arno
/
hashcat
mirror of https://github.com/hashcat/hashcat.git
1
0
Fork 0
Code Issues Releases Wiki Activity

minor whitespace fixes, per #2841

Browse Source
pull/2845/head
Royce Williams 3 years ago
parent 3cd638f624
commit 1e88990b46
31 changed files with 108 additions and 108 deletions
Show Stats Download Patch File Download Diff File

4
OpenCL/inc_ecc_secp256k1.cl
Unescape View File

@ -1847,7 +1847,7 @@ DECLSPEC void point_mul_xy (u32 *x1, u32 *y1, const u32 *k, GLOBAL_AS const secp
{
u32 naf[SECP256K1_NAF_SIZE] = { 0 };
int loop_start = convert_to_window_naf(naf, k);
// first set:
const u32 multiplier = (naf[loop_start >> 3] >> ((loop_start & 7) << 2)) & 0x0f; // or use u8 ?
@ -1973,7 +1973,7 @@ DECLSPEC void point_mul_xy (u32 *x1, u32 *y1, const u32 *k, GLOBAL_AS const secp
mul_mod (z1, z2, z1); // z1^3
mul_mod (y1, y1, z1); // y1_affine
// return values are already in x1 and y1
}

2
OpenCL/m03500_a0-pure.cl
Unescape View File

@ -204,7 +204,7 @@ KERNEL_FQ void m03500_sxx (KERN_ATTR_RULES ())
/**
* base
*/
*/
COPY_PW (pws[gid]);

2
OpenCL/m05000_a0-optimized.cl
Unescape View File

@ -1,7 +1,7 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
*/
#define NEW_SIMD_CODE

2
OpenCL/m14511_a0-pure.cl
Unescape View File

@ -120,7 +120,7 @@ KERNEL_FQ void m14511_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
ctx.w0[0] = 0x41000000;
ctx.len = 1;
sha1_update_swap (&ctx, w, w_len);
sha1_final (&ctx);

2
OpenCL/m14512_a0-pure.cl
Unescape View File

@ -255,7 +255,7 @@ KERNEL_FQ void m14512_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
}
// key
u32 ukey[8] = { 0 };
ukey[0] = hc_swap32_S (k0);

2
OpenCL/m14513_a0-pure.cl
Unescape View File

@ -256,7 +256,7 @@ KERNEL_FQ void m14513_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
}
// key
u32 ukey[8] = { 0 };
ukey[0] = hc_swap32_S (k0);

2
OpenCL/m14522_a0-pure.cl
Unescape View File

@ -243,7 +243,7 @@ KERNEL_FQ void m14522_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT

4
OpenCL/m14522_a1-pure.cl
Unescape View File

@ -102,7 +102,7 @@ KERNEL_FQ void m14522_mxx (KERN_ATTR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT
@ -233,7 +233,7 @@ KERNEL_FQ void m14522_sxx (KERN_ATTR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT

4
OpenCL/m14522_a3-pure.cl
Unescape View File

@ -115,7 +115,7 @@ KERNEL_FQ void m14522_mxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT
@ -259,7 +259,7 @@ KERNEL_FQ void m14522_sxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT

6
OpenCL/m14523_a0-pure.cl
Unescape View File

@ -80,7 +80,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
}
// key
u32 ukey[8] = { 0 };
ukey[0] = hc_swap32_S (k0);
@ -106,7 +106,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT
@ -244,7 +244,7 @@ KERNEL_FQ void m14523_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT

4
OpenCL/m14523_a1-pure.cl
Unescape View File

@ -102,7 +102,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT
@ -234,7 +234,7 @@ KERNEL_FQ void m14523_sxx (KERN_ATTR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT

4
OpenCL/m14523_a3-pure.cl
Unescape View File

@ -115,7 +115,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT
@ -260,7 +260,7 @@ KERNEL_FQ void m14523_sxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t))
salt_bufs[SALT_POS].salt_buf[0],
salt_bufs[SALT_POS].salt_buf[1],
salt_bufs[SALT_POS].salt_buf[2],
salt_bufs[SALT_POS].salt_buf[3]
salt_bufs[SALT_POS].salt_buf[3]
};
// CT

2
OpenCL/m14532_a0-pure.cl
Unescape View File

@ -80,7 +80,7 @@ KERNEL_FQ void m14532_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
}
// key
u32 ukey[8] = { 0 };
ukey[0] = hc_swap32_S (k0);

