diff --git a/OpenCL/inc_hash_md5.cl b/OpenCL/inc_hash_md5.cl index 3c52c1f40..fe31dc099 100644 --- a/OpenCL/inc_hash_md5.cl +++ b/OpenCL/inc_hash_md5.cl @@ -771,6 +771,262 @@ DECLSPEC void md5_update_global_utf16le_swap (md5_ctx_t *ctx, GLOBAL_AS const u3 md5_update_64 (ctx, w0, w1, w2, w3, (len - pos1) * 2); } +DECLSPEC void md5_update_local (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len) +{ + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + int pos1; + int pos4; + + for (pos1 = 0, pos4 = 0; pos1 < len - 64; pos1 += 64, pos4 += 16) + { + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + md5_update_64 (ctx, w0, w1, w2, w3, 64); + } + + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + md5_update_64 (ctx, w0, w1, w2, w3, len - pos1); +} + +DECLSPEC void md5_update_local_swap (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len) +{ + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + int pos1; + int pos4; + + for (pos1 = 0, pos4 = 0; pos1 < len - 64; pos1 += 64, pos4 += 16) + { + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + w0[0] = hc_swap32_S (w0[0]); + w0[1] = hc_swap32_S (w0[1]); + w0[2] = hc_swap32_S (w0[2]); + w0[3] = hc_swap32_S (w0[3]); + w1[0] = hc_swap32_S (w1[0]); + w1[1] = hc_swap32_S (w1[1]); + w1[2] = hc_swap32_S (w1[2]); + w1[3] = hc_swap32_S (w1[3]); + w2[0] = hc_swap32_S (w2[0]); + w2[1] = hc_swap32_S (w2[1]); + w2[2] = hc_swap32_S (w2[2]); + w2[3] = hc_swap32_S (w2[3]); + w3[0] = hc_swap32_S (w3[0]); + w3[1] = hc_swap32_S (w3[1]); + w3[2] = hc_swap32_S (w3[2]); + w3[3] = hc_swap32_S (w3[3]); + + md5_update_64 (ctx, w0, w1, w2, w3, 64); + } + + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + w0[0] = hc_swap32_S (w0[0]); + w0[1] = hc_swap32_S (w0[1]); + w0[2] = hc_swap32_S (w0[2]); + w0[3] = hc_swap32_S (w0[3]); + w1[0] = hc_swap32_S (w1[0]); + w1[1] = hc_swap32_S (w1[1]); + w1[2] = hc_swap32_S (w1[2]); + w1[3] = hc_swap32_S (w1[3]); + w2[0] = hc_swap32_S (w2[0]); + w2[1] = hc_swap32_S (w2[1]); + w2[2] = hc_swap32_S (w2[2]); + w2[3] = hc_swap32_S (w2[3]); + w3[0] = hc_swap32_S (w3[0]); + w3[1] = hc_swap32_S (w3[1]); + w3[2] = hc_swap32_S (w3[2]); + w3[3] = hc_swap32_S (w3[3]); + + md5_update_64 (ctx, w0, w1, w2, w3, len - pos1); +} + +DECLSPEC void md5_update_local_utf16le (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len) +{ + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + int pos1; + int pos4; + + for (pos1 = 0, pos4 = 0; pos1 < len - 32; pos1 += 32, pos4 += 8) + { + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + + make_utf16le_S (w1, w2, w3); + make_utf16le_S (w0, w0, w1); + + md5_update_64 (ctx, w0, w1, w2, w3, 32 * 2); + } + + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + + make_utf16le_S (w1, w2, w3); + make_utf16le_S (w0, w0, w1); + + md5_update_64 (ctx, w0, w1, w2, w3, (len - pos1) * 2); +} + +DECLSPEC void md5_update_local_utf16le_swap (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len) +{ + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + int pos1; + int pos4; + + for (pos1 = 0, pos4 = 0; pos1 < len - 32; pos1 += 32, pos4 += 8) + { + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + + make_utf16le_S (w1, w2, w3); + make_utf16le_S (w0, w0, w1); + + w0[0] = hc_swap32_S (w0[0]); + w0[1] = hc_swap32_S (w0[1]); + w0[2] = hc_swap32_S (w0[2]); + w0[3] = hc_swap32_S (w0[3]); + w1[0] = hc_swap32_S (w1[0]); + w1[1] = hc_swap32_S (w1[1]); + w1[2] = hc_swap32_S (w1[2]); + w1[3] = hc_swap32_S (w1[3]); + w2[0] = hc_swap32_S (w2[0]); + w2[1] = hc_swap32_S (w2[1]); + w2[2] = hc_swap32_S (w2[2]); + w2[3] = hc_swap32_S (w2[3]); + w3[0] = hc_swap32_S (w3[0]); + w3[1] = hc_swap32_S (w3[1]); + w3[2] = hc_swap32_S (w3[2]); + w3[3] = hc_swap32_S (w3[3]); + + md5_update_64 (ctx, w0, w1, w2, w3, 32 * 2); + } + + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + + make_utf16le_S (w1, w2, w3); + make_utf16le_S (w0, w0, w1); + + w0[0] = hc_swap32_S (w0[0]); + w0[1] = hc_swap32_S (w0[1]); + w0[2] = hc_swap32_S (w0[2]); + w0[3] = hc_swap32_S (w0[3]); + w1[0] = hc_swap32_S (w1[0]); + w1[1] = hc_swap32_S (w1[1]); + w1[2] = hc_swap32_S (w1[2]); + w1[3] = hc_swap32_S (w1[3]); + w2[0] = hc_swap32_S (w2[0]); + w2[1] = hc_swap32_S (w2[1]); + w2[2] = hc_swap32_S (w2[2]); + w2[3] = hc_swap32_S (w2[3]); + w3[0] = hc_swap32_S (w3[0]); + w3[1] = hc_swap32_S (w3[1]); + w3[2] = hc_swap32_S (w3[2]); + w3[3] = hc_swap32_S (w3[3]); + + md5_update_64 (ctx, w0, w1, w2, w3, (len - pos1) * 2); +} + DECLSPEC void md5_final (md5_ctx_t *ctx) { MAYBE_VOLATILE const int pos = ctx->len & 63; @@ -1486,6 +1742,58 @@ DECLSPEC void md5_update_vector (md5_ctx_vector_t *ctx, const u32x *w, const int md5_update_vector_64 (ctx, w0, w1, w2, w3, len - pos1); } +DECLSPEC void md5_update_vector_from_scalar (md5_ctx_vector_t *ctx, const u32 *w, const int len) +{ + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + int pos1; + int pos4; + + for (pos1 = 0, pos4 = 0; pos1 < len - 64; pos1 += 64, pos4 += 16) + { + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + md5_update_vector_64 (ctx, w0, w1, w2, w3, 64); + } + + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + md5_update_vector_64 (ctx, w0, w1, w2, w3, len - pos1); +} + DECLSPEC void md5_update_vector_swap (md5_ctx_vector_t *ctx, const u32x *w, const int len) { u32x w0[4]; diff --git a/OpenCL/inc_hash_md5.h b/OpenCL/inc_hash_md5.h index 1e6eaaf93..e16dda780 100644 --- a/OpenCL/inc_hash_md5.h +++ b/OpenCL/inc_hash_md5.h @@ -100,6 +100,10 @@ DECLSPEC void md5_update_global (md5_ctx_t *ctx, GLOBAL_AS const u32 *w, const i DECLSPEC void md5_update_global_swap (md5_ctx_t *ctx, GLOBAL_AS const u32 *w, const int len); DECLSPEC void md5_update_global_utf16le (md5_ctx_t *ctx, GLOBAL_AS const u32 *w, const int len); DECLSPEC void