TCP报文校验和(checksum)计算

一. 原理

将TCP相关内容（TCP伪头部+TCP头部+TCP内容）转换成16比特的字符，然后进行累加，最后结果进行取反。TCP伪头部是固定的，下文有相关代码展示。

二. 源码

1. 源码

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ether.h>

// 伪头部结构体
struct pseudo_header {
    uint32_t source_address;
    uint32_t dest_address;
    uint8_t zero;
    uint8_t protocol;
    uint16_t tcp_length;
};

// 计算16位校验和
uint16_t calculate_checksum(uint16_t *buff, int size) {
    uint32_t sum = 0;
    
    while (size > 1) {
        sum += *buff++;
        size -= 2;
    }

    if (size > 0) {
        sum += *buff & 0xFF;
    }

    while (sum >> 16) {
        sum = (sum & 0xFFFF) + (sum >> 16);
    }

    return (uint16_t)(~sum);
}

// 计算TCP校验和
uint16_t calculate_tcp_checksum(struct iphdr *ip_hdr, uint8_t *tcp_packet, int tcp_len) {
    struct pseudo_header pshdr;
    uint16_t *header_ptr;
    int total_len = sizeof(struct pseudo_header) + tcp_len;
    
    pshdr.source_address = ip_hdr->saddr;
    pshdr.dest_address = ip_hdr->daddr;
    pshdr.zero = 0;
    pshdr.protocol = IPPROTO_TCP; // TCP protocol number, =6
    pshdr.tcp_length = htons(tcp_len);
    
    // Allocate memory for pseudo header and TCP packet
    uint8_t *data = malloc(total_len);
    memcpy(data, (char *)&pshdr, sizeof(struct pseudo_header));
    memcpy(data + sizeof(struct pseudo_header), tcp_packet, tcp_len);

    // Calculate checksum
    uint16_t checksum = calculate_checksum((uint16_t *)data, total_len);

    free(data);

    return checksum;
}

int main() {
    //IP信息
    char ip_head[] = {
        0x45, 0x00, 0x00, 0xc8, 0x14, 0x2b, 0x40, 0x00,
        0x3f, 0x06, 0xa3, 0x2f, 0xc0, 0xa8, 0x01, 0x21,
        0xc0, 0xa8, 0x01, 0x64
    };

   //TCP包信息（头+内容）
    char tcp_packet[] = {
        0x05, 0x99, 0xd6, 0x83, 0x8a, 0x4a, 0x40, 0x80, 0x42, 0xa8, 0x40, 0x65, 0x80, 0x18, 0x01, 0xfa,
        0x65, 0x15, 0x00, 0x00, 0x01, 0x01, 0x08, 0x0a, 0xf3, 0x31, 0xdc, 0x0f, 0xa4, 0xd3, 0x50, 0x8d,
        0x04, 0x01, 0x00, 0x94, 0x00, 0x36, 0x01, 0x00, 0xaa, 0x7c, 0x00, 0xc3, 0x00, 0x00, 0x00, 0x0a,
        0x0f, 0x33, 0x00, 0x27, 0x00, 0x73, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x65, 0x00, 0x70, 0x00, 0x27,
        0x00, 0x20, 0x00, 0x69, 0x00, 0x73, 0x00, 0x20, 0x00, 0x6e, 0x00, 0x6f, 0x00, 0x74, 0x00, 0x20,
        0x00, 0x61, 0x00, 0x20, 0x00, 0x72, 0x00, 0x65, 0x00, 0x63, 0x00, 0x6f, 0x00, 0x67, 0x00, 0x6e,
        0x00, 0x69, 0x00, 0x7a, 0x00, 0x65, 0x00, 0x64, 0x00, 0x20, 0x00, 0x62, 0x00, 0x75, 0x00, 0x69,
        0x00, 0x6c, 0x00, 0x74, 0x00, 0x2d, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x66, 0x00, 0x75,
        0x00, 0x6e, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6f, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x6e,
        0x00, 0x61, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x2e, 0x00, 0x04, 0x76, 0x00, 0x72, 0x00, 0x72, 0x00,
        0x70, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xfd, 0x02, 0x00, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
        0x00, 0x00, 0x00, 0x00
   };

    // Calculate TCP checksum
    printf("TCP old checksum: 0x%02X%02X\n", tcp_packet[16], tcp_packet[17]);
    tcp_packet[16] = tcp_packet[17] = 0; //先将checksum置空
    // uint16_t checksum = calculate_tcp_checksum(0x2101a8c0, 0x6401a8c0, tcp_packet, sizeof(tcp_packet)); 
    uint16_t checksum = calculate_tcp_checksum((struct iphdr *)ip_head, tcp_packet, sizeof(tcp_packet)); 
    printf("TCP new checksum: 0x%04X\n", htons(checksum)); //为了打印，需要将主机序换成网络序号（真实赋值給tcp头时不需要转换）

    return 0;
}

gcc -o tcp_checksum_test tcp_checksum_test.c 即可以生成相应可执行程序（本测试运行环境ubuntu）
2. 结果