2
OpenCL/m14553_a0-pure.cl
Unescape View File

@ -125,7 +125,7 @@ KERNEL_FQ void m14553_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t))
}
// key
u32 ukey[8] = { 0 };
ukey[0] = hc_swap32_S (k0);

2
OpenCL/m20720_a0-pure.cl
Unescape View File

@ -3,7 +3,7 @@
* License.....: MIT
*/
//#define NEW_SIMD_CODE
//#define NEW_SIMD_CODE
#ifdef KERNEL_STATIC
#include "inc_vendor.h"

6
OpenCL/m24300_a3-optimized.cl
Unescape View File

@ -140,7 +140,7 @@ DECLSPEC void m24300m (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER
u32x wd_t = w3[1];
u32x we_t = w3[2];
u32x wf_t = pw_salt_len * 8;
u32x a = SHA1M_A;
u32x b = SHA1M_B;
@ -717,7 +717,7 @@ DECLSPEC void m24300s (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER
u32x wd_t = w3[1];
u32x we_t = w3[2];
u32x wf_t = pw_salt_len * 8;
u32x a = SHA1M_A;
u32x b = SHA1M_B;
@ -906,7 +906,7 @@ DECLSPEC void m24300s (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER
wc_t = hc_swap32 (t3[0]);
wd_t = hc_swap32 (t3[1]);
we_t = hc_swap32 (t3[2]);
wf_t = hc_swap32 (t3[3]);
wf_t = hc_swap32 (t3[3]);
#undef K
#define K SHA1C00

4
OpenCL/m25700_a0-optimized.cl
Unescape View File

@ -45,9 +45,9 @@ DECLSPEC u32 MurmurHash (const u32 seed, const u32 *w, const int pw_len)
hash ^= hash >> R;
}
hash *= M;
hash *= M;
hash ^= hash >> 10;
hash *= M;
hash *= M;
hash ^= hash >> 17;
#undef M

4
OpenCL/m25700_a1-optimized.cl
Unescape View File

@ -44,9 +44,9 @@ DECLSPEC u32 MurmurHash (const u32 seed, const u32 *w, const int pw_len)
hash ^= hash >> R;
}
hash *= M;
hash *= M;
hash ^= hash >> 10;
hash *= M;
hash *= M;
hash ^= hash >> 17;
#undef M

4
OpenCL/m25700_a3-optimized.cl
Unescape View File

@ -64,9 +64,9 @@ DECLSPEC u32x MurmurHash_w0 (const u32 seed, const u32x w0, const u32 *w, const
}
}
hash *= M;
hash *= M;
hash ^= hash >> 10;
hash *= M;
hash *= M;
hash ^= hash >> 17;
#undef M

2
OpenCL/m25900-pure.cl
Unescape View File

@ -398,7 +398,7 @@ KERNEL_FQ void m25900_comp(KERN_ATTR_TMPS_ESALT(pbkdf2_sha256_tmp_t, blocks_t))
aes128_encrypt_cbc (aes_ks, aes_cbc_iv, b1, yn, s_te0, s_te1, s_te2, s_te3, s_te4);
aes128_encrypt_cbc (aes_ks, aes_cbc_iv, b2, yn, s_te0, s_te1, s_te2, s_te3, s_te4);
aes128_encrypt_cbc (aes_ks, aes_cbc_iv, b3, yn, s_te0, s_te1, s_te2, s_te3, s_te4);
u32 nonce[4];
nonce[0] = 0;

4
src/modules/module_24300.c
Unescape View File

@ -1,7 +1,7 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
*/
#include "common.h"
#include "types.h"
@ -73,7 +73,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[0];
const u8 *hash_pos = token.buf[0];
digest[0] = hex_to_u32 (hash_pos + 0);
digest[1] = hex_to_u32 (hash_pos + 8);

2
tools/test_modules/m01411.pm
Unescape View File

@ -39,7 +39,7 @@ sub module_verify_hash
my $signature = substr ($hash, 0, 9);
my $plain_base64 = substr ($hash, 9);
return unless ($signature eq "{SSHA256}");
return unless ($signature eq "{SSHA256}");
return unless defined $plain_base64;
# base64 decode to extract salt

2
tools/test_modules/m15200.pm
Unescape View File

@ -45,7 +45,7 @@ sub module_generate_hash
"guid" : "00000000-0000-0000-0000-000000000000",
"sharedKey" : "00000000-0000-0000-0000-000000000000",
"options" : {"pbkdf2_iterations":$iterations,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
unless (defined $encrypted)
{
$encrypted = unpack ("H*", $cipher->encrypt ($data));

