一. 原理
将TCP相关内容(TCP伪头部+TCP头部+TCP内容)转换成16比特的字符,然后进行累加,最后结果进行取反。TCP伪头部是固定的,下文有相关代码展示。
二. 源码
- 源码
c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ether.h>
// 伪头部结构体
struct pseudo_header {
uint32_t source_address;
uint32_t dest_address;
uint8_t zero;
uint8_t protocol;
uint16_t tcp_length;
};
// 计算16位校验和
uint16_t calculate_checksum(uint16_t *buff, int size) {
uint32_t sum = 0;
while (size > 1) {
sum += *buff++;
size -= 2;
}
if (size > 0) {
sum += *buff & 0xFF;
}
while (sum >> 16) {
sum = (sum & 0xFFFF) + (sum >> 16);
}
return (uint16_t)(~sum);
}
// 计算TCP校验和
uint16_t calculate_tcp_checksum(struct iphdr *ip_hdr, uint8_t *tcp_packet, int tcp_len) {
struct pseudo_header pshdr;
uint16_t *header_ptr;
int total_len = sizeof(struct pseudo_header) + tcp_len;
pshdr.source_address = ip_hdr->saddr;
pshdr.dest_address = ip_hdr->daddr;
pshdr.zero = 0;
pshdr.protocol = IPPROTO_TCP; // TCP protocol number, =6
pshdr.tcp_length = htons(tcp_len);
// Allocate memory for pseudo header and TCP packet
uint8_t *data = malloc(total_len);
memcpy(data, (char *)&pshdr, sizeof(struct pseudo_header));
memcpy(data + sizeof(struct pseudo_header), tcp_packet, tcp_len);
// Calculate checksum
uint16_t checksum = calculate_checksum((uint16_t *)data, total_len);
free(data);
return checksum;
}
int main() {
//IP信息
char ip_head[] = {
0x45, 0x00, 0x00, 0xc8, 0x14, 0x2b, 0x40, 0x00,
0x3f, 0x06, 0xa3, 0x2f, 0xc0, 0xa8, 0x01, 0x21,
0xc0, 0xa8, 0x01, 0x64
};
//TCP包信息(头+内容)
char tcp_packet[] = {
0x05, 0x99, 0xd6, 0x83, 0x8a, 0x4a, 0x40, 0x80, 0x42, 0xa8, 0x40, 0x65, 0x80, 0x18, 0x01, 0xfa,
0x65, 0x15, 0x00, 0x00, 0x01, 0x01, 0x08, 0x0a, 0xf3, 0x31, 0xdc, 0x0f, 0xa4, 0xd3, 0x50, 0x8d,
0x04, 0x01, 0x00, 0x94, 0x00, 0x36, 0x01, 0x00, 0xaa, 0x7c, 0x00, 0xc3, 0x00, 0x00, 0x00, 0x0a,
0x0f, 0x33, 0x00, 0x27, 0x00, 0x73, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x65, 0x00, 0x70, 0x00, 0x27,
0x00, 0x20, 0x00, 0x69, 0x00, 0x73, 0x00, 0x20, 0x00, 0x6e, 0x00, 0x6f, 0x00, 0x74, 0x00, 0x20,
0x00, 0x61, 0x00, 0x20, 0x00, 0x72, 0x00, 0x65, 0x00, 0x63, 0x00, 0x6f, 0x00, 0x67, 0x00, 0x6e,
0x00, 0x69, 0x00, 0x7a, 0x00, 0x65, 0x00, 0x64, 0x00, 0x20, 0x00, 0x62, 0x00, 0x75, 0x00, 0x69,
0x00, 0x6c, 0x00, 0x74, 0x00, 0x2d, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x66, 0x00, 0x75,
0x00, 0x6e, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6f, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x6e,
0x00, 0x61, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x2e, 0x00, 0x04, 0x76, 0x00, 0x72, 0x00, 0x72, 0x00,
0x70, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xfd, 0x02, 0x00, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00
};
// Calculate TCP checksum
printf("TCP old checksum: 0x%02X%02X\n", tcp_packet[16], tcp_packet[17]);
tcp_packet[16] = tcp_packet[17] = 0; //先将checksum置空
// uint16_t checksum = calculate_tcp_checksum(0x2101a8c0, 0x6401a8c0, tcp_packet, sizeof(tcp_packet));
uint16_t checksum = calculate_tcp_checksum((struct iphdr *)ip_head, tcp_packet, sizeof(tcp_packet));
printf("TCP new checksum: 0x%04X\n", htons(checksum)); //为了打印,需要将主机序换成网络序号(真实赋值給tcp头时不需要转换)
return 0;
}gcc -o tcp_checksum_test tcp_checksum_test.c 即可以生成相应可执行程序(本测试运行环境ubuntu)
- 结果
