From c634f2b184f3160a879c72c79e1dd906d8ecc566 Mon Sep 17 00:00:00 2001 From: Gerald Combs Date: Tue, 26 Sep 2017 14:23:51 -0700 Subject: [PATCH] Capinfos: Add SHA256. Remove MD5. Print the SHA256, RIPEMD160, and SHA1 hashes for each file instead of SHA1, RIPEMD160, and MD5. SHA256 seems to be the preferred file hashing algorithm these days and MD5 is actively discouraged. Note that we might remove SHA1 (which is also discouraged) as well. Change-Id: I74d972ae5f3484c83175cd3f3c7a55f99c171e20 Reviewed-on: https://code.wireshark.org/review/23761 Reviewed-by: Gerald Combs Petri-Dish: Gerald Combs Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman --- capinfos.c | 37 +++++++++++++++++----------------- doc/capinfos.pod | 3 ++- docbook/release-notes.asciidoc | 2 ++ 3 files changed, 23 insertions(+), 19 deletions(-) diff --git a/capinfos.c b/capinfos.c index dfea58e27a..348c855c9f 100644 --- a/capinfos.c +++ b/capinfos.c @@ -159,17 +159,18 @@ static gboolean cap_order = TRUE; /* Report if packets are in chronolo static gboolean cap_file_hashes = TRUE; /* Calculate file hashes */ -#define HASH_SIZE_SHA1 20 +// Strongest to weakest +#define HASH_SIZE_SHA256 32 #define HASH_SIZE_RMD160 20 -#define HASH_SIZE_MD5 16 +#define HASH_SIZE_SHA1 20 -#define HASH_STR_SIZE (41) /* Max hash size * 2 + '\0' */ +#define HASH_STR_SIZE (65) /* Max hash size * 2 + '\0' */ #define HASH_BUF_SIZE (1024 * 1024) -static gchar file_sha1[HASH_STR_SIZE]; +static gchar file_sha256[HASH_STR_SIZE]; static gchar file_rmd160[HASH_STR_SIZE]; -static gchar file_md5[HASH_STR_SIZE]; +static gchar file_sha1[HASH_STR_SIZE]; /* * If we have at least two packets with time stamps, and they're not in @@ -698,9 +699,9 @@ print_stats(const gchar *filename, capture_info *cf_info) } } if (cap_file_hashes) { - printf ("SHA1: %s\n", file_sha1); + printf ("SHA256: %s\n", file_sha256); printf ("RIPEMD160: %s\n", file_rmd160); - printf ("MD5: %s\n", file_md5); + printf ("SHA1: %s\n", file_sha1); } if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order)); @@ -786,9 +787,9 @@ print_stats_table_header(void) if (cap_packet_size) print_stats_table_header_label("Average packet size (bytes)"); if (cap_packet_rate) print_stats_table_header_label("Average packet rate (packets/sec)"); if (cap_file_hashes) { - print_stats_table_header_label("SHA1"); + print_stats_table_header_label("SHA256"); print_stats_table_header_label("RIPEMD160"); - print_stats_table_header_label("MD5"); + print_stats_table_header_label("SHA1"); } if (cap_order) print_stats_table_header_label("Strict time order"); if (cap_file_more_info) { @@ -954,7 +955,7 @@ print_stats_table(const gchar *filename, capture_info *cf_info) if (cap_file_hashes) { putsep(); putquote(); - printf("%s", file_sha1); + printf("%s", file_sha256); putquote(); putsep(); @@ -964,7 +965,7 @@ print_stats_table(const gchar *filename, capture_info *cf_info) putsep(); putquote(); - printf("%s", file_md5); + printf("%s", file_sha1); putquote(); } @@ -1323,7 +1324,7 @@ print_usage(FILE *output) fprintf(output, " -E display the capture file encapsulation\n"); fprintf(output, " -I display the capture file interface information\n"); fprintf(output, " -F display additional capture file information\n"); - fprintf(output, " -H display the SHA1, RMD160, and MD5 hashes of the file\n"); + fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n"); fprintf(output, " -k display the capture comment\n"); fprintf(output, "\n"); fprintf(output, "Size infos:\n"); @@ -1686,10 +1687,10 @@ main(int argc, char *argv[]) if (cap_file_hashes) { gcry_check_version(NULL); - gcry_md_open(&hd, GCRY_MD_SHA1, 0); + gcry_md_open(&hd, GCRY_MD_SHA256, 0); if (hd) { gcry_md_enable(hd, GCRY_MD_RMD160); - gcry_md_enable(hd, GCRY_MD_MD5); + gcry_md_enable(hd, GCRY_MD_SHA1); } hash_buf = (char *)g_malloc(HASH_BUF_SIZE); } @@ -1698,9 +1699,9 @@ main(int argc, char *argv[]) for (opt = optind; opt < argc; opt++) { - g_strlcpy(file_sha1, "", HASH_STR_SIZE); + g_strlcpy(file_sha256, "", HASH_STR_SIZE); g_strlcpy(file_rmd160, "", HASH_STR_SIZE); - g_strlcpy(file_md5, "", HASH_STR_SIZE); + g_strlcpy(file_sha1, "", HASH_STR_SIZE); if (cap_file_hashes) { fh = ws_fopen(argv[opt], "rb"); @@ -1709,9 +1710,9 @@ main(int argc, char *argv[]) gcry_md_write(hd, hash_buf, hash_bytes); } gcry_md_final(hd); - hash_to_str(gcry_md_read(hd, GCRY_MD_SHA1), HASH_SIZE_SHA1, file_sha1); + hash_to_str(gcry_md_read(hd, GCRY_MD_SHA256), HASH_SIZE_SHA256, file_sha256); hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160); - hash_to_str(gcry_md_read(hd, GCRY_MD_MD5), HASH_SIZE_MD5, file_md5); + hash_to_str(gcry_md_read(hd, GCRY_MD_SHA1), HASH_SIZE_SHA1, file_sha1); } if (fh) fclose(fh); if (hd) gcry_md_reset(hd); diff --git a/doc/capinfos.pod b/doc/capinfos.pod index 335cdb2a2a..237ba5b37a 100644 --- a/doc/capinfos.pod +++ b/doc/capinfos.pod @@ -161,7 +161,8 @@ Prints the help listing and exits. =item -H -Displays the SHA1, RIPEMD160, and MD5 hashes for the file. +Displays the SHA256, RIPEMD160, and SHA1 hashes for the file. +SHA1 output may be removed in the future. =item -i diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc index f9bbda96ef..7d0f5dd9bd 100644 --- a/docbook/release-notes.asciidoc +++ b/docbook/release-notes.asciidoc @@ -51,6 +51,8 @@ since version 2.4.0: network info types and some Message Analyzer exported types. * Personal plugins folder on Linux/Unix is now ~/.local/lib/wireshark/plugins. * Add Flow Graph functionality to TShark using -z +* Capinfos now prints SHA256 hashes in addition to RIPEMD160 and SHA1. MD5 output + has been removed. //=== Removed Dissectors