len, hexbuf, 0); if (hexlen != (mdlen + JMAPAUTH_KEY_LEN)*2) { buf_free(&buf); return NULL; } buf_free(&buf); return xstrndup(hexbuf, hexlen); }
int main(void) { unsigned char *r, *hex_char; r = pseudo_random(32); hex_char = bin_to_hex(r, 32); return 0; }
/*! * Get hexadecimal key ID from a key (public or private). */ static int keyid_hex(gnutls_x509_privkey_t key, gnutls_pubkey_t pubkey, char **id) { _cleanup_binary_ dnssec_binary_t bin = { 0 }; int r = keyid_bin(key, pubkey, &bin); if (r != DNSSEC_EOK) { return r; } return bin_to_hex(&bin, id); }
static int crypt_all(int *pcount, struct db_salt *salt) { int count = *pcount; int index = 0; if (any_cracked) { memset(cracked, 0, cracked_size); any_cracked = 0; } #ifdef _OPENMP #pragma omp parallel for #endif for (index = 0; index < count; index++) { /* password */ MD5_CTX md5_ctx; unsigned char md5_bin_hash[MD5_LEN]; char dynamic_hash[MD5_LEN_HEX+1], final_hash[MD5_LEN_HEX+1]; /* Generate dynamic hash including pw (see above) */ MD5_Init(&md5_ctx); MD5_Update(&md5_ctx, (unsigned char*)pSalt->dynamic_hash_data, pSalt->dynamic_hash_data_len); MD5_Update(&md5_ctx, (unsigned char*)saved_key[index], strlen(saved_key[index])); MD5_Final(md5_bin_hash, &md5_ctx); bin_to_hex(bin2hex_table, md5_bin_hash, MD5_LEN, dynamic_hash, MD5_LEN_HEX); /* Generate digest response hash */ MD5_Init(&md5_ctx); MD5_Update(&md5_ctx, (unsigned char*)dynamic_hash, MD5_LEN_HEX); MD5_Update(&md5_ctx, (unsigned char*)pSalt->static_hash_data, pSalt->static_hash_data_len); MD5_Final(md5_bin_hash, &md5_ctx); bin_to_hex(bin2hex_table, md5_bin_hash, MD5_LEN, final_hash, MD5_LEN_HEX); /* Check for match */ if(!strncmp(final_hash, pSalt->login_hash, MD5_LEN_HEX)) any_cracked = cracked[index] = 1; } return count; }
/* 函数名称:unsigned short bin_to_unsigned_short_private(const char* bin_array) 功能描述:通过输入CRC校验码的二进制形式 返回值:CRC16编码的unsigned short 形式 参数: bin_array cnost char* 传入需要校验的二进制字符串指针 注: 这个函数存在很大的限制,只能用于本模块内部使用,不可外部调用 */ unsigned short bin_to_unsigned_short_private(const char* bin_array) { unsigned short value = 0, tmp_val = 0; unsigned size = 0, i = 0; int bin_array_size = 0; char hex_array[8] = {0}; double xx = 16; bin_array_size = strlen(bin_array); if(bin_array == NULL || bin_array_size == 0) return 0; size = bin_to_hex(bin_array, bin_array_size, hex_array); hex_array[size] = 0; for(i = 0; i < size; ++i) { if(hex_array[i] == ' ') continue; if((hex_array[i] >= '0') && (hex_array[i] <= '9')) tmp_val = (hex_array[i] - '0'); else if((hex_array[i] >= 'A') && (hex_array[i] <= 'F')) tmp_val = (hex_array[i] - 'A' + 10); else if((hex_array[i] >= 'a') && (hex_array[i] <= 'f')) tmp_val = (hex_array[i] - 'a' + 10); switch(i){ case 0: value += static_cast<unsigned short>(pow(xx, 3)) * tmp_val; break; case 1: value += static_cast<unsigned short>(pow(xx, 2)) * tmp_val; break; case 3: value += 16 * tmp_val; break; case 4: value += tmp_val; break; default: break; } } return value; }
