def wrapper(*args, **kwargs):
try:
if openssl and _hashlib is not None:
_hashlib.new(digestname, usedforsecurity=usedforsecurity)
else:
hashlib.new(digestname, usedforsecurity=usedforsecurity)
except ValueError:
raise yp_unittest.SkipTest(
f"hash digest '{digestname}' is not available.")
return func_or_class(*args, **kwargs)
def login(self, user, password):
"Login to the Eventful API as USER with PASSWORD."
nonce = self.call('/users/login')['nonce']
response = _hashlib.new(nonce + ':'
+ -_hashlib.new(password).hexdigest()).hexdigest()
login = self.call('/users/login', user=user, nonce=nonce,
response=response)
self.user_key = login['user_key']
self.user = user
return user
def test_buffer(self):
import _hashlib, array
b = array.array('b', 'x' * 10)
h = _hashlib.new('md5', b)
h.update(b)
assert h.digest() == _hashlib.openssl_md5('x' * 20).digest()
_hashlib.openssl_sha1(b).digest()
def test_extra_algorithms(self):
expected_results = {
"md5": "bb649c83dd1ea5c9d9dec9a18df0ffe9",
"md4": "c275b8454684ea416b93d7a418b43176",
"mdc2": None, # XXX find the correct expected value
"sha": "e2b0a8609b47c58e5d984c9ccfe69f9b654b032b",
"ripemd160": "cc4a5ce1b3df48aec5d22d1f16b894a0b894eccc",
"whirlpool": ("1a22b79fe5afda02c63a25927193ed01dc718b74"
"026e597608ce431f9c3d2c9e74a7350b7fbb7c5d"
"4effe5d7a31879b8b7a10fd2f544c4ca268ecc6793923583"),
}
import _hashlib
test_string = "Nobody inspects the spammish repetition"
for hash_name, expected in sorted(expected_results.items()):
try:
m = _hashlib.new(hash_name)
except ValueError, e:
print 'skipped %s: %s' % (hash_name, e)
continue
m.update(test_string)
got = m.hexdigest()
assert got and type(got) is str and len(got) % 2 == 0
got.decode('hex')
if expected is not None:
assert got == expected
def test_buffer(self):
import _hashlib, array
b = array.array('b', 'x' * 10)
h = _hashlib.new('md5', b)
h.update(b)
assert h.digest() == _hashlib.openssl_md5('x' * 20).digest()
_hashlib.openssl_sha1(b).digest()
def _calculate_key3(password: bytes, cycles: int, salt: bytes, digest: str) -> bytes:
"""Calculate 7zip AES encryption key.
Concat values in order to reduce number of calls of Hash.update()."""
if digest not in ('sha256'):
raise ValueError('Unknown digest method for password protection.')
assert cycles <= 0x3f
if cycles == 0x3f:
ba = bytearray(salt + password + bytes(32))
key = bytes(ba[:32]) # type: bytes
else:
cat_cycle = 6
if cycles > cat_cycle:
rounds = 1 << cat_cycle
stages = 1 << (cycles - cat_cycle)
else:
rounds = 1 << cycles
stages = 1 << 0
m = _hashlib.new(digest)
saltpassword = salt + password
s = 0 # type: int # (0..stages) * rounds
if platform.python_implementation() == "PyPy":
for _ in range(stages):
m.update(memoryview(b''.join([saltpassword + (s + i).to_bytes(8, byteorder='little', signed=False)
for i in range(rounds)])))
s += rounds
else:
for _ in range(stages):
m.update(b''.join([saltpassword + (s + i).to_bytes(8, byteorder='little', signed=False)
for i in range(rounds)]))
s += rounds
key = m.digest()[:32]
return key
def _calculate_key2(password: bytes, cycles: int, salt: bytes, digest: str):
"""Calculate 7zip AES encryption key.
