diff --git a/OpenCL/inc_ecc_secp256k1.cl b/OpenCL/inc_ecc_secp256k1.cl index bd583b976..e21f528d6 100644 --- a/OpenCL/inc_ecc_secp256k1.cl +++ b/OpenCL/inc_ecc_secp256k1.cl @@ -1847,7 +1847,7 @@ DECLSPEC void point_mul_xy (u32 *x1, u32 *y1, const u32 *k, GLOBAL_AS const secp { u32 naf[SECP256K1_NAF_SIZE] = { 0 }; int loop_start = convert_to_window_naf(naf, k); - + // first set: const u32 multiplier = (naf[loop_start >> 3] >> ((loop_start & 7) << 2)) & 0x0f; // or use u8 ? @@ -1973,7 +1973,7 @@ DECLSPEC void point_mul_xy (u32 *x1, u32 *y1, const u32 *k, GLOBAL_AS const secp mul_mod (z1, z2, z1); // z1^3 mul_mod (y1, y1, z1); // y1_affine - + // return values are already in x1 and y1 } diff --git a/OpenCL/m03500_a0-pure.cl b/OpenCL/m03500_a0-pure.cl index 582bce969..6e0332968 100644 --- a/OpenCL/m03500_a0-pure.cl +++ b/OpenCL/m03500_a0-pure.cl @@ -204,7 +204,7 @@ KERNEL_FQ void m03500_sxx (KERN_ATTR_RULES ()) /** * base - */ + */ COPY_PW (pws[gid]); diff --git a/OpenCL/m05000_a0-optimized.cl b/OpenCL/m05000_a0-optimized.cl index d3615bd2c..8956f7db7 100644 --- a/OpenCL/m05000_a0-optimized.cl +++ b/OpenCL/m05000_a0-optimized.cl @@ -1,7 +1,7 @@ /** * Author......: See docs/credits.txt * License.....: MIT - */ + */ #define NEW_SIMD_CODE diff --git a/OpenCL/m14511_a0-pure.cl b/OpenCL/m14511_a0-pure.cl index 52189158e..52ff108fc 100644 --- a/OpenCL/m14511_a0-pure.cl +++ b/OpenCL/m14511_a0-pure.cl @@ -120,7 +120,7 @@ KERNEL_FQ void m14511_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) ctx.w0[0] = 0x41000000; ctx.len = 1; - + sha1_update_swap (&ctx, w, w_len); sha1_final (&ctx); diff --git a/OpenCL/m14512_a0-pure.cl b/OpenCL/m14512_a0-pure.cl index 8e42b89fb..b33bf2065 100644 --- a/OpenCL/m14512_a0-pure.cl +++ b/OpenCL/m14512_a0-pure.cl @@ -255,7 +255,7 @@ KERNEL_FQ void m14512_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) } // key - + u32 ukey[8] = { 0 }; ukey[0] = hc_swap32_S (k0); diff --git a/OpenCL/m14513_a0-pure.cl b/OpenCL/m14513_a0-pure.cl index 2e7c9919b..a1acc0840 100644 --- a/OpenCL/m14513_a0-pure.cl +++ b/OpenCL/m14513_a0-pure.cl @@ -256,7 +256,7 @@ KERNEL_FQ void m14513_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) } // key - + u32 ukey[8] = { 0 }; ukey[0] = hc_swap32_S (k0); diff --git a/OpenCL/m14522_a0-pure.cl b/OpenCL/m14522_a0-pure.cl index de12209b9..ee781b89b 100644 --- a/OpenCL/m14522_a0-pure.cl +++ b/OpenCL/m14522_a0-pure.cl @@ -243,7 +243,7 @@ KERNEL_FQ void m14522_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT diff --git a/OpenCL/m14522_a1-pure.cl b/OpenCL/m14522_a1-pure.cl index f94d62ffc..55b330afd 100644 --- a/OpenCL/m14522_a1-pure.cl +++ b/OpenCL/m14522_a1-pure.cl @@ -102,7 +102,7 @@ KERNEL_FQ void m14522_mxx (KERN_ATTR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT @@ -233,7 +233,7 @@ KERNEL_FQ void m14522_sxx (KERN_ATTR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT diff --git a/OpenCL/m14522_a3-pure.cl b/OpenCL/m14522_a3-pure.cl index d77dde0eb..016632a76 100644 --- a/OpenCL/m14522_a3-pure.cl +++ b/OpenCL/m14522_a3-pure.cl @@ -115,7 +115,7 @@ KERNEL_FQ void