├── .gitignore ├── .gitmodules ├── README.md ├── Release └── shepherd.exe ├── evilize ├── AUTHORS ├── COPYING ├── ChangeLog ├── MBSD-LICENSE ├── Makefile ├── README ├── crib.h ├── evilize.c ├── evilize.exe ├── md5.c ├── md5.h ├── md5coll.c ├── md5coll_lib.c └── md5coll_lib.h ├── fastcoll └── _PUT_FASTCOLL_HERE_ ├── msgbox.raw ├── results └── RESULTS.md ├── sheep.opensdf ├── sheep.sdf ├── sheep.sln ├── sheep.v11.suo ├── sheep ├── ReadMe.txt ├── common.h ├── crc.cpp ├── crc.h ├── rc4.cpp ├── rc4.h ├── sheep.cpp ├── sheep.vcxproj ├── sheep.vcxproj.filters ├── stdafx.cpp ├── stdafx.h └── targetver.h ├── shepherd.bat ├── shepherd ├── ReadMe.txt ├── shepherd.cpp ├── shepherd.vcxproj ├── shepherd.vcxproj.filters ├── stdafx.cpp ├── stdafx.h └── targetver.h ├── testing_methodology.dia └── testing_methodology.png /.gitignore: -------------------------------------------------------------------------------- 1 | # Generated shellcode 2 | sheep/sc.h 3 | 4 | # Compiled Object files 5 | *.slo 6 | *.lo 7 | *.o 8 | *.obj 9 | 10 | # Precompiled Headers 11 | *.gch 12 | *.pch 13 | 14 | # Compiled Dynamic libraries 15 | *.so 16 | *.dylib 17 | *.dll 18 | 19 | # Fortran module files 20 | *.mod 21 | 22 | # Compiled Static libraries 23 | *.lai 24 | *.la 25 | *.a 26 | *.lib 27 | 28 | # Executables 29 | *.exe 30 | *.out 31 | *.app 32 | ## Ignore Visual Studio temporary files, build results, and 33 | ## files generated by popular Visual Studio add-ons. 34 | 35 | # User-specific files 36 | *.suo 37 | *.user 38 | *.userosscache 39 | *.sln.docstates 40 | 41 | # User-specific files (MonoDevelop/Xamarin Studio) 42 | *.userprefs 43 | 44 | # Build results 45 | [Dd]ebug/ 46 | [Dd]ebugPublic/ 47 | [Rr]elease/ 48 | [Rr]eleases/ 49 | x64/ 50 | x86/ 51 | build/ 52 | bld/ 53 | [Bb]in/ 54 | [Oo]bj/ 55 | 56 | # Visual Studo 2015 cache/options directory 57 | .vs/ 58 | 59 | # MSTest test Results 60 | [Tt]est[Rr]esult*/ 61 | [Bb]uild[Ll]og.* 62 | 63 | # NUNIT 64 | *.VisualState.xml 65 | TestResult.xml 66 | 67 | # Build Results of an ATL Project 68 | [Dd]ebugPS/ 69 | [Rr]eleasePS/ 70 | dlldata.c 71 | 72 | # DNX 73 | project.lock.json 74 | artifacts/ 75 | 76 | *_i.c 77 | *_p.c 78 | *_i.h 79 | *.ilk 80 | *.meta 81 | *.obj 82 | *.pch 83 | *.pdb 84 | *.pgc 85 | *.pgd 86 | *.rsp 87 | *.sbr 88 | *.tlb 89 | *.tli 90 | *.tlh 91 | *.tmp 92 | *.tmp_proj 93 | *.log 94 | *.vspscc 95 | *.vssscc 96 | .builds 97 | *.pidb 98 | *.svclog 99 | *.scc 100 | 101 | # Chutzpah Test files 102 | _Chutzpah* 103 | 104 | # Visual C++ cache files 105 | ipch/ 106 | *.aps 107 | *.ncb 108 | *.opensdf 109 | *.sdf 110 | *.cachefile 111 | 112 | # Visual Studio profiler 113 | *.psess 114 | *.vsp 115 | *.vspx 116 | 117 | # TFS 2012 Local Workspace 118 | $tf/ 119 | 120 | # Guidance Automation Toolkit 121 | *.gpState 122 | 123 | # ReSharper is a .NET coding add-in 124 | _ReSharper*/ 125 | *.[Rr]e[Ss]harper 126 | *.DotSettings.user 127 | 128 | # JustCode is a .NET coding addin-in 129 | .JustCode 130 | 131 | # TeamCity is a build add-in 132 | _TeamCity* 133 | 134 | # DotCover is a Code Coverage Tool 135 | *.dotCover 136 | 137 | # NCrunch 138 | _NCrunch_* 139 | .*crunch*.local.xml 140 | 141 | # MightyMoose 142 | *.mm.* 143 | AutoTest.Net/ 144 | 145 | # Web workbench (sass) 146 | .sass-cache/ 147 | 148 | # Installshield output folder 149 | [Ee]xpress/ 150 | 151 | # DocProject is a documentation generator add-in 152 | DocProject/buildhelp/ 153 | DocProject/Help/*.HxT 154 | DocProject/Help/*.HxC 155 | DocProject/Help/*.hhc 156 | DocProject/Help/*.hhk 157 | DocProject/Help/*.hhp 158 | DocProject/Help/Html2 159 | DocProject/Help/html 160 | 161 | # Click-Once directory 162 | publish/ 163 | 164 | # Publish Web Output 165 | *.[Pp]ublish.xml 166 | *.azurePubxml 167 | # TODO: Comment the next line if you want to checkin your web deploy settings 168 | # but database connection strings (with potential passwords) will be unencrypted 169 | *.pubxml 170 | *.publishproj 171 | 172 | # NuGet Packages 173 | *.nupkg 174 | # The packages folder can be ignored because of Package Restore 175 | **/packages/* 176 | # except build/, which is used as an MSBuild target. 177 | !**/packages/build/ 178 | # Uncomment if necessary however generally it will be regenerated when needed 179 | #!**/packages/repositories.config 180 | 181 | # Windows Azure Build Output 182 | csx/ 183 | *.build.csdef 184 | 185 | # Windows Store app package directory 186 | AppPackages/ 187 | 188 | # Visual Studio cache files 189 | # files ending in .cache can be ignored 190 | *.[Cc]ache 191 | # but keep track of directories ending in .cache 192 | !*.[Cc]ache/ 193 | 194 | # Others 195 | ClientBin/ 196 | [Ss]tyle[Cc]op.* 197 | ~$* 198 | *~ 199 | *.dbmdl 200 | *.dbproj.schemaview 201 | *.pfx 202 | *.publishsettings 203 | node_modules/ 204 | bower_components/ 205 | 206 | # RIA/Silverlight projects 207 | Generated_Code/ 208 | 209 | # Backup & report files from converting an old project file 210 | # to a newer Visual Studio version. Backup files are not needed, 211 | # because we have git ;-) 212 | _UpgradeReport_Files/ 213 | Backup*/ 214 | UpgradeLog*.XML 215 | UpgradeLog*.htm 216 | 217 | # SQL Server files 218 | *.mdf 219 | *.ldf 220 | 221 | # Business Intelligence projects 222 | *.rdl.data 223 | *.bim.layout 224 | *.bim_*.settings 225 | 226 | # Microsoft Fakes 227 | FakesAssemblies/ 228 | 229 | # Node.js Tools for Visual Studio 230 | .ntvs_analysis.dat 231 | 232 | # Visual Studio 6 build log 233 | *.plg 234 | 235 | # Visual Studio 6 workspace options file 236 | *.opt 237 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/.gitmodules -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Wolves Among the Sheep 2 | ====================== 3 | 4 | Some security tools still stick to MD5 when identifying malware samples years after practical collisions were shown against the algorithm. This can be [exploited](http://blog.silentsignal.eu/2015/06/10/poisonous-md5-wolves-among-the-sheep/) by first showing these tools a harmless sample (Sheep) and then a malicious one (Wolf) that have the same MD5 hash. Please use this code to test if the security products in your reach use MD5 internally to fingerprint binaries and share your results by issuing a pull request updating the contents of `results/`! 5 | 6 | Works-on-a-different-machine-than-mine version, feedback is welcome! 7 | 8 | Dependencies 9 | ------------ 10 | 11 | * 32-bit Windows (virtual) machine (64-bit breaks stuff) 12 | * Visual Studio 2012 to compile the projects (Express will do) 13 | * [Fastcoll](https://www.win.tue.nl/hashclash/) for collisions 14 | * Optional: Cygwin+MinGW to compile Evilize 15 | 16 | Usage 17 | ----- 18 | 19 | Extract Fastcoll to the `fastcoll` directory. Name the executable `fastcoll.exe` 20 | 21 | Use `shepherd.bat` to generate `wolf.exe` and `sheep.exe` (in the VS Development Command Prompt): 22 | 23 | ``` 24 | > shepherd.bat YOURPASSWORD your_shellcode.raw 25 | ``` 26 | 27 | After this step you should have your two colliding binaries (`sheep.exe` and `wolf.exe` in the `evilize` directory). 28 | 29 | For more information see the [tutorial of Peter Selinger](http://www.mathstat.dal.ca/~selinger/md5collision/), older revisions of this document or the source code... 30 | 31 | How does it work? 32 | ----------------- 33 | 34 | * `shepherd.bat` executes `shepherd.exe` with the user supplied command line arguments 35 | * `shepher.exe` generates a header file (`sc.h`) that contains the encrypted shellcode, the password and the CRC of the plain shellcode 36 | * `shepherd.bat` executes the build process of `sheep.exe` 37 | * `sheep.exe` is built with `sc.h`included by Visual Studio 38 | * `shepherd.bat` executes `evilize.exe` 39 | * `evilize.exe` calculates a special IV for the chunk of `sheep.exe` right before the block where the collision will happen 40 | * `evilize.exe` executes `fastcoll.exe` with the IV as a parameter 41 | * `fastcoll.exe` generates two 128 byte colliding blocks: `a` and `b` 42 | * `evilize.exe` replaces the original string buffers of `sheep.exe` so that they contain combinations `a` and `b` 43 | * The resulting files (`evilize/wolf.exe` and `evilize/sheep.exe` ) have the same MD5 hashes but behave differently. The real code to be executed only appears in the memory of `evilize/wolf.exe`. 44 | 45 | Testing Methodology 46 | ------------------- 47 | 48 | To test the security products in your reach you should generate two pairs of samples (SHEEP1-WOLF1 and SHEEP2-WOLF2), preferably with the same payload. Since samples (or their fingerprints) are usually uploaded to central repositories (or "the cloud") precompiled samples are not included to avoid conflicts between independent testers. 49 | 50 | After the samples are ready follow the methodology shown on the diagram below: 51 | 52 | ![Testing Methodology](testing_methodology.png "Testing Methodology") 53 | 54 | (\*) If the product is not able to detect the first malicious sample, there are more serious problems to worry about than crypto-fu. In fact, the simple cryptography included in the provided boilerplate code poses as a hard challenge for various products... Try to use more obvious samples! 55 | 56 | (\*\*) The product most probably uses some trivial method to detect the boilerplate insted of the actual payload. You can try to introduce simple changes to the code like removing debug strings. 57 | 58 | Please don't forget to share your positive results by issuing a pull request to the [RESULTS.md](https://github.com/silentsignal/sheep-wolf/blob/master/results/RESULTS.md) file! 59 | 60 | References 61 | ---------- 62 | 63 | * [Poisonous MD5 - Wolves Among the Sheep](http://blog.silentsignal.eu/2015/06/10/poisonous-md5-wolves-among-the-sheep/) 64 | * [Peter Selinger: MD5 Collision Demo](http://www.mathstat.dal.ca/~selinger/md5collision/) 65 | * [How to make two binaries with same MD5](http://natmchugh.blogspot.co.uk/2015/05/how-to-make-two-binaries-with-same-md5.html) 66 | * [Stop using MD5 now!](http://jumpespjump.blogspot.hu/2014/03/stop-using-md-5-now.html) 67 | 68 | LICENSE 69 | ------- 70 | 71 | Licenced under GNU/GPL if not otherwise stated. 72 | 73 | -------------------------------------------------------------------------------- /Release/shepherd.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/Release/shepherd.exe -------------------------------------------------------------------------------- /evilize/AUTHORS: -------------------------------------------------------------------------------- 1 | Known contributors are listed here, in alphabetical order by their 2 | abbreviations (which are used in Changelog). 3 | 4 | PS1 Peter Selinger (author) 5 | VPB1 Balint Varga-Perke (contributor) 6 | -------------------------------------------------------------------------------- /evilize/COPYING: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 2, June 1991 3 | 4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc. 5 | 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 6 | Everyone is permitted to copy and distribute verbatim copies 7 | of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The licenses for most software are designed to take away your 12 | freedom to share and change it. By contrast, the GNU General Public 13 | License is intended to guarantee your freedom to share and change free 14 | software--to make sure the software is free for all its users. This 15 | General Public License applies to most of the Free Software 16 | Foundation's software and to any other program whose authors commit to 17 | using it. (Some other Free Software Foundation software is covered by 18 | the GNU Library General Public License instead.) You can apply it to 19 | your programs, too. 20 | 21 | When we speak of free software, we are referring to freedom, not 22 | price. Our General Public Licenses are designed to make sure that you 23 | have the freedom to distribute copies of free software (and charge for 24 | this service if you wish), that you receive source code or can get it 25 | if you want it, that you can change the software or use pieces of it 26 | in new free programs; and that you know you can do these things. 27 | 28 | To protect your rights, we need to make restrictions that forbid 29 | anyone to deny you these rights or to ask you to surrender the rights. 30 | These restrictions translate to certain responsibilities for you if you 31 | distribute copies of the software, or if you modify it. 32 | 33 | For example, if you distribute copies of such a program, whether 34 | gratis or for a fee, you must give the recipients all the rights that 35 | you have. You must make sure that they, too, receive or can get the 36 | source code. And you must show them these terms so they know their 37 | rights. 38 | 39 | We protect your rights with two steps: (1) copyright the software, and 40 | (2) offer you this license which gives you legal permission to copy, 41 | distribute and/or modify the software. 42 | 43 | Also, for each author's protection and ours, we want to make certain 44 | that everyone understands that there is no warranty for this free 45 | software. If the software is modified by someone else and passed on, we 46 | want its recipients to know that what they have is not the original, so 47 | that any problems introduced by others will not reflect on the original 48 | authors' reputations. 49 | 50 | Finally, any free program is threatened constantly by software 51 | patents. We wish to avoid the danger that redistributors of a free 52 | program will individually obtain patent licenses, in effect making the 53 | program proprietary. To prevent this, we have made it clear that any 54 | patent must be licensed for everyone's free use or not licensed at all. 55 | 56 | The precise terms and conditions for copying, distribution and 57 | modification follow. 58 | 59 | GNU GENERAL PUBLIC LICENSE 60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 61 | 62 | 0. This License applies to any program or other work which contains 63 | a notice placed by the copyright holder saying it may be distributed 64 | under the terms of this General Public License. The "Program", below, 65 | refers to any such program or work, and a "work based on the Program" 66 | means either the Program or any derivative work under copyright law: 67 | that is to say, a work containing the Program or a portion of it, 68 | either verbatim or with modifications and/or translated into another 69 | language. (Hereinafter, translation is included without limitation in 70 | the term "modification".) Each licensee is addressed as "you". 71 | 72 | Activities other than copying, distribution and modification are not 73 | covered by this License; they are outside its scope. The act of 74 | running the Program is not restricted, and the output from the Program 75 | is covered only if its contents constitute a work based on the 76 | Program (independent of having been made by running the Program). 77 | Whether that is true depends on what the Program does. 78 | 79 | 1. You may copy and distribute verbatim copies of the Program's 80 | source code as you receive it, in any medium, provided that you 81 | conspicuously and appropriately publish on each copy an appropriate 82 | copyright notice and disclaimer of warranty; keep intact all the 83 | notices that refer to this License and to the absence of any warranty; 84 | and give any other recipients of the Program a copy of this License 85 | along with the Program. 86 | 87 | You may charge a fee for the physical act of transferring a copy, and 88 | you may at your option offer warranty protection in exchange for a fee. 89 | 90 | 2. You may modify your copy or copies of the Program or any portion 91 | of it, thus forming a work based on the Program, and copy and 92 | distribute such modifications or work under the terms of Section 1 93 | above, provided that you also meet all of these conditions: 94 | 95 | a) You must cause the modified files to carry prominent notices 96 | stating that you changed the files and the date of any change. 97 | 98 | b) You must cause any work that you distribute or publish, that in 99 | whole or in part contains or is derived from the Program or any 100 | part thereof, to be licensed as a whole at no charge to all third 101 | parties under the terms of this License. 102 | 103 | c) If the modified program normally reads commands interactively 104 | when run, you must cause it, when started running for such 105 | interactive use in the most ordinary way, to print or display an 106 | announcement including an appropriate copyright notice and a 107 | notice that there is no warranty (or else, saying that you provide 108 | a warranty) and that users may redistribute the program under 109 | these conditions, and telling the user how to view a copy of this 110 | License. (Exception: if the Program itself is interactive but 111 | does not normally print such an announcement, your work based on 112 | the Program is not required to print an announcement.) 113 | 114 | These requirements apply to the modified work as a whole. If 115 | identifiable sections of that work are not derived from the Program, 116 | and can be reasonably considered independent and separate works in 117 | themselves, then this License, and its terms, do not apply to those 118 | sections when you distribute them as separate works. But when you 119 | distribute the same sections as part of a whole which is a work based 120 | on the Program, the distribution of the whole must be on the terms of 121 | this License, whose permissions for other licensees extend to the 122 | entire whole, and thus to each and every part regardless of who wrote it. 123 | 124 | Thus, it is not the intent of this section to claim rights or contest 125 | your rights to work written entirely by you; rather, the intent is to 126 | exercise the right to control the distribution of derivative or 127 | collective works based on the Program. 128 | 129 | In addition, mere aggregation of another work not based on the Program 130 | with the Program (or with a work based on the Program) on a volume of 131 | a storage or distribution medium does not bring the other work under 132 | the scope of this License. 133 | 134 | 3. You may copy and distribute the Program (or a work based on it, 135 | under Section 2) in object code or executable form under the terms of 136 | Sections 1 and 2 above provided that you also do one of the following: 137 | 138 | a) Accompany it with the complete corresponding machine-readable 139 | source code, which must be distributed under the terms of Sections 140 | 1 and 2 above on a medium customarily used for software interchange; or, 141 | 142 | b) Accompany it with a written offer, valid for at least three 143 | years, to give any third party, for a charge no more than your 144 | cost of physically performing source distribution, a complete 145 | machine-readable copy of the corresponding source code, to be 146 | distributed under the terms of Sections 1 and 2 above on a medium 147 | customarily used for software interchange; or, 148 | 149 | c) Accompany it with the information you received as to the offer 150 | to distribute corresponding source code. (This alternative is 151 | allowed only for noncommercial distribution and only if you 152 | received the program in object code or executable form with such 153 | an offer, in accord with Subsection b above.) 154 | 155 | The source code for a work means the preferred form of the work for 156 | making modifications to it. For an executable work, complete source 157 | code means all the source code for all modules it contains, plus any 158 | associated interface definition files, plus the scripts used to 159 | control compilation and installation of the executable. However, as a 160 | special exception, the source code distributed need not include 161 | anything that is normally distributed (in either source or binary 162 | form) with the major components (compiler, kernel, and so on) of the 163 | operating system on which the executable runs, unless that component 164 | itself accompanies the executable. 