From 546b94f3d205e92b13bb67ab43acd8878e9dd5b3 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sun, 14 May 2023 00:26:43 +0200 Subject: [PATCH 01/32] added missing memset for token2 in module_hash_decode(), module_00501.c --- src/modules/module_00501.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/modules/module_00501.c b/src/modules/module_00501.c index 885951b59..76980adaa 100644 --- a/src/modules/module_00501.c +++ b/src/modules/module_00501.c @@ -273,6 +273,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE hc_token_t token2; + memset (&token2, 0, sizeof (hc_token_t)); + token2.token_cnt = 3; token2.signatures_cnt = 1; @@ -286,6 +288,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE token2.len[1] = 8; token2.attr[1] = TOKEN_ATTR_FIXED_LENGTH; + token2.sep[2] = '$'; token2.len[2] = 22; token2.attr[2] = TOKEN_ATTR_FIXED_LENGTH | TOKEN_ATTR_VERIFY_BASE64B; From 33581b4155cea76dbcda0a86ee000a65df0fb18e Mon Sep 17 00:00:00 2001 From: Christo Erasmus <131447877+erasmusc@users.noreply.github.com> Date: Mon, 15 May 2023 13:32:48 +0200 Subject: [PATCH 02/32] Added plugins for AES128 and AES256 AS-REPs --- OpenCL/m33100-pure.cl | 1038 ++++++++++++++++++++++++++++++++ OpenCL/m33200-pure.cl | 1101 ++++++++++++++++++++++++++++++++++ src/modules/module_33100.c | 420 +++++++++++++ src/modules/module_33200.c | 419 +++++++++++++ tools/test_modules/m33100.pm | 217 +++++++ tools/test_modules/m33200.pm | 224 +++++++ 6 files changed, 3419 insertions(+) create mode 100755 OpenCL/m33100-pure.cl create mode 100755 OpenCL/m33200-pure.cl create mode 100755 src/modules/module_33100.c create mode 100755 src/modules/module_33200.c create mode 100755 tools/test_modules/m33100.pm create mode 100755 tools/test_modules/m33200.pm diff --git a/OpenCL/m33100-pure.cl b/OpenCL/m33100-pure.cl new file mode 100755 index 000000000..a7869ea33 --- /dev/null +++ b/OpenCL/m33100-pure.cl @@ -0,0 +1,1038 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha1.cl) +#include M2S(INCLUDE_PATH/inc_cipher_aes.cl) +#endif + +typedef struct krb5asrep_17 +{ + u32 user[128]; + u32 domain[128]; + u32 account_info[512]; + u32 account_info_len; + + u32 checksum[3]; + u32 edata2[5120]; + u32 edata2_len; + u32 format; + +} krb5asrep_17_t; + +typedef struct krb5asrep_17_tmp +{ + u32 ipad[5]; + u32 opad[5]; + u32 dgst[10]; + u32 out[10]; + +} krb5asrep_17_tmp_t; + +DECLSPEC void aes128_encrypt_cbc (PRIVATE_AS const u32 *aes_ks, PRIVATE_AS u32 *aes_iv, PRIVATE_AS const u32 *in, PRIVATE_AS u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4) +{ + u32 data[4]; + + data[0] = hc_swap32_S (in[0]); + data[1] = hc_swap32_S (in[1]); + data[2] = hc_swap32_S (in[2]); + data[3] = hc_swap32_S (in[3]); + + data[0] ^= aes_iv[0]; + data[1] ^= aes_iv[1]; + data[2] ^= aes_iv[2]; + data[3] ^= aes_iv[3]; + + aes128_encrypt (aes_ks, data, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + aes_iv[0] = out[0]; + aes_iv[1] = out[1]; + aes_iv[2] = out[2]; + aes_iv[3] = out[3]; + + out[0] = hc_swap32_S (out[0]); + out[1] = hc_swap32_S (out[1]); + out[2] = hc_swap32_S (out[2]); + out[3] = hc_swap32_S (out[3]); +} + +DECLSPEC void aes128_decrypt_cbc (PRIVATE_AS const u32 *ks1, PRIVATE_AS const u32 *in, PRIVATE_AS u32 *out, PRIVATE_AS u32 *essiv, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4) +{ + aes128_decrypt (ks1, in, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= essiv[0]; + out[1] ^= essiv[1]; + out[2] ^= essiv[2]; + out[3] ^= essiv[3]; + + essiv[0] = in[0]; + essiv[1] = in[1]; + essiv[2] = in[2]; + essiv[3] = in[3]; +} + +DECLSPEC void hmac_sha1_run_V (PRIVATE_AS u32x *w0, PRIVATE_AS u32x *w1, PRIVATE_AS u32x *w2, PRIVATE_AS u32x *w3, PRIVATE_AS u32x *ipad, PRIVATE_AS u32x *opad, PRIVATE_AS u32x *digest) +{ + digest[0] = ipad[0]; + digest[1] = ipad[1]; + digest[2] = ipad[2]; + digest[3] = ipad[3]; + digest[4] = ipad[4]; + + sha1_transform_vector (w0, w1, w2, w3, digest); + + w0[0] = digest[0]; + w0[1] = digest[1]; + w0[2] = digest[2]; + w0[3] = digest[3]; + w1[0] = digest[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = (64 + 20) * 8; + + digest[0] = opad[0]; + digest[1] = opad[1]; + digest[2] = opad[2]; + digest[3] = opad[3]; + digest[4] = opad[4]; + + sha1_transform_vector (w0, w1, w2, w3, digest); +} + +KERNEL_FQ void m33100_init (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + /** + * main + */ + + /* initialize hmac-sha1 for pbkdf2(password, account, 4096, account_len) */ + + sha1_hmac_ctx_t sha1_hmac_ctx; + + sha1_hmac_init_global_swap (&sha1_hmac_ctx, pws[gid].i, pws[gid].pw_len); + + tmps[gid].ipad[0] = sha1_hmac_ctx.ipad.h[0]; + tmps[gid].ipad[1] = sha1_hmac_ctx.ipad.h[1]; + tmps[gid].ipad[2] = sha1_hmac_ctx.ipad.h[2]; + tmps[gid].ipad[3] = sha1_hmac_ctx.ipad.h[3]; + tmps[gid].ipad[4] = sha1_hmac_ctx.ipad.h[4]; + + tmps[gid].opad[0] = sha1_hmac_ctx.opad.h[0]; + tmps[gid].opad[1] = sha1_hmac_ctx.opad.h[1]; + tmps[gid].opad[2] = sha1_hmac_ctx.opad.h[2]; + tmps[gid].opad[3] = sha1_hmac_ctx.opad.h[3]; + tmps[gid].opad[4] = sha1_hmac_ctx.opad.h[4]; + + sha1_hmac_update_global_swap (&sha1_hmac_ctx, esalt_bufs[DIGESTS_OFFSET_HOST].account_info, esalt_bufs[DIGESTS_OFFSET_HOST].account_info_len); + + for (u32 i = 0, j = 1; i < 4; i += 5, j += 1) + { + sha1_hmac_ctx_t sha1_hmac_ctx2 = sha1_hmac_ctx; + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx2, w0, w1, w2, w3, 4); + + sha1_hmac_final (&sha1_hmac_ctx2); + + tmps[gid].dgst[i + 0] = sha1_hmac_ctx2.opad.h[0]; + tmps[gid].dgst[i + 1] = sha1_hmac_ctx2.opad.h[1]; + tmps[gid].dgst[i + 2] = sha1_hmac_ctx2.opad.h[2]; + tmps[gid].dgst[i + 3] = sha1_hmac_ctx2.opad.h[3]; + tmps[gid].dgst[i + 4] = sha1_hmac_ctx2.opad.h[4]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + } +} + +KERNEL_FQ void m33100_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) +{ + /** + * base + */ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= GID_CNT) return; + + u32x ipad[5]; + u32x opad[5]; + + ipad[0] = packv (tmps, ipad, gid, 0); + ipad[1] = packv (tmps, ipad, gid, 1); + ipad[2] = packv (tmps, ipad, gid, 2); + ipad[3] = packv (tmps, ipad, gid, 3); + ipad[4] = packv (tmps, ipad, gid, 4); + + opad[0] = packv (tmps, opad, gid, 0); + opad[1] = packv (tmps, opad, gid, 1); + opad[2] = packv (tmps, opad, gid, 2); + opad[3] = packv (tmps, opad, gid, 3); + opad[4] = packv (tmps, opad, gid, 4); + + for (u32 i = 0; i < 4; i += 5) + { + u32x dgst[5]; + u32x out[5]; + + dgst[0] = packv (tmps, dgst, gid, i + 0); + dgst[1] = packv (tmps, dgst, gid, i + 1); + dgst[2] = packv (tmps, dgst, gid, i + 2); + dgst[3] = packv (tmps, dgst, gid, i + 3); + dgst[4] = packv (tmps, dgst, gid, i + 4); + + out[0] = packv (tmps, out, gid, i + 0); + out[1] = packv (tmps, out, gid, i + 1); + out[2] = packv (tmps, out, gid, i + 2); + out[3] = packv (tmps, out, gid, i + 3); + out[4] = packv (tmps, out, gid, i + 4); + + for (u32 j = 0; j < LOOP_CNT; j++) + { + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = dgst[0]; + w0[1] = dgst[1]; + w0[2] = dgst[2]; + w0[3] = dgst[3]; + w1[0] = dgst[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = (64 + 20) * 8; + + hmac_sha1_run_V (w0, w1, w2, w3, ipad, opad, dgst); + + out[0] ^= dgst[0]; + out[1] ^= dgst[1]; + out[2] ^= dgst[2]; + out[3] ^= dgst[3]; + out[4] ^= dgst[4]; + } + + unpackv (tmps, dgst, gid, i + 0, dgst[0]); + unpackv (tmps, dgst, gid, i + 1, dgst[1]); + unpackv (tmps, dgst, gid, i + 2, dgst[2]); + unpackv (tmps, dgst, gid, i + 3, dgst[3]); + unpackv (tmps, dgst, gid, i + 4, dgst[4]); + + unpackv (tmps, out, gid, i + 0, out[0]); + unpackv (tmps, out, gid, i + 1, out[1]); + unpackv (tmps, out, gid, i + 2, out[2]); + unpackv (tmps, out, gid, i + 3, out[3]); + unpackv (tmps, out, gid, i + 4, out[4]); + } +} + +KERNEL_FQ void m33100_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + #endif + + if (gid >= GID_CNT) return; + + /* + at this point, the output ('seed') will be used to generate AES keys: + + key_bytes = derive(seed, 'kerberos'.encode(), seedsize) + + 'key_bytes' will be the AES key used to generate 'ke' and 'ki' + 'ke' will be the AES key to decrypt the ticket + 'ki' will be the key to compute the final HMAC + */ + + u32 nfolded[4]; + + // we can precompute _nfold('kerberos', 16) + nfolded[0] = 0x6b657262; + nfolded[1] = 0x65726f73; + nfolded[2] = 0x7b9b5b2b; + nfolded[3] = 0x93132b93; + + // then aes_cbc encrypt this nfolded value with 'seed' as key along with a null IV + u32 aes_key[4]; + + aes_key[0] = hc_swap32_S (tmps[gid].out[0]); + aes_key[1] = hc_swap32_S (tmps[gid].out[1]); + aes_key[2] = hc_swap32_S (tmps[gid].out[2]); + aes_key[3] = hc_swap32_S (tmps[gid].out[3]); + + u32 aes_iv[4]; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + u32 aes_ks[44]; + + aes128_set_encrypt_key (aes_ks, aes_key, s_te0, s_te1, s_te2, s_te3); + + u32 key_bytes[4]; + + aes128_encrypt_cbc (aes_ks, aes_iv, nfolded, key_bytes, s_te0, s_te1, s_te2, s_te3, s_te4); + + /* + We will now compute 'ki', having 'key_bytes' + + Description of the key derivation function from RFC3961 Section 5.3: + The "well-known constant" used for the DK function is the key usage + number, expressed as four octets in big-endian order, followed by + one octet indicated below. + Kc = DK(base-key, usage | 0x99); + Ke = DK(base-key, usage | 0xAA); + Ki = DK(base-key, usage | 0x55); + + The key usage numbers are defined in RFC4120. In Section 5.4.2, it + specifies that a key usage number of 3 is used for the EncASRepPart + of an AS-REP message. + */ + + u32 ki[4]; + + key_bytes[0] = hc_swap32_S (key_bytes[0]); + key_bytes[1] = hc_swap32_S (key_bytes[1]); + key_bytes[2] = hc_swap32_S (key_bytes[2]); + key_bytes[3] = hc_swap32_S (key_bytes[3]); + + // we can precompute _nfold(pack('>IB', 3, 0x55), 16) + nfolded[0] = 0x6b60b058; + nfolded[1] = 0x2a6ba80d; + nfolded[2] = 0x5aad56ab; + nfolded[3] = 0x55406ad5; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + // then aes_cbc encrypt this nfolded value with 'key_bytes' as key along with a null IV + aes128_set_encrypt_key (aes_ks, key_bytes, s_te0, s_te1, s_te2, s_te3); + + aes128_encrypt_cbc (aes_ks, aes_iv, nfolded, ki, s_te0, s_te1, s_te2, s_te3, s_te4); + + /* we will now compute 'ke' */ + + u32 ke[4]; + + // we can precompute _nfold(pack('>IB', 3, 0xAA), 16) + nfolded[0] = 0xbe349a4d; + nfolded[1] = 0x24be500e; + nfolded[2] = 0xaf57abd5; + nfolded[3] = 0xea80757a; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + // then aes_cbc encrypt this nfolded value with 'key_bytes' as key along with a null IV + aes128_encrypt_cbc (aes_ks, aes_iv, nfolded, ke, s_te0, s_te1, s_te2, s_te3, s_te4); + + /* + We now have 'ke' and 'ki' + + We will decrypt (with 'ke') the 32 first bytes to search for ASN.1 structs + and if we find ASN.1 structs, we will compute the hmac (with 'ki') + + For AS-REP EncASRepPart: + The first byte is 0x79 (01 1 11001, where 01 = "class=APPLICATION", 1 = "form=constructed", 11001 is application type 25) + + According to RFC4120 Section 5.4.2: "Some implementations unconditionally send an encrypted EncTGSRepPart (application + tag number 26) in this field regardless of whether the reply is a AS-REP or a TGS-REP. In the interest of compatibility, + implementors MAY relax the check on the tag number of the decrypted ENC-PART" + + The first byte can thus also be 0x7a (corresponding to application type 26) instead of 0x79 + + The next byte is the length: + + if length < 128 bytes: + length is on 1 byte, and the next byte is 0x30 (class=SEQUENCE) + else if length <= 256: + length is on 2 bytes, the first byte is 0x81, and the third byte is 0x30 (class=SEQUENCE) + else if length > 256: + length is on 3 bytes, the first byte is 0x82, and the fourth byte is 0x30 (class=SEQUENCE) + */ + + u32 first_blocks[16]; + + u32 decrypted_block[4]; + + first_blocks[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[0]; + first_blocks[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[1]; + first_blocks[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[2]; + first_blocks[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[3]; + + first_blocks[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[4]; // possible ASN1 structs + first_blocks[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[5]; + first_blocks[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[6]; // possible ASN1 structs + first_blocks[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[7]; + + /* + we will decrypt them here in order to be able to compute hmac directly + if ASN1 structs were to be found + */ + first_blocks[8] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[8]; + first_blocks[9] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[9]; + first_blocks[10] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[10]; + first_blocks[11] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[11]; + + first_blocks[12] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[12]; + first_blocks[13] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[13]; + first_blocks[14] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[14]; + first_blocks[15] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[15]; + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + u32 aes_cts_decrypt_ks[44]; + + AES128_set_decrypt_key (aes_cts_decrypt_ks, ke, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + aes128_decrypt_cbc (aes_cts_decrypt_ks, first_blocks, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, first_blocks + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + if (((decrypted_block[0] & 0x00ff80ff) == 0x00300079) || + ((decrypted_block[0] & 0x00ff80ff) == 0x0030007a) || + ((decrypted_block[0] & 0xFF00FFFF) == 0x30008179) || + ((decrypted_block[0] & 0xFF00FFFF) == 0x3000817a) || + ((decrypted_block[0] & 0x0000FFFF) == 0x00008279 && (decrypted_block[1] & 0x000000FF) == 0x00000030) || + ((decrypted_block[0] & 0x0000FFFF) == 0x0000827a && (decrypted_block[1] & 0x000000FF) == 0x00000030)) + { + // now we decrypt all the ticket to verify checksum + int block_position; + + int edata2_len = esalt_bufs[DIGESTS_OFFSET_HOST].edata2_len; + + int edata2_left; + + u32 block[16]; + + int last_block_size = edata2_len % 16; + + if (last_block_size == 0) + { + last_block_size = 16; + } + + int last_part = last_block_size + 16; + + int need = edata2_len - last_part; + + int last_block_cbc_position = (need - 16) / 4; + + // we need to decrypt also the 2 following blocks in order to be able to compute the hmac directly + aes128_decrypt_cbc (aes_cts_decrypt_ks, first_blocks + 8, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w2[0] = hc_swap32_S (decrypted_block[0]); + w2[1] = hc_swap32_S (decrypted_block[1]); + w2[2] = hc_swap32_S (decrypted_block[2]); + w2[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, first_blocks + 12, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w3[0] = hc_swap32_S (decrypted_block[0]); + w3[1] = hc_swap32_S (decrypted_block[1]); + w3[2] = hc_swap32_S (decrypted_block[2]); + w3[3] = hc_swap32_S (decrypted_block[3]); + + sha1_hmac_ctx_t sha1_hmac_ctx; + + /* + hmac message = plaintext + hmac key = ki + */ + + u32 k0[4]; + u32 k1[4]; + u32 k2[4]; + u32 k3[4]; + + k0[0] = ki[0]; + k0[1] = ki[1]; + k0[2] = ki[2]; + k0[3] = ki[3]; + + k1[0] = 0; + k1[1] = 0; + k1[2] = 0; + k1[3] = 0; + + k2[0] = 0; + k2[1] = 0; + k2[2] = 0; + k2[3] = 0; + + k3[0] = 0; + k3[1] = 0; + k3[2] = 0; + k3[3] = 0; + + sha1_hmac_init_64 (&sha1_hmac_ctx, k0, k1, k2, k3); + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 64); + + block_position = 16; + + // first 4 blocks are already decrypted + for (edata2_left = need - 64; edata2_left >= 64; edata2_left -= 64) + { + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + block[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 4]; + block[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 5]; + block[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 6]; + block[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 7]; + block[8] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 8]; + block[9] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 9]; + block[10] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 10]; + block[11] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 11]; + block[12] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 12]; + block[13] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 13]; + block[14] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 14]; + block[15] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 15]; + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block + 8, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w2[0] = hc_swap32_S (decrypted_block[0]); + w2[1] = hc_swap32_S (decrypted_block[1]); + w2[2] = hc_swap32_S (decrypted_block[2]); + w2[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block + 12, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w3[0] = hc_swap32_S (decrypted_block[0]); + w3[1] = hc_swap32_S (decrypted_block[1]); + w3[2] = hc_swap32_S (decrypted_block[2]); + w3[3] = hc_swap32_S (decrypted_block[3]); + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 64); + + block_position += 16; + } + + if (edata2_left == 16) + { + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 16); + + block_position += 4; + } + else if (edata2_left == 32) + { + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + block[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 4]; + block[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 5]; + block[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 6]; + block[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 7]; + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 32); + + block_position += 8; + } + else if (edata2_left == 48) + { + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + block[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 4]; + block[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 5]; + block[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 6]; + block[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 7]; + block[8] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 8]; + block[9] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 9]; + block[10] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 10]; + block[11] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 11]; + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + aes128_decrypt_cbc (aes_cts_decrypt_ks, block + 8, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w2[0] = hc_swap32_S (decrypted_block[0]); + w2[1] = hc_swap32_S (decrypted_block[1]); + w2[2] = hc_swap32_S (decrypted_block[2]); + w2[3] = hc_swap32_S (decrypted_block[3]); + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 48); + + block_position += 12; + } + + /* + now all the ticket should be decrypted until block n-1 (not included) + and n + */ + + // this is block n-2, it will be xored with the n-1 block later crafted + u32 last_block_cbc[4]; + + last_block_cbc[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 0]; + last_block_cbc[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 1]; + last_block_cbc[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 2]; + last_block_cbc[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 3]; + + // n-1 block is decrypted separately from the previous blocks which were cbc decrypted + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + + aes128_decrypt (aes_cts_decrypt_ks, block, decrypted_block, s_td0, s_td1, s_td2, s_td3, s_td4); + + u32 last_block[4]; + + int last_block_position = (edata2_len - last_block_size) / 4; + + u32 n_1_crafted[4]; + + u32 last_plaintext[4]; + + last_plaintext[0] = 0; + last_plaintext[1] = 0; + last_plaintext[2] = 0; + last_plaintext[3] = 0; + + /* + n-1 block is first computed as follows: + - fill n-1 block with the X first bytes of the encrypted last block (n) + with X == length of last block + - complete the rest of the block with + + Final block (n) is computed as follows: + - fill with the X first bytes from n-1 block decrypted and xor them with last block (n) + with X == length of last block + */ + int remaining_blocks = last_block_size / 4; + + /* + last block is not necessarily aligned on 4 bytes so we will have + to shift values for the CTS crap... + */ + u32 shift = last_block_size % 4; + + u32 mask; + + switch (remaining_blocks) + { + case 0: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + + mask = (0xffffffff >> ((4 - last_block_size) * 8)); + + last_plaintext[0] = last_block[0] ^ (decrypted_block[0] & mask); + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + + n_1_crafted[0] = (last_block[0] & mask) | (decrypted_block[0] & (mask ^ 0xffffffff)); + n_1_crafted[1] = decrypted_block[1]; + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + break; + + case 1: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + + if (shift == 0) + { + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = decrypted_block[1]; + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + } + else + { + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + + mask = (0xffffffff >> ((4 - (last_block_size % 4)) * 8)); + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ (decrypted_block[1] & mask); + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = (last_block[1] & mask) | (decrypted_block[1] & (mask ^ 0xffffffff)); + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + } + break; + + case 2: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + + if (shift == 0) + { + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + } + else + { + last_block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 2]; + + mask = (0xffffffff >> ((4 - (last_block_size % 4)) * 8)); + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ (decrypted_block[2] & mask); + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = (last_block[2] & mask) | (decrypted_block[2] & (mask ^ 0xffffffff)); + n_1_crafted[3] = decrypted_block[3]; + } + break; + + case 3: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + last_block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 2]; + + if (shift == 0) + { + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = last_block[2]; + n_1_crafted[3] = decrypted_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ decrypted_block[2]; + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + } + else + { + last_block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 3]; + + mask = (0xffffffff >> ((4 - (last_block_size % 4)) * 8)); + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ decrypted_block[2]; + last_plaintext[3] = last_block[3] ^ (decrypted_block[3] & mask); + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + last_plaintext[3] = hc_swap32_S (last_plaintext[3]); + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = last_block[2]; + n_1_crafted[3] = (last_block[3] & mask) | (decrypted_block[3] & (mask ^ 0xffffffff)); + } + break; + + case 4: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + last_block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 2]; + last_block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 3]; + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = last_block[2]; + n_1_crafted[3] = last_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ decrypted_block[2]; + last_plaintext[3] = last_block[3] ^ decrypted_block[3]; + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + last_plaintext[3] = hc_swap32_S (last_plaintext[3]); + break; + + default: + return; + } + + // then decrypt this newly created n-1 with 'ke' + aes128_decrypt (aes_cts_decrypt_ks, n_1_crafted, n_1_crafted, s_td0, s_td1, s_td2, s_td3, s_td4); + + // then xor with the encrypted n-2 block + n_1_crafted[0] ^= last_block_cbc[0]; + n_1_crafted[1] ^= last_block_cbc[1]; + n_1_crafted[2] ^= last_block_cbc[2]; + n_1_crafted[3] ^= last_block_cbc[3]; + + w0[0] = hc_swap32_S (n_1_crafted[0]); + w0[1] = hc_swap32_S (n_1_crafted[1]); + w0[2] = hc_swap32_S (n_1_crafted[2]); + w0[3] = hc_swap32_S (n_1_crafted[3]); + + w1[0] = last_plaintext[0]; + w1[1] = last_plaintext[1]; + w1[2] = last_plaintext[2]; + w1[3] = last_plaintext[3]; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 16 + last_block_size); + + sha1_hmac_final (&sha1_hmac_ctx); + + if (sha1_hmac_ctx.opad.h[0] == esalt_bufs[DIGESTS_OFFSET_HOST].checksum[0] + && sha1_hmac_ctx.opad.h[1] == esalt_bufs[DIGESTS_OFFSET_HOST].checksum[1] + && sha1_hmac_ctx.opad.h[2] == esalt_bufs[DIGESTS_OFFSET_HOST].checksum[2]) + { + if (hc_atomic_inc (&hashes_shown[DIGESTS_OFFSET_HOST]) == 0) + { + #define il_pos 0 + mark_hash (plains_buf, d_return_buf, SALT_POS_HOST, DIGESTS_CNT, 0, DIGESTS_OFFSET_HOST + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m33200-pure.cl b/OpenCL/m33200-pure.cl new file mode 100755 index 000000000..26f9840c8 --- /dev/null +++ b/OpenCL/m33200-pure.cl @@ -0,0 +1,1101 