m14522_mxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT @@ -259,7 +259,7 @@ KERNEL_FQ void m14522_sxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT diff --git a/OpenCL/m14523_a0-pure.cl b/OpenCL/m14523_a0-pure.cl index 5ded9cfbf..56e1d288d 100644 --- a/OpenCL/m14523_a0-pure.cl +++ b/OpenCL/m14523_a0-pure.cl @@ -80,7 +80,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) } // key - + u32 ukey[8] = { 0 }; ukey[0] = hc_swap32_S (k0); @@ -106,7 +106,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT @@ -244,7 +244,7 @@ KERNEL_FQ void m14523_sxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT diff --git a/OpenCL/m14523_a1-pure.cl b/OpenCL/m14523_a1-pure.cl index 00daf2c86..9f4f10794 100644 --- a/OpenCL/m14523_a1-pure.cl +++ b/OpenCL/m14523_a1-pure.cl @@ -102,7 +102,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT @@ -234,7 +234,7 @@ KERNEL_FQ void m14523_sxx (KERN_ATTR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT diff --git a/OpenCL/m14523_a3-pure.cl b/OpenCL/m14523_a3-pure.cl index bc4a95e24..373b29002 100644 --- a/OpenCL/m14523_a3-pure.cl +++ b/OpenCL/m14523_a3-pure.cl @@ -115,7 +115,7 @@ KERNEL_FQ void m14523_mxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT @@ -260,7 +260,7 @@ KERNEL_FQ void m14523_sxx (KERN_ATTR_VECTOR_ESALT (cryptoapi_t)) salt_bufs[SALT_POS].salt_buf[0], salt_bufs[SALT_POS].salt_buf[1], salt_bufs[SALT_POS].salt_buf[2], - salt_bufs[SALT_POS].salt_buf[3] + salt_bufs[SALT_POS].salt_buf[3] }; // CT diff --git a/OpenCL/m14532_a0-pure.cl b/OpenCL/m14532_a0-pure.cl index e643fc81c..5f51e9da9 100644 --- a/OpenCL/m14532_a0-pure.cl +++ b/OpenCL/m14532_a0-pure.cl @@ -80,7 +80,7 @@ KERNEL_FQ void m14532_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) } // key - + u32 ukey[8] = { 0 }; ukey[0] = hc_swap32_S (k0); diff --git a/OpenCL/m14553_a0-pure.cl b/OpenCL/m14553_a0-pure.cl index 98676a446..de6be29fd 100644 --- a/OpenCL/m14553_a0-pure.cl +++ b/OpenCL/m14553_a0-pure.cl @@ -125,7 +125,7 @@ KERNEL_FQ void m14553_mxx (KERN_ATTR_RULES_ESALT (cryptoapi_t)) } // key - + u32 ukey[8] = { 0 }; ukey[0] = hc_swap32_S (k0); diff --git a/OpenCL/m20720_a0-pure.cl b/OpenCL/m20720_a0-pure.cl index ec288b26f..2ef382f20 100644 --- a/OpenCL/m20720_a0-pure.cl +++ b/OpenCL/m20720_a0-pure.cl @@ -3,7 +3,7 @@ * License.....: MIT */ -//#define NEW_SIMD_CODE +//#define NEW_SIMD_CODE #ifdef KERNEL_STATIC #include "inc_vendor.h" diff --git a/OpenCL/m24300_a3-optimized.cl b/OpenCL/m24300_a3-optimized.cl index a641a98e5..0054891cd 100644 --- a/OpenCL/m24300_a3-optimized.cl +++ b/OpenCL/m24300_a3-optimized.cl @@ -140,7 +140,7 @@ DECLSPEC void m24300m (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER u32x wd_t = w3[1]; u32x we_t = w3[2]; u32x wf_t = pw_salt_len * 8; - + u32x a = SHA1M_A; u32x b = SHA1M_B; @@ -717,7 +717,7 @@ DECLSPEC void m24300s (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER u32x wd_t = w3[1]; u32x we_t = w3[2]; u32x wf_t = pw_salt_len * 8; - + u32x a = SHA1M_A; u32x b = SHA1M_B; @@ -906,7 +906,7 @@ DECLSPEC void m24300s (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER wc_t = hc_swap32 (t3[0]); wd_t = hc_swap32 (t3[1]); we_t = hc_swap32 (t3[2]); - wf_t = hc_swap32 (t3[3]); + wf_t = hc_swap32 (t3[3]); #undef K #define K SHA1C00 diff --git a/OpenCL/m25700_a0-optimized.cl b/OpenCL/m25700_a0-optimized.cl index bbd9747e2..ef1050c0c 100644 --- a/OpenCL/m25700_a0-optimized.cl +++ b/OpenCL/m25700_a0-optimized.cl @@ -45,9 +45,9 @@ DECLSPEC u32 MurmurHash (const u32 seed, const u32 *w, const int pw_len) hash ^= hash >> R; } - hash *= M; + hash *= M; hash ^= hash >> 10; - hash *= M; + hash *= M; hash ^= hash >> 17; #undef M diff --git a/OpenCL/m25700_a1-optimized.cl b/OpenCL/m25700_a1-optimized.cl index 2d83f0cad..3996786dd 100644 --- a/OpenCL/m25700_a1-optimized.cl +++ b/OpenCL/m25700_a1-optimized.cl @@ -44,9 +44,9 @@ DECLSPEC u32 MurmurHash (const u32 seed, const u32 *w, const int pw_len) hash ^= hash >> R; } - hash *= M; + hash *= M; hash ^= hash >> 10; - hash *= M; + hash *= M; hash ^= hash >> 17; #undef M diff --git a/OpenCL/m25700_a3-optimized.cl b/OpenCL/m25700_a3-optimized.cl index 2cc5455ee..783cf4fef 100644 --- a/OpenCL/m25700_a3-optimized.cl +++ b/OpenCL/m25700_a3-optimized.cl @@ -64,9 +64,9 @@ DECLSPEC u32x MurmurHash_w0 (const u32 seed, const u32x w0, const u32 *w, const } } - hash *= M; + hash *= M; hash ^= hash >> 10; - hash *= M; + hash *= M; hash ^= hash >> 17; #undef M diff --git a/OpenCL/m25900-pure.cl b/OpenCL/m25900-pure.cl index 36ecd286a..56fe382e9 100644 --- a/OpenCL/m25900-pure.cl +++ b/OpenCL/m25900-pure.cl @@ -398,7 +398,7 @@ KERNEL_FQ void m25900_comp(KERN_ATTR_TMPS_ESALT(pbkdf2_sha256_tmp_t, blocks_t)) aes128_encrypt_cbc (aes_ks, aes_cbc_iv, b1, yn, s_te0, s_te1, s_te2, s_te3, s_te4); aes128_encrypt_cbc (aes_ks, aes_cbc_iv, b2, yn, s_te0, s_te1, s_te2, s_te3, s_te4); aes128_encrypt_cbc (aes_ks, aes_cbc_iv, b3, yn, s_te0, s_te1, s_te2, s_te3, s_te4); - + u32 nonce[4]; nonce[0] = 0; diff --git a/src/modules/module_24300.c b/src/modules/module_24300.c index adced435e..14770ff33 100644 --- a/src/modules/module_24300.c +++ b/src/modules/module_24300.c @@ -1,7 +1,7 @@ /** * Author......: See docs/credits.txt * License.....: MIT - */ + */ #include "common.h" #include "types.h" @@ -73,7 +73,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - const u8 *hash_pos = token.buf[0]; + const u8 *hash_pos = token.buf[0]; digest[0] = hex_to_u32 (hash_pos + 0); digest[1] = hex_to_u32 (hash_pos + 8); diff --git a/tools/test_modules/m01411.pm b/tools/test_modules/m01411.pm index f1c495e4c..361935375 100644 --- a/tools/test_modules/m01411.pm +++ b/tools/test_modules/m01411.pm @@ -39,7 +39,7 @@ sub module_verify_hash my $signature = substr ($hash, 0, 9); my $plain_base64 = substr ($hash, 9); - return unless ($signature eq "{SSHA256}"); + return unless ($signature eq "{SSHA256}"); return unless defined $plain_base64; # base64 decode to extract salt diff --git a/tools/test_modules/m15200.pm b/tools/test_modules/m15200.pm index 5696a7424..76c0bcbc7 100644 --- a/tools/test_modules/m15200.pm +++ b/tools/test_modules/m15200.pm @@ -45,7 +45,7 @@ sub module_generate_hash "guid" : "00000000-0000-0000-0000-000000000000", "sharedKey" : "00000000-0000-0000-0000-000000000000", "options" : {"pbkdf2_iterations":$iterations,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|; - + unless (defined $encrypted) { $encrypted = unpack ("H*", $cipher->encrypt ($data)); diff --git a/tools/test_modules/m19800.pm b/tools/test_modules/m19800.pm index 7c1fe550c..7fa282b75 100644 --- a/tools/test_modules/m19800.pm +++ b/tools/test_modules/m19800.pm @@ -58,7 +58,7 @@ sub module_generate_hash ); my $b_seed = $pbkdf2->PBKDF2 ($mysalt, $word); - + # we can precompute this my $b_kerberos_nfolded = hex2byte ('6b65726265726f737b9b5b2b93132b93'); @@ -68,14 +68,14 @@ sub module_generate_hash # and 'ke' (AES key to decrypt/encrypt the ticket) my $cbc = Crypt::Mode::CBC->new ('AES', 0); my $b_key_bytes = $cbc->encrypt ($b_kerberos_nfolded, $b_seed, $b_iv); - + # precomputed stuff # nfold 0x0000000155 to 16 bytes my $b_nfolded1 = hex2byte ('5b582c160a5aa80556ab55aad5402ab5'); - + # nfold 0x00000001aa to 16 bytes my $b_nfolded2 = hex2byte ('ae2c160b04ad5006ab55aad56a80355a'); - + my $b_ki = $cbc->encrypt ($b_nfolded1, $b_key_bytes, $b_iv); @@ -98,36 +98,36 @@ sub module_generate_hash # Pad the last block with last bytes from the decrypted n-1 my $b_padded_enc_ticket = hex2byte ($enc_timestamp) . (substr $b_n_1_decrypted, -(16 - $len_last_block / 2)); - + # Swap the last two blocks my $b_cbc_enc_ticket = (substr $b_padded_enc_ticket, 0, -32) . (substr $b_padded_enc_ticket, -16, 16). (substr $b_padded_enc_ticket, -32, 16); - + # Decrypt and truncate my $b_dec_ticket_padded = $cbc->decrypt ($b_cbc_enc_ticket, $b_ke, $b_iv); - + my $b_cleartext_ticket = substr $b_dec_ticket_padded, 0, length ($enc_timestamp) / 2; $cleartext_ticket = byte2hex ($b_cleartext_ticket); - - my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") && + + my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") && (substr ($b_cleartext_ticket, 36, 1) eq "Z")); if ($check_correct == 1 && defined $checksum) { my $b_checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki); - + $check_correct = ($checksum eq byte2hex (substr $b_checksum, 0, 12)); } } - + if ($check_correct != 1) { # fake/wrong ticket (otherwise if we just decrypt/encrypt we end #up with false positives all the time) $cleartext_ticket = '68c8459f3f10c851b8827118bb459c6e301aa011180f323031'. '32313131363134323835355aa10502030c28a2'; - + # we have what is required to compute checksum $checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki); @@ -191,7 +191,7 @@ sub module_verify_hash return unless ($algorithm eq "17"); return unless (length ($edata) >= 88); return unless (length ($edata) <= 112); - + my $checksum = substr $edata, -24; my $enc_timestamp = substr $edata, 0, -24; diff --git a/tools/test_modules/m19900.pm b/tools/test_modules/m19900.pm index ce58a7c03..5b8465bbf 100644 --- a/tools/test_modules/m19900.pm +++ b/tools/test_modules/m19900.pm @@ -58,7 +58,7 @@ sub module_generate_hash ); my $b_seed = $pbkdf2->PBKDF2 ($mysalt, $word); - + # we can precompute this my $b_kerberos_nfolded = hex2byte ('6b65726265726f737b9b5b2b93132b93'); @@ -70,14 +70,14 @@ sub module_generate_hash