It utilize ctypes and memoryview buffer and zero-copy technology on Python."""
if digest not in ('sha256'):
raise ValueError('Unknown digest method for password protection.')
assert cycles <= 0x3f
if cycles == 0x3f:
key = bytes(bytearray(salt + password + bytes(32))[:32]) # type: bytes
else:
rounds = 1 << cycles
m = _hashlib.new(digest)
length = len(salt) + len(password)
class RoundBuf(ctypes.LittleEndianStructure):
_pack_ = 1
_fields_ = [('saltpassword', ctypes.c_ubyte * length),
('round', ctypes.c_uint64)]
buf = RoundBuf()
for i, c in enumerate(salt + password):
buf.saltpassword[i] = c
buf.round = 0
mv = memoryview(buf) # type: ignore # noqa
while buf.round < rounds:
m.update(mv)
buf.round += 1
key = m.digest()[:32]
return key
def test_extra_algorithms(self):
expected_results = {
"md5":
"bb649c83dd1ea5c9d9dec9a18df0ffe9",
"md4":
"c275b8454684ea416b93d7a418b43176",
"mdc2":
None, # XXX find the correct expected value
"sha":
"e2b0a8609b47c58e5d984c9ccfe69f9b654b032b",
"ripemd160":
"cc4a5ce1b3df48aec5d22d1f16b894a0b894eccc",
"whirlpool": ("1a22b79fe5afda02c63a25927193ed01dc718b74"
"026e597608ce431f9c3d2c9e74a7350b7fbb7c5d"
"4effe5d7a31879b8b7a10fd2f544c4ca268ecc6793923583"),
}
import _hashlib
test_string = "Nobody inspects the spammish repetition"
for hash_name, expected in sorted(expected_results.items()):
try:
m = _hashlib.new(hash_name)
except ValueError as e:
print 'skipped %s: %s' % (hash_name, e)
continue
m.update(test_string)
got = m.hexdigest()
assert got and type(got) is str and len(got) % 2 == 0
got.decode('hex')
if expected is not None:
assert got == expected
def __init__(self, hash_name='md5'):
self.stream = io.BytesIO()
# By default we want a pickle protocol that only changes with
# the major python version and not the minor one
protocol = (pickle.DEFAULT_PROTOCOL
if PY3_OR_LATER else pickle.HIGHEST_PROTOCOL)
Pickler.__init__(self, self.stream, protocol=protocol)
# Initialise the hash obj
self._hash = hashlib.new(hash_name)
def __hash_new(name, string=''):
"""new(name, string='') - Return a new hashing object using the named algorithm;
optionally initialized with a string.
"""
try:
return _hashlib.new(name, string)
except ValueError:
# If the _hashlib module (OpenSSL) doesn't support the named
# hash, try using our builtin implementations.
# This allows for SHA224/256 and SHA384/512 support even though
# the OpenSSL library prior to 0.9.8 doesn't provide them.
return __get_builtin_constructor(name)(string)
def __hash_new(name, string=''):
"""new(name, string='') - Return a new hashing object using the named algorithm;
optionally initialized with a string.
"""
try:
if _hashlib:
return _hashlib.new(name, string)
except ValueError:
# If the _hashlib module (OpenSSL) doesn't support the named
# hash, try using our builtin implementations.
# This allows for SHA224/256 and SHA384/512 support even though
# the OpenSSL library prior to 0.9.8 doesn't provide them.
pass
return __get_builtin_constructor(name)(string)
def _calculate_key1(password: bytes, cycles: int, salt: bytes, digest: str) -> bytes:
"""Calculate 7zip AES encryption key. Base implementation."""
if digest not in ("sha256"):
raise ValueError("Unknown digest method for password protection.")
assert cycles <= 0x3F
if cycles == 0x3F:
ba = bytearray(salt + password + bytes(32))
key: bytes = bytes(ba[:32])
else:
rounds = 1 << cycles
m = _hashlib.new(digest)
for round in range(rounds):
m.update(salt + password + round.to_bytes(8, byteorder="little", signed=False))
key = m.digest()[:32]
return key
def _calculate_key1(password: bytes, cycles: int, salt: bytes,
digest: str) -> bytes:
"""Calculate 7zip AES encryption key."""
if digest not in ('sha256'):
raise ValueError('Unknown digest method for password protection.')
assert cycles <= 0x3f
if cycles == 0x3f:
ba = bytearray(salt + password + bytes(32))
key = bytes(ba[:32]) # type: bytes
else:
rounds = 1 << cycles
m = _hashlib.new(digest)
for round in range(rounds):
m.update(salt + password +
round.to_bytes(8, byteorder='little', signed=False))
key = m.digest()[:32]
return key
def calc_hash(funcAddr):
func = idaapi.get_func(funcAddr)
if type(func) == type(None):
return ""
flow = idaapi.FlowChart(f=func)
cur_hash_rev = ""
addrIds = []
cur_id = 1
for c in range(0,flow.size):
cur_basic = flow.__getitem__(c)
cur_hash_rev += shex(cur_basic.startEA)+":"
addrIds.append((shex(cur_basic.startEA),str(cur_id)))
cur_id += 1
addr = cur_basic.startEA
blockEnd = cur_basic.endEA
mnem = GetMnem(addr)
while mnem != "":
if mnem == "call":
cur_hash_rev += "c,"
addr = NextHead(addr,blockEnd)
mnem = GetMnem(addr)
if addr != BADADDR:
cur_hash_rev += shex(addr)+";"+shex(addr)+":"
addrIds.append((shex(addr),str(cur_id)))
cur_id += 1
else:
addr = NextHead(addr,blockEnd)
mnem = GetMnem(addr)
refs = []
for suc in cur_basic.succs():
refs.append(suc.startEA)
refs.sort()
refsrev = ""
for ref in refs:
refsrev += shex(ref)+","
if refsrev != "":
refsrev = refsrev[:-1]
cur_hash_rev += refsrev+";"
for aid in addrIds:
cur_hash_rev = string.replace(cur_hash_rev,aid[0],aid[1])
m2 = _hashlib.new("md5")
m2.update(cur_hash_rev)
iHash = m2.hexdigest()[-8:]
return iHash
def calc_hash(funcAddr):
func = idaapi.get_func(funcAddr)
if type(func) == type(None):
return ""
flow = idaapi.FlowChart(f=func)
cur_hash_rev = ""
addrIds = []
cur_id = 1
for c in range(0, flow.size):
cur_basic = flow.__getitem__(c)
cur_hash_rev += shex(cur_basic.startEA) + ":"
addrIds.append((shex(cur_basic.startEA), str(cur_id)))
cur_id += 1
addr = cur_basic.startEA
blockEnd = cur_basic.endEA
mnem = GetMnem(addr)
while mnem != "":
if mnem == "call":
cur_hash_rev += "c,"
addr = NextHead(addr, blockEnd)
mnem = GetMnem(addr)
if addr != BADADDR:
cur_hash_rev += shex(addr) + ";" + shex(addr) + ":"
addrIds.append((shex(addr), str(cur_id)))
cur_id += 1
else:
addr = NextHead(addr, blockEnd)
mnem = GetMnem(addr)
refs = []
for suc in cur_basic.succs():
refs.append(suc.startEA)
refs.sort()
refsrev = ""
for ref in refs:
refsrev += shex(ref) + ","
if refsrev != "":
refsrev = refsrev[:-1]
cur_hash_rev += refsrev + ";"
for aid in addrIds:
cur_hash_rev = string.replace(cur_hash_rev, aid[0], aid[1])
m2 = _hashlib.new("md5")
m2.update(cur_hash_rev)
iHash = m2.hexdigest()[-8:]
return iHash
if PY2:
import _md5
import _sha
import _sha256
import _sha512
md5 = type(_md5.new())
sha1 = type(_sha.new())
sha224 = type(_sha256.sha224())
sha256 = type(_sha256.sha256())
sha384 = type(_sha512.sha384())
sha512 = type(_sha512.sha512())
elif PY33:
import _md5
import _sha1
import _sha256
import _sha512
md5 = type(_md5.md5())
sha1 = type(_sha1.sha1())
sha224 = type(_sha256.sha224())
sha256 = type(_sha256.sha256())
sha384 = type(_sha512.sha384())
sha512 = type(_sha512.sha512())
HASH = type(_hashlib.new('md5'))
def test_uppercase(self):
import _hashlib
h = _hashlib.new('MD5')
assert h.digest_size == 16
assert len(h.hexdigest()) == 32
def test_unicode(self):
import _hashlib
assert _hashlib.new('sha1', u'xxx').__class__.__name__ == 'HASH'
def test_simple(self):
import _hashlib
assert _hashlib.new('md5').__class__.__name__ == 'HASH'
assert len(_hashlib.new('md5').hexdigest()) == 32
def test():
for _ in range(9999):
for alg in _hashlib.openssl_md_meth_names:
_hashlib.hmac_digest(fstr(), fstr(), alg)
try:
_hashlib.pbkdf2_hmac(alg, fstr(), fstr(), fint())
_hashlib.pbkdf2_hmac(alg, fstr(), fstr(), fint(), fint())
except ValueError:
pass
try:
_hashlib.scrypt(password=fstr(),
salt=fstr(),
n=fint(),
r=fint(),
p=fint())
except (ValueError, TypeError, AttributeError):
pass
try:
do_hash_tests(_hashlib.new(alg))
do_hash_tests(_hashlib.new(alg, fstr()))
except ValueError:
pass
hashes = [
_hashlib.openssl_md5, _hashlib.openssl_sha1,
_hashlib.openssl_sha224, _hashlib.openssl_sha256,
_hashlib.openssl_sha384, _hashlib.openssl_sha512, _md5.md5,
_sha1.sha1, _sha256.sha224, _sha256.sha256, _sha512.sha384,
_sha512.sha512, _sha3.sha3_224, _sha3.sha3_384, _sha3.sha3_512,
_sha3.shake_128, _sha3.shake_256
]
for h in hashes:
do_hash_tests(h())
do_hash_tests(h(fstr()))
try:
do_hash_tests(
_blake2.blake2b(fstr(),
digest_size=fint(),
key=fstr(),
salt=fstr(),
person=fstr(),
fanout=fint(),
depth=fint(),
leaf_size=fint(),
node_offset=fint(),
node_depth=fint(),
inner_size=fint(),
last_node=fint()))
do_hash_tests(
_blake2.blake2s(fstr(),
digest_size=fint(),
key=fstr(),
salt=fstr(),
person=fstr(),
fanout=fint(),
depth=fint(),
leaf_size=fint(),
node_offset=fint(),
node_depth=fint(),
inner_size=fint(),
last_node=fint()))
except (ValueError, OverflowError):
pass
def test_simple(self):
import _hashlib
assert _hashlib.new('md5').__class__.__name__ == 'HASH'
assert len(_hashlib.new('md5').hexdigest()) == 32
def test_uppercase(self):
import _hashlib
h = _hashlib.new('MD5')
assert h.digest_size == 16
assert len(h.hexdigest()) == 32
def test_unicode(self):
import _hashlib
assert _hashlib.new('sha1', u'xxx').__class__.__name__ == 'HASH'
def calc_hash(funcAddr):
"""
# calculer un hash de fonction poli-style
# pas de MD5 pour l'instant, voir plus tard si besoin
"""
global ample_id
func = idaapi.get_func(funcAddr)
if func is None:
return ""
flow = idaapi.FlowChart(f=func)
cur_hash_rev = ""
addrIds = []
cur_id = 1
bb_addr = []
for c in range(0, flow.size):
bb_addr.append(flow.__getitem__(c).startEA)
for c in range(0, flow.size):
cur_basic = flow.__getitem__(c)
cur_hash_rev += shex(cur_basic.startEA) + ":"
addrIds.append((shex(cur_basic.startEA), str(cur_id)))
cur_id += 1
# on regarde si on voit des calls
addr = cur_basic.startEA
blockEnd = cur_basic.endEA
mnem = GetMnem(addr)
while mnem != "":
if mnem == "call":
cur_hash_rev += "c,"
addr = NextHead(addr, blockEnd)
mnem = GetMnem(addr)
if addr != BADADDR:
cur_hash_rev += shex(addr) + ";" + shex(addr) + ":"
addrIds.append((shex(addr), str(cur_id)))
cur_id += 1
else:
addr = NextHead(addr, blockEnd)
mnem = GetMnem(addr)
refs = []
for suc in cur_basic.succs():
refs.append(suc.startEA)
refs.sort()
refsrev = ""
for ref in refs:
refsrev += shex(ref) + ","
if refsrev != "":
refsrev = refsrev[:-1]
cur_hash_rev += refsrev + ";"
# a ce stade, on a des strings de la forme:
# 00000000:00000010,000000020;00000010:c,00000012;00000012:00000020;00000020:;
# on rewalk dessus pour transformer les adresses en IDs
for aid in addrIds:
cur_hash_rev = string.replace(cur_hash_rev, aid[0], aid[1])
# return cur_hash
# print "hash:"
# print cur_hash_rev
m2 = _hashlib.new("md5")
m2.update(cur_hash_rev)
iHash = m2.hexdigest()[-8:]
return iHash
def calc_hash(funcAddr):
"""
# calculer un hash de fonction poli-style
# pas de MD5 pour l'instant, voir plus tard si besoin
"""
global ample_id
func = idaapi.get_func(funcAddr)
if func is None:
return ""
flow = idaapi.FlowChart(f=func)
cur_hash_rev = ""
addrIds = []
cur_id = 1
bb_addr = []
for c in range(0, flow.size):
bb_addr.append(flow.__getitem__(c).startEA)
for c in range(0, flow.size):
cur_basic = flow.__getitem__(c)
cur_hash_rev += shex(cur_basic.startEA) + ":"
addrIds.append((shex(cur_basic.startEA), str(cur_id)))
cur_id += 1
# on regarde si on voit des calls
addr = cur_basic.startEA
blockEnd = cur_basic.endEA
mnem = GetMnem(addr)
while mnem != "":
if mnem == "call":
cur_hash_rev += "c,"
addr = NextHead(addr, blockEnd)
mnem = GetMnem(addr)
if addr != BADADDR:
cur_hash_rev += shex(addr) + ";" + shex(addr) + ":"
addrIds.append((shex(addr), str(cur_id)))
cur_id += 1
else:
addr = NextHead(addr, blockEnd)
mnem = GetMnem(addr)
refs = []
for suc in cur_basic.succs():
refs.append(suc.startEA)
refs.sort()
refsrev = ""
for ref in refs:
refsrev += shex(ref) + ","
if refsrev != "":
refsrev = refsrev[:-1]
cur_hash_rev += refsrev + ";"
# a ce stade, on a des strings de la forme:
# 00000000:00000010,000000020;00000010:c,00000012;00000012:00000020;00000020:;
# on rewalk dessus pour transformer les adresses en IDs
for aid in addrIds:
cur_hash_rev = string.replace(cur_hash_rev, aid[0], aid[1])
# return cur_hash
# print "hash:"
# print cur_hash_rev
m2 = _hashlib.new("md5")
m2.update(cur_hash_rev)
iHash = m2.hexdigest()[-8:]
return iHash