165 | 166 | If distribution of executable or object code is made by offering 167 | access to copy from a designated place, then offering equivalent 168 | access to copy the source code from the same place counts as 169 | distribution of the source code, even though third parties are not 170 | compelled to copy the source along with the object code. 171 | 172 | 4. You may not copy, modify, sublicense, or distribute the Program 173 | except as expressly provided under this License. Any attempt 174 | otherwise to copy, modify, sublicense or distribute the Program is 175 | void, and will automatically terminate your rights under this License. 176 | However, parties who have received copies, or rights, from you under 177 | this License will not have their licenses terminated so long as such 178 | parties remain in full compliance. 179 | 180 | 5. You are not required to accept this License, since you have not 181 | signed it. However, nothing else grants you permission to modify or 182 | distribute the Program or its derivative works. These actions are 183 | prohibited by law if you do not accept this License. Therefore, by 184 | modifying or distributing the Program (or any work based on the 185 | Program), you indicate your acceptance of this License to do so, and 186 | all its terms and conditions for copying, distributing or modifying 187 | the Program or works based on it. 188 | 189 | 6. Each time you redistribute the Program (or any work based on the 190 | Program), the recipient automatically receives a license from the 191 | original licensor to copy, distribute or modify the Program subject to 192 | these terms and conditions. You may not impose any further 193 | restrictions on the recipients' exercise of the rights granted herein. 194 | You are not responsible for enforcing compliance by third parties to 195 | this License. 196 | 197 | 7. If, as a consequence of a court judgment or allegation of patent 198 | infringement or for any other reason (not limited to patent issues), 199 | conditions are imposed on you (whether by court order, agreement or 200 | otherwise) that contradict the conditions of this License, they do not 201 | excuse you from the conditions of this License. If you cannot 202 | distribute so as to satisfy simultaneously your obligations under this 203 | License and any other pertinent obligations, then as a consequence you 204 | may not distribute the Program at all. For example, if a patent 205 | license would not permit royalty-free redistribution of the Program by 206 | all those who receive copies directly or indirectly through you, then 207 | the only way you could satisfy both it and this License would be to 208 | refrain entirely from distribution of the Program. 209 | 210 | If any portion of this section is held invalid or unenforceable under 211 | any particular circumstance, the balance of the section is intended to 212 | apply and the section as a whole is intended to apply in other 213 | circumstances. 214 | 215 | It is not the purpose of this section to induce you to infringe any 216 | patents or other property right claims or to contest validity of any 217 | such claims; this section has the sole purpose of protecting the 218 | integrity of the free software distribution system, which is 219 | implemented by public license practices. Many people have made 220 | generous contributions to the wide range of software distributed 221 | through that system in reliance on consistent application of that 222 | system; it is up to the author/donor to decide if he or she is willing 223 | to distribute software through any other system and a licensee cannot 224 | impose that choice. 225 | 226 | This section is intended to make thoroughly clear what is believed to 227 | be a consequence of the rest of this License. 228 | 229 | 8. If the distribution and/or use of the Program is restricted in 230 | certain countries either by patents or by copyrighted interfaces, the 231 | original copyright holder who places the Program under this License 232 | may add an explicit geographical distribution limitation excluding 233 | those countries, so that distribution is permitted only in or among 234 | countries not thus excluded. In such case, this License incorporates 235 | the limitation as if written in the body of this License. 236 | 237 | 9. The Free Software Foundation may publish revised and/or new versions 238 | of the General Public License from time to time. Such new versions will 239 | be similar in spirit to the present version, but may differ in detail to 240 | address new problems or concerns. 241 | 242 | Each version is given a distinguishing version number. If the Program 243 | specifies a version number of this License which applies to it and "any 244 | later version", you have the option of following the terms and conditions 245 | either of that version or of any later version published by the Free 246 | Software Foundation. If the Program does not specify a version number of 247 | this License, you may choose any version ever published by the Free Software 248 | Foundation. 249 | 250 | 10. If you wish to incorporate parts of the Program into other free 251 | programs whose distribution conditions are different, write to the author 252 | to ask for permission. For software which is copyrighted by the Free 253 | Software Foundation, write to the Free Software Foundation; we sometimes 254 | make exceptions for this. Our decision will be guided by the two goals 255 | of preserving the free status of all derivatives of our free software and 256 | of promoting the sharing and reuse of software generally. 257 | 258 | NO WARRANTY 259 | 260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 268 | REPAIR OR CORRECTION. 269 | 270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 278 | POSSIBILITY OF SUCH DAMAGES. 279 | 280 | END OF TERMS AND CONDITIONS 281 | 282 | How to Apply These Terms to Your New Programs 283 | 284 | If you develop a new program, and you want it to be of the greatest 285 | possible use to the public, the best way to achieve this is to make it 286 | free software which everyone can redistribute and change under these terms. 287 | 288 | To do so, attach the following notices to the program. It is safest 289 | to attach them to the start of each source file to most effectively 290 | convey the exclusion of warranty; and each file should have at least 291 | the "copyright" line and a pointer to where the full notice is found. 292 | 293 | 294 | Copyright (C) 295 | 296 | This program is free software; you can redistribute it and/or modify 297 | it under the terms of the GNU General Public License as published by 298 | the Free Software Foundation; either version 2 of the License, or 299 | (at your option) any later version. 300 | 301 | This program is distributed in the hope that it will be useful, 302 | but WITHOUT ANY WARRANTY; without even the implied warranty of 303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 304 | GNU General Public License for more details. 305 | 306 | You should have received a copy of the GNU General Public License 307 | along with this program; if not, write to the Free Software 308 | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 309 | 310 | 311 | Also add information on how to contact you by electronic and paper mail. 312 | 313 | If the program is interactive, make it output a short notice like this 314 | when it starts in an interactive mode: 315 | 316 | Gnomovision version 69, Copyright (C) year name of author 317 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 318 | This is free software, and you are welcome to redistribute it 319 | under certain conditions; type `show c' for details. 320 | 321 | The hypothetical commands `show w' and `show c' should show the appropriate 322 | parts of the General Public License. Of course, the commands you use may 323 | be called something other than `show w' and `show c'; they could even be 324 | mouse-clicks or menu items--whatever suits your program. 325 | 326 | You should also get your employer (if you work as a programmer) or your 327 | school, if any, to sign a "copyright disclaimer" for the program, if 328 | necessary. Here is a sample; alter the names: 329 | 330 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 331 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 332 | 333 | , 1 April 1989 334 | Ty Coon, President of Vice 335 | 336 | This General Public License does not permit incorporating your program into 337 | proprietary programs. If your program is a subroutine library, you may 338 | consider it more useful to permit linking proprietary applications with the 339 | library. If this is what you want to do, use the GNU Library General 340 | Public License instead of this License. 341 | -------------------------------------------------------------------------------- /evilize/ChangeLog: -------------------------------------------------------------------------------- 1 | ChangeLog 2 | 3 | v0.2p 2015/06/06 4 | (2015/06/06) VPB1 - Stripped down version to demonstate MD5 Poisoning 5 | 6 | v0.2 2011/10/11 7 | (2011/10/11) PS1 - fixed compiler over-optimization bug ("no crib 8 | found"). Reported by Borja Burgos. 9 | 10 | v0.1 2006/02/18 11 | Initial public release 12 | 13 | -------------------------------------------------------------------------------- /evilize/MBSD-LICENSE: -------------------------------------------------------------------------------- 1 | Modified BSD License 2 | 3 | Copyright (C) 2005 Patrick Stach 4 | 5 | Redistribution and use in source and binary forms, with or without 6 | modification, are permitted provided that the following conditions are 7 | met: 8 | 9 | 1. Redistributions of source code must retain the above copyright 10 | notice, this list of conditions and the following disclaimer. 11 | 2. Redistributions in binary form must reproduce the above copyright 12 | notice, this list of conditions and the following disclaimer in the 13 | documentation and/or other materials provided with the distribution. 14 | 3. The name of the author may not be used to endorse or promote 15 | products derived from this software without specific prior written 16 | permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 | IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 20 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 22 | INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 23 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 | HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 26 | STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 27 | IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 | POSSIBILITY OF SUCH DAMAGE. 29 | -------------------------------------------------------------------------------- /evilize/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2006 Peter Selinger. This file is distributed under 2 | # the terms of the GNU General Public License. See the file COPYING 3 | # for details. 4 | 5 | CC=i686-pc-mingw32-gcc 6 | CFLAGS=-O3 -Wall -DSTDC_HEADERS -g -DMD5COLL_VERSION=\"${MD5COLL_VERSION}\" -DVERSION=\"${VERSION}\" 7 | 8 | PACKAGE=evilize 9 | VERSION=0.2p 10 | MD5COLL_VERSION=0.1s 11 | 12 | TOOLS=evilize md5coll 13 | 14 | 15 | tools: ${TOOLS} 16 | examples: ${EXAMPLES} 17 | 18 | evilize: evilize.o md5.o md5coll_lib.o 19 | md5coll: md5coll.o md5coll_lib.o 20 | 21 | # ---------------------------------------------------------------------- 22 | # Distribution 23 | 24 | DISTFILES=evilize.c md5coll.c md5coll_lib.c md5coll_lib.h crib.h md5.h \ 25 | md5.c Makefile COPYING MBSD-LICENSE README ChangeLog AUTHORS 26 | 27 | dist: ${DISTFILES} 28 | rm -rf ${PACKAGE}-${VERSION} 29 | mkdir ${PACKAGE}-${VERSION} 30 | cp ${DISTFILES} ${PACKAGE}-${VERSION} 31 | tar zcf ${PACKAGE}-${VERSION}.tar.gz ${PACKAGE}-${VERSION} 32 | 33 | #---------------------------------------------------------------------- 34 | clean: 35 | rm -f *.o 36 | 37 | cleanall: clean 38 | rm -f ${TOOLS} 39 | 40 | #---------------------------------------------------------------------- 41 | # The following dependencies were generated with 42 | # makedepend -DHAVE_CONFIG_H -I.. -f- -Y *.c 43 | 44 | # DO NOT DELETE 45 | 46 | evilize.o: md5.h md5coll_lib.h crib.h 47 | md5.o: md5.h 48 | md5coll.o: md5coll_lib.h 49 | md5coll_lib.o: md5coll_lib.h 50 | -------------------------------------------------------------------------------- /evilize/README: -------------------------------------------------------------------------------- 1 | Evilize: create pairs of executable files with the same MD5 hash 2 | ---------------------------------------------------------------- 3 | 4 | Copyright (C) 2006 Peter Selinger. This file is distributed under 5 | the terms of the GNU General Public License. See the file COPYING 6 | for details. 7 | 8 | Quick Instructions. 9 | ------------------- 10 | 11 | Note for Windows users: the below instructions are for Unix/Linux. On 12 | Windows, you may have to append ".exe" to the names of executable 13 | files. Also, to use "make", you must have the GNU tools installed and 14 | working. 15 | 16 | 1. Unpack the archive and build the library and tools: 17 | 18 | tar zxf evilize-0.1.tar.gz 19 | cd evilize-0.1 20 | make 21 | 22 | This creates the programs "evilize", "md5coll", and the object file 23 | "goodevil.o". 24 | 25 | 2. Create a C program with multiple behaviors. Instead of the usual 26 | top-level function main(), write two separate top-level functions 27 | main_good() and main_evil(). See the file hello-erase.c for a 28 | simple example. 29 | 30 | 3. Compile your program and link against goodevil.o. For example: 31 | 32 | gcc hello-erase.c goodevil.o -o hello-erase 33 | 34 | 4. Run the following command to create an initialization vector: 35 | 36 | ./evilize hello-erase -i 37 | 38 | 5. Create an MD5 collision by running the following command (but 39 | replace the vector on the command line with the one you found in 40 | step 4): 41 | 42 | ./md5coll 0x23d3e487 0x3e3ea619 0xc7bdd6fa 0x2d0271e7 > init.txt 43 | 44 | Note: this step can take several hours. 45 | 46 | 6. Create a pair of good and evil programs by running: 47 | 48 | ./evilize hello-erase -c init.txt -g good -e evil 49 | 50 | Here "good" and "evil" are the names of the two programs generated, 51 | and "hello-erase" is the name of the program you created in step 52 | 3. 53 | 54 | NOTE: steps 4-6 can also be done in a single step, as follows: 55 | 56 | ./evilize hello-erase -g good -e evil 57 | 58 | However, I prefer to do the steps separately, since step 5 takes so 59 | long. 60 | 61 | 7. Check the MD5 checksums of the files "good" and "evil"; they should 62 | be the same. 63 | 64 | 8. Run the programs "good" and "evil" - they should exhibit the two 65 | different behaviors that you programmed in step 2. 66 | 67 | How does it work? 68 | ----------------- 69 | 70 | For an explanation, see http://www.mathstat.dal.ca/~selinger/md5collision/ 71 | 72 | Credits. 73 | -------- 74 | 75 | The md5coll tool was written by Patrick Stach , 76 | based on a paper by Xiaoyun Wang et al. The version distributed with 77 | this file was modified by Peter Selinger. It is distributed under a 78 | Modified BSD License, see MBSD-LICENSE for details. 79 | 80 | The evilize tool was written by Peter Selinger, and uses third-party 81 | code by Patrick Stach and others. It is distributed under the GNU 82 | General Public License, see the file COPYING for details. 83 | -------------------------------------------------------------------------------- /evilize/crib.h: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2006 Peter Selinger. This file is distributed under 2 | the terms of the GNU General Public License. See the file COPYING 3 | for details. */ 4 | 5 | /* This byte sequence is used as a placeholder in the compiled 6 | program. Any sufficiently random 191-character string will do */ 7 | 8 | #define CRIB "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" \ 9 | "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" \ 10 | "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" \ 11 | 12 | -------------------------------------------------------------------------------- /evilize/evilize.c: -------------------------------------------------------------------------------- 1 | /* Copyright (C) 2006 Peter Selinger. This file is distributed under 2 | the terms of the GNU General Public License. See the file COPYING 3 | for details. */ 4 | 5 | /* evilize.c: a program to create pairs of files with identical MD5 6 | hash, from a template. The template must contain two copies of a 7 | "crib" string defined in crib.h. The crib strings will be replaced, 8 | in two different ways, to create a "good" and an "evil" version of 9 | the file. In the "good" version, the two crib strings are replaced 10 | by the same data, in the "evil" version, they are replaced by 11 | different data. This is done in such a way that the "good" and 12 | "evil" files have the same MD5 hash. */ 13 | 14 | #include 15 | #include 16 | #include 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | 24 | #include "md5.h" 25 | #include "md5coll_lib.h" 26 | #include "crib.h" 27 | 28 | #define NAME "evilize" 29 | 30 | static char *crib = CRIB; 31 | 32 | #define LBUFSIZE 1024 33 | #define FASTCOLL_CMD "..\\\\fastcoll\\\\fastcoll.exe -i %08x%08x%08x%08x -o a b" 34 | 35 | int find_crib(FILE *fin){ 36 | char buf[64]; 37 | char last_buf[64]; 38 | int r; 39 | int i; 40 | 41 | while (1) { 42 | r = fread(buf, 1, 64, fin); 43 | if (r < 64) { 44 | return 1; 45 | } 46 | for (i=0; i<64; i+=8) { 47 | if (memcmp(buf+i, crib, 64-i) == 0) { 48 | return ftell(fin)-64+i; 49 | } 50 | } 51 | memcpy(last_buf,buf,64); 52 | } 53 | 54 | } 55 | 56 | /* find the initial vector required to evilize FILE, return it in 57 | IV. Returns 1 if crib was not found. */ 58 | static int find_iv(FILE *fin, unsigned int IV[4]) { 59 | struct md5_ctx ctx; 60 | char buf[64]; 61 | int r; 62 | int i; 63 | 64 | md5_init_ctx(&ctx); 65 | 66 | while (1) { 67 | r = fread(buf, 1, 64, fin); 68 | if (r < 64) { 69 | return 1; 70 | } 71 | for (i=0; i<64; i++) { 72 | if (memcmp(buf, crib+i, 64) == 0) { 73 | goto crib_found; 74 | } 75 | } 76 | md5_process_block(buf, 64, &ctx); 77 | } 78 | crib_found: 79 | /* find md5 collision for the given ctx initial value */ 80 | 81 | IV[0] = ctx.A; 82 | IV[1] = ctx.B; 83 | IV[2] = ctx.C; 84 | IV[3] = ctx.D; 85 | 86 | return ftell(fin); 87 | } 88 | 89 | /* print usage information */ 90 | 91 | static void usage(FILE *fout) { 92 | fprintf(fout, "%s %s. Create a pair of files with the same MD5 hash, from a template.\n", NAME, VERSION); 93 | fprintf(fout, "Templates are generated by linking against goodevil.o.\n"); 94 | fprintf(fout, "\n"); 95 | fprintf(fout, "Usage: %s [options] infile\n", NAME); 96 | fprintf(fout, 97 | "Options:\n" 98 | " -h, --help print this help message and exit\n" 99 | " -V, --version print version info and exit\n" 100 | " -L, --license print license info and exit\n" 101 | " -- end of options, filename follows\n"); 102 | } 103 | 104 | /* print version and copyright information */ 105 | static void version(FILE *fout) { 106 | fprintf(fout, "%s %s. Create a pair of files with the same MD5 hash, from a template.\n", NAME, VERSION); 107 | fprintf(fout, "Copyright (C) 2006 Peter Selinger.\n"); 108 | fprintf(fout, "Collision generator: Copyright (C) 2005 Patrick Stach .\n"); 109 | fprintf(fout, "Implementation of paper by Xiaoyun Wang, et al.\n"); 110 | } 111 | 112 | static void license(FILE *fout) { 113 | fprintf(fout, "%s %s. Create a pair of files with the same MD5 hash, from a template.\n", NAME, VERSION); 114 | fprintf(fout, "Copyright (C) 2006 Peter Selinger.\n"); 115 | fprintf(fout, "Collision generator: Copyright (C) 2005 Patrick Stach .\n"); 116 | fprintf(fout, "Implementation of paper by Xiaoyun Wang, et al.\n"); 117 | fprintf(fout, "\n"); 118 | fprintf(fout, 119 | "This program is free software; you can redistribute it and/or modify\n" 120 | "it under the terms of the GNU General Public License as published by\n" 121 | "the Free Software Foundation; either version 2 of the License, or\n" 122 | "(at your option) any later version.\n" 123 | "\n" 124 | "This program is distributed in the hope that it will be useful,\n" 125 | "but WITHOUT ANY WARRANTY; without even the implied warranty of\n" 126 | "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n" 127 | "GNU General Public License for more details.