static void crypt_all(int count) { int index = 0; #ifdef _OPENMP #pragma omp parallel for #endif for (index = 0; index < count; index++) { /* password */ MD5_CTX md5_ctx; unsigned char md5_bin_hash[MD5_LEN]; char dynamic_hash[MD5_LEN_HEX+1], final_hash[MD5_LEN_HEX+1]; char pw[PLAINTEXT_LENGTH + 1]; size_t pw_len=0; strcpy(pw, saved_key[index]); /* Generate dynamic hash including pw (see above) */ MD5_Init(&md5_ctx); MD5_Update(&md5_ctx, (unsigned char*)pSalt->dynamic_hash_data, pSalt->dynamic_hash_data_len); pw_len = strlen(pw); MD5_Update(&md5_ctx, (unsigned char*)pw, (pw[pw_len-2] == 0x0d ? pw_len-2 : pw[pw_len-1] == 0x0a ? pw_len -1 : pw_len)); MD5_Final(md5_bin_hash, &md5_ctx); bin_to_hex(bin2hex_table, md5_bin_hash, MD5_LEN, dynamic_hash, MD5_LEN_HEX); /* Generate digest response hash */ MD5_Init(&md5_ctx); MD5_Update(&md5_ctx, (unsigned char*)dynamic_hash, MD5_LEN_HEX); MD5_Update(&md5_ctx, (unsigned char*)pSalt->static_hash_data, pSalt->static_hash_data_len); MD5_Final(md5_bin_hash, &md5_ctx); bin_to_hex(bin2hex_table, md5_bin_hash, MD5_LEN, final_hash, MD5_LEN_HEX); /* Check for match */ if(!strncmp(final_hash, pSalt->login_hash, MD5_LEN_HEX)) { cracked[index] = 1; } } }
int main(void) { char A[] = "1c0111001f010100061a024b53535009181c"; char B[] = "686974207468652062756c6c277320657965"; size_t size = strlen(A) / 2; char buf[128], xor[128]; hex_to_bin(A, A); hex_to_bin(B, B); printf("A ^ B = \"%s\"\n", bin_to_hex(buf, str_xor(xor, A, B, size), size)); return 0; }
HIDDEN const char *sha1_file(int fd, const char *fname, size_t limit, char buf[2 * SHA1_DIGEST_LENGTH + 1]) { const char *map = NULL; size_t len = 0, calc_len; unsigned char sha1_raw[SHA1_DIGEST_LENGTH]; int r; map_refresh(fd, /*onceonly*/ 1, &map, &len, MAP_UNKNOWN_LEN, fname, NULL); calc_len = limit == SHA1_LIMIT_WHOLE_FILE ? len : MIN(limit, len); xsha1((const unsigned char *) map, calc_len, sha1_raw); map_free(&map, &len); r = bin_to_hex(sha1_raw, SHA1_DIGEST_LENGTH, buf, BH_LOWER); assert(r == 2 * SHA1_DIGEST_LENGTH); return buf; }
int main(void) { char *line; ssize_t cgc_read; int ret; char ret_buffer[9]; size_t i; struct command { const char *name; int (*cmd)(char *); } cmds[] = { { "login ", login }, { "greet ", greet }, { "quit", quit } }; while (1) { if ((cgc_read = read_line(STDIN, &line)) < 0) return -1; if (line[cgc_read - 1] == '\n') line[cgc_read - 1] = '\0'; ret = -1; for (i = 0; i < sizeof(cmds) / sizeof(cmds[0]); i++) { if (strncmp(line, cmds[i].name, cgc_strlen(cmds[i].name)) == 0) { ret = cmds[i].cmd(line + cgc_strlen(cmds[i].name)); break; } } cgc_memset(line, '\0', cgc_read); free(line); bin_to_hex(ret_buffer, &ret, sizeof(ret)); ret_buffer[2 * sizeof(ret)] = '\n'; if (write_all(STDOUT, ret_buffer, sizeof(ret_buffer)) != sizeof(ret_buffer)) return -1; } return 0; }
