func testCertificates(ch <-chan []byte, wg *sync.WaitGroup) { var h detectcoll.Hash if *md5 { h = detectcoll.NewMD5() } else { if *thorough { h = detectcoll.NewSHA1Thorough() } else { h = detectcoll.NewSHA1() } } for blob := range ch { cert, err := x509.ParseCertificate(blob) if err != nil { // log.Printf("Error in cert %v: %s", err, base64.StdEncoding.EncodeToString(blob)) continue } h.Write(cert.RawTBSCertificate) if sum, ok := h.DetectSum(nil); !ok { log.Printf("Certificate has possible collision (hash=%x)", sum) log.Print(base64.StdEncoding.EncodeToString(blob)) } h.Reset() } wg.Done() }
func checkForCollisions(fd io.Reader, filename string) bool { if !*md5 && !*sha1 { log.Fatal("No hash functions selected - please use -sha1 and/or -md5") } var md5h, sha1h detectcoll.Hash var err error if *md5 { md5h = detectcoll.NewMD5() } if *sha1 { if *thorough { sha1h = detectcoll.NewSHA1Thorough() } else { sha1h = detectcoll.NewSHA1() } } switch { case *md5 && *sha1: _, err = io.Copy(sha1h, io.TeeReader(fd, md5h)) case *md5: _, err = io.Copy(md5h, fd) case *sha1: _, err = io.Copy(sha1h, fd) } if err != nil { log.Fatalf("Unable to read file %s: %v", filename, err) } var ret bool = true if *md5 { sum, ok := md5h.DetectSum(nil) fmt.Printf("md5(%s): %x\n", filename, sum) if !ok { log.Printf("MD5 Collision detected in %s!", filename) } ret = ret && ok } if *sha1 { sum, ok := sha1h.DetectSum(nil) fmt.Printf("sha1(%s): %x\n", filename, sum) if !ok { log.Printf("SHA-1 Collision detected in %s!", filename) } ret = ret && ok } return ret }
func New() hash.Hash { return detectcoll.NewSHA1() }