\n" 128 | "\n" 129 | "You should have received a copy of the GNU General Public License\n" 130 | "along with this program; if not, write to the Free Software\n" 131 | "Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.\n" 132 | "\n" 133 | "Some parts of this code are distributed under a Modified BSD License;\n" 134 | "see the source code and the file MBSD-LICENSE for details.\n" 135 | ); 136 | } 137 | 138 | static struct option longopts[] = { 139 | {"help", 0, 0, 'h'}, 140 | {"version", 0, 0, 'V'}, 141 | {"license", 0, 0, 'L'}, 142 | {"iv", 0, 0, 'i'}, 143 | {0, 0, 0, 0} 144 | }; 145 | 146 | static char *shortopts = "hVLi"; 147 | 148 | uint32_t swap_uint32( uint32_t val ) 149 | { 150 | val = ((val << 8) & 0xFF00FF00 ) | ((val >> 8) & 0xFF00FF ); 151 | return (val << 16) | (val >> 16); 152 | } 153 | 154 | int main(int ac, char *av[]) { 155 | int r; 156 | unsigned int IV[4]; 157 | int c; 158 | int count; 159 | FILE *fin; 160 | FILE *fa; 161 | FILE *fb; 162 | FILE *fsheep; 163 | FILE *fwolf; 164 | int pos; 165 | int off; 166 | int i=0; 167 | unsigned char a[128]; 168 | unsigned char b[128]; 169 | unsigned char copybuf[192]; 170 | unsigned char ch; 171 | unsigned char ch_wolf,ch_sheep; 172 | char *cmd; 173 | 174 | /* command line options */ 175 | char *infile = NULL; 176 | 177 | while ((c = getopt_long(ac, av, shortopts, longopts, NULL)) != -1) { 178 | switch (c) { 179 | case 'h': 180 | usage(stdout); 181 | exit(0); 182 | break; 183 | case 'V': 184 | version(stdout); 185 | exit(0); 186 | break; 187 | case 'L': 188 | license(stdout); 189 | exit(0); 190 | break; 191 | case '?': 192 | fprintf(stderr, "Try --help for more information.\n"); 193 | exit(1); 194 | break; 195 | } 196 | } 197 | count = ac-optind; 198 | if (count < 1) { 199 | fprintf(stderr, "No filename given. Try --help for more information.\n"); 200 | exit(1); 201 | } else if (count > 1) { 202 | fprintf(stderr, "Too many filenames given. Try --help for more information.\n"); 203 | exit(1); 204 | } 205 | infile = av[optind]; 206 | 207 | fin = fopen(infile, "rb"); 208 | if (!fin) { 209 | fprintf(stderr, "%s: %s: %s\n", NAME, infile, strerror(errno)); 210 | exit(1); 211 | } 212 | 213 | r = find_iv(fin, IV); 214 | rewind(fin); 215 | pos=find_crib(fin); 216 | off=r-pos-64; 217 | printf("CRIB START: %d\n",pos); 218 | 219 | fclose(fin); 220 | 221 | if (pos == -1 || r == 1) { 222 | fprintf(stderr, "%s: %s: no crib found.\n", NAME, infile); 223 | exit(1); 224 | } 225 | 226 | fprintf(stdout, "%08x%08x%08x%08x\n", swap_uint32(IV[0]), swap_uint32(IV[1]), swap_uint32(IV[2]), swap_uint32(IV[3])); 227 | cmd=(char*)malloc(strlen(FASTCOLL_CMD)+16+1); 228 | sprintf(cmd,FASTCOLL_CMD,swap_uint32(IV[0]), swap_uint32(IV[1]), swap_uint32(IV[2]), swap_uint32(IV[3])); 229 | printf("%s\n",cmd); 230 | 231 | system(cmd); 232 | 233 | fa=fopen("a","rb"); 234 | fb=fopen("b","rb"); 235 | fread(a,128,1,fa); 236 | fread(b,128,1,fb); 237 | fclose(fa); 238 | fclose(fb); 239 | fin = fopen(infile, "rb"); 240 | fsheep = fopen("sheep.exe","wb"); 241 | fwolf = fopen("wolf.exe","wb"); 242 | printf("Copybuf start: %d end: %d \n",pos-16,pos+176); 243 | while(!feof(fin)){ 244 | ch=fgetc(fin); 245 | //printf("Difference start: %d end: %d \n",pos+16,pos+128+16); 246 | if (ftell(fin)>pos+off && ftell(fin)<=pos+128+off){ 247 | ch_sheep=a[ftell(fin)-(pos+off)-1]; 248 | ch_wolf=b[ftell(fin)-(pos+off)-1]; 249 | } 250 | else{ 251 | ch_wolf=ch; 252 | ch_sheep=ch; 253 | } 254 | 255 | if (ftell(fin)>pos && ftell(fin)<=pos+192){ 256 | copybuf[i++]=ch_wolf; 257 | } 258 | //printf("Copybuf start: %d end: %d \n",pos+200,pos+200+192); 259 | if (ftell(fin)>pos+200 && i>0){ 260 | ch_wolf=copybuf[192-i]; 261 | ch_sheep=copybuf[192-i]; 262 | i--; 263 | } 264 | fputc(ch_sheep,fsheep); 265 | fputc(ch_wolf,fwolf); 266 | } 267 | fclose(fwolf); 268 | fclose(fsheep); 269 | fclose(fin); 270 | return 0; 271 | } 272 | 273 | -------------------------------------------------------------------------------- /evilize/evilize.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/evilize/evilize.exe -------------------------------------------------------------------------------- /evilize/md5.c: -------------------------------------------------------------------------------- 1 | /* md5.c - Functions to compute MD5 message digest of files or memory blocks 2 | according to the definition of MD5 in RFC 1321 from April 1992. 3 | Copyright (C) 1995, 1996, 1997 Free Software Foundation, Inc. 4 | This file is part of the GNU C Library. 5 | 6 | The GNU C Library is free software; you can redistribute it and/or 7 | modify it under the terms of the GNU Library General Public License as 8 | published by the Free Software Foundation; either version 2 of the 9 | License, or (at your option) any later version. 10 | 11 | The GNU C Library is distributed in the hope that it will be useful, 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 | Library General Public License for more details. 15 | 16 | You should have received a copy of the GNU Library General Public 17 | License along with the GNU C Library; see the file COPYING.LIB. If not, 18 | write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, 19 | Boston, MA 02111-1307, USA. */ 20 | 21 | /* Written by Ulrich Drepper , 1995. */ 22 | 23 | #ifdef HAVE_CONFIG_H 24 | # include 25 | #endif 26 | 27 | #include 28 | 29 | #if STDC_HEADERS || defined _LIBC 30 | # include 31 | # include 32 | #else 33 | # ifndef HAVE_MEMCPY 34 | # define memcpy(d, s, n) bcopy ((s), (d), (n)) 35 | # endif 36 | #endif 37 | 38 | #include "md5.h" 39 | 40 | #ifdef _LIBC 41 | # include 42 | # if __BYTE_ORDER == __BIG_ENDIAN 43 | # define WORDS_BIGENDIAN 1 44 | # endif 45 | /* We need to keep the namespace clean so define the MD5 function 46 | protected using leading __ and use weak aliases. */ 47 | # define md5_init_ctx __md5_init_ctx 48 | # define md5_process_block __md5_process_block 49 | # define md5_process_bytes __md5_process_bytes 50 | # define md5_finish_ctx __md5_finish_ctx 51 | # define md5_read_ctx __md5_read_ctx 52 | # define md5_stream __md5_stream 53 | # define md5_buffer __md5_buffer 54 | #endif 55 | 56 | #ifdef WORDS_BIGENDIAN 57 | # define SWAP(n) \ 58 | (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) 59 | #else 60 | # define SWAP(n) (n) 61 | #endif 62 | 63 | 64 | /* This array contains the bytes used to pad the buffer to the next 65 | 64-byte boundary. (RFC 1321, 3.1: Step 1) */ 66 | static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; 67 | 68 | 69 | /* Initialize structure containing state of computation. 70 | (RFC 1321, 3.3: Step 3) */ 71 | void 72 | md5_init_ctx (ctx) 73 | struct md5_ctx *ctx; 74 | { 75 | ctx->A = 0x67452301; 76 | ctx->B = 0xefcdab89; 77 | ctx->C = 0x98badcfe; 78 | ctx->D = 0x10325476; 79 | 80 | ctx->total[0] = ctx->total[1] = 0; 81 | ctx->buflen = 0; 82 | } 83 | 84 | /* Put result from CTX in first 16 bytes following RESBUF. The result 85 | must be in little endian byte order. 86 | 87 | IMPORTANT: On some systems it is required that RESBUF is correctly 88 | aligned for a 32 bits value. */ 89 | void * 90 | md5_read_ctx (ctx, resbuf) 91 | const struct md5_ctx *ctx; 92 | void *resbuf; 93 | { 94 | ((md5_uint32 *) resbuf)[0] = SWAP (ctx->A); 95 | ((md5_uint32 *) resbuf)[1] = SWAP (ctx->B); 96 | ((md5_uint32 *) resbuf)[2] = SWAP (ctx->C); 97 | ((md5_uint32 *) resbuf)[3] = SWAP (ctx->D); 98 | 99 | return resbuf; 100 | } 101 | 102 | /* Process the remaining bytes in the internal buffer and the usual 103 | prolog according to the standard and write the result to RESBUF. 104 | 105 | IMPORTANT: On some systems it is required that RESBUF is correctly 106 | aligned for a 32 bits value. */ 107 | void * 108 | md5_finish_ctx (ctx, resbuf) 109 | struct md5_ctx *ctx; 110 | void *resbuf; 111 | { 112 | /* Take yet unprocessed bytes into account. */ 113 | md5_uint32 bytes = ctx->buflen; 114 | size_t pad; 115 | 116 | /* Now count remaining bytes. */ 117 | ctx->total[0] += bytes; 118 | if (ctx->total[0] < bytes) 119 | ++ctx->total[1]; 120 | 121 | pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes; 122 | memcpy (&ctx->buffer[bytes], fillbuf, pad); 123 | 124 | /* Put the 64-bit file length in *bits* at the end of the buffer. */ 125 | *(md5_uint32 *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3); 126 | *(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] << 3) | 127 | (ctx->total[0] >> 29)); 128 | 129 | /* Process last bytes. */ 130 | md5_process_block (ctx->buffer, bytes + pad + 8, ctx); 131 | 132 | return md5_read_ctx (ctx, resbuf); 133 | } 134 | 135 | /* Compute MD5 message digest for bytes read from STREAM. The 136 | resulting message digest number will be written into the 16 bytes 137 | beginning at RESBLOCK. */ 138 | int 139 | md5_stream (stream, resblock) 140 | FILE *stream; 141 | void *resblock; 142 | { 143 | /* Important: BLOCKSIZE must be a multiple of 64. */ 144 | #define BLOCKSIZE 4096 145 | struct md5_ctx ctx; 146 | char buffer[BLOCKSIZE + 72]; 147 | size_t sum; 148 | 149 | /* Initialize the computation context. */ 150 | md5_init_ctx (&ctx); 151 | 152 | /* Iterate over full file contents. */ 153 | while (1) 154 | { 155 | /* We read the file in blocks of BLOCKSIZE bytes. One call of the 156 | computation function processes the whole buffer so that with the 157 | next round of the loop another block can be read. */ 158 | size_t n; 159 | sum = 0; 160 | 161 | /* Read block. Take care for partial reads. */ 162 | do 163 | { 164 | n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); 165 | 166 | sum += n; 167 | } 168 | while (sum < BLOCKSIZE && n != 0); 169 | if (n == 0 && ferror (stream)) 170 | return 1; 171 | 172 | /* If end of file is reached, end the loop. */ 173 | if (n == 0) 174 | break; 175 | 176 | /* Process buffer with BLOCKSIZE bytes. Note that 177 | BLOCKSIZE % 64 == 0 178 | */ 179 | md5_process_block (buffer, BLOCKSIZE, &ctx); 180 | } 181 | 182 | /* Add the last bytes if necessary. */ 183 | if (sum > 0) 184 | md5_process_bytes (buffer, sum, &ctx); 185 | 186 | /* Construct result in desired memory. */ 187 | md5_finish_ctx (&ctx, resblock); 188 | return 0; 189 | } 190 | 191 | /* Compute MD5 message digest for LEN bytes beginning at BUFFER. The 192 | result is always in little endian byte order, so that a byte-wise 193 | output yields to the wanted ASCII representation of the message 194 | digest. */ 195 | void * 196 | md5_buffer (buffer, len, resblock) 197 | const char *buffer; 198 | size_t len; 199 | void *resblock; 200 | { 201 | struct md5_ctx ctx; 202 | 203 | /* Initialize the computation context. */ 204 | md5_init_ctx (&ctx); 205 | 206 | /* Process whole buffer but last len % 64 bytes. */ 207 | md5_process_bytes (buffer, len, &ctx); 208 | 209 | /* Put result in desired memory area. */ 210 | return md5_finish_ctx (&ctx, resblock); 211 | } 212 | 213 | 214 | void 215 | md5_process_bytes (buffer, len, ctx) 216 | const void *buffer; 217 | size_t len; 218 | struct md5_ctx *ctx; 219 | { 220 | /* When we already have some bits in our internal buffer concatenate 221 | both inputs first. */ 222 | if (ctx->buflen != 0) 223 | { 224 | size_t left_over = ctx->buflen; 225 | size_t add = 128 - left_over > len ? len : 128 - left_over; 226 | 227 | memcpy (&ctx->buffer[left_over], buffer, add); 228 | ctx->buflen += add; 229 | 230 | if (left_over + add > 64) 231 | { 232 | md5_process_block (ctx->buffer, (left_over + add) & ~63, ctx); 233 | /* The regions in the following copy operation cannot overlap. */ 234 | memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63], 235 | (left_over + add) & 63); 236 | ctx->buflen = (left_over + add) & 63; 237 | } 238 | 239 | buffer = (const char *) buffer + add; 240 | len -= add; 241 | } 242 | 243 | /* Process available complete blocks. */ 244 | if (len > 64) 245 | { 246 | md5_process_block (buffer, len & ~63, ctx); 247 | buffer = (const char *) buffer + (len & ~63); 248 | len &= 63; 249 | } 250 | 251 | /* Move remaining bytes in internal buffer. */ 252 | if (len > 0) 253 | { 254 | memcpy (ctx->buffer, buffer, len); 255 | ctx->buflen = len; 256 | } 257 | } 258 | 259 | 260 | /* These are the four functions used in the four steps of the MD5 algorithm 261 | and defined in the RFC 1321. The first function is a little bit optimized 262 | (as found in Colin Plumbs public domain implementation). */ 263 | /* #define FF(b, c, d) ((b & c) | (~b & d)) */ 264 | #define FF(b, c, d) (d ^ (b & (c ^ d))) 265 | #define FG(b, c, d) FF (d, b, c) 266 | #define FH(b, c, d) (b ^ c ^ d) 267 | #define FI(b, c, d) (c ^ (b | ~d)) 268 | 269 | /* Process LEN bytes of BUFFER, accumulating context into CTX. 270 | It is assumed that LEN % 64 == 0. */ 271 | 272 | void 273 | md5_process_block (buffer, len, ctx) 274 | const void *buffer; 275 | size_t len; 276 | struct md5_ctx *ctx; 277 | { 278 | md5_uint32 correct_words[16]; 279 | const md5_uint32 *words = buffer; 280 | size_t nwords = len / sizeof (md5_uint32); 281 | const md5_uint32 *endp = words + nwords; 282 | md5_uint32 A = ctx->A; 283 | md5_uint32 B = ctx->B; 284 | md5_uint32 C = ctx->C; 285 | md5_uint32 D = ctx->D; 286 | 287 | /* First increment the byte count. RFC 1321 specifies the possible 288 | length of the file up to 2^64 bits. Here we only compute the 289 | number of bytes. Do a double word increment. */ 290 | ctx->total[0] += len; 291 | if (ctx->total[0] < len) 292 | ++ctx->total[1]; 293 | 294 | /* Process all bytes in the buffer with 64 bytes in each round of 295 | the loop. */ 296 | while (words < endp) 297 | { 298 | md5_uint32 *cwp = correct_words; 299 | md5_uint32 A_save = A; 300 | md5_uint32 B_save = B; 301 | md5_uint32 C_save = C; 302 | md5_uint32 D_save = D; 303 | 304 | /* First round: using the given function, the context and a constant 305 | the next context is computed. Because the algorithms processing 306 | unit is a 32-bit word and it is determined to work on words in 307 | little endian byte order we perhaps have to change the byte order 308 | before the computation. To reduce the work for the next steps 309 | we store the swapped words in the array CORRECT_WORDS. */ 310 | 311 | #define OP(a, b, c, d, s, T) \ 312 | do \ 313 | { \ 314 | a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \ 315 | ++words; \ 316 | CYCLIC (a, s); \ 317 | a += b; \ 318 | } \ 319 | while (0) 320 | 321 | /* It is unfortunate that C does not provide an operator for 322 | cyclic rotation. Hope the C compiler is smart enough. */ 323 | #define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s))) 324 | 325 | /* Before we start, one word to the strange constants. 326 | They are defined in RFC 1321 as 327 | 328 | T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64 329 | */ 330 | 331 | /* Round 1. */ 332 | OP (A, B, C, D, 7, 0xd76aa478); 333 | OP (D, A, B, C, 12, 0xe8c7b756); 334 | OP (C, D, A, B, 17, 0x242070db); 335 | OP (B, C, D, A, 22, 0xc1bdceee); 336 | OP (A, B, C, D, 7, 0xf57c0faf); 337 | OP (D, A, B, C, 12, 0x4787c62a); 338 | OP (C, D, A, B, 17, 0xa8304613); 339 | OP (B, C, D, A, 22, 0xfd469501); 340 | OP (A, B, C, D, 7, 0x698098d8); 341 | OP (D, A, B, C, 12, 0x8b44f7af); 342 | OP (C, D, A, B, 17, 0xffff5bb1); 343 | OP (B, C, D, A, 22, 0x895cd7be); 344 | OP (A, B, C, D, 7, 0x6b901122); 345 | OP (D, A, B, C, 12, 0xfd987193); 346 | OP (C, D, A, B, 17, 0xa679438e); 347 | OP (B, C, D, A, 22, 0x49b40821); 348 | 349 | /* For the second to fourth round we have the possibly swapped words 350 | in CORRECT_WORDS. Redefine the macro to take an additional first 351 | argument specifying the function to use. */ 352 | #undef OP 353 | #define OP(f, a, b, c, d, k, s, T) \ 354 | do \ 355 | { \ 356 | a += f (b, c, d) + correct_words[k] + T; \ 357 | CYCLIC (a, s); \ 358 | a += b; \ 359 | } \ 360 | while (0) 361 | 362 | /* Round 2. */ 363 | OP (FG, A, B, C, D, 1, 5, 0xf61e2562); 364 | OP (FG, D, A, B, C, 6, 9, 0xc040b340); 365 | OP (FG, C, D, A, B, 11, 14, 0x265e5a51); 366 | OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa); 367 | OP (FG, A, B, C, D, 5, 5, 0xd62f105d); 368 | OP (FG, D, A, B, C, 10, 9, 0x02441453); 369 | OP (FG, C, D, A, B, 15, 14, 0xd8a1e681); 370 | OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8); 371 | OP (FG, A, B, C, D, 9, 5, 0x21e1cde6); 372 | OP (FG, D, A, B, C, 14, 9, 0xc33707d6); 373 | OP (FG, C, D, A, B, 3, 14, 0xf4d50d87); 374 | OP (FG, B, C, D, A, 8, 20, 0x455a14ed); 375 | OP (FG, A, B, C, D, 13, 5, 0xa9e3e905); 376 | OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8); 377 | OP (FG, C, D, A, B, 7, 14, 0x676f02d9); 378 | OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a); 379 | 380 | /* Round 3. */ 381 | OP (FH, A, B, C, D, 5, 4, 0xfffa3942); 382 | OP (FH, D, A, B, C, 8, 11, 0x8771f681); 383 | OP (FH, C, D, A, B, 11, 16, 0x6d9d6122); 384 | OP (FH, B, C, D, A, 14, 23, 0xfde5380c); 385 | OP (FH, A, B, C, D, 1, 4, 0xa4beea44); 386 | OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9); 387 | OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60); 388 | OP (FH, B, C, D, A, 10, 23, 0xbebfbc70); 389 | OP (FH, A, B, C, D, 13, 4, 0x289b7ec6); 390 | OP (FH, D, A, B, C, 0, 11, 0xeaa127fa); 391 | OP (FH, C, D, A, B, 3, 16, 0xd4ef3085); 392 | OP (FH, B, C, D, A, 6, 23, 0x04881d05); 393 | OP (FH, A, B, C, D, 9, 4, 0xd9d4d039); 394 | OP (FH, D, A, B, C, 12, 11, 0xe6db99e5); 395 | OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8); 396 | OP (FH, B, C, D, A, 2, 23, 0xc4ac5665); 397 | 398 | /* Round 4. */ 399 | OP (FI, A, B, C, D, 0, 6, 0xf4292244); 400 | OP (FI, D, A, B, C, 7, 10, 0x432aff97); 401 | OP (FI, C, D, A, B, 14, 15, 0xab9423a7); 402 | OP (FI, B, C, D, A, 5, 21, 0xfc93a039); 403 | OP (FI, A, B, C, D, 12, 6, 0x655b59c3); 404 | OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92); 405 | OP (FI, C, D, A, B, 10, 15, 0xffeff47d); 406 | OP (FI, B, C, D, A, 1, 21, 0x85845dd1); 407 | OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f); 408 | OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0); 409 | OP (FI, C, D, A, B, 6, 15, 0xa3014314); 410 | OP (FI, B, C, D, A, 13, 21, 0x4e0811a1); 411 | OP (FI, A, B, C, D, 4, 6, 0xf7537e82); 412 | OP (FI, D, A, B, C, 11, 10, 0xbd3af235); 413 | OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb); 414 | OP (FI, B, C, D, A, 9, 21, 0xeb86d391); 415 | 416 | /* Add the starting values of the context. */ 417 | A += A_save; 418 | B += B_save; 419 | C += C_save; 420 | D += D_save; 421 | } 422 | 423 | /* Put checksum in context given as argument. */ 424 | ctx->A = A; 425 | ctx->B = B; 426 | ctx->C = C; 427 | ctx->D = D; 428 | } 429 | 430 | 431 | #ifdef _LIBC 432 | /* Define weak aliases. */ 433 | # undef md5_init_ctx 434 | weak_alias (__md5_init_ctx, md5_init_ctx) 435 | # undef md5_process_block 436 | weak_alias (__md5_process_block, md5_process_block) 437 | # undef md5_process_bytes 438 | weak_alias (__md5_process_bytes, md5_process_bytes) 439 | # undef md5_finish_ctx 440 | weak_alias (__md5_finish_ctx, md5_finish_ctx) 441 | # undef md5_read_ctx 442 | weak_alias (__md5_read_ctx, md5_read_ctx) 443 | # undef md5_stream 444 | weak_alias (__md5_stream, md5_stream) 445 | # undef md5_buffer 446 | weak_alias (__md5_buffer, md5_buffer) 447 | #endif 448 | -------------------------------------------------------------------------------- /evilize/md5.h: -------------------------------------------------------------------------------- 1 | /* Declaration of functions and data types used for MD5 sum computing 2 | library functions. 3 | Copyright (C) 1995, 1996, 1997 Free Software Foundation, Inc. 4 | This file is part of the GNU C Library. 5 | 6 | The GNU C Library is free software; you can redistribute it and/or 7 | modify it under the terms of the GNU Library General Public License as 8 | published by the Free Software Foundation; either version 2 of the 9 | License, or (at your option) any later version. 10 | 11 | The GNU C Library is distributed in the hope that it will be useful, 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 | Library General Public License for more details. 15 | 16 | You should have received a copy of the GNU Library General Public 17 | License along with the GNU C Library; see the file COPYING.LIB. If not, 18 | write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, 19 | Boston, MA 02111-1307, USA. */ 20 | 21 | #ifndef _MD5_H 22 | #define _MD5_H 1 23 | 24 | #include 25 | 26 | #if defined HAVE_LIMITS_H || _LIBC 27 | # include 28 | #endif 29 | 30 | /* The following contortions are an attempt to use the C preprocessor 31 | to determine an unsigned integral type that is 32 bits wide. An 32 | alternative approach is to use autoconf's AC_CHECK_SIZEOF macro, but 33 | doing that would require that the configure script compile and *run* 34 | the resulting executable. Locally running cross-compiled executables 35 | is usually not possible. */ 36 | 37 | #ifdef _LIBC 38 | # include 39 | typedef u_int32_t md5_uint32; 40 | #else 41 | # if defined __STDC__ && __STDC__ 42 | # define UINT_MAX_32_BITS 4294967295U 43 | # else 44 | # define UINT_MAX_32_BITS 0xFFFFFFFF 45 | # endif 46 | 47 | /* If UINT_MAX isn't defined, assume it's a 32-bit type. 48 | This should be valid for all systems GNU cares about because 49 | that doesn't include 16-bit systems, and only modern systems 50 | (that certainly have ) have 64+-bit integral types. */ 51 | 52 | # ifndef UINT_MAX 53 | # define UINT_MAX UINT_MAX_32_BITS 54 | # endif 55 | 56 | # if UINT_MAX == UINT_MAX_32_BITS 57 | typedef unsigned int md5_uint32; 58 | # else 59 | # if USHRT_MAX == UINT_MAX_32_BITS 60 | typedef unsigned short md5_uint32; 61 | # else 62 | # if ULONG_MAX == UINT_MAX_32_BITS 63 | typedef unsigned long md5_uint32; 64 | # else 65 | /* The following line is intended to evoke an error. 66 | Using #error is not portable enough. */ 67 | "Cannot determine unsigned 32-bit data type." 68 | # endif 69 | # endif 70 | # endif 71 | #endif 72 | 73 | #undef __P 74 | #if defined (__STDC__) && __STDC__ 75 | # define __P(x) x 76 | #else 77 | # define __P(x) () 78 | #endif 79 | 80 | /* Structure to save state of computation between the single steps. */ 81 | struct md5_ctx 82 | { 83 | md5_uint32 A; 84 | md5_uint32 B; 85 | md5_uint32 C; 86 | md5_uint32 D; 87 | 88 | md5_uint32 total[2]; 89 | md5_uint32 buflen; 90 | char buffer[128]; 91 | }; 92 | 93 | /* 94 | * The following three functions are build up the low level used in 95 | * the functions `md5_stream' and `md5_buffer'. 96 | */ 97 | 98 | /* Initialize structure containing state of computation. 99 | (RFC 1321, 3.3: Step 3) */ 100 | extern void __md5_init_ctx __P ((struct md5_ctx *ctx)); 101 | extern void md5_init_ctx __P ((struct md5_ctx *ctx)); 102 | 103 | /* Starting with the result of former calls of this function (or the 104 | initialization function update the context for the next LEN bytes 105 | starting at BUFFER. 106 | It is necessary that LEN is a multiple of 64!!! */ 107 | extern void __md5_process_block __P ((const void *buffer, size_t len, 108 | struct md5_ctx *ctx)); 109 | extern void md5_process_block __P ((const void *buffer, size_t len, 110 | struct md5_ctx *ctx)); 111 | 112 | /* Starting with the result of former calls of this function (or the 113 | initialization function update the context for the next LEN bytes 114 | starting at BUFFER. 115 | It is NOT required that LEN is a multiple of 64. */ 116 | extern void __md5_process_bytes __P ((const void *buffer, size_t len, 117 | struct md5_ctx *ctx)); 118 | extern void md5_process_bytes __P ((const void *buffer, size_t len, 119 | struct md5_ctx *ctx)); 120 | 121 | /* Process the remaining bytes in the buffer and put result from CTX 122 | in first 16 bytes following RESBUF. The result is always in little 123 | endian byte order, so that a byte-wise output yields to the wanted 124 | ASCII representation of the message digest. 125 | 126 | IMPORTANT: On some systems it is required that RESBUF is correctly 127 | aligned for a 32 bits value. */ 128 | extern void *__md5_finish_ctx __P ((struct md5_ctx *ctx, void *resbuf)); 129 | extern void *md5_finish_ctx __P ((struct md5_ctx *ctx, void *resbuf)); 130 | 131 | 132 | /* Put result from CTX in first 16 bytes following RESBUF. The result is 133 | always in little endian byte order, so that a byte-wise output yields 134 | to the wanted ASCII representation of the message digest. 135 | 136 | IMPORTANT: On some systems it is required that RESBUF is correctly 137 | aligned for a 32 bits value. */ 138 | extern void *__md5_read_ctx __P ((const struct md5_ctx *ctx, void *resbuf)); 139 | extern void *md5_read_ctx __P ((const struct md5_ctx *ctx, void *resbuf)); 140 | 141 | 142 | /* Compute MD5 message digest for bytes read from STREAM. The 143 | resulting message digest number will be written into the 16 bytes 144 | beginning at RESBLOCK. */ 145 | extern int __md5_stream __P ((FILE *stream, void *resblock)); 146 | 147 | /* Compute MD5 message digest for LEN bytes beginning at BUFFER. The 148 | result is always in little endian byte order, so that a byte-wise 149 | output yields to the wanted ASCII representation of the message 150 | digest. */ 151 | extern void *__md5_buffer __P ((const char *buffer, size_t len, 152 | void *resblock)); 153 | extern void *md5_buffer __P ((const char *buffer, size_t len, 154 | void *resblock)); 155 | 156 | #endif /* md5.h */ 157 | -------------------------------------------------------------------------------- /evilize/md5coll.c: -------------------------------------------------------------------------------- 1 | /* MD5 Collision Generator 2 | * Copyright (C) 2005 Patrick Stach . 3 | * Implementation of paper by Xiaoyun Wang, et al. 4 | * A few optimizations to make the solving method a bit more deterministic. 5 | * Modifications Copyright (C) 2006 Peter Selinger. 6 | * 7 | * This work is licensed under a modified BSD License, see the file 8 | * MBSD-LICENSE for full details. 9 | * Any derivative works or references must cite the authors. 10 | */ 11 | 12 | /* 13 | * Changes: 14 | * 2006/02/07: Peter Selinger - separated user interface from library 15 | * 2006/02/07: Peter Selinger - progress reports 16 | * 2006/02/07: Peter Selinger - added options -h, -V, -q, -s 17 | * 18 | * Usage: see ./md5coll --help 19 | * 20 | * Notes: Requires being built as 32 bit (unsigned int as 32 bit) 21 | */ 22 | 23 | /* This file contains the user interface (mainly parsing of 24 | command-line). The real work is done in md5coll_lib. */ 25 | 26 | #include 27 | #include 28 | #include 29 | #include 30 | #include 31 | 32 | #include "md5coll_lib.h" 33 | 34 | #define NAME "md5coll" 35 | 36 | /* print usage information */ 37 | static void usage(FILE *fout) { 38 | fprintf(fout, "%s %s. MD5 collision generator.\n", NAME, MD5COLL_VERSION); 39 | fprintf(fout, "\n"); 40 | fprintf(fout, "Usage: %s [options] [IV0 IV1 IV2 IV3]\n", NAME); 41 | fprintf(fout, 42 | "Arguments (optional):\n" 43 | " IV0 IV1 IV2 IV3 four initial vectors in format 0x00000000\n" 44 | "Options:\n" 45 | " -h, --help print this help message and exit\n" 46 | " -L, --license print license info and exit\n" 47 | " -V, --version print version info and exit\n" 48 | " -q, --quiet suppress progress information\n" 49 | " -s, --seed seed the random number generator\n" 50 | ); 51 | } 52 | 53 | /* print version information */ 54 | static void version(FILE *fout) { 55 | fprintf(fout, "%s %s. MD5 collision generator.\n", NAME, MD5COLL_VERSION); 56 | fprintf(fout, "Copyright (C) 2005 Patrick Stach .\n"); 57 | fprintf(fout, "Implementation of paper by Xiaoyun Wang, et al.\n"); 58 | fprintf(fout, "Modifications Copyright (C) 2006 Peter Selinger.\n"); 59 | } 60 | 61 | /* print license information */ 62 | static void license(FILE *fout) { 63 | fprintf(fout, "%s %s. MD5 collision generator.\n", NAME, MD5COLL_VERSION); 64 | fprintf(fout, "Copyright (C) 2005 Patrick Stach .\n"); 65 | fprintf(fout, "Implementation of paper by Xiaoyun Wang, et al.\n"); 66 | fprintf(fout, "Modifications Copyright (C) 2006 Peter Selinger.\n"); 67 | fprintf(fout, "\n"); 68 | fprintf(fout, 69 | "Redistribution and use in source and binary forms, with or without\n" 70 | "modification, are permitted provided that the following conditions are\n" 71 | "met:\n" 72 | "\n" 73 | "1. Redistributions of source code must retain the above copyright\n" 74 | " notice, this list of conditions and the following disclaimer.\n" 75 | "2. Redistributions in binary form must reproduce the above copyright\n" 76 | " notice, this list of conditions and the following disclaimer in the\n" 77 | " documentation and/or other materials provided with the distribution.\n" 78 | "3. The name of the author may not be used to endorse or promote\n" 79 | " products derived from this software without specific prior written\n" 80 | " permission.\n" 81 | "\n" 82 | "THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n" 83 | "IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED\n" 84 | "WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\n" 85 | "DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,\n" 86 | "INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n" 87 | "(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\n" 88 | "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n" 89 | "HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\n" 90 | "STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING\n" 91 | "IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\n" 92 | "POSSIBILITY OF SUCH DAMAGE.\n"); 93 | } 94 | 95 | static struct option longopts[] = { 96 | {"help", 0, 0, 'h'}, 97 | {"license", 0, 0, 'L'}, 98 | {"version", 0, 0, 'V'}, 99 | {"quiet", 0, 0, 'q'}, 100 | {"seed", 1, 0, 's'}, 101 | {0, 0, 0, 0} 102 | }; 103 | 104 | static char *shortopts = "hLVqs:"; 105 | 106 | #define COL0 "\033[G" 107 | #define CTLK "\033[K" 108 | 109 | static int progress_printer_f(void *priv, char *arg) { 110 | fprintf(stderr, ""COL0"Progress: %s"CTLK"", arg); 111 | fflush(stderr); 112 | return 0; 113 | } 114 | 115 | static callback_t progress_printer = { &progress_printer_f, NULL}; 116 | 117 | /* write special purpose format file, compatible with md5coll. */ 118 | static void write_collision_file(FILE *fout, unsigned int m0[32], unsigned int m1[32]) { 119 | int i; 120 | 121 | fprintf(fout, "unsigned int m0[32] = {\n"); 122 | for (i=0; i<32; i++) { 123 | fprintf(fout, "0x%08x, ", m0[i]); 124 | if ((i & 3) == 3) { 125 | fprintf(fout, "\n"); 126 | } 127 | } 128 | fprintf(fout, "};\n\n"); 129 | fprintf(fout, "unsigned int m1[32] = {\n"); 130 | for (i=0; i<32; i++) { 131 | fprintf(fout, "0x%08x, ", m1[i]); 132 | if ((i & 3) == 3) { 133 | fprintf(fout, "\n"); 134 | } 135 | } 136 | fprintf(fout, "};\n\n"); 137 | return; 138 | } 139 | 140 | int main(int ac, char *av[]) 141 | { 142 | unsigned int m0[32]; 143 | unsigned int m1[32]; 144 | int c, count; 145 | callback_t *cb; 146 | 147 | /* command line options */ 148 | int have_iv = 0; 149 | unsigned int IV[4]; 150 | int quiet = 0; 151 | unsigned int seed = time(NULL) ^ (getpid() << 16); 152 | 153 | /* process command line options */ 154 | while ((c = getopt_long(ac, av, shortopts, longopts, NULL)) != -1) { 155 | switch (c) { 156 | case 'h': 157 | usage(stdout); 158 | exit(0); 159 | break; 160 | case 'L': 161 | license(stdout); 162 | exit(0); 163 | break; 164 | case 'V': 165 | version(stdout); 166 | exit(0); 167 | break; 168 | case 'q': 169 | quiet = 1; 170 | break; 171 | case 's': 172 | seed = strtoul(optarg, NULL, 0); 173 | break; 174 | case '?': 175 | fprintf(stderr, "Try --help for more information.\n"); 176 | exit(1); 177 | break; 178 | } 179 | } 180 | count = ac-optind; 181 | 182 | if (count == 4) { 183 | IV[0] = strtoul(av[optind], NULL, 0); 184 | IV[1] = strtoul(av[optind+1], NULL, 0); 185 | IV[2] = strtoul(av[optind+2], NULL, 0); 186 | IV[3] = strtoul(av[optind+3], NULL, 0); 187 | have_iv = 1; 188 | } else if (count == 0) { 189 | have_iv = 0; 190 | } else { 191 | fprintf(stderr, "%s: wrong number of arguments. Try --help for more information.\n", NAME); 192 | exit(1); 193 | } 194 | 195 | /* end command line options */ 196 | 197 | if (quiet) { 198 | cb = NULL; 199 | } else { 200 | cb = &progress_printer; 201 | fprintf(stdout, "Random seed: %u\n", seed); 202 | } 203 | 204 | srandom(seed); 205 | 206 | if (have_iv) { 207 | md5coll_with_iv(IV, m0, m1, cb); 208 | } else { 209 | md5coll(m0, m1, cb); 210 | } 211 | if (cb) { 212 | fprintf(stderr, " (done)\n"); /* finish progress display */ 213 | } 214 | 215 | write_collision_file(stdout, m0, m1); 216 | 217 | return 0; 218 | } 219 | -------------------------------------------------------------------------------- /evilize/md5coll_lib.c: -------------------------------------------------------------------------------- 1 | /* MD5 Collision Generator 2 | * Copyright (C) 2005 Patrick Stach . 3 | * Implementation of paper by Xiaoyun Wang, et al. 4 | * A few optimizations to make the solving method a bit more deterministic. 5 | * Modifications Copyright (C) 2006 Peter Selinger. 6 | * 7 | * This work is licensed under a modified BSD License, see the file 8 | * MBSD-LICENSE for full details. 9 | * Any derivative works or references must cite the authors. 10 | */ 11 | 12 | /* 13 | * Changes: 14 | * 2006/02/09: Peter Selinger - added emergency exit to block2 15 | * 2006/02/07: Peter Selinger - converted to linkable library 16 | * 2006/02/07: Peter Selinger - added progress report feature 17 | * 18 | * Notes: 19 | * - this library is not reentrant; state "s" is global. This 20 | * is about 10% faster than using a dynamic state. 21 | * - Requires being built as 32 bit (unsigned int as 32 bit) 22 | */ 23 | 24 | #include /* for random() */ 25 | #include /* for memcpy() */ 26 | #include 27 | 28 | #include "md5coll_lib.h" 29 | 30 | #define F(x, y, z) (z ^ (x & (y ^ z))) 31 | #define G(x, y, z) F(z, x, y) 32 | #define H(x, y, z) (x ^ y ^ z) 33 | #define I(x, y, z) (y ^ (x | ~z)) 34 | 35 | #define RL(x, y) (((x) << (y)) | ((x) >> (32 - (y)))) 36 | #define RR(x, y) (((x) >> (y)) | ((x) << (32 - (y)))) 37 | 38 | #define LOOP_11 300 39 | #define LOOP_12 0x20000000 40 | #define LOOP_21 1000 41 | #define LOOP_22 0x4000000 42 | 43 | struct state_s { 44 | unsigned int A0, B0, C0, D0; 45 | unsigned int A1, B1, C1, D1; 46 | unsigned int Q0[65], Q1[65]; 47 | unsigned int X0[32], X1[32]; 48 | int ct1, ct2; 49 | }; 50 | typedef struct state_s state_t; 51 | 52 | static state_t s; 53 | 54 | static unsigned int IV_default[4] = 55 | { 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476 }; 56 | 57 | static inline int callback2(callback_t *cb, int a, int b) { 58 | char buf[80]; 59 | sprintf(buf, "%d.%d", a, b); 60 | return cb->f(cb->priv, buf); 61 | } 62 | 63 | static inline int callback4(callback_t *cb, int a, int b, int c, int d) { 64 | char buf[80]; 65 | sprintf(buf, "%d.%d.%d.%d", a, b, c, d); 66 | return cb->f(cb->priv, buf); 67 | } 68 | 69 | int random(){ 70 | return 4; 71 | } 72 | /* return 0 on success, 1 on interrupt */ 73 | int block1(unsigned int IV[4], callback_t *cb, int ct1) 74 | { 75 | int i; 76 | 77 | block1_again: 78 | for(;;) 79 | { 80 | /* C1 */ 81 | s.Q0[ 3] = random() & ~0x00800040; 82 | s.Q1[ 3] = s.Q0[ 3]; 83 | 84 | /* B1 */ 85 | s.Q0[ 4] = (random() | 0x80080800) & ~(0x00800040 | 0x0077f780); 86 | s.Q0[ 4] |= (s.Q0[ 3] & 0x0077f780); 87 | s.Q1[ 4] = s.Q0[ 4]; 88 | 89 | /* A2 */ 90 | s.Q0[ 5] = (random() | 0x88400025) & ~0x02bfffc0; 91 | s.Q1[ 5] = s.Q0[ 5] - 0x00000040; 92 | 93 | /* D2 */ 94 | s.Q0[ 6] = (random() | 0x027fbc41) & ~(0x888043a4 | 0x7500001a); 95 | s.Q0[ 6] |= (s.Q0[ 5] & 0x7500001a); 96 | s.Q1[ 6] = s.Q0[ 6] - 0x7f800040; 97 | 98 | /* C2 */ 99 | s.Q0[ 7] = (random() | 0x03fef820) & ~0xfc0107df; 100 | s.Q1[ 7] = s.Q0[ 7] - 0x07800041; 101 | 102 | s.X0[ 6] = RR(s.Q0[ 7] - s.Q0[ 6], 17) - F(s.Q0[ 6], s.Q0[ 5], s.Q0[ 4]) 103 | - s.Q0[ 3] - 0xa8304613; 104 | s.X1[ 6] = RR(s.Q1[ 7] - s.Q1[ 6], 17) - F(s.Q1[ 6], s.Q1[ 5], s.Q1[ 4]) 105 | - s.Q1[ 3] - 0xa8304613; 106 | if(s.X0[ 6] != s.X1[ 6]) 107 | continue; 108 | 109 | /* B2 */ 110 | s.Q0[ 8] = (random() | 0x01910540) & ~0xfe0eaabf; 111 | s.Q1[ 8] = s.Q0[ 8] - 0x00827fff; 112 | 113 | s.X0[ 7] = RR(s.Q0[ 8] - s.Q0[ 7], 22) - F(s.Q0[ 7], s.Q0[ 6], s.Q0[ 5]) 114 | - s.Q0[ 4] - 0xfd469501; 115 | s.X1[ 7] = RR(s.Q1[ 8] - s.Q1[ 7], 22) - F(s.Q1[ 7], s.Q1[ 6], s.Q1[ 5]) 116 | - s.Q1[ 4] - 0xfd469501; 117 | if(s.X0[ 7] != s.X1[ 7]) 118 | continue; 119 | 120 | /* A3 */ 121 | s.Q0[ 9] = (random() | 0xfb102f3d) & ~(0x040f80c2 | 0x00001000); 122 | s.Q0[ 9] |= (s.Q0[ 8] & 0x00001000); 123 | s.Q1[ 9] = s.Q0[ 9] - 0x8000003f; 124 | 125 | s.X0[ 8] = RR(s.Q0[ 9] - s.Q0[ 8], 7) - F(s.Q0[ 8], s.Q0[ 7], s.Q0[ 6]) 126 | - s.Q0[ 5] - 0x698098d8; 127 | s.X1[ 8] = RR(s.Q1[ 9] - s.Q1[ 8], 7) - F(s.Q1[ 8], s.Q1[ 7], s.Q1[ 6]) 128 | - s.Q1[ 5] - 0x698098d8; 129 | if(s.X0[ 8] != s.X1[ 8]) 130 | continue; 131 | 132 | /* D3 */ 133 | s.Q0[10] = (random() | 0x401f9040) & ~0x80802183; 134 | s.Q1[10] = s.Q0[10] - 0x7ffff000; 135 | 136 | s.X0[ 9] = RR(s.Q0[10] - s.Q0[ 9], 12) - F(s.Q0[ 9], s.Q0[ 8], s.Q0[ 7]) 137 | - s.Q0[ 6] - 0x8b44f7af; 138 | s.X1[ 9] = RR(s.Q1[10] - s.Q1[ 9], 12) - F(s.Q1[ 9], s.Q1[ 8], s.Q1[ 7]) 139 | - s.Q1[ 6] - 0x8b44f7af; 140 | if(s.X0[ 9] != s.X1[ 9]) 141 | continue; 142 | 143 | /* C3 */ 144 | s.Q0[11] = (random() | 0x000180c2) & ~(0xc00e3101 | 0x00004000); 145 | s.Q0[11] |= (s.Q0[10] & 0x00004000); 146 | s.Q1[11] = s.Q0[11] - 0x40000000; 147 | 148 | s.X0[10] = RR(s.Q0[11] - s.Q0[10], 17) - F(s.Q0[10], s.Q0[ 9], s.Q0[ 8]) 149 | - s.Q0[ 7] - 0xffff5bb1; 150 | s.X1[10] = RR(s.Q1[11] - s.Q1[10], 17) - F(s.Q1[10], s.Q1[ 9], s.Q1[ 8]) 151 | - s.Q1[ 7] - 0xffff5bb1; 152 | if(s.X0[10] != s.X1[10]) 153 | continue; 154 | 155 | /* B3 */ 156 | s.Q0[12] = (random() | 0x00081100) & ~(0xc007e080 | 0x03000000); 157 | s.Q0[12] |= (s.Q0[11] & 0x03000000); 158 | s.Q1[12] = s.Q0[12] - 0x80002080; 159 | 160 | s.X0[11] = RR(s.Q0[12] - s.Q0[11], 22) - F(s.Q0[11], s.Q0[10], s.Q0[ 9]) 161 | - s.Q0[ 8] - 0x895cd7be; 162 | s.X1[11] = RR(s.Q1[12] - s.Q1[11], 22) - F(s.Q1[11], s.Q1[10], s.Q1[ 9]) 163 | - s.Q1[ 8] - 0x895cd7be; 164 | if((s.X0[11] ^ s.X1[11]) != 0x00008000) 165 | continue; 166 | 167 | /* A4 */ 168 | s.Q0[13] = (random() | 0x410fe008) & ~0x82000180; 169 | s.Q1[13] = s.Q0[13] - 0x7f000000; 170 | 171 | s.X0[12] = RR(s.Q0[13] - s.Q0[12], 7) - F(s.Q0[12], s.Q0[11], s.Q0[10]) 172 | - s.Q0[ 9] - 0x6b901122; 173 | s.X1[12] = RR(s.Q1[13] - s.Q1[12], 7) - F(s.Q1[12], s.Q1[11], s.Q1[10]) 174 | - s.Q1[ 9] - 0x6b901122; 175 | if(s.X0[12] != s.X1[12]) 176 | continue; 177 | 178 | /* D4 */ 179 | s.Q0[14] = (random() | 0x000be188) & ~0xa3040000; 180 | s.Q1[14] = s.Q0[14] - 0x80000000; 181 | 182 | s.X0[13] = RR(s.Q0[14] - s.Q0[13], 12) - F(s.Q0[13], s.Q0[12], s.Q0[11]) 183 | - s.Q0[10] - 0xfd987193; 184 | s.X1[13] = RR(s.Q1[14] - s.Q1[13], 12) - F(s.Q1[13], s.Q1[12], s.Q1[11]) 185 | - s.Q1[10] - 0xfd987193; 186 | if(s.X0[13] != s.X1[13]) 187 | continue; 188 | 189 | /* C4 */ 190 | s.Q0[15] = (random() | 0x21008000) & ~0x82000008; 191 | s.Q1[15] = s.Q0[15] - 0x80007ff8; 192 | 193 | s.X0[14] = RR(s.Q0[15] - s.Q0[14], 17) - F(s.Q0[14], s.Q0[13], s.Q0[12]) 194 | - s.Q0[11] - 0xa679438e; 195 | s.X1[14] = RR(s.Q1[15] - s.Q1[14], 17) - F(s.Q1[14], s.Q1[13], s.Q1[12]) 196 | - s.Q1[11] - 0xa679438e; 197 | if((s.X0[14] ^ s.X1[14]) != 0x80000000) 198 | continue; 199 | 200 | 201 | /* B4 */ 202 | s.Q0[16] = (random() | 0x20000000) & ~0x80000000; 203 | s.Q1[16] = s.Q0[16] - 0xa0000000; 204 | 205 | s.X0[15] = RR(s.Q0[16] - s.Q0[15], 22) - F(s.Q0[15], s.Q0[14], s.Q0[13]) 206 | - s.Q0[12] - 0x49b40821; 207 | s.X1[15] = RR(s.Q1[16] - s.Q1[15], 22) - F(s.Q1[15], s.Q1[14], s.Q1[13]) 208 | - s.Q1[12] - 0x49b40821; 209 | if(s.X0[15] != s.X1[15]) 210 | continue; 211 | break; 212 | } 213 | 214 | for(i = 0; i < LOOP_11; i++) 215 | { 216 | /* A5 */ 217 | s.Q0[17] = random() & ~(0x80020000 | 0x00008008); 218 | s.Q0[17] |= (s.Q0[16] & 0x00008008); 219 | s.Q1[17] = s.Q0[17] - 0x80000000; 220 | 221 | s.X0[ 1] = RR(s.Q0[17] - s.Q0[16], 5) - G(s.Q0[16], s.Q0[15], s.Q0[14]) 222 | - s.Q0[13] - 0xf61e2562; 223 | s.X1[ 1] = RR(s.Q1[17] - s.Q1[16], 5) - G(s.Q1[16], s.Q1[15], s.Q1[14]) 224 | - s.Q1[13] - 0xf61e2562; 225 | if(s.X0[ 1] != s.X1[ 1]) 226 | continue; 227 | 228 | /* D5 */ 229 | s.Q0[18] = RL(G(s.Q0[17], s.Q0[16], s.Q0[15]) + s.Q0[14] 230 | + s.X0[ 6] + 0xc040b340, 9) + s.Q0[17]; 231 | if((s.Q0[18] & 0xa0020000) 232 | != (0x00020000 | (s.Q0[17] & 0x20000000))) 233 | { 234 | continue; 235 | } 236 | s.Q1[18] = RL(G(s.Q1[17], s.Q1[16], s.Q1[15]) + s.Q1[14] 237 | + s.X1[ 6] + 0xc040b340, 9) + s.Q1[17]; 238 | if((s.Q0[18] ^ s.Q1[18]) != 0x80000000) 239 | continue; 240 | 241 | /* C5 */ 242 | s.Q0[19] = RL(G(s.Q0[18], s.Q0[17], s.Q0[16]) + s.Q0[15] 243 | + s.X0[11] + 0x265e5a51, 14) + s.Q0[18]; 244 | if(s.Q0[19] & 0x80020000) 245 | continue; 246 | s.Q1[19] = RL(G(s.Q1[18], s.Q1[17], s.Q1[16]) + s.Q1[15] 247 | + s.X1[11] + 0x265e5a51, 14) + s.Q1[18]; 248 | if(s.Q0[19] - s.Q1[19] != 0x7ffe0000) 249 | continue; 250 | 251 | /* B5 */ 252 | s.Q0[20] = random() & ~0x80000000; 253 | s.Q1[20] = s.Q0[20] - 0x80000000; 254 | 255 | s.X0[ 0] = RR(s.Q0[20] - s.Q0[19], 20) - G(s.Q0[19], s.Q0[18], s.Q0[17]) 256 | - s.Q0[16] - 0xe9b6c7aa; 257 | s.X1[ 0] = RR(s.Q1[20] - s.Q1[19], 20) - G(s.Q1[19], s.Q1[18], s.Q1[17]) 258 | - s.Q1[16] - 0xe9b6c7aa; 259 | if(s.X0[ 0] != s.X1[ 0]) 260 | continue; 261 | 262 | s.Q0[ 1] = RL(F(IV[1], IV[2], IV[3]) + IV[0] 263 | + s.X0[ 0] + 0xd76aa478, 7) + IV[1]; 264 | s.Q1[ 1] = s.Q0[ 1]; 265 | 266 | s.Q0[ 2] = RL(F(s.Q0[ 1], IV[1], IV[2]) + IV[3] 267 | + s.X0[ 1] + 0xe8c7b756, 12) + s.Q0[ 1]; 268 | s.Q1[ 2] = s.Q0[ 2]; 269 | 270 | s.X0[ 2] = RR(s.Q0[ 3] - s.Q0[ 2], 17) - F(s.Q0[ 2], s.Q0[ 1], IV[1]) 271 | - IV[2] - 0x242070db; 272 | s.X1[ 2] = s.X0[ 2]; 273 | 274 | s.X0[ 3] = RR(s.Q0[ 4] - s.Q0[ 3], 22) - F(s.Q0[ 3], s.Q0[ 2], s.Q0[ 1]) 275 | - IV[1] - 0xc1bdceee; 276 | s.X1[ 3] = s.X0[ 3]; 277 | 278 | s.X0[ 4] = RR(s.Q0[ 5] - s.Q0[ 4], 7) - F(s.Q0[ 4], s.Q0[ 3], s.Q0[ 2]) 279 | - s.Q0[ 1] - 0xf57c0faf; 280 | s.X1[ 4] = RR(s.Q1[ 5] - s.Q1[ 4], 7) - F(s.Q1[ 4], s.Q1[ 3], s.Q1[ 2]) 281 | - s.Q1[ 1] - 0xf57c0faf; 282 | if((s.X0[ 4] ^ s.X1[ 4]) != 0x80000000) 283 | continue; 284 | 285 | s.X0[ 5] = RR(s.Q0[ 6] - s.Q0[ 5], 12) - F(s.Q0[ 5], s.Q0[ 4], s.Q0[ 3]) 286 | - s.Q0[ 2] - 0x4787c62a; 287 | s.X1[ 5] = RR(s.Q1[ 6] - s.Q1[ 5], 12) - F(s.Q1[ 5], s.Q1[ 4], s.Q1[ 3]) 288 | - s.Q1[ 2] - 0x4787c62a; 289 | if(s.X0[ 5] != s.X1[ 5]) 290 | continue; 291 | 292 | /* A6 */ 293 | s.Q0[21] = RL(G(s.Q0[20], s.Q0[19], s.Q0[18]) + s.Q0[17] 294 | + s.X0[ 5] + 0xd62f105d, 5) + s.Q0[20]; 295 | if((s.Q0[21] & 0x80020000) != (s.Q0[20] & 0x00020000)) 296 | continue; 297 | s.Q1[21] = RL(G(s.Q1[20], s.Q1[19], s.Q1[18]) + s.Q1[17] 298 | + s.X1[ 5] + 0xd62f105d, 5) + s.Q1[20]; 299 | if((s.Q0[21] ^ s.Q1[21]) != 0x80000000) 300 | continue; 301 | 302 | /* D6 */ 303 | s.Q0[22] = RL(G(s.Q0[21], s.Q0[20], s.Q0[19]) + s.Q0[18] 304 | + s.X0[10] + 0x02441453, 9) + s.Q0[21]; 305 | if(s.Q0[22] & 0x80000000) 306 | continue; 307 | s.Q1[22] = RL(G(s.Q1[21], s.Q1[20], s.Q1[19]) + s.Q1[18] 308 | + s.X1[10] + 0x02441453, 9) + s.Q1[21]; 309 | if((s.Q0[22] ^ s.Q1[22]) != 0x80000000) 310 | continue; 311 | 312 | /* C6 */ 313 | s.Q0[23] = RL(G(s.Q0[22], s.Q0[21], s.Q0[20]) + s.Q0[19] 314 | + s.X0[15] + 0xd8a1e681, 14) + s.Q0[22]; 315 | if(s.Q0[23] & 0x80000000) 316 | continue; 317 | s.Q1[23] = RL(G(s.Q1[22], s.Q1[21], s.Q1[20]) + s.Q1[19] 318 | + s.X1[15] + 0xd8a1e681, 14) + s.Q1[22]; 319 | if(s.Q0[23] != s.Q1[23]) 320 | continue; 321 | 322 | /* B6 */ 323 | s.Q0[24] = RL(G(s.Q0[23], s.Q0[22], s.Q0[21]) + s.Q0[20] 324 | + s.X0[ 4] + 0xe7d3fbc8, 20) + s.Q0[23]; 325 | s.Q1[24] = RL(G(s.Q1[23], s.Q1[22], s.Q1[21]) + s.Q1[20] 326 | + s.X1[ 4] + 0xe7d3fbc8, 20) + s.Q1[23]; 327 | if(s.Q0[24] != s.Q1[24]) 328 | continue; 329 | 330 | /* A7 */ 331 | s.Q0[25] = RL(G(s.Q0[24], s.Q0[23], s.Q0[22]) + s.Q0[21] 332 | + s.X0[ 9] + 0x21e1cde6, 5) + s.Q0[24]; 333 | s.Q1[25] = RL(G(s.Q1[24], s.Q1[23], s.Q1[22]) + s.Q1[21] 334 | + s.X1[ 9] + 0x21e1cde6, 5) + s.Q1[24]; 335 | if(s.Q0[25] != s.Q1[25]) 336 | continue; 337 | 338 | /* D7 */ 339 | s.Q0[26] = RL(G(s.Q0[25], s.Q0[24], s.Q0[23]) + s.Q0[22] 340 | + s.X0[14] + 0xc33707d6, 9) + s.Q0[25]; 341 | s.Q1[26] = RL(G(s.Q1[25], s.Q1[24], s.Q1[23]) + s.Q1[22] 342 | + s.X1[14] + 0xc33707d6, 9) + s.Q1[25]; 343 | if(s.Q0[26] != s.Q1[26]) 344 | continue; 345 | 346 | /* C7 */ 347 | s.Q0[27] = RL(G(s.Q0[26], s.Q0[25], s.Q0[24]) + s.Q0[23] 348 | + s.X0[ 3] + 0xf4d50d87, 14) + s.Q0[26]; 349 | s.Q1[27] = RL(G(s.Q1[26], s.Q1[25], s.Q1[24]) + s.Q1[23] 350 | + s.X1[ 3] + 0xf4d50d87, 14) + s.Q1[26]; 351 | if(s.Q0[27] != s.Q1[27]) 352 | continue; 353 | 354 | break; 355 | } 356 | if(i >= LOOP_11) 357 | goto block1_again; 358 | 359 | ct1++; 360 | for(i = 0; i < LOOP_12; i++) 361 | { 362 | if (cb) { 363 | if ((i & 0xfffff) == 0) { 364 | if (callback2(cb, ct1, i>>20)) { 365 | return 1; 366 | } 367 | } 368 | } 369 | 370 | /* B5 */ 371 | s.Q0[20] ^= (1 << (random() % 31)); 372 | s.Q1[20] = s.Q0[20] - 0x80000000; 373 | 374 | s.X0[ 0] = RR(s.Q0[20] - s.Q0[19], 20) - G(s.Q0[19], s.Q0[18], s.Q0[17]) 375 | - s.Q0[16] - 0xe9b6c7aa; 376 | s.X1[ 0] = RR(s.Q1[20] - s.Q1[19], 20) - G(s.Q1[19], s.Q1[18], s.Q1[17]) 377 | - s.Q1[16] - 0xe9b6c7aa; 378 | if(s.X0[ 0] != s.X1[ 0]) 379 | continue; 380 | 381 | s.Q0[ 1] = RL(F(IV[1], IV[2], IV[3]) + IV[0] 382 | + s.X0[ 0] + 0xd76aa478, 7) + IV[1]; 383 | s.Q1[ 1] = s.Q0[ 1]; 384 | 385 | s.Q0[ 2] = RL(F(s.Q0[ 1], IV[1], IV[2]) + IV[3] 386 | + s.X0[ 1] + 0xe8c7b756, 12) + s.Q0[ 1]; 387 | s.Q1[ 2] = s.Q0[ 2]; 388 | s.X0[ 2] = RR(s.Q0[ 3] - s.Q0[ 2], 17) - F(s.Q0[ 2], s.Q0[ 1], IV[1]) 389 | - IV[2] - 0x242070db; 390 | s.X1[ 2] = s.X0[ 2]; 391 | 392 | s.X0[ 3] = RR(s.Q0[ 4] - s.Q0[ 3], 22) - F(s.Q0[ 3], s.Q0[ 2], s.Q0[ 1]) 393 | - IV[1] - 0xc1bdceee; 394 | s.X1[ 3] = s.X0[ 3]; 395 | 396 | s.X0[ 4] = RR(s.Q0[ 5] - s.Q0[ 4], 7) - F(s.Q0[ 4], s.Q0[ 3], s.Q0[ 2]) 397 | - s.Q0[ 1] - 0xf57c0faf; 398 | s.X1[ 4] = RR(s.Q1[ 5] - s.Q1[ 4], 7) - F(s.Q1[ 4], s.Q1[ 3], s.Q1[ 2]) 399 | - s.Q1[ 1] - 0xf57c0faf; 400 | if((s.X0[ 4] ^ s.X1[ 4]) != 0x80000000) 401 | continue; 402 | 403 | s.X0[ 5] = RR(s.Q0[ 6] - s.Q0[ 5], 12) - F(s.Q0[ 5], s.Q0[ 4], s.Q0[ 3]) 404 | - s.Q0[ 2] - 0x4787c62a; 405 | s.X1[ 5] = RR(s.Q1[ 6] - s.Q1[ 5], 12) - F(s.Q1[ 5], s.Q1[ 4], s.Q1[ 3]) 406 | - s.Q1[ 2] - 0x4787c62a; 407 | if(s.X0[ 5] != s.X1[ 5]) 408 | continue; 409 | 410 | /* A6 */ 411 | s.Q0[21] = RL(G(s.Q0[20], s.Q0[19], s.Q0[18]) + s.Q0[17] 412 | + s.X0[ 5] + 0xd62f105d, 5) + s.Q0[20]; 413 | if((s.Q0[21] & 0x80020000) != (s.Q0[20] & 0x00020000)) 414 | continue; 415 | s.Q1[21] = RL(G(s.Q1[20], s.Q1[19], s.Q1[18]) + s.Q1[17] 416 | + s.X1[ 5] + 0xd62f105d, 5) + s.Q1[20]; 417 | if((s.Q0[21] ^ s.Q1[21]) != 0x80000000) 418 | continue; 419 | 420 | /* D6 */ 421 | s.Q0[22] = RL(G(s.Q0[21], s.Q0[20], s.Q0[19]) + s.Q0[18] 422 | + s.X0[10] + 0x02441453, 9) + s.Q0[21]; 423 | if(s.Q0[22] & 0x80000000) 424 | continue; 425 | s.Q1[22] = RL(G(s.Q1[21], s.Q1[20], s.Q1[19]) + s.Q1[18] 426 | + s.X1[10] + 0x02441453, 9) + s.Q1[21]; 427 | if((s.Q0[22] ^ s.Q1[22]) != 0x80000000) 428 | continue; 429 | 430 | /* C6 */ 431 | s.Q0[23] = RL(G(s.Q0[22], s.Q0[21], s.Q0[20]) + s.Q0[19] 432 | + s.X0[15] + 0xd8a1e681, 14) + s.Q0[22]; 433 | if(s.Q0[23] & 0x80000000) 434 | continue; 435 | s.Q1[23] = RL(G(s.Q1[22], s.Q1[21], s.Q1[20]) + s.Q1[19] 436 | + s.X1[15] + 0xd8a1e681, 14) + s.Q1[22]; 437 | if(s.Q0[23] != s.Q1[23]) 438 | continue; 439 | 440 | /* B6 */ 441 | s.Q0[24] = RL(G(s.Q0[23], s.Q0[22], s.Q0[21]) + s.Q0[20] 442 | + s.X0[ 4] + 0xe7d3fbc8, 20) + s.Q0[23]; 443 | s.Q1[24] = RL(G(s.Q1[23], s.Q1[22], s.Q1[21]) + s.Q1[20] 444 | + s.X1[ 4] + 0xe7d3fbc8, 20) + s.Q1[23]; 445 | if(s.Q0[24] != s.Q1[24]) 446 | continue; 447 | 448 | /* A7 */ 449 | s.Q0[25] = RL(G(s.Q0[24], s.Q0[23], s.Q0[22]) + s.Q0[21] 450 | + s.X0[ 9] + 0x21e1cde6, 5) + s.Q0[24]; 451 | s.Q1[25] = RL(G(s.Q1[24], s.Q1[23], s.Q1[22]) + s.Q1[21] 452 | + s.X1[ 9] + 0x21e1cde6, 5) + s.Q1[24]; 453 | if(s.Q0[25] != s.Q1[25]) 454 | continue; 455 | 456 | /* D7 */ 457 | s.Q0[26] = RL(G(s.Q0[25], s.Q0[24], s.Q0[23]) + s.Q0[22] 458 | + s.X0[14] + 0xc33707d6, 9) + s.Q0[25]; 459 | s.Q1[26] = RL(G(s.Q1[25], s.Q1[24], s.Q1[23]) + s.Q1[22] 460 | + s.X1[14] + 0xc33707d6, 9) + s.Q1[25]; 461 | if(s.Q0[26] != s.Q1[26]) 462 | continue; 463 | 464 | /* C7 */ 465 | s.Q0[27] = RL(G(s.Q0[26], s.Q0[25], s.Q0[24]) + s.Q0[23] 466 | + s.X0[ 3] + 0xf4d50d87, 14) + s.Q0[26]; 467 | s.Q1[27] = RL(G(s.Q1[26], s.Q1[25], s.Q1[24]) + s.Q1[23] 468 | + s.X1[ 3] + 0xf4d50d87, 14) + s.Q1[26]; 469 | if(s.Q0[27] != s.Q1[27]) 470 | continue; 471 | 472 | /* B7 */ 473 | s.Q0[28] = RL(G(s.Q0[27], s.Q0[26], s.Q0[25]) + s.Q0[24] 474 | + s.X0[ 8] + 0x455a14ed, 20) + s.Q0[27]; 475 | s.Q1[28] = RL(G(s.Q1[27], s.Q1[26], s.Q1[25]) + s.Q1[24] 476 | + s.X1[ 8] + 0x455a14ed, 20) + s.Q1[27]; 477 | if(s.Q0[28] != s.Q1[28]) 478 | continue; 479 | 480 | /* A8 */ 481 | s.Q0[29] = RL(G(s.Q0[28], s.Q0[27], s.Q0[26]) + s.Q0[25] 482 | + s.X0[13] + 0xa9e3e905, 5) + s.Q0[28]; 483 | s.Q1[29] = RL(G(s.Q1[28], s.Q1[27], s.Q1[26]) + s.Q1[25] 484 | + s.X1[13] + 0xa9e3e905, 5) + s.Q1[28]; 485 | if(s.Q0[29] != s.Q1[29]) 486 | continue; 487 | 488 | /* D8 */ 489 | s.Q0[30] = RL(G(s.Q0[29], s.Q0[28], s.Q0[27]) + s.Q0[26] 490 | + s.X0[ 2] + 0xfcefa3f8, 9) + s.Q0[29]; 491 | s.Q1[30] = RL(G(s.Q1[29], s.Q1[28], s.Q1[27]) + s.Q1[26] 492 | + s.X1[ 2] + 0xfcefa3f8, 9) + s.Q1[29]; 493 | if(s.Q0[30] != s.Q1[30]) 494 | continue; 495 | 496 | /* C8 */ 497 | s.Q0[31] = RL(G(s.Q0[30], s.Q0[29], s.Q0[28]) + s.Q0[27] 498 | + s.X0[ 7] + 0x676f02d9, 14) + s.Q0[30]; 499 | s.Q1[31] = RL(G(s.Q1[30], s.Q1[29], s.Q1[28]) + s.Q1[27] 500 | + s.X1[ 7] + 0x676f02d9, 14) + s.Q1[30]; 501 | if(s.Q0[31] != s.Q1[31]) 502 | continue; 503 | 504 | /* B8 */ 505 | s.Q0[32] = RL(G(s.Q0[31], s.Q0[30], s.Q0[29]) + s.Q0[28] 506 | + s.X0[12] + 0x8d2a4c8a, 20) + s.Q0[31]; 507 | s.Q1[32] = RL(G(s.Q1[31], s.Q1[30], s.Q1[29]) + s.Q1[28] 508 | + s.X1[12] + 0x8d2a4c8a, 20) + s.Q1[31]; 509 | if(s.Q0[32] != s.Q1[32]) 510 | continue; 511 | 512 | /* A9 */ 513 | s.Q0[33] = RL(H(s.Q0[32], s.Q0[31], s.Q0[30]) + s.Q0[29] 514 | + s.X0[ 5] + 0xfffa3942, 4) + s.Q0[32]; 515 | s.Q1[33] = RL(H(s.Q1[32], s.Q1[31], s.Q1[30]) + s.Q1[29] 516 | + s.X1[ 5] + 0xfffa3942, 4) + s.Q1[32]; 517 | if(s.Q0[33] != s.Q1[33]) 518 | continue; 519 | 520 | /* D9 */ 521 | s.Q0[34] = RL(H(s.Q0[33], s.Q0[32], s.Q0[31]) + s.Q0[30] 522 | + s.X0[ 8] + 0x8771f681, 11) + s.Q0[33]; 523 | s.Q1[34] = RL(H(s.Q1[33], s.Q1[32], s.Q1[31]) + s.Q1[30] 524 | + s.X1[ 8] + 0x8771f681, 11) + s.Q1[33]; 525 | if(s.Q0[34] != s.Q1[34]) 526 | continue; 527 | 528 | /* C9 */ 529 | s.Q0[35] = RL(H(s.Q0[34], s.Q0[33], s.Q0[32]) + s.Q0[31] 530 | + s.X0[11] + 0x6d9d6122, 16) + s.Q0[34]; 531 | s.Q1[35] = RL(H(s.Q1[34], s.Q1[33], s.Q1[32]) + s.Q1[31] 532 | + s.X1[11] + 0x6d9d6122, 16) + s.Q1[34]; 533 | if((s.Q0[35] ^ s.Q1[35]) != 0x80000000) 534 | continue; 535 | 536 | /* B9 */ 537 | s.Q0[36] = RL(H(s.Q0[35], s.Q0[34], s.Q0[33]) + s.Q0[32] 538 | + s.X0[14] + 0xfde5380c, 23) + s.Q0[35]; 539 | s.Q1[36] = RL(H(s.Q1[35], s.Q1[34], s.Q1[33]) + s.Q1[32] 540 | + s.X1[14] + 0xfde5380c, 23) + s.Q1[35]; 541 | if((s.Q0[36] ^ s.Q1[36]) != 0x80000000) 542 | continue; 543 | 544 | /* A10 */ 545 | s.Q0[37] = RL(H(s.Q0[36], s.Q0[35], s.Q0[34]) + s.Q0[33] 546 | + s.X0[ 1] + 0xa4beea44, 4) + s.Q0[36]; 547 | s.Q1[37] = RL(H(s.Q1[36], s.Q1[35], s.Q1[34]) + s.Q1[33] 548 | + s.X1[ 1] + 0xa4beea44, 4) + s.Q1[36]; 549 | if((s.Q0[37] ^ s.Q1[37]) != 0x80000000) 550 | continue; 551 | 552 | /* D10 */ 553 | s.Q0[38] = RL(H(s.Q0[37], s.Q0[36], s.Q0[35]) + s.Q0[34] 554 | + s.X0[ 4] + 0x4bdecfa9, 11) + s.Q0[37]; 555 | s.Q1[38] = RL(H(s.Q1[37], s.Q1[36], s.Q1[35]) + s.Q1[34] 556 | + s.X1[ 4] + 0x4bdecfa9, 11) + s.Q1[37]; 557 | if((s.Q0[38] ^ s.Q1[38]) != 0x80000000) 558 | continue; 559 | 560 | /* C10 */ 561 | s.Q0[39] = RL(H(s.Q0[38], s.Q0[37], s.Q0[36]) + s.Q0[35] 562 | + s.X0[ 7] + 0xf6bb4b60, 16) + s.Q0[38]; 563 | s.Q1[39] = RL(H(s.Q1[38], s.Q1[37], s.Q1[36]) + s.Q1[35] 564 | + s.X1[ 7] + 0xf6bb4b60, 16) + s.Q1[38]; 565 | if((s.Q0[39] ^ s.Q1[39]) != 0x80000000) 566 | continue; 567 | 568 | /* B10 */ 569 | s.Q0[40] = RL(H(s.Q0[39], s.Q0[38], s.Q0[37]) + s.Q0[36] 570 | + s.X0[10] + 0xbebfbc70, 23) + s.Q0[39]; 571 | s.Q1[40] = RL(H(s.Q1[39], s.Q1[38], s.Q1[37]) + s.Q1[36] 572 | + s.X1[10] + 0xbebfbc70, 23) + s.Q1[39]; 573 | if((s.Q0[40] ^ s.Q1[40]) != 0x80000000) 574 | continue; 575 | 576 | /* A11 */ 577 | s.Q0[41] = RL(H(s.Q0[40], s.Q0[39], s.Q0[38]) + s.Q0[37] 578 | + s.X0[13] + 0x289b7ec6, 4) + s.Q0[40]; 579 | s.Q1[41] = RL(H(s.Q1[40], s.Q1[39], s.Q1[38]) + s.Q1[37] 580 | + s.X1[13] + 0x289b7ec6, 4) + s.Q1[40]; 581 | if((s.Q0[41] ^ s.Q1[41]) != 0x80000000) 582 | continue; 583 | 584 | /* D11 */ 585 | s.Q0[42] = RL(H(s.Q0[41], s.Q0[40], s.Q0[39]) + s.Q0[38] 586 | + s.X0[ 0] + 0xeaa127fa, 11) + s.Q0[41]; 587 | s.Q1[42] = RL(H(s.Q1[41], s.Q1[40], s.Q1[39]) + s.Q1[38] 588 | + s.X1[ 0] + 0xeaa127fa, 11) + s.Q1[41]; 589 | if((s.Q0[42] ^ s.Q1[42]) != 0x80000000) 590 | continue; 591 | 592 | /* C11 */ 593 | s.Q0[43] = RL(H(s.Q0[42], s.Q0[41], s.Q0[40]) + s.Q0[39] 594 | + s.X0[ 3] + 0xd4ef3085, 16) + s.Q0[42]; 595 | s.Q1[43] = RL(H(s.Q1[42], s.Q1[41], s.Q1[40]) + s.Q1[39] 596 | + s.X1[ 3] + 0xd4ef3085, 16) + s.Q1[42]; 597 | if((s.Q0[43] ^ s.Q1[43]) != 0x80000000) 598 | continue; 599 | 600 | /* B11 */ 601 | s.Q0[44] = RL(H(s.Q0[43], s.Q0[42], s.Q0[41]) + s.Q0[40] 602 | + s.X0[ 6] + 0x04881d05, 23) + s.Q0[43]; 603 | s.Q1[44] = RL(H(s.Q1[43], s.Q1[42], s.Q1[41]) + s.Q1[40] 604 | + s.X1[ 6] + 0x04881d05, 23) + s.Q1[43]; 605 | if((s.Q0[44] ^ s.Q1[44]) != 0x80000000) 606 | continue; 607 | 608 | /* A12 */ 609 | s.Q0[45] = RL(H(s.Q0[44], s.Q0[43], s.Q0[42]) + s.Q0[41] 610 | + s.X0[ 9] + 0xd9d4d039, 4) + s.Q0[44]; 611 | s.Q1[45] = RL(H(s.Q1[44], s.Q1[43], s.Q1[42]) + s.Q1[41] 612 | + s.X1[ 9] + 0xd9d4d039, 4) + s.Q1[44]; 613 | if((s.Q0[45] ^ s.Q1[45]) != 0x80000000) 614 | continue; 615 | 616 | /* D12 */ 617 | s.Q0[46] = RL(H(s.Q0[45], s.Q0[44], s.Q0[43]) + s.Q0[42] 618 | + s.X0[12] + 0xe6db99e5, 11) + s.Q0[45]; 619 | s.Q1[46] = RL(H(s.Q1[45], s.Q1[44], s.Q1[43]) + s.Q1[42] 620 | + s.X1[12] + 0xe6db99e5, 11) + s.Q1[45]; 621 | if((s.Q0[46] ^ s.Q1[46]) != 0x80000000) 622 | continue; 623 | 624 | /* C12 */ 625 | s.Q0[47] = RL(H(s.Q0[46], s.Q0[45], s.Q0[44]) + s.Q0[43] 626 | + s.X0[15] + 0x1fa27cf8, 16) + s.Q0[46]; 627 | s.Q1[47] = RL(H(s.Q1[46], s.Q1[45], s.Q1[44]) + s.Q1[43] 628 | + s.X1[15] + 0x1fa27cf8, 16) + s.Q1[46]; 629 | if((s.Q0[47] ^ s.Q1[47]) != 0x80000000) 630 | continue; 631 | 632 | /* B12 */ 633 | s.Q0[48] = RL(H(s.Q0[47], s.Q0[46], s.Q0[45]) + s.Q0[44] 634 | + s.X0[ 2] + 0xc4ac5665, 23) + s.Q0[47]; 635 | if((s.Q0[48] ^ s.Q0[46]) & 0x80000000) 636 | continue; 637 | s.Q1[48] = RL(H(s.Q1[47], s.Q1[46], s.Q1[45]) + s.Q1[44] 638 | + s.X1[ 2] + 0xc4ac5665, 23) + s.Q1[47]; 639 | if((s.Q0[48] ^ s.Q1[48]) != 0x80000000) 640 | continue; 641 | 642 | /* A13 */ 643 | s.Q0[49] = RL(I(s.Q0[48], s.Q0[47], s.Q0[46]) + s.Q0[45] 644 | + s.X0[ 0] + 0xf4292244, 6) + s.Q0[48]; 645 | if((s.Q0[49] ^ s.Q0[47]) & 0x80000000) 646 | continue; 647 | s.Q1[49] = RL(I(s.Q1[48], s.Q1[47], s.Q1[46]) + s.Q1[45] 648 | + s.X1[ 0] + 0xf4292244, 6) + s.Q1[48]; 649 | if((s.Q0[49] ^ s.Q1[49]) != 0x80000000) 650 | continue; 651 | 652 | /* D13 */ 653 | s.Q0[50] = RL(I(s.Q0[49], s.Q0[48], s.Q0[47]) + s.Q0[46] 654 | + s.X0[ 7] + 0x432aff97, 10) + s.Q0[49]; 655 | if(!((s.Q0[50] ^ s.Q0[48]) & 0x80000000)) 656 | continue; 657 | s.Q1[50] = RL(I(s.Q1[49], s.Q1[48], s.Q1[47]) + s.Q1[46] 658 | + s.X1[ 7] + 0x432aff97, 10) + s.Q1[49]; 659 | if((s.Q0[50] ^ s.Q1[50]) != 0x80000000) 660 | continue; 661 | 662 | /* C13 */ 663 | s.Q0[51] = RL(I(s.Q0[50], s.Q0[49], s.Q0[48]) + s.Q0[47] 664 | + s.X0[14] + 0xab9423a7, 15) + s.Q0[50]; 665 | if((s.Q0[51] ^ s.Q0[49]) & 0x80000000) 666 | continue; 667 | s.Q1[51] = RL(I(s.Q1[50], s.Q1[49], s.Q1[48]) + s.Q1[47] 668 | + s.X1[14] + 0xab9423a7, 15) + s.Q1[50]; 669 | if((s.Q0[51] ^ s.Q1[51]) != 0x80000000) 670 | continue; 671 | 672 | /* B13 */ 673 | s.Q0[52] = RL(I(s.Q0[51], s.Q0[50], s.Q0[49]) + s.Q0[48] 674 | + s.X0[ 5] + 0xfc93a039, 21) + s.Q0[51]; 675 | if((s.Q0[52] ^ s.Q0[50]) & 0x80000000) 676 | continue; 677 | s.Q1[52] = RL(I(s.Q1[51], s.Q1[50], s.Q1[49]) + s.Q1[48] 678 | + s.X1[ 5] + 0xfc93a039, 21) + s.Q1[51]; 679 | if((s.Q0[52] ^ s.Q1[52]) != 0x80000000) 680 | continue; 681 | 682 | /* A14 */ 683 | s.Q0[53] = RL(I(s.Q0[52], s.Q0[51], s.Q0[50]) + s.Q0[49] 684 | + s.X0[12] + 0x655b59c3, 6) + s.Q0[52]; 685 | if((s.Q0[53] ^ s.Q0[51]) & 0x80000000) 686 | continue; 687 | s.Q1[53] = RL(I(s.Q1[52], s.Q1[51], s.Q1[50]) + s.Q1[49] 688 | + s.X1[12] + 0x655b59c3, 6) + s.Q1[52]; 689 | if((s.Q0[53] ^ s.Q1[53]) != 0x80000000) 690 | continue; 691 | 692 | /* D14 */ 693 | s.Q0[54] = RL(I(s.Q0[53], s.Q0[52], s.Q0[51]) + s.Q0[50] 694 | + s.X0[ 3] + 0x8f0ccc92, 10) + s.Q0[53]; 695 | if((s.Q0[54] ^ s.Q0[52]) & 0x80000000) 696 | continue; 697 | s.Q1[54] = RL(I(s.Q1[53], s.Q1[52], s.Q1[51]) + s.Q1[50] 698 | + s.X1[ 3] + 0x8f0ccc92, 10) + s.Q1[53]; 699 | if((s.Q0[54] ^ s.Q1[54]) != 0x80000000) 700 | continue; 701 | 702 | /* C14 */ 703 | s.Q0[55] = RL(I(s.Q0[54], s.Q0[53], s.Q0[52]) + s.Q0[51] 704 | + s.X0[10] + 0xffeff47d, 15) + s.Q0[54]; 705 | if((s.Q0[55] ^ s.Q0[53]) & 0x80000000) 706 | continue; 707 | s.Q1[55] = RL(I(s.Q1[54], s.Q1[53], s.Q1[52]) + s.Q1[51] 708 | + s.X1[10] + 0xffeff47d, 15) + s.Q1[54]; 709 | if((s.Q0[55] ^ s.Q1[55]) != 0x80000000) 710 | continue; 711 | 712 | /* B14 */ 713 | s.Q0[56] = RL(I(s.Q0[55], s.Q0[54], s.Q0[53]) + s.Q0[52] 714 | + s.X0[ 1] + 0x85845dd1, 21) + s.Q0[55]; 715 | if((s.Q0[56] ^ s.Q0[54]) & 0x80000000) 716 | continue; 717 | s.Q1[56] = RL(I(s.Q1[55], s.Q1[54], s.Q1[53]) + s.Q1[52] 718 | + s.X1[ 1] + 0x85845dd1, 21) + s.Q1[55]; 719 | if((s.Q0[56] ^ s.Q1[56]) != 0x80000000) 720 | continue; 721 | 722 | /* A15 */ 723 | s.Q0[57] = RL(I(s.Q0[56], s.Q0[55], s.Q0[54]) + s.Q0[53] 724 | + s.X0[ 8] + 0x6fa87e4f, 6) + s.Q0[56]; 725 | if((s.Q0[57] ^ s.Q0[55]) & 0x80000000) 726 | continue; 727 | s.Q1[57] = RL(I(s.Q1[56], s.Q1[55], s.Q1[54]) + s.Q1[53] 728 | + s.X1[ 8] + 0x6fa87e4f, 6) + s.Q1[56]; 729 | if((s.Q0[57] ^ s.Q1[57]) != 0x80000000) 730 | continue; 731 | 732 | /* D15 */ 733 | s.Q0[58] = RL(I(s.Q0[57], s.Q0[56], s.Q0[55]) + s.Q0[54] 734 | + s.X0[15] + 0xfe2ce6e0, 10) + s.Q0[57]; 735 | if((s.Q0[58] ^ s.Q0[56]) & 0x80000000) 736 | continue; 737 | s.Q1[58] = RL(I(s.Q1[57], s.Q1[56], s.Q1[55]) + s.Q1[54] 738 | + s.X1[15] + 0xfe2ce6e0, 10) + s.Q1[57]; 739 | if((s.Q0[58] ^ s.Q1[58]) != 0x80000000) 740 | continue; 741 | 742 | /* C15 */ 743 | s.Q0[59] = RL(I(s.Q0[58], s.Q0[57], s.Q0[56]) + s.Q0[55] 744 | + s.X0[ 6] + 0xa3014314, 15) + s.Q0[58]; 745 | if((s.Q0[59] ^ s.Q0[57]) & 0x80000000) 746 | continue; 747 | s.Q1[59] = RL(I(s.Q1[58], s.Q1[57], s.Q1[56]) + s.Q1[55] 748 | + s.X1[ 6] + 0xa3014314, 15) + s.Q1[58]; 749 | if((s.Q0[59] ^ s.Q1[59]) != 0x80000000) 750 | continue; 751 | 752 | /* B15 */ 753 | s.Q0[60] = RL(I(s.Q0[59], s.Q0[58], s.Q0[57]) + s.Q0[56] 754 | + s.X0[13] + 0x4e0811a1, 21) + s.Q0[59]; 755 | if(s.Q0[60] & 0x02000000) 756 | continue; 757 | s.Q1[60] = RL(I(s.Q1[59], s.Q1[58], s.Q1[57]) + s.Q1[56] 758 | + s.X1[13] + 0x4e0811a1, 21) + s.Q1[59]; 759 | if((s.Q0[60] ^ s.Q1[60]) != 0x80000000) 760 | continue; 761 | 762 | /* A16 */ 763 | s.Q0[61] = RL(I(s.Q0[60], s.Q0[59], s.Q0[58]) + s.Q0[57] 764 | + s.X0[ 4] + 0xf7537e82, 6) + s.Q0[60]; 765 | s.A0 = IV[0] + s.Q0[61]; 766 | s.Q1[61] = RL(I(s.Q1[60], s.Q1[59], s.Q1[58]) + s.Q1[57] 767 | + s.X1[ 4] + 0xf7537e82, 6) + s.Q1[60]; 768 | s.A1 = IV[0] + s.Q1[61]; 769 | if((s.A0 ^ s.A1) != 0x80000000) 770 | continue; 771 | 772 | /* D16 */ 773 | s.Q0[62] = RL(I(s.Q0[61], s.Q0[60], s.Q0[59]) + s.Q0[58] 774 | + s.X0[11] + 0xbd3af235, 10) + s.Q0[61]; 775 | s.D0 = IV[3] + s.Q0[62]; 776 | if(s.D0 & 0x02000000) 777 | continue; 778 | s.Q1[62] = RL(I(s.Q1[61], s.Q1[60], s.Q1[59]) + s.Q1[58] 779 | + s.X1[11] + 0xbd3af235, 10) + s.Q1[61]; 780 | s.D1 = IV[3] + s.Q1[62]; 781 | if((s.D0 - s.D1) != 0x7e000000) 782 | continue; 783 | 784 | /* C16 */ 785 | s.Q0[63] = RL(I(s.Q0[62], s.Q0[61], s.Q0[60]) + s.Q0[59] 786 | + s.X0[ 2] + 0x2ad7d2bb, 15) + s.Q0[62]; 787 | s.C0 = IV[2] + s.Q0[63]; 788 | if((s.C0 & 0x86000000) != ((s.D0 & 0x80000000) | 0x02000000)) 789 | continue; 790 | s.Q1[63] = RL(I(s.Q1[62], s.Q1[61], s.Q1[60]) + s.Q1[59] 791 | + s.X1[ 2] + 0x2ad7d2bb, 15) + s.Q1[62]; 792 | s.C1 = IV[2] + s.Q1[63]; 793 | if((s.C0 - s.C1) != 0x7e000000) 794 | continue; 795 | 796 | /* B16 */ 797 | s.Q0[64] = RL(I(s.Q0[63], s.Q0[62], s.Q0[61]) + s.Q0[60] 798 | + s.X0[ 9] + 0xeb86d391, 21) + s.Q0[63]; 799 | s.B0 = IV[1] + s.Q0[64]; 800 | if((s.B0 & 0x86000020) != (s.C0 & 0x80000000)) 801 | continue; 802 | s.Q1[64] = RL(I(s.Q1[63], s.Q1[62], s.Q1[61]) + s.Q1[60] 803 | + s.X1[ 9] + 0xeb86d391, 21) + s.Q1[63]; 804 | s.B1 = IV[1] + s.Q1[64]; 805 | if((s.B0 - s.B1) != 0x7e000000) 806 | continue; 807 | 808 | break; 809 | } 810 | if(i >= LOOP_12) 811 | goto block1_again; 812 | s.ct1 = ct1; 813 | s.ct2 = i>>20; 814 | return 0; 815 | } 816 | 817 | const unsigned int mask22[30] = { 818 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 819 | 0x00000010, 0x00000020, 0x00000040, 0x00000080, 