static int xor_login(char *name) { size_t secret_size = sizeof(secret) - 1; size_t token_size, sig_size, signed_token_size; char *token, *signed_token; char sig[secret_size]; if ((token = make_token(name)) == NULL) return -1; token_size = cgc_strlen(token); signed_token_size = token_size + 2 * secret_size + 2; if ((signed_token = realloc(token, signed_token_size)) == NULL) { free(token); return -1; } if ((sig_size = xor_sig(signed_token, token_size, sig)) == 0) { free(signed_token); return -1; } signed_token[token_size] = '|'; bin_to_hex(signed_token + token_size + 1, sig, sig_size); signed_token[signed_token_size - 1] = '\n'; if (write_all(STDOUT, signed_token, signed_token_size) != signed_token_size) return -1; cgc_memset(sig, '\x00', sig_size); cgc_memset(signed_token, '\x00', signed_token_size); free(signed_token); return 0; }
static int adler32_login(char *name) { size_t token_size, sig_size, signed_token_size; char *token, *signed_token; unsigned int sig; if ((token = make_token(name)) == NULL) return -1; token_size = cgc_strlen(token); signed_token_size = token_size + 2 * sizeof(sig) + 2; if ((signed_token = realloc(token, signed_token_size)) == NULL) { free(token); return -1; } if ((sig_size = adler32_sig(signed_token, token_size, (char *)(&sig))) == 0) { free(signed_token); return -1; } signed_token[token_size] = '|'; bin_to_hex(signed_token + token_size + 1, &sig, sig_size); signed_token[signed_token_size - 1] = '\n'; if (write_all(STDOUT, signed_token, signed_token_size) != signed_token_size) return -1; sig = 0; cgc_memset(signed_token, '\x00', signed_token_size); free(signed_token); return 0; }
static int md5_hmac_login(char *name) { size_t token_size, sig_size, signed_token_size; char *token, *signed_token; unsigned char sig[16]; if ((token = make_token(name)) == NULL) return -1; token_size = strlen(token); signed_token_size = token_size + 2 * sizeof(sig) + 2; if ((signed_token = realloc(token, signed_token_size)) == NULL) { free(token); return -1; } if ((sig_size = md5_hmac_sig(signed_token, token_size, (char *)sig)) == 0) { free(signed_token); return -1; } signed_token[token_size] = '|'; bin_to_hex(signed_token + token_size + 1, sig, sig_size); signed_token[signed_token_size - 1] = '\n'; if (write_all(STDOUT, signed_token, signed_token_size) != signed_token_size) return -1; memset(sig, '\x00', sig_size); memset(signed_token, '\x00', signed_token_size); free(signed_token); return 0; }
static int greet(char *token) { char *user_sig, *tok; char calc_sig[32], hex_sig[64], message[200]; char name[MAX_NAME_LENGTH + 1]; unsigned int *counter = NULL; size_t sig_size, i; int matched = 0; size_t (*sig_methods[])(const char *, size_t, char *) = { #ifndef PATCHED xor_sig, adler32_sig, md5_sig #else md5_hmac_sig #endif }; if ((user_sig = strrchr(token, '|')) == NULL) return -1; *user_sig++ = '\0'; for (i = 0; i < sizeof(sig_methods) / sizeof(sig_methods[0]); i++) { sig_size = sig_methods[i](token, cgc_strlen(token), calc_sig); bin_to_hex(hex_sig, calc_sig, sig_size); if (strncmp(user_sig, hex_sig, 2 * sig_size) == 0) { matched = 1; break; } } if (!matched) return -1; cgc_memset(name, '\x00', MAX_NAME_LENGTH + 1); for (tok = strtok(token, '|'); tok != NULL; tok = strtok(NULL, '|')) { if (strncmp(tok, "name=", 5) == 0) { #ifndef PATCHED strcpy(name, tok + 5); #else strncpy(name, tok + 5, MAX_NAME_LENGTH); #endif } else if (strncmp(tok, "counter=", 8) == 0) { if (cgc_strlen(tok + 8) == 8) counter = (unsigned int *)hex_to_uint(tok + 8); } } if (cgc_strlen(name) == 0 || counter == NULL) return -1; cgc_memset(message, '\x00', sizeof(message)); (*counter)++; strcpy(message, "Hello "); strcat(message, name); strcat(message, ", we've seen you "); itoa(*counter, message + cgc_strlen(message)); strcat(message, " times!