md5_update_global_utf16le_swap (md5_ctx_t *ctx, GLOBAL_AS const u32 *w, const int len); +DECLSPEC void md5_update_local (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len); +DECLSPEC void md5_update_local_swap (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len); +DECLSPEC void md5_update_local_utf16le (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len); +DECLSPEC void md5_update_local_utf16le_swap (md5_ctx_t *ctx, LOCAL_AS const u32 *w, const int len); DECLSPEC void md5_final (md5_ctx_t *ctx); DECLSPEC void md5_hmac_init_64 (md5_hmac_ctx_t *ctx, const u32 *w0, const u32 *w1, const u32 *w2, const u32 *w3); DECLSPEC void md5_hmac_init (md5_hmac_ctx_t *ctx, const u32 *w, const int len); @@ -121,6 +125,7 @@ DECLSPEC void md5_init_vector (md5_ctx_vector_t *ctx); DECLSPEC void md5_init_vector_from_scalar (md5_ctx_vector_t *ctx, md5_ctx_t *ctx0); DECLSPEC void md5_update_vector_64 (md5_ctx_vector_t *ctx, u32x *w0, u32x *w1, u32x *w2, u32x *w3, const int len); DECLSPEC void md5_update_vector (md5_ctx_vector_t *ctx, const u32x *w, const int len); +DECLSPEC void md5_update_vector_from_scalar (md5_ctx_vector_t *ctx, const u32 *w, const int len); DECLSPEC void md5_update_vector_swap (md5_ctx_vector_t *ctx, const u32x *w, const int len); DECLSPEC void md5_update_vector_utf16le (md5_ctx_vector_t *ctx, const u32x *w, const int len); DECLSPEC void md5_update_vector_utf16le_swap (md5_ctx_vector_t *ctx, const u32x *w, const int len); diff --git a/OpenCL/inc_pem_common.cl b/OpenCL/inc_pem_common.cl new file mode 100644 index 000000000..9266b62cf --- /dev/null +++ b/OpenCL/inc_pem_common.cl @@ -0,0 +1,190 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "inc_types.h" +#include "inc_vendor.h" +#include "inc_pem_common.h" + +#ifdef KERNEL_STATIC +#include "inc_hash_md5.cl" +#endif + +DECLSPEC void generate_key (u32 *salt_buf, u32 *pw, size_t pw_len, u32 *key) +{ + #ifdef DEBUG + printf("salt_buf:"); + for (u32 i = 0; i < 16; i++) printf(" 0x%08x", salt_buf[i]); + printf("\n"); + printf("pw:"); + for (u32 i = 0; i < 16; i++) printf(" 0x%08x", pw[i]); + printf("\n"); + printf("pw_len: %lu\n", pw_len); + #endif + + u32 md_buf[16] = { 0 }; + md5_ctx_t md_ctx; + + md5_init (&md_ctx); + md5_update (&md_ctx, pw, pw_len); + md5_update (&md_ctx, salt_buf, HC_PEM_SALT_LENGTH); + md5_final (&md_ctx); + + key[0] = md_ctx.h[0]; + + #if KEY_LENGTH > 4 + key[1] = md_ctx.h[1]; + #endif + + #if KEY_LENGTH > 8 + key[2] = md_ctx.h[2]; + #endif + + #if KEY_LENGTH > 12 + key[3] = md_ctx.h[3]; + #endif + + #if KEY_LENGTH > 16 + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < HC_PEM_MD_LENGTH / 4; i++) + { + md_buf[i] = md_ctx.h[i]; + } + + md5_init (&md_ctx); + md5_update (&md_ctx, md_buf, HC_PEM_MD_LENGTH); + md5_update (&md_ctx, pw, pw_len); + md5_update (&md_ctx, salt_buf, HC_PEM_SALT_LENGTH); + md5_final (&md_ctx); + + key[4] = md_ctx.h[0]; + #endif // KEY_LENGTH > 16 + + #if KEY_LENGTH > 20 + key[5] = md_ctx.h[1]; + #endif + + #if KEY_LENGTH > 24 + key[6] = md_ctx.h[2]; + #endif + + #if KEY_LENGTH > 28 + key[7] = md_ctx.h[3]; + #endif + + #if KEY_LENGTH > 32 + #error Only supports up to KEY_LENGTH == 32 at present. Extend generate_key! + #endif + + #ifdef DEBUG + printf("key:"); + for (u32 i = 0; i < KEY_LENGTH / 4; i++) printf(" 0x%08x", key[i]); + printf("\n"); + #endif // DEBUG +} + +DECLSPEC void generate_key_vector (u32 *salt_buf, u32x *pw, size_t pw_len, u32x *key) +{ + #ifdef DEBUG + printf("salt_buf:"); + for (u32 i = 0; i < 16; i++) printf(" 0x%08x", salt_buf[i]); + printf("\n"); + for (u32 v = 0; v < VECT_SIZE; v++) + { + printf("pw[%u]:", v); + for (u32 i = 0; i < 16; i++) printf(" 0x%08x", VECTOR_ELEMENT(pw[i], v)); + printf("\n"); + } + printf("pw_len: %lu\n", pw_len); + #endif + + u32x md_buf[16] = { 0 }; + md5_ctx_vector_t md_ctx; + + md5_init_vector (&md_ctx); + md5_update_vector (&md_ctx, pw, pw_len); + md5_update_vector_from_scalar (&md_ctx, salt_buf, HC_PEM_SALT_LENGTH); + md5_final_vector (&md_ctx); + + key[0] = md_ctx.h[0]; + + #if KEY_LENGTH > 4 + key[1] = md_ctx.h[1]; + #endif + + #if KEY_LENGTH > 8 + key[2] = md_ctx.h[2]; + #endif + + #if KEY_LENGTH > 12 + key[3] = md_ctx.h[3]; + #endif + + #if KEY_LENGTH > 16 + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < HC_PEM_MD_LENGTH / 4; i++) + { + md_buf[i] = md_ctx.h[i]; + } + + md5_init_vector (&md_ctx); + md5_update_vector (&md_ctx, md_buf, HC_PEM_MD_LENGTH); + md5_update_vector (&md_ctx, pw, pw_len); + md5_update_vector_from_scalar (&md_ctx, salt_buf, HC_PEM_SALT_LENGTH); + md5_final_vector (&md_ctx); + + key[4] = md_ctx.h[0]; + #endif // KEY_LENGTH > 16 + + #if KEY_LENGTH > 20 + key[5] = md_ctx.h[1]; + #endif + + #if KEY_LENGTH > 24 + key[6] = md_ctx.h[2]; + #endif + + #if KEY_LENGTH > 28 + key[7] = md_ctx.h[3]; + #endif + + #if KEY_LENGTH > 32 + #error Only supports up to KEY_LENGTH == 32 at present. Extend generate_key! + #endif + + #ifdef DEBUG + for (u32 v = 0; v < VECT_SIZE; v++) + { + printf("key[%u]:", v); + for (u32 i = 0; i < KEY_LENGTH / 4; i++) printf(" 0x%08x", VECTOR_ELEMENT(key[i], v)); + printf("\n"); + } + #endif // DEBUG +} + +DECLSPEC void prep_buffers(u32 *salt_buf, u32 *salt_iv, u32 *first_block, PSEUDO_SHM_TYPE u32 *data, GLOBAL_AS const pem_t *esalt) +{ + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < HC_PEM_SALT_LENGTH / 4; i++) + { + salt_buf[i] = esalt->salt_iv[i]; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + salt_iv[i] = esalt->salt_iv[i]; + first_block[i] = data[i]; + } +} diff --git a/OpenCL/inc_pem_common.h b/OpenCL/inc_pem_common.h new file mode 100644 index 000000000..ddd189412 --- /dev/null +++ b/OpenCL/inc_pem_common.h @@ -0,0 +1,35 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#ifndef _INC_PEM_COMMON_H +#define _INC_PEM_COMMON_H + +#define HC_PEM_SALT_LENGTH 8 +#define HC_PEM_MD_LENGTH 16 + +#define HC_PEM_MAX_BLOCK_SIZE 16 +#define HC_PEM_MAX_KEY_LENGTH 32 +#define HC_PEM_MAX_DATA_LENGTH 12288 + +typedef struct pem +{ + void *chosen_cipher; + u32 salt_iv[HC_PEM_MAX_BLOCK_SIZE / 4]; + + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + size_t data_len; +} pem_t; + +#ifdef REAL_SHM +#define PSEUDO_SHM_TYPE LOCAL_AS +#else +#define PSEUDO_SHM_TYPE +#endif + +DECLSPEC void generate_key (u32 *salt_buf, u32 *pw, size_t pw_len, u32 *key); +DECLSPEC void generate_key_vector (u32 *salt_buf, u32x *pw, size_t pw_len, u32x *key); +DECLSPEC void prep_buffers (u32 *salt_buf, u32 *salt_iv, u32 *first_block, PSEUDO_SHM_TYPE u32 *data, GLOBAL_AS const pem_t *esalt); + +#endif // _INC_PEM_COMMON_H diff --git a/OpenCL/m22911_a0-pure.cl b/OpenCL/m22911_a0-pure.cl new file mode 100644 index 000000000..d084296e4 --- /dev/null +++ b/OpenCL/m22911_a0-pure.cl @@ -0,0 +1,238 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 8 +#define KEY_LENGTH 24 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp.cl" +#include "inc_cipher_des.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22911_sxx (KERN_ATTR_RULES_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_SPtrans[8][64]; + LOCAL_VK u32 s_skb[8][64]; + + for (u32 i = lid; i < 64; i += lsz) + { + s_SPtrans[0][i] = c_SPtrans[0][i]; + s_SPtrans[1][i] = c_SPtrans[1][i]; + s_SPtrans[2][i] = c_SPtrans[2][i]; + s_SPtrans[3][i] = c_SPtrans[3][i]; + s_SPtrans[4][i] = c_SPtrans[4][i]; + s_SPtrans[5][i] = c_SPtrans[5][i]; + s_SPtrans[6][i] = c_SPtrans[6][i]; + s_SPtrans[7][i] = c_SPtrans[7][i]; + + s_skb[0][i] = c_skb[0][i]; + s_skb[1][i] = c_skb[1][i]; + s_skb[2][i] = c_skb[2][i]; + s_skb[3][i] = c_skb[3][i]; + s_skb[4][i] = c_skb[4][i]; + s_skb[5][i] = c_skb[5][i]; + s_skb[6][i] = c_skb[6][i]; + s_skb[7][i] = c_skb[7][i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a (*s_SPtrans)[64] = c_SPtrans; + CONSTANT_AS u32a (*s_skb)[64] = c_skb; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + generate_key (salt_buf, tmp.i, tmp.pw_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 K0[16], K1[16], K2[16], K3[16], K4[16], K5[16]; + + _des_crypt_keysetup (key[0], key[1], K0, K1, s_skb); + _des_crypt_keysetup (key[2], key[3], K2, K3, s_skb); + _des_crypt_keysetup (key[4], key[5], K4, K5, s_skb); + + u32 p1[BLOCK_SIZE / 4], p2[BLOCK_SIZE / 4]; + + _des_crypt_decrypt (p1, first_block, K4, K5, s_SPtrans); + _des_crypt_encrypt (p2, p1, K2, K3, s_SPtrans); + _des_crypt_decrypt (plaintext, p2, K0, K1, s_SPtrans); + + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + _des_crypt_decrypt (p1, ciphertext, K4, K5, s_SPtrans); + _des_crypt_encrypt (p2, p1, K2, K3, s_SPtrans); + _des_crypt_decrypt (plaintext, p2, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22911_a1-pure.cl b/OpenCL/m22911_a1-pure.cl new file mode 100644 index 000000000..e611b1ebc --- /dev/null +++ b/OpenCL/m22911_a1-pure.cl @@ -0,0 +1,261 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 8 +#define KEY_LENGTH 24 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_cipher_des.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22911_sxx (KERN_ATTR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_SPtrans[8][64]; + LOCAL_VK u32 s_skb[8][64]; + + for (u32 i = lid; i < 64; i += lsz) + { + s_SPtrans[0][i] = c_SPtrans[0][i]; + s_SPtrans[1][i] = c_SPtrans[1][i]; + s_SPtrans[2][i] = c_SPtrans[2][i]; + s_SPtrans[3][i] = c_SPtrans[3][i]; + s_SPtrans[4][i] = c_SPtrans[4][i]; + s_SPtrans[5][i] = c_SPtrans[5][i]; + s_SPtrans[6][i] = c_SPtrans[6][i]; + s_SPtrans[7][i] = c_SPtrans[7][i]; + + s_skb[0][i] = c_skb[0][i]; + s_skb[1][i] = c_skb[1][i]; + s_skb[2][i] = c_skb[2][i]; + s_skb[3][i] = c_skb[3][i]; + s_skb[4][i] = c_skb[4][i]; + s_skb[5][i] = c_skb[5][i]; + s_skb[6][i] = c_skb[6][i]; + s_skb[7][i] = c_skb[7][i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a (*s_SPtrans)[64] = c_SPtrans; + CONSTANT_AS u32a (*s_skb)[64] = c_skb; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + const u32 pw_len = pws[gid].pw_len; + + u32 w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + const u32 comb_len = combs_buf[il_pos].pw_len; + u32 c[64]; + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] = combs_buf[il_pos].i[i]; + } + + switch_buffer_by_offset_1x64_be_S (c, pw_len); + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] |= w[i]; + } + + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + generate_key (salt_buf, c, pw_len + comb_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 K0[16], K1[16], K2[16], K3[16], K4[16], K5[16]; + + _des_crypt_keysetup (key[0], key[1], K0, K1, s_skb); + _des_crypt_keysetup (key[2], key[3], K2, K3, s_skb); + _des_crypt_keysetup (key[4], key[5], K4, K5, s_skb); + + u32 p1[BLOCK_SIZE / 4], p2[BLOCK_SIZE / 4]; + + _des_crypt_decrypt (p1, first_block, K4, K5, s_SPtrans); + _des_crypt_encrypt (p2, p1, K2, K3, s_SPtrans); + _des_crypt_decrypt (plaintext, p2, K0, K1, s_SPtrans); + + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + _des_crypt_decrypt (p1, ciphertext, K4, K5, s_SPtrans); + _des_crypt_encrypt (p2, p1, K2, K3, s_SPtrans); + _des_crypt_decrypt (plaintext, p2, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22911_a3-pure.cl b/OpenCL/m22911_a3-pure.cl new file mode 100644 index 000000000..585c96b15 --- /dev/null +++ b/OpenCL/m22911_a3-pure.cl @@ -0,0 +1,253 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#define BLOCK_SIZE 8 +#define KEY_LENGTH 24 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_cipher_des.