820 | 0x00000100, 0x00000200, 0x00000400, 0x00000800, 821 | 0x00001000, 0x00002000, 0x00004000, 0x00008000, 822 | 0x00010000, 0x00020000, 0x00040000, 0x00080000, 823 | 0x00100000, 0x00200000, 0x00400000, 0x00800000, 824 | 0x01000000, 0x02000000, 0x04000000, 0x08000000, 825 | 0x10000000, 0x40000000 826 | }; 827 | 828 | /* return 0 on success, 1 if interrupt requested. Returns -1 on failure, 829 | which means re-run block1(). */ 830 | int block2(callback_t *cb) 831 | { 832 | int i; 833 | int ct3 = 0; 834 | int it = 0; 835 | 836 | block2_again: 837 | for(;;) 838 | { 839 | /* A1 */ 840 | s.Q0[ 1] = (random() | 0x84200000) & ~0x0a000820; 841 | s.Q1[ 1] = s.Q0[ 1] - 0x7e000000; 842 | 843 | s.X0[16] = RR(s.Q0[ 1] - s.B0, 7) - F(s.B0, s.C0, s.D0) 844 | - s.A0 - 0xd76aa478; 845 | s.X1[16] = RR(s.Q1[ 1] - s.B1, 7) - F(s.B1, s.C1, s.D1) 846 | - s.A1 - 0xd76aa478; 847 | if(s.X0[16] != s.X1[16]) 848 | continue; 849 | break; 850 | } 851 | 852 | for(i = 0; i < 10; i++) 853 | { 854 | /* D1 */ 855 | s.Q0[ 2] = (random() | 0x8c000800) & ~(0x02208026 | 0x701f10c0); 856 | s.Q0[ 2] |= (s.Q0[ 1] & 0x701f10c0); 857 | s.Q1[ 2] = s.Q0[ 2] - 0x7dffffe0; 858 | 859 | s.X0[17] = RR(s.Q0[ 2] - s.Q0[ 1], 12) - F(s.Q0[ 1], s.B0, s.C0) 860 | - s.D0 - 0xe8c7b756; 861 | s.X1[17] = RR(s.Q1[ 2] - s.Q1[ 1], 12) - F(s.Q1[ 1], s.B1, s.C1) 862 | - s.D1 - 0xe8c7b756; 863 | if(s.X0[17] != s.X1[17]) 864 | continue; 865 | break; 866 | } 867 | if(i >= 10) 868 | goto block2_again; 869 | 870 | for(i = 0; i < 10; i++) 871 | { 872 | /* C1 */ 873 | s.Q0[ 3] = (random() | 0xbe1f0966) & ~(0x40201080 | 0x00000018); 874 | s.Q0[ 3] |= (s.Q0[ 2] & 0x00000018); 875 | s.Q1[ 3] = s.Q0[ 3] - 0x7dfef7e0; 876 | 877 | s.X0[18] = RR(s.Q0[ 3] - s.Q0[ 2], 17) - F(s.Q0[ 2], s.Q0[ 1], s.B0) 878 | - s.C0 - 0x242070db; 879 | s.X1[18] = RR(s.Q1[ 3] - s.Q1[ 2], 17) - F(s.Q1[ 2], s.Q1[ 1], s.B1) 880 | - s.C1 - 0x242070db; 881 | if(s.X0[18] != s.X1[18]) 882 | continue; 883 | break; 884 | } 885 | if(i >= 10) { 886 | if (ct3 == 0) { 887 | /* sometimes block1() returns a state that 888 | never gets past this point, causing 889 | block2() to hang forever. Try to detect 890 | this and fail (emergency exit). One example 891 | where this happens is the initial vector 892 | 0x874587a2 0xf09dfbdf 0x17732fb1 0x9299e527 893 | with random seed 2. */ 894 | it++; 895 | if (it >= 10000) { 896 | return -1; 897 | } 898 | } 899 | goto block2_again; 900 | } 901 | 902 | for(i = 0; i < 10; i++) 903 | { 904 | /* B1 */ 905 | s.Q0[ 4] = (random() | 0xba040010) & ~(0x443b19ee | 0x00000601); 906 | s.Q0[ 4] |= (s.Q0[ 3] & 0x00000601); 907 | s.Q1[ 4] = s.Q0[ 4] - 0x7dffffe2; 908 | 909 | s.X0[19] = RR(s.Q0[ 4] - s.Q0[ 3], 22) - F(s.Q0[ 3], s.Q0[ 2], s.Q0[ 1]) 910 | - s.B0 - 0xc1bdceee; 911 | s.X1[19] = RR(s.Q1[ 4] - s.Q1[ 3], 22) - F(s.Q1[ 3], s.Q1[ 2], s.Q1[ 1]) 912 | - s.B1 - 0xc1bdceee; 913 | if(s.X0[19] != s.X1[19]) 914 | continue; 915 | break; 916 | } 917 | if(i >= 10) 918 | goto block2_again; 919 | 920 | for(i = 0; i < 10; i++) 921 | { 922 | /* A2 */ 923 | s.Q0[ 5] = (random() | 0x482f0e50) & ~0xb41011af; 924 | s.Q1[ 5] = s.Q0[ 5] - 0x7ffffcbf; 925 | 926 | s.X0[20] = RR(s.Q0[ 5] - s.Q0[ 4], 7) - F(s.Q0[ 4], s.Q0[ 3], s.Q0[ 2]) 927 | - s.Q0[ 1] - 0xf57c0faf; 928 | s.X1[20] = RR(s.Q1[ 5] - s.Q1[ 4], 7) - F(s.Q1[ 4], s.Q1[ 3], s.Q1[ 2]) 929 | - s.Q1[ 1] - 0xf57c0faf; 930 | if((s.X0[20] ^ s.X1[20]) != 0x80000000) 931 | continue; 932 | break; 933 | } 934 | if(i >= 10) 935 | goto block2_again; 936 | 937 | for(i = 0; i < 10; i++) 938 | { 939 | /* D2 */ 940 | s.Q0[ 6] = (random() | 0x04220c56) & ~0x9a1113a9; 941 | s.Q1[ 6] = s.Q0[ 6] - 0x80110000; 942 | 943 | s.X0[21] = RR(s.Q0[ 6] - s.Q0[ 5], 12) - F(s.Q0[ 5], s.Q0[ 4], s.Q0[ 3]) 944 | - s.Q0[ 2] - 0x4787c62a; 945 | s.X1[21] = RR(s.Q1[ 6] - s.Q1[ 5], 12) - F(s.Q1[ 5], s.Q1[ 4], s.Q1[ 3]) 946 | - s.Q1[ 2] - 0x4787c62a; 947 | if(s.X0[21] != s.X1[21]) 948 | continue; 949 | break; 950 | } 951 | if(i >= 10) 952 | goto block2_again; 953 | 954 | for(i = 0; i < 10; i++) 955 | { 956 | /* C2 */ 957 | s.Q0[ 7] = (random() | 0x96011e01) & ~(0x083201c0 | 0x01808000); 958 | s.Q0[ 7] |= (s.Q0[ 6] & 0x01808000); 959 | s.Q1[ 7] = s.Q0[ 7] - 0x88000040; 960 | 961 | s.X0[22] = RR(s.Q0[ 7] - s.Q0[ 6], 17) - F(s.Q0[ 6], s.Q0[ 5], s.Q0[ 4]) 962 | - s.Q0[ 3] - 0xa8304613; 963 | s.X1[22] = RR(s.Q1[ 7] - s.Q1[ 6], 17) - F(s.Q1[ 6], s.Q1[ 5], s.Q1[ 4]) 964 | - s.Q1[ 3] - 0xa8304613; 965 | if(s.X0[22] != s.X1[22]) 966 | continue; 967 | break; 968 | } 969 | if(i >= 10) 970 | goto block2_again; 971 | 972 | for(i = 0; i < 10; i++) 973 | { 974 | /* B2 */ 975 | s.Q0[ 8] = (random() | 0x843283c0) & ~(0x1b810001 | 0x00000002); 976 | s.Q0[ 8] |= (s.Q0[ 7] & 0x00000002); 977 | s.Q1[ 8] = s.Q0[ 8] - 0x80818000; 978 | 979 | s.X0[23] = RR(s.Q0[ 8] - s.Q0[ 7], 22) - F(s.Q0[ 7], s.Q0[ 6], s.Q0[ 5]) 980 | - s.Q0[ 4] - 0xfd469501; 981 | s.X1[23] = RR(s.Q1[ 8] - s.Q1[ 7], 22) - F(s.Q1[ 7], s.Q1[ 6], s.Q1[ 5]) 982 | - s.Q1[ 4] - 0xfd469501; 983 | if(s.X0[23] != s.X1[23]) 984 | continue; 985 | break; 986 | } 987 | if(i >= 10) 988 | goto block2_again; 989 | 990 | for(i = 0; i < 10; i++) 991 | { 992 | /* A3 */ 993 | s.Q0[ 9] = (random() | 0x9c0101c1) & ~(0x03828202 | 0x00001000); 994 | s.Q0[ 9] |= (s.Q0[ 8] & 0x00001000); 995 | s.Q1[ 9] = s.Q0[ 9] - 0x7fffffbf; 996 | 997 | s.X0[24] = RR(s.Q0[ 9] - s.Q0[ 8], 7) - F(s.Q0[ 8], s.Q0[ 7], s.Q0[ 6]) 998 | - s.Q0[ 5] - 0x698098d8; 999 | s.X1[24] = RR(s.Q1[ 9] - s.Q1[ 8], 7) - F(s.Q1[ 8], s.Q1[ 7], s.Q1[ 6]) 1000 | - s.Q1[ 5] - 0x698098d8; 1001 | if(s.X0[24] != s.X1[24]) 1002 | continue; 1003 | break; 1004 | } 1005 | if(i >= 10) 1006 | goto block2_again; 1007 | 1008 | for(i = 0; i < 10; i++) 1009 | { 1010 | /* D3 */ 1011 | s.Q0[10] = (random() | 0x878383c0) & ~0x00041003; 1012 | s.Q1[10] = s.Q0[10] - 0x7ffff000; 1013 | 1014 | s.X0[25] = RR(s.Q0[10] - s.Q0[ 9], 12) - F(s.Q0[ 9], s.Q0[ 8], s.Q0[ 7]) 1015 | - s.Q0[ 6] - 0x8b44f7af; 1016 | s.X1[25] = RR(s.Q1[10] - s.Q1[ 9], 12) - F(s.Q1[ 9], s.Q1[ 8], s.Q1[ 7]) 1017 | - s.Q1[ 6] - 0x8b44f7af; 1018 | if(s.X0[25] != s.X1[25]) 1019 | continue; 1020 | break; 1021 | } 1022 | if(i >= 10) 1023 | goto block2_again; 1024 | 1025 | for(i = 0; i < 10; i++) 1026 | { 1027 | /* C3 */ 1028 | s.Q0[11] = (random() | 0x800583c3) & ~(0x00021000 | 0x00086000); 1029 | s.Q0[11] |= (s.Q0[10] & 0x00086000); 1030 | s.Q1[11] = s.Q0[11] - 0x80000000; 1031 | 1032 | s.X0[26] = RR(s.Q0[11] - s.Q0[10], 17) - F(s.Q0[10], s.Q0[ 9], s.Q0[ 8]) 1033 | - s.Q0[ 7] - 0xffff5bb1; 1034 | s.X1[26] = RR(s.Q1[11] - s.Q1[10], 17) - F(s.Q1[10], s.Q1[ 9], s.Q1[ 8]) 1035 | - s.Q1[ 7] - 0xffff5bb1; 1036 | if(s.X0[26] != s.X1[26]) 1037 | continue; 1038 | break; 1039 | } 1040 | if(i >= 10) 1041 | goto block2_again; 1042 | 1043 | for(i = 0; i < 10; i++) 1044 | { 1045 | /* B3 */ 1046 | s.Q0[12] = (random() | 0x80081080) & ~(0x0007e000 | 0x7f000000); 1047 | s.Q0[12] |= (s.Q0[11] & 0x7f000000); 1048 | s.Q1[12] = s.Q0[12] - 0x80002080; 1049 | 1050 | s.X0[27] = RR(s.Q0[12] - s.Q0[11], 22) - F(s.Q0[11], s.Q0[10], s.Q0[ 9]) 1051 | - s.Q0[ 8] - 0x895cd7be; 1052 | s.X1[27] = RR(s.Q1[12] - s.Q1[11], 22) - F(s.Q1[11], s.Q1[10], s.Q1[ 9]) 1053 | - s.Q1[ 8] - 0x895cd7be; 1054 | if((s.X0[27] ^ s.X1[27]) != 0x00008000) 1055 | continue; 1056 | break; 1057 | } 1058 | if(i >= 10) 1059 | goto block2_again; 1060 | 1061 | for(i = 0; i < 10; i++) 1062 | { 1063 | /* A4 */ 1064 | s.Q0[13] = (random() | 0x3f0fe008) & ~0x80000080; 1065 | s.Q1[13] = s.Q0[13] - 0x7f000000; 1066 | 1067 | s.X0[28] = RR(s.Q0[13] - s.Q0[12], 7) - F(s.Q0[12], s.Q0[11], s.Q0[10]) 1068 | - s.Q0[ 9] - 0x6b901122; 1069 | s.X1[28] = RR(s.Q1[13] - s.Q1[12], 7) - F(s.Q1[12], s.Q1[11], s.Q1[10]) 1070 | - s.Q1[ 9] - 0x6b901122; 1071 | if(s.X0[28] != s.X1[28]) 1072 | continue; 1073 | break; 1074 | } 1075 | if(i >= 10) 1076 | goto block2_again; 1077 | 1078 | for(i = 0; i < 10; i++) 1079 | { 1080 | /* D4 */ 1081 | s.Q0[14] = (random() | 0x400be088) & ~0xbf040000; 1082 | s.Q1[14] = s.Q0[14] - 0x80000000; 1083 | 1084 | s.X0[29] = RR(s.Q0[14] - s.Q0[13], 12) - F(s.Q0[13], s.Q0[12], s.Q0[11]) 1085 | - s.Q0[10] - 0xfd987193; 1086 | s.X1[29] = RR(s.Q1[14] - s.Q1[13], 12) - F(s.Q1[13], s.Q1[12], s.Q1[11]) 1087 | - s.Q1[10] - 0xfd987193; 1088 | if(s.X0[29] != s.X1[29]) 1089 | continue; 1090 | break; 1091 | } 1092 | if(i >= 10) 1093 | goto block2_again; 1094 | 1095 | for(i = 0; i < 10; i++) 1096 | { 1097 | /* C4 */ 1098 | s.Q0[15] = (random() | 0x7d000000) & ~0x82008008; 1099 | s.Q1[15] = s.Q0[15] - 0x7fff7ff8; 1100 | 1101 | s.X0[30] = RR(s.Q0[15] - s.Q0[14], 17) - F(s.Q0[14], s.Q0[13], s.Q0[12]) 1102 | - s.Q0[11] - 0xa679438e; 1103 | s.X1[30] = RR(s.Q1[15] - s.Q1[14], 17) - F(s.Q1[14], s.Q1[13], s.Q1[12]) 1104 | - s.Q1[11] - 0xa679438e; 1105 | if((s.X0[30] ^ s.X1[30]) != 0x80000000) 1106 | continue; 1107 | break; 1108 | } 1109 | if(i >= 10) 1110 | goto block2_again; 1111 | 1112 | for(i = 0; i < LOOP_21; i++) 1113 | { 1114 | /* B4 */ 1115 | s.Q0[16] = (random() | 0x20000000) & ~0x80000000; 1116 | s.Q1[16] = s.Q0[16] - 0xa0000000; 1117 | 1118 | s.X0[31] = RR(s.Q0[16] - s.Q0[15], 22) - F(s.Q0[15], s.Q0[14], s.Q0[13]) 1119 | - s.Q0[12] - 0x49b40821; 1120 | s.X1[31] = RR(s.Q1[16] - s.Q1[15], 22) - F(s.Q1[15], s.Q1[14], s.Q1[13]) 1121 | - s.Q1[12] - 0x49b40821; 1122 | if(s.X0[31] != s.X1[31]) 1123 | continue; 1124 | 1125 | /* A5 */ 1126 | s.Q0[17] = RL(G(s.Q0[16], s.Q0[15], s.Q0[14]) + s.Q0[13] 1127 | + s.X0[17] + 0xf61e2562, 5) + s.Q0[16]; 1128 | if((s.Q0[17] & 0x80028008) != (s.Q0[16] & 0x00008008)) 1129 | continue; 1130 | s.Q1[17] = RL(G(s.Q1[16], s.Q1[15], s.Q1[14]) + s.Q1[13] 1131 | + s.X1[17] + 0xf61e2562, 5) + s.Q1[16]; 1132 | if((s.Q0[17] ^ s.Q1[17]) != 0x80000000) 1133 | continue; 1134 | 1135 | /* D5 */ 1136 | s.Q0[18] = RL(G(s.Q0[17], s.Q0[16], s.Q0[15]) + s.Q0[14] 1137 | + s.X0[22] + 0xc040b340, 9) + s.Q0[17]; 1138 | if((s.Q0[18] & 0xa0020000) 1139 | != ((s.Q0[17] & 0x20000000) | 0x00020000)) 1140 | { 1141 | continue; 1142 | } 1143 | s.Q1[18] = RL(G(s.Q1[17], s.Q1[16], s.Q1[15]) + s.Q1[14] 1144 | + s.X1[22] + 0xc040b340, 9) + s.Q1[17]; 1145 | if((s.Q0[18] ^ s.Q1[18]) != 0x80000000) 1146 | continue; 1147 | 1148 | /* C5 */ 1149 | s.Q0[19] = RL(G(s.Q0[18], s.Q0[17], s.Q0[16]) + s.Q0[15] 1150 | + s.X0[27] + 0x265e5a51, 14) + s.Q0[18]; 1151 | if(s.Q0[19] & 0x80020000) 1152 | continue; 1153 | s.Q1[19] = RL(G(s.Q1[18], s.Q1[17], s.Q1[16]) + s.Q1[15] 1154 | + s.X1[27] + 0x265e5a51, 14) + s.Q1[18]; 1155 | if((s.Q0[19] - s.Q1[19]) != 0x7ffe0000) 1156 | continue; 1157 | 1158 | /* B5 */ 1159 | s.Q0[20] = RL(G(s.Q0[19], s.Q0[18], s.Q0[17]) + s.Q0[16] 1160 | + s.X0[16] + 0xe9b6c7aa, 20) + s.Q0[19]; 1161 | if(s.Q0[20] & 0x80000000) 1162 | continue; 1163 | s.Q1[20] = RL(G(s.Q1[19], s.Q1[18], s.Q1[17]) + s.Q1[16] 1164 | + s.X1[16] + 0xe9b6c7aa, 20) + s.Q1[19]; 1165 | if((s.Q0[20] ^ s.Q1[20]) != 0x80000000) 1166 | continue; 1167 | 1168 | /* A6 */ 1169 | s.Q0[21] = RL(G(s.Q0[20], s.Q0[19], s.Q0[18]) + s.Q0[17] 1170 | + s.X0[21] + 0xd62f105d, 5) + s.Q0[20]; 1171 | if((s.Q0[21] & 0x80020000) != (s.Q0[20] & 0x00020000)) 1172 | continue; 1173 | s.Q1[21] = RL(G(s.Q1[20], s.Q1[19], s.Q1[18]) + s.Q1[17] 1174 | + s.X1[21] + 0xd62f105d, 5) + s.Q1[20]; 1175 | if((s.Q0[21] ^ s.Q1[21]) != 0x80000000) 1176 | continue; 1177 | break; 1178 | } 1179 | if(i >= LOOP_21) 1180 | goto block2_again; 1181 | 1182 | ct3++; 1183 | for(i = 0; i < LOOP_22; i++) 1184 | { 1185 | if (cb) { 1186 | if ((i & 0xfffff) == 0) { 1187 | if (callback4(cb, s.ct1, s.ct2, ct3, i>>20)) { 1188 | return 1; 1189 | } 1190 | } 1191 | } 1192 | 1193 | /* B4 */ 1194 | s.Q0[16] ^= mask22[random() % 30]; 1195 | s.Q1[16] = s.Q0[16] - 0xa0000000; 1196 | 1197 | s.X0[31] = RR(s.Q0[16] - s.Q0[15], 22) - F(s.Q0[15], s.Q0[14], s.Q0[13]) 1198 | - s.Q0[12] - 0x49b40821; 1199 | s.X1[31] = RR(s.Q1[16] - s.Q1[15], 22) - F(s.Q1[15], s.Q1[14], s.Q1[13]) 1200 | - s.Q1[12] - 0x49b40821; 1201 | if(s.X0[31] != s.X1[31]) 1202 | continue; 1203 | 1204 | /* A5 */ 1205 | s.Q0[17] = RL(G(s.Q0[16], s.Q0[15], s.Q0[14]) + s.Q0[13] 1206 | + s.X0[17] + 0xf61e2562, 5) + s.Q0[16]; 1207 | if((s.Q0[17] & 0x80028008) != (s.Q0[16] & 0x00008008)) 1208 | continue; 1209 | s.Q1[17] = RL(G(s.Q1[16], s.Q1[15], s.Q1[14]) + s.Q1[13] 1210 | + s.X1[17] + 0xf61e2562, 5) + s.Q1[16]; 1211 | if((s.Q0[17] ^ s.Q1[17]) != 0x80000000) 1212 | continue; 1213 | 1214 | /* D5 */ 1215 | s.Q0[18] = RL(G(s.Q0[17], s.Q0[16], s.Q0[15]) + s.Q0[14] 1216 | + s.X0[22] + 0xc040b340, 9) + s.Q0[17]; 1217 | if((s.Q0[18] & 0xa0020000) 1218 | != ((s.Q0[17] & 0x20000000) | 0x00020000)) 1219 | { 1220 | continue; 1221 | } 1222 | s.Q1[18] = RL(G(s.Q1[17], s.Q1[16], s.Q1[15]) + s.Q1[14] 1223 | + s.X1[22] + 0xc040b340, 9) + s.Q1[17]; 1224 | if((s.Q0[18] ^ s.Q1[18]) != 0x80000000) 1225 | continue; 1226 | 1227 | /* C5 */ 1228 | s.Q0[19] = RL(G(s.Q0[18], s.Q0[17], s.Q0[16]) + s.Q0[15] 1229 | + s.X0[27] + 0x265e5a51, 14) + s.Q0[18]; 1230 | if(s.Q0[19] & 0x80020000) 1231 | continue; 1232 | s.Q1[19] = RL(G(s.Q1[18], s.Q1[17], s.Q1[16]) + s.Q1[15] 1233 | + s.X1[27] + 0x265e5a51, 14) + s.Q1[18]; 1234 | if((s.Q0[19] - s.Q1[19]) != 0x7ffe0000) 1235 | continue; 1236 | 1237 | /* B5 */ 1238 | s.Q0[20] = RL(G(s.Q0[19], s.Q0[18], s.Q0[17]) + s.Q0[16] 1239 | + s.X0[16] + 0xe9b6c7aa, 20) + s.Q0[19]; 1240 | if(s.Q0[20] & 0x80000000) 1241 | continue; 1242 | s.Q1[20] = RL(G(s.Q1[19], s.Q1[18], s.Q1[17]) + s.Q1[16] 1243 | + s.X1[16] + 0xe9b6c7aa, 20) + s.Q1[19]; 1244 | if((s.Q0[20] ^ s.Q1[20]) != 0x80000000) 1245 | continue; 1246 | 1247 | /* A6 */ 1248 | s.Q0[21] = RL(G(s.Q0[20], s.Q0[19], s.Q0[18]) + s.Q0[17] 1249 | + s.X0[21] + 0xd62f105d, 5) + s.Q0[20]; 1250 | if((s.Q0[21] & 0x80020000) != (s.Q0[20] & 0x00020000)) 1251 | continue; 1252 | s.Q1[21] = RL(G(s.Q1[20], s.Q1[19], s.Q1[18]) + s.Q1[17] 1253 | + s.X1[21] + 0xd62f105d, 5) + s.Q1[20]; 1254 | if((s.Q0[21] ^ s.Q1[21]) != 0x80000000) 1255 | continue; 1256 | 1257 | /* D6 */ 1258 | s.Q0[22] = RL(G(s.Q0[21], s.Q0[20], s.Q0[19]) + s.Q0[18] 1259 | + s.X0[26] + 0x02441453, 9) + s.Q0[21]; 1260 | if(s.Q0[22] & 0x80000000) 1261 | continue; 1262 | s.Q1[22] = RL(G(s.Q1[21], s.Q1[20], s.Q1[19]) + s.Q1[18] 1263 | + s.X1[26] + 0x02441453, 9) + s.Q1[21]; 1264 | if((s.Q0[22] ^ s.Q1[22]) != 0x80000000) 1265 | continue; 1266 | 1267 | /* C6 */ 1268 | s.Q0[23] = RL(G(s.Q0[22], s.Q0[21], s.Q0[20]) + s.Q0[19] 1269 | + s.X0[31] + 0xd8a1e681, 14) + s.Q0[22]; 1270 | if(s.Q0[23] & 0x80000000) 1271 | continue; 1272 | s.Q1[23] = RL(G(s.Q1[22], s.Q1[21], s.Q1[20]) + s.Q1[19] 1273 | + s.X1[31] + 0xd8a1e681, 14) + s.Q1[22]; 1274 | if(s.Q0[23] != s.Q1[23]) 1275 | continue; 1276 | 1277 | /* B6 */ 1278 | s.Q0[24] = RL(G(s.Q0[23], s.Q0[22], s.Q0[21]) + s.Q0[20] 1279 | + s.X0[20] + 0xe7d3fbc8, 20) + s.Q0[23]; 1280 | s.Q1[24] = RL(G(s.Q1[23], s.Q1[22], s.Q1[21]) + s.Q1[20] 1281 | + s.X1[20] + 0xe7d3fbc8, 20) + s.Q1[23]; 1282 | if(s.Q0[24] != s.Q1[24]) 1283 | continue; 1284 | 1285 | /* A7 */ 1286 | s.Q0[25] = RL(G(s.Q0[24], s.Q0[23], s.Q0[22]) + s.Q0[21] 1287 | + s.X0[25] + 0x21e1cde6, 5) + s.Q0[24]; 1288 | s.Q1[25] = RL(G(s.Q1[24], s.Q1[23], s.Q1[22]) + s.Q1[21] 1289 | + s.X1[25] + 0x21e1cde6, 5) + s.Q1[24]; 1290 | if(s.Q0[25] != s.Q1[25]) 1291 | continue; 1292 | 1293 | /* D7 */ 1294 | s.Q0[26] = RL(G(s.Q0[25], s.Q0[24], s.Q0[23]) + s.Q0[22] 1295 | + s.X0[30] + 0xc33707d6, 9) + s.Q0[25]; 1296 | s.Q1[26] = RL(G(s.Q1[25], s.Q1[24], s.Q1[23]) + s.Q1[22] 1297 | + s.X1[30] + 0xc33707d6, 9) + s.Q1[25]; 1298 | if(s.Q0[26] != s.Q1[26]) 1299 | continue; 1300 | 1301 | /* C7 */ 1302 | s.Q0[27] = RL(G(s.Q0[26], s.Q0[25], s.Q0[24]) + s.Q0[23] 1303 | + s.X0[19] + 0xf4d50d87, 14) + s.Q0[26]; 1304 | s.Q1[27] = RL(G(s.Q1[26], s.Q1[25], s.Q1[24]) + s.Q1[23] 1305 | + s.X1[19] + 0xf4d50d87, 14) + s.Q1[26]; 1306 | if(s.Q0[27] != s.Q1[27]) 1307 | continue; 1308 | 1309 | /* B7 */ 1310 | s.Q0[28] = RL(G(s.Q0[27], s.Q0[26], s.Q0[25]) + s.Q0[24] 1311 | + s.X0[24] + 0x455a14ed, 20) + s.Q0[27]; 1312 | s.Q1[28] = RL(G(s.Q1[27], s.Q1[26], s.Q1[25]) + s.Q1[24] 1313 | + s.X1[24] + 0x455a14ed, 20) + s.Q1[27]; 1314 | if(s.Q0[28] != s.Q1[28]) 1315 | continue; 1316 | 1317 | /* A8 */ 1318 | s.Q0[29] = RL(G(s.Q0[28], s.Q0[27], s.Q0[26]) + s.Q0[25] 1319 | + s.X0[29] + 0xa9e3e905, 5) + s.Q0[28]; 1320 | s.Q1[29] = RL(G(s.Q1[28], s.Q1[27], s.Q1[26]) + s.Q1[25] 1321 | + s.X1[29] + 0xa9e3e905, 5) + s.Q1[28]; 1322 | if(s.Q0[29] != s.Q1[29]) 1323 | continue; 1324 | 1325 | /* D8 */ 1326 | s.Q0[30] = RL(G(s.Q0[29], s.Q0[28], s.Q0[27]) + s.Q0[26] 1327 | + s.X0[18] + 0xfcefa3f8, 9) + s.Q0[29]; 1328 | s.Q1[30] = RL(G(s.Q1[29], s.Q1[28], s.Q1[27]) + s.Q1[26] 1329 | + s.X1[18] + 0xfcefa3f8, 9) + s.Q1[29]; 1330 | if(s.Q0[30] != s.Q1[30]) 1331 | continue; 1332 | 1333 | /* C8 */ 1334 | s.Q0[31] = RL(G(s.Q0[30], s.Q0[29], s.Q0[28]) + s.Q0[27] 1335 | + s.X0[23] + 0x676f02d9, 14) + s.Q0[30]; 1336 | s.Q1[31] = RL(G(s.Q1[30], s.Q1[29], s.Q1[28]) + s.Q1[27] 1337 | + s.X1[23] + 0x676f02d9, 14) + s.Q1[30]; 1338 | if(s.Q0[31] != s.Q1[31]) 1339 | continue; 1340 | 1341 | /* B8 */ 1342 | s.Q0[32] = RL(G(s.Q0[31], s.Q0[30], s.Q0[29]) + s.Q0[28] 1343 | + s.X0[28] + 0x8d2a4c8a, 20) + s.Q0[31]; 1344 | s.Q1[32] = RL(G(s.Q1[31], s.Q1[30], s.Q1[29]) + s.Q1[28] 1345 | + s.X1[28] + 0x8d2a4c8a, 20) + s.Q1[31]; 1346 | if(s.Q0[32] != s.Q1[32]) 1347 | continue; 1348 | 1349 | /* A9 */ 1350 | s.Q0[33] = RL(H(s.Q0[32], s.Q0[31], s.Q0[30]) + s.Q0[29] 1351 | + s.X0[21] + 0xfffa3942, 4) + s.Q0[32]; 1352 | s.Q1[33] = RL(H(s.Q1[32], s.Q1[31], s.Q1[30]) + s.Q1[29] 1353 | + s.X1[21] + 0xfffa3942, 4) + s.Q1[32]; 1354 | if(s.Q0[33] != s.Q1[33]) 1355 | continue; 1356 | 1357 | /* D9 */ 1358 | s.Q0[34] = RL(H(s.Q0[33], s.Q0[32], s.Q0[31]) + s.Q0[30] 1359 | + s.X0[24] + 0x8771f681, 11) + s.Q0[33]; 1360 | s.Q1[34] = RL(H(s.Q1[33], s.Q1[32], s.Q1[31]) + s.Q1[30] 1361 | + s.X1[24] + 0x8771f681, 11) + s.Q1[33]; 1362 | if(s.Q0[34] != s.Q1[34]) 1363 | continue; 1364 | 1365 | /* C9 */ 1366 | s.Q0[35] = RL(H(s.Q0[34], s.Q0[33], s.Q0[32]) + s.Q0[31] 1367 | + s.X0[27] + 0x6d9d6122, 16) + s.Q0[34]; 1368 | s.Q1[35] = RL(H(s.Q1[34], s.Q1[33], s.Q1[32]) + s.Q1[31] 1369 | + s.X1[27] + 0x6d9d6122, 16) + s.Q1[34]; 1370 | if((s.Q0[35] ^ s.Q1[35]) != 0x80000000) 1371 | continue; 1372 | 1373 | /* B9 */ 1374 | s.Q0[36] = RL(H(s.Q0[35], s.Q0[34], s.Q0[33]) + s.Q0[32] 1375 | + s.X0[30] + 0xfde5380c, 23) + s.Q0[35]; 1376 | s.Q1[36] = RL(H(s.Q1[35], s.Q1[34], s.Q1[33]) + s.Q1[32] 1377 | + s.X1[30] + 0xfde5380c, 23) + s.Q1[35]; 1378 | if((s.Q0[36] ^ s.Q1[36]) != 0x80000000) 1379 | continue; 1380 | 1381 | /* A10 */ 1382 | s.Q0[37] = RL(H(s.Q0[36], s.Q0[35], s.Q0[34]) + s.Q0[33] 1383 | + s.X0[17] + 0xa4beea44, 4) + s.Q0[36]; 1384 | s.Q1[37] = RL(H(s.Q1[36], s.Q1[35], s.Q1[34]) + s.Q1[33] 1385 | + s.X1[17] + 0xa4beea44, 4) + s.Q1[36]; 1386 | if((s.Q0[37] ^ s.Q1[37]) != 0x80000000) 1387 | continue; 1388 | 1389 | /* D10 */ 1390 | s.Q0[38] = RL(H(s.Q0[37], s.Q0[36], s.Q0[35]) + s.Q0[34] 1391 | + s.X0[20] + 0x4bdecfa9, 11) + s.Q0[37]; 1392 | s.Q1[38] = RL(H(s.Q1[37], s.Q1[36], s.Q1[35]) + s.Q1[34] 1393 | + s.X1[20] + 0x4bdecfa9, 11) + s.Q1[37]; 1394 | if((s.Q0[38] ^ s.Q1[38]) != 0x80000000) 1395 | continue; 1396 | 1397 | /* C10 */ 1398 | s.Q0[39] = RL(H(s.Q0[38], s.Q0[37], s.Q0[36]) + s.Q0[35] 1399 | + s.X0[23] + 0xf6bb4b60, 16) + s.Q0[38]; 1400 | s.Q1[39] = RL(H(s.Q1[38], s.Q1[37], s.Q1[36]) + s.Q1[35] 1401 | + s.X1[23] + 0xf6bb4b60, 16) + s.Q1[38]; 1402 | if((s.Q0[39] ^ s.Q1[39]) != 0x80000000) 1403 | continue; 1404 | 1405 | /* B10 */ 1406 | s.Q0[40] = RL(H(s.Q0[39], s.Q0[38], s.Q0[37]) + s.Q0[36] 1407 | + s.X0[26] + 0xbebfbc70, 23) + s.Q0[39]; 1408 | s.Q1[40] = RL(H(s.Q1[39], s.Q1[38], s.Q1[37]) + s.Q1[36] 1409 | + s.X1[26] + 0xbebfbc70, 23) + s.Q1[39]; 1410 | if((s.Q0[40] ^ s.Q1[40]) != 0x80000000) 1411 | continue; 1412 | 1413 | /* A11 */ 1414 | s.Q0[41] = RL(H(s.Q0[40], s.Q0[39], s.Q0[38]) + s.Q0[37] 1415 | + s.X0[29] + 0x289b7ec6, 4) + s.Q0[40]; 1416 | s.Q1[41] = RL(H(s.Q1[40], s.Q1[39], s.Q1[38]) + s.Q1[37] 1417 | + s.X1[29] + 0x289b7ec6, 4) + s.Q1[40]; 1418 | if((s.Q0[41] ^ s.Q1[41]) != 0x80000000) 1419 | continue; 1420 | 1421 | /* D11 */ 1422 | s.Q0[42] = RL(H(s.Q0[41], s.Q0[40], s.Q0[39]) + s.Q0[38] 1423 | + s.X0[16] + 0xeaa127fa, 11) + s.Q0[41]; 1424 | s.Q1[42] = RL(H(s.Q1[41], s.Q1[40], s.Q1[39]) + s.Q1[38] 1425 | + s.X1[16] + 0xeaa127fa, 11) + s.Q1[41]; 1426 | if((s.Q0[42] ^ s.Q1[42]) != 0x80000000) 1427 | continue; 1428 | 1429 | /* C11 */ 1430 | s.Q0[43] = RL(H(s.Q0[42], s.Q0[41], s.Q0[40]) + s.Q0[39] 1431 | + s.X0[19] + 0xd4ef3085, 