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha1.cl) +#include M2S(INCLUDE_PATH/inc_cipher_aes.cl) +#endif + +typedef struct krb5asrep_18 +{ + u32 user[128]; + u32 domain[128]; + u32 account_info[512]; + u32 account_info_len; + + u32 checksum[3]; + u32 edata2[5120]; + u32 edata2_len; + u32 format; + +} krb5asrep_18_t; + +typedef struct krb5asrep_18_tmp +{ + u32 ipad[5]; + u32 opad[5]; + u32 dgst[16]; + u32 out[16]; + +} krb5asrep_18_tmp_t; + +DECLSPEC void aes256_encrypt_cbc (PRIVATE_AS const u32 *aes_ks, PRIVATE_AS u32 *aes_iv, PRIVATE_AS const u32 *in, PRIVATE_AS u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4) +{ + u32 data[4]; + + data[0] = hc_swap32_S (in[0]); + data[1] = hc_swap32_S (in[1]); + data[2] = hc_swap32_S (in[2]); + data[3] = hc_swap32_S (in[3]); + + data[0] ^= aes_iv[0]; + data[1] ^= aes_iv[1]; + data[2] ^= aes_iv[2]; + data[3] ^= aes_iv[3]; + + aes256_encrypt (aes_ks, data, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + aes_iv[0] = out[0]; + aes_iv[1] = out[1]; + aes_iv[2] = out[2]; + aes_iv[3] = out[3]; + + out[0] = hc_swap32_S (out[0]); + out[1] = hc_swap32_S (out[1]); + out[2] = hc_swap32_S (out[2]); + out[3] = hc_swap32_S (out[3]); +} + +DECLSPEC void aes256_decrypt_cbc (PRIVATE_AS const u32 *ks1, PRIVATE_AS const u32 *in, PRIVATE_AS u32 *out, PRIVATE_AS u32 *essiv, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4) +{ + aes256_decrypt (ks1, in, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= essiv[0]; + out[1] ^= essiv[1]; + out[2] ^= essiv[2]; + out[3] ^= essiv[3]; + + essiv[0] = in[0]; + essiv[1] = in[1]; + essiv[2] = in[2]; + essiv[3] = in[3]; +} + +DECLSPEC void hmac_sha1_run_V (PRIVATE_AS u32x *w0, PRIVATE_AS u32x *w1, PRIVATE_AS u32x *w2, PRIVATE_AS u32x *w3, PRIVATE_AS u32x *ipad, PRIVATE_AS u32x *opad, PRIVATE_AS u32x *digest) +{ + digest[0] = ipad[0]; + digest[1] = ipad[1]; + digest[2] = ipad[2]; + digest[3] = ipad[3]; + digest[4] = ipad[4]; + + sha1_transform_vector (w0, w1, w2, w3, digest); + + w0[0] = digest[0]; + w0[1] = digest[1]; + w0[2] = digest[2]; + w0[3] = digest[3]; + w1[0] = digest[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = (64 + 20) * 8; + + digest[0] = opad[0]; + digest[1] = opad[1]; + digest[2] = opad[2]; + digest[3] = opad[3]; + digest[4] = opad[4]; + + sha1_transform_vector (w0, w1, w2, w3, digest); +} + +KERNEL_FQ void m33200_init (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + /** + * main + */ + + /* initialize hmac-sha1 for pbkdf2(password, account, 4096, account_len) */ + + sha1_hmac_ctx_t sha1_hmac_ctx; + + sha1_hmac_init_global_swap (&sha1_hmac_ctx, pws[gid].i, pws[gid].pw_len); + + tmps[gid].ipad[0] = sha1_hmac_ctx.ipad.h[0]; + tmps[gid].ipad[1] = sha1_hmac_ctx.ipad.h[1]; + tmps[gid].ipad[2] = sha1_hmac_ctx.ipad.h[2]; + tmps[gid].ipad[3] = sha1_hmac_ctx.ipad.h[3]; + tmps[gid].ipad[4] = sha1_hmac_ctx.ipad.h[4]; + + tmps[gid].opad[0] = sha1_hmac_ctx.opad.h[0]; + tmps[gid].opad[1] = sha1_hmac_ctx.opad.h[1]; + tmps[gid].opad[2] = sha1_hmac_ctx.opad.h[2]; + tmps[gid].opad[3] = sha1_hmac_ctx.opad.h[3]; + tmps[gid].opad[4] = sha1_hmac_ctx.opad.h[4]; + + sha1_hmac_update_global_swap (&sha1_hmac_ctx, esalt_bufs[DIGESTS_OFFSET_HOST].account_info, esalt_bufs[DIGESTS_OFFSET_HOST].account_info_len); + + for (u32 i = 0, j = 1; i < 8; i += 5, j += 1) + { + sha1_hmac_ctx_t sha1_hmac_ctx2 = sha1_hmac_ctx; + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx2, w0, w1, w2, w3, 4); + + sha1_hmac_final (&sha1_hmac_ctx2); + + tmps[gid].dgst[i + 0] = sha1_hmac_ctx2.opad.h[0]; + tmps[gid].dgst[i + 1] = sha1_hmac_ctx2.opad.h[1]; + tmps[gid].dgst[i + 2] = sha1_hmac_ctx2.opad.h[2]; + tmps[gid].dgst[i + 3] = sha1_hmac_ctx2.opad.h[3]; + tmps[gid].dgst[i + 4] = sha1_hmac_ctx2.opad.h[4]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + } +} + +KERNEL_FQ void m33200_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) +{ + /** + * base + */ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= GID_CNT) return; + + u32x ipad[5]; + u32x opad[5]; + + ipad[0] = packv (tmps, ipad, gid, 0); + ipad[1] = packv (tmps, ipad, gid, 1); + ipad[2] = packv (tmps, ipad, gid, 2); + ipad[3] = packv (tmps, ipad, gid, 3); + ipad[4] = packv (tmps, ipad, gid, 4); + + opad[0] = packv (tmps, opad, gid, 0); + opad[1] = packv (tmps, opad, gid, 1); + opad[2] = packv (tmps, opad, gid, 2); + opad[3] = packv (tmps, opad, gid, 3); + opad[4] = packv (tmps, opad, gid, 4); + + for (u32 i = 0; i < 8; i += 5) + { + u32x dgst[5]; + u32x out[5]; + + dgst[0] = packv (tmps, dgst, gid, i + 0); + dgst[1] = packv (tmps, dgst, gid, i + 1); + dgst[2] = packv (tmps, dgst, gid, i + 2); + dgst[3] = packv (tmps, dgst, gid, i + 3); + dgst[4] = packv (tmps, dgst, gid, i + 4); + + out[0] = packv (tmps, out, gid, i + 0); + out[1] = packv (tmps, out, gid, i + 1); + out[2] = packv (tmps, out, gid, i + 2); + out[3] = packv (tmps, out, gid, i + 3); + out[4] = packv (tmps, out, gid, i + 4); + + for (u32 j = 0; j < LOOP_CNT; j++) + { + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = dgst[0]; + w0[1] = dgst[1]; + w0[2] = dgst[2]; + w0[3] = dgst[3]; + w1[0] = dgst[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = (64 + 20) * 8; + + hmac_sha1_run_V (w0, w1, w2, w3, ipad, opad, dgst); + + out[0] ^= dgst[0]; + out[1] ^= dgst[1]; + out[2] ^= dgst[2]; + out[3] ^= dgst[3]; + out[4] ^= dgst[4]; + } + + unpackv (tmps, dgst, gid, i + 0, dgst[0]); + unpackv (tmps, dgst, gid, i + 1, dgst[1]); + unpackv (tmps, dgst, gid, i + 2, dgst[2]); + unpackv (tmps, dgst, gid, i + 3, dgst[3]); + unpackv (tmps, dgst, gid, i + 4, dgst[4]); + + unpackv (tmps, out, gid, i + 0, out[0]); + unpackv (tmps, out, gid, i + 1, out[1]); + unpackv (tmps, out, gid, i + 2, out[2]); + unpackv (tmps, out, gid, i + 3, out[3]); + unpackv (tmps, out, gid, i + 4, out[4]); + } +} + +KERNEL_FQ void m33200_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= GID_CNT) return; + + /* + at this point, the output ('seed') will be used to generate AES keys: + + key_bytes = derive(seed, 'kerberos'.encode(), seedsize) + + 'key_bytes' will be the AES key used to generate 'ke' and 'ki' + 'ke' will be the AES key to decrypt the ticket + 'ki' will be the key to compute the final HMAC + */ + + u32 nfolded[4]; + + // we can precompute _nfold('kerberos', 16) + nfolded[0] = 0x6b657262; + nfolded[1] = 0x65726f73; + nfolded[2] = 0x7b9b5b2b; + nfolded[3] = 0x93132b93; + + // then aes_cbc encrypt this nfolded value with 'seed' as key along with a null IV + u32 aes_key[8]; + + aes_key[0] = hc_swap32_S (tmps[gid].out[0]); + aes_key[1] = hc_swap32_S (tmps[gid].out[1]); + aes_key[2] = hc_swap32_S (tmps[gid].out[2]); + aes_key[3] = hc_swap32_S (tmps[gid].out[3]); + aes_key[4] = hc_swap32_S (tmps[gid].out[4]); + aes_key[5] = hc_swap32_S (tmps[gid].out[5]); + aes_key[6] = hc_swap32_S (tmps[gid].out[6]); + aes_key[7] = hc_swap32_S (tmps[gid].out[7]); + + u32 aes_iv[4]; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + u32 aes_ks[60]; + + aes256_set_encrypt_key (aes_ks, aes_key, s_te0, s_te1, s_te2, s_te3); + + u32 key_bytes[8]; + + u32 out[4]; + aes256_encrypt_cbc (aes_ks, aes_iv, nfolded, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + key_bytes[0] = out[0]; + key_bytes[1] = out[1]; + key_bytes[2] = out[2]; + key_bytes[3] = out[3]; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + aes256_encrypt_cbc (aes_ks, aes_iv, out, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + key_bytes[4] = out[0]; + key_bytes[5] = out[1]; + key_bytes[6] = out[2]; + key_bytes[7] = out[3]; + + /* + We will now compute 'ki', having 'key_bytes' + + Description of the key derivation function from RFC3961 Section 5.3: + The "well-known constant" used for the DK function is the key usage + number, expressed as four octets in big-endian order, followed by + one octet indicated below. + Kc = DK(base-key, usage | 0x99); + Ke = DK(base-key, usage | 0xAA); + Ki = DK(base-key, usage | 0x55); + + The key usage numbers are defined in RFC4120. In Section 5.4.2, it + specifies that a key usage number of 3 is used for the EncASRepPart + of an AS-REP message. + */ + + u32 ki[8]; + + // we can precompute _nfold(pack('>IB', 3, 0x55), 16) + nfolded[0] = 0x6b60b058; + nfolded[1] = 0x2a6ba80d; + nfolded[2] = 0x5aad56ab; + nfolded[3] = 0x55406ad5; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + key_bytes[0] = hc_swap32_S (key_bytes[0]); + key_bytes[1] = hc_swap32_S (key_bytes[1]); + key_bytes[2] = hc_swap32_S (key_bytes[2]); + key_bytes[3] = hc_swap32_S (key_bytes[3]); + key_bytes[4] = hc_swap32_S (key_bytes[4]); + key_bytes[5] = hc_swap32_S (key_bytes[5]); + key_bytes[6] = hc_swap32_S (key_bytes[6]); + key_bytes[7] = hc_swap32_S (key_bytes[7]); + + // then aes_cbc encrypt this nfolded value with 'key_bytes' as key along with a null IV + aes256_set_encrypt_key (aes_ks, key_bytes, s_te0, s_te1, s_te2, s_te3); + + aes256_encrypt_cbc (aes_ks, aes_iv, nfolded, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + ki[0] = out[0]; + ki[1] = out[1]; + ki[2] = out[2]; + ki[3] = out[3]; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + aes256_encrypt_cbc (aes_ks, aes_iv, out, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + ki[4] = out[0]; + ki[5] = out[1]; + ki[6] = out[2]; + ki[7] = out[3]; + + /* we will now compute 'ke' */ + + u32 ke[8]; + + // we can precompute _nfold(pack('>IB', 3, 0xAA), 16) + nfolded[0] = 0xbe349a4d; + nfolded[1] = 0x24be500e; + nfolded[2] = 0xaf57abd5; + nfolded[3] = 0xea80757a; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + // then aes_cbc encrypt this nfolded value with 'key_bytes' as key along with a null IV + aes256_encrypt_cbc (aes_ks, aes_iv, nfolded, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + ke[0] = out[0]; + ke[1] = out[1]; + ke[2] = out[2]; + ke[3] = out[3]; + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + aes256_encrypt_cbc (aes_ks, aes_iv, out, out, s_te0, s_te1, s_te2, s_te3, s_te4); + + ke[4] = out[0]; + ke[5] = out[1]; + ke[6] = out[2]; + ke[7] = out[3]; + + /* + We now have 'ke' and 'ki' + + We will decrypt (with 'ke') the 32 first bytes to search for ASN.1 structs + and if we find ASN.1 structs, we will compute the hmac (with 'ki') + + For AS-REP EncASRepPart: + The first byte is 0x79 (01 1 11001, where 01 = "class=APPLICATION", 1 = "form=constructed", 11001 is application type 25) + + According to RFC4120 Section 5.4.2: "Some implementations unconditionally send an encrypted EncTGSRepPart (application + tag number 26) in this field regardless of whether the reply is a AS-REP or a TGS-REP. In the interest of compatibility, + implementors MAY relax the check on the tag number of the decrypted ENC-PART" + + The first byte can thus also be 0x7a (corresponding to application type 26) instead of 0x79 + + The next byte is the length: + + if length < 128 bytes: + length is on 1 byte, and the next byte is 0x30 (class=SEQUENCE) + else if length <= 256: + length is on 2 bytes, the first byte is 0x81, and the third byte is 0x30 (class=SEQUENCE) + else if length > 256: + length is on 3 bytes, the first byte is 0x82, and the fourth byte is 0x30 (class=SEQUENCE) + */ + + u32 first_blocks[16]; + + u32 decrypted_block[8]; + + first_blocks[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[0]; + first_blocks[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[1]; + first_blocks[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[2]; + first_blocks[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[3]; + + first_blocks[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[4]; // possible ASN1 structs + first_blocks[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[5]; + first_blocks[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[6]; // possible ASN1 structs + first_blocks[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[7]; + + /* + we will decrypt them here in order to be able to compute hmac directly + if ASN1 structs were to be found + */ + first_blocks[8] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[8]; + first_blocks[9] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[9]; + first_blocks[10] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[10]; + first_blocks[11] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[11]; + + first_blocks[12] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[12]; + first_blocks[13] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[13]; + first_blocks[14] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[14]; + first_blocks[15] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[15]; + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + u32 aes_cts_decrypt_ks[60]; + + AES256_set_decrypt_key (aes_cts_decrypt_ks, ke, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + aes_iv[0] = 0; + aes_iv[1] = 0; + aes_iv[2] = 0; + aes_iv[3] = 0; + + aes256_decrypt_cbc (aes_cts_decrypt_ks, first_blocks, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, first_blocks + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + if (((decrypted_block[0] & 0x00ff80ff) == 0x00300079) || + ((decrypted_block[0] & 0x00ff80ff) == 0x0030007a) || + ((decrypted_block[0] & 0xFF00FFFF) == 0x30008179) || + ((decrypted_block[0] & 0xFF00FFFF) == 0x3000817a) || + ((decrypted_block[0] & 0x0000FFFF) == 0x00008279 && (decrypted_block[1] & 0x000000FF) == 0x00000030) || + ((decrypted_block[0] & 0x0000FFFF) == 0x0000827a && (decrypted_block[1] & 0x000000FF) == 0x00000030)) + { + // now we decrypt all the ticket to verify checksum + + // we need to decrypt also the 2 following blocks in order to be able to compute the hmac directly + aes256_decrypt_cbc (aes_cts_decrypt_ks, first_blocks + 8, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w2[0] = hc_swap32_S (decrypted_block[0]); + w2[1] = hc_swap32_S (decrypted_block[1]); + w2[2] = hc_swap32_S (decrypted_block[2]); + w2[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, first_blocks + 12, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w3[0] = hc_swap32_S (decrypted_block[0]); + w3[1] = hc_swap32_S (decrypted_block[1]); + w3[2] = hc_swap32_S (decrypted_block[2]); + w3[3] = hc_swap32_S (decrypted_block[3]); + + int block_position; + + int edata2_len = esalt_bufs[DIGESTS_OFFSET_HOST].edata2_len; + + int edata2_left; + + u32 block[16]; + + int last_block_size = edata2_len % 16; + + if (last_block_size == 0) + { + last_block_size = 16; + } + + int last_part = last_block_size + 16; + + int need = edata2_len - last_part; + + int last_block_cbc_position = (need - 16) / 4; + + sha1_hmac_ctx_t sha1_hmac_ctx; + + /* + hmac message = plaintext + hmac key = ki + */ + + u32 k0[4]; + u32 k1[4]; + u32 k2[4]; + u32 k3[4]; + + k0[0] = ki[0]; + k0[1] = ki[1]; + k0[2] = ki[2]; + k0[3] = ki[3]; + + k1[0] = ki[4]; + k1[1] = ki[5]; + k1[2] = ki[6]; + k1[3] = ki[7]; + + k2[0] = 0; + k2[1] = 0; + k2[2] = 0; + k2[3] = 0; + + k3[0] = 0; + k3[1] = 0; + k3[2] = 0; + k3[3] = 0; + + sha1_hmac_init_64 (&sha1_hmac_ctx, k0, k1, k2, k3); + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 64); + + block_position = 16; + + // first 4 blocks are already decrypted + for (edata2_left = need - 64; edata2_left >= 64; edata2_left -= 64) + { + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + block[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 4]; + block[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 5]; + block[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 6]; + block[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 7]; + block[8] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 8]; + block[9] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 9]; + block[10] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 10]; + block[11] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 11]; + block[12] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 12]; + block[13] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 13]; + block[14] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 14]; + block[15] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 15]; + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block + 8, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w2[0] = hc_swap32_S (decrypted_block[0]); + w2[1] = hc_swap32_S (decrypted_block[1]); + w2[2] = hc_swap32_S (decrypted_block[2]); + w2[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block + 12, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w3[0] = hc_swap32_S (decrypted_block[0]); + w3[1] = hc_swap32_S (decrypted_block[1]); + w3[2] = hc_swap32_S (decrypted_block[2]); + w3[3] = hc_swap32_S (decrypted_block[3]); + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 64); + + block_position += 16; + } + + if (edata2_left == 16) + { + + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 16); + + block_position += 4; + } + else if (edata2_left == 32) + { + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + block[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 4]; + block[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 5]; + block[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 6]; + block[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 7]; + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 32); + + block_position += 8; + } + else if (edata2_left == 48) + { + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + block[4] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 4]; + block[5] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 5]; + block[6] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 6]; + block[7] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 7]; + block[8] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 8]; + block[9] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 9]; + block[10] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 10]; + block[11] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 11]; + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w0[0] = hc_swap32_S (decrypted_block[0]); + w0[1] = hc_swap32_S (decrypted_block[1]); + w0[2] = hc_swap32_S (decrypted_block[2]); + w0[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block + 4, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w1[0] = hc_swap32_S (decrypted_block[0]); + w1[1] = hc_swap32_S (decrypted_block[1]); + w1[2] = hc_swap32_S (decrypted_block[2]); + w1[3] = hc_swap32_S (decrypted_block[3]); + + aes256_decrypt_cbc (aes_cts_decrypt_ks, block + 8, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); + + w2[0] = hc_swap32_S (decrypted_block[0]); + w2[1] = hc_swap32_S (decrypted_block[1]); + w2[2] = hc_swap32_S (decrypted_block[2]); + w2[3] = hc_swap32_S (decrypted_block[3]); + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 48); + + block_position += 12; + } + + /* + now all the ticket should be decrypted until block n-1 (not included) + and n + */ + + // this is block n-2, it will be xored with the n-1 block later crafted + u32 last_block_cbc[4]; + + last_block_cbc[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 0]; + last_block_cbc[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 1]; + last_block_cbc[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 2]; + last_block_cbc[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_cbc_position + 3]; + + // n-1 block is decrypted separately from the previous blocks which were cbc decrypted + block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 0]; + block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 1]; + block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 2]; + block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 3]; + + aes256_decrypt (aes_cts_decrypt_ks, block, decrypted_block, s_td0, s_td1, s_td2, s_td3, s_td4); + + u32 last_block[4]; + + int last_block_position = (edata2_len - last_block_size) / 4; + + u32 n_1_crafted[4]; + + u32 last_plaintext[4]; + + last_plaintext[0] = 0; + last_plaintext[1] = 0; + last_plaintext[2] = 0; + last_plaintext[3] = 0; + + /* + n-1 block is first computed as follows: + - fill n-1 block with the X first bytes of the encrypted last block (n) + with X == length of last block + - complete the rest of the block with + + Final block (n) is computed as follows: + - fill with the X first bytes from n-1 block decrypted and xor them with last block (n) + with X == length of last block + */ + int remaining_blocks = last_block_size / 4; + + /* + last block is not necessarily aligned on 4 bytes so we will have + to shift values for the CTS crap... + */ + u32 shift = last_block_size % 4; + + u32 mask; + + switch (remaining_blocks) + { + case 0: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + + mask = (0xffffffff >> ((4 - last_block_size) * 8)); + + last_plaintext[0] = last_block[0] ^ (decrypted_block[0] & mask); + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + + n_1_crafted[0] = (last_block[0] & mask) | (decrypted_block[0] & (mask ^ 0xffffffff)); + n_1_crafted[1] = decrypted_block[1]; + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + break; + + case 1: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + + if (shift == 0) + { + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = decrypted_block[1]; + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + } + else + { + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + + mask = (0xffffffff >> ((4 - (last_block_size % 4)) * 8)); + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ (decrypted_block[1] & mask); + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = (last_block[1] & mask) | (decrypted_block[1] & (mask ^ 0xffffffff)); + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + } + break; + + case 2: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + + if (shift == 0) + { + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = decrypted_block[2]; + n_1_crafted[3] = decrypted_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + } + else + { + last_block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 2]; + + mask = (0xffffffff >> ((4 - (last_block_size % 4)) * 8)); + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ (decrypted_block[2] & mask); + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = (last_block[2] & mask) | (decrypted_block[2] & (mask ^ 0xffffffff)); + n_1_crafted[3] = decrypted_block[3]; + } + break; + + case 3: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + last_block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 2]; + + if (shift == 0) + { + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = last_block[2]; + n_1_crafted[3] = decrypted_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ decrypted_block[2]; + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + } + else + { + last_block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 3]; + + mask = (0xffffffff >> ((4 - (last_block_size % 4)) * 8)); + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ decrypted_block[2]; + last_plaintext[3] = last_block[3] ^ (decrypted_block[3] & mask); + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + last_plaintext[3] = hc_swap32_S (last_plaintext[3]); + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = last_block[2]; + n_1_crafted[3] = (last_block[3] & mask) | (decrypted_block[3] & (mask ^ 0xffffffff)); + } + break; + + case 4: + + last_block[0] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 0]; + last_block[1] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 1]; + last_block[2] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 2]; + last_block[3] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[last_block_position + 3]; + + n_1_crafted[0] = last_block[0]; + n_1_crafted[1] = last_block[1]; + n_1_crafted[2] = last_block[2]; + n_1_crafted[3] = last_block[3]; + + last_plaintext[0] = last_block[0] ^ decrypted_block[0]; + last_plaintext[1] = last_block[1] ^ decrypted_block[1]; + last_plaintext[2] = last_block[2] ^ decrypted_block[2]; + last_plaintext[3] = last_block[3] ^ decrypted_block[3]; + + last_plaintext[0] = hc_swap32_S (last_plaintext[0]); + last_plaintext[1] = hc_swap32_S (last_plaintext[1]); + last_plaintext[2] = hc_swap32_S (last_plaintext[2]); + last_plaintext[3] = hc_swap32_S (last_plaintext[3]); + break; + + default: + return; + } + + + // then decrypt this newly created n-1 with 'ke' + aes256_decrypt (aes_cts_decrypt_ks, n_1_crafted, n_1_crafted, s_td0, s_td1, s_td2, s_td3, s_td4); + + // then xor with the encrypted n-2 block + n_1_crafted[0] ^= last_block_cbc[0]; + n_1_crafted[1] ^= last_block_cbc[1]; + n_1_crafted[2] ^= last_block_cbc[2]; + n_1_crafted[3] ^= last_block_cbc[3]; + + w0[0] = hc_swap32_S (n_1_crafted[0]); + w0[1] = hc_swap32_S (n_1_crafted[1]); + w0[2] = hc_swap32_S (n_1_crafted[2]); + w0[3] = hc_swap32_S (n_1_crafted[3]); + + w1[0] = last_plaintext[0]; + w1[1] = last_plaintext[1]; + w1[2] = last_plaintext[2]; + w1[3] = last_plaintext[3]; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, 16 + last_block_size); + + sha1_hmac_final (&sha1_hmac_ctx); + + if (sha1_hmac_ctx.opad.h[0] == esalt_bufs[DIGESTS_OFFSET_HOST].checksum[0] + && sha1_hmac_ctx.opad.h[1] == esalt_bufs[DIGESTS_OFFSET_HOST].checksum[1] + && sha1_hmac_ctx.opad.h[2] == esalt_bufs[DIGESTS_OFFSET_HOST].checksum[2]) + { + if (hc_atomic_inc (&hashes_shown[DIGESTS_OFFSET_HOST]) == 0) + { + #define il_pos 0 + mark_hash (plains_buf, d_return_buf, SALT_POS_HOST, DIGESTS_CNT, 0, DIGESTS_OFFSET_HOST + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/src/modules/module_33100.c b/src/modules/module_33100.c new file mode 100755 index 000000000..e34a1a677 --- /dev/null +++ b/src/modules/module_33100.c @@ -0,0 +1,420 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_NETWORK_PROTOCOL; +static const char *HASH_NAME = "Kerberos 5, etype 17, AS-REP"; +static const u64 KERN_TYPE = 33100; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$krb5asrep$17$user$EXAMPLE.COM$a419c4030e555734b06c2629$c09a1421f96eb126c757a4b87830381f142477d9a85b2beb3093dbfd44f38ddb6016a479537fb7b36e046315869fe79187217971ff6a12c1e0a2df3f68045e03814b21f756d8981f781803d65e8572823c88979581d93cf7d768f2efced16f3719b8d1004d9e73d798de255383476bced47d1982f16be77d0feb55a1f44f58bd013fa4caee58ac614caf0f1cf9101ec9623c5b8c2a1491b73f134f074790088fdb360b5ebce0d32a8145ed00a81ddf77188e150b92d8e8ddd0285d27f1514253e5546e6bba864b362bb1e6483b26d08fa4cc268bfbefe0f690039bcc524b774599df3680c1c3431d891bfa99514a877f964e"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +// Struct to store the hash structure - same fields as TGS-REP type 17 +typedef struct krb5asrep_17 +{ + u32 user[128]; + u32 domain[128]; + u32 account_info[512]; + u32 account_info_len; + + u32 checksum[3]; + u32 edata2[5120]; + u32 edata2_len; + u32 format; + +} krb5asrep_17_t; + +typedef struct krb5asrep_17_tmp +{ + u32 ipad[5]; + u32 opad[5]; + u32 dgst[16]; + u32 out[16]; + +} krb5asrep_17_tmp_t; + +static const char *SIGNATURE_KRB5ASREP = "$krb5asrep$17$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (krb5asrep_17_tmp_t); + + return tmp_size; +} + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (krb5asrep_17_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + krb5asrep_17_t *krb5asrep = (krb5asrep_17_t *) esalt_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_KRB5ASREP; + + token.len[0] = strlen (SIGNATURE_KRB5ASREP); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + /** + * Haschat + * format 1: $krb5asrep$18$user$realm$checksum$edata2 + * + * JtR + * format 2: $krb5asrep$18$salt$edata2$checksum + */ + + if (line_len < (int) strlen (SIGNATURE_KRB5ASREP)) return (PARSER_SALT_LENGTH); + + memset (krb5asrep, 0, sizeof (krb5asrep_17_t)); + + /** + * JtR format has the checksum at the end, so can identify it based on the + * separator ('$') being at a fixed length from the end of the line. Checksum + * is 24 characters in length, so then there should be a '$' at line_len - 25 + */ + + if (line_buf[line_len - 25] == '$') + { + // JtR format + krb5asrep->format = 2; + } + else + { + // Hashcat format + krb5asrep->format = 1; + } + + token.token_cnt = 4; + + if (krb5asrep->format == 1) + { + token.token_cnt++; + + // user + token.sep[1] = '$'; + token.len_min[1] = 1; + token.len_max[1] = 512; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; + + // realm + token.sep[2] = '$'; + token.len_min[2] = 1; + token.len_max[2] = 512; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH; + + // checksum + token.sep[3] = '$'; + // hmac-sha1 stripped to 12bytes + token.len[3] = 24; + token.attr[3] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + // edata2 + token.sep[4] = '$'; + token.len_min[4] = 64; + token.len_max[4] = 40960; + token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + } + else + { + // salt + token.sep[1] = '$'; + token.len_min[1] = 1; + token.len_max[1] = 512; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; + + // edata2 + token.sep[2] = '$'; + token.len_min[2] = 64; + token.len_max[2] = 40960; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + // checksum + token.sep[3] = '$'; + // hmac-sha1 stripped to 12bytes + token.len[3] = 24; + token.attr[3] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + } + + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *user_pos; + const u8 *domain_pos; + const u8 *salt_pos; + const u8 *checksum_pos; + const u8 *data_pos; + + int user_len; + int domain_len; + int data_len; + int account_info_len; + + if (krb5asrep->format == 1) + { + user_pos = token.buf[1]; + user_len = token.len[1]; + + memcpy (krb5asrep->user, user_pos, user_len); + + domain_pos = token.buf[2]; + domain_len = token.len[2]; + + memcpy (krb5asrep->domain, domain_pos, domain_len); + + checksum_pos = token.buf[3]; + + data_pos = token.buf[4]; + data_len = token.len[4]; + + account_info_len = token.len[2] + token.len[1]; + } + else + { + salt_pos = token.buf[1]; + account_info_len = token.len[1]; + + memcpy (krb5asrep->account_info, salt_pos, account_info_len); + + /** + * JtR format only has the final salt/account_info value (combination of + * user and domain), rather than separate "user" and "domain" values. Since + * user and domain won't be used for the JtR format, their values won't + * matter, so set them both to the same value as account_info. + */ + + user_pos = token.buf[1]; + user_len = token.len[1]; + + memcpy (krb5asrep->user, user_pos, user_len); + + domain_pos = token.buf[1]; + domain_len = token.len[1]; + + memcpy (krb5asrep->domain, domain_pos, domain_len); + + data_pos = token.buf[2]; + data_len = token.len[2]; + + checksum_pos = token.buf[3]; + } + + u8 *account_info_ptr = (u8 *) krb5asrep->account_info; + + // Domain must be uppercase + u8 domain[128]; + + if (krb5asrep->format == 1) + { + memcpy (domain, domain_pos, domain_len); + uppercase (domain, domain_len); + + memcpy (account_info_ptr, domain, domain_len); + memcpy (account_info_ptr + domain_len, user_pos, user_len); + } + + krb5asrep->account_info_len = account_info_len; + + // hmac-sha1 is reduced to 12 bytes + krb5asrep->checksum[0] = byte_swap_32 (hex_to_u32 (checksum_pos + 0)); + krb5asrep->checksum[1] = byte_swap_32 (hex_to_u32 (checksum_pos + 8)); + krb5asrep->checksum[2] = byte_swap_32 (hex_to_u32 (checksum_pos + 16)); + + u8 *edata_ptr = (u8 *) krb5asrep->edata2; + + for (int i = 0; i < data_len; i += 2) + { + const u8 p0 = data_pos[i + 0]; + const u8 p1 = data_pos[i + 1]; + + *edata_ptr++ = hex_convert (p1) << 0 + | hex_convert (p0) << 4; + } + + krb5asrep->edata2_len = data_len / 2; + + salt->salt_buf[0] = krb5asrep->checksum[0]; + salt->salt_buf[1] = krb5asrep->checksum[1]; + salt->salt_buf[2] = krb5asrep->checksum[2]; + + salt->salt_len = 12; + + salt->salt_iter = 4096 - 1; + + digest[0] = krb5asrep->checksum[0]; + digest[1] = krb5asrep->checksum[1]; + digest[2] = krb5asrep->checksum[2]; + digest[3] = 0; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const krb5asrep_17_t *krb5asrep = (const krb5asrep_17_t *) esalt_buf; + + char data[5120 * 4 * 2] = { 0 }; + + for (u32 i = 0, j = 0; i < krb5asrep->edata2_len; i += 1, j += 2) + { + u8 *ptr_edata2 = (u8 *) krb5asrep->edata2; + + sprintf (data + j, "%02x", ptr_edata2[i]); + } + + int line_len = 0; + + if (krb5asrep->format == 1) + { + line_len = snprintf (line_buf, line_size, "%s%s$%s$%08x%08x%08x$%s", + SIGNATURE_KRB5ASREP, + (char *) krb5asrep->user, + (char *) krb5asrep->domain, + krb5asrep->checksum[0], + krb5asrep->checksum[1], + krb5asrep->checksum[2], + data); + } + else + { + line_len = snprintf (line_buf, line_size, "%s%s$%s$%08x%08x%08x", + SIGNATURE_KRB5ASREP, + (char *) krb5asrep->account_info, + data, + krb5asrep->checksum[0], + krb5asrep->checksum[1], + krb5asrep->checksum[2]); + } + + return line_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_33200.c b/src/modules/module_33200.c new file mode 100755 index 000000000..508565136 --- /dev/null +++ b/src/modules/module_33200.c @@ -0,0 +1,419 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_NETWORK_PROTOCOL; +static const char *HASH_NAME = "Kerberos 5, etype 18, AS-REP"; +static const u64 KERN_TYPE = 33200; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$krb5asrep$18$user$EXAMPLE.COM$aa4c494f520b27873a4de8f7$ebc9976a77f62e8ccca02d43d68bafcc66a81fcbb44a336b00ce401982f32975a5f9bcdc752643252185866685b0a30aaf50e449e392a5994e6979f23aba25f7704c90b2efa03b703c3c2f9e3617cc588ed226d0417e7742d45407878fd946d046b4a9732b9a203cb857811714b009c195b7c96b9bccb7e48832b11a4e92ecf24c49e54de8d0d5d5351445b5126db90bb7eebc7861db1e61de1175824b0a45023a6fa06c2a9d3035fdcf863bea922648e3dc28b48e39b1dec0869e7fe4de399cb52dfcf2596599da54a4bb0169c72d9496de2e137a4594e0e8a69082fc558ac9ace65d32eae5e260a65ca3f2f5871aaeee7a3b090b50f39321d120c144421e0abe7d"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +// Struct to store the hash structure - same fields as TGS-REP type 18 +typedef struct krb5asrep_18 +{ + u32 user[128]; + u32 domain[128]; + u32 account_info[512]; + u32 account_info_len; + + u32 checksum[3]; + u32 edata2[5120]; + u32 edata2_len; + u32 format; + +} krb5asrep_18_t; + +typedef struct krb5asrep_18_tmp +{ + u32 ipad[5]; + u32 opad[5]; + u32 dgst[16]; + u32 out[16]; + +} krb5asrep_18_tmp_t; + +static const char *SIGNATURE_KRB5ASREP = "$krb5asrep$18$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (krb5asrep_18_tmp_t); + + return tmp_size; +} + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (krb5asrep_18_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + krb5asrep_18_t *krb5asrep = (krb5asrep_18_t *) esalt_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_KRB5ASREP; + + token.len[0] = strlen (SIGNATURE_KRB5ASREP); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + /** + * Haschat + * format 1: $krb5asrep$18$user$realm$checksum$edata2 + * + * JtR + * format 2: $krb5asrep$18$salt$edata2$checksum + */ + + if (line_len < (int) strlen (SIGNATURE_KRB5ASREP)) return (PARSER_SALT_LENGTH); + + memset (krb5asrep, 0, sizeof (krb5asrep_18_t)); + + /** + * JtR format has the checksum at the end, so can identify it based on the + * separator ('$') being at a fixed length from the end of the line. Checksum + * is 24 characters in length, so then there should be a '$' at line_len - 25 + */ + + if (line_buf[line_len - 25] == '$') + { + // JtR format + krb5asrep->format = 2; + } + else + { + // Hashcat format + krb5asrep->format = 1; + } + + token.token_cnt = 4; + + if (krb5asrep->format == 1) + { + token.token_cnt++; + + // user + token.sep[1] = '$'; + token.len_min[1] = 1; + token.len_max[1] = 512; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; + + // realm + token.sep[2] = '$'; + token.len_min[2] = 1; + token.len_max[2] = 512; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH; + + // checksum + token.sep[3] = '$'; + // hmac-sha1 stripped to 12bytes + token.len[3] = 24; + token.attr[3] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + // edata2 + token.sep[4] = '$'; + token.len_min[4] = 64; + token.len_max[4] = 40960; + token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + } + else + { + // salt + token.sep[1] = '$'; + token.len_min[1] = 1; + token.len_max[1] = 512; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; + + // edata2 + token.sep[2] = '$'; + token.len_min[2] = 64; + token.len_max[2] = 40960; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + // checksum + token.sep[3] = '$'; + // hmac-sha1 stripped to 12bytes + token.len[3] = 24; + token.attr[3] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + } + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *user_pos; + const u8 *domain_pos; + const u8 *salt_pos; + const u8 *checksum_pos; + const u8 *data_pos; + + int user_len; + int domain_len; + int data_len; + int account_info_len; + + if (krb5asrep->format == 1) + { + user_pos = token.buf[1]; + user_len = token.len[1]; + + memcpy (krb5asrep->user, user_pos, user_len); + + domain_pos = token.buf[2]; + domain_len = token.len[2]; + + memcpy (krb5asrep->domain, domain_pos, domain_len); + + checksum_pos = token.buf[3]; + + data_pos = token.buf[4]; + data_len = token.len[4]; + + account_info_len = token.len[2] + token.len[1]; + } + else + { + salt_pos = token.buf[1]; + account_info_len = token.len[1]; + + memcpy (krb5asrep->account_info, salt_pos, account_info_len); + + /** + * JtR format only has the final salt/account_info value (combination of + * user and domain), rather than separate "user" and "domain" values. Since + * user and domain won't be used for the JtR format, their values won't + * matter, so set them both to the same value as account_info. + */ + + user_pos = token.buf[1]; + user_len = token.len[1]; + + memcpy (krb5asrep->user, user_pos, user_len); + + domain_pos = token.buf[1]; + domain_len = token.len[1]; + + memcpy (krb5asrep->domain, domain_pos, domain_len); + + data_pos = token.buf[2]; + data_len = token.len[2]; + + checksum_pos = token.buf[3]; + } + + u8 *account_info_ptr = (u8 *) krb5asrep->account_info; + + // Domain must be uppercase + u8 domain[128]; + + if (krb5asrep->format == 1) + { + memcpy (domain, domain_pos, domain_len); + uppercase (domain, domain_len); + + memcpy (account_info_ptr, domain, domain_len); + memcpy (account_info_ptr + domain_len, user_pos, user_len); + } + + krb5asrep->account_info_len = account_info_len; + + // hmac-sha1 is reduced to 12 bytes + krb5asrep->checksum[0] = byte_swap_32 (hex_to_u32 (checksum_pos + 0)); + krb5asrep->checksum[1] = byte_swap_32 (hex_to_u32 (checksum_pos + 8)); + krb5asrep->checksum[2] = byte_swap_32 (hex_to_u32 (checksum_pos + 16)); + + u8 *edata_ptr = (u8 *) krb5asrep->edata2; + + for (int i = 0; i < data_len; i += 2) + { + const u8 p0 = data_pos[i + 0]; + const u8 p1 = data_pos[i + 1]; + + *edata_ptr++ = hex_convert (p1) << 0 + | hex_convert (p0) << 4; + } + + krb5asrep->edata2_len = data_len / 2; + + salt->salt_buf[0] = krb5asrep->checksum[0]; + salt->salt_buf[1] = krb5asrep->checksum[1]; + salt->salt_buf[2] = krb5asrep->checksum[2]; + + salt->salt_len = 12; + + salt->salt_iter = 4096 - 1; + + digest[0] = krb5asrep->checksum[0]; + digest[1] = krb5asrep->checksum[1]; + digest[2] = krb5asrep->checksum[2]; + digest[3] = 0; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const krb5asrep_18_t *krb5asrep = (const krb5asrep_18_t *) esalt_buf; + + char data[5120 * 4 * 2] = { 0 }; + + for (u32 i = 0, j = 0; i < krb5asrep->edata2_len; i += 1, j += 2) + { + u8 *ptr_edata2 = (u8 *) krb5asrep->edata2; + + sprintf (data + j, "%02x", ptr_edata2[i]); + } + + int line_len = 0; + + if (krb5asrep->format == 1) + { + line_len = snprintf (line_buf, line_size, "%s%s$%s$%08x%08x%08x$%s", + SIGNATURE_KRB5ASREP, + (char *) krb5asrep->user, + (char *) krb5asrep->domain, + krb5asrep->checksum[0], + krb5asrep->checksum[1], + krb5asrep->checksum[2], + data); + } + else + { + line_len = snprintf (line_buf, line_size, "%s%s$%s$%08x%08x%08x", + SIGNATURE_KRB5ASREP, + (char *) krb5asrep->account_info, + data, + krb5asrep->checksum[0], + krb5asrep->checksum[1], + krb5asrep->checksum[2]); + } + + return line_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m33100.pm b/tools/test_modules/m33100.pm new file mode 100755 index 000000000..499eddd12 --- /dev/null +++ b/tools/test_modules/m33100.pm @@ -0,0 +1,217 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA qw (hmac_sha1); +use Crypt::Mode::CBC; +use Crypt::PBKDF2; + +sub byte2hex +{ + my $input = shift; + return unpack ("H*", $input); +} + +sub hex2byte +{ + my $input = shift; + return pack ("H*", $input); +} + +sub pad +{ + my $n = shift; + my $size = shift; + + return (~$n + 1) & ($size - 1); +} + +sub module_constraints { [[0, 256], [16, 16], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + my $user = shift // "user"; + my $realm = shift // "example.com"; + my $checksum = shift; + my $edata2 = shift; + + my $mysalt = uc $realm; + $mysalt = $mysalt . $user; + + # first we generate the 'seed' + my $iter = 4096; + my $pbkdf2 = Crypt::PBKDF2->new + ( + hash_class => 'HMACSHA1', + iterations => $iter, + output_len => 16 + ); + + my $b_seed = $pbkdf2->PBKDF2 ($mysalt, $word); + + # we can precompute this + my $b_kerberos_nfolded = hex2byte ('6b65726265726f737b9b5b2b93132b93'); + + my $b_iv = hex2byte ('0' x 32); + + # 'key_bytes' will be the AES key used to generate 'ki' (for final hmac-sha1) + # and 'ke' (AES key to decrypt/encrypt the ticket) + my $cbc = Crypt::Mode::CBC->new ('AES', 0); + my $b_key_bytes = $cbc->encrypt ($b_kerberos_nfolded, $b_seed, $b_iv); + + # precomputed stuff + my $b_nfolded1 = hex2byte ('6b60b0582a6ba80d5aad56ab55406ad5'); + my $b_nfolded2 = hex2byte ('be349a4d24be500eaf57abd5ea80757a'); + + my $b_ki = $cbc->encrypt ($b_nfolded1, $b_key_bytes, $b_iv); + my $b_ke = $cbc->encrypt ($b_nfolded2, $b_key_bytes, $b_iv); + + my $cleartext_ticket = '7981df3081dca01b3019a003020111a1120410e2aa1c894df7'. + '23b7277eef29700bf760a11c301a3018a003020100a111180f32303233303333313132303'. + '434355aa20602041d9d970ba311180f32303337303931343032343830355aa40703050040'. + 'c10000a511180f32303233303333313132303434355aa611180f323032333033333131323'. + '03434355aa711180f32303233303333313232303434355aa811180f323032333034303731'. + '32303434355aa90d1b0b4558414d504c452e434f4daa20301ea003020102a11730151b066'. + 'b72627467741b0b6578616d706c652e636f6d'; + + if (defined $edata2) + { + my $len_last_block = length ($edata2) % 32; + + my $tmp = $len_last_block + 32; + + my $b_truncated_enc_ticket = hex2byte (substr $edata2, 0, -$tmp); + + my $b_last_block = hex2byte (substr $edata2, -$len_last_block); + + my $b_n_1_block = hex2byte (substr (substr ($edata2, -$tmp), 0, 32)); + + my $b_truncated_ticket_decrypted = $cbc->decrypt ($b_truncated_enc_ticket, $b_ke, $b_iv); + + my $truncated_ticket_decrypted = byte2hex ($b_truncated_ticket_decrypted); + + my $check_correct = ((substr ($truncated_ticket_decrypted, 16, 4) eq "7981" || substr ($truncated_ticket_decrypted, 16, 4) eq "7a81") && (substr ($truncated_ticket_decrypted, 22, 2) eq "30")) || + ((substr ($truncated_ticket_decrypted, 16, 2) eq "79" || substr ($truncated_ticket_decrypted, 16, 2) eq "7a") && (substr ($truncated_ticket_decrypted, 20, 2) eq "30")) || + ((substr ($truncated_ticket_decrypted, 16, 4) eq "7982" || substr ($truncated_ticket_decrypted, 16, 4) eq "7a82") && (substr ($truncated_ticket_decrypted, 24, 2) eq "30")); + + if ($check_correct == 1) + { + my $b_n_2 = substr $b_truncated_enc_ticket, -16; + + my $b_n_1_decrypted = $cbc->decrypt ($b_n_1_block, $b_ke, $b_iv); + + my $b_last_plain = substr $b_n_1_decrypted, 0, $len_last_block / 2; + + $b_last_plain = $b_last_plain ^ $b_last_block; + + my $omitted = substr $b_n_1_decrypted, -(16 - $len_last_block / 2); + + my $b_n_1 = $b_last_block . $omitted; + + $b_n_1 = $cbc->decrypt ($b_n_1, $b_ke, $b_iv); + + $b_n_1 = $b_n_1 ^ $b_n_2; + + my $b_cleartext_ticket = $b_truncated_ticket_decrypted . $b_n_1 . $b_last_plain; + + $cleartext_ticket = byte2hex ($b_cleartext_ticket); + } + else # validation failed + { + # fake/wrong ticket (otherwise if we just decrypt/encrypt we end + #up with false positives all the time) + $cleartext_ticket = "0" x (length ($cleartext_ticket) + 32); + } + } + + if (defined $checksum) + { + $checksum = pack ("H*", $checksum); + } + else + { + if (!defined $edata2) + { + my $nonce = unpack ("H*", random_bytes (16)); + + $cleartext_ticket = $nonce . $cleartext_ticket; + } + # we have what is required to compute checksum + $checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki); + + $checksum = substr $checksum, 0, 12; + } + + my $len_cleartext_last_block = length ($cleartext_ticket) % 32; + my $cleartext_last_block = substr $cleartext_ticket, -$len_cleartext_last_block; + + my $padding = pad (length ($cleartext_ticket), 32); + + my $b_cleartext_last_block_padded = hex2byte ($cleartext_last_block . '0' x $padding); + + # we will encrypt until n-1 block (included) + my $truncated_cleartext_ticket = substr $cleartext_ticket, 0, -$len_cleartext_last_block; + + my $b_truncated_enc_ticket = $cbc->encrypt (hex2byte ($truncated_cleartext_ticket), $b_ke, $b_iv); + + my $b_enc_ticket_n_1_block= substr $b_truncated_enc_ticket, -16; + + my $b_enc_last_block = substr $b_enc_ticket_n_1_block, 0, $len_cleartext_last_block / 2; + + # we now craft the new n-1 block + my $tmp = $b_enc_ticket_n_1_block ^ $b_cleartext_last_block_padded; + + $b_enc_ticket_n_1_block = $cbc->encrypt ($tmp, $b_ke, $b_iv); + + $tmp = substr $b_truncated_enc_ticket, 0, -16; + + $edata2 = $tmp . $b_enc_ticket_n_1_block . $b_enc_last_block; + + my $tmp_hash = sprintf ('$krb5asrep$17$%s$%s$%s$%s', $user, $realm, unpack ("H*", $checksum), unpack ("H*", $edata2)); + + return $tmp_hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my ($hash, $word) = split (':', $line); + + return unless defined $hash; + return unless defined $word; + + my @data = split ('\$', $hash); + + return unless scalar @data == 7; + + shift @data; + + my $signature = shift @data; + my $algorithm = shift @data; + my $user = shift @data; + my $realm = shift @data; + my $checksum = shift @data; + my $edata2 = shift @data; + + return unless ($signature eq "krb5asrep"); + return unless ($algorithm eq "17"); + return unless (length ($checksum) == 24); + return unless (length ($edata2) >= 64); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, undef, $user, $realm, $checksum, $edata2); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m33200.pm b/tools/test_modules/m33200.pm new file mode 100755 index 000000000..6a3710621 --- /dev/null +++ b/tools/test_modules/m33200.pm @@ -0,0 +1,224 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA qw (hmac_sha1); +use Crypt::Mode::CBC; +use Crypt::PBKDF2; + +sub byte2hex +{ + my $input = shift; + return unpack ("H*", $input); +} + +sub hex2byte +{ + my $input = shift; + return pack ("H*", $input); +} + +sub pad +{ + my $n = shift; + my $size = shift; + + return (~$n + 1) & ($size - 1); +} + +sub module_constraints { [[0, 256], [16, 16], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + my $user = shift // "user"; + my $realm = shift // "example.com"; + my $checksum = shift; + my $edata2 = shift; + + my $mysalt = uc $realm; + $mysalt = $mysalt . $user; + + # first we generate the 'seed' + my $iter = 4096; + my $pbkdf2 = Crypt::PBKDF2->new + ( + hash_class => 'HMACSHA1', + iterations => $iter, + output_len => 32 + ); + + my $b_seed = $pbkdf2->PBKDF2 ($mysalt, $word); + + # we can precompute this + my $b_kerberos_nfolded = hex2byte ('6b65726265726f737b9b5b2b93132b93'); + + my $b_iv = hex2byte ('0' x 32); + + # 'key_bytes' will be the AES key used to generate 'ki' (for final hmac-sha1) + # and 'ke' (AES key to decrypt/encrypt the ticket) + my $cbc = Crypt::Mode::CBC->new ('AES', 0); + my $b_key_bytes = $cbc->encrypt ($b_kerberos_nfolded, $b_seed, $b_iv); + + $b_key_bytes = $b_key_bytes . $cbc->encrypt ($b_key_bytes, $b_seed, $b_iv); + + # precomputed stuff + my $b_nfolded1 = hex2byte ('6b60b0582a6ba80d5aad56ab55406ad5'); + my $b_nfolded2 = hex2byte ('be349a4d24be500eaf57abd5ea80757a'); + + my $b_ki = $cbc->encrypt ($b_nfolded1, $b_key_bytes, $b_iv); + + $b_ki = $b_ki . $cbc->encrypt ($b_ki, $b_key_bytes, $b_iv); + + my $b_ke = $cbc->encrypt ($b_nfolded2, $b_key_bytes, $b_iv); + + $b_ke = $b_ke . $cbc->encrypt ($b_ke, $b_key_bytes, $b_iv); + + my $cleartext_ticket = '7981ef3081eca02b3029a003020112a12204200e97d1626616'. + '6e06252cbec52003e0f6b4f0280deec6dc58cdbf39845d6f0e77a11c301a3018a00302010'. + '0a111180f32303233303331363135353732315aa20602045b66ac3ea311180f3230333730'. + '3931343032343830355aa40703050050c10000a511180f323032333033313631353537323'. + '15aa611180f32303233303331363135353732315aa711180f323032333033313730313537'. + '32315aa811180f32303233303331373135353732315aa90d1b0b4558414d504c452e434f4'. + 'daa20301ea003020101a11730151b066b72627467741b0b4558414d504c452e434f4d'; + + if (defined $edata2) + { + my $len_last_block = length ($edata2) % 32; + + my $tmp = $len_last_block + 32; + + my $b_truncated_enc_ticket = hex2byte (substr $edata2, 0, -$tmp); + + my $b_last_block = hex2byte (substr $edata2, -$len_last_block); + + my $b_n_1_block = hex2byte (substr (substr ($edata2, -$tmp), 0, 32)); + + my $b_truncated_ticket_decrypted = $cbc->decrypt ($b_truncated_enc_ticket, $b_ke, $b_iv); + + my $truncated_ticket_decrypted = byte2hex ($b_truncated_ticket_decrypted); + + my $check_correct = ((substr ($truncated_ticket_decrypted, 16, 4) eq "7981" || substr ($truncated_ticket_decrypted, 16, 4) eq "7a81") && (substr ($truncated_ticket_decrypted, 22, 2) eq "30")) || + ((substr ($truncated_ticket_decrypted, 16, 2) eq "79" || substr ($truncated_ticket_decrypted, 16, 2) eq "7a") && (substr ($truncated_ticket_decrypted, 20, 2) eq "30")) || + ((substr ($truncated_ticket_decrypted, 16, 4) eq "7982" || substr ($truncated_ticket_decrypted, 16, 4) eq "7a82") && (substr ($truncated_ticket_decrypted, 24, 2) eq "30")); + + if ($check_correct == 1) + { + my $b_n_2 = substr $b_truncated_enc_ticket, -16; + + my $b_n_1_decrypted = $cbc->decrypt ($b_n_1_block, $b_ke, $b_iv); + + my $b_last_plain = substr $b_n_1_decrypted, 0, $len_last_block / 2; + + $b_last_plain = $b_last_plain ^ $b_last_block; + + my $omitted = substr $b_n_1_decrypted, -(16 - $len_last_block / 2); + + my $b_n_1 = $b_last_block . $omitted; + + $b_n_1 = $cbc->decrypt ($b_n_1, $b_ke, $b_iv); + + $b_n_1 = $b_n_1 ^ $b_n_2; + + my $b_cleartext_ticket = $b_truncated_ticket_decrypted . $b_n_1 . $b_last_plain; + + $cleartext_ticket = byte2hex ($b_cleartext_ticket); + } + else # validation failed + { + # fake/wrong ticket (otherwise if we just decrypt/encrypt we end + #up with false positives all the time) + $cleartext_ticket = "0" x (length ($cleartext_ticket) + 32); + } + } + + if (defined $checksum) + { + $checksum = pack ("H*", $checksum); + } + else + { + if (!defined $edata2) + { + my $nonce = unpack ("H*", random_bytes (16)); + + $cleartext_ticket = $nonce . $cleartext_ticket; + } + # we have what is required to compute checksum + $checksum = hmac_sha1 (hex2byte ($cleartext_ticket), $b_ki); + + $checksum = substr $checksum, 0, 12; + } + + my $len_cleartext_last_block = length ($cleartext_ticket) % 32; + my $cleartext_last_block = substr $cleartext_ticket, -$len_cleartext_last_block; + + my $padding = pad (length ($cleartext_ticket), 32); + + my $b_cleartext_last_block_padded = hex2byte ($cleartext_last_block . '0' x $padding); + + # we will encrypt until n-1 block (included) + my $truncated_cleartext_ticket = substr $cleartext_ticket, 0, -$len_cleartext_last_block; + + my $b_truncated_enc_ticket = $cbc->encrypt (hex2byte ($truncated_cleartext_ticket), $b_ke, $b_iv); + + my $b_enc_ticket_n_1_block= substr $b_truncated_enc_ticket, -16; + + my $b_enc_last_block = substr $b_enc_ticket_n_1_block, 0, $len_cleartext_last_block / 2; + + # we now craft the new n-1 block + my $tmp = $b_enc_ticket_n_1_block ^ $b_cleartext_last_block_padded; + + $b_enc_ticket_n_1_block = $cbc->encrypt ($tmp, $b_ke, $b_iv); + + $tmp = substr $b_truncated_enc_ticket, 0, -16; + + $edata2 = $tmp . $b_enc_ticket_n_1_block . $b_enc_last_block; + + my $tmp_hash = sprintf ('$krb5asrep$18$%s$%s$%s$%s', $user, $realm, unpack ("H*", $checksum), unpack ("H*", $edata2)); + + return $tmp_hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my ($hash, $word) = split (':', $line); + + return unless defined $hash; + return unless defined $word; + + my @data = split ('\$', $hash); + + return unless scalar @data == 7; + + shift @data; + + my $signature = shift @data; + my $algorithm = shift @data; + my $user = shift @data; + my $realm = shift @data; + my $checksum = shift @data; + my $edata2 = shift @data; + + return unless ($signature eq "krb5asrep"); + return unless ($algorithm eq "18"); + return unless (length ($checksum) == 24); + return unless (length ($edata2) >= 64); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, undef, $user, $realm, $checksum, $edata2); + + return ($new_hash, $word); +} + +1; From f126f3b19e022ca738656b3eaae9964ea83c3034 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Tue, 16 May 2023 20:35:40 +0200 Subject: [PATCH 03/32] Added support for NetIQ SSPR hashes + Adobe AEM --- OpenCL/m32000-pure.cl | 127 ++++++++++++ OpenCL/m32010-pure.cl | 132 +++++++++++++ OpenCL/m32020-pure.cl | 134 +++++++++++++ OpenCL/m32030-pure.cl | 149 ++++++++++++++ OpenCL/m32040-pure.cl | 173 +++++++++++++++++ docs/changes.txt | 10 + docs/readme.txt | 10 + src/modules/module_32000.c | 211 ++++++++++++++++++++ src/modules/module_32010.c | 220 +++++++++++++++++++++ src/modules/module_32020.c | 255 ++++++++++++++++++++++++ src/modules/module_32030.c | 267 ++++++++++++++++++++++++++ src/modules/module_32031.c | 272 ++++++++++++++++++++++++++ src/modules/module_32040.c | 268 ++++++++++++++++++++++++++ src/modules/module_32041.c | 275 ++++++++++++++++++++++++++ src/modules/module_32050.c | 297 ++++++++++++++++++++++++++++ src/modules/module_32060.c | 362 +++++++++++++++++++++++++++++++++++ src/modules/module_32070.c | 310 ++++++++++++++++++++++++++++++ tools/test_modules/m32000.pm | 71 +++++++ tools/test_modules/m32010.pm | 71 +++++++ tools/test_modules/m32020.pm | 78 ++++++++ tools/test_modules/m32030.pm | 78 ++++++++ tools/test_modules/m32031.pm | 71 +++++++ tools/test_modules/m32040.pm | 78 ++++++++ tools/test_modules/m32041.pm | 71 +++++++ tools/test_modules/m32050.pm | 65 +++++++ tools/test_modules/m32060.pm | 80 ++++++++ tools/test_modules/m32070.pm | 68 +++++++ 27 files changed, 4203 insertions(+) create mode 100644 OpenCL/m32000-pure.cl create mode 100644 OpenCL/m32010-pure.cl create mode 100644 OpenCL/m32020-pure.cl create mode 100644 OpenCL/m32030-pure.cl create mode 100644 OpenCL/m32040-pure.cl create mode 100644 src/modules/module_32000.c create mode 100644 src/modules/module_32010.c create mode 100644 src/modules/module_32020.c create mode 100644 src/modules/module_32030.c create mode 100644 src/modules/module_32031.c create mode 100644 src/modules/module_32040.c create mode 100644 src/modules/module_32041.c create mode 100644 src/modules/module_32050.c create mode 100644 src/modules/module_32060.c create mode 100644 src/modules/module_32070.c create mode 100644 tools/test_modules/m32000.pm create mode 100644 tools/test_modules/m32010.pm create mode 100644 tools/test_modules/m32020.pm create mode 100644 tools/test_modules/m32030.pm create mode 100644 tools/test_modules/m32031.pm create mode 100644 tools/test_modules/m32040.pm create mode 100644 tools/test_modules/m32041.pm create mode 100644 tools/test_modules/m32050.pm create mode 100644 tools/test_modules/m32060.pm create mode 100644 tools/test_modules/m32070.pm diff --git a/OpenCL/m32000-pure.cl b/OpenCL/m32000-pure.cl new file mode 100644 index 000000000..e7d985b52 --- /dev/null +++ b/OpenCL/m32000-pure.cl @@ -0,0 +1,127 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#endif + +#define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl) +#define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl) + +typedef struct netiq_sspr_md5_tmp +{ + u32 dgst[4]; + +} netiq_sspr_md5_tmp_t; + +KERNEL_FQ void m32000_init (KERN_ATTR_TMPS (netiq_sspr_md5_tmp_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + md5_ctx_t ctx; + + md5_init (&ctx); + + md5_update_global (&ctx, pws[gid].i, pws[gid].pw_len); + + md5_final (&ctx); + + tmps[gid].dgst[0] = ctx.h[0]; + tmps[gid].dgst[1] = ctx.h[1]; + tmps[gid].dgst[2] = ctx.h[2]; + tmps[gid].dgst[3] = ctx.h[3]; +} + +KERNEL_FQ void m32000_loop (KERN_ATTR_TMPS (netiq_sspr_md5_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= GID_CNT) return; + + for (u32 i = 0; i < 4; i += 4) + { + u32x dgst[4]; + + dgst[0] = packv (tmps, dgst, gid, i + 0); + dgst[1] = packv (tmps, dgst, gid, i + 1); + dgst[2] = packv (tmps, dgst, gid, i + 2); + dgst[3] = packv (tmps, dgst, gid, i + 3); + + for (u32 j = 0; j < LOOP_CNT; j++) + { + u32x h[4]; + + h[0] = MD5M_A; + h[1] = MD5M_B; + h[2] = MD5M_C; + h[3] = MD5M_D; + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = dgst[0]; + w0[1] = dgst[1]; + w0[2] = dgst[2]; + w0[3] = dgst[3]; + w1[0] = 0x00000080; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 16 * 8; + w3[3] = 0; + + md5_transform_vector (w0, w1, w2, w3, h); + + dgst[0] = h[0]; + dgst[1] = h[1]; + dgst[2] = h[2]; + dgst[3] = h[3]; + } + + unpackv (tmps, dgst, gid, i + 0, dgst[0]); + unpackv (tmps, dgst, gid, i + 1, dgst[1]); + unpackv (tmps, dgst, gid, i + 2, dgst[2]); + unpackv (tmps, dgst, gid, i + 3, dgst[3]); + } +} + +KERNEL_FQ void m32000_comp (KERN_ATTR_TMPS (netiq_sspr_md5_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + const u32 r0 = tmps[gid].dgst[0]; + const u32 r1 = tmps[gid].dgst[1]; + const u32 r2 = tmps[gid].dgst[2]; + const u32 r3 = tmps[gid].dgst[3]; + + #define il_pos 0 + + #ifdef KERNEL_STATIC + #include COMPARE_M + #endif +} diff --git a/OpenCL/m32010-pure.cl b/OpenCL/m32010-pure.cl new file mode 100644 index 000000000..c806dce13 --- /dev/null +++ b/OpenCL/m32010-pure.cl @@ -0,0 +1,132 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha1.cl) +#endif + +#define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl) +#define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl) + +typedef struct netiq_sspr_sha1_tmp +{ + u32 dgst[5]; + +} netiq_sspr_sha1_tmp_t; + +KERNEL_FQ void m32010_init (KERN_ATTR_TMPS (netiq_sspr_sha1_tmp_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len); + + sha1_final (&ctx); + + tmps[gid].dgst[0] = ctx.h[0]; + tmps[gid].dgst[1] = ctx.h[1]; + tmps[gid].dgst[2] = ctx.h[2]; + tmps[gid].dgst[3] = ctx.h[3]; + tmps[gid].dgst[4] = ctx.h[4]; +} + +KERNEL_FQ void m32010_loop (KERN_ATTR_TMPS (netiq_sspr_sha1_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= GID_CNT) return; + + for (u32 i = 0; i < 5; i += 5) + { + u32x dgst[5]; + + dgst[0] = packv (tmps, dgst, gid, i + 0); + dgst[1] = packv (tmps, dgst, gid, i + 1); + dgst[2] = packv (tmps, dgst, gid, i + 2); + dgst[3] = packv (tmps, dgst, gid, i + 3); + dgst[4] = packv (tmps, dgst, gid, i + 4); + + for (u32 j = 0; j < LOOP_CNT; j++) + { + u32x h[5]; + + h[0] = SHA1M_A; + h[1] = SHA1M_B; + h[2] = SHA1M_C; + h[3] = SHA1M_D; + h[4] = SHA1M_E; + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = dgst[0]; + w0[1] = dgst[1]; + w0[2] = dgst[2]; + w0[3] = dgst[3]; + w1[0] = dgst[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 20 * 8; + + sha1_transform_vector (w0, w1, w2, w3, h); + + dgst[0] = h[0]; + dgst[1] = h[1]; + dgst[2] = h[2]; + dgst[3] = h[3]; + dgst[4] = h[4]; + } + + unpackv (tmps, dgst, gid, i + 0, dgst[0]); + unpackv (tmps, dgst, gid, i + 1, dgst[1]); + unpackv (tmps, dgst, gid, i + 2, dgst[2]); + unpackv (tmps, dgst, gid, i + 3, dgst[3]); + unpackv (tmps, dgst, gid, i + 4, dgst[4]); + } +} + +KERNEL_FQ void m32010_comp (KERN_ATTR_TMPS (netiq_sspr_sha1_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + const u32 r0 = tmps[gid].dgst[DGST_R0]; + const u32 r1 = tmps[gid].dgst[DGST_R1]; + const u32 r2 = tmps[gid].dgst[DGST_R2]; + const u32 r3 = tmps[gid].dgst[DGST_R3]; + + #define il_pos 0 + + #ifdef KERNEL_STATIC + #include COMPARE_M + #endif +} diff --git a/OpenCL/m32020-pure.cl b/OpenCL/m32020-pure.cl new file mode 100644 index 000000000..b779676e2 --- /dev/null +++ b/OpenCL/m32020-pure.cl @@ -0,0 +1,134 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha1.cl) +#endif + +#define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl) +#define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl) + +typedef struct netiq_sspr_sha1_tmp +{ + u32 dgst[5]; + +} netiq_sspr_sha1_tmp_t; + +KERNEL_FQ void m32020_init (KERN_ATTR_TMPS (netiq_sspr_sha1_tmp_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_global_swap (&ctx, salt_bufs[SALT_POS_HOST].salt_buf, salt_bufs[SALT_POS_HOST].salt_len); + + sha1_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len); + + sha1_final (&ctx); + + tmps[gid].dgst[0] = ctx.h[0]; + tmps[gid].dgst[1] = ctx.h[1]; + tmps[gid].dgst[2] = ctx.h[2]; + tmps[gid].dgst[3] = ctx.h[3]; + tmps[gid].dgst[4] = ctx.h[4]; +} + +KERNEL_FQ void m32020_loop (KERN_ATTR_TMPS (netiq_sspr_sha1_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= GID_CNT) return; + + for (u32 i = 0; i < 5; i += 5) + { + u32x dgst[5]; + + dgst[0] = packv (tmps, dgst, gid, i + 0); + dgst[1] = packv (tmps, dgst, gid, i + 1); + dgst[2] = packv (tmps, dgst, gid, i + 2); + dgst[3] = packv (tmps, dgst, gid, i + 3); + dgst[4] = packv (tmps, dgst, gid, i + 4); + + for (u32 j = 0; j < LOOP_CNT; j++) + { + u32x h[5]; + + h[0] = SHA1M_A; + h[1] = SHA1M_B; + h[2] = SHA1M_C; + h[3] = SHA1M_D; + h[4] = SHA1M_E; + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = dgst[0]; + w0[1] = dgst[1]; + w0[2] = dgst[2]; + w0[3] = dgst[3]; + w1[0] = dgst[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 20 * 8; + + sha1_transform_vector (w0, w1, w2, w3, h); + + dgst[0] = h[0]; + dgst[1] = h[1]; + dgst[2] = h[2]; + dgst[3] = h[3]; + dgst[4] = h[4]; + } + + unpackv (tmps, dgst, gid, i + 0, dgst[0]); + unpackv (tmps, dgst, gid, i + 1, dgst[1]); + unpackv (tmps, dgst, gid, i + 2, dgst[2]); + unpackv (tmps, dgst, gid, i + 3, dgst[3]); + unpackv (tmps, dgst, gid, i + 4, dgst[4]); + } +} + +KERNEL_FQ void m32020_comp (KERN_ATTR_TMPS (netiq_sspr_sha1_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + const u32 r0 = tmps[gid].dgst[DGST_R0]; + const u32 r1 = tmps[gid].dgst[DGST_R1]; + const u32 r2 = tmps[gid].dgst[DGST_R2]; + const u32 r3 = tmps[gid].dgst[DGST_R3]; + + #define il_pos 0 + + #ifdef KERNEL_STATIC + #include COMPARE_M + #endif +} diff --git a/OpenCL/m32030-pure.cl b/OpenCL/m32030-pure.cl new file mode 100644 index 000000000..78ea30d56 --- /dev/null +++ b/OpenCL/m32030-pure.cl @@ -0,0 +1,149 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha256.cl) +#endif + +#define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl) +#define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl) + +typedef struct netiq_sspr_sha256_tmp +{ + u32 dgst[8]; + +} netiq_sspr_sha256_tmp_t; + +KERNEL_FQ void m32030_init (KERN_ATTR_TMPS (netiq_sspr_sha256_tmp_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + sha256_ctx_t ctx; + + sha256_init (&ctx); + + sha256_update_global_swap (&ctx, salt_bufs[SALT_POS_HOST].salt_buf, salt_bufs[SALT_POS_HOST].salt_len); + + sha256_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len); + + sha256_final (&ctx); + + tmps[gid].dgst[0] = ctx.h[0]; + tmps[gid].dgst[1] = ctx.h[1]; + tmps[gid].dgst[2] = ctx.h[2]; + tmps[gid].dgst[3] = ctx.h[3]; + tmps[gid].dgst[4] = ctx.h[4]; + tmps[gid].dgst[5] = ctx.h[5]; + tmps[gid].dgst[6] = ctx.h[6]; + tmps[gid].dgst[7] = ctx.h[7]; +} + +KERNEL_FQ void m32030_loop (KERN_ATTR_TMPS (netiq_sspr_sha256_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= GID_CNT) return; + + for (u32 i = 0; i < 8; i += 8) + { + u32x dgst[8]; + + dgst[0] = packv (tmps, dgst, gid, i + 0); + dgst[1] = packv (tmps, dgst, gid, i + 1); + dgst[2] = packv (tmps, dgst, gid, i + 2); + dgst[3] = packv (tmps, dgst, gid, i + 3); + dgst[4] = packv (tmps, dgst, gid, i + 4); + dgst[5] = packv (tmps, dgst, gid, i + 5); + dgst[6] = packv (tmps, dgst, gid, i + 6); + dgst[7] = packv (tmps, dgst, gid, i + 7); + + for (u32 j = 0; j < LOOP_CNT; j++) + { + u32x h[8]; + + h[0] = SHA256M_A; + h[1] = SHA256M_B; + h[2] = SHA256M_C; + h[3] = SHA256M_D; + h[4] = SHA256M_E; + h[5] = SHA256M_F; + h[6] = SHA256M_G; + h[7] = SHA256M_H; + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = dgst[0]; + w0[1] = dgst[1]; + w0[2] = dgst[2]; + w0[3] = dgst[3]; + w1[0] = dgst[4]; + w1[1] = dgst[5]; + w1[2] = dgst[6]; + w1[3] = dgst[7]; + w2[0] = 0x80000000; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 32 * 8; + + sha256_transform_vector (w0, w1, w2, w3, h); + + dgst[0] = h[0]; + dgst[1] = h[1]; + dgst[2] = h[2]; + dgst[3] = h[3]; + dgst[4] = h[4]; + dgst[5] = h[5]; + dgst[6] = h[6]; + dgst[7] = h[7]; + } + + unpackv (tmps, dgst, gid, i + 0, dgst[0]); + unpackv (tmps, dgst, gid, i + 1, dgst[1]); + unpackv (tmps, dgst, gid, i + 2, dgst[2]); + unpackv (tmps, dgst, gid, i + 3, dgst[3]); + unpackv (tmps, dgst, gid, i + 4, dgst[4]); + unpackv (tmps, dgst, gid, i + 5, dgst[5]); + unpackv (tmps, dgst, gid, i + 6, dgst[6]); + unpackv (tmps, dgst, gid, i + 7, dgst[7]); + } +} + +KERNEL_FQ void m32030_comp (KERN_ATTR_TMPS (netiq_sspr_sha256_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + const u32 r0 = tmps[gid].dgst[DGST_R0]; + const u32 r1 = tmps[gid].dgst[DGST_R1]; + const u32 r2 = tmps[gid].dgst[DGST_R2]; + const u32 r3 = tmps[gid].dgst[DGST_R3]; + + #define il_pos 0 + + #ifdef KERNEL_STATIC + #include COMPARE_M + #endif +} diff --git a/OpenCL/m32040-pure.cl b/OpenCL/m32040-pure.cl new file mode 100644 index 000000000..66611bd98 --- /dev/null +++ b/OpenCL/m32040-pure.cl @@ -0,0 +1,173 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha512.cl) +#endif + +#define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl) +#define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl) + +typedef struct netiq_sspr_sha512_tmp +{ + u64 dgst[8]; + +} netiq_sspr_sha512_tmp_t; + +KERNEL_FQ void m32040_init (KERN_ATTR_TMPS (netiq_sspr_sha512_tmp_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= GID_CNT) return; + + sha512_ctx_t ctx; + + sha512_init (&ctx); + + sha512_update_global_swap (&ctx, salt_bufs[SALT_POS_HOST].salt_buf, salt_bufs[SALT_POS_HOST].salt_len); + + sha512_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len); + + sha512_final (&ctx); + + tmps[gid].dgst[0] = ctx.h[0]; + tmps[gid].dgst[1] = ctx.h[1]; + tmps[gid].dgst[2] = ctx.h[2]; + tmps[gid].dgst[3] = ctx.h[3]; + tmps[gid].dgst[4] = ctx.h[4]; + tmps[gid].dgst[5] = ctx.h[5]; + tmps[gid].dgst[6] = ctx.h[6]; + tmps[gid].dgst[7] = ctx.h[7]; +} + +KERNEL_FQ void m32040_loop (KERN_ATTR_TMPS (netiq_sspr_sha512_tmp_t)) +{ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= GID_CNT) return; + + for (u32 i = 0; i < 8; i += 8) + { + u64x dgst[8]; + + dgst[0] = pack64v (tmps, dgst, gid, i + 0); + dgst[1] = pack64v (tmps, dgst, gid, i + 1); + dgst[2] = pack64v (tmps, dgst, gid, i + 2); + dgst[3] = pack64v (tmps, dgst, gid, i + 3); + dgst[4] = pack64v (tmps, dgst, gid, i + 4); + dgst[5] = pack64v (tmps, dgst, gid, i + 5); + dgst[6] = pack64v (tmps, dgst, gid, i + 6); + dgst[7] = pack64v (tmps, dgst, gid, i + 7); + + for (u32 j = 0; j < LOOP_CNT; j++) + { + u64x h[8]; + + h[0] = SHA512M_A; + h[1] = SHA512M_B; + h[2] = SHA512M_C; + h[3] = SHA512M_D; + h[4] = SHA512M_E; + h[5] = SHA512M_F; + h[6] = SHA512M_G; + h[7] = SHA512M_H; + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + u32x w4[4]; + u32x w5[4]; + u32x w6[4]; + u32x w7[4]; + + w0[0] = h32_from_64 (dgst[0]); + w0[1] = l32_from_64 (dgst[0]); + w0[2] = h32_from_64 (dgst[1]); + w0[3] = l32_from_64 (dgst[1]); + w1[0] = h32_from_64 (dgst[2]); + w1[1] = l32_from_64 (dgst[2]); + w1[2] = h32_from_64 (dgst[3]); + w1[3] = l32_from_64 (dgst[3]); + w2[0] = h32_from_64 (dgst[4]); + w2[1] = l32_from_64 (dgst[4]); + w2[2] = h32_from_64 (dgst[5]); + w2[3] = l32_from_64 (dgst[5]); + w3[0] = h32_from_64 (dgst[6]); + w3[1] = l32_from_64 (dgst[6]); + w3[2] = h32_from_64 (dgst[7]); + w3[3] = l32_from_64 (dgst[7]); + w4[0] = 0x80000000; + w4[1] = 0; + w4[2] = 0; + w4[3] = 0; + w5[0] = 0; + w5[1] = 0; + w5[2] = 0; + w5[3] = 0; + w6[0] = 0; + w6[1] = 0; + w6[2] = 0; + w6[3] = 0; + w7[0] = 0; + w7[1] = 0; + w7[2] = 0; + w7[3] = 64 * 8; + + sha512_transform_vector (w0, w1, w2, w3, w4, w5, w6, w7, h); + + dgst[0] = h[0]; + dgst[1] = h[1]; + dgst[2] = h[2]; + dgst[3] = h[3]; + dgst[4] = h[4]; + dgst[5] = h[5]; + dgst[6] = h[6]; + dgst[7] = h[7]; + } + + unpack64v (tmps, dgst, gid, i + 0, dgst[0]); + unpack64v (tmps, dgst, gid, i + 1, dgst[1]); + unpack64v (tmps, dgst, gid, i + 2, dgst[2]); + unpack64v (tmps, dgst, gid, i + 3, dgst[3]); + unpack64v (tmps, dgst, gid, i + 4, dgst[4]); + unpack64v (tmps, dgst, gid, i + 5, dgst[5]); + unpack64v (tmps, dgst, gid, i + 6, dgst[6]); + unpack64v (tmps, dgst, gid, i + 7, dgst[7]); + } +} + +KERNEL_FQ void m32040_comp (KERN_ATTR_TMPS (netiq_sspr_sha512_tmp_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + + if (gid >= GID_CNT) return; + + const u64 a = tmps[gid].dgst[7]; + const u64 b = tmps[gid].dgst[3]; + + const u32 r0 = l32_from_64_S (a); + const u32 r1 = h32_from_64_S (a); + const u32 r2 = l32_from_64_S (b); + const u32 r3 = h32_from_64_S (b); + + #define il_pos 0 + + #ifdef KERNEL_STATIC + #include COMPARE_M + #endif +} diff --git a/docs/changes.txt b/docs/changes.txt index 7196734d3..8df583920 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -5,6 +5,8 @@ ## - Added hash-mode: 1Password, mobilekeychain (1Password 8) +- Added hash-mode: Adobe AEM (SSPR, SHA-256 with Salt) +- Added hash-mode: Adobe AEM (SSPR, SHA-512 with Salt) - Added hash-mode: Anope IRC Services (enc_sha256) - Added hash-mode: Bisq .wallet (scrypt) - Added hash-mode: Bitcoin raw private key (P2PKH) @@ -22,6 +24,14 @@ - Added hash-mode: GPG (AES-128/AES-256 (SHA-512($pass))) - Added hash-mode: MetaMask Mobile Wallet - Added hash-mode: MetaMask Wallet (short hash, plaintext check) +- Added hash-mode: NetIQ SSPR (MD5) +- Added hash-mode: NetIQ SSPR (PBKDF2WithHmacSHA1) +- Added hash-mode: NetIQ SSPR (PBKDF2WithHmacSHA256) +- Added hash-mode: NetIQ SSPR (PBKDF2WithHmacSHA512) +- Added hash-mode: NetIQ SSPR (SHA-1 with Salt) +- Added hash-mode: NetIQ SSPR (SHA-256 with Salt) +- Added hash-mode: NetIQ SSPR (SHA-512 with Salt) +- Added hash-mode: NetIQ SSPR (SHA1) - Added hash-mode: SecureCRT MasterPassphrase v2 - Added hash-mode: Veeam VB - Added hash-mode: bcrypt(sha256($pass)) diff --git a/docs/readme.txt b/docs/readme.txt index 7f2db3af1..23a468335 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -288,8 +288,18 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - SAP CODVN F/G (PASSCODE) - SAP CODVN F/G (PASSCODE) from RFC_READ_TABLE - SAP CODVN H (PWDSALTEDHASH) iSSHA-1 +- Adobe AEM (SSPR, SHA-256 with Salt) +- Adobe AEM (SSPR, SHA-512 with Salt) - PeopleSoft - PeopleSoft PS_TOKEN +- NetIQ SSPR (MD5) +- NetIQ SSPR (PBKDF2WithHmacSHA1) +- NetIQ SSPR (PBKDF2WithHmacSHA256) +- NetIQ SSPR (PBKDF2WithHmacSHA512) +- NetIQ SSPR (SHA-1 with Salt) +- NetIQ SSPR (SHA-256 with Salt) +- NetIQ SSPR (SHA-512 with Salt) +- NetIQ SSPR (SHA1) - SolarWinds Orion - SolarWinds Orion v2 - SolarWinds Serv-U diff --git a/src/modules/module_32000.c b/src/modules/module_32000.c new file mode 100644 index 000000000..f1e17711a --- /dev/null +++ b/src/modules/module_32000.c @@ -0,0 +1,211 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_5; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (MD5)"; +static const u64 KERN_TYPE = 32000; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS14; +static const u32 SALT_TYPE = SALT_TYPE_VIRTUAL; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$sspr$0$100000$NONE$2c8586ef492e3c3dd3795395507dc14f"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct netiq_sspr_md5_tmp +{ + u32 dgst[4]; + +} netiq_sspr_md5_tmp_t; + +static const char *SIGNATURE_NETIQ_SSPR_MD5 = "$sspr$0$100000$NONE$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (netiq_sspr_md5_tmp_t); + + return tmp_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 2; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_SSPR_MD5; + + token.len[0] = strlen (SIGNATURE_NETIQ_SSPR_MD5); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 32; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 100000 - 1; + + // digest + + const u8 *hash_pos = token.buf[1]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + // digest + + u32 tmp[4]; + + tmp[0] = digest[0]; + tmp[1] = digest[1]; + tmp[2] = digest[2]; + tmp[3] = digest[3]; + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s", SIGNATURE_NETIQ_SSPR_MD5); + + out_buf += out_len; + + u32_to_hex (tmp[0], out_buf + 0); + u32_to_hex (tmp[1], out_buf + 8); + u32_to_hex (tmp[2], out_buf + 16); + u32_to_hex (tmp[3], out_buf + 24); + + out_len += 32; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32010.c b/src/modules/module_32010.c new file mode 100644 index 000000000..d82e5ca6a --- /dev/null +++ b/src/modules/module_32010.c @@ -0,0 +1,220 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 3; +static const u32 DGST_POS1 = 4; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 1; +static const u32 DGST_SIZE = DGST_SIZE_4_5; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (SHA1)"; +static const u64 KERN_TYPE = 32010; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_VIRTUAL; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$sspr$1$100000$NONE$b3485214dfa55b038a606a183a560dab7db4ecf1"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct netiq_sspr_sha1_tmp +{ + u32 dgst[5]; + +} netiq_sspr_sha1_tmp_t; + +static const char *SIGNATURE_NETIQ_SSPR_SHA1 = "$sspr$1$100000$NONE$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (netiq_sspr_sha1_tmp_t); + + return tmp_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 2; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_SSPR_SHA1; + + token.len[0] = strlen (SIGNATURE_NETIQ_SSPR_SHA1); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 40; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 100000 - 1; + + // digest + + const u8 *hash_pos = token.buf[1]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + digest[4] = hex_to_u32 (hash_pos + 32); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + // digest + + u32 tmp[5]; + + tmp[0] = byte_swap_32 (digest[0]); + tmp[1] = byte_swap_32 (digest[1]); + tmp[2] = byte_swap_32 (digest[2]); + tmp[3] = byte_swap_32 (digest[3]); + tmp[4] = byte_swap_32 (digest[4]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s", SIGNATURE_NETIQ_SSPR_SHA1); + + out_buf += out_len; + + u32_to_hex (tmp[0], out_buf + 0); + u32_to_hex (tmp[1], out_buf + 8); + u32_to_hex (tmp[2], out_buf + 16); + u32_to_hex (tmp[3], out_buf + 24); + u32_to_hex (tmp[4], out_buf + 32); + + out_len += 40; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32020.c b/src/modules/module_32020.c new file mode 100644 index 000000000..6b35439b2 --- /dev/null +++ b/src/modules/module_32020.c @@ -0,0 +1,255 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 3; +static const u32 DGST_POS1 = 4; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 1; +static const u32 DGST_SIZE = DGST_SIZE_4_5; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (SHA-1 with Salt)"; +static const u64 KERN_TYPE = 32020; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_ST_BASE64 + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$sspr$2$100000$CxCpGqosk9PkCBcoRFp6DLjjRhVEJKK8$a33283d71c2ecaf4f3017b0a89feca2fc879221c"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct netiq_sspr_sha1_tmp +{ + u32 dgst[5]; + +} netiq_sspr_sha1_tmp_t; + +static const char *SIGNATURE_NETIQ_SSPR_SHA1_SALTED = "$sspr$2$100000$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (netiq_sspr_sha1_tmp_t); + + return tmp_size; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 32; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 32; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_SSPR_SHA1_SALTED; + + token.len[0] = strlen (SIGNATURE_NETIQ_SSPR_SHA1_SALTED); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 32; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; + + token.sep[2] = '$'; + token.len[2] = 40; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 100000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + salt->salt_len = salt_len; + + memcpy ((u8 *) salt->salt_buf, salt_pos, salt->salt_len); + + // digest + + const u8 *hash_pos = token.buf[2]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + digest[4] = hex_to_u32 (hash_pos + 32); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + // salt + + u8 *salt_buf = (u8 *) salt->salt_buf; + + // digest + + u32 tmp[5]; + + tmp[0] = byte_swap_32 (digest[0]); + tmp[1] = byte_swap_32 (digest[1]); + tmp[2] = byte_swap_32 (digest[2]); + tmp[3] = byte_swap_32 (digest[3]); + tmp[4] = byte_swap_32 (digest[4]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s$", + SIGNATURE_NETIQ_SSPR_SHA1_SALTED, + salt_buf); + + out_buf += out_len; + + u32_to_hex (tmp[0], out_buf + 0); + u32_to_hex (tmp[1], out_buf + 8); + u32_to_hex (tmp[2], out_buf + 16); + u32_to_hex (tmp[3], out_buf + 24); + u32_to_hex (tmp[4], out_buf + 32); + + out_len += 40; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32030.c b/src/modules/module_32030.c new file mode 100644 index 000000000..d2a28f172 --- /dev/null +++ b/src/modules/module_32030.c @@ -0,0 +1,267 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 3; +static const u32 DGST_POS1 = 7; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 6; +static const u32 DGST_SIZE = DGST_SIZE_4_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (SHA-256 with Salt)"; +static const u64 KERN_TYPE = 32030; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_ST_BASE64 + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$sspr$3$100000$ODk2NDA5Mjc2NDIwMjMwMjQyMTQ1NzMz$7195873d47c7e3627510862e37fe7cab9bc83b91feecb9864841bf80cff92419"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct netiq_sspr_sha256_tmp +{ + u32 dgst[8]; + +} netiq_sspr_sha256_tmp_t; + +static const char *SIGNATURE_NETIQ_SSPR_SHA256_SALTED = "$sspr$3$100000$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (netiq_sspr_sha256_tmp_t); + + return tmp_size; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 32; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 32; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_SSPR_SHA256_SALTED; + + token.len[0] = strlen (SIGNATURE_NETIQ_SSPR_SHA256_SALTED); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 32; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; + + token.sep[2] = '$'; + token.len[2] = 64; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 100000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + salt->salt_len = salt_len; + + memcpy ((u8 *) salt->salt_buf, salt_pos, salt->salt_len); + + // digest + + const u8 *hash_pos = token.buf[2]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + digest[4] = hex_to_u32 (hash_pos + 32); + digest[5] = hex_to_u32 (hash_pos + 40); + digest[6] = hex_to_u32 (hash_pos + 48); + digest[7] = hex_to_u32 (hash_pos + 56); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + digest[5] = byte_swap_32 (digest[5]); + digest[6] = byte_swap_32 (digest[6]); + digest[7] = byte_swap_32 (digest[7]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + // salt + + u8 *salt_buf = (u8 *) salt->salt_buf; + + // digest + + u32 tmp[8]; + + tmp[0] = byte_swap_32 (digest[0]); + tmp[1] = byte_swap_32 (digest[1]); + tmp[2] = byte_swap_32 (digest[2]); + tmp[3] = byte_swap_32 (digest[3]); + tmp[4] = byte_swap_32 (digest[4]); + tmp[5] = byte_swap_32 (digest[5]); + tmp[6] = byte_swap_32 (digest[6]); + tmp[7] = byte_swap_32 (digest[7]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s$", + SIGNATURE_NETIQ_SSPR_SHA256_SALTED, + salt_buf); + + out_buf += out_len; + + u32_to_hex (tmp[0], out_buf + 0); + u32_to_hex (tmp[1], out_buf + 8); + u32_to_hex (tmp[2], out_buf + 16); + u32_to_hex (tmp[3], out_buf + 24); + u32_to_hex (tmp[4], out_buf + 32); + u32_to_hex (tmp[5], out_buf + 40); + u32_to_hex (tmp[6], out_buf + 48); + u32_to_hex (tmp[7], out_buf + 56); + + out_len += 64; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32031.c b/src/modules/module_32031.c new file mode 100644 index 000000000..2ce2cf719 --- /dev/null +++ b/src/modules/module_32031.c @@ -0,0 +1,272 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 3; +static const u32 DGST_POS1 = 7; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 6; +static const u32 DGST_SIZE = DGST_SIZE_4_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "Adobe AEM (SSPR, SHA-256 with Salt)"; +static const u64 KERN_TYPE = 32030; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$sspr$3$1000$f9bbf1381f481427$a1b45fd7eb190cc7f0bf831698cb777207eebbb4b7ea2abd6fff84be539aae62"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct netiq_sspr_sha256_tmp +{ + u32 dgst[8]; + +} netiq_sspr_sha256_tmp_t; + +static const char *SIGNATURE_ADOBE_AES_SHA256_SALTED = "$sspr$3$1000$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (netiq_sspr_sha256_tmp_t); + + return tmp_size; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 16; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 16; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_ADOBE_AES_SHA256_SALTED; + + token.len[0] = strlen (SIGNATURE_ADOBE_AES_SHA256_SALTED); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 16; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH; + + if (hashconfig->opts_type & OPTS_TYPE_ST_HEX) + { + token.attr[1] |= TOKEN_ATTR_VERIFY_HEX; + } + + token.sep[2] = '$'; + token.len[2] = 64; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 1000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len); + + if (parse_rc == false) return (PARSER_SALT_LENGTH); + + // digest + + const u8 *hash_pos = token.buf[2]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + digest[4] = hex_to_u32 (hash_pos + 32); + digest[5] = hex_to_u32 (hash_pos + 40); + digest[6] = hex_to_u32 (hash_pos + 48); + digest[7] = hex_to_u32 (hash_pos + 56); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + digest[5] = byte_swap_32 (digest[5]); + digest[6] = byte_swap_32 (digest[6]); + digest[7] = byte_swap_32 (digest[7]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + // salt + + u8 salt_buf[16 + 1]; + + memset (salt_buf, 0, sizeof (salt_buf)); + + generic_salt_encode (hashconfig, (const u8 *) salt->salt_buf, (const int) salt->salt_len, salt_buf); + + // digest + + u32 tmp[8]; + + tmp[0] = byte_swap_32 (digest[0]); + tmp[1] = byte_swap_32 (digest[1]); + tmp[2] = byte_swap_32 (digest[2]); + tmp[3] = byte_swap_32 (digest[3]); + tmp[4] = byte_swap_32 (digest[4]); + tmp[5] = byte_swap_32 (digest[5]); + tmp[6] = byte_swap_32 (digest[6]); + tmp[7] = byte_swap_32 (digest[7]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s$", SIGNATURE_ADOBE_AES_SHA256_SALTED, salt_buf); + + out_buf += out_len; + + u32_to_hex (tmp[0], out_buf + 0); + u32_to_hex (tmp[1], out_buf + 8); + u32_to_hex (tmp[2], out_buf + 16); + u32_to_hex (tmp[3], out_buf + 24); + u32_to_hex (tmp[4], out_buf + 32); + u32_to_hex (tmp[5], out_buf + 40); + u32_to_hex (tmp[6], out_buf + 48); + u32_to_hex (tmp[7], out_buf + 56); + + out_len += 64; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32040.c b/src/modules/module_32040.c new file mode 100644 index 000000000..2a8f248af --- /dev/null +++ b/src/modules/module_32040.c @@ -0,0 +1,268 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 14; +static const u32 DGST_POS1 = 15; +static const u32 DGST_POS2 = 6; +static const u32 DGST_POS3 = 7; +static const u32 DGST_SIZE = DGST_SIZE_8_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (SHA-512 with Salt)"; +static const u64 KERN_TYPE = 32040; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_USES_BITS_64 + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_ST_BASE64 + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$sspr$4$100000$NzYwNjMyNDc2MTQ2OTE4NTUzODAyODE3$0ce2e8b8efa4280e6e003d77cb45d45300dff3960c5c073f68303565fe62fe4ff3ada8cee7d3b87d0457335ab0df73c5c64ee1f71ccf6b8bd43a316ecb42ecd4"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct netiq_sspr_sha512_tmp +{ + u64 dgst[8]; + +} netiq_sspr_sha512_tmp_t; + +static const char *SIGNATURE_NETIQ_SSPR_SHA512_SALTED = "$sspr$4$100000$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (netiq_sspr_sha512_tmp_t); + + return tmp_size; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 32; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 32; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u64 *digest = (u64 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_SSPR_SHA512_SALTED; + + token.len[0] = strlen (SIGNATURE_NETIQ_SSPR_SHA512_SALTED); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 32; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; + + token.sep[2] = '$'; + token.len[2] = 128; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 100000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + salt->salt_len = salt_len; + + memcpy ((u8 *) salt->salt_buf, salt_pos, salt->salt_len); + + // digest + + const u8 *hash_pos = token.buf[2]; + + digest[0] = hex_to_u64 (hash_pos + 0); + digest[1] = hex_to_u64 (hash_pos + 16); + digest[2] = hex_to_u64 (hash_pos + 32); + digest[3] = hex_to_u64 (hash_pos + 48); + digest[4] = hex_to_u64 (hash_pos + 64); + digest[5] = hex_to_u64 (hash_pos + 80); + digest[6] = hex_to_u64 (hash_pos + 96); + digest[7] = hex_to_u64 (hash_pos + 112); + + digest[0] = byte_swap_64 (digest[0]); + digest[1] = byte_swap_64 (digest[1]); + digest[2] = byte_swap_64 (digest[2]); + digest[3] = byte_swap_64 (digest[3]); + digest[4] = byte_swap_64 (digest[4]); + digest[5] = byte_swap_64 (digest[5]); + digest[6] = byte_swap_64 (digest[6]); + digest[7] = byte_swap_64 (digest[7]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u64 *digest = (const u64 *) digest_buf; + + // salt + + u8 *salt_buf = (u8 *) salt->salt_buf; + + // digest + + u64 tmp[8]; + + tmp[0] = byte_swap_64 (digest[0]); + tmp[1] = byte_swap_64 (digest[1]); + tmp[2] = byte_swap_64 (digest[2]); + tmp[3] = byte_swap_64 (digest[3]); + tmp[4] = byte_swap_64 (digest[4]); + tmp[5] = byte_swap_64 (digest[5]); + tmp[6] = byte_swap_64 (digest[6]); + tmp[7] = byte_swap_64 (digest[7]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s$", + SIGNATURE_NETIQ_SSPR_SHA512_SALTED, + salt_buf); + + out_buf += out_len; + + u64_to_hex (tmp[0], out_buf + 0); + u64_to_hex (tmp[1], out_buf + 16); + u64_to_hex (tmp[2], out_buf + 32); + u64_to_hex (tmp[3], out_buf + 48); + u64_to_hex (tmp[4], out_buf + 64); + u64_to_hex (tmp[5], out_buf + 80); + u64_to_hex (tmp[6], out_buf + 96); + u64_to_hex (tmp[7], out_buf + 112); + + out_len += 128; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32041.c b/src/modules/module_32041.c new file mode 100644 index 000000000..445562e30 --- /dev/null +++ b/src/modules/module_32041.c @@ -0,0 +1,275 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 14; +static const u32 DGST_POS1 = 15; +static const u32 DGST_POS2 = 6; +static const u32 DGST_POS3 = 7; +static const u32 DGST_SIZE = DGST_SIZE_8_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "Adobe AEM (SSPR, SHA-512 with Salt)"; +static const u64 KERN_TYPE = 32040; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_USES_BITS_64 + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$sspr$4$1000$9ad596c50a5c9acd$d4cdc3c7d227e3cc57a9c9014b1eff1684808ef40191482cd8ae6e9d7b66211a5f04e4b34f494b0513a5f67b9614c5ff16e95e624a60f41b16b90533f305146e"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct netiq_sspr_sha512_tmp +{ + u64 dgst[8]; + +} netiq_sspr_sha512_tmp_t; + +static const char *SIGNATURE_ADOBE_AEM_SHA512_SALTED = "$sspr$4$1000$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (netiq_sspr_sha512_tmp_t); + + return tmp_size; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 16; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 16; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u64 *digest = (u64 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_ADOBE_AEM_SHA512_SALTED; + + token.len[0] = strlen (SIGNATURE_ADOBE_AEM_SHA512_SALTED); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 16; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH; + + if (hashconfig->opts_type & OPTS_TYPE_ST_HEX) + { + token.attr[1] |= TOKEN_ATTR_VERIFY_HEX; + } + + token.sep[2] = '$'; + token.len[2] = 128; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 1000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len); + + if (parse_rc == false) return (PARSER_SALT_LENGTH); + + // digest + + const u8 *hash_pos = token.buf[2]; + + digest[0] = hex_to_u64 (hash_pos + 0); + digest[1] = hex_to_u64 (hash_pos + 16); + digest[2] = hex_to_u64 (hash_pos + 32); + digest[3] = hex_to_u64 (hash_pos + 48); + digest[4] = hex_to_u64 (hash_pos + 64); + digest[5] = hex_to_u64 (hash_pos + 80); + digest[6] = hex_to_u64 (hash_pos + 96); + digest[7] = hex_to_u64 (hash_pos + 112); + + digest[0] = byte_swap_64 (digest[0]); + digest[1] = byte_swap_64 (digest[1]); + digest[2] = byte_swap_64 (digest[2]); + digest[3] = byte_swap_64 (digest[3]); + digest[4] = byte_swap_64 (digest[4]); + digest[5] = byte_swap_64 (digest[5]); + digest[6] = byte_swap_64 (digest[6]); + digest[7] = byte_swap_64 (digest[7]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u64 *digest = (const u64 *) digest_buf; + + // salt + + u8 salt_buf[16 + 1]; + + memset (salt_buf, 0, sizeof (salt_buf)); + + generic_salt_encode (hashconfig, (const u8 *) salt->salt_buf, (const int) salt->salt_len, salt_buf); + + // digest + + u64 tmp[8]; + + tmp[0] = byte_swap_64 (digest[0]); + tmp[1] = byte_swap_64 (digest[1]); + tmp[2] = byte_swap_64 (digest[2]); + tmp[3] = byte_swap_64 (digest[3]); + tmp[4] = byte_swap_64 (digest[4]); + tmp[5] = byte_swap_64 (digest[5]); + tmp[6] = byte_swap_64 (digest[6]); + tmp[7] = byte_swap_64 (digest[7]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s$", + SIGNATURE_ADOBE_AEM_SHA512_SALTED, + salt_buf); + + out_buf += out_len; + + u64_to_hex (tmp[0], out_buf + 0); + u64_to_hex (tmp[1], out_buf + 16); + u64_to_hex (tmp[2], out_buf + 32); + u64_to_hex (tmp[3], out_buf + 48); + u64_to_hex (tmp[4], out_buf + 64); + u64_to_hex (tmp[5], out_buf + 80); + u64_to_hex (tmp[6], out_buf + 96); + u64_to_hex (tmp[7], out_buf + 112); + + out_len += 128; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32050.c b/src/modules/module_32050.c new file mode 100644 index 000000000..47e0b2c6d --- /dev/null +++ b/src/modules/module_32050.c @@ -0,0 +1,297 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_5; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (PBKDF2WithHmacSHA1)"; +static const u64 KERN_TYPE = 12000; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$pbkdf2-hmac-sha1$100000$7134180503252384106490944216249411431665011151428170747164626720$990e0c5f62b1384d48cbe3660329b9741c4a8473"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct pbkdf2_sha1_tmp +{ + u32 ipad[5]; + u32 opad[5]; + + u32 dgst[32]; + u32 out[32]; + +} pbkdf2_sha1_tmp_t; + +typedef struct pbkdf2_sha1 +{ + u32 salt_buf[64]; + +} pbkdf2_sha1_t; + +static const char *SIGNATURE_NETIQ_PBKDF2_HMAC_SHA1 = "$pbkdf2-hmac-sha1$100000$"; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (pbkdf2_sha1_t); + + return esalt_size; +} + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (pbkdf2_sha1_tmp_t); + + return tmp_size; +} + +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + // this overrides the reductions of PW_MAX in case optimized kernel is selected + // IOW, even in optimized kernel mode it support length 256 + + const u32 pw_max = PW_MAX; + + return pw_max; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 64; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 64; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + pbkdf2_sha1_t *pbkdf2_sha1 = (pbkdf2_sha1_t *) esalt_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_PBKDF2_HMAC_SHA1; + + token.len[0] = strlen (SIGNATURE_NETIQ_PBKDF2_HMAC_SHA1); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 64; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH; + + if (hashconfig->opts_type & OPTS_TYPE_ST_HEX) + { + token.attr[1] |= TOKEN_ATTR_VERIFY_HEX; + } + + token.sep[2] = '$'; + token.len[2] = 40; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 100000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + u8 *salt_ptr = (u8 *) pbkdf2_sha1->salt_buf; + + salt->salt_len = hex_decode (salt_pos, salt_len, salt_ptr); + + salt->salt_buf[0] = pbkdf2_sha1->salt_buf[0]; + salt->salt_buf[1] = pbkdf2_sha1->salt_buf[1]; + salt->salt_buf[2] = pbkdf2_sha1->salt_buf[2]; + salt->salt_buf[3] = pbkdf2_sha1->salt_buf[3]; + salt->salt_buf[4] = salt->salt_iter; + + // hash + + const u8 *hash_pos = token.buf[2]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + digest[4] = hex_to_u32 (hash_pos + 32); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + pbkdf2_sha1_t *pbkdf2_sha1 = (pbkdf2_sha1_t *) esalt_buf; + + // salt + + u8 salt_buf[64 + 1]; + + memset (salt_buf, 0, sizeof (salt_buf)); + + hex_encode ((u8 *) pbkdf2_sha1->salt_buf, salt->salt_len, salt_buf); + + // digest + + u32 tmp[5]; + + tmp[0] = byte_swap_32 (digest[0]); + tmp[1] = byte_swap_32 (digest[1]); + tmp[2] = byte_swap_32 (digest[2]); + tmp[3] = byte_swap_32 (digest[3]); + tmp[4] = byte_swap_32 (digest[4]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s$", + SIGNATURE_NETIQ_PBKDF2_HMAC_SHA1, + salt_buf); + + out_buf += out_len; + + u32_to_hex (tmp[0], out_buf + 0); + u32_to_hex (tmp[1], out_buf + 8); + u32_to_hex (tmp[2], out_buf + 16); + u32_to_hex (tmp[3], out_buf + 24); + u32_to_hex (tmp[4], out_buf + 32); + + out_len += 40; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32060.c b/src/modules/module_32060.c new file mode 100644 index 000000000..8933dc487 --- /dev/null +++ b/src/modules/module_32060.c @@ -0,0 +1,362 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_64; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (PBKDF2WithHmacSHA256)"; +static const u64 KERN_TYPE = 10900; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_ST_BASE64 + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_ST_BASE64; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$pbkdf2-sha256$100000$MDUzMTE4NjQyNDc5NTQxMjAwMjg1OTYxNjAxNDgzNzc$bwYpAyQ2g5PqdnMj8mJ46mkwQbyztw8gEQqnhDHj48c"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct pbkdf2_sha256_tmp +{ + u32 ipad[8]; + u32 opad[8]; + + u32 dgst[32]; + u32 out[32]; + +} pbkdf2_sha256_tmp_t; + +typedef struct pbkdf2_sha256 +{ + u32 salt_buf[64]; + +} pbkdf2_sha256_t; + +static const char *SIGNATURE_NETIQ_PBKDF2_HMAC_SHA256 = "$pbkdf2-sha256$100000$"; + +char *module_jit_build_options (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const hc_device_param_t *device_param) +{ + char *jit_build_options = NULL; + + // Extra treatment for Apple systems + if (device_param->opencl_platform_vendor_id == VENDOR_ID_APPLE) + { + return jit_build_options; + } + + // NVIDIA GPU + if (device_param->opencl_device_vendor_id == VENDOR_ID_NV) + { + hc_asprintf (&jit_build_options, "-D _unroll"); + } + + // HIP + if (device_param->opencl_device_vendor_id == VENDOR_ID_AMD_USE_HIP) + { + hc_asprintf (&jit_build_options, "-D _unroll"); + } + + // ROCM + if ((device_param->opencl_device_vendor_id == VENDOR_ID_AMD) && (device_param->has_vperm == true)) + { + hc_asprintf (&jit_build_options, "-D _unroll"); + } + + return jit_build_options; +} + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (pbkdf2_sha256_t); + + return esalt_size; +} + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (pbkdf2_sha256_tmp_t); + + return tmp_size; +} + +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + // this overrides the reductions of PW_MAX in case optimized kernel is selected + // IOW, even in optimized kernel mode it support length 256 + + const u32 pw_max = PW_MAX; + + return pw_max; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 43; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 43; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + pbkdf2_sha256_t *pbkdf2_sha256 = (pbkdf2_sha256_t *) esalt_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_PBKDF2_HMAC_SHA256; + + token.len[0] = strlen (SIGNATURE_NETIQ_PBKDF2_HMAC_SHA256); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '$'; + token.len[1] = 43; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64B; + + token.sep[2] = '$'; + token.len[2] = 43; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64B; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + u8 tmp_buf[32 + 1]; + int tmp_len; + + // iter + + salt->salt_iter = 100000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + memset (tmp_buf, 0, sizeof (tmp_buf)); + + tmp_len = base64_decode (ab64_to_int, salt_pos, salt_len, tmp_buf); + + if (tmp_len != 32) return (PARSER_SALT_LENGTH); + + memcpy (pbkdf2_sha256->salt_buf, tmp_buf, tmp_len); + + salt->salt_len = tmp_len; + + salt->salt_buf[0] = pbkdf2_sha256->salt_buf[0]; + salt->salt_buf[1] = pbkdf2_sha256->salt_buf[1]; + salt->salt_buf[2] = pbkdf2_sha256->salt_buf[2]; + salt->salt_buf[3] = pbkdf2_sha256->salt_buf[3]; + salt->salt_buf[4] = salt->salt_iter; + + // hash + + const u8 *hash_pos = token.buf[2]; + const int hash_len = token.len[2]; + + memset (tmp_buf, 0, sizeof (tmp_buf)); + + tmp_len = base64_decode (ab64_to_int, hash_pos, hash_len, tmp_buf); + + if (tmp_len != 32) return (PARSER_HASH_LENGTH); + + memcpy (digest, tmp_buf, tmp_len); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + digest[5] = byte_swap_32 (digest[5]); + digest[6] = byte_swap_32 (digest[6]); + digest[7] = byte_swap_32 (digest[7]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + u32 *digest = (u32 *) digest_buf; + + pbkdf2_sha256_t *pbkdf2_sha256 = (pbkdf2_sha256_t *) esalt_buf; + + // salt + + u8 salt_buf[44 + 1]; + + memset (salt_buf, 0, sizeof (salt_buf)); + + const size_t salt_len_enc = base64_encode (int_to_ab64, (const u8 *) pbkdf2_sha256->salt_buf, salt->salt_len, salt_buf); + + // remove padding + + for (size_t i = 0; i < salt_len_enc; i++) + { + if (salt_buf[i] == '=') + { + salt_buf[i] = '\0'; + } + } + + // digest + + u32 tmp[9]; + + tmp[0] = byte_swap_32 (digest[0]); + tmp[1] = byte_swap_32 (digest[1]); + tmp[2] = byte_swap_32 (digest[2]); + tmp[3] = byte_swap_32 (digest[3]); + tmp[4] = byte_swap_32 (digest[4]); + tmp[5] = byte_swap_32 (digest[5]); + tmp[6] = byte_swap_32 (digest[6]); + tmp[7] = byte_swap_32 (digest[7]); + tmp[8] = 0; + + u8 hash_buf[44 + 1]; + + memset (hash_buf, 0, sizeof (hash_buf)); + + const size_t hash_len_enc = base64_encode (int_to_ab64, (const u8 *) tmp, 32, hash_buf); + + // remove padding + + for (size_t i = 0; i < hash_len_enc; i++) + { + if (hash_buf[i] == '=') + { + hash_buf[i] = '\0'; + } + } + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s$%s", + SIGNATURE_NETIQ_PBKDF2_HMAC_SHA256, + salt_buf, + hash_buf); + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = module_jit_build_options; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_32070.c b/src/modules/module_32070.c new file mode 100644 index 000000000..391f993c4 --- /dev/null +++ b/src/modules/module_32070.c @@ -0,0 +1,310 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_8_16; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "NetIQ SSPR (PBKDF2WithHmacSHA512)"; +static const u64 KERN_TYPE = 7100; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_USES_BITS_64 + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$pbkdf2-hmac-sha512$100000.0211258841559010919749469547425215185689838310218571790549787198.1659e40e64daf84d635a5f1ed2f5708f6735233bed471994bdc0307b3c5f77597f79bdcdd088d1e79357b383809ddfd84379006b49e14f4ff45c449071478777"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct pbkdf2_sha512_tmp +{ + u64 ipad[8]; + u64 opad[8]; + + u64 dgst[16]; + u64 out[16]; + +} pbkdf2_sha512_tmp_t; + +typedef struct pbkdf2_sha512 +{ + u32 salt_buf[64]; + +} pbkdf2_sha512_t; + +static const char *SIGNATURE_NETIQ_PBKDF2_HMAC_SHA512 = "$pbkdf2-hmac-sha512$100000."; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (pbkdf2_sha512_t); + + return esalt_size; +} + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (pbkdf2_sha512_tmp_t); + + return tmp_size; +} + +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + // this overrides the reductions of PW_MAX in case optimized kernel is selected + // IOW, even in optimized kernel mode it support length 256 + + const u32 pw_max = PW_MAX; + + return pw_max; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 64; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 64; + + return salt_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u64 *digest = (u64 *) digest_buf; + + pbkdf2_sha512_t *pbkdf2_sha512 = (pbkdf2_sha512_t *) esalt_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_NETIQ_PBKDF2_HMAC_SHA512; + + token.len[0] = strlen (SIGNATURE_NETIQ_PBKDF2_HMAC_SHA512); + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '.'; + token.len[1] = 64; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH; + + if (hashconfig->opts_type & OPTS_TYPE_ST_HEX) + { + token.attr[1] |= TOKEN_ATTR_VERIFY_HEX; + } + + token.sep[2] = '.'; + token.len[2] = 128; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // iter + + salt->salt_iter = 100000 - 1; + + // salt + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + u8 *salt_ptr = (u8 *) pbkdf2_sha512->salt_buf; + + salt->salt_len = hex_decode (salt_pos, salt_len, salt_ptr); + + salt->salt_buf[0] = pbkdf2_sha512->salt_buf[0]; + salt->salt_buf[1] = pbkdf2_sha512->salt_buf[1]; + salt->salt_buf[2] = pbkdf2_sha512->salt_buf[2]; + salt->salt_buf[3] = pbkdf2_sha512->salt_buf[3]; + salt->salt_buf[4] = salt->salt_iter; + + // hash + + const u8 *hash_pos = token.buf[2]; + + digest[0] = hex_to_u64 (hash_pos + 0); + digest[1] = hex_to_u64 (hash_pos + 16); + digest[2] = hex_to_u64 (hash_pos + 32); + digest[3] = hex_to_u64 (hash_pos + 48); + digest[4] = hex_to_u64 (hash_pos + 64); + digest[5] = hex_to_u64 (hash_pos + 80); + digest[6] = hex_to_u64 (hash_pos + 96); + digest[7] = hex_to_u64 (hash_pos + 112); + + digest[0] = byte_swap_64 (digest[0]); + digest[1] = byte_swap_64 (digest[1]); + digest[2] = byte_swap_64 (digest[2]); + digest[3] = byte_swap_64 (digest[3]); + digest[4] = byte_swap_64 (digest[4]); + digest[5] = byte_swap_64 (digest[5]); + digest[6] = byte_swap_64 (digest[6]); + digest[7] = byte_swap_64 (digest[7]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + u64 *digest = (u64 *) digest_buf; + + pbkdf2_sha512_t *pbkdf2_sha512 = (pbkdf2_sha512_t *) esalt_buf; + + // salt + + u8 salt_buf[64 + 1]; + + memset (salt_buf, 0, sizeof (salt_buf)); + + hex_encode ((u8 *) pbkdf2_sha512->salt_buf, salt->salt_len, salt_buf); + + // digest + + u64 tmp[8]; + + tmp[0] = byte_swap_64 (digest[0]); + tmp[1] = byte_swap_64 (digest[1]); + tmp[2] = byte_swap_64 (digest[2]); + tmp[3] = byte_swap_64 (digest[3]); + tmp[4] = byte_swap_64 (digest[4]); + tmp[5] = byte_swap_64 (digest[5]); + tmp[6] = byte_swap_64 (digest[6]); + tmp[7] = byte_swap_64 (digest[7]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = snprintf ((char *) out_buf, line_size, "%s%s.", + SIGNATURE_NETIQ_PBKDF2_HMAC_SHA512, + salt_buf); + + out_buf += out_len; + + u64_to_hex (tmp[0], out_buf + 0); + u64_to_hex (tmp[1], out_buf + 16); + u64_to_hex (tmp[2], out_buf + 32); + u64_to_hex (tmp[3], out_buf + 48); + u64_to_hex (tmp[4], out_buf + 64); + u64_to_hex (tmp[5], out_buf + 80); + u64_to_hex (tmp[6], out_buf + 96); + u64_to_hex (tmp[7], out_buf + 112); + + out_len += 128; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m32000.pm b/tools/test_modules/m32000.pm new file mode 100644 index 000000000..44f016466 --- /dev/null +++ b/tools/test_modules/m32000.pm @@ -0,0 +1,71 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::MD5; + +sub module_constraints { [[0, 256], [-1, -1], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $md5 = Digest::MD5->new; + + $md5->add ($word); + + for (my $i = 1; $i < 100000; $i++) + { + my $tmp = $md5->digest; + + $md5->reset; + + $md5->add ($tmp); + } + + my $digest = $md5->digest; + + my $hash = sprintf ('$sspr$0$100000$NONE$%s', unpack ("H*", $digest)); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 20) eq '$sspr$0$100000$NONE$'; + + my (undef, $signature, $version, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $version; + return unless defined $iter; + return unless defined $salt; + + return unless $version == 0; + return unless $iter == 100000; + return unless $salt eq "NONE"; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32010.pm b/tools/test_modules/m32010.pm new file mode 100644 index 000000000..5c472658c --- /dev/null +++ b/tools/test_modules/m32010.pm @@ -0,0 +1,71 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA1; + +sub module_constraints { [[0, 256], [-1, -1], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $sha1 = Digest::SHA1->new; + + $sha1->add ($word); + + for (my $i = 1; $i < 100000; $i++) + { + my $tmp = $sha1->digest; + + $sha1->reset; + + $sha1->add ($tmp); + } + + my $digest = $sha1->digest; + + my $hash = sprintf ('$sspr$1$100000$NONE$%s', unpack ("H*", $digest)); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 20) eq '$sspr$1$100000$NONE$'; + + my (undef, $signature, $version, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $version; + return unless defined $iter; + return unless defined $salt; + + return unless $version == 1; + return unless $iter == 100000; + return unless $salt eq "NONE"; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32020.pm b/tools/test_modules/m32020.pm new file mode 100644 index 000000000..eac5a5ec1 --- /dev/null +++ b/tools/test_modules/m32020.pm @@ -0,0 +1,78 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA1; +use MIME::Base64 qw (decode_base64 encode_base64); + +sub module_constraints { [[0, 256], [24, 24], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $salt_b64 = encode_base64 ($salt, ""); + + my $sha1 = Digest::SHA1->new; + + $sha1->add ($salt_b64 . $word); + + for (my $i = 1; $i < 100000; $i++) + { + my $tmp = $sha1->digest; + + $sha1->reset; + + $sha1->add ($tmp); + } + + my $digest = $sha1->digest; + + my $hash = sprintf ('$sspr$2$100000$%s$%s', $salt_b64, unpack ("H*", $digest)); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 15) eq '$sspr$2$100000$'; + + my (undef, $signature, $version, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $version; + return unless defined $iter; + return unless defined $salt; + + return unless $version == 2; + return unless $iter == 100000; + return unless length $salt == 32; + + my $salt_b64 = decode_base64 ($salt); + + return unless length $salt_b64 == 24; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt_b64); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32030.pm b/tools/test_modules/m32030.pm new file mode 100644 index 000000000..e077f4eca --- /dev/null +++ b/tools/test_modules/m32030.pm @@ -0,0 +1,78 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA; +use MIME::Base64 qw (decode_base64 encode_base64); + +sub module_constraints { [[0, 256], [24, 24], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $salt_b64 = encode_base64 ($salt, ""); + + my $sha256 = Digest::SHA->new(256); + + $sha256->add ($salt_b64 . $word); + + for (my $i = 1; $i < 100000; $i++) + { + my $tmp = $sha256->digest; + + $sha256->reset; + + $sha256->add ($tmp); + } + + my $digest = $sha256->digest; + + my $hash = sprintf ('$sspr$3$100000$%s$%s', $salt_b64, unpack ("H*", $digest)); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 15) eq '$sspr$3$100000$'; + + my (undef, $signature, $version, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $version; + return unless defined $iter; + return unless defined $salt; + + return unless $version == 3; + return unless $iter == 100000; + return unless length $salt == 32; + + my $salt_b64 = decode_base64 ($salt); + + return unless length $salt_b64 == 24; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt_b64); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32031.pm b/tools/test_modules/m32031.pm new file mode 100644 index 000000000..e7f39fc8e --- /dev/null +++ b/tools/test_modules/m32031.pm @@ -0,0 +1,71 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA; + +sub module_constraints { [[0, 256], [16, 16], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $sha256 = Digest::SHA->new(256); + + $sha256->add ($salt . $word); + + for (my $i = 1; $i < 1000; $i++) + { + my $tmp = $sha256->digest; + + $sha256->reset; + + $sha256->add ($tmp); + } + + my $digest = $sha256->digest; + + my $hash = sprintf ('$sspr$3$1000$%s$%s', $salt, unpack ("H*", $digest)); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 13) eq '$sspr$3$1000$'; + + my (undef, $signature, $version, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $version; + return unless defined $iter; + return unless defined $salt; + + return unless $version == 3; + return unless $iter == 1000; + return unless length $salt == 16; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32040.pm b/tools/test_modules/m32040.pm new file mode 100644 index 000000000..5446fa01d --- /dev/null +++ b/tools/test_modules/m32040.pm @@ -0,0 +1,78 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA; +use MIME::Base64 qw (decode_base64 encode_base64); + +sub module_constraints { [[0, 256], [24, 24], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $salt_b64 = encode_base64 ($salt, ""); + + my $sha512 = Digest::SHA->new(512); + + $sha512->add ($salt_b64 . $word); + + for (my $i = 1; $i < 100000; $i++) + { + my $tmp = $sha512->digest; + + $sha512->reset; + + $sha512->add ($tmp); + } + + my $digest = $sha512->digest; + + my $hash = sprintf ('$sspr$4$100000$%s$%s', $salt_b64, unpack ("H*", $digest)); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 15) eq '$sspr$4$100000$'; + + my (undef, $signature, $version, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $version; + return unless defined $iter; + return unless defined $salt; + + return unless $version == 4; + return unless $iter == 100000; + return unless length $salt == 32; + + my $salt_b64 = decode_base64 ($salt); + + return unless length $salt_b64 == 24; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt_b64); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32041.pm b/tools/test_modules/m32041.pm new file mode 100644 index 000000000..380ccabf2 --- /dev/null +++ b/tools/test_modules/m32041.pm @@ -0,0 +1,71 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA; + +sub module_constraints { [[0, 256], [16, 16], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $sha512 = Digest::SHA->new(512); + + $sha512->add ($salt . $word); + + for (my $i = 1; $i < 1000; $i++) + { + my $tmp = $sha512->digest; + + $sha512->reset; + + $sha512->add ($tmp); + } + + my $digest = $sha512->digest; + + my $hash = sprintf ('$sspr$4$1000$%s$%s', $salt, unpack ("H*", $digest)); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 13) eq '$sspr$4$1000$'; + + my (undef, $signature, $version, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $version; + return unless defined $iter; + return unless defined $salt; + + return unless $version == 4; + return unless $iter == 1000; + return unless length $salt == 16; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32050.pm b/tools/test_modules/m32050.pm new file mode 100644 index 000000000..e24e5298b --- /dev/null +++ b/tools/test_modules/m32050.pm @@ -0,0 +1,65 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Crypt::PBKDF2; + +sub module_constraints { [[0, 256], [64, 64], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + $salt = pack ("H*", $salt); + + my $kdf = Crypt::PBKDF2->new + ( + hash_class => 'HMACSHA1', + iterations => 100000, + output_len => 20 + ); + + my $key = $kdf->PBKDF2_hex ($salt, $word); + + my $hash = sprintf ('$pbkdf2-hmac-sha1$100000$%s$%s', unpack ("H*", $salt), $key); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 25) eq '$pbkdf2-hmac-sha1$100000$'; + + my (undef, $signature, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $iter; + return unless defined $salt; + + return unless $iter == 100000; + return unless length $salt == 64; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32060.pm b/tools/test_modules/m32060.pm new file mode 100644 index 000000000..09f55a781 --- /dev/null +++ b/tools/test_modules/m32060.pm @@ -0,0 +1,80 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Crypt::PBKDF2; +use MIME::Base64 qw (encode_base64 decode_base64); + +sub module_constraints { [[0, 256], [32, 32], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $pbkdf2 = Crypt::PBKDF2->new + ( + hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256), + iterations => 100000, + ); + + my $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt, $word), ""); + + my $salt_buf = encode_base64 ($salt, ""); + + # replace + with . + $hash_buf =~ s/\+/\./g; + $salt_buf =~ s/\+/\./g; + + # remove padding = + $hash_buf =~ s/\=+$//; + $salt_buf =~ s/\=+$//; + + my $hash = sprintf ('$pbkdf2-sha256$100000$%s$%s', $salt_buf, $hash_buf); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 22) eq '$pbkdf2-sha256$100000$'; + + my (undef, $signature, $iter, $salt) = split '\$', $hash; + + return unless defined $signature; + return unless defined $iter; + return unless defined $salt; + + return unless $iter == 100000; + return unless length $salt == 43; + + $salt =~ s/\./\+/g; + $salt .= '=='; + + my $salt_b64 = decode_base64 ($salt); + + return unless length $salt_b64 == 32; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt_b64); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m32070.pm b/tools/test_modules/m32070.pm new file mode 100644 index 000000000..83083f295 --- /dev/null +++ b/tools/test_modules/m32070.pm @@ -0,0 +1,68 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Crypt::PBKDF2; + +sub module_constraints { [[0, 256], [64, 64], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + $salt = pack ("H*", $salt); + + my $kdf = Crypt::PBKDF2->new + ( + hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512), + iterations => 100000, + ); + + my $key = $kdf->PBKDF2_hex ($salt, $word); + + my $hash = sprintf ('$pbkdf2-hmac-sha512$100000.%s.%s', unpack ("H*", $salt), $key); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return unless $idx >= 0; + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return unless substr ($hash, 0, 27) eq '$pbkdf2-hmac-sha512$100000.'; + + my (undef, $signature, $tmp) = split '\$', $hash; + + return unless defined $signature; + return unless defined $tmp; + + my ($iter, $salt) = split '\.', $tmp; + + return unless defined $iter; + return unless defined $salt; + + return unless $iter == 100000; + return unless length $salt == 64; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; From 2dd820a084f6bf6f17f9b0c01badd085970cacf8 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Tue, 16 May 2023 21:19:46 +0200 Subject: [PATCH 04/32] Makefile: prevent make failure with Apple Silicon in case of partial rebuild --- docs/changes.txt | 1 + src/Makefile | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/docs/changes.txt b/docs/changes.txt index 17d4bf2a3..707a631f3 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -93,6 +93,7 @@ - User Options: added --metal-compiler-runtime option - Hardware Monitor: avoid sprintf in src/ext_iokit.c - Help: show supported hash-modes only with -hh +- Makefile: prevent make failure with Apple Silicon in case of partial rebuild * changes v6.2.5 -> v6.2.6 diff --git a/src/Makefile b/src/Makefile index 04c1f7a0b..1e60bfdc7 100644 --- a/src/Makefile +++ b/src/Makefile @@ -646,6 +646,11 @@ endif endif obj/combined.NATIVE.a: $(NATIVE_OBJS) +ifeq ($(UNAME),Darwin) +ifeq ($(IS_APPLE_SILICON),1) + $(RM) -f obj/combined.NATIVE.a +endif +endif $(AR) rcs $@ $^ ifeq ($(UNAME),Darwin) From b865c55ab4af7f938895c4546fb82c7bbee44303 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Tue, 16 May 2023 21:40:44 +0200 Subject: [PATCH 05/32] Unit Test: removes salt constraints if no salt is used --- tools/test_modules/m00070.pm | 2 +- tools/test_modules/m00170.pm | 2 +- tools/test_modules/m01470.pm | 2 +- tools/test_modules/m01770.pm | 2 +- tools/test_modules/m10870.pm | 2 +- tools/test_modules/m11700.pm | 2 +- tools/test_modules/m24800.pm | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tools/test_modules/m00070.pm b/tools/test_modules/m00070.pm index 9cb545327..7edcbe1ee 100644 --- a/tools/test_modules/m00070.pm +++ b/tools/test_modules/m00070.pm @@ -11,7 +11,7 @@ use warnings; use Digest::MD5 qw (md5_hex); use Encode; -sub module_constraints { [[0, 256], [0, 256], [0, 27], [0, 27], [0, 27]] } +sub module_constraints { [[0, 256], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m00170.pm b/tools/test_modules/m00170.pm index da8fb866f..45b6eaa10 100644 --- a/tools/test_modules/m00170.pm +++ b/tools/test_modules/m00170.pm @@ -11,7 +11,7 @@ use warnings; use Digest::SHA1 qw (sha1_hex); use Encode; -sub module_constraints { [[0, 256], [0, 256], [0, 27], [0, 27], [0, 27]] } +sub module_constraints { [[0, 256], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m01470.pm b/tools/test_modules/m01470.pm index 4d7c6182c..1e1469309 100644 --- a/tools/test_modules/m01470.pm +++ b/tools/test_modules/m01470.pm @@ -11,7 +11,7 @@ use warnings; use Digest::SHA qw (sha256_hex); use Encode; -sub module_constraints { [[0, 256], [0, 256], [0, 27], [0, 27], [0, 27]] } +sub module_constraints { [[0, 256], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m01770.pm b/tools/test_modules/m01770.pm index b50644b97..6b9c63de7 100644 --- a/tools/test_modules/m01770.pm +++ b/tools/test_modules/m01770.pm @@ -11,7 +11,7 @@ use warnings; use Digest::SHA qw (sha512_hex); use Encode; -sub module_constraints { [[0, 256], [0, 256], [0, 27], [0, 27], [0, 27]] } +sub module_constraints { [[0, 256], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m10870.pm b/tools/test_modules/m10870.pm index 9aaf01efe..53c074c5b 100644 --- a/tools/test_modules/m10870.pm +++ b/tools/test_modules/m10870.pm @@ -11,7 +11,7 @@ use warnings; use Digest::SHA qw (sha384_hex); use Encode; -sub module_constraints { [[0, 256], [0, 256], [0, 27], [0, 27], [0, 27]] } +sub module_constraints { [[0, 256], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m11700.pm b/tools/test_modules/m11700.pm index 8a0c250f6..0b3b19e3e 100644 --- a/tools/test_modules/m11700.pm +++ b/tools/test_modules/m11700.pm @@ -8,7 +8,7 @@ use strict; use warnings; -sub module_constraints { [[0, 256], [0, 256], [0, 55], [0, 55], [-1, -1]] } +sub module_constraints { [[0, 256], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m24800.pm b/tools/test_modules/m24800.pm index 00de6fced..e00bf9b83 100644 --- a/tools/test_modules/m24800.pm +++ b/tools/test_modules/m24800.pm @@ -13,7 +13,7 @@ use Digest::HMAC qw (hmac); use Encode qw (encode); use MIME::Base64 qw (encode_base64); -sub module_constraints { [[0, 256], [0, 256], [0, 27], [0, 27], [0, 27]] } +sub module_constraints { [[0, 256], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } sub module_generate_hash { From 7ab1110907d7a6bd0228bf7fe4e26af988af0446 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sat, 20 May 2023 03:54:06 +0200 Subject: [PATCH 06/32] Fixed build failure for almost all hash modes that make use of hc_swap64 and/or hc_swap64_S with Apple Metal --- OpenCL/inc_common.cl | 22 ++++++++++++++++++++++ docs/changes.txt | 1 + 2 files changed, 23 insertions(+) diff --git a/OpenCL/inc_common.cl b/OpenCL/inc_common.cl index 0de9924ef..8f1eab60a 100644 --- a/OpenCL/inc_common.cl +++ b/OpenCL/inc_common.cl @@ -1317,6 +1317,16 @@ DECLSPEC u64x hc_swap64 (const u64x v) asm volatile ("mov.b64 %0, {%1, %2};" : "=l"(r.sf) : "r"(tr.sf), "r"(tl.sf)); #endif + #elif defined IS_METAL + + const u32x a0 = h32_from_64 (v); + const u32x a1 = l32_from_64 (v); + + u32x t0 = hc_swap32 (a0); + u32x t1 = hc_swap32 (a1); + + r = hl32_to_64 (t1, t0); + #else #if defined USE_BITSELECT && defined USE_ROTATE @@ -1380,7 +1390,19 @@ DECLSPEC u64 hc_swap64_S (const u64 v) asm volatile ("prmt.b32 %0, %1, 0, 0x0123;" : "=r"(tr) : "r"(ir)); asm volatile ("mov.b64 %0, {%1, %2};" : "=l"(r) : "r"(tr), "r"(tl)); + + #elif defined IS_METAL + + const u32 v0 = h32_from_64_S (v); + const u32 v1 = l32_from_64_S (v); + + u32 t0 = hc_swap32_S (v0); + u32 t1 = hc_swap32_S (v1); + + r = hl32_to_64_S (t1, t0); + #else + #ifdef USE_SWIZZLE r = as_ulong (as_uchar8 (v).s76543210); #else diff --git a/docs/changes.txt b/docs/changes.txt index 9dbe1a5f1..3b9890c83 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -65,6 +65,7 @@ - Fixed build failed for 31700 with Apple Metal - Fixed build failed for 31300 with vector width > 1 - Fixed build failed for 31000/Blake2s with vector width > 1 +- Fixed build failure for almost all hash modes that make use of hc_swap64 and/or hc_swap64_S with Apple Metal - Fixed display problem of the "Optimizers applied" list for algorithms using OPTI_TYPE_SLOW_HASH_SIMD_INIT2 and/or OPTI_TYPE_SLOW_HASH_SIMD_LOOP2 - Fixed incompatible pointer types (salt1 and salt2 buf) in 31700 a3 kernel - Fixed incompatible pointer types (salt1 and salt2 buf) in 3730 a3 kernel From d4a58b5fe538e21c003a9f768a12a7a29b1c377d Mon Sep 17 00:00:00 2001 From: Flagg <97263107+Flaggx1@users.noreply.github.com> Date: Fri, 19 May 2023 23:44:32 -0400 Subject: [PATCH 07/32] Fix get_random_num function to be inclusive of max parameter The get_random_num function does not currently include the max parameter. This causes issues such as the tilde character not being generated with random rule generation. This makes the max parameter value inclusive. --- src/shared.