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22911_sxx (KERN_ATTR_VECTOR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_SPtrans[8][64]; + LOCAL_VK u32 s_skb[8][64]; + + for (u32 i = lid; i < 64; i += lsz) + { + s_SPtrans[0][i] = c_SPtrans[0][i]; + s_SPtrans[1][i] = c_SPtrans[1][i]; + s_SPtrans[2][i] = c_SPtrans[2][i]; + s_SPtrans[3][i] = c_SPtrans[3][i]; + s_SPtrans[4][i] = c_SPtrans[4][i]; + s_SPtrans[5][i] = c_SPtrans[5][i]; + s_SPtrans[6][i] = c_SPtrans[6][i]; + s_SPtrans[7][i] = c_SPtrans[7][i]; + + s_skb[0][i] = c_skb[0][i]; + s_skb[1][i] = c_skb[1][i]; + s_skb[2][i] = c_skb[2][i]; + s_skb[3][i] = c_skb[3][i]; + s_skb[4][i] = c_skb[4][i]; + s_skb[5][i] = c_skb[5][i]; + s_skb[6][i] = c_skb[6][i]; + s_skb[7][i] = c_skb[7][i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a (*s_SPtrans)[64] = c_SPtrans; + CONSTANT_AS u32a (*s_skb)[64] = c_skb; + + #endif // REAL_SHM + + const u32 pw_len = pws[gid].pw_len; + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + u32x w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + u32x w0l = w[0]; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + const u32x w0 = w0l | w0r; + + w[0] = w0; + + u32x key[HC_PEM_MAX_KEY_LENGTH / 4]; + + generate_key_vector (salt_buf, w, pw_len, key); + + for (u32 v_pos = 0; v_pos < VECT_SIZE; v_pos++) + { + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 K0[16], K1[16], K2[16], K3[16], K4[16], K5[16]; + + _des_crypt_keysetup (VECTOR_ELEMENT(key[0], v_pos), VECTOR_ELEMENT(key[1], v_pos), K0, K1, s_skb); + _des_crypt_keysetup (VECTOR_ELEMENT(key[2], v_pos), VECTOR_ELEMENT(key[3], v_pos), K2, K3, s_skb); + _des_crypt_keysetup (VECTOR_ELEMENT(key[4], v_pos), VECTOR_ELEMENT(key[5], v_pos), K4, K5, s_skb); + + u32 p1[BLOCK_SIZE / 4], p2[BLOCK_SIZE / 4]; + + _des_crypt_decrypt (p1, first_block, K4, K5, s_SPtrans); + _des_crypt_encrypt (p2, p1, K2, K3, s_SPtrans); + _des_crypt_decrypt (plaintext, p2, K0, K1, s_SPtrans); + + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + _des_crypt_decrypt (p1, ciphertext, K4, K5, s_SPtrans); + _des_crypt_encrypt (p2, p1, K2, K3, s_SPtrans); + _des_crypt_decrypt (plaintext, p2, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos + v_pos, 0, 0); + } + } + } + } +} diff --git a/OpenCL/m22921_a0-pure.cl b/OpenCL/m22921_a0-pure.cl new file mode 100644 index 000000000..3ded312d8 --- /dev/null +++ b/OpenCL/m22921_a0-pure.cl @@ -0,0 +1,229 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 8 +#define KEY_LENGTH 8 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp.cl" +#include "inc_cipher_des.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22921_sxx (KERN_ATTR_RULES_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_SPtrans[8][64]; + LOCAL_VK u32 s_skb[8][64]; + + for (u32 i = lid; i < 64; i += lsz) + { + s_SPtrans[0][i] = c_SPtrans[0][i]; + s_SPtrans[1][i] = c_SPtrans[1][i]; + s_SPtrans[2][i] = c_SPtrans[2][i]; + s_SPtrans[3][i] = c_SPtrans[3][i]; + s_SPtrans[4][i] = c_SPtrans[4][i]; + s_SPtrans[5][i] = c_SPtrans[5][i]; + s_SPtrans[6][i] = c_SPtrans[6][i]; + s_SPtrans[7][i] = c_SPtrans[7][i]; + + s_skb[0][i] = c_skb[0][i]; + s_skb[1][i] = c_skb[1][i]; + s_skb[2][i] = c_skb[2][i]; + s_skb[3][i] = c_skb[3][i]; + s_skb[4][i] = c_skb[4][i]; + s_skb[5][i] = c_skb[5][i]; + s_skb[6][i] = c_skb[6][i]; + s_skb[7][i] = c_skb[7][i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a (*s_SPtrans)[64] = c_SPtrans; + CONSTANT_AS u32a (*s_skb)[64] = c_skb; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + COPY_PW(pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + generate_key (salt_buf, tmp.i, tmp.pw_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 K0[16], K1[16]; + + _des_crypt_keysetup (key[0], key[1], K0, K1, s_skb); + + _des_crypt_decrypt (plaintext, first_block, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + _des_crypt_decrypt (plaintext, ciphertext, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22921_a1-pure.cl b/OpenCL/m22921_a1-pure.cl new file mode 100644 index 000000000..ca5358595 --- /dev/null +++ b/OpenCL/m22921_a1-pure.cl @@ -0,0 +1,252 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 8 +#define KEY_LENGTH 8 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_cipher_des.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22921_sxx (KERN_ATTR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_SPtrans[8][64]; + LOCAL_VK u32 s_skb[8][64]; + + for (u32 i = lid; i < 64; i += lsz) + { + s_SPtrans[0][i] = c_SPtrans[0][i]; + s_SPtrans[1][i] = c_SPtrans[1][i]; + s_SPtrans[2][i] = c_SPtrans[2][i]; + s_SPtrans[3][i] = c_SPtrans[3][i]; + s_SPtrans[4][i] = c_SPtrans[4][i]; + s_SPtrans[5][i] = c_SPtrans[5][i]; + s_SPtrans[6][i] = c_SPtrans[6][i]; + s_SPtrans[7][i] = c_SPtrans[7][i]; + + s_skb[0][i] = c_skb[0][i]; + s_skb[1][i] = c_skb[1][i]; + s_skb[2][i] = c_skb[2][i]; + s_skb[3][i] = c_skb[3][i]; + s_skb[4][i] = c_skb[4][i]; + s_skb[5][i] = c_skb[5][i]; + s_skb[6][i] = c_skb[6][i]; + s_skb[7][i] = c_skb[7][i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a (*s_SPtrans)[64] = c_SPtrans; + CONSTANT_AS u32a (*s_skb)[64] = c_skb; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + const u32 pw_len = pws[gid].pw_len; + + u32 w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + const u32 comb_len = combs_buf[il_pos].pw_len; + u32 c[64]; + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] = combs_buf[il_pos].i[i]; + } + + switch_buffer_by_offset_1x64_be_S (c, pw_len); + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] |= w[i]; + } + + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + generate_key (salt_buf, c, pw_len + comb_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 K0[16], K1[16]; + + _des_crypt_keysetup (key[0], key[1], K0, K1, s_skb); + + _des_crypt_decrypt (plaintext, first_block, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + _des_crypt_decrypt (plaintext, ciphertext, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22921_a3-pure.cl b/OpenCL/m22921_a3-pure.cl new file mode 100644 index 000000000..85b81d7e9 --- /dev/null +++ b/OpenCL/m22921_a3-pure.cl @@ -0,0 +1,244 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#define BLOCK_SIZE 8 +#define KEY_LENGTH 8 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_cipher_des.