\n"); if (write_all(STDOUT, message, cgc_strlen(message)) != cgc_strlen(message)) return -1; return 0; }
// NOTE, this still needs work. I am sure this will not eliminate (compact out) // duplicate salts. static void *get_salt(char *ciphertext) { sip_salt *salt; static char saltBuf[2048]; char *lines[16]; login_t login; int num_lines; MD5_CTX md5_ctx; unsigned char md5_bin_hash[MD5_LEN]; char static_hash[MD5_LEN_HEX+1]; char *saltcopy = saltBuf; salt = mem_calloc_tiny(sizeof(sip_salt), MEM_ALIGN_NONE); strcpy(saltBuf, ciphertext); saltcopy += 6; /* skip over "$sip$*" */ memset(&login, 0, sizeof(login_t)); num_lines = stringtoarray(lines, saltcopy, '*'); assert(num_lines == 14); strncpy(login.server, lines[0], sizeof(login.server) - 1 ); strncpy(login.client, lines[1], sizeof(login.client) - 1 ); strncpy(login.user, lines[2], sizeof(login.user) - 1 ); strncpy(login.realm, lines[3], sizeof(login.realm) - 1 ); strncpy(login.method, lines[4], sizeof(login.method) - 1 ); /* special handling for uri */ if (!strcmp(lines[7], "")) sprintf(login.uri, "%s:%s", lines[5], lines[6]); else sprintf(login.uri, "%s:%s:%s", lines[5], lines[6], lines[7]); strncpy(login.nonce, lines[8], sizeof(login.nonce) - 1 ); strncpy(login.cnonce, lines[9], sizeof(login.cnonce) - 1 ); strncpy(login.nonce_count, lines[10], sizeof(login.nonce_count) - 1 ); strncpy(login.qop, lines[11], sizeof(login.qop) - 1 ); strncpy(login.algorithm, lines[12], sizeof(login.algorithm) - 1 ); strncpy(login.hash, lines[13], sizeof(login.hash) - 1 ); if(strncmp(login.algorithm, "MD5", strlen(login.algorithm))) { printf("\n* Cannot crack '%s' hash, only MD5 supported so far...\n", login.algorithm); exit(-1); } /* Generating MD5 static hash: 'METHOD:URI' */ MD5_Init(&md5_ctx); MD5_Update(&md5_ctx, (unsigned char*)login.method, strlen( login.method )); MD5_Update(&md5_ctx, (unsigned char*)":", 1); MD5_Update(&md5_ctx, (unsigned char*)login.uri, strlen( login.uri )); MD5_Final(md5_bin_hash, &md5_ctx); bin_to_hex(bin2hex_table, md5_bin_hash, MD5_LEN, static_hash, MD5_LEN_HEX); /* Constructing first part of dynamic hash: 'USER:REALM:' */ salt->dynamic_hash_data = salt->Buf; snprintf(salt->dynamic_hash_data, DYNAMIC_HASH_SIZE, "%s:%s:", login.user, login.realm); salt->dynamic_hash_data_len = strlen(salt->dynamic_hash_data); /* Construct last part of final hash data: ':NONCE(:CNONCE:NONCE_COUNT:QOP):<static_hash>' */ /* no qop */ salt->static_hash_data = &(salt->Buf[salt->dynamic_hash_data_len+1]); if(!strlen(login.qop)) snprintf(salt->static_hash_data, STATIC_HASH_SIZE, ":%s:%s", login.nonce, static_hash); /* qop/conce/cnonce_count */ else snprintf(salt->static_hash_data, STATIC_HASH_SIZE, ":%s:%s:%s:%s:%s", login.nonce, login.nonce_count, login.cnonce, login.qop, static_hash); /* Get lens of static buffers */ salt->static_hash_data_len = strlen(salt->static_hash_data); /* Begin brute force attack */ #ifdef SIP_DEBUG printf("Starting bruteforce against user '%s' (%s: '%s')\n", login.user, login.algorithm, login.hash); #endif strcpy(salt->login_hash, login.hash); return salt; }
static int verify_chunk_checksums(struct backup *backup, struct backup_chunk *chunk, struct gzuncat *gzuc, int verbose, FILE *out) { int r; if (out && verbose) fprintf(out, "checking chunk %d checksums...\n", chunk->id); /* validate file-prior-to-this-chunk checksum */ if (out && verbose > 1) fprintf(out, " checking file checksum...\n"); char file_sha1[2 * SHA1_DIGEST_LENGTH + 1]; sha1_file(backup->fd, backup->data_fname, chunk->offset, file_sha1); r = strncmp(chunk->file_sha1, file_sha1, sizeof(file_sha1)); if (r) { syslog(LOG_DEBUG, "%s: %s (chunk %d) file checksum mismatch: %s on disk, %s in index\n", __func__, backup->data_fname, chunk->id, file_sha1, chunk->file_sha1); if (out) fprintf(out, "file checksum mismatch for chunk %d: %s on disk, %s in index\n", chunk->id, file_sha1, chunk->file_sha1); goto done; } /* validate data-within-this-chunk checksum */ // FIXME length and data_sha1 are set at backup_append_end. // detect and correctly report case where this hasn't occurred. if (out && verbose > 1) fprintf(out, " checking data length\n"); char buf[8192]; /* FIXME whatever */ size_t len = 0; SHA_CTX sha_ctx; SHA1_Init(&sha_ctx); gzuc_member_start_from(gzuc, chunk->offset); while (!gzuc_member_eof(gzuc)) { ssize_t n = gzuc_read(gzuc, buf, sizeof(buf)); if (n >= 0) { SHA1_Update(&sha_ctx, buf, n); len += n; } } gzuc_member_end(gzuc, NULL); if (len != chunk->length) { syslog(LOG_DEBUG, "%s: %s (chunk %d) data length mismatch: " SIZE_T_FMT " on disk," SIZE_T_FMT " in index\n", __func__, backup->data_fname, chunk->id, len, chunk->length); if (out) fprintf(out, "data length mismatch for chunk %d: " SIZE_T_FMT " on disk," SIZE_T_FMT " in index\n", chunk->id, len, chunk->length); r = -1; goto done; } if (out && verbose > 1) fprintf(out, " checking data checksum...\n"); unsigned char sha1_raw[SHA1_DIGEST_LENGTH]; char data_sha1[2 * SHA1_DIGEST_LENGTH + 1]; SHA1_Final(sha1_raw, &sha_ctx); r = bin_to_hex(sha1_raw, SHA1_DIGEST_LENGTH, data_sha1, BH_LOWER); assert(r == 2 * SHA1_DIGEST_LENGTH); r = strncmp(chunk->data_sha1, data_sha1, sizeof(data_sha1)); if (r) { syslog(LOG_DEBUG, "%s: %s (chunk %d) data checksum mismatch: %s on disk, %s in index\n", __func__, backup->data_fname, chunk->id, data_sha1, chunk->data_sha1); if (out) fprintf(out, "data checksum mismatch for chunk %d: %s on disk, %s in index\n", chunk->id, data_sha1, chunk->data_sha1); goto done; } done: syslog(LOG_DEBUG, "%s: checksum %s!\n", __func__, r ? "failed" : "passed"); if (out && verbose) fprintf(out, "%s\n", r ? "error" : "ok"); return r; }