为什么这段代码没有产生正确的散列?
Why does this code not produce a correct hash?
我不得不用 C 语言编写一个小型解密程序来从一个文件中暴力破解密钥,此处 "resource.bin",然后使用该文件使用 DES-EDE 解密另一个文件,此处 "rom_dump.bin" .正确密钥的指示是解密的文件内容以以 [=11=] 结尾的十位数字开头。之后,解密后的内容应写入另一个文件,此处为 "decrypted.bin" 并且该文件应使用 ECDSA 进行哈希处理(使用函数 EVP_ecdsa())。所有这些都是在 SUSE Linux 上完成的。这些文件可以在这里找到:
https://spideroak.com/browse/share/see/stack/Whosebug/
现在,解密工作正常,但哈希值不正确:
a493af52c1a000fcace34de8b0a74a9cf9067ffc
但即使经过几天的搜索,我也找不到问题所在。这可能只是我正在监督的一些无可厚非的事情,但如果有人能在这里帮助我,我会很高兴。提前致谢。
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>
#include <unistd.h>
#include <fcntl.h>
const unsigned long long bufferSize = 0x10000;
int checkOutput(unsigned char *output) {
int i = 0;
for (i; i < 6; i++) {
if (!isdigit(output[i])) {
return 0;
}
}
return 1;
}
void changeKey(unsigned char *key, unsigned char *fileContent, long keyLength,
long initVectorLength) {
int i = 0;
for (i; i < keyLength + initVectorLength; i++) {
key[i] = fileContent[i];
}
}
void toHashFile(FILE *hashFile, unsigned char *hash, int hashLength) {
int i = 0;
for (i; i < hashLength; i++) {
fprintf(hashFile, "%02x", hash[i]);
}
fprintf(hashFile, "\n");
}
void toOutputFile(FILE *fileName, unsigned char *output,
int outputLength) {
int i = 0;
for (i; i < outputLength; i++) {
fprintf(fileName, "%c", output[i]);
}
fprintf(fileName, "\n");
}
void writeToFile(const unsigned char *fileName, unsigned char *content,
int contentLength,
void (*functionPointer)(FILE *, unsigned char *, int)) {
FILE *file = fopen(fileName, "w");
(*functionPointer)(file, content, contentLength);
fclose(file);
}
void createHash(unsigned char *hash, unsigned char *output, int length,
int *hashLength) {
EVP_MD_CTX hashContext;
EVP_MD_CTX_init(&hashContext);
EVP_DigestInit(&hashContext, EVP_ecdsa());
EVP_DigestUpdate(&hashContext, output, length);
EVP_DigestFinal(&hashContext, hash, hashLength);
}
int main() {
/* output stuff */
unsigned char keyAndInitVector[24] = {0x00};
unsigned char output[bufferSize];
unsigned char outputFinal[bufferSize];
int outputLength;
/* determine key length and init vector */
int initVectorLength = EVP_CIPHER_iv_length(EVP_des_ede_ecb());
int keyLength = EVP_CIPHER_key_length(EVP_des_ede_ecb());
/* read resource files */
unsigned char romFileContent[bufferSize];
unsigned char resFileContent[bufferSize];
int romLength = read(open("rom_dump.bin", O_RDONLY), romFileContent,
bufferSize);
int resLength = read(open("resource.bin", O_RDONLY), resFileContent,
bufferSize);
/* init context */
EVP_CIPHER_CTX cypherContext;
EVP_CIPHER_CTX_init(&cypherContext);
int i = 0, j;
int isDecrypted = 0;
for (i; i < romLength - (keyLength + initVectorLength) &&
!isDecrypted; i++) {
changeKey(keyAndInitVector, romFileContent + i, keyLength,
initVectorLength);
EVP_DecryptInit(&cypherContext, EVP_des_ede_ecb(),
keyAndInitVector, keyAndInitVector + keyLength);
EVP_DecryptUpdate(&cypherContext, output, &outputLength,
resFileContent, resLength);
for (j = 0; j < resLength; j++) {
if (checkOutput(output + j) == 1) {
isDecrypted = 1;
break;
}
}
}
if (isDecrypted) {
int postfixLength;
EVP_DecryptFinal(&cypherContext, outputFinal,
&postfixLength);
writeToFile("decrypted.bin", output,
outputLength + postfixLength, &toOutputFile);
int hashLength = 0;
unsigned char hash[bufferSize];
createHash(hash, output, outputLength + postfixLength,
&hashLength);
writeToFile("hash.txt", hash, hashLength, &toHashFile);
}
EVP_CIPHER_CTX_cleanup(&cypherContext);
return isDecrypted;
}
在你的 toOutputFile() 函数中,你添加了一个 \n 到你的文件,但是在 main() 中你没有散列文件,但是 output .
