Beispiel #1
0
func testCertificates(ch <-chan []byte, wg *sync.WaitGroup) {
	var h detectcoll.Hash

	if *md5 {
		h = detectcoll.NewMD5()
	} else {
		if *thorough {
			h = detectcoll.NewSHA1Thorough()
		} else {
			h = detectcoll.NewSHA1()
		}
	}

	for blob := range ch {
		cert, err := x509.ParseCertificate(blob)
		if err != nil {
			// log.Printf("Error in cert %v: %s", err, base64.StdEncoding.EncodeToString(blob))
			continue
		}
		h.Write(cert.RawTBSCertificate)
		if sum, ok := h.DetectSum(nil); !ok {
			log.Printf("Certificate has possible collision (hash=%x)", sum)
			log.Print(base64.StdEncoding.EncodeToString(blob))
		}
		h.Reset()
	}
	wg.Done()
}
Beispiel #2
0
func checkForCollisions(fd io.Reader, filename string) bool {

	if !*md5 && !*sha1 {
		log.Fatal("No hash functions selected - please use -sha1 and/or -md5")
	}

	var md5h, sha1h detectcoll.Hash
	var err error

	if *md5 {
		md5h = detectcoll.NewMD5()
	}
	if *sha1 {
		if *thorough {
			sha1h = detectcoll.NewSHA1Thorough()
		} else {
			sha1h = detectcoll.NewSHA1()
		}
	}

	switch {
	case *md5 && *sha1:
		_, err = io.Copy(sha1h, io.TeeReader(fd, md5h))
	case *md5:
		_, err = io.Copy(md5h, fd)
	case *sha1:
		_, err = io.Copy(sha1h, fd)
	}

	if err != nil {
		log.Fatalf("Unable to read file %s: %v", filename, err)
	}

	var ret bool = true

	if *md5 {
		sum, ok := md5h.DetectSum(nil)
		fmt.Printf("md5(%s): %x\n", filename, sum)
		if !ok {
			log.Printf("MD5 Collision detected in %s!", filename)
		}
		ret = ret && ok
	}

	if *sha1 {
		sum, ok := sha1h.DetectSum(nil)
		fmt.Printf("sha1(%s): %x\n", filename, sum)
		if !ok {
			log.Printf("SHA-1 Collision detected in %s!", filename)
		}
		ret = ret && ok
	}

	return ret
}
Beispiel #3
0
func New() hash.Hash {
	return detectcoll.NewMD5()
}