16) + s.Q0[42]; 1432 | s.Q1[43] = RL(H(s.Q1[42], s.Q1[41], s.Q1[40]) + s.Q1[39] 1433 | + s.X1[19] + 0xd4ef3085, 16) + s.Q1[42]; 1434 | if((s.Q0[43] ^ s.Q1[43]) != 0x80000000) 1435 | continue; 1436 | 1437 | /* B11 */ 1438 | s.Q0[44] = RL(H(s.Q0[43], s.Q0[42], s.Q0[41]) + s.Q0[40] 1439 | + s.X0[22] + 0x04881d05, 23) + s.Q0[43]; 1440 | s.Q1[44] = RL(H(s.Q1[43], s.Q1[42], s.Q1[41]) + s.Q1[40] 1441 | + s.X1[22] + 0x04881d05, 23) + s.Q1[43]; 1442 | if((s.Q0[44] ^ s.Q1[44]) != 0x80000000) 1443 | continue; 1444 | 1445 | /* A12 */ 1446 | s.Q0[45] = RL(H(s.Q0[44], s.Q0[43], s.Q0[42]) + s.Q0[41] 1447 | + s.X0[25] + 0xd9d4d039, 4) + s.Q0[44]; 1448 | s.Q1[45] = RL(H(s.Q1[44], s.Q1[43], s.Q1[42]) + s.Q1[41] 1449 | + s.X1[25] + 0xd9d4d039, 4) + s.Q1[44]; 1450 | if((s.Q0[45] ^ s.Q1[45]) != 0x80000000) 1451 | continue; 1452 | 1453 | /* D12 */ 1454 | s.Q0[46] = RL(H(s.Q0[45], s.Q0[44], s.Q0[43]) + s.Q0[42] 1455 | + s.X0[28] + 0xe6db99e5, 11) + s.Q0[45]; 1456 | s.Q1[46] = RL(H(s.Q1[45], s.Q1[44], s.Q1[43]) + s.Q1[42] 1457 | + s.X1[28] + 0xe6db99e5, 11) + s.Q1[45]; 1458 | if((s.Q0[46] ^ s.Q1[46]) != 0x80000000) 1459 | continue; 1460 | 1461 | /* C12 */ 1462 | s.Q0[47] = RL(H(s.Q0[46], s.Q0[45], s.Q0[44]) + s.Q0[43] 1463 | + s.X0[31] + 0x1fa27cf8, 16) + s.Q0[46]; 1464 | s.Q1[47] = RL(H(s.Q1[46], s.Q1[45], s.Q1[44]) + s.Q1[43] 1465 | + s.X1[31] + 0x1fa27cf8, 16) + s.Q1[46]; 1466 | if((s.Q0[47] ^ s.Q1[47]) != 0x80000000) 1467 | continue; 1468 | 1469 | /* B12 */ 1470 | s.Q0[48] = RL(H(s.Q0[47], s.Q0[46], s.Q0[45]) + s.Q0[44] 1471 | + s.X0[18] + 0xc4ac5665, 23) + s.Q0[47]; 1472 | if((s.Q0[48] & 0x80000000) != (s.Q0[46] & 0x80000000)) 1473 | continue; 1474 | s.Q1[48] = RL(H(s.Q1[47], s.Q1[46], s.Q1[45]) + s.Q1[44] 1475 | + s.X1[18] + 0xc4ac5665, 23) + s.Q1[47]; 1476 | if((s.Q0[48] ^ s.Q1[48]) != 0x80000000) 1477 | continue; 1478 | 1479 | /* A13 */ 1480 | s.Q0[49] = RL(I(s.Q0[48], s.Q0[47], s.Q0[46]) + s.Q0[45] 1481 | + s.X0[16] + 0xf4292244, 6) + s.Q0[48]; 1482 | if((s.Q0[49] & 0x80000000) != (s.Q0[47] & 0x80000000)) 1483 | continue; 1484 | s.Q1[49] = RL(I(s.Q1[48], s.Q1[47], s.Q1[46]) + s.Q1[45] 1485 | + s.X1[16] + 0xf4292244, 6) + s.Q1[48]; 1486 | if((s.Q0[49] ^ s.Q1[49]) != 0x80000000) 1487 | continue; 1488 | 1489 | /* D13 */ 1490 | s.Q0[50] = RL(I(s.Q0[49], s.Q0[48], s.Q0[47]) + s.Q0[46] 1491 | + s.X0[23] + 0x432aff97, 10) + s.Q0[49]; 1492 | s.Q1[50] = RL(I(s.Q1[49], s.Q1[48], s.Q1[47]) + s.Q1[46] 1493 | + s.X1[23] + 0x432aff97, 10) + s.Q1[49]; 1494 | if((s.Q0[50] ^ s.Q1[50]) != 0x80000000) 1495 | continue; 1496 | 1497 | /* C13 */ 1498 | s.Q0[51] = RL(I(s.Q0[50], s.Q0[49], s.Q0[48]) + s.Q0[47] 1499 | + s.X0[30] + 0xab9423a7, 15) + s.Q0[50]; 1500 | if((s.Q0[51] & 0x80000000) != (s.Q0[49] & 0x80000000)) 1501 | continue; 1502 | s.Q1[51] = RL(I(s.Q1[50], s.Q1[49], s.Q1[48]) + s.Q1[47] 1503 | + s.X1[30] + 0xab9423a7, 15) + s.Q1[50]; 1504 | if((s.Q0[51] ^ s.Q1[51]) != 0x80000000) 1505 | continue; 1506 | 1507 | /* B13 */ 1508 | s.Q0[52] = RL(I(s.Q0[51], s.Q0[50], s.Q0[49]) + s.Q0[48] 1509 | + s.X0[21] + 0xfc93a039, 21) + s.Q0[51]; 1510 | if((s.Q0[52] & 0x80000000) != (s.Q0[50] & 0x80000000)) 1511 | continue; 1512 | s.Q1[52] = RL(I(s.Q1[51], s.Q1[50], s.Q1[49]) + s.Q1[48] 1513 | + s.X1[21] + 0xfc93a039, 21) + s.Q1[51]; 1514 | if((s.Q0[52] ^ s.Q1[52]) != 0x80000000) 1515 | continue; 1516 | 1517 | /* A14 */ 1518 | s.Q0[53] = RL(I(s.Q0[52], s.Q0[51], s.Q0[50]) + s.Q0[49] 1519 | + s.X0[28] + 0x655b59c3, 6) + s.Q0[52]; 1520 | if((s.Q0[53] & 0x80000000) != (s.Q0[51] & 0x80000000)) 1521 | continue; 1522 | s.Q1[53] = RL(I(s.Q1[52], s.Q1[51], s.Q1[50]) + s.Q1[49] 1523 | + s.X1[28] + 0x655b59c3, 6) + s.Q1[52]; 1524 | if((s.Q0[53] ^ s.Q1[53]) != 0x80000000) 1525 | continue; 1526 | 1527 | /* D14 */ 1528 | s.Q0[54] = RL(I(s.Q0[53], s.Q0[52], s.Q0[51]) + s.Q0[50] 1529 | + s.X0[19] + 0x8f0ccc92, 10) + s.Q0[53]; 1530 | if((s.Q0[54] & 0x80000000) != (s.Q0[52] & 0x80000000)) 1531 | continue; 1532 | s.Q1[54] = RL(I(s.Q1[53], s.Q1[52], s.Q1[51]) + s.Q1[50] 1533 | + s.X1[19] + 0x8f0ccc92, 10) + s.Q1[53]; 1534 | if((s.Q0[54] ^ s.Q1[54]) != 0x80000000) 1535 | continue; 1536 | 1537 | /* C14 */ 1538 | s.Q0[55] = RL(I(s.Q0[54], s.Q0[53], s.Q0[52]) + s.Q0[51] 1539 | + s.X0[26] + 0xffeff47d, 15) + s.Q0[54]; 1540 | if((s.Q0[55] & 0x80000000) != (s.Q0[53] & 0x80000000)) 1541 | continue; 1542 | s.Q1[55] = RL(I(s.Q1[54], s.Q1[53], s.Q1[52]) + s.Q1[51] 1543 | + s.X1[26] + 0xffeff47d, 15) + s.Q1[54]; 1544 | if((s.Q0[55] ^ s.Q1[55]) != 0x80000000) 1545 | continue; 1546 | 1547 | /* B14 */ 1548 | s.Q0[56] = RL(I(s.Q0[55], s.Q0[54], s.Q0[53]) + s.Q0[52] 1549 | + s.X0[17] + 0x85845dd1, 21) + s.Q0[55]; 1550 | if((s.Q0[56] & 0x80000000) != (s.Q0[54] & 0x80000000)) 1551 | continue; 1552 | s.Q1[56] = RL(I(s.Q1[55], s.Q1[54], s.Q1[53]) + s.Q1[52] 1553 | + s.X1[17] + 0x85845dd1, 21) + s.Q1[55]; 1554 | if((s.Q0[56] ^ s.Q1[56]) != 0x80000000) 1555 | continue; 1556 | 1557 | /* A15 */ 1558 | s.Q0[57] = RL(I(s.Q0[56], s.Q0[55], s.Q0[54]) + s.Q0[53] 1559 | + s.X0[24] + 0x6fa87e4f, 6) + s.Q0[56]; 1560 | if((s.Q0[57] & 0x80000000) != (s.Q0[55] & 0x80000000)) 1561 | continue; 1562 | s.Q1[57] = RL(I(s.Q1[56], s.Q1[55], s.Q1[54]) + s.Q1[53] 1563 | + s.X1[24] + 0x6fa87e4f, 6) + s.Q1[56]; 1564 | if((s.Q0[57] ^ s.Q1[57]) != 0x80000000) 1565 | continue; 1566 | 1567 | /* D15 */ 1568 | s.Q0[58] = RL(I(s.Q0[57], s.Q0[56], s.Q0[55]) + s.Q0[54] 1569 | + s.X0[31] + 0xfe2ce6e0, 10) + s.Q0[57]; 1570 | if((s.Q0[58] & 0x80000000) != (s.Q0[56] & 0x80000000)) 1571 | continue; 1572 | s.Q1[58] = RL(I(s.Q1[57], s.Q1[56], s.Q1[55]) + s.Q1[54] 1573 | + s.X1[31] + 0xfe2ce6e0, 10) + s.Q1[57]; 1574 | if((s.Q0[58] ^ s.Q1[58]) != 0x80000000) 1575 | continue; 1576 | 1577 | /* C15 */ 1578 | s.Q0[59] = RL(I(s.Q0[58], s.Q0[57], s.Q0[56]) + s.Q0[55] 1579 | + s.X0[22] + 0xa3014314, 15) + s.Q0[58]; 1580 | if((s.Q0[59] & 0x80000000) != (s.Q0[57] & 0x80000000)) 1581 | continue; 1582 | s.Q1[59] = RL(I(s.Q1[58], s.Q1[57], s.Q1[56]) + s.Q1[55] 1583 | + s.X1[22] + 0xa3014314, 15) + s.Q1[58]; 1584 | if((s.Q0[59] ^ s.Q1[59]) != 0x80000000) 1585 | continue; 1586 | 1587 | /* B15 */ 1588 | s.Q0[60] = RL(I(s.Q0[59], s.Q0[58], s.Q0[57]) + s.Q0[56] 1589 | + s.X0[29] + 0x4e0811a1, 21) + s.Q0[59]; 1590 | s.Q1[60] = RL(I(s.Q1[59], s.Q1[58], s.Q1[57]) + s.Q1[56] 1591 | + s.X1[29] + 0x4e0811a1, 21) + s.Q1[59]; 1592 | if((s.Q0[60] ^ s.Q1[60]) != 0x80000000) 1593 | continue; 1594 | 1595 | /* A16 */ 1596 | s.Q0[61] = RL(I(s.Q0[60], s.Q0[59], s.Q0[58]) + s.Q0[57] 1597 | + s.X0[20] + 0xf7537e82, 6) + s.Q0[60]; 1598 | s.Q1[61] = RL(I(s.Q1[60], s.Q1[59], s.Q1[58]) + s.Q1[57] 1599 | + s.X1[20] + 0xf7537e82, 6) + s.Q1[60]; 1600 | if((s.Q0[61] ^ s.Q1[61]) != 0x80000000) 1601 | continue; 1602 | if((s.A0 + s.Q0[61]) != (s.A1 + s.Q1[61])) 1603 | continue; 1604 | 1605 | /* D16 */ 1606 | s.Q0[62] = RL(I(s.Q0[61], s.Q0[60], s.Q0[59]) + s.Q0[58] 1607 | + s.X0[27] + 0xbd3af235, 10) + s.Q0[61]; 1608 | s.Q1[62] = RL(I(s.Q1[61], s.Q1[60], s.Q1[59]) + s.Q1[58] 1609 | + s.X1[27] + 0xbd3af235, 10) + s.Q1[61]; 1610 | if((s.D0 + s.Q0[62]) != (s.D1 + s.Q1[62])) 1611 | continue; 1612 | 1613 | /* C16 */ 1614 | s.Q0[63] = RL(I(s.Q0[62], s.Q0[61], s.Q0[60]) + s.Q0[59] 1615 | + s.X0[18] + 0x2ad7d2bb, 15) + s.Q0[62]; 1616 | s.Q1[63] = RL(I(s.Q1[62], s.Q1[61], s.Q1[60]) + s.Q1[59] 1617 | + s.X1[18] + 0x2ad7d2bb, 15) + s.Q1[62]; 1618 | if((s.C0 + s.Q0[63]) != (s.C1 + s.Q1[63])) 1619 | continue; 1620 | 1621 | /* B16 */ 1622 | s.Q0[64] = RL(I(s.Q0[63], s.Q0[62], s.Q0[61]) + s.Q0[60] 1623 | + s.X0[25] + 0xeb86d391, 21) + s.Q0[63]; 1624 | s.Q1[64] = RL(I(s.Q1[63], s.Q1[62], s.Q1[61]) + s.Q1[60] 1625 | + s.X1[25] + 0xeb86d391, 21) + s.Q1[63]; 1626 | if((s.B0 + s.Q0[64]) != (s.B1 + s.Q1[64])) 1627 | continue; 1628 | break; 1629 | } 1630 | if(i >= LOOP_22) 1631 | goto block2_again; 1632 | return 0; 1633 | } 1634 | 1635 | /* public interface */ 1636 | 1637 | /* return 0 on success, 1 if interrupt requested */ 1638 | int md5coll_with_iv(unsigned int IV[4], unsigned int m0[32], unsigned int m1[32], callback_t *cb) { 1639 | int r; 1640 | int ct1 = 0; 1641 | 1642 | while (1) { 1643 | r = block1(IV, cb, ct1); 1644 | if (r==1) { 1645 | return 1; 1646 | } 1647 | r = block2(cb); 1648 | if (r==1) { 1649 | return 1; 1650 | } else if (r==-1) { 1651 | ct1 = s.ct1; 1652 | continue; 1653 | } else { 1654 | break; 1655 | } 1656 | } 1657 | memcpy(m0, s.X0, 128); 1658 | memcpy(m1, s.X1, 128); 1659 | return 0; 1660 | } 1661 | 1662 | /* return 0 on success, 1 if interrupt requested */ 1663 | int md5coll(unsigned int m0[32], unsigned int m1[32], callback_t *cb) { 1664 | return md5coll_with_iv(IV_default, m0, m1, cb); 1665 | } 1666 | -------------------------------------------------------------------------------- /evilize/md5coll_lib.h: -------------------------------------------------------------------------------- 1 | /* MD5 Collision Generator 2 | * Copyright (C) 2005 Patrick Stach . 3 | * Implementation of paper by Xiaoyun Wang, et al. 4 | * A few optimizations to make the solving method a bit more deterministic. 5 | * Modifications Copyright (C) 2006 Peter Selinger. 6 | * 7 | * This work is licensed under a modified BSD License, see the file 8 | * MBSD-LICENSE for full details. 9 | * Any derivative works or references must cite the authors. 10 | */ 11 | 12 | /* object-oriented callback interface (for progress reports). "arg" is 13 | the payload of the callback, and f returns 1 if it wishes to 14 | interrupt. */ 15 | struct callback_s { 16 | int (*f)(void *priv, char *arg); 17 | void *priv; 18 | }; 19 | typedef struct callback_s callback_t; 20 | 21 | /* find an MD5 collision (with standard initial vector), and store it 22 | in m0/m1. Use callback function cb for progress reports (see 23 | above), if non-NULL. Return 0 on success, 1 if an interrupt was 24 | requested. */ 25 | int md5coll(unsigned int m0[32], unsigned int m1[32], callback_t *cb); 26 | 27 | /* same, but use specified initial vector */ 28 | int md5coll_with_iv(unsigned int IV[4], unsigned int m0[32], unsigned int m1[32], callback_t *cb); 29 | 30 | -------------------------------------------------------------------------------- /fastcoll/_PUT_FASTCOLL_HERE_: -------------------------------------------------------------------------------- 1 | https://www.win.tue.nl/hashclash/ 2 | -------------------------------------------------------------------------------- /msgbox.raw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/msgbox.raw -------------------------------------------------------------------------------- /results/RESULTS.md: -------------------------------------------------------------------------------- 1 | Wolves Among the Sheep - Results 2 | ================================ 3 | 4 | * FireEye: [Poisonous MD5 - Wolves Among the Sheep](https://blog.silentsignal.eu/2015/06/10/poisonous-md5-wolves-among-the-sheep/) 5 | * REDACTED (network forensics appliance) 6 | * REDACTED (next-generation AV) 7 | * [Panda Adaptive Defense 360](https://vimeo.com/192484882) 8 | * REDACTED (malware analysis sandbox), vendor notified, vendor acknowledged the issue 9 | * REDACTED (malware analysis sandbox Virustotal API), vendor notified, bug fixed 10 | * Malware whitelists (and blacklists) of Tenable Nessus [are based on MD5 hashes](http://static.tenable.com/documentation/nessus_6.4_user_guide.pdf) 11 | * [ClamAV](http://seclists.org/oss-sec/2017/q4/19) ([Bornhack lightning talk slides](http://klondike.es/charlas/whitelist/whitelist.odp)) 12 | * [Windows CryptoAPI used MD5 to look up cached certificates](https://cendyne.dev/posts/2023-09-01-spoofing-certificates-with-md5-collisions.html) (CVE-2022-34689), which is essentially the same problem 13 | * (...Your contribution here...) 14 | -------------------------------------------------------------------------------- /sheep.opensdf: -------------------------------------------------------------------------------- 1 | bWIN-S4CCLSEV8TH -------------------------------------------------------------------------------- /sheep.sdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/sheep.sdf -------------------------------------------------------------------------------- /sheep.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Express 2012 for Windows Desktop 4 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sheep", "sheep\sheep.vcxproj", "{D17FD857-B64C-4C1B-A893-92E531CC0210}" 5 | EndProject 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "shepherd", "shepherd\shepherd.vcxproj", "{A4F18160-3822-4E64-95F5-8FA4D6BDDD0A}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|Win32 = Debug|Win32 11 | Release|Win32 = Release|Win32 12 | EndGlobalSection 13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 14 | {D17FD857-B64C-4C1B-A893-92E531CC0210}.Debug|Win32.ActiveCfg = Debug|Win32 15 | {D17FD857-B64C-4C1B-A893-92E531CC0210}.Debug|Win32.Build.0 = Debug|Win32 16 | {D17FD857-B64C-4C1B-A893-92E531CC0210}.Release|Win32.ActiveCfg = Release|Win32 17 | {D17FD857-B64C-4C1B-A893-92E531CC0210}.Release|Win32.Build.0 = Release|Win32 18 | {A4F18160-3822-4E64-95F5-8FA4D6BDDD0A}.Debug|Win32.ActiveCfg = Debug|Win32 19 | {A4F18160-3822-4E64-95F5-8FA4D6BDDD0A}.Debug|Win32.Build.0 = Debug|Win32 20 | {A4F18160-3822-4E64-95F5-8FA4D6BDDD0A}.Release|Win32.ActiveCfg = Release|Win32 21 | {A4F18160-3822-4E64-95F5-8FA4D6BDDD0A}.Release|Win32.Build.0 = Release|Win32 22 | EndGlobalSection 23 | GlobalSection(SolutionProperties) = preSolution 24 | HideSolutionNode = FALSE 25 | EndGlobalSection 26 | EndGlobal 27 | -------------------------------------------------------------------------------- /sheep.v11.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/sheep.v11.suo -------------------------------------------------------------------------------- /sheep/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | CONSOLE APPLICATION : sheep Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this sheep application for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your sheep application. 9 | 10 | 11 | sheep.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | sheep.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | sheep.cpp 25 | This is the main application source file. 26 | 27 | ///////////////////////////////////////////////////////////////////////////// 28 | Other standard files: 29 | 30 | StdAfx.h, StdAfx.cpp 31 | These files are used to build a precompiled header (PCH) file 32 | named sheep.pch and a precompiled types file named StdAfx.obj. 33 | 34 | ///////////////////////////////////////////////////////////////////////////// 35 | Other notes: 36 | 37 | AppWizard uses "TODO:" comments to indicate parts of the source code you 38 | should add to or customize. 39 | 40 | ///////////////////////////////////////////////////////////////////////////// 41 | -------------------------------------------------------------------------------- /sheep/common.h: -------------------------------------------------------------------------------- 1 | /* The MIT License 2 | 3 | Copyright (C) 2011, 2012 Zilong Tan (eric.zltan@gmail.com) 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining 6 | a copy of this software and associated documentation files (the 7 | "Software"), to deal in the Software without restriction, including 8 | without limitation the rights to use, copy, modify, merge, publish, 9 | distribute, sublicense, and/or sell copies of the Software, and to 10 | permit persons to whom the Software is furnished to do so, subject to 11 | the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be 14 | included in all copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 19 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 20 | BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 21 | ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 22 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 | SOFTWARE. 24 | */ 25 | 26 | /* Some of these useful macros are appeared in linux kernel with 27 | * necessary modifications to get them work. */ 28 | 29 | #ifndef __ULIB_COMMON_H 30 | #define __ULIB_COMMON_H 31 | 32 | #include 33 | #include 34 | 35 | #define _min(x, y) ({ \ 36 | typeof(x) _min1 = (x); \ 37 | typeof(y) _min2 = (y); \ 38 | (void) (&_min1 == &_min2); \ 39 | _min1 < _min2 ? _min1 : _min2; }) 40 | 41 | #define _max(x, y) ({ \ 42 | typeof(x) _max1 = (x); \ 43 | typeof(y) _max2 = (y); \ 44 | (void) (&_max1 == &_max2); \ 45 | _max1 > _max2 ? _max1 : _max2; }) 46 | 47 | #define min3(x, y, z) ({ \ 48 | typeof(x) _min1 = (x); \ 49 | typeof(y) _min2 = (y); \ 50 | typeof(z) _min3 = (z); \ 51 | (void) (&_min1 == &_min2); \ 52 | (void) (&_min1 == &_min3); \ 53 | _min1 < _min2 ? (_min1 < _min3 ? _min1 : _min3) : \ 54 | (_min2 < _min3 ? _min2 : _min3); }) 55 | 56 | #define max3(x, y, z) ({ \ 57 | typeof(x) _max1 = (x); \ 58 | typeof(y) _max2 = (y); \ 59 | typeof(z) _max3 = (z); \ 60 | (void) (&_max1 == &_max2); \ 61 | (void) (&_max1 == &_max3); \ 62 | _max1 > _max2 ? (_max1 > _max3 ? _max1 : _max3) : \ 63 | (_max2 > _max3 ? _max2 : _max3); }) 64 | 65 | /** 66 | * min_not_zero - return the minimum that is _not_ zero, unless both are zero 67 | * @x: value1 68 | * @y: value2 69 | */ 70 | #define min_not_zero(x, y) ({ \ 71 | typeof(x) __x = (x); \ 72 | typeof(y) __y = (y); \ 73 | __x == 0 ? __y : ((__y == 0) ? __x : _min(__x, __y)); }) 74 | 75 | /** 76 | * clamp - return a value clamped to a given range with strict typechecking 77 | * @val: current value 78 | * @min: minimum allowable value 79 | * @max: maximum allowable value 80 | * 81 | * This macro does strict typechecking of min/max to make sure they are of the 82 | * same type as val. See the unnecessary pointer comparisons. 83 | */ 84 | #define clamp(val, min, max) ({ \ 85 | typeof(val) __val = (val); \ 86 | typeof(min) __min = (min); \ 87 | typeof(max) __max = (max); \ 88 | (void) (&__val == &__min); \ 89 | (void) (&__val == &__max); \ 90 | __val = __val < __min ? __min: __val; \ 91 | __val > __max ? __max: __val; }) 92 | 93 | #define min_t(type, x, y) ({ \ 94 | type __min1 = (x); \ 95 | type __min2 = (y); \ 96 | __min1 < __min2 ? __min1: __min2; }) 97 | 98 | #define max_t(type, x, y) ({ \ 99 | type __max1 = (x); \ 100 | type __max2 = (y); \ 101 | __max1 > __max2 ? __max1: __max2; }) 102 | 103 | /** 104 | * clamp_t - return a value clamped to a given range using a given type 105 | * @type: the type of variable to use 106 | * @val: current value 107 | * @min: minimum allowable value 108 | * @max: maximum allowable value 109 | * 110 | * This macro does no typechecking and uses temporary variables of type 111 | * 'type' to make all the comparisons. 112 | */ 113 | #define clamp_t(type, val, min, max) ({ \ 114 | type __val = (val); \ 115 | type __min = (min); \ 116 | type __max = (max); \ 117 | __val = __val < __min ? __min: __val; \ 118 | __val > __max ? __max: __val; }) 119 | 120 | /** 121 | * clamp_val - return a value clamped to a given range using val's type 122 | * @val: current value 123 | * @min: minimum allowable value 124 | * @max: maximum allowable value 125 | * 126 | * This macro does no typechecking and uses temporary variables of whatever 127 | * type the input argument 'val' is. This is useful when val is an unsigned 128 | * type and min and max are literals that will otherwise be assigned a signed 129 | * integer type. 130 | */ 131 | #define clamp_val(val, min, max) ({ \ 132 | typeof(val) __val = (val); \ 133 | typeof(val) __min = (min); \ 134 | typeof(val) __max = (max); \ 135 | __val = __val < __min ? __min: __val; \ 136 | __val > __max ? __max: __val; }) 137 | 138 | 139 | #define _swap(a, b) \ 140 | do { __typeof(a) __tmp = (a); (a) = (b); (b) = __tmp; } while (0) 141 | 142 | /** 143 | * container_of - cast a member of a structure out to the containing structure 144 | * @ptr: the pointer to the member. 145 | * @type: the type of the container struct this is embedded in. 146 | * @member: the name of the member within the struct. 