26
tools/test_modules/m19800.pm
Unescape View File

@ -58,7 +58,7 @@ sub module_generate_hash
);
my $b_seed = $pbkdf2->PBKDF2 ($mysalt, $word);
# we can precompute this
my $b_kerberos_nfolded = hex2byte ('6b65726265726f737b9b5b2b93132b93');
@ -68,14 +68,14 @@ sub module_generate_hash
# and 'ke' (AES key to decrypt/encrypt the ticket)
my $cbc = Crypt::Mode::CBC->new ('AES', 0);
my $b_key_bytes = $cbc->encrypt ($b_kerberos_nfolded, $b_seed, $b_iv);
# precomputed stuff
# nfold 0x0000000155 to 16 bytes
my $b_nfolded1 = hex2byte ('5b582c160a5aa80556ab55aad5402ab5');
# nfold 0x00000001aa to 16 bytes
my $b_nfolded2 = hex2byte ('ae2c160b04ad5006ab55aad56a80355a');
my $b_ki = $cbc->encrypt ($b_nfolded1, $b_key_bytes, $b_iv);
@ -98,36 +98,36 @@ sub module_generate_hash
# Pad the last block with last bytes from the decrypted n-1
my $b_padded_enc_ticket = hex2byte ($enc_timestamp) . (substr $b_n_1_decrypted, -(16 - $len_last_block / 2));
# Swap the last two blocks
my $b_cbc_enc_ticket = (substr $b_padded_enc_ticket, 0, -32) . (substr $b_padded_enc_ticket, -16, 16).
(substr $b_padded_enc_ticket, -32, 16);
# Decrypt and truncate
my $b_dec_ticket_padded = $cbc->decrypt ($b_cbc_enc_ticket, $b_ke, $b_iv);
my $b_cleartext_ticket = substr $b_dec_ticket_padded, 0, length ($enc_timestamp) / 2;
$cleartext_ticket = byte2hex ($b_cleartext_ticket);
my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") &&
my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") &&
(substr ($b_cleartext_ticket, 36, 1) eq "Z"));
if ($check_correct == 1 && defined $checksum)
{
my $b_checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki);
$check_correct = ($checksum eq byte2hex (substr $b_checksum, 0, 12));
}
}
if ($check_correct != 1)
{
# fake/wrong ticket (otherwise if we just decrypt/encrypt we end
#up with false positives all the time)
$cleartext_ticket = '68c8459f3f10c851b8827118bb459c6e301aa011180f323031'.
'32313131363134323835355aa10502030c28a2';
# we have what is required to compute checksum
$checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki);
@ -191,7 +191,7 @@ sub module_verify_hash
return unless ($algorithm eq "17");
return unless (length ($edata) >= 88);
return unless (length ($edata) <= 112);
my $checksum = substr $edata, -24;
my $enc_timestamp = substr $edata, 0, -24;