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22921_sxx (KERN_ATTR_VECTOR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_SPtrans[8][64]; + LOCAL_VK u32 s_skb[8][64]; + + for (u32 i = lid; i < 64; i += lsz) + { + s_SPtrans[0][i] = c_SPtrans[0][i]; + s_SPtrans[1][i] = c_SPtrans[1][i]; + s_SPtrans[2][i] = c_SPtrans[2][i]; + s_SPtrans[3][i] = c_SPtrans[3][i]; + s_SPtrans[4][i] = c_SPtrans[4][i]; + s_SPtrans[5][i] = c_SPtrans[5][i]; + s_SPtrans[6][i] = c_SPtrans[6][i]; + s_SPtrans[7][i] = c_SPtrans[7][i]; + + s_skb[0][i] = c_skb[0][i]; + s_skb[1][i] = c_skb[1][i]; + s_skb[2][i] = c_skb[2][i]; + s_skb[3][i] = c_skb[3][i]; + s_skb[4][i] = c_skb[4][i]; + s_skb[5][i] = c_skb[5][i]; + s_skb[6][i] = c_skb[6][i]; + s_skb[7][i] = c_skb[7][i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a (*s_SPtrans)[64] = c_SPtrans; + CONSTANT_AS u32a (*s_skb)[64] = c_skb; + + #endif // REAL_SHM + + const u32 pw_len = pws[gid].pw_len; + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + u32x w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + u32x w0l = w[0]; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + const u32x w0 = w0l | w0r; + + w[0] = w0; + + u32x key[HC_PEM_MAX_KEY_LENGTH / 4]; + + generate_key_vector (salt_buf, w, pw_len, key); + + for (u32 v_pos = 0; v_pos < VECT_SIZE; v_pos++) + { + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 K0[16], K1[16]; + + _des_crypt_keysetup (VECTOR_ELEMENT(key[0], v_pos), VECTOR_ELEMENT(key[1], v_pos), K0, K1, s_skb); + + _des_crypt_decrypt (plaintext, first_block, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + _des_crypt_decrypt (plaintext, ciphertext, K0, K1, s_SPtrans); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos + v_pos, 0, 0); + } + } + } + } +} diff --git a/OpenCL/m22931_a0-pure.cl b/OpenCL/m22931_a0-pure.cl new file mode 100644 index 000000000..816e82d67 --- /dev/null +++ b/OpenCL/m22931_a0-pure.cl @@ -0,0 +1,241 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 16 +#define KEY_LENGTH 16 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp.cl" +#include "inc_cipher_aes.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22931_sxx (KERN_ATTR_RULES_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + generate_key (salt_buf, tmp.i, tmp.pw_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 ks[44]; + + aes128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes128_decrypt (ks, first_block, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + aes128_decrypt (ks, ciphertext, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22931_a1-pure.cl b/OpenCL/m22931_a1-pure.cl new file mode 100644 index 000000000..9d0072da3 --- /dev/null +++ b/OpenCL/m22931_a1-pure.cl @@ -0,0 +1,264 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 16 +#define KEY_LENGTH 16 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_cipher_aes.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22931_sxx (KERN_ATTR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + const u32 pw_len = pws[gid].pw_len; + + u32 w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + const u32 comb_len = combs_buf[il_pos].pw_len; + u32 c[64]; + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] = combs_buf[il_pos].i[i]; + } + + switch_buffer_by_offset_1x64_be_S (c, pw_len); + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] |= w[i]; + } + + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + generate_key (salt_buf, c, pw_len + comb_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 ks[44]; + + aes128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes128_decrypt (ks, first_block, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + aes128_decrypt (ks, ciphertext, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22931_a3-pure.cl b/OpenCL/m22931_a3-pure.cl new file mode 100644 index 000000000..fd9e4c438 --- /dev/null +++ b/OpenCL/m22931_a3-pure.cl @@ -0,0 +1,265 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#define BLOCK_SIZE 16 +#define KEY_LENGTH 16 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_cipher_aes.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22931_sxx (KERN_ATTR_VECTOR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif // REAL_SHM + + const u32 pw_len = pws[gid].pw_len; + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + u32x w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + u32x w0l = w[0]; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + const u32x w0 = w0l | w0r; + + w[0] = w0; + + u32x keys[KEY_LENGTH / 4]; + + generate_key_vector (salt_buf, w, pw_len, keys); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 v_pos = 0; v_pos < VECT_SIZE; v_pos++) + { + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 ks[44]; + u32 key[KEY_LENGTH / 4]; + + for (u32 i = 0; i < KEY_LENGTH; i++) + { + key[i] = VECTOR_ELEMENT(keys[i], v_pos); + } + + aes128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes128_decrypt (ks, first_block, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + aes128_decrypt (ks, ciphertext, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos + v_pos, 0, 0); + } + } + } + } +} diff --git a/OpenCL/m22951_a0-pure.cl b/OpenCL/m22951_a0-pure.cl new file mode 100644 index 000000000..3f53e4edb --- /dev/null +++ b/OpenCL/m22951_a0-pure.cl @@ -0,0 +1,241 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 16 +#define KEY_LENGTH 32 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp.cl" +#include "inc_cipher_aes.