Added support for small documents with content length < 1024 in -m 18400

2024-11-21 23:58:07 +00:00 · 2023-04-08 20:29:54 +00:00 · 2023-04-08 20:29:54 +00:00 · 7a3a6d5d06
commit 7a3a6d5d06
parent 234e6cf49f
2 changed files with 66 additions and 115 deletions
--- a/OpenCL/m18400-pure.cl
+++ b/OpenCL/m18400-pure.cl
@ -35,6 +35,7 @@ typedef struct odf12
  u32 iv[4];
  u32 checksum[8];
  u32 encrypted_data[256];
+  int encrypted_len;

 } odf12_t;

@ -352,111 +353,49 @@ KERNEL_FQ void m18400_comp (KERN_ATTR_TMPS_ESALT (odf12_tmp_t, odf12_t))
  iv[2] = es->iv[2];
  iv[3] = es->iv[3];

-  u32 ct[4];
+  u32 pt[256];

-  u32 pt1[4];
-  u32 pt2[4];
-  u32 pt3[4];
-  u32 pt4[4];
+  for (int i = 0, j = 0; i < es->encrypted_len; i += 16, j += 4)
+  {
+    u32 ct[4];
+
+    ct[0] = es->encrypted_data[j + 0];
+    ct[1] = es->encrypted_data[j + 1];
+    ct[2] = es->encrypted_data[j + 2];
+    ct[3] = es->encrypted_data[j + 3];
+
+    aes256_decrypt (ks, ct, pt + j, s_td0, s_td1, s_td2, s_td3, s_td4);
+
+    pt[j + 0] ^= iv[0];
+    pt[j + 1] ^= iv[1];
+    pt[j + 2] ^= iv[2];
+    pt[j + 3] ^= iv[3];
+
+    iv[0] = ct[0];
+    iv[1] = ct[1];
+    iv[2] = ct[2];
+    iv[3] = ct[3];
+  }
+
+  const int full64 = es->encrypted_len / 64;
+
+  const int encrypted_len64 = full64 * 64;

  sha256_ctx_t sha256_ctx;

  sha256_init (&sha256_ctx);

-  // decrypt aes-cbc and calculate plaintext checksum at the same time
-  for (int i = 0; i < 16; i++)
+  sha256_update_swap (&sha256_ctx, pt, encrypted_len64);
+
+  const int remaining64 = es->encrypted_len - encrypted_len64;
+
+  if (remaining64)
  {
-    const int i16 = i * 16;
+    u32 *pt_remaining = pt + (encrypted_len64 / 4);

-    ct[0] = es->encrypted_data[i16 + 0];
-    ct[1] = es->encrypted_data[i16 + 1];
-    ct[2] = es->encrypted_data[i16 + 2];
-    ct[3] = es->encrypted_data[i16 + 3];
+    truncate_block_16x4_be_S (pt_remaining + 0, pt_remaining + 4, pt_remaining + 8, pt_remaining + 12, remaining64);

-    aes256_decrypt (ks, ct, pt1, s_td0, s_td1, s_td2, s_td3, s_td4);
-
-    pt1[0] ^= iv[0];
-    pt1[1] ^= iv[1];
-    pt1[2] ^= iv[2];
-    pt1[3] ^= iv[3];
-
-    iv[0] = ct[0];
-    iv[1] = ct[1];
-    iv[2] = ct[2];
-    iv[3] = ct[3];
-
-    ct[0] = es->encrypted_data[i16 + 4];
-    ct[1] = es->encrypted_data[i16 + 5];
-    ct[2] = es->encrypted_data[i16 + 6];
-    ct[3] = es->encrypted_data[i16 + 7];
-
-    aes256_decrypt (ks, ct, pt2, s_td0, s_td1, s_td2, s_td3, s_td4);
-
-    pt2[0] ^= iv[0];
-    pt2[1] ^= iv[1];
-    pt2[2] ^= iv[2];
-    pt2[3] ^= iv[3];
-
-    iv[0] = ct[0];
-    iv[1] = ct[1];
-    iv[2] = ct[2];
-    iv[3] = ct[3];
-
-    ct[0] = es->encrypted_data[i16 +  8];
-    ct[1] = es->encrypted_data[i16 +  9];
-    ct[2] = es->encrypted_data[i16 + 10];
-    ct[3] = es->encrypted_data[i16 + 11];
-
-    aes256_decrypt (ks, ct, pt3, s_td0, s_td1, s_td2, s_td3, s_td4);
-
-    pt3[0] ^= iv[0];
-    pt3[1] ^= iv[1];
-    pt3[2] ^= iv[2];
-    pt3[3] ^= iv[3];
-
-    iv[0] = ct[0];
-    iv[1] = ct[1];
-    iv[2] = ct[2];
-    iv[3] = ct[3];
-
-    ct[0] = es->encrypted_data[i16 + 12];
-    ct[1] = es->encrypted_data[i16 + 13];
-    ct[2] = es->encrypted_data[i16 + 14];
-    ct[3] = es->encrypted_data[i16 + 15];
-
-    aes256_decrypt (ks, ct, pt4, s_td0, s_td1, s_td2, s_td3, s_td4);
-
-    pt4[0] ^= iv[0];
-    pt4[1] ^= iv[1];
-    pt4[2] ^= iv[2];
-    pt4[3] ^= iv[3];
-
-    iv[0] = ct[0];
-    iv[1] = ct[1];
-    iv[2] = ct[2];
-    iv[3] = ct[3];
-
-    pt1[0] = hc_swap32_S (pt1[0]);
-    pt1[1] = hc_swap32_S (pt1[1]);
-    pt1[2] = hc_swap32_S (pt1[2]);
-    pt1[3] = hc_swap32_S (pt1[3]);
-
-    pt2[0] = hc_swap32_S (pt2[0]);
-    pt2[1] = hc_swap32_S (pt2[1]);
-    pt2[2] = hc_swap32_S (pt2[2]);
-    pt2[3] = hc_swap32_S (pt2[3]);
-
-    pt3[0] = hc_swap32_S (pt3[0]);
-    pt3[1] = hc_swap32_S (pt3[1]);
-    pt3[2] = hc_swap32_S (pt3[2]);
-    pt3[3] = hc_swap32_S (pt3[3]);
-
-    pt4[0] = hc_swap32_S (pt4[0]);
-    pt4[1] = hc_swap32_S (pt4[1]);
-    pt4[2] = hc_swap32_S (pt4[2]);
-    pt4[3] = hc_swap32_S (pt4[3]);
-
-    sha256_update_64 (&sha256_ctx, pt1, pt2, pt3, pt4, 64);
+    sha256_update_swap (&sha256_ctx, pt_remaining, remaining64);
  }