32
tools/test_modules/m19900.pm
Unescape View File

@ -58,7 +58,7 @@ sub module_generate_hash
);
my $b_seed = $pbkdf2->PBKDF2 ($mysalt, $word);
# we can precompute this
my $b_kerberos_nfolded = hex2byte ('6b65726265726f737b9b5b2b93132b93');
@ -70,14 +70,14 @@ sub module_generate_hash
my $b_key_bytes = $cbc->encrypt ($b_kerberos_nfolded, $b_seed, $b_iv);
$b_key_bytes = $b_key_bytes . $cbc->encrypt ($b_key_bytes, $b_seed, $b_iv);
# precomputed stuff
# nfold 0x0000000155 to 16 bytes
my $b_nfolded1 = hex2byte ('5b582c160a5aa80556ab55aad5402ab5');
# nfold 0x00000001aa to 16 bytes
my $b_nfolded2 = hex2byte ('ae2c160b04ad5006ab55aad56a80355a');
my $b_ki = $cbc->encrypt ($b_nfolded1, $b_key_bytes, $b_iv);
$b_ki = $b_ki . $cbc->encrypt ($b_ki, $b_key_bytes, $b_iv);
@ -85,10 +85,10 @@ sub module_generate_hash
my $b_ke = $cbc->encrypt ($b_nfolded2, $b_key_bytes, $b_iv);
$b_ke = $b_ke . $cbc->encrypt ($b_ke, $b_key_bytes, $b_iv);
my $cleartext_ticket = '';
my $check_correct = 0;
if (defined $enc_timestamp)
{
# Do CTS Decryption https://en.wikipedia.org/wiki/Ciphertext_stealing
@ -103,42 +103,42 @@ sub module_generate_hash
# Pad the last block with last bytes from the decrypted n-1
my $b_padded_enc_ticket = hex2byte ($enc_timestamp) . (substr $b_n_1_decrypted, -(16 - $len_last_block / 2));
# Swap the last two blocks
my $b_cbc_enc_ticket = (substr $b_padded_enc_ticket, 0, -32) . (substr $b_padded_enc_ticket, -16, 16).
(substr $b_padded_enc_ticket, -32, 16);
# Decrypt and truncate
my $b_dec_ticket_padded = $cbc->decrypt ($b_cbc_enc_ticket, $b_ke, $b_iv);
my $b_cleartext_ticket = substr $b_dec_ticket_padded, 0, length ($enc_timestamp) / 2;
$cleartext_ticket = byte2hex ($b_cleartext_ticket);
my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") &&
my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") &&
(substr ($b_cleartext_ticket, 36, 1) eq "Z"));
if ($check_correct == 1 && defined $checksum)
{
my $b_checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki);
$check_correct = ($checksum eq byte2hex (substr $b_checksum, 0, 12));
}
}
if ($check_correct != 1)
{
# fake/wrong ticket (otherwise if we just decrypt/encrypt we end
#up with false positives all the time)
$cleartext_ticket = '68c8459f3f10c851b8827118bb459c6e301aa011180f323031'.
'32313131363134323835355aa10502030c28a2';
# we have what is required to compute checksum
$checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki);
$checksum = byte2hex (substr $checksum, 0, 12);
}
# CTS Encrypt our new block
my $len_cleartext_last_block = length ($cleartext_ticket) % 32;
my $cleartext_last_block = substr $cleartext_ticket, -$len_cleartext_last_block;
@ -195,7 +195,7 @@ sub module_verify_hash
return unless ($algorithm eq "18");
return unless (length ($edata) >= 88);
return unless (length ($edata) <= 112);
my $checksum = substr $edata, -24;
my $enc_timestamp = substr $edata, 0, -24;

6
tools/test_modules/m20200.pm
Unescape View File

@ -32,15 +32,15 @@ sub module_generate_hash
my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), '');
my $salt_buf = encode_base64 ($salt, '');
# replace + with .
$hash_buf =~ s/\+/\./g;
$salt_buf =~ s/\+/\./g;
# remove padding =
$hash_buf =~ s/\=+$//;
$salt_buf =~ s/\=+$//;
my $hash = sprintf ("\$pbkdf2-sha512\$%i\$%s\$%s", $iter, $salt_buf, $hash_buf);
return $hash;

6
tools/test_modules/m20300.pm
Unescape View File

@ -32,15 +32,15 @@ sub module_generate_hash
my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), '');
my $salt_buf = encode_base64 ($salt, '');
# replace + with .
$hash_buf =~ s/\+/\./g;
$salt_buf =~ s/\+/\./g;
# remove padding =
$hash_buf =~ s/\=+$//;
$salt_buf =~ s/\=+$//;
my $hash = sprintf ("\$pbkdf2-sha256\$%i\$%s\$%s", $iter, $salt_buf, $hash_buf);
return $hash;

6
tools/test_modules/m20400.pm
Unescape View File

@ -32,15 +32,15 @@ sub module_generate_hash
my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), '');
my $salt_buf = encode_base64 ($salt, '');
# replace + with .
$hash_buf =~ s/\+/\./g;
$salt_buf =~ s/\+/\./g;
# remove padding =
$hash_buf =~ s/\=+$//;
$salt_buf =~ s/\=+$//;
my $hash = sprintf ("\$pbkdf2\$%i\$%s\$%s", $iter, $salt_buf, $hash_buf);
return $hash;

2
tools/test_modules/m20600.pm
Unescape View File

@ -45,7 +45,7 @@ sub module_verify_hash
return unless defined $iter;
return unless defined $salt;
return unless defined $word;
my $new_hash = module_generate_hash ($word, $salt, $iter);
return ($new_hash, $word);

2
tools/test_modules/m25400.pm
Unescape View File

@ -110,7 +110,7 @@ sub pdf_compute_encryption_key_owner
}
else
{
$o_key = substr($o_digest, 0, 16); #length is always 128 bits or 16 bytes
$o_key = substr($o_digest, 0, 16); #length is always 128 bits or 16 bytes
}
#printf("\$o_key = %s\n", unpack ("H*", $o_key));

