From e0c035a4cf763854c1e130c9da26241391d9b8a9 Mon Sep 17 00:00:00 2001
From: Pin <wf6DJd8a3xSSCZbn@protonmail.com>
Date: Wed, 27 Oct 2021 21:30:41 -0400
Subject: [PATCH] added support for multi-idat

---
 cmd/crc.c          | 88 ++++++++++++++++++++++++++++++++--------------
 include/crc_util.h |  3 ++
 2 files changed, 64 insertions(+), 27 deletions(-)

diff --git a/cmd/crc.c b/cmd/crc.c
index dc501ae..98d4f4c 100644
--- a/cmd/crc.c
+++ b/cmd/crc.c
@@ -70,12 +70,11 @@ int update_file_crc(unsigned char *addr, unsigned long offset , unsigned int crc
 	return 0;
 }
 
-static void random_window_bit_change(unsigned char *data, int width, int rounds, int color_range, size_t length) {
+static void random_window_bit_change(unsigned char *data, int width, int rounds, int color_range, size_t length, size_t offset) {
 	size_t random_num = 0;
 	for (int i = 0; i < rounds; i++) {
-		random_num = randombytes_uniform(length);
 		do {
-			random_num = randombytes_uniform(length);
+			random_num = randombytes_uniform(length) + offset;
 		} while((random_num % ((width * color_range) + 1)) == 0);
 
 
@@ -88,7 +87,7 @@ static void random_window_bit_change(unsigned char *data, int width, int rounds,
 	return;
 }
 
-static int verify_crc_chunks(unsigned char *data, size_t data_length, int crc_depth, unsigned int max_data_length) {
+static int verify_crc_chunks(unsigned char *data, size_t data_length, int crc_depth, unsigned int max_data_length, char message, size_t iteration) {
 	unsigned char* testing_chunk;
 	unsigned int crc_check = 0;
 	unsigned int test_data_length = 0;
@@ -111,15 +110,16 @@ static int verify_crc_chunks(unsigned char *data, size_t data_length, int crc_de
 		testing_chunk[2] = 0x41;
 		testing_chunk[3] = 0x54;
 		for(int j = 0; j < test_data_length; j++) {
-			testing_chunk[j+4] = data[(test_data_length*rounds)+j];
+			testing_chunk[j+4] = data[(test_data_length*rounds)+j+(MAX_WINDOW_SIZE*iteration)];
 		}
 		crc_check_length = test_data_length+4;
 		crc_check = crc(testing_chunk, crc_check_length);
 		
-		if ((crc_check >> (8*3)) != 10 ) {
+		if ((crc_check >> (8*3)) != message ) {
 			free(testing_chunk);
 			return 1;
 		}
+		printf("FOUND: %c\n", message);
 		// Used as an alternative to i
 		// Since i needs to be changed it max data length is met
 		rounds++;
@@ -128,16 +128,16 @@ static int verify_crc_chunks(unsigned char *data, size_t data_length, int crc_de
 	return 0;
 }
 
-static int crc_embed_data(unsigned char *data, unsigned int data_length, int bit_width, int color_range, unsigned int sliding_window) {
+static int crc_embed_data(unsigned char *data, unsigned int data_length, int bit_width, int color_range, unsigned int sliding_window, char message, size_t offset , size_t iteration) {
 	unsigned char *check_data;
 	size_t check_data_length = 0;
 
-	random_window_bit_change(data, bit_width, 2, color_range, sliding_window);
+	random_window_bit_change(data, bit_width, 2, color_range, sliding_window, offset);
 
 	// Compressing data for test
 	zlib_compress_data(data, data_length, &check_data, &check_data_length);
 
-	int match_crc = verify_crc_chunks(check_data, check_data_length, 1, MAX_IDAT_SIZE);
+	int match_crc = verify_crc_chunks(check_data, check_data_length, 1, MAX_IDAT_SIZE, message, iteration);
 
 	if(match_crc == 0) {
 		printf("COM SIZE: %zu\n", check_data_length);
@@ -151,6 +151,7 @@ static int crc_embed_data(unsigned char *data, unsigned int data_length, int bit
 void *random_data_change_thread_call(void *w) {
 	struct EMBED_THREAD_STRUCT *data = w;
 	unsigned char* temp_color_data = calloc(data->uncom_data_len, sizeof(unsigned char));
+	char cur_message;
 	int searching = 1;
 	do {
 		// Creating temporary data set
@@ -158,21 +159,24 @@ void *random_data_change_thread_call(void *w) {
 
 		// Look into testing these values more
 		if(data->uncom_data_len > 800000) {
-			data->data_len = 90000;
+			data->data_len = 90000 + (90000 * data->cur_iteration);
 		} else {
 			data->data_len = data->uncom_data_len;
 		}
 		if(data->uncom_data_len > 16000) {
-			data->win_size = 9000;
+			data->win_size = 9000 + (9000 * data->cur_iteration);
 		} else {
 			data->win_size = data->uncom_data_len;
 		}
 
-		searching = crc_embed_data(temp_color_data, data->data_len, data->width, data->color_range, data->win_size);
+		cur_message = data->message[data->cur_iteration];
+
+		searching = crc_embed_data(temp_color_data, data->data_len, data->width, data->color_range, data->win_size, cur_message, data->cur_offset, data->cur_iteration);
 
 		pthread_mutex_lock(&data->mutex_lock);
 		if (searching == 0 && *data->searching == 1) {
 			*data->searching = searching;
+			printf("CUR MESSAGE: %c\n", cur_message);
 			for(size_t i = 0; i < data->uncom_data_len; i++) {
 				if (temp_color_data[i] != data->data[i]) {
 					printf("LEN: %zu\nDIFF: %zu\nNEW: %02X\nOLD: %02X\n", data->uncom_data_len, i, temp_color_data[i], data->data[i]);
@@ -189,13 +193,32 @@ void *random_data_change_thread_call(void *w) {
 	pthread_exit(0);
 }
 