  sha256_final (&sha256_ctx);
--- a/src/modules/module_18400.c
+++ b/src/modules/module_18400.c
@ -58,6 +58,7 @@ typedef struct odf12
  u32 iv[4];
  u32 checksum[8];
  u32 encrypted_data[256];
+  int encrypted_len;

 } odf12_t;

@ -166,18 +167,19 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
  token.attr[10]    = TOKEN_ATTR_VERIFY_LENGTH
                    | TOKEN_ATTR_VERIFY_DIGIT;

-  token.len[11]     = 2048;
-  token.attr[11]    = TOKEN_ATTR_FIXED_LENGTH
+  token.len_min[11] = 16;
+  token.len_max[11] = 2048;
+  token.sep[11]     = '*';
+  token.attr[11]    = TOKEN_ATTR_VERIFY_LENGTH
                    | TOKEN_ATTR_VERIFY_HEX;

  const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);

  if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);

-  const u8 *checksum         = token.buf[5];
-  const u8 *iv               = token.buf[7];
-  const u8 *salt_buf         = token.buf[9];
-  const u8 *encrypted_data   = token.buf[11];
+  const u8 *checksum  = token.buf[5];
+  const u8 *iv        = token.buf[7];
+  const u8 *salt_buf  = token.buf[9];

  const u32 cipher_type   = strtol ((const char *) token.buf[1],  NULL, 10);
  const u32 checksum_type = strtol ((const char *) token.buf[2],  NULL, 10);
@ -207,15 +209,19 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
  odf12->checksum[6] = hex_to_u32 (&checksum[48]);
  odf12->checksum[7] = hex_to_u32 (&checksum[56]);

+  // iv
+
  odf12->iv[0] = hex_to_u32 (&iv[0]);
  odf12->iv[1] = hex_to_u32 (&iv[8]);
  odf12->iv[2] = hex_to_u32 (&iv[16]);
  odf12->iv[3] = hex_to_u32 (&iv[24]);

-  for (int i = 0, j = 0; i < 256; i += 1, j += 8)
-  {
-    odf12->encrypted_data[i] = hex_to_u32 (&encrypted_data[j]);
-  }
+  // ct
+
+  const int ct_len = token.len[11];
+  const u8 *ct_pos = token.buf[11];
+
+  odf12->encrypted_len = hex_decode (ct_pos, ct_len, (u8 *) odf12->encrypted_data);

  // salt

@ -248,7 +254,19 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
 {
  const odf12_t *odf12 = (const odf12_t *) esalt_buf;

-  int out_len = snprintf (line_buf, line_size, "%s*1*1*%u*32*%08x%08x%08x%08x%08x%08x%08x%08x*16*%08x%08x%08x%08x*16*%08x%08x%08x%08x*0*",
+  // ct
+
+  u32 ct_buf[256];
+
+  for (int i = 0; i < 256; i++) ct_buf[i] = byte_swap_32 (odf12->encrypted_data[i]);
+
+  u8 ct_buf8[(256 * 4 * 2) + 1];
+
+  const int ct_len = hex_encode ((const u8 *) ct_buf, odf12->encrypted_len, ct_buf8);
+
+  ct_buf8[ct_len] = 0;
+
+  const int out_len = snprintf (line_buf, line_size, "%s*1*1*%u*32*%08x%08x%08x%08x%08x%08x%08x%08x*16*%08x%08x%08x%08x*16*%08x%08x%08x%08x*0*%s",
    SIGNATURE_ODF,
    odf12->iterations,
    byte_swap_32 (odf12->checksum[0]),
@ -266,14 +284,8 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
    byte_swap_32 (salt->salt_buf[0]),
    byte_swap_32 (salt->salt_buf[1]),
    byte_swap_32 (salt->salt_buf[2]),
-    byte_swap_32 (salt->salt_buf[3]));
-
-  u8 *out_buf = (u8 *) line_buf;
-
-  for (int i = 0; i < 256; i++)
-  {
-    u32_to_hex (odf12->encrypted_data[i], out_buf + out_len); out_len += 8;
-  }
+    byte_swap_32 (salt->salt_buf[3]),
+    (char *) ct_buf8);

  return out_len;
 }