64
tools/test_modules/m25900.pm
Unescape View File

@ -12,7 +12,7 @@ use Crypt::PBKDF2;
use Crypt::Mode::CBC;
use Crypt::Mode::ECB;
# Details of the protocol design can be found in ISO 22510:2019 and
# Details of the protocol design can be found in ISO 22510:2019 and
# application notes published by the KNX Association.
# ETS 5 allows a maximum of 20 characters in a password.
@ -22,17 +22,17 @@ sub module_constraints { [[0, 20], [2, 2], [-1, -1], [-1, -1], [-1, -1]] }
sub device_authentication_code
{
my $password = shift;
my $pbkdf2 = Crypt::PBKDF2->new
(
hasher => Crypt::PBKDF2->hasher_from_algorithm ("HMACSHA2", 256),
iterations => 65536,
output_len => 16
);
my $device_authentication_code = $pbkdf2->PBKDF2 ("device-authentication-code.1.secure.ip.knx.org",
my $device_authentication_code = $pbkdf2->PBKDF2 ("device-authentication-code.1.secure.ip.knx.org",
$password);
return $device_authentication_code;
}
@ -45,7 +45,7 @@ sub block_formatting
my $blocks_unpadded = $associated_data_length . $associated_data;
my $pad_len = int ((length ($blocks_unpadded) + 16 - 1) / 16) * 16;
my $blocks_padded = $blocks_unpadded . "\0" x ($pad_len - length ($blocks_unpadded));
return $b0 . $blocks_padded;
}
@ -56,14 +56,14 @@ sub encrypt
my $nonce = shift;
my $key = shift;
my $iv = "\0" x 16;
my $aes_cbc = Crypt::Mode::CBC->new ("AES", 0);
my $ciphertext = $aes_cbc->encrypt ($blocks, $key, $iv);
my $ciphertext = $aes_cbc->encrypt ($blocks, $key, $iv);
my $y_n = substr ($ciphertext, length ($ciphertext) - 16, 16);
my $aes_ecb = Crypt::Mode::ECB->new ("AES", 0);
my $s_0 = $aes_ecb->encrypt ($nonce, $key);
return $y_n ^ $s_0;
}
@ -72,72 +72,72 @@ sub generate_session_response_mac
my $secure_session_identifier = shift;
my $public_value_xor = shift;
my $key = shift;
# Constants used for the cryptography in Session_Response frames
my $knx_ip_header = pack ("H*", "061009520038");
my $b0 = pack ("H*", "00000000000000000000000000000000");
my $nonce = pack ("H*", "0000000000000000000000000000ff00");
my $associated_data = $knx_ip_header . $secure_session_identifier . $public_value_xor;
my $blocks = block_formatting ($b0, $associated_data);
return encrypt ($blocks, $nonce, $key);
}
sub module_generate_hash
{
my $word = shift;
# Parameters that would be found in the Session_Request and Session_Response frames
my $secure_session_identifier = shift;
my $public_value_xor = shift // random_bytes (32);
my $device_authentication_code = device_authentication_code ($word);
my $mac = generate_session_response_mac ($secure_session_identifier,
$public_value_xor,
$device_authentication_code);
my $hash = sprintf ("\$knx-ip-secure-device-authentication-code\$*%s*%s*%s",
my $hash = sprintf ("\$knx-ip-secure-device-authentication-code\$*%s*%s*%s",
unpack ("H*", $secure_session_identifier),
unpack ("H*", $public_value_xor),
unpack ("H*", $mac));
return $hash;
}
sub module_verify_hash
{
my $line = shift;
my ($hash, $word) = split (':', $line);
return unless defined $hash;
return unless defined $word;
my @data = split ('\*', $hash);
return unless scalar (@data) == 4;
my $signature = shift @data;
return unless ($signature eq "\$knx-ip-secure-device-authentication-code\$");
my $secure_session_identifier = pack ("H*", shift @data); # 2 Bytes expected (using the "salt" for this purpose)
my $public_value_xor = pack ("H*", shift @data); # 32 Bytes expected (xor of client's and server's public value)
my $mac = pack ("H*", shift @data); # 16 Bytes expected
return unless (length ($secure_session_identifier) == 2);
return unless (length ($public_value_xor) == 32);
return unless (length ($mac) == 16);
my $word_packed = pack_if_HEX_notation ($word);
my $new_hash = module_generate_hash ($word_packed,
$secure_session_identifier,
my $new_hash = module_generate_hash ($word_packed,
$secure_session_identifier,
$public_value_xor);
return ($new_hash, $word);
}

Write Preview
Loading…
Cancel
Save