my $b_key_bytes = $cbc->encrypt ($b_kerberos_nfolded, $b_seed, $b_iv); $b_key_bytes = $b_key_bytes . $cbc->encrypt ($b_key_bytes, $b_seed, $b_iv); - + # precomputed stuff # nfold 0x0000000155 to 16 bytes my $b_nfolded1 = hex2byte ('5b582c160a5aa80556ab55aad5402ab5'); - + # nfold 0x00000001aa to 16 bytes my $b_nfolded2 = hex2byte ('ae2c160b04ad5006ab55aad56a80355a'); - + my $b_ki = $cbc->encrypt ($b_nfolded1, $b_key_bytes, $b_iv); $b_ki = $b_ki . $cbc->encrypt ($b_ki, $b_key_bytes, $b_iv); @@ -85,10 +85,10 @@ sub module_generate_hash my $b_ke = $cbc->encrypt ($b_nfolded2, $b_key_bytes, $b_iv); $b_ke = $b_ke . $cbc->encrypt ($b_ke, $b_key_bytes, $b_iv); - + my $cleartext_ticket = ''; my $check_correct = 0; - + if (defined $enc_timestamp) { # Do CTS Decryption https://en.wikipedia.org/wiki/Ciphertext_stealing @@ -103,42 +103,42 @@ sub module_generate_hash # Pad the last block with last bytes from the decrypted n-1 my $b_padded_enc_ticket = hex2byte ($enc_timestamp) . (substr $b_n_1_decrypted, -(16 - $len_last_block / 2)); - + # Swap the last two blocks my $b_cbc_enc_ticket = (substr $b_padded_enc_ticket, 0, -32) . (substr $b_padded_enc_ticket, -16, 16). (substr $b_padded_enc_ticket, -32, 16); - + # Decrypt and truncate my $b_dec_ticket_padded = $cbc->decrypt ($b_cbc_enc_ticket, $b_ke, $b_iv); - + my $b_cleartext_ticket = substr $b_dec_ticket_padded, 0, length ($enc_timestamp) / 2; $cleartext_ticket = byte2hex ($b_cleartext_ticket); - - my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") && + + my $check_correct = ((substr ($b_cleartext_ticket, 22, 2) eq "20") && (substr ($b_cleartext_ticket, 36, 1) eq "Z")); if ($check_correct == 1 && defined $checksum) { my $b_checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki); - + $check_correct = ($checksum eq byte2hex (substr $b_checksum, 0, 12)); } } - + if ($check_correct != 1) { # fake/wrong ticket (otherwise if we just decrypt/encrypt we end #up with false positives all the time) $cleartext_ticket = '68c8459f3f10c851b8827118bb459c6e301aa011180f323031'. '32313131363134323835355aa10502030c28a2'; - + # we have what is required to compute checksum $checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki); $checksum = byte2hex (substr $checksum, 0, 12); } - + # CTS Encrypt our new block my $len_cleartext_last_block = length ($cleartext_ticket) % 32; my $cleartext_last_block = substr $cleartext_ticket, -$len_cleartext_last_block; @@ -195,7 +195,7 @@ sub module_verify_hash return unless ($algorithm eq "18"); return unless (length ($edata) >= 88); return unless (length ($edata) <= 112); - + my $checksum = substr $edata, -24; my $enc_timestamp = substr $edata, 0, -24; diff --git a/tools/test_modules/m20200.pm b/tools/test_modules/m20200.pm index baded5035..faadae9fa 100644 --- a/tools/test_modules/m20200.pm +++ b/tools/test_modules/m20200.pm @@ -32,15 +32,15 @@ sub module_generate_hash my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), ''); my $salt_buf = encode_base64 ($salt, ''); - + # replace + with . $hash_buf =~ s/\+/\./g; $salt_buf =~ s/\+/\./g; - + # remove padding = $hash_buf =~ s/\=+$//; $salt_buf =~ s/\=+$//; - + my $hash = sprintf ("\$pbkdf2-sha512\$%i\$%s\$%s", $iter, $salt_buf, $hash_buf); return $hash; diff --git a/tools/test_modules/m20300.pm b/tools/test_modules/m20300.pm index f2482334e..2299739b7 100644 --- a/tools/test_modules/m20300.pm +++ b/tools/test_modules/m20300.pm @@ -32,15 +32,15 @@ sub module_generate_hash my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), ''); my $salt_buf = encode_base64 ($salt, ''); - + # replace + with . $hash_buf =~ s/\+/\./g; $salt_buf =~ s/\+/\./g; - + # remove padding = $hash_buf =~ s/\=+$//; $salt_buf =~ s/\=+$//; - + my $hash = sprintf ("\$pbkdf2-sha256\$%i\$%s\$%s", $iter, $salt_buf, $hash_buf); return $hash; diff --git a/tools/test_modules/m20400.pm b/tools/test_modules/m20400.pm index 3502cbcf9..be2d09773 100644 --- a/tools/test_modules/m20400.pm +++ b/tools/test_modules/m20400.pm @@ -32,15 +32,15 @@ sub module_generate_hash my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), ''); my $salt_buf = encode_base64 ($salt, ''); - + # replace + with . $hash_buf =~ s/\+/\./g; $salt_buf =~ s/\+/\./g; - + # remove padding = $hash_buf =~ s/\=+$//; $salt_buf =~ s/\=+$//; - + my $hash = sprintf ("\$pbkdf2\$%i\$%s\$%s", $iter, $salt_buf, $hash_buf); return $hash; diff --git a/tools/test_modules/m20600.pm b/tools/test_modules/m20600.pm index e593b5e07..a5e27b52d 100644 --- a/tools/test_modules/m20600.pm +++ b/tools/test_modules/m20600.pm @@ -45,7 +45,7 @@ sub module_verify_hash return unless defined $iter; return unless defined $salt; return unless defined $word; - + my $new_hash = module_generate_hash ($word, $salt, $iter); return ($new_hash, $word); diff --git a/tools/test_modules/m25400.pm b/tools/test_modules/m25400.pm index 4eb3da227..424fa3a30 100644 --- a/tools/test_modules/m25400.pm +++ b/tools/test_modules/m25400.pm @@ -110,7 +110,7 @@ sub pdf_compute_encryption_key_owner } else { - $o_key = substr($o_digest, 0, 16); #length is always 128 bits or 16 bytes + $o_key = substr($o_digest, 0, 16); #length is always 128 bits or 16 bytes } #printf("\$o_key = %s\n", unpack ("H*", $o_key)); diff --git a/tools/test_modules/m25900.pm b/tools/test_modules/m25900.pm index a161f662f..968ed2689 100644 --- a/tools/test_modules/m25900.pm +++ b/tools/test_modules/m25900.pm @@ -12,7 +12,7 @@ use Crypt::PBKDF2; use Crypt::Mode::CBC; use Crypt::Mode::ECB; -# Details of the protocol design can be found in ISO 22510:2019 and +# Details of the protocol design can be found in ISO 22510:2019 and # application notes published by the KNX Association. # ETS 5 allows a maximum of 20 characters in a password. @@ -22,17 +22,17 @@ sub module_constraints { [[0, 20], [2, 2], [-1, -1], [-1, -1], [-1, -1]] } sub device_authentication_code { my $password = shift; - + my $pbkdf2 = Crypt::PBKDF2->new ( hasher => Crypt::PBKDF2->hasher_from_algorithm ("HMACSHA2", 256), iterations => 65536, output_len => 16 ); - - my $device_authentication_code = $pbkdf2->PBKDF2 ("device-authentication-code.1.secure.ip.knx.org", + + my $device_authentication_code = $pbkdf2->PBKDF2 ("device-authentication-code.1.secure.ip.knx.org", $password); - + return $device_authentication_code; } @@ -45,7 +45,7 @@ sub block_formatting my $blocks_unpadded = $associated_data_length . $associated_data; my $pad_len = int ((length ($blocks_unpadded) + 16 - 1) / 16) * 16; my $blocks_padded = $blocks_unpadded . "\0" x ($pad_len - length ($blocks_unpadded)); - + return $b0 . $blocks_padded; } @@ -56,14 +56,14 @@ sub encrypt my $nonce = shift; my $key = shift; my $iv = "\0" x 16; - + my $aes_cbc = Crypt::Mode::CBC->new ("AES", 0); - my $ciphertext = $aes_cbc->encrypt ($blocks, $key, $iv); + my $ciphertext = $aes_cbc->encrypt ($blocks, $key, $iv); my $y_n = substr ($ciphertext, length ($ciphertext) - 16, 16); - + my $aes_ecb = Crypt::Mode::ECB->new ("AES", 0); my $s_0 = $aes_ecb->encrypt ($nonce, $key); - + return $y_n ^ $s_0; } @@ -72,72 +72,72 @@ sub generate_session_response_mac my $secure_session_identifier = shift; my $public_value_xor = shift; my $key = shift; - + # Constants used for the cryptography in Session_Response frames my $knx_ip_header = pack ("H*", "061009520038"); my $b0 = pack ("H*", "00000000000000000000000000000000"); my $nonce = pack ("H*", "0000000000000000000000000000ff00"); - + my $associated_data = $knx_ip_header . $secure_session_identifier . $public_value_xor; - + my $blocks = block_formatting ($b0, $associated_data); - + return encrypt ($blocks, $nonce, $key); } sub module_generate_hash { my $word = shift; - + # Parameters that would be found in the Session_Request and Session_Response frames my $secure_session_identifier = shift; my $public_value_xor = shift // random_bytes (32); - + my $device_authentication_code = device_authentication_code ($word); my $mac = generate_session_response_mac ($secure_session_identifier, $public_value_xor, $device_authentication_code); - - my $hash = sprintf ("\$knx-ip-secure-device-authentication-code\$*%s*%s*%s", + + my $hash = sprintf ("\$knx-ip-secure-device-authentication-code\$*%s*%s*%s", unpack ("H*", $secure_session_identifier), unpack ("H*", $public_value_xor), unpack ("H*", $mac)); - + return $hash; } sub module_verify_hash { my $line = shift; - + my ($hash, $word) = split (':', $line); - + return unless defined $hash; return unless defined $word; - + my @data = split ('\*', $hash); - + return unless scalar (@data) == 4; - + my $signature = shift @data; - + return unless ($signature eq "\$knx-ip-secure-device-authentication-code\$"); - + my $secure_session_identifier = pack ("H*", shift @data); # 2 Bytes expected (using the "salt" for this purpose) my $public_value_xor = pack ("H*", shift @data); # 32 Bytes expected (xor of client's and server's public value) my $mac = pack ("H*", shift @data); # 16 Bytes expected - + return unless (length ($secure_session_identifier) == 2); return unless (length ($public_value_xor) == 32); return unless (length ($mac) == 16); - + my $word_packed = pack_if_HEX_notation ($word); - - my $new_hash = module_generate_hash ($word_packed, - $secure_session_identifier, + + my $new_hash = module_generate_hash ($word_packed, + $secure_session_identifier, $public_value_xor); - + return ($new_hash, $word); }