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22951_sxx (KERN_ATTR_RULES_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + generate_key (salt_buf, tmp.i, tmp.pw_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 ks[60]; + + aes256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes256_decrypt (ks, first_block, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + aes256_decrypt (ks, ciphertext, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22951_a1-pure.cl b/OpenCL/m22951_a1-pure.cl new file mode 100644 index 000000000..b3ded8b40 --- /dev/null +++ b/OpenCL/m22951_a1-pure.cl @@ -0,0 +1,264 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define BLOCK_SIZE 16 +#define KEY_LENGTH 32 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_cipher_aes.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22951_sxx (KERN_ATTR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif // REAL_SHM + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + const u32 pw_len = pws[gid].pw_len; + + u32 w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + const u32 comb_len = combs_buf[il_pos].pw_len; + u32 c[64]; + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] = combs_buf[il_pos].i[i]; + } + + switch_buffer_by_offset_1x64_be_S (c, pw_len); + + #ifdef _unroll + #pragma unroll + #endif + for (int i = 0; i < 16; i++) + { + c[i] |= w[i]; + } + + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; + + generate_key (salt_buf, c, pw_len + comb_len, key); + + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 ks[60]; + + aes256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes256_decrypt (ks, first_block, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + aes256_decrypt (ks, ciphertext, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m22951_a3-pure.cl b/OpenCL/m22951_a3-pure.cl new file mode 100644 index 000000000..875f20333 --- /dev/null +++ b/OpenCL/m22951_a3-pure.cl @@ -0,0 +1,262 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#define BLOCK_SIZE 16 +#define KEY_LENGTH 32 + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_cipher_aes.cl" +#include "inc_pem_common.cl" +#endif // KERNEL_STATIC + +KERNEL_FQ void m22951_sxx (KERN_ATTR_VECTOR_ESALT (pem_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + if (gid >= gid_max) return; + + #ifdef REAL_SHM + + LOCAL_VK u32 data_len; + data_len = esalt_bufs[digests_offset].data_len; + + LOCAL_VK u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + for (u32 i = lid; i <= data_len / 4; i += lsz) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + const size_t data_len = esalt_bufs[digests_offset].data_len; + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < data_len / 4; i++) + { + data[i] = esalt_bufs[digests_offset].data[i]; + } + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif // REAL_SHM + + const u32 pw_len = pws[gid].pw_len; + + u32 salt_buf[16] = { 0 }; + u32 salt_iv[BLOCK_SIZE / 4], first_block[BLOCK_SIZE / 4]; + + prep_buffers(salt_buf, salt_iv, first_block, data, &esalt_bufs[digests_offset]); + + u32x w[16] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + u32x w0l = w[0]; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + const u32x w0 = w0l | w0r; + + w[0] = w0; + + u32x keys[HC_PEM_MAX_KEY_LENGTH / 4]; + + generate_key_vector (salt_buf, w, pw_len, keys); + + for (u32 v_pos = 0; v_pos < VECT_SIZE; v_pos++) + { + u32 asn1_ok = 0, padding_ok = 0, plaintext_length, plaintext[BLOCK_SIZE / 4]; + u32 ciphertext[BLOCK_SIZE / 4], iv[BLOCK_SIZE / 4]; + u32 ks[60]; + u32 key[KEY_LENGTH / 4]; + + for (u32 i = 0; i < KEY_LENGTH; i++) + { + key[i] = VECTOR_ELEMENT(keys[i], v_pos); + } + + aes256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes256_decrypt (ks, first_block, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + plaintext[i] ^= salt_iv[i]; + } + + #ifdef DEBUG + printf("First plaintext block:"); + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) printf(" 0x%08x", plaintext[i]); + printf("\n"); + #endif // DEBUG + + if (data_len < 128) + { + asn1_ok = (plaintext[0] & 0x00ff80ff) == 0x00020030; + plaintext_length = ((plaintext[0] & 0x00007f00) >> 8) + 2; + } + else if (data_len < 256) + { + asn1_ok = (plaintext[0] & 0xff00ffff) == 0x02008130; + plaintext_length = ((plaintext[0] & 0x00ff0000) >> 16) + 3; + } + else if (data_len < 65536) + { + asn1_ok = ((plaintext[0] & 0x0000ffff) == 0x00008230) && ((plaintext[1] & 0x000000ff) == 0x00000002); + plaintext_length = ((plaintext[0] & 0xff000000) >> 24) + ((plaintext[0] & 0x00ff0000) >> 8) + 4; + } + + #ifdef DEBUG + if (asn1_ok == 1) printf("Passed ASN.1 sanity check\n"); + #endif // DEBUG + + if (asn1_ok == 0) + { + continue; + } + + #ifdef _unroll + #pragma unroll + #endif + for (u32 i = 0; i < BLOCK_SIZE / 4; i++) + { + iv[i] = first_block[i]; + } + + for (u32 i = BLOCK_SIZE / 4; i < data_len / 4; i += BLOCK_SIZE / 4) + { + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + ciphertext[j] = data[i + j]; + } + + aes256_decrypt (ks, ciphertext, plaintext, s_td0, s_td1, s_td2, s_td3, s_td4); + + #ifdef _unroll + #pragma unroll + #endif + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) + { + plaintext[j] ^= iv[j]; + iv[j] = ciphertext[j]; + } + + #ifdef DEBUG + printf("Plaintext block %u:", i / (BLOCK_SIZE / 4)); + for (u32 j = 0; j < BLOCK_SIZE / 4; j++) printf(" 0x%08x", plaintext[j]); + printf("\n"); + #endif + } + + u32 padding_count = (plaintext[BLOCK_SIZE / 4 - 1] & 0xff000000) >> 24; + u8 *pt_bytes = (u8 *) plaintext; + + #ifdef DEBUG + printf("Padding byte: 0x%02x\n", padding_count); + #endif + + if (padding_count > BLOCK_SIZE || padding_count == 0) + { + // That *can't* be right + padding_ok = 0; + } else { + padding_ok = 1; + } + + for (u32 i = 0; i < padding_count; i++) + { + if (pt_bytes[BLOCK_SIZE - 1 - i] != padding_count) + { + padding_ok = 0; + break; + } + plaintext_length++; + } + + #ifdef DEBUG + if (padding_ok == 1) printf("Padding checks out\n"); + if (plaintext_length == data_len) printf("ASN.1 sequence length checks out\n"); + #endif + + if (asn1_ok == 1 && padding_ok == 1 && plaintext_length == data_len) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset, gid, il_pos + v_pos, 0, 0); + } + } + } + } +} diff --git a/docs/changes.txt b/docs/changes.txt index 90e94fb2a..3c495a7c4 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -97,6 +97,7 @@ - Added hash-mode: Open Document Format (ODF) 1.1 (SHA-1, Blowfish) - Added hash-mode: Open Document Format (ODF) 1.2 (SHA-256, AES) - Added hash-mode: Oracle Transportation Management (SHA256) +- Added hash-mode: PKCS#1 key - Added hash-mode: PKZIP archive encryption - Added hash-mode: PKZIP Master Key - Added hash-mode: Python passlib pbkdf2-sha1 diff --git a/docs/readme.txt b/docs/readme.txt index f693789d9..e98e182fa 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -327,6 +327,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - Django (SHA-1) - Web2py pbkdf2-sha512 - TOTP (HMAC-SHA1) +- PKCS#1 key ## ## Attack-Modes diff --git a/src/modules/module_22900.c b/src/modules/module_22900.c new file mode 100644 index 000000000..349e8d582 --- /dev/null +++ b/src/modules/module_22900.c @@ -0,0 +1,524 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" +#include "memory.h" + +#define HC_PEM_SALT_LENGTH 8 +#define HC_PEM_MAX_BLOCK_SIZE 16 +#define HC_PEM_MAX_KEY_LENGTH 32 +#define HC_PEM_MAX_DATA_LENGTH 12288 + +// The longest OpenSSL cipher name I can find is 24 characters, so add on seven +// more characters for luck and one for the \0 gives us 32. +#define HC_PEM_MAX_CIPHER_NAME_LENGTH 32 + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_DOCUMENTS; +static const char *HASH_NAME = "PEM encrypted private key"; +static const u64 KERN_TYPE = 22911; // Kernel used for the benchmark esalt; will likely be overridden in production +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE; +static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_BINARY_HASHFILE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = NULL; // Benchmark / self-test hash provided in module_benchmark_esalt + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef enum hc_pem_cipher_type +{ + HC_PEM_CIPHER_TYPE_3DES = 1, + HC_PEM_CIPHER_TYPE_DES = 2, + HC_PEM_CIPHER_TYPE_AES128 = 3, + HC_PEM_CIPHER_TYPE_AES192 = 4, + HC_PEM_CIPHER_TYPE_AES256 = 5, +} hc_pem_cipher_type_t; + +typedef enum hc_pem_cipher_mode +{ + HC_PEM_CIPHER_MODE_CBC = 1, +} hc_pem_cipher_mode_t; + +typedef struct pem_cipher +{ + char *name; + + u32 block_size; + u32 key_length; + u32 cipher_type; + u32 cipher_mode; +} hc_pem_cipher_t; + +static hc_pem_cipher_t pem_ciphers[] = { + {"des-ede3-cbc", 8, 24, HC_PEM_CIPHER_TYPE_3DES, HC_PEM_CIPHER_MODE_CBC}, + {"des-cbc", 8, 8, HC_PEM_CIPHER_TYPE_DES, HC_PEM_CIPHER_MODE_CBC}, + {"aes-128-cbc", 16, 16, HC_PEM_CIPHER_TYPE_AES128, HC_PEM_CIPHER_MODE_CBC}, + {"aes-192-cbc", 16, 24, HC_PEM_CIPHER_TYPE_AES192, HC_PEM_CIPHER_MODE_CBC}, + {"aes-256-cbc", 16, 32, HC_PEM_CIPHER_TYPE_AES256, HC_PEM_CIPHER_MODE_CBC}, + {NULL, 0, 0, 0, 0} +}; + +typedef struct pem +{ + hc_pem_cipher_t *chosen_cipher; + + u32 salt_iv[HC_PEM_MAX_BLOCK_SIZE / 4]; + + u32 data[HC_PEM_MAX_DATA_LENGTH / 4]; + size_t data_len; +} pem_t; + +typedef struct pem_tmp +{ + u32 key[HC_PEM_MAX_KEY_LENGTH / 4]; +} pem_tmp_t; + + +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra) +{ + const u32 pw_max = 64; + + return pw_max; +} + +bool module_outfile_check_disable (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra) +{ + const bool outfile_check_disable = true; + + return outfile_check_disable; +} + +int module_hash_binary_count (MAYBE_UNUSED const hashes_t * hashes) +{ + return 1; +} + +int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra, hashes_t * hashes) +{ + hash_t *hashes_buf = hashes->hashes_buf; + hash_t *hash = &hashes_buf[0]; + + memset (hash->salt, 0, sizeof (salt_t)); + memset (hash->esalt, 0, sizeof (pem_t)); + + return module_hash_decode (hashconfig, hash->digest, hash->salt, hash->esalt, hash->hook_salt, hash->hash_info, hashes->hashfile, strlen (hashes->hashfile)); +} + +static int peminator (char *buf, char *type, char **start, size_t * len) +{ + char start_header[256], end_header[256]; + + snprintf (start_header, 256, "-----BEGIN %s-----", type); + snprintf (end_header, 256, "-----END %s-----", type); + + char *start_point = buf; + + while (start_point != NULL) + { + if ((start_point = strstr (start_point, start_header)) == NULL) + return -1; + + if (start_point != buf && start_point[-1] != '\n') + continue; + + if (start_point[strlen (start_header)] == '\n') + break; + } + + char *end_point = start_point; + + while (end_point != NULL) + { + if ((end_point = strstr (end_point, end_header)) == NULL) + return -1; + + if (end_point[-1] == '\n' && (end_point[strlen (end_header)] == '\n' || end_point[strlen (end_header)] == '\0')) + { + break; + } + else + { + end_point++; + } + } + + *start = start_point + strlen (start_header) + 1; + *len = end_point - *start; + + return 0; +} + +static int parse_dek_info (char *line, char *cipher_name, u8 * salt) +{ + line += strlen ("DEK-Info: "); + + u8 i = 0; + int salty = -1; + + for (; *line != '\0'; line++) + { + if (salty >= 0) + { + if (i++ % 2 == 0) + { + if (line[1] == '\0') + { + return PARSER_SALT_LENGTH; + } + + salt[salty++] = hex_to_u8 ((u8 *) line); + + if (salty > HC_PEM_MAX_BLOCK_SIZE) + { + return PARSER_SALT_LENGTH; + } + } + else if (line[1] == '\0') + { + if (salty < HC_PEM_SALT_LENGTH) + { + // Malformed salt, not long enough for PKCS5's