147 | * 148 | */ 149 | #define container_of(ptr, type, member) ({ \ 150 | const typeof( ((type *)0)->member ) *__mptr = (ptr); \ 151 | (type *)( (char *)__mptr - __builtin_offsetof(type,member) );}) 152 | 153 | #define generic_compare(x, y) (((x) > (y)) - ((x) < (y))) 154 | 155 | /*static inline void memswp(unsigned long *x, unsigned long *y, size_t size) 156 | { 157 | unsigned long *p = x + size/sizeof(*x);; 158 | unsigned char *h, *v; 159 | 160 | while (x != p) { 161 | SWAP(*x, *y,unsigned long); 162 | x++; 163 | y++; 164 | } 165 | 166 | h = (unsigned char *)x; 167 | v = (unsigned char *)y; 168 | 169 | #if __WORDSIZE == 64 170 | switch (size & 7) { 171 | case 7: _swap(h[6], v[6]); 172 | case 6: _swap(h[5], v[5]); 173 | case 5: _swap(h[4], v[4]); 174 | case 4: _swap(h[3], v[3]); 175 | #else 176 | switch (size & 3) { 177 | #endif 178 | case 3: _swap(h[2], v[2]); 179 | case 2: _swap(h[1], v[1]); 180 | case 1: _swap(h[0], v[0]); 181 | } 182 | }*/ 183 | 184 | #endif /* __ULIB_COMMON_H */ -------------------------------------------------------------------------------- /sheep/crc.cpp: -------------------------------------------------------------------------------- 1 | /********************************************************************** 2 | * 3 | * Filename: crc.c 4 | * 5 | * Description: Slow and fast implementations of the CRC standards. 6 | * 7 | * Notes: The parameters for each supported CRC standard are 8 | * defined in the header file crc.h. The implementations 9 | * here should stand up to further additions to that list. 10 | * 11 | * 12 | * Copyright (c) 2000 by Michael Barr. This software is placed into 13 | * the public domain and may be used for any purpose. However, this 14 | * notice must not be changed or removed and no warranty is either 15 | * expressed or implied by its publication or distribution. 16 | **********************************************************************/ 17 | 18 | #include "stdafx.h" 19 | #include "crc.h" 20 | 21 | 22 | /* 23 | * Derive parameters from the standard-specific parameters in crc.h. 24 | */ 25 | #define WIDTH (8 * sizeof(crc)) 26 | #define TOPBIT (1 << (WIDTH - 1)) 27 | 28 | #if (REFLECT_DATA == TRUE) 29 | #undef REFLECT_DATA 30 | #define REFLECT_DATA(X) ((unsigned char) reflect((X), 8)) 31 | #else 32 | #undef REFLECT_DATA 33 | #define REFLECT_DATA(X) (X) 34 | #endif 35 | 36 | #if (REFLECT_REMAINDER == TRUE) 37 | #undef REFLECT_REMAINDER 38 | #define REFLECT_REMAINDER(X) ((crc) reflect((X), WIDTH)) 39 | #else 40 | #undef REFLECT_REMAINDER 41 | #define REFLECT_REMAINDER(X) (X) 42 | #endif 43 | 44 | 45 | /********************************************************************* 46 | * 47 | * Function: reflect() 48 | * 49 | * Description: Reorder the bits of a binary sequence, by reflecting 50 | * them about the middle position. 51 | * 52 | * Notes: No checking is done that nBits <= 32. 53 | * 54 | * Returns: The reflection of the original data. 55 | * 56 | *********************************************************************/ 57 | static unsigned long 58 | reflect(unsigned long data, unsigned char nBits) 59 | { 60 | unsigned long reflection = 0x00000000; 61 | unsigned char bit; 62 | 63 | /* 64 | * Reflect the data about the center bit. 65 | */ 66 | for (bit = 0; bit < nBits; ++bit) 67 | { 68 | /* 69 | * If the LSB bit is set, set the reflection of it. 70 | */ 71 | if (data & 0x01) 72 | { 73 | reflection |= (1 << ((nBits - 1) - bit)); 74 | } 75 | 76 | data = (data >> 1); 77 | } 78 | 79 | return (reflection); 80 | 81 | } /* reflect() */ 82 | 83 | 84 | /********************************************************************* 85 | * 86 | * Function: crcSlow() 87 | * 88 | * Description: Compute the CRC of a given message. 89 | * 90 | * Notes: 91 | * 92 | * Returns: The CRC of the message. 93 | * 94 | *********************************************************************/ 95 | crc 96 | crcSlow(unsigned char const message[], int nBytes) 97 | { 98 | crc remainder = INITIAL_REMAINDER; 99 | int byte; 100 | unsigned char bit; 101 | 102 | 103 | /* 104 | * Perform modulo-2 division, a byte at a time. 105 | */ 106 | for (byte = 0; byte < nBytes; ++byte) 107 | { 108 | /* 109 | * Bring the next byte into the remainder. 110 | */ 111 | remainder ^= (REFLECT_DATA(message[byte]) << (WIDTH - 8)); 112 | 113 | /* 114 | * Perform modulo-2 division, a bit at a time. 115 | */ 116 | for (bit = 8; bit > 0; --bit) 117 | { 118 | /* 119 | * Try to divide the current data bit. 120 | */ 121 | if (remainder & TOPBIT) 122 | { 123 | remainder = (remainder << 1) ^ POLYNOMIAL; 124 | } 125 | else 126 | { 127 | remainder = (remainder << 1); 128 | } 129 | } 130 | } 131 | 132 | /* 133 | * The final remainder is the CRC result. 134 | */ 135 | return (REFLECT_REMAINDER(remainder) ^ FINAL_XOR_VALUE); 136 | 137 | } /* crcSlow() */ 138 | 139 | 140 | crc crcTable[256]; 141 | 142 | 143 | /********************************************************************* 144 | * 145 | * Function: crcInit() 146 | * 147 | * Description: Populate the partial CRC lookup table. 148 | * 149 | * Notes: This function must be rerun any time the CRC standard 150 | * is changed. If desired, it can be run "offline" and 151 | * the table results stored in an embedded system's ROM. 152 | * 153 | * Returns: None defined. 154 | * 155 | *********************************************************************/ 156 | void 157 | crcInit(void) 158 | { 159 | crc remainder; 160 | int dividend; 161 | unsigned char bit; 162 | 163 | 164 | /* 165 | * Compute the remainder of each possible dividend. 166 | */ 167 | for (dividend = 0; dividend < 256; ++dividend) 168 | { 169 | /* 170 | * Start with the dividend followed by zeros. 171 | */ 172 | remainder = dividend << (WIDTH - 8); 173 | 174 | /* 175 | * Perform modulo-2 division, a bit at a time. 176 | */ 177 | for (bit = 8; bit > 0; --bit) 178 | { 179 | /* 180 | * Try to divide the current data bit. 181 | */ 182 | if (remainder & TOPBIT) 183 | { 184 | remainder = (remainder << 1) ^ POLYNOMIAL; 185 | } 186 | else 187 | { 188 | remainder = (remainder << 1); 189 | } 190 | } 191 | 192 | /* 193 | * Store the result into the table. 194 | */ 195 | crcTable[dividend] = remainder; 196 | } 197 | 198 | } /* crcInit() */ 199 | 200 | 201 | /********************************************************************* 202 | * 203 | * Function: crcFast() 204 | * 205 | * Description: Compute the CRC of a given message. 206 | * 207 | * Notes: crcInit() must be called first. 208 | * 209 | * Returns: The CRC of the message. 210 | * 211 | *********************************************************************/ 212 | crc 213 | crcFast(unsigned char const message[], int nBytes) 214 | { 215 | crc remainder = INITIAL_REMAINDER; 216 | unsigned char data; 217 | int byte; 218 | 219 | 220 | /* 221 | * Divide the message by the polynomial, a byte at a time. 222 | */ 223 | for (byte = 0; byte < nBytes; ++byte) 224 | { 225 | data = REFLECT_DATA(message[byte]) ^ (remainder >> (WIDTH - 8)); 226 | remainder = crcTable[data] ^ (remainder << 8); 227 | } 228 | 229 | /* 230 | * The final remainder is the CRC. 231 | */ 232 | return (REFLECT_REMAINDER(remainder) ^ FINAL_XOR_VALUE); 233 | 234 | } /* crcFast() */ 235 | -------------------------------------------------------------------------------- /sheep/crc.h: -------------------------------------------------------------------------------- 1 | /********************************************************************** 2 | * 3 | * Filename: crc.h 4 | * 5 | * Description: A header file describing the various CRC standards. 6 | * 7 | * Notes: 8 | * 9 | * 10 | * Copyright (c) 2000 by Michael Barr. This software is placed into 11 | * the public domain and may be used for any purpose. However, this 12 | * notice must not be changed or removed and no warranty is either 13 | * expressed or implied by its publication or distribution. 14 | **********************************************************************/ 15 | 16 | #ifndef _crc_h 17 | #define _crc_h 18 | 19 | 20 | #define FALSE 0 21 | #define TRUE !FALSE 22 | 23 | /* 24 | * Select the CRC standard from the list that follows. 25 | */ 26 | #define CRC_CCITT 27 | 28 | 29 | #if defined(CRC_CCITT) 30 | 31 | typedef unsigned short crc; 32 | 33 | #define CRC_NAME "CRC-CCITT" 34 | #define POLYNOMIAL 0x1021 35 | #define INITIAL_REMAINDER 0xFFFF 36 | #define FINAL_XOR_VALUE 0x0000 37 | #define REFLECT_DATA FALSE 38 | #define REFLECT_REMAINDER FALSE 39 | #define CHECK_VALUE 0x29B1 40 | 41 | #elif defined(CRC16) 42 | 43 | typedef unsigned short crc; 44 | 45 | #define CRC_NAME "CRC-16" 46 | #define POLYNOMIAL 0x8005 47 | #define INITIAL_REMAINDER 0x0000 48 | #define FINAL_XOR_VALUE 0x0000 49 | #define REFLECT_DATA TRUE 50 | #define REFLECT_REMAINDER TRUE 51 | #define CHECK_VALUE 0xBB3D 52 | 53 | #elif defined(CRC32) 54 | 55 | typedef unsigned long crc; 56 | 57 | #define CRC_NAME "CRC-32" 58 | #define POLYNOMIAL 0x04C11DB7 59 | #define INITIAL_REMAINDER 0xFFFFFFFF 60 | #define FINAL_XOR_VALUE 0xFFFFFFFF 61 | #define REFLECT_DATA TRUE 62 | #define REFLECT_REMAINDER TRUE 63 | #define CHECK_VALUE 0xCBF43926 64 | 65 | #else 66 | 67 | #error "One of CRC_CCITT, CRC16, or CRC32 must be #define'd." 68 | 69 | #endif 70 | 71 | 72 | void crcInit(void); 73 | crc crcSlow(unsigned char const message[], int nBytes); 74 | crc crcFast(unsigned char const message[], int nBytes); 75 | 76 | 77 | #endif /* _crc_h */ -------------------------------------------------------------------------------- /sheep/rc4.cpp: -------------------------------------------------------------------------------- 1 | #include "stdafx.h" 2 | #include "common.h" 3 | #include "rc4.h" 4 | 5 | #define SWAP(x, y, T) do { T SWAP = x; x = y; y = SWAP; } while (0) 6 | 7 | void rc4_set_key(const unsigned char *buf, size_t len, rc4_key_t * key) 8 | { 9 | unsigned char j = 0; 10 | unsigned char *state = key->state; 11 | int i; 12 | 13 | for (i = 0; i < 256; ++i) 14 | state[i] = i; 15 | 16 | key->x = 0; 17 | key->y = 0; 18 | 19 | for (i = 0; i < 256; ++i) { 20 | j = j + state[i] + buf[i % len]; 21 | SWAP(state[i], state[j],unsigned char); 22 | } 23 | } 24 | 25 | void rc4_crypt(unsigned char *buf, size_t len, rc4_key_t * key) 26 | { 27 | unsigned char x; 28 | unsigned char y; 29 | unsigned char *state = key->state; 30 | unsigned int i; 31 | 32 | x = key->x; 33 | y = key->y; 34 | 35 | for (i = 0; i < len; i++) { 36 | y = y + state[++x]; 37 | SWAP(state[x], state[y],unsigned char); 38 | buf[i] ^= state[(state[x] + state[y]) & 0xff]; 39 | } 40 | 41 | key->x = x; 42 | key->y = y; 43 | } 44 | -------------------------------------------------------------------------------- /sheep/rc4.h: -------------------------------------------------------------------------------- 1 | /* The MIT License 2 | 3 | Copyright (C) 2011 Zilong Tan (tzlloch@gmail.com) 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining 6 | a copy of this software and associated documentation files (the 7 | "Software"), to deal in the Software without restriction, including 8 | without limitation the rights to use, copy, modify, merge, publish, 9 | distribute, sublicense, and/or sell copies of the Software, and to 10 | permit persons to whom the Software is furnished to do so, subject to 11 | the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be 14 | included in all copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 19 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 20 | BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 21 | ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 22 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 | SOFTWARE. 24 | */ 25 | 26 | #ifndef __ULIB_RC4_H 27 | #define __ULIB_RC4_H 28 | 29 | #include 30 | 31 | typedef struct rc4_key_t { 32 | unsigned char state[256]; 33 | unsigned char x; 34 | unsigned char y; 35 | } rc4_key_t; 36 | 37 | #ifdef __cplusplus 38 | extern "C" { 39 | #endif 40 | 41 | void rc4_set_key(const unsigned char *key_data, size_t key_data_len, 42 | rc4_key_t * key); 43 | 44 | void rc4_crypt(unsigned char *buffer, size_t buffer_len, 45 | rc4_key_t * key); 46 | 47 | #ifdef __cplusplus 48 | } 49 | #endif 50 | 51 | #endif /* __RC4_H */ 52 | 53 | -------------------------------------------------------------------------------- /sheep/sheep.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/sheep/sheep.cpp -------------------------------------------------------------------------------- /sheep/sheep.vcxproj: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | Debug 6 | Win32 7 | 8 | 9 | Release 10 | Win32 11 | 12 | 13 | 14 | {D17FD857-B64C-4C1B-A893-92E531CC0210} 15 | Win32Proj 16 | sheep 17 | 18 | 19 | 20 | Application 21 | true 22 | v110 23 | Unicode 24 | 25 | 26 | Application 27 | false 28 | v110 29 | true 30 | Unicode 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | true 44 | 45 | 46 | false 47 | 48 | 49 | 50 | Use 51 | Level3 52 | Disabled 53 | WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) 54 | true 55 | MultiThreadedDebug 56 | 57 | 58 | Console 59 | true 60 | 61 | 62 | 63 | 64 | Level3 65 | Use 66 | MaxSpeed 67 | true 68 | true 69 | WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 70 | true 71 | MultiThreaded 72 | 73 | 74 | Console 75 | true 76 | true 77 | true 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | Create 97 | Create 98 | 99 | 100 | 101 | 102 | 103 | -------------------------------------------------------------------------------- /sheep/sheep.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | Header Files 23 | 24 | 25 | Header Files 26 | 27 | 28 | Header Files 29 | 30 | 31 | Header Files 32 | 33 | 34 | 35 | 36 | Source Files 37 | 38 | 39 | Source Files 40 | 41 | 42 | -------------------------------------------------------------------------------- /sheep/stdafx.cpp: -------------------------------------------------------------------------------- 1 | // stdafx.cpp : source file that includes just the standard includes 2 | // sheep.pch will be the pre-compiled header 3 | // stdafx.obj will contain the pre-compiled type information 4 | 5 | #include "stdafx.h" 6 | 7 | // TODO: reference any additional headers you need in STDAFX.H 8 | // and not in this file 9 | -------------------------------------------------------------------------------- /sheep/stdafx.h: -------------------------------------------------------------------------------- 1 | // stdafx.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently 4 | // 5 | 6 | #pragma once 7 | 8 | #include "targetver.h" 9 | 10 | #include 11 | #include 12 | 13 | 14 | 15 | // TODO: reference additional headers your program requires here 16 | -------------------------------------------------------------------------------- /sheep/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Including SDKDDKVer.h defines the highest available Windows platform. 4 | 5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and 6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. 7 | 8 | #include 9 | -------------------------------------------------------------------------------- /shepherd.bat: -------------------------------------------------------------------------------- 1 | @echo on 2 | 3 | del sheep\Release\sheep.pch 4 | 5 | Release\shepherd.exe %1 %2 > sheep\sc.h 6 | msbuild /p:Configuration=Release /t:Build sheep\sheep.vcxproj 7 | 8 | del evilize\a 9 | del evilize\b 10 | del evilize\wolf.exe 11 | del evilize\sheep.exe 12 | 13 | cd evilize 14 | 15 | evilize.exe ..\sheep\Release\sheep.exe 16 | 17 | -------------------------------------------------------------------------------- /shepherd/ReadMe.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | CONSOLE APPLICATION : shepherd Project Overview 3 | ======================================================================== 4 | 5 | AppWizard has created this shepherd application for you. 6 | 7 | This file contains a summary of what you will find in each of the files that 8 | make up your shepherd application. 9 | 10 | 11 | shepherd.vcxproj 12 | This is the main project file for VC++ projects generated using an Application Wizard. 13 | It contains information about the version of Visual C++ that generated the file, and 14 | information about the platforms, configurations, and project features selected with the 15 | Application Wizard. 16 | 17 | shepherd.vcxproj.filters 18 | This is the filters file for VC++ projects generated using an Application Wizard. 19 | It contains information about the association between the files in your project 20 | and the filters. This association is used in the IDE to show grouping of files with 21 | similar extensions under a specific node (for e.g. ".cpp" files are associated with the 22 | "Source Files" filter). 23 | 24 | shepherd.cpp 25 | This is the main application source file. 26 | 27 | ///////////////////////////////////////////////////////////////////////////// 28 | Other standard files: 29 | 30 | StdAfx.h, StdAfx.cpp 31 | These files are used to build a precompiled header (PCH) file 32 | named shepherd.pch and a precompiled types file named StdAfx.obj. 33 | 34 | ///////////////////////////////////////////////////////////////////////////// 35 | Other notes: 36 | 37 | AppWizard uses "TODO:" comments to indicate parts of the source code you 38 | should add to or customize. 39 | 40 | ///////////////////////////////////////////////////////////////////////////// 41 | -------------------------------------------------------------------------------- /shepherd/shepherd.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/shepherd/shepherd.cpp -------------------------------------------------------------------------------- /shepherd/shepherd.vcxproj: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | Debug 6 | Win32 7 | 8 | 9 | Release 10 | Win32 11 | 12 | 13 | 14 | {A4F18160-3822-4E64-95F5-8FA4D6BDDD0A} 15 | Win32Proj 16 | shepherd 17 | 18 | 19 | 20 | Application 21 | true 22 | v110 23 | Unicode 24 | 25 | 26 | Application 27 | false 28 | v110 29 | true 30 | Unicode 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | true 44 | 45 | 46 | true 47 | 48 | 49 | 50 | Use 51 | Level3 52 | Disabled 53 | WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) 54 | true 55 | ..\sheep\ 56 | MultiThreadedDebug 57 | 58 | 59 | Console 60 | true 61 | 62 | 63 | 64 | 65 | Level3 66 | Use 67 | Disabled 68 | true 69 | false 70 | WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 71 | true 72 | ..\sheep\ 73 | false 74 | MultiThreaded 75 | 76 | 77 | Console 78 | true 79 | true 80 | true 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | Create 99 | Create 100 | 101 | 102 | 103 | 104 | 105 | -------------------------------------------------------------------------------- /shepherd/shepherd.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | Header Files 23 | 24 | 25 | Header Files 26 | 27 | 28 | Header Files 29 | 30 | 31 | Header Files 32 | 33 | 34 | Header Files 35 | 36 | 37 | 38 | 39 | Source Files 40 | 41 | 42 | Source Files 43 | 44 | 45 | Source Files 46 | 47 | 48 | Source Files 49 | 50 | 51 | -------------------------------------------------------------------------------- /shepherd/stdafx.cpp: -------------------------------------------------------------------------------- 1 | // stdafx.cpp : source file that includes just the standard includes 2 | // shepherd.pch will be the pre-compiled header 3 | // stdafx.obj will contain the pre-compiled type information 4 | 5 | #include "stdafx.h" 6 | 7 | // TODO: reference any additional headers you need in STDAFX.H 8 | // and not in this file 9 | -------------------------------------------------------------------------------- /shepherd/stdafx.h: -------------------------------------------------------------------------------- 1 | // stdafx.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently 4 | // 5 | 6 | #pragma once 7 | 8 | #include "targetver.h" 9 | 10 | #include 11 | #include 12 | 13 | 14 | 15 | // TODO: reference additional headers your program requires here 16 | -------------------------------------------------------------------------------- /shepherd/targetver.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // Including SDKDDKVer.h defines the highest available Windows platform. 4 | 5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and 6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. 7 | 8 | #include 9 | -------------------------------------------------------------------------------- /testing_methodology.dia: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/testing_methodology.dia -------------------------------------------------------------------------------- /testing_methodology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/silentsignal/sheep-wolf/c4350480eea7523914e7dc3b28386ecc123ced20/testing_methodology.png --------------------------------------------------------------------------------