这意味着,您的 decrypted.bin 有一个额外的 \n,它在您的 output 中不存在,这就是为什么在对文件进行哈希处理时,哈希值将与您的不同使用该程序创建。
我不得不用 C 语言编写一个小型解密程序来从一个文件中暴力破解密钥,此处 "resource.bin",然后使用该文件使用 DES-EDE 解密另一个文件,此处 "rom_dump.bin" .正确密钥的指示是解密的文件内容以以 [=11=] 结尾的十位数字开头。之后,解密后的内容应写入另一个文件,此处为 "decrypted.bin" 并且该文件应使用 ECDSA 进行哈希处理(使用函数 EVP_ecdsa())。所有这些都是在 SUSE Linux 上完成的。这些文件可以在这里找到:
https://spideroak.com/browse/share/see/stack/Whosebug/
现在,解密工作正常,但哈希值不正确:
a493af52c1a000fcace34de8b0a74a9cf9067ffc
但即使经过几天的搜索,我也找不到问题所在。这可能只是我正在监督的一些无可厚非的事情,但如果有人能在这里帮助我,我会很高兴。提前致谢。
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>
#include <unistd.h>
#include <fcntl.h>
const unsigned long long bufferSize = 0x10000;
int checkOutput(unsigned char *output) {
int i = 0;
for (i; i < 6; i++) {
if (!isdigit(output[i])) {
return 0;
}
}
return 1;
}
void changeKey(unsigned char *key, unsigned char *fileContent, long keyLength,
long initVectorLength) {
int i = 0;
for (i; i < keyLength + initVectorLength; i++) {
key[i] = fileContent[i];
}
}
void toHashFile(FILE *hashFile, unsigned char *hash, int hashLength) {
int i = 0;
for (i; i < hashLength; i++) {
fprintf(hashFile, "%02x", hash[i]);
}
fprintf(hashFile, "\n");
}
void toOutputFile(FILE *fileName, unsigned char *output,
int outputLength) {
int i = 0;
for (i; i < outputLength; i++) {
fprintf(fileName, "%c", output[i]);
}
fprintf(fileName, "\n");
}
void writeToFile(const unsigned char *fileName, unsigned char *content,
int contentLength,
void (*functionPointer)(FILE *, unsigned char *, int)) {
FILE *file = fopen(fileName, "w");
(*functionPointer)(file, content, contentLength);
fclose(file);
}
void createHash(unsigned char *hash, unsigned char *output, int length,
int *hashLength) {
EVP_MD_CTX hashContext;
EVP_MD_CTX_init(&hashContext);
EVP_DigestInit(&hashContext, EVP_ecdsa());
EVP_DigestUpdate(&hashContext, output, length);
EVP_DigestFinal(&hashContext, hash, hashLength);
}
int main() {
/* output stuff */
unsigned char keyAndInitVector[24] = {0x00};
unsigned char output[bufferSize];
unsigned char outputFinal[bufferSize];
int outputLength;
/* determine key length and init vector */
int initVectorLength = EVP_CIPHER_iv_length(EVP_des_ede_ecb());
int keyLength = EVP_CIPHER_key_length(EVP_des_ede_ecb());
/* read resource files */
unsigned char romFileContent[bufferSize];
unsigned char resFileContent[bufferSize];
int romLength = read(open("rom_dump.bin", O_RDONLY), romFileContent,
bufferSize);
int resLength = read(open("resource.bin", O_RDONLY), resFileContent,
bufferSize);
/* init context */
EVP_CIPHER_CTX cypherContext;
EVP_CIPHER_CTX_init(&cypherContext);
int i = 0, j;
int isDecrypted = 0;
for (i; i < romLength - (keyLength + initVectorLength) &&
!isDecrypted; i++) {
changeKey(keyAndInitVector, romFileContent + i, keyLength,
initVectorLength);
EVP_DecryptInit(&cypherContext, EVP_des_ede_ecb(),
keyAndInitVector, keyAndInitVector + keyLength);
EVP_DecryptUpdate(&cypherContext, output, &outputLength,
resFileContent, resLength);
for (j = 0; j < resLength; j++) {
if (checkOutput(output + j) == 1) {
isDecrypted = 1;
break;
}
}
}
if (isDecrypted) {
int postfixLength;
EVP_DecryptFinal(&cypherContext, outputFinal,
&postfixLength);
writeToFile("decrypted.bin", output,
outputLength + postfixLength, &toOutputFile);
int hashLength = 0;
unsigned char hash[bufferSize];
createHash(hash, output, outputLength + postfixLength,
&hashLength);
writeToFile("hash.txt", hash, hashLength, &toHashFile);
}
EVP_CIPHER_CTX_cleanup(&cypherContext);
return isDecrypted;
}
在你的 toOutputFile() 函数中,你添加了一个 \n 到你的文件,但是在 main() 中你没有散列文件,但是 output .
这意味着,您的 decrypted.bin 有一个额外的 \n,它在您的 output 中不存在,这就是为什么在对文件进行哈希处理时,哈希值将与您的不同使用该程序创建。