-void random_data_change(unsigned char *color_data, unsigned char *width, size_t length) {
+size_t generate_offset(unsigned char *data, size_t data_len, size_t iteration) {
+	unsigned char *com_data_buff = NULL;
+	unsigned char *uncom_data_buff = NULL;
+	size_t com_data_size = 0;
+	size_t uncom_data_size = 0;
+
+	printf("Gen Offset\n");
+	zlib_compress_data(data, data_len, &com_data_buff, &com_data_size);
+
+	zlib_decompress_data(com_data_buff, (MAX_WINDOW_SIZE * (iteration+1)), &uncom_data_buff, &uncom_data_size);
+
+	printf("NEW SIZE: %zu\n", uncom_data_size);
+
+	free(com_data_buff);
+	free(uncom_data_buff);
+	return uncom_data_size;
+}
+
+void random_data_change(unsigned char *color_data, unsigned char *width, size_t length, char *message) {
 	int searching = 1;
 	int core_count = 1;
 	unsigned int sliding_window = 0;
 	unsigned int compress_data_length = 0;
 	// Needs to be turned into a variable
 	int color_range = 3;
+	int waiting = 0;
 	// Union for width type cast
 	union {
 		uint32_t width_int;
@@ -210,25 +233,36 @@ void random_data_change(unsigned char *color_data, unsigned char *width, size_t
 		return;
 	}
 	t_data->searching = &searching;
+	t_data->message = message;
 	t_data->data = color_data;
 	t_data->data_len = compress_data_length;
 	t_data->uncom_data_len = length;
+	t_data->cur_offset = 0;
 	t_data->width = be32toh(w.width_int);
 	t_data->color_range = color_range;
 	t_data->win_size = sliding_window;
 	pthread_t tid;
 	t_data->thread_id = tid;
-	for(int i = 0; i < core_count; i++) {
-		pthread_create(&tid, NULL, random_data_change_thread_call, t_data);
-	}
-	// Waiting for all threads to complete
-	int waiting = 0;
-	do {
-		pthread_join(tid, NULL);
-		waiting++;
-	} while(waiting!=core_count);
-	pthread_mutex_destroy(&t_data->mutex_lock);
+	for(int j = 0; j < strlen(message); j++) {
+		// Setting Iteration bit and searching
+		t_data->cur_iteration = j;
+		*t_data->searching = 1;
+		for(int i = 0; i < core_count; i++) {
+			pthread_create(&tid, NULL, random_data_change_thread_call, t_data);
+		}
+		// Waiting for all threads to complete
+		waiting = 0;
+		do {
+			pthread_join(tid, NULL);
+			waiting++;
+		} while(waiting!=core_count);
+		pthread_mutex_destroy(&t_data->mutex_lock);
 
+		// Only generate new offset if not last char in message
+		if(j != (strlen(message) - 1)) {
+			t_data->cur_offset = generate_offset(color_data, t_data->uncom_data_len, j);
+		}
+	}
 	return;
 }
 
@@ -342,7 +376,7 @@ int change_idat_content(unsigned char *addr, struct PNG_FILE_STRUCT *png_file, c
 	if(accuracy > 2) {
 		printf("Notice, this could take a long time...");
 	}
-	if(total_idat(addr) < strlen((char*)message)) {
+	if(total_idat(addr) < strlen(message)) {
 		printf("Warning, message exceeds IDAT amount\n");
 		exit(EXIT_FAILURE);
 	}
@@ -361,7 +395,7 @@ int change_idat_content(unsigned char *addr, struct PNG_FILE_STRUCT *png_file, c
 	printf("ORIG UNCOM LEN: %zu\n", uncom_data_size);
 
 	// Start data testing
-	random_data_change(uncom_data_buff, png_file->png_start_data.file_width, uncom_data_size);
+	random_data_change(uncom_data_buff, png_file->png_start_data.file_width, uncom_data_size, message);
 	
 	//return 0;
 	// Compress Data
@@ -410,7 +444,7 @@ int main(int argc, char **argv) {
 		{"outfile", required_argument, NULL, 'o'},
 		{"message", required_argument, NULL, 'm'},
 		{"compress", no_argument, NULL, 'c'},
-		{"uncompress", no_argument, NULL, 'h'},
+		{"uncompress", no_argument, NULL, 'u'},
 		{0, 0, 0, 0}
 	};
 
@@ -490,7 +524,7 @@ int main(int argc, char **argv) {
 		unsigned char* idat_data = populate_idat_array(file_data, offset, &idat_byte_length);
 		
 		for(int i = 0; i < idat_byte_length; i++) {
-			printf("%02X ", idat_data[i]);
+			//printf("%02X ", idat_data[i]);
 		}
 		printf("\nDecompressed Data:\n\n");
 		// Decompressing data
diff --git a/include/crc_util.h b/include/crc_util.h
index e97952b..41ffc40 100644
--- a/include/crc_util.h
+++ b/include/crc_util.h
@@ -40,9 +40,12 @@ struct EMBED_THREAD_STRUCT {
 	unsigned char *data;
 	unsigned int data_len;
 	size_t uncom_data_len;
+	size_t cur_offset;
+	size_t cur_iteration;
 	int width;
 	int color_range;
 	unsigned int win_size;
+	char *message;
 };
 
 extern const long png_signature[8];