liking + return PARSER_SALT_LENGTH; + } + else + { + return 0; + } + } + } + else if (*line == ',') + { + cipher_name[i] = '\0'; + salty = 0; + i = 0; + } + else + { + cipher_name[i++] = *line; + if (i >= HC_PEM_MAX_CIPHER_NAME_LENGTH) + { + return PARSER_CIPHER; + } + } + } + + return PARSER_SALT_VALUE; +} + +static int parse_pem_key_data (char *buf, char *cipher_name, u8 * salt, u8 * data, size_t * data_len) +{ + char *pemdata; + size_t pemdata_len; + + if (peminator (buf, "RSA PRIVATE KEY", &pemdata, &pemdata_len) < 0) + { + if (peminator (buf, "DSA PRIVATE KEY", &pemdata, &pemdata_len) < 0) + { + if (peminator (buf, "EC PRIVATE KEY", &pemdata, &pemdata_len) < 0) + { + if (peminator (buf, "PRIVATE KEY", &pemdata, &pemdata_len) < 0) + { + return PARSER_HASH_FILE; + } + } + } + } + + u8 in_header = 1, *b64data; + char line[256]; + size_t pd_idx = 0, l_idx = 0, b64_idx = 0; + + b64data = hcmalloc (pemdata_len); + + for (pd_idx = 0; pd_idx < pemdata_len; pd_idx++) + { + if (in_header) + { + if (pemdata[pd_idx] == '\n') + { + if (l_idx == 0) + { + // Empty line! + in_header = 0; + continue; + } + + line[l_idx] = '\0'; + + if (strstr (line, "DEK-Info: ") == line) + { + int err; + + if ((err = parse_dek_info (line, cipher_name, salt)) < 0) + { + return err; + } + } + + l_idx = 0; + } + else + { + line[l_idx++] = pemdata[pd_idx]; + } + } + else + { + if (pemdata[pd_idx] != '\n') + b64data[b64_idx++] = pemdata[pd_idx]; + } + } + + if (b64_idx * 6 / 8 > HC_PEM_MAX_DATA_LENGTH) + { + return PARSER_TOKEN_LENGTH; + } + + *data_len = base64_decode (base64_to_int, b64data, b64_idx, data); + + return 0; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED void *digest_buf, salt_t * salt, void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t * hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + pem_t *pem = (pem_t *) esalt_buf; + + HCFILE fp; + struct stat fileinfo; + u8 *filebuf; + + if (stat (line_buf, &fileinfo) < 0) + return 0; + + if (hc_fopen (&fp, line_buf, "rb") == false) + return 0; + + filebuf = hcmalloc (fileinfo.st_size + 1); + + if (hc_fread (filebuf, 1, fileinfo.st_size, &fp) < (size_t) fileinfo.st_size) + { + hc_fclose (&fp); + hcfree (filebuf); + + return PARSER_FILE_SIZE; + } + + hc_fclose (&fp); + + filebuf[fileinfo.st_size] = '\0'; + + char cipher_name[HC_PEM_MAX_CIPHER_NAME_LENGTH] = { 0 }; + u8 saltbytes[MAX(HC_PEM_SALT_LENGTH, HC_PEM_MAX_BLOCK_SIZE)]; + int err; + + if ((err = parse_pem_key_data ((char *) filebuf, cipher_name, saltbytes, (u8 *) pem->data, &pem->data_len)) < 0) + { + hcfree (filebuf); + + return err; + } + + u32 *saltwords = (u32 *) saltbytes; + + for (u32 i = 0; i < HC_PEM_SALT_LENGTH / 4; i++) + { + pem->salt_iv[i] = saltwords[i]; + } + + hc_pem_cipher_t *candidate_cipher = pem_ciphers, *chosen_cipher = NULL; + + while (candidate_cipher->name) + { + if (strcasecmp (cipher_name, candidate_cipher->name) == 0) + { + chosen_cipher = candidate_cipher; + break; + } + else + { + candidate_cipher++; + } + } + + if (chosen_cipher == NULL) + { + hcfree (filebuf); + + return PARSER_CIPHER; + } + + if (chosen_cipher->block_size > HC_PEM_MAX_BLOCK_SIZE) + { + hcfree (filebuf); + + return PARSER_BLOCK_SIZE; + } + + if (pem->data_len % chosen_cipher->block_size) + { + hcfree (filebuf); + + return PARSER_HASH_LENGTH; + } + + if (chosen_cipher->key_length > HC_PEM_MAX_KEY_LENGTH) + { + // Nope nope nopety nope + return PARSER_KEY_SIZE; + } + + pem->chosen_cipher = chosen_cipher; + + memcpy (salt->salt_buf, pem->salt_iv, MIN (HC_PEM_SALT_LENGTH, 64 * 4)); + salt->salt_iter = 1; + + return 1; +} + +void *module_benchmark_esalt (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + pem_t *pem = (pem_t *) hcmalloc (sizeof (pem_t)); + + pem->chosen_cipher = &pem_ciphers[0]; + hex_decode ((u8 *) "7CC48DB27D461D30", 16, (u8 *) pem->salt_iv); + pem->data_len = base64_decode (base64_to_int, (u8 *) "ysVmp6tkcZXRqHyy3YMk5zd4bsT9D97kFcDIKkD2g5o/OBgc0pGQ/iSwJm/V+A2IkwgQlwvLW1OfKkAWdjcSFNKhmiWApVQB", 96, (u8 *) pem->data); + + return pem; +} + +salt_t *module_benchmark_salt (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + salt_t *salt = (salt_t *) hcmalloc (sizeof (salt_t)); + + salt->salt_iter = 1; + hex_decode ((u8 *) "7CC48DB27D461D30", 16, (u8 *) salt->salt_buf); + + return salt; +} + +u64 module_kern_type_dynamic (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t * salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t * hash_info) +{ + const pem_t *pem = (const pem_t *) esalt_buf; + + u64 kern_type = 22900; + + kern_type += pem->chosen_cipher->cipher_type * 10; + kern_type += pem->chosen_cipher->cipher_mode; + + return kern_type; +} + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (pem_t); + + return esalt_size; +} + +char *module_jit_build_options (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra, MAYBE_UNUSED const hashes_t * hashes, MAYBE_UNUSED const hc_device_param_t * device_param) +{ + char *jit_build_options = NULL; + + hc_asprintf (&jit_build_options, "-D _unroll"); + + return jit_build_options; +} + +void module_init (module_ctx_t * module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = module_benchmark_esalt; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = module_benchmark_salt; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = module_hash_binary_count; + module_ctx->module_hash_binary_parse = module_hash_binary_parse; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = MODULE_DEFAULT; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = module_jit_build_options; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = module_kern_type_dynamic; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = module_outfile_check_disable; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +}