Merge master into forcedbytes

.github/FUNDING.yml

@@ -0,0 +1 @@
+github: [cr-marcstevens]

.github/workflows/c-cpp.yml

@@ -14,12 +14,17 @@ jobs:
       fail-fast: false
     runs-on: ${{ matrix.os }}
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
     - name: Install dependencies (ubuntu)
       run: sudo apt-get install -y libboost-system-dev libboost-filesystem-dev libboost-iostreams-dev libboost-thread-dev libboost-serialization-dev libboost-program-options-dev
       if: matrix.os == 'ubuntu-latest'
     - name: Install dependencies (macos)
-      run: brew install boost automake
+      run: |
+        brew update
+        brew install boost automake libtool
+        echo "CPATH=$CPATH:$(brew --prefix)/include" >> "$GITHUB_ENV" &&
+        echo "LIBRARY_PATH=$LIBRARY_PATH:$(brew --prefix)/lib" >> "$GITHUB_ENV"
+        echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$(brew --prefix)/lib" >> "$GITHUB_ENV"
       if: matrix.os == 'macos-latest'
     - name: Prepare
       run: autoreconf --install
@@ -40,13 +45,18 @@ jobs:
       fail-fast: false
     runs-on: ${{ matrix.os }}
     steps:
-    - uses: actions/checkout@v2
-    - uses: actions/cache@v2.1.6
+    - uses: actions/checkout@v4
+    - uses: actions/cache@v4
       with:
         path: boost_*.tar.gz
         key: ${{ matrix.os }}
     - name: Install dependencies (macos)
-      run: brew install automake zlib bzip2
+      run: |
+        brew update
+        brew install automake libtool zlib bzip2
+        echo "CPATH=$CPATH:$(brew --prefix)/include" >> "$GITHUB_ENV" &&
+        echo "LIBRARY_PATH=$LIBRARY_PATH:$(brew --prefix)/lib" >> "$GITHUB_ENV"
+        echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$(brew --prefix)/lib" >> "$GITHUB_ENV"
       if: matrix.os == 'macos-latest'
     - name: Build
       run: ./build.sh

Makefile.am

@@ -26,6 +26,7 @@ lib_libhashclash_la_LDFLAGS=-no-undefined
 
 bin_PROGRAMS=\
 	bin/md5_fastcoll \
+	bin/md5_textcoll \
 	bin/md5_diffpathforward \
 	bin/md5_diffpathbackward \
 	bin/md5_diffpathconnect \
@@ -52,6 +53,13 @@ bin_md5_fastcoll_SOURCES=\
 	src/md5fastcoll/block1stevens10.cpp \
 	src/md5fastcoll/block1stevens11.cpp
 
+bin_md5_textcoll_SOURCES=\
+	src/md5textcoll/main.cpp \
+	src/md5textcoll/main.hpp \
+	src/md5textcoll/prepareblock1.cpp \
+	src/md5textcoll/block1.cpp \
+	src/md5textcoll/block2.cpp
+
 bin_md5_diffpathforward_SOURCES=\
 	src/md5forward/dostep.cpp \
 	src/md5forward/forward.cpp \

README.md

@@ -4,6 +4,11 @@
 
 ## Feedback & pingback appreciated!
 
+I'm always curious to hear where HashClash is used for! ([@realhashbreaker](https://twitter.com/realhashbreaker)  on Twitter or let me know via [Issues](https://github.com/cr-marcstevens/hashclash/issues))
+
+
+If you like HashClash and use it more often then please consider becoming a sponsor.
+
 ## Requirements
 
 - C++11 compiler (e.g. g++)
@@ -77,11 +82,11 @@
 
   `echo -n "TEST" > prefix.txt`
 
-  `../scripts/poc_no.sh prefix.txt`
+  `../scripts/generic_ipc.sh prefix.txt`
 
   Note: the prefix file is expected to be a multiple of 64 bytes 
-  and optionally plus a small multiple of 4 bytes.
-  These last bytes will be used as forced message words in steps of 4 bytes
+  and optionally plus 1, 2, or 3 bytes or a small multiple of 4 bytes.
+  These last bytes will be used as forced message words
   inside the first near-collision block.
   Any remaining 1, 2 or 3 bytes of the prefix file are ignored.
 
@@ -104,7 +109,29 @@ $ xxd collision1.bin
 
 - Make your own attack
 
-  Inside poc_no.sh there are three example identical-prefix collision attacks,
+  Inside generic_ipc.sh there are three examples of identical-prefix collision attacks,
   selected by N=1, 2 or 3.
   You can add your own choice of message word differences here
-  and see if you can make own collision attack!
+  and see if you can make your own collision attack!
+
+## Create you own text identical-prefix collision
+
+- Example:
+
+```
+md5("TEXTCOLLBYfGiJUETHQ4hAcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak")
+=
+md5("TEXTCOLLBYfGiJUETHQ4hEcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak")
+```
+
+- Create temporary working directory
+
+  `mkdir textcoll_workdir`
+
+  `cd textcoll_workdir`
+
+- Run script
+
+  `../scripts/textcoll.sh`
+
+- Edit the script for more options: change alphabet, force specific bytes, etc...

m4/ax_boost_base.m4

@@ -130,7 +130,7 @@ AC_DEFUN([_AX_BOOST_BASE_RUNDETECT],[
     dnl or if you install boost with RPM
     dnl AS_IF([test "x$_AX_BOOST_BASE_boost_path" != "x"],[
 
-    for _AX_BOOST_BASE_prefix_tmp in $_AX_BOOST_BASE_boost_path $(pwd)/boost-* ${HOME}/boost/boost-* /usr /usr/local /opt /opt/local ; do
+    for _AX_BOOST_BASE_prefix_tmp in $_AX_BOOST_BASE_boost_path $(pwd)/boost-* ${HOME}/boost/boost-* /usr /usr/local /opt /opt/local $(brew --prefix boost) ; do
       if test -d $_AX_BOOST_BASE_prefix_tmp/include/boost ; then
         AC_MSG_CHECKING([for boostlib >= $1 ($WANT_BOOST_VERSION) includes in "$_AX_BOOST_BASE_prefix_tmp/include"])
         AS_IF([test -d "$_AX_BOOST_BASE_prefix_tmp/include/boost" && test -r "$_AX_BOOST_BASE_prefix_tmp/include/boost"],[

scripts/textcoll.sh

@@ -0,0 +1,95 @@
+#!/bin/bash
+
+export BINDIR=$(dirname $0)/../bin
+export HELPER=$BINDIR/md5_diffpathhelper
+export TEXTCOLL=$BINDIR/md5_textcoll
+
+export DIFFPATH=$BINDIR/../src/md5textcoll/path2.txt
+MDIFF="--diffm5 11"
+
+prefixfile=$1
+
+if [ -z $prefixfile ]; then
+	prefixfile=dummy.prefix.bin
+fi
+if [ ! -f $prefixfile ]; then
+	touch $prefixfile
+fi
+
+#ALPHABET="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.,_-~=+:;|?@#^&*(){}[]<>"
+ALPHABET="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.,_-~=+:;|?@#^&*"
+#ALPHABET="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
+
+# First block: byte21 has a +4 difference: you must ensure that this difference is possible in the alphabet, e.g., have both A and E(=A+4)
+FIRSTBLOCKBYTES='--byte0 T --byte1 E --byte2 X --byte3 T --byte4 C --byte5 O --byte6 L --byte7 L --byte20 hH --byte21 aAeE --byte22 cC --byte23 kK'
+
+# Second block: 
+# - keep the alphabet of bytes 0-7 large: otherwise there could be no solutions
+# - keep the alphabet of bytes 56-63 large: to make the search fast
+# - if you want to set many bytes of the 2nd block then you should customize the 2nd block search in src/md5textcoll/block2.cpp
+SECONDBLOCKBYTES='--byte8 B --byte9 y --byte10 M --byte11 a --byte12 r --byte13 c --byte14 S --byte15 t --byte16 e --byte17 v --byte18 e --byte19 n --byte20 s'
+
+# First convert the differential path from text to binary for the attack
+if [ ! -f textcoll_path.bin.gz ]; then
+	$HELPER $MDIFF --pathfromtext --inputfile1 $DIFFPATH --outputfile1 textcoll_path.bin.gz || exit 1
+fi
+
+
+
+# TEXTCOLL Stage 1: preparation to find solutions over Q7-Q24
+
+if [ ! -f Q7Q24.bin.gz ]; then
+	( $TEXTCOLL $MDIFF $FIRSTBLOCKBYTES --prepare --pathfile textcoll_path.bin.gz --alphabet $ALPHABET --prefixfile ${prefixfile} | tee prepare.log ) || exit 1
+	echo "Solutions stored in Q7Q24.bin.gz."
+	echo "It's possible to try to control more bytes by editing this script and deleting Q7Q24.bin.gz."
+fi
+
+
+
+# TEXTCOLL Stage 2: first block attack, but only if there is NO first block found yet
+collfile=`ls textcoll1_block1_[0-9]*.txt | head -n1`
+
+if [ "$collfile" = "" ]; then
+	echo "Starting search for first near-collision block in 10 seconds..."
+	sleep 10
+
+	( $TEXTCOLL $MDIFF $FIRSTBLOCKBYTES --firstblock --pathfile textcoll_path.bin.gz --alphabet $ALPHABET --prefixfile ${prefixfile} | tee firstblock.log ) || exit 1
+	collfile=`ls textcoll1_*.txt | head -n1`
+fi
+
+echo "Found first near-collision block in file: $collfile"
+cat ${prefixfile} ${collfile} > partial_solution.txt
+
+
+
+# TEXTCOLL Stage 3: do second block attack 
+# Basically denBoer-Bosselaers pseudo-collision attack, where trying 2^46 random messages is sufficient
+echo "Starting search for second near-collision block in 10 seconds..."
+sleep 10
+
+$TEXTCOLL $MDIFF $SECONDBLOCKBYTES --secondblock --alphabet $ALPHABET --prefixfile partial_solution.txt || exit 1
+
+
+
+
+# SUCCESS!! so now write full solutions
+
+# second block file
+coll2file=`ls textcoll1_block2_[0-9]*.txt | head -n1`
+
+# other first block file
+collfile2=`echo $collfile | sed "s/textcoll1/textcoll2/"`
+
+cat ${prefixfile} ${collfile} ${coll2file} > final_collision1.txt
+cat ${prefixfile} ${collfile2} ${coll2file} > final_collision2.txt
+
+md5sum final_collision*
+sha1sum final_collision*
+
+echo -e "\n"
+echo "========= final_collision1.txt =========="
+cat final_collision1.txt
+echo -e "\n"
+echo "========= final_collision2.txt =========="
+cat final_collision2.txt
+echo -e "\n"

src/md5birthdaysearch/birthday.cpp

@@ -28,8 +28,7 @@
 #include "main.hpp"
 
 #include <boost/lexical_cast.hpp>
-#include <boost/filesystem/operations.hpp>
-#include <boost/filesystem/convenience.hpp>
+#include <boost/filesystem.hpp>
 #include <boost/thread/thread.hpp>
 #include <boost/thread/mutex.hpp>
 
@@ -484,7 +483,7 @@ void load_save_trails(bool dosave = true)
 		{
 			boost::filesystem::path filepath = *dit;
 			if (!exists(*dit) 
-				|| symbolic_link_exists(*dit)
+				|| is_symlink(*dit)
 				|| is_directory(*dit))
 				continue;
 #if BOOST_VERSION == 104300

src/md5birthdaysearch/storage.cpp

@@ -25,8 +25,7 @@
 #include <stdexcept>
 
 #include <boost/lexical_cast.hpp>
-#include <boost/filesystem/operations.hpp>
-#include <boost/filesystem/convenience.hpp>
+#include <boost/filesystem.hpp>
 #include <boost/thread/thread.hpp>
 #include <boost/thread/mutex.hpp>