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/shared.c b/src/shared.c index ddfc35848..e301523da 100644 --- a/src/shared.c +++ b/src/shared.c @@ -622,11 +622,11 @@ u32 get_random_num (const u32 min, const u32 max) #if defined (_WIN) - return (((u32) rand () % (max - min)) + min); + return (((u32) rand () % (max - min + 1)) + min); #else - return (((u32) random () % (max - min)) + min); + return (((u32) random () % (max - min + 1)) + min); #endif } From 44d58f9a450a7bca44ce6b1e86e2521b25c0c8eb Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sat, 20 May 2023 14:02:25 +0200 Subject: [PATCH 08/32] Fixed build failed for 13772 and 13773 with Apple Metal --- OpenCL/m13772-pure.cl | 140 +++++++++++++++++++++----------- OpenCL/m13773-pure.cl | 184 +++++++++++++++++++++++++++++++----------- docs/changes.txt | 1 + 3 files changed, 229 insertions(+), 96 deletions(-) diff --git a/OpenCL/m13772-pure.cl b/OpenCL/m13772-pure.cl index f1fce4e9a..c4b870208 100644 --- a/OpenCL/m13772-pure.cl +++ b/OpenCL/m13772-pure.cl @@ -357,54 +357,98 @@ KERNEL_FQ void m13772_init (KERN_ATTR_TMPS_ESALT (vc64_sbog_tmp_t, vc_t)) streebog512_hmac_update_global_swap (&streebog512_hmac_ctx, salt_bufs[SALT_POS_HOST].salt_buf, 64); - for (u32 i = 0, j = 1; i < 16; i += 8, j += 1) - { - streebog512_hmac_ctx_t streebog512_hmac_ctx2 = streebog512_hmac_ctx; - - u32 w0[4]; - u32 w1[4]; - u32 w2[4]; - u32 w3[4]; - - w0[0] = j; - w0[1] = 0; - w0[2] = 0; - w0[3] = 0; - w1[0] = 0; - w1[1] = 0; - w1[2] = 0; - w1[3] = 0; - w2[0] = 0; - w2[1] = 0; - w2[2] = 0; - w2[3] = 0; - w3[0] = 0; - w3[1] = 0; - w3[2] = 0; - w3[3] = 0; - - streebog512_hmac_update_64 (&streebog512_hmac_ctx2, w0, w1, w2, w3, 4); - - streebog512_hmac_final (&streebog512_hmac_ctx2); - - tmps[gid].dgst[i + 0] = streebog512_hmac_ctx2.opad.h[0]; - tmps[gid].dgst[i + 1] = streebog512_hmac_ctx2.opad.h[1]; - tmps[gid].dgst[i + 2] = streebog512_hmac_ctx2.opad.h[2]; - tmps[gid].dgst[i + 3] = streebog512_hmac_ctx2.opad.h[3]; - tmps[gid].dgst[i + 4] = streebog512_hmac_ctx2.opad.h[4]; - tmps[gid].dgst[i + 5] = streebog512_hmac_ctx2.opad.h[5]; - tmps[gid].dgst[i + 6] = streebog512_hmac_ctx2.opad.h[6]; - tmps[gid].dgst[i + 7] = streebog512_hmac_ctx2.opad.h[7]; - - tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; - tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; - tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; - tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; - tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; - tmps[gid].out[i + 5] = tmps[gid].dgst[i + 5]; - tmps[gid].out[i + 6] = tmps[gid].dgst[i + 6]; - tmps[gid].out[i + 7] = tmps[gid].dgst[i + 7]; - } + u32 i = 0; + u32 j = 1; + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + streebog512_hmac_ctx_t streebog512_hmac_ctx_v1 = streebog512_hmac_ctx; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + streebog512_hmac_update_64 (&streebog512_hmac_ctx_v1, w0, w1, w2, w3, 4); + + streebog512_hmac_final (&streebog512_hmac_ctx_v1); + + tmps[gid].dgst[i + 0] = streebog512_hmac_ctx_v1.opad.h[0]; + tmps[gid].dgst[i + 1] = streebog512_hmac_ctx_v1.opad.h[1]; + tmps[gid].dgst[i + 2] = streebog512_hmac_ctx_v1.opad.h[2]; + tmps[gid].dgst[i + 3] = streebog512_hmac_ctx_v1.opad.h[3]; + tmps[gid].dgst[i + 4] = streebog512_hmac_ctx_v1.opad.h[4]; + tmps[gid].dgst[i + 5] = streebog512_hmac_ctx_v1.opad.h[5]; + tmps[gid].dgst[i + 6] = streebog512_hmac_ctx_v1.opad.h[6]; + tmps[gid].dgst[i + 7] = streebog512_hmac_ctx_v1.opad.h[7]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + tmps[gid].out[i + 5] = tmps[gid].dgst[i + 5]; + tmps[gid].out[i + 6] = tmps[gid].dgst[i + 6]; + tmps[gid].out[i + 7] = tmps[gid].dgst[i + 7]; + + i=8; + j=2; + + streebog512_hmac_ctx_t streebog512_hmac_ctx_v2 = streebog512_hmac_ctx; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + streebog512_hmac_update_64 (&streebog512_hmac_ctx_v2, w0, w1, w2, w3, 4); + + streebog512_hmac_final (&streebog512_hmac_ctx_v2); + + tmps[gid].dgst[i + 0] = streebog512_hmac_ctx_v2.opad.h[0]; + tmps[gid].dgst[i + 1] = streebog512_hmac_ctx_v2.opad.h[1]; + tmps[gid].dgst[i + 2] = streebog512_hmac_ctx_v2.opad.h[2]; + tmps[gid].dgst[i + 3] = streebog512_hmac_ctx_v2.opad.h[3]; + tmps[gid].dgst[i + 4] = streebog512_hmac_ctx_v2.opad.h[4]; + tmps[gid].dgst[i + 5] = streebog512_hmac_ctx_v2.opad.h[5]; + tmps[gid].dgst[i + 6] = streebog512_hmac_ctx_v2.opad.h[6]; + tmps[gid].dgst[i + 7] = streebog512_hmac_ctx_v2.opad.h[7]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + tmps[gid].out[i + 5] = tmps[gid].dgst[i + 5]; + tmps[gid].out[i + 6] = tmps[gid].dgst[i + 6]; + tmps[gid].out[i + 7] = tmps[gid].dgst[i + 7]; } KERNEL_FQ void m13772_loop (KERN_ATTR_TMPS_ESALT (vc64_sbog_tmp_t, vc_t)) diff --git a/OpenCL/m13773-pure.cl b/OpenCL/m13773-pure.cl index 3551d5560..55f14890c 100644 --- a/OpenCL/m13773-pure.cl +++ b/OpenCL/m13773-pure.cl @@ -422,54 +422,142 @@ KERNEL_FQ void m13773_init (KERN_ATTR_TMPS_ESALT (vc64_sbog_tmp_t, vc_t)) streebog512_hmac_update_global_swap (&streebog512_hmac_ctx, salt_bufs[SALT_POS_HOST].salt_buf, 64); - for (u32 i = 0, j = 1; i < 24; i += 8, j += 1) - { - streebog512_hmac_ctx_t streebog512_hmac_ctx2 = streebog512_hmac_ctx; - - u32 w0[4]; - u32 w1[4]; - u32 w2[4]; - u32 w3[4]; - - w0[0] = j; - w0[1] = 0; - w0[2] = 0; - w0[3] = 0; - w1[0] = 0; - w1[1] = 0; - w1[2] = 0; - w1[3] = 0; - w2[0] = 0; - w2[1] = 0; - w2[2] = 0; - w2[3] = 0; - w3[0] = 0; - w3[1] = 0; - w3[2] = 0; - w3[3] = 0; - - streebog512_hmac_update_64 (&streebog512_hmac_ctx2, w0, w1, w2, w3, 4); - - streebog512_hmac_final (&streebog512_hmac_ctx2); - - tmps[gid].dgst[i + 0] = streebog512_hmac_ctx2.opad.h[0]; - tmps[gid].dgst[i + 1] = streebog512_hmac_ctx2.opad.h[1]; - tmps[gid].dgst[i + 2] = streebog512_hmac_ctx2.opad.h[2]; - tmps[gid].dgst[i + 3] = streebog512_hmac_ctx2.opad.h[3]; - tmps[gid].dgst[i + 4] = streebog512_hmac_ctx2.opad.h[4]; - tmps[gid].dgst[i + 5] = streebog512_hmac_ctx2.opad.h[5]; - tmps[gid].dgst[i + 6] = streebog512_hmac_ctx2.opad.h[6]; - tmps[gid].dgst[i + 7] = streebog512_hmac_ctx2.opad.h[7]; - - tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; - tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; - tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; - tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; - tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; - tmps[gid].out[i + 5] = tmps[gid].dgst[i + 5]; - tmps[gid].out[i + 6] = tmps[gid].dgst[i + 6]; - tmps[gid].out[i + 7] = tmps[gid].dgst[i + 7]; - } + u32 i = 0; + u32 j = 1; + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + streebog512_hmac_ctx_t streebog512_hmac_ctx_v1 = streebog512_hmac_ctx; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + streebog512_hmac_update_64 (&streebog512_hmac_ctx_v1, w0, w1, w2, w3, 4); + + streebog512_hmac_final (&streebog512_hmac_ctx_v1); + + tmps[gid].dgst[i + 0] = streebog512_hmac_ctx_v1.opad.h[0]; + tmps[gid].dgst[i + 1] = streebog512_hmac_ctx_v1.opad.h[1]; + tmps[gid].dgst[i + 2] = streebog512_hmac_ctx_v1.opad.h[2]; + tmps[gid].dgst[i + 3] = streebog512_hmac_ctx_v1.opad.h[3]; + tmps[gid].dgst[i + 4] = streebog512_hmac_ctx_v1.opad.h[4]; + tmps[gid].dgst[i + 5] = streebog512_hmac_ctx_v1.opad.h[5]; + tmps[gid].dgst[i + 6] = streebog512_hmac_ctx_v1.opad.h[6]; + tmps[gid].dgst[i + 7] = streebog512_hmac_ctx_v1.opad.h[7]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + tmps[gid].out[i + 5] = tmps[gid].dgst[i + 5]; + tmps[gid].out[i + 6] = tmps[gid].dgst[i + 6]; + tmps[gid].out[i + 7] = tmps[gid].dgst[i + 7]; + + i = 8; + j = 2; + + streebog512_hmac_ctx_t streebog512_hmac_ctx_v2 = streebog512_hmac_ctx; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + streebog512_hmac_update_64 (&streebog512_hmac_ctx_v2, w0, w1, w2, w3, 4); + + streebog512_hmac_final (&streebog512_hmac_ctx_v2); + + tmps[gid].dgst[i + 0] = streebog512_hmac_ctx_v2.opad.h[0]; + tmps[gid].dgst[i + 1] = streebog512_hmac_ctx_v2.opad.h[1]; + tmps[gid].dgst[i + 2] = streebog512_hmac_ctx_v2.opad.h[2]; + tmps[gid].dgst[i + 3] = streebog512_hmac_ctx_v2.opad.h[3]; + tmps[gid].dgst[i + 4] = streebog512_hmac_ctx_v2.opad.h[4]; + tmps[gid].dgst[i + 5] = streebog512_hmac_ctx_v2.opad.h[5]; + tmps[gid].dgst[i + 6] = streebog512_hmac_ctx_v2.opad.h[6]; + tmps[gid].dgst[i + 7] = streebog512_hmac_ctx_v2.opad.h[7]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + tmps[gid].out[i + 5] = tmps[gid].dgst[i + 5]; + tmps[gid].out[i + 6] = tmps[gid].dgst[i + 6]; + tmps[gid].out[i + 7] = tmps[gid].dgst[i + 7]; + + i = 16; + j = 3; + + streebog512_hmac_ctx_t streebog512_hmac_ctx_v3 = streebog512_hmac_ctx; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + streebog512_hmac_update_64 (&streebog512_hmac_ctx_v3, w0, w1, w2, w3, 4); + + streebog512_hmac_final (&streebog512_hmac_ctx_v3); + + tmps[gid].dgst[i + 0] = streebog512_hmac_ctx_v3.opad.h[0]; + tmps[gid].dgst[i + 1] = streebog512_hmac_ctx_v3.opad.h[1]; + tmps[gid].dgst[i + 2] = streebog512_hmac_ctx_v3.opad.h[2]; + tmps[gid].dgst[i + 3] = streebog512_hmac_ctx_v3.opad.h[3]; + tmps[gid].dgst[i + 4] = streebog512_hmac_ctx_v3.opad.h[4]; + tmps[gid].dgst[i + 5] = streebog512_hmac_ctx_v3.opad.h[5]; + tmps[gid].dgst[i + 6] = streebog512_hmac_ctx_v3.opad.h[6]; + tmps[gid].dgst[i + 7] = streebog512_hmac_ctx_v3.opad.h[7]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + tmps[gid].out[i + 5] = tmps[gid].dgst[i + 5]; + tmps[gid].out[i + 6] = tmps[gid].dgst[i + 6]; + tmps[gid].out[i + 7] = tmps[gid].dgst[i + 7]; } KERNEL_FQ void m13773_loop (KERN_ATTR_TMPS_ESALT (vc64_sbog_tmp_t, vc_t)) diff --git a/docs/changes.txt b/docs/changes.txt index 9dbe1a5f1..e96a0836b 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -60,6 +60,7 @@ - Fixed bug in input_tokenizer when TOKEN_ATTR_FIXED_LENGTH is used and refactor modules - Added verification of token buffer length when using TOKEN_ATTR_FIXED_LENGTH - Fixed build failed for 4410 with vector width > 1 +- Fixed build failed for 13772 and 13773 with Apple Metal - Fixed build failed for 18400 with Apple Metal - Fixed build failed for 18600 with Apple Metal - Fixed build failed for 31700 with Apple Metal From 54205412a6447e50d6a87f2ac97e74757cf64558 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sat, 20 May 2023 17:15:17 +0200 Subject: [PATCH 09/32] Fixed build failed for 10700 optimized with Apple Metal --- docs/changes.txt | 1 + src/modules/module_10700.c | 12 ++++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 9dbe1a5f1..b2e69428a 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -60,6 +60,7 @@ - Fixed bug in input_tokenizer when TOKEN_ATTR_FIXED_LENGTH is used and refactor modules - Added verification of token buffer length when using TOKEN_ATTR_FIXED_LENGTH - Fixed build failed for 4410 with vector width > 1 +- Fixed build failed for 10700 optimized with Apple Metal - Fixed build failed for 18400 with Apple Metal - Fixed build failed for 18600 with Apple Metal - Fixed build failed for 31700 with Apple Metal diff --git a/src/modules/module_10700.c b/src/modules/module_10700.c index e8a8edce2..9b6fa97a3 100644 --- a/src/modules/module_10700.c +++ b/src/modules/module_10700.c @@ -84,10 +84,13 @@ static const int ROUNDS_PDF17L8 = 64; bool module_unstable_warning (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hc_device_param_t *device_param) { - // AppleM1, OpenCL, MTLCompilerService, createKernel: newComputePipelineState failed (or never-end with pure kernel) + // AppleM1, OpenCL, MTLCompilerService, createKernel never-end with pure kernel if ((device_param->opencl_platform_vendor_id == VENDOR_ID_APPLE) && (device_param->opencl_device_type & CL_DEVICE_TYPE_GPU)) { - return true; + if ((hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL) == 0) + { + return true; + } } return false; @@ -132,6 +135,11 @@ char *module_jit_build_options (MAYBE_UNUSED const hashconfig_t *hashconfig, MAY { char *jit_build_options = NULL; + if (device_param->is_metal == true) + { + hc_asprintf (&jit_build_options, "-D FORCE_DISABLE_SHM"); + } + if ((device_param->opencl_device_vendor_id == VENDOR_ID_AMD) && (device_param->has_vperm == false)) { // this is a workaround to avoid a Segmentation fault and self-test fails on AMD GPU PRO From 5ceb8c7688692d5a0ddc0179c00107cb794022b0 Mon Sep 17 00:00:00 2001 From: jsteube Date: Sun, 21 May 2023 11:07:33 +0000 Subject: [PATCH 10/32] Add SCRYPT 16k:8:1 tunings for 4090 --- tunings/Module_08900.hctune | 1 + tunings/Module_15700.hctune | 1 + tunings/Module_22700.hctune | 1 + tunings/Module_27700.hctune | 1 + tunings/Module_28200.hctune | 1 + 5 files changed, 5 insertions(+) diff --git a/tunings/Module_08900.hctune b/tunings/Module_08900.hctune index e9ed6e64d..8aabacba9 100644 --- a/tunings/Module_08900.hctune +++ b/tunings/Module_08900.hctune @@ -29,6 +29,7 @@ GeForce_RTX_3060_Ti * 8900 1 51 GeForce_RTX_3070 * 8900 1 46 A GeForce_RTX_3090 * 8900 1 82 A GeForce_RTX_3090_Ti * 8900 1 84 A +GeForce_RTX_4090 * 8900 1 180 A NVS_510 * 8900 1 12 A ALIAS_AMD_RX480 * 8900 1 15 A ALIAS_AMD_Vega64 * 8900 1 30 A diff --git a/tunings/Module_15700.hctune b/tunings/Module_15700.hctune index fca474826..2e99098ee 100644 --- a/tunings/Module_15700.hctune +++ b/tunings/Module_15700.hctune @@ -29,6 +29,7 @@ GeForce_RTX_3060_Ti * 15700 1 11 GeForce_RTX_3070 * 15700 1 22 A GeForce_RTX_3090 * 15700 1 82 A GeForce_RTX_3090_Ti * 15700 1 84 A +GeForce_RTX_4090 * 15700 1 180 A ALIAS_AMD_RX480 * 15700 1 58 A ALIAS_AMD_Vega64 * 15700 1 53 A ALIAS_AMD_MI100 * 15700 1 120 A diff --git a/tunings/Module_22700.hctune b/tunings/Module_22700.hctune index 1b9b35414..2409eefff 100644 --- a/tunings/Module_22700.hctune +++ b/tunings/Module_22700.hctune @@ -29,6 +29,7 @@ GeForce_RTX_3060_Ti * 22700 1 51 GeForce_RTX_3070 * 22700 1 46 A GeForce_RTX_3090 * 22700 1 82 A GeForce_RTX_3090_Ti * 22700 1 84 A +GeForce_RTX_4090 * 22700 1 180 A NVS_510 * 22700 1 12 A ALIAS_AMD_RX480 * 22700 1 15 A ALIAS_AMD_Vega64 * 22700 1 30 A diff --git a/tunings/Module_27700.hctune b/tunings/Module_27700.hctune index d94f61094..4121ae1a4 100644 --- a/tunings/Module_27700.hctune +++ b/tunings/Module_27700.hctune @@ -29,6 +29,7 @@ GeForce_RTX_3060_Ti * 27700 1 51 GeForce_RTX_3070 * 27700 1 46 A GeForce_RTX_3090 * 27700 1 82 A GeForce_RTX_3090_Ti * 27700 1 84 A +GeForce_RTX_4090 * 27700 1 180 A NVS_510 * 27700 1 12 A ALIAS_AMD_RX480 * 27700 1 15 A ALIAS_AMD_Vega64 * 27700 1 30 A diff --git a/tunings/Module_28200.hctune b/tunings/Module_28200.hctune index 98b4c27e6..a01f9a24d 100644 --- a/tunings/Module_28200.hctune +++ b/tunings/Module_28200.hctune @@ -29,6 +29,7 @@ GeForce_RTX_3060_Ti * 28200 1 51 GeForce_RTX_3070 * 28200 1 46 A GeForce_RTX_3090 * 28200 1 82 A GeForce_RTX_3090_Ti * 28200 1 84 A +GeForce_RTX_4090 * 28200 1 180 A NVS_510 * 28200 1 12 A ALIAS_AMD_RX480 * 28200 1 15 A ALIAS_AMD_Vega64 * 28200 1 30 A From 82f94593a03235ef04b12e5a77d40b32214605d5 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sun, 21 May 2023 22:58:09 +0200 Subject: [PATCH 11/32] Fixed maximum password length in module/test_module of hash-mode 2400 --- docs/changes.txt | 1 + src/modules/module_02400.c | 16 +++++++++++++++- tools/test_modules/m02400.pm | 2 +- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 9dbe1a5f1..14de70ca7 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -71,6 +71,7 @@ - Fixed minimum password length in module of hash-mode 28200 - Handle signed/unsigned PDF permission P value for all PDF hash-modes - Fixed minimum password length in module of hash-mode 29800 +- Fixed maximum password length in module/test_module of hash-mode 2400 - Fixed buffer overflow on module_26600.c / module_hash_encode() ## diff --git a/src/modules/module_02400.c b/src/modules/module_02400.c index 064a0986d..1856a6f1d 100644 --- a/src/modules/module_02400.c +++ b/src/modules/module_02400.c @@ -45,6 +45,20 @@ u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const bool optimized_kernel = (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL); + + u32 pw_max = PW_MAX; + + if (optimized_kernel == true) + { + pw_max = 31; + } + + return pw_max; +} + int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) { u32 *digest = (u32 *) digest_buf; @@ -217,7 +231,7 @@ void module_init (module_ctx_t *module_ctx) module_ctx->module_potfile_disable = MODULE_DEFAULT; module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; module_ctx->module_pwdump_column = MODULE_DEFAULT; - module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; module_ctx->module_pw_min = MODULE_DEFAULT; module_ctx->module_salt_max = MODULE_DEFAULT; module_ctx->module_salt_min = MODULE_DEFAULT; diff --git a/tools/test_modules/m02400.pm b/tools/test_modules/m02400.pm index 46cba1aee..c1d2c0e2c 100644 --- a/tools/test_modules/m02400.pm +++ b/tools/test_modules/m02400.pm @@ -11,7 +11,7 @@ use warnings; use Digest::MD5 qw (md5); use POSIX qw (ceil); -sub module_constraints { [[-1, -1], [-1, -1], [1, 55], [-1, -1], [-1, -1]] } +sub module_constraints { [[-1, -1], [-1, -1], [1, 31], [-1, -1], [-1, -1]] } sub pseudo_base64 { From b8ea00642eed01d5222b33ac6f77ccd146ea087f Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Mon, 22 May 2023 01:38:44 +0200 Subject: [PATCH 12/32] Fixed maximum password length in module/test_module of hash-mode 2410 --- docs/changes.txt | 1 + src/modules/module_02410.c | 41 +++++++++++++++++++++++++++++++++--- tools/test_modules/m02410.pm | 2 +- 3 files changed, 40 insertions(+), 4 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 9dbe1a5f1..32cb796bc 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -69,6 +69,7 @@ - Fixed incompatible pointer types (salt1 and salt2 buf) in 31700 a3 kernel - Fixed incompatible pointer types (salt1 and salt2 buf) in 3730 a3 kernel - Fixed minimum password length in module of hash-mode 28200 +- Fixed maximum password length in module/test_module of hash-mode 2410 - Handle signed/unsigned PDF permission P value for all PDF hash-modes - Fixed minimum password length in module of hash-mode 29800 - Fixed buffer overflow on module_26600.c / module_hash_encode() diff --git a/src/modules/module_02410.c b/src/modules/module_02410.c index a12eb50c8..e7aa402b8 100644 --- a/src/modules/module_02410.c +++ b/src/modules/module_02410.c @@ -44,6 +44,41 @@ u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const bool optimized_kernel = (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL); + + u32 pw_max = PW_MAX; + + if (optimized_kernel == true) + { + if (user_options->attack_mode == ATTACK_MODE_BF) + { + pw_max = 47; // with salt_len 1, but 44 if salt_len is 4 + } + else + { + pw_max = 31; + } + } + + return pw_max; +} + +u32 module_salt_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_min = 1; + + return salt_min; +} + +u32 module_salt_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 salt_max = 4; + + return salt_max; +} + int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) { u32 *digest = (u32 *) digest_buf; @@ -233,10 +268,10 @@ void module_init (module_ctx_t *module_ctx) module_ctx->module_potfile_disable = MODULE_DEFAULT; module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; module_ctx->module_pwdump_column = MODULE_DEFAULT; - module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; module_ctx->module_pw_min = MODULE_DEFAULT; - module_ctx->module_salt_max = MODULE_DEFAULT; - module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_max = module_salt_max; + module_ctx->module_salt_min = module_salt_min; module_ctx->module_salt_type = module_salt_type; module_ctx->module_separator = MODULE_DEFAULT; module_ctx->module_st_hash = module_st_hash; diff --git a/tools/test_modules/m02410.pm b/tools/test_modules/m02410.pm index a8808013c..4bc57c821 100644 --- a/tools/test_modules/m02410.pm +++ b/tools/test_modules/m02410.pm @@ -11,7 +11,7 @@ use warnings; use Digest::MD5 qw (md5); use POSIX qw (ceil); -sub module_constraints { [[-1, -1], [-1, -1], [0, 55], [1, 4], [-1, -1]] } +sub module_constraints { [[-1, -1], [-1, -1], [0, 47], [1, 4], [0, 48]] } sub pseudo_base64 { From 5dcc9a5d8b53ddd18c1329e27f4eb5623fb3c774 Mon Sep 17 00:00:00 2001 From: jsteube Date: Tue, 23 May 2023 12:31:54 +0000 Subject: [PATCH 13/32] Rename hash-modes 33100, 33200 to 32100, 32200 --- OpenCL/{m33100-pure.cl => m32100-pure.cl} | 10 +++++----- OpenCL/{m33200-pure.cl => m32200-pure.cl} | 12 ++++++------ docs/changes.txt | 2 ++ docs/readme.txt | 2 ++ src/modules/{module_33100.c => module_32100.c} | 2 +- src/modules/{module_33200.c => module_32200.c} | 2 +- tools/test_modules/{m33100.pm => m32100.pm} | 0 tools/test_modules/{m33200.pm => m32200.pm} | 0 8 files changed, 17 insertions(+), 13 deletions(-) rename OpenCL/{m33100-pure.cl => m32100-pure.cl} (99%) rename OpenCL/{m33200-pure.cl => m32200-pure.cl} (99%) rename src/modules/{module_33100.c => module_32100.c} (99%) rename src/modules/{module_33200.c => module_32200.c} (99%) rename tools/test_modules/{m33100.pm => m32100.pm} (100%) rename tools/test_modules/{m33200.pm => m32200.pm} (100%) diff --git a/OpenCL/m33100-pure.cl b/OpenCL/m32100-pure.cl similarity index 99% rename from OpenCL/m33100-pure.cl rename to OpenCL/m32100-pure.cl index a7869ea33..a1e9fe227 100755 --- a/OpenCL/m33100-pure.cl +++ b/OpenCL/m32100-pure.cl @@ -116,7 +116,7 @@ DECLSPEC void hmac_sha1_run_V (PRIVATE_AS u32x *w0, PRIVATE_AS u32x *w1, PRIVATE sha1_transform_vector (w0, w1, w2, w3, digest); } -KERNEL_FQ void m33100_init (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) +KERNEL_FQ void m32100_init (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) { /** * base @@ -194,7 +194,7 @@ KERNEL_FQ void m33100_init (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_ } } -KERNEL_FQ void m33100_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) +KERNEL_FQ void m32100_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) { /** * base @@ -282,7 +282,7 @@ KERNEL_FQ void m33100_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_ } } -KERNEL_FQ void m33100_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) +KERNEL_FQ void m32100_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_17_t)) { /** * base @@ -451,7 +451,7 @@ KERNEL_FQ void m33100_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_ For AS-REP EncASRepPart: The first byte is 0x79 (01 1 11001, where 01 = "class=APPLICATION", 1 = "form=constructed", 11001 is application type 25) - + According to RFC4120 Section 5.4.2: "Some implementations unconditionally send an encrypted EncTGSRepPart (application tag number 26) in this field regardless of whether the reply is a AS-REP or a TGS-REP. In the interest of compatibility, implementors MAY relax the check on the tag number of the decrypted ENC-PART" @@ -526,7 +526,7 @@ KERNEL_FQ void m33100_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_17_tmp_t, krb5asrep_ if (((decrypted_block[0] & 0x00ff80ff) == 0x00300079) || ((decrypted_block[0] & 0x00ff80ff) == 0x0030007a) || - ((decrypted_block[0] & 0xFF00FFFF) == 0x30008179) || + ((decrypted_block[0] & 0xFF00FFFF) == 0x30008179) || ((decrypted_block[0] & 0xFF00FFFF) == 0x3000817a) || ((decrypted_block[0] & 0x0000FFFF) == 0x00008279 && (decrypted_block[1] & 0x000000FF) == 0x00000030) || ((decrypted_block[0] & 0x0000FFFF) == 0x0000827a && (decrypted_block[1] & 0x000000FF) == 0x00000030)) diff --git a/OpenCL/m33200-pure.cl b/OpenCL/m32200-pure.cl similarity index 99% rename from OpenCL/m33200-pure.cl rename to OpenCL/m32200-pure.cl index 26f9840c8..9a9d999ae 100755 --- a/OpenCL/m33200-pure.cl +++ b/OpenCL/m32200-pure.cl @@ -116,7 +116,7 @@ DECLSPEC void hmac_sha1_run_V (PRIVATE_AS u32x *w0, PRIVATE_AS u32x *w1, PRIVATE sha1_transform_vector (w0, w1, w2, w3, digest); } -KERNEL_FQ void m33200_init (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) +KERNEL_FQ void m32200_init (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) { /** * base @@ -194,7 +194,7 @@ KERNEL_FQ void m33200_init (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_ } } -KERNEL_FQ void m33200_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) +KERNEL_FQ void m32200_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) { /** * base @@ -282,7 +282,7 @@ KERNEL_FQ void m33200_loop (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_ } } -KERNEL_FQ void m33200_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) +KERNEL_FQ void m32200_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_18_t)) { /** * base @@ -511,7 +511,7 @@ KERNEL_FQ void m33200_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_ For AS-REP EncASRepPart: The first byte is 0x79 (01 1 11001, where 01 = "class=APPLICATION", 1 = "form=constructed", 11001 is application type 25) - + According to RFC4120 Section 5.4.2: "Some implementations unconditionally send an encrypted EncTGSRepPart (application tag number 26) in this field regardless of whether the reply is a AS-REP or a TGS-REP. In the interest of compatibility, implementors MAY relax the check on the tag number of the decrypted ENC-PART" @@ -586,7 +586,7 @@ KERNEL_FQ void m33200_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_ if (((decrypted_block[0] & 0x00ff80ff) == 0x00300079) || ((decrypted_block[0] & 0x00ff80ff) == 0x0030007a) || - ((decrypted_block[0] & 0xFF00FFFF) == 0x30008179) || + ((decrypted_block[0] & 0xFF00FFFF) == 0x30008179) || ((decrypted_block[0] & 0xFF00FFFF) == 0x3000817a) || ((decrypted_block[0] & 0x0000FFFF) == 0x00008279 && (decrypted_block[1] & 0x000000FF) == 0x00000030) || ((decrypted_block[0] & 0x0000FFFF) == 0x0000827a && (decrypted_block[1] & 0x000000FF) == 0x00000030)) @@ -809,7 +809,7 @@ KERNEL_FQ void m33200_comp (KERN_ATTR_TMPS_ESALT (krb5asrep_18_tmp_t, krb5asrep_ block[11] = esalt_bufs[DIGESTS_OFFSET_HOST].edata2[block_position + 11]; aes256_decrypt_cbc (aes_cts_decrypt_ks, block, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4); - + w0[0] = hc_swap32_S (decrypted_block[0]); w0[1] = hc_swap32_S (decrypted_block[1]); w0[2] = hc_swap32_S (decrypted_block[2]); diff --git a/docs/changes.txt b/docs/changes.txt index 9dbe1a5f1..8bd9bf062 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -20,6 +20,8 @@ - Added hash-mode: GPG (AES-128/AES-256 (SHA-1($pass))) - Added hash-mode: GPG (AES-128/AES-256 (SHA-256($pass))) - Added hash-mode: GPG (AES-128/AES-256 (SHA-512($pass))) +- Added hash-mode: Kerberos 5, etype 17, AS-REP +- Added hash-mode: Kerberos 5, etype 18, AS-REP - Added hash-mode: MetaMask Mobile Wallet - Added hash-mode: MetaMask Wallet (short hash, plaintext check) - Added hash-mode: SecureCRT MasterPassphrase v2 diff --git a/docs/readme.txt b/docs/readme.txt index 7f2db3af1..1c2132b6f 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -193,9 +193,11 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - Kerberos 5, etype 17, TGS-REP - Kerberos 5, etype 17, Pre-Auth - Kerberos 5, etype 17, DB +- Kerberos 5, etype 17, AS-REP - Kerberos 5, etype 18, TGS-REP - Kerberos 5, etype 18, Pre-Auth - Kerberos 5, etype 18, DB +- Kerberos 5, etype 18, AS-REP - Kerberos 5, etype 23, AS-REQ Pre-Auth - Kerberos 5, etype 23, TGS-REP - Kerberos 5, etype 23, AS-REP diff --git a/src/modules/module_33100.c b/src/modules/module_32100.c similarity index 99% rename from src/modules/module_33100.c rename to src/modules/module_32100.c index e34a1a677..1b4488097 100755 --- a/src/modules/module_33100.c +++ b/src/modules/module_32100.c @@ -18,7 +18,7 @@ static const u32 DGST_POS3 = 3; static const u32 DGST_SIZE = DGST_SIZE_4_4; static const u32 HASH_CATEGORY = HASH_CATEGORY_NETWORK_PROTOCOL; static const char *HASH_NAME = "Kerberos 5, etype 17, AS-REP"; -static const u64 KERN_TYPE = 33100; +static const u64 KERN_TYPE = 32100; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE | OPTI_TYPE_NOT_ITERATED | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; diff --git a/src/modules/module_33200.c b/src/modules/module_32200.c similarity index 99% rename from src/modules/module_33200.c rename to src/modules/module_32200.c index 508565136..b081c7833 100755 --- a/src/modules/module_33200.c +++ b/src/modules/module_32200.c @@ -18,7 +18,7 @@ static const u32 DGST_POS3 = 3; static const u32 DGST_SIZE = DGST_SIZE_4_4; static const u32 HASH_CATEGORY = HASH_CATEGORY_NETWORK_PROTOCOL; static const char *HASH_NAME = "Kerberos 5, etype 18, AS-REP"; -static const u64 KERN_TYPE = 33200; +static const u64 KERN_TYPE = 32200; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE | OPTI_TYPE_NOT_ITERATED | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; diff --git a/tools/test_modules/m33100.pm b/tools/test_modules/m32100.pm similarity index 100% rename from tools/test_modules/m33100.pm rename to tools/test_modules/m32100.pm diff --git a/tools/test_modules/m33200.pm b/tools/test_modules/m32200.pm similarity index 100% rename from tools/test_modules/m33200.pm rename to tools/test_modules/m32200.pm From a536d082500a549afa24ac7931607999f06b954a Mon Sep 17 00:00:00 2001 From: PenguinKeeper7 <64717060+PenguinKeeper7@users.noreply.github.com> Date: Wed, 24 May 2023 14:11:02 +0100 Subject: [PATCH 14/32] Change Module_15700.hctune command --- tunings/Module_15700.hctune | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tunings/Module_15700.hctune b/tunings/Module_15700.hctune index 2e99098ee..dd67e5f42 100644 --- a/tunings/Module_15700.hctune +++ b/tunings/Module_15700.hctune @@ -4,7 +4,7 @@ # # 1. For example, to find the value for 15700, first create a valid hash for 15700 as follows: # -# $ ./hashcat --example-hashes -m 15700 | grep Example.Hash | grep -v Format | cut -b 25- > tmp.hash.15700 +# $ ./hashcat --example-hashes --mach -m 15700 | grep -Eo '\$ethereum\$s[*a-f0-9]{1,}' > tmp.hash.15700 # # 2. Now let it iterate through all -n values to a certain point. In this case, I'm using 200, but in general it's a value that is at least twice that of the multiprocessor. If you don't mind you can just leave it as it is, it just runs a little longer. # From 1c3ea8506c7089846544c79d1f9287c26a04c86b Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Thu, 25 May 2023 22:39:08 +0200 Subject: [PATCH 15/32] Fix file permissions for 32100/32200 --- OpenCL/m32100-pure.cl | 0 OpenCL/m32200-pure.cl | 0 src/modules/module_32100.c | 0 src/modules/module_32200.c | 0 tools/test_modules/m32100.pm | 0 tools/test_modules/m32200.pm | 0 6 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 OpenCL/m32100-pure.cl mode change 100755 => 100644 OpenCL/m32200-pure.cl mode change 100755 => 100644 src/modules/module_32100.c mode change 100755 => 100644 src/modules/module_32200.c mode change 100755 => 100644 tools/test_modules/m32100.pm mode change 100755 => 100644 tools/test_modules/m32200.pm diff --git a/OpenCL/m32100-pure.cl b/OpenCL/m32100-pure.cl old mode 100755 new mode 100644 diff --git a/OpenCL/m32200-pure.cl b/OpenCL/m32200-pure.cl old mode 100755 new mode 100644 diff --git a/src/modules/module_32100.c b/src/modules/module_32100.c old mode 100755 new mode 100644 diff --git a/src/modules/module_32200.c b/src/modules/module_32200.c old mode 100755 new mode 100644 diff --git a/tools/test_modules/m32100.pm b/tools/test_modules/m32100.pm old mode 100755 new mode 100644 diff --git a/tools/test_modules/m32200.pm b/tools/test_modules/m32200.pm old mode 100755 new mode 100644 From 7ab00af506b97f4bd2e5317615045efc3287ab68 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sun, 28 May 2023 21:21:20 +0200 Subject: [PATCH 16/32] Support building windows binaries on macOS using MinGW, updated documentation --- BUILD.md | 6 +++++- BUILD_macOS.md | 27 +++++++++++++++++++++++++++ docs/changes.txt | 2 ++ src/Makefile | 47 +++++++++++++++++++++++++++++++++++++---------- 4 files changed, 71 insertions(+), 11 deletions(-) create mode 100644 BUILD_macOS.md diff --git a/BUILD.md b/BUILD.md index 333b8ec81..b552f48bc 100644 --- a/BUILD.md +++ b/BUILD.md @@ -3,7 +3,7 @@ hashcat build documentation ### Revision ### -* 1.5 +* 1.6 ### Author ### @@ -61,6 +61,10 @@ Otherwise: - Cached kernels go to: $HOME/.cache/hashcat - Potfiles go to: $HOME/.local/share/hashcat/ +### Building hashcat for Windows (using macOS) ### + +Refer to [BUILD_macOS.md](BUILD_macOS.md) + ### Building hashcat for Windows (using Windows Subsystem for Linux) ### Refer to [BUILD_WSL.md](BUILD_WSL.md) diff --git a/BUILD_macOS.md b/BUILD_macOS.md new file mode 100644 index 000000000..67d09a6bf --- /dev/null +++ b/BUILD_macOS.md @@ -0,0 +1,27 @@ +# Compiling hashcat for Windows with macOS. + +Tested on macOS 12.6.6 M1. + +Make sure to have the HomeBrew upgraded. + +### Installation ### + +``` +brew install mingw-w64 +git clone https://github.com/hashcat/hashcat +git clone https://github.com/win-iconv/win-iconv +cd win-iconv/ +patch < ../hashcat/tools/win-iconv-64.diff +sudo make install +cd ../ +``` + +### Building ### + +You've already cloned the latest master revision of hashcat repository above, so switch to the folder and type "make win" to start compiling hashcat +``` +cd hashcat/ +make win +``` + +The process may take a while, please be patient. diff --git a/docs/changes.txt b/docs/changes.txt index f6be03171..907fa88f7 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -95,7 +95,9 @@ - Apple Driver: Updated requirements to use Apple OpenCL API to macOS 13.0 - use - Backend Checks: Describe workaround in error message when detecting more than 64 backend devices - Brain: Added sanity check and corresponding error message for invalid --brain-port values +- Building: Support building windows binaries on macOS using MinGW - Dependencies: Updated OpenCL-Headers to v2023.04.17 +- Documents: Updated BUILD.md and added BUILD_macOS.md (containing instructions for building windows binaries on macOS) - Modules: Added support for non-zero IVs for -m 6800 (Lastpass). Also added `tools/lastpass2hashcat.py` - Open Document Format: Added support for small documents with content length < 1024 - Status Code: Add specific return code for self-test fail (-11) diff --git a/src/Makefile b/src/Makefile index 1e60bfdc7..9fc12a311 100644 --- a/src/Makefile +++ b/src/Makefile @@ -407,10 +407,6 @@ EMU_OBJS_ALL += emu_inc_hash_base58 OBJS_ALL := affinity autotune backend benchmark bitmap bitops combinator common convert cpt cpu_crc32 debugfile dictstat dispatch dynloader event ext_ADL ext_cuda ext_hip ext_nvapi ext_nvml ext_nvrtc ext_hiprtc ext_OpenCL ext_sysfs_amdgpu ext_sysfs_cpu ext_iokit ext_lzma filehandling folder hashcat hashes hlfmt hwmon induct interface keyboard_layout locking logfile loopback memory monitor mpsp outfile_check outfile pidfile potfile restore rp rp_cpu selftest slow_candidates shared status stdout straight terminal thread timer tuningdb usage user_options wordlist $(EMU_OBJS_ALL) -ifeq ($(UNAME),Darwin) -OBJS_ALL += ext_metal -endif - ifeq ($(ENABLE_BRAIN),1) OBJS_ALL += brain endif @@ -419,6 +415,12 @@ NATIVE_OBJS := $(foreach OBJ,$(OBJS_ALL),obj/$(OBJ).NATIVE.o) LINUX_OBJS := $(foreach OBJ,$(OBJS_ALL),obj/$(OBJ).LINUX.o) WIN_OBJS := $(foreach OBJ,$(OBJS_ALL),obj/$(OBJ).WIN.o) +ifeq ($(UNAME),Darwin) +OBJS_METAL := ext_metal + +NATIVE_OBJS += $(foreach OBJ,$(OBJS_METAL),obj/$(OBJ).METAL.NATIVE.o) +endif + ifeq ($(USE_SYSTEM_LZMA),0) OBJS_LZMA := 7zCrc 7zCrcOpt 7zFile 7zStream Alloc Bra Bra86 BraIA64 CpuArch Delta LzmaDec Lzma2Dec Sha256 Sha256Opt Xz XzCrc64 XzCrc64Opt XzDec XzIn @@ -618,8 +620,10 @@ uninstall: obj/%.NATIVE.o: src/%.c $(CC) -c $(CCFLAGS) $(CFLAGS_NATIVE) $< -o $@ -fpic -obj/%.NATIVE.o: src/%.m +ifeq ($(UNAME),Darwin) +obj/%.METAL.NATIVE.o: src/%.m $(CC) -c $(CCFLAGS) $(CFLAGS_NATIVE) $< -o $@ -fpic +endif ifeq ($(USE_SYSTEM_LZMA),0) obj/%.LZMA.NATIVE.o: $(DEPS_LZMA_PATH)/%.c @@ -712,7 +716,7 @@ modules: $(MODULES_LIB) ## Cross Compilation (binary release version) ## -ifeq ($(UNAME),Linux) +ifneq (,$(filter $(UNAME),Linux Darwin)) ## ## Compiler paths @@ -758,10 +762,32 @@ LFLAGS_CROSS_WIN += -lws2_32 LFLAGS_CROSS_WIN += -lpowrprof LFLAGS_CROSS_WIN += -static -static-libgcc -static-libstdc++ +CFLAGS_LZMA_WIN := $(CFLAGS_LZMA) +CFLAGS_UNRAR_WIN := $(CFLAGS_UNRAR) + +ifeq ($(UNAME),Darwin) +CFLAGS_CROSS_WIN := $(filter-out -Wno-typedef-redefinition,$(CFLAGS_CROSS_WIN)) + +CFLAGS_LZMA_WIN += -Wno-misleading-indentation + +CFLAGS_UNRAR_WIN += -Wno-misleading-indentation +CFLAGS_UNRAR_WIN += -Wno-class-memaccess +endif + ## ## Targets ## +ifeq ($(UNAME),Darwin) +.PHONY: binaries +binaries: win + +.PHONY: host_win +host_win: hashcat.exe + +.PHONY: win +win: host_win modules_win +else .PHONY: binaries binaries: linux win @@ -772,6 +798,7 @@ host_win: hashcat.exe .PHONY: linux win linux: host_linux modules_linux win: host_win modules_win +endif ## ## cross compiled modules @@ -802,10 +829,10 @@ obj/%.WIN.o: src/%.c ifeq ($(USE_SYSTEM_LZMA),0) obj/%.LZMA.LINUX.o: $(DEPS_LZMA_PATH)/%.c - $(CC_LINUX) $(CCFLAGS) $(CFLAGS_CROSS_LINUX) $(CFLAGS_LZMA) -c -o $@ $< + $(CC_LINUX) $(CCFLAGS) $(CFLAGS_CROSS_LINUX) $(CFLAGS_LZMA) -c -o $@ $< obj/%.LZMA.WIN.o: $(DEPS_LZMA_PATH)/%.c - $(CC_WIN) $(CCFLAGS) $(CFLAGS_CROSS_WIN) $(CFLAGS_LZMA) -c -o $@ $< + $(CC_WIN) $(CCFLAGS) $(CFLAGS_CROSS_WIN) $(CFLAGS_LZMA_WIN) -c -o $@ $< endif ifeq ($(USE_SYSTEM_ZLIB),0) @@ -829,10 +856,10 @@ endif ifeq ($(ENABLE_UNRAR),1) ifeq ($(USE_SYSTEM_UNRAR),0) obj/%.UNRAR.LINUX.o: $(DEPS_UNRAR_PATH)/%.cpp - $(CXX_LINUX) $(CXXFLAGS) $(CFLAGS_CROSS_LINUX) $(CFLAGS_UNRAR) -c -o $@ $< + $(CXX_LINUX) $(CXXFLAGS) $(CFLAGS_CROSS_LINUX) $(CFLAGS_UNRAR) -c -o $@ $< obj/%.UNRAR.WIN.o: $(DEPS_UNRAR_PATH)/%.cpp - $(CXX_WIN) $(CXXFLAGS) $(CFLAGS_CROSS_WIN) $(CFLAGS_UNRAR) -c -o $@ $< + $(CXX_WIN) $(CXXFLAGS) $(CFLAGS_CROSS_WIN) $(CFLAGS_UNRAR_WIN) -c -o $@ $< endif endif From 2ca3a117e1f49a965a7b3500fb0ad04f157fa0af Mon Sep 17 00:00:00 2001 From: justpretending <112251849+justpretending@users.noreply.github.com> Date: Mon, 29 May 2023 11:24:05 +0700 Subject: [PATCH 17/32] Fix a typo --- src/usage.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/usage.c b/src/usage.c index c79a8c6ac..20bb81537 100644 --- a/src/usage.c +++ b/src/usage.c @@ -108,7 +108,7 @@ static const char *const USAGE_BIG_PRE_HASHMODES[] = " -n, --kernel-accel | Num | Manual workload tuning, set outerloop step size to X | -n 64", " -u, --kernel-loops | Num | Manual workload tuning, set innerloop step size to X | -u 256", " -T, --kernel-threads | Num | Manual workload tuning, set thread count to X | -T 64", - " --backend-vector-width | Num | Manually override backend vector-width to X | --backend-vector=4", + " --backend-vector-width | Num | Manually override backend vector-width to X | --backend-vector-width=4", " --spin-damp | Num | Use CPU for device synchronization, in percent | --spin-damp=10", " --hwmon-disable | | Disable temperature and fanspeed reads and triggers |", " --hwmon-temp-abort | Num | Abort if temperature reaches X degrees Celsius | --hwmon-temp-abort=100", From 1037acdf5827f6ea1d93c6deaca65dde0f37d712 Mon Sep 17 00:00:00 2001 From: jsteube Date: Mon, 29 May 2023 20:22:30 +0000 Subject: [PATCH 18/32] Remove entries on fixed issues of hash-modes which did not exist at the time of last release --- docs/changes.txt | 5 ----- 1 file changed, 5 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index f6be03171..9c098e9d7 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -74,12 +74,8 @@ - Fixed build failed for 4410 with vector width > 1 - Fixed build failed for 18400 with Apple Metal - Fixed build failed for 18600 with Apple Metal -- Fixed build failed for 31700 with Apple Metal -- Fixed build failed for 31300 with vector width > 1 -- Fixed build failed for 31000/Blake2s with vector width > 1 - Fixed build failure for almost all hash modes that make use of hc_swap64 and/or hc_swap64_S with Apple Metal - Fixed display problem of the "Optimizers applied" list for algorithms using OPTI_TYPE_SLOW_HASH_SIMD_INIT2 and/or OPTI_TYPE_SLOW_HASH_SIMD_LOOP2 -- Fixed incompatible pointer types (salt1 and salt2 buf) in 31700 a3 kernel - Fixed incompatible pointer types (salt1 and salt2 buf) in 3730 a3 kernel - Fixed minimum password length in module of hash-mode 28200 - Handle signed/unsigned PDF permission P value for all PDF hash-modes @@ -109,7 +105,6 @@ - Hardware Monitor: avoid sprintf in src/ext_iokit.c - Help: show supported hash-modes only with -hh - Makefile: prevent make failure with Apple Silicon in case of partial rebuild -- Unit tests: add test modules for hash-modes 31500 and 31600 and handle them in tools/test.pl * changes v6.2.5 -> v6.2.6 From 53dbc070295ec508cfcf7ef4d7656804785b22b5 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sat, 3 Jun 2023 03:08:29 +0200 Subject: [PATCH 19/32] Added hash-mode: Empire CMS (Admin password) --- OpenCL/m32300_a0-optimized.cl | 813 +++++++++++++++++++++++ OpenCL/m32300_a0-pure.cl | 388 +++++++++++ OpenCL/m32300_a1-optimized.cl | 925 ++++++++++++++++++++++++++ OpenCL/m32300_a1-pure.cl | 382 +++++++++++ OpenCL/m32300_a3-optimized.cl | 1169 +++++++++++++++++++++++++++++++++ OpenCL/m32300_a3-pure.cl | 408 ++++++++++++ docs/changes.txt | 1 + docs/readme.txt | 1 + src/modules/module_32300.c | 301 +++++++++ tools/test_modules/m32300.pm | 59 ++ 10 files changed, 4447 insertions(+) create mode 100644 OpenCL/m32300_a0-optimized.cl create mode 100644 OpenCL/m32300_a0-pure.cl create mode 100644 OpenCL/m32300_a1-optimized.cl create mode 100644 OpenCL/m32300_a1-pure.cl create mode 100644 OpenCL/m32300_a3-optimized.cl create mode 100644 OpenCL/m32300_a3-pure.cl create mode 100644 src/modules/module_32300.c create mode 100644 tools/test_modules/m32300.pm diff --git a/OpenCL/m32300_a0-optimized.cl b/OpenCL/m32300_a0-optimized.cl new file mode 100644 index 000000000..76400a61e --- /dev/null +++ b/OpenCL/m32300_a0-optimized.cl @@ -0,0 +1,813 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_rp_optimized.h) +#include M2S(INCLUDE_PATH/inc_rp_optimized.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_triple_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + + u32 salt3_buf[64]; + int salt3_len; + +} md5_triple_salt_t; + +KERNEL_FQ void m32300_m04 (KERN_ATTR_RULES_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * salt1 + */ + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + /** + * salt2 + */ + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + /** + * salt3 + */ + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + // md5($password) + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + w3[2] = out_len * 8; + w3[3] = 0; + + u32x a = MD5M_A; + u32x b = MD5M_B; + u32x c = MD5M_C; + u32x d = MD5M_D; + + MD5_STEP (MD5_Fo, a, b, c, d, w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w3[0], MD5C1f, MD5S13); + + u32x t; + + MD5_STEP (MD5_H1, a, b, c, d, w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w1[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w2[1], MD5C3f, MD5S33); + + a += make_u32x (MD5M_A); + b += make_u32x (MD5M_B); + c += make_u32x (MD5M_C); + d += make_u32x (MD5M_D); + + // md5(md5($password).$salt) + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + // md5_final_vector + + const int pos = ctx.len & 63; + + append_0x80_4x4 (ctx.w0, ctx.w1, ctx.w2, ctx.w3, pos); + + if (pos >= 56) + { + md5_transform_vector (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.h); + + ctx.w0[0] = 0; + ctx.w0[1] = 0; + ctx.w0[2] = 0; + ctx.w0[3] = 0; + ctx.w1[0] = 0; + ctx.w1[1] = 0; + ctx.w1[2] = 0; + ctx.w1[3] = 0; + ctx.w2[0] = 0; + ctx.w2[1] = 0; + ctx.w2[2] = 0; + ctx.w2[3] = 0; + ctx.w3[0] = 0; + ctx.w3[1] = 0; + ctx.w3[2] = 0; + ctx.w3[3] = 0; + } + + ctx.w3[2] = ctx.len * 8; + ctx.w3[3] = 0; + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, ctx.w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w3[0], MD5C1f, MD5S13); + + MD5_STEP (MD5_H1, a, b, c, d, ctx.w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, ctx.w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w1[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w2[1], MD5C3f, MD5S33); + + a += ctx.h[0] - make_u32x (MD5M_A); + b += ctx.h[1] - make_u32x (MD5M_B); + c += ctx.h[2] - make_u32x (MD5M_C); + d += ctx.h[3] - make_u32x (MD5M_D); + + COMPARE_M_SIMD (a, d, c, b); + } +} + +KERNEL_FQ void m32300_m08 (KERN_ATTR_RULES ()) +{ +} + +KERNEL_FQ void m32300_m16 (KERN_ATTR_RULES ()) +{ +} + +KERNEL_FQ void m32300_s04 (KERN_ATTR_RULES_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * salt1 + */ + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + /** + * salt2 + */ + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + /** + * salt3 + */ + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + w3[2] = out_len * 8; + w3[3] = 0; + + u32x a = MD5M_A; + u32x b = MD5M_B; + u32x c = MD5M_C; + u32x d = MD5M_D; + + MD5_STEP (MD5_Fo, a, b, c, d, w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w3[0], MD5C1f, MD5S13); + + u32x t; + + MD5_STEP (MD5_H1, a, b, c, d, w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w1[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w2[1], MD5C3f, MD5S33); + + a += make_u32x (MD5M_A); + b += make_u32x (MD5M_B); + c += make_u32x (MD5M_C); + d += make_u32x (MD5M_D); + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + // md5_final_vector + + const int pos = ctx.len & 63; + + append_0x80_4x4 (ctx.w0, ctx.w1, ctx.w2, ctx.w3, pos); + + if (pos >= 56) + { + md5_transform_vector (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.h); + + ctx.w0[0] = 0; + ctx.w0[1] = 0; + ctx.w0[2] = 0; + ctx.w0[3] = 0; + ctx.w1[0] = 0; + ctx.w1[1] = 0; + ctx.w1[2] = 0; + ctx.w1[3] = 0; + ctx.w2[0] = 0; + ctx.w2[1] = 0; + ctx.w2[2] = 0; + ctx.w2[3] = 0; + ctx.w3[0] = 0; + ctx.w3[1] = 0; + ctx.w3[2] = 0; + ctx.w3[3] = 0; + } + + ctx.w3[2] = ctx.len * 8; + ctx.w3[3] = 0; + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, ctx.w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w3[0], MD5C1f, MD5S13); + + MD5_STEP (MD5_H1, a, b, c, d, ctx.w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, ctx.w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w1[0], MD5C3c, MD5S30); + + if (MATCHES_NONE_VS ((a + ctx.h[0] - make_u32x (MD5M_A)), search[0])) continue; + + MD5_STEP (MD5_I , d, a, b, c, ctx.w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w2[1], MD5C3f, MD5S33); + + a += ctx.h[0] - make_u32x (MD5M_A); + b += ctx.h[1] - make_u32x (MD5M_B); + c += ctx.h[2] - make_u32x (MD5M_C); + d += ctx.h[3] - make_u32x (MD5M_D); + + COMPARE_S_SIMD (a, d, c, b); + } +} + +KERNEL_FQ void m32300_s08 (KERN_ATTR_RULES ()) +{ +} + +KERNEL_FQ void m32300_s16 (KERN_ATTR_RULES ()) +{ +} diff --git a/OpenCL/m32300_a0-pure.cl b/OpenCL/m32300_a0-pure.cl new file mode 100644 index 000000000..59c177abc --- /dev/null +++ b/OpenCL/m32300_a0-pure.cl @@ -0,0 +1,388 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_rp.h) +#include M2S(INCLUDE_PATH/inc_rp.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_triple_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + + u32 salt3_buf[64]; + int salt3_len; + +} md5_triple_salt_t; + +KERNEL_FQ void m32300_mxx (KERN_ATTR_RULES_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc uppercase table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32 salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32 salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32 salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + md5_ctx_t ctx0; + + md5_init (&ctx0); + + md5_update (&ctx0, tmp.i, tmp.pw_len); + + md5_final (&ctx0); + + u32 a = ctx0.h[0]; + u32 b = ctx0.h[1]; + u32 c = ctx0.h[2]; + u32 d = ctx0.h[3]; + + md5_ctx_t ctx; + + md5_init (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update (&ctx, salt1_buf, salt1_len); + + md5_final (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init (&ctx); + + md5_update (&ctx, salt2_buf, salt2_len); + + u32 ww0[4]; + u32 ww1[4]; + u32 ww2[4]; + u32 ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update (&ctx, salt3_buf, salt3_len); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m32300_sxx (KERN_ATTR_RULES_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc uppercase table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + COPY_PW (pws[gid]); + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32 salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32 salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32 salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + md5_ctx_t ctx0; + + md5_init (&ctx0); + + md5_update (&ctx0, tmp.i, tmp.pw_len); + + md5_final (&ctx0); + + u32 a = ctx0.h[0]; + u32 b = ctx0.h[1]; + u32 c = ctx0.h[2]; + u32 d = ctx0.h[3]; + + md5_ctx_t ctx; + + md5_init (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update (&ctx, salt1_buf, salt1_len); + + md5_final (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init (&ctx); + + md5_update (&ctx, salt2_buf, salt2_len); + + u32 ww0[4]; + u32 ww1[4]; + u32 ww2[4]; + u32 ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update (&ctx, salt3_buf, salt3_len); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m32300_a1-optimized.cl b/OpenCL/m32300_a1-optimized.cl new file mode 100644 index 000000000..371cb2d99 --- /dev/null +++ b/OpenCL/m32300_a1-optimized.cl @@ -0,0 +1,925 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_triple_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + + u32 salt3_buf[64]; + int salt3_len; + +} md5_triple_salt_t; + +KERNEL_FQ void m32300_m04 (KERN_ATTR_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * salt1 + */ + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + /** + * salt2 + */ + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + /** + * salt3 + */ + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (COMBS_MODE == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = pw_len * 8; + w3[3] = 0; + + /** + * md5 + */ + + u32x a = MD5M_A; + u32x b = MD5M_B; + u32x c = MD5M_C; + u32x d = MD5M_D; + + MD5_STEP (MD5_Fo, a, b, c, d, w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w3[0], MD5C1f, MD5S13); + + u32x t; + + MD5_STEP (MD5_H1, a, b, c, d, w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w1[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w2[1], MD5C3f, MD5S33); + + a += make_u32x (MD5M_A); + b += make_u32x (MD5M_B); + c += make_u32x (MD5M_C); + d += make_u32x (MD5M_D); + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + // md5_final_vector + + const int pos = ctx.len & 63; + + append_0x80_4x4 (ctx.w0, ctx.w1, ctx.w2, ctx.w3, pos); + + if (pos >= 56) + { + md5_transform_vector (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.h); + + ctx.w0[0] = 0; + ctx.w0[1] = 0; + ctx.w0[2] = 0; + ctx.w0[3] = 0; + ctx.w1[0] = 0; + ctx.w1[1] = 0; + ctx.w1[2] = 0; + ctx.w1[3] = 0; + ctx.w2[0] = 0; + ctx.w2[1] = 0; + ctx.w2[2] = 0; + ctx.w2[3] = 0; + ctx.w3[0] = 0; + ctx.w3[1] = 0; + ctx.w3[2] = 0; + ctx.w3[3] = 0; + } + + ctx.w3[2] = ctx.len * 8; + ctx.w3[3] = 0; + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, ctx.w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w3[0], MD5C1f, MD5S13); + + MD5_STEP (MD5_H1, a, b, c, d, ctx.w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, ctx.w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w1[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w2[1], MD5C3f, MD5S33); + + a += ctx.h[0] - make_u32x (MD5M_A); + b += ctx.h[1] - make_u32x (MD5M_B); + c += ctx.h[2] - make_u32x (MD5M_C); + d += ctx.h[3] - make_u32x (MD5M_D); + + COMPARE_M_SIMD (a, d, c, b); + } +} + +KERNEL_FQ void m32300_m08 (KERN_ATTR_BASIC ()) +{ +} + +KERNEL_FQ void m32300_m16 (KERN_ATTR_BASIC ()) +{ +} + +KERNEL_FQ void m32300_s04 (KERN_ATTR_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * salt1 + */ + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + /** + * salt2 + */ + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + /** + * salt3 + */ + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (COMBS_MODE == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = pw_len * 8; + w3[3] = 0; + + /** + * md5 + */ + + u32x a = MD5M_A; + u32x b = MD5M_B; + u32x c = MD5M_C; + u32x d = MD5M_D; + + MD5_STEP (MD5_Fo, a, b, c, d, w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w3[0], MD5C1f, MD5S13); + + u32x t; + + MD5_STEP (MD5_H1, a, b, c, d, w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w1[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w2[1], MD5C3f, MD5S33); + + a += make_u32x (MD5M_A); + b += make_u32x (MD5M_B); + c += make_u32x (MD5M_C); + d += make_u32x (MD5M_D); + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + // md5_final_vector + + const int pos = ctx.len & 63; + + append_0x80_4x4 (ctx.w0, ctx.w1, ctx.w2, ctx.w3, pos); + + if (pos >= 56) + { + md5_transform_vector (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.h); + + ctx.w0[0] = 0; + ctx.w0[1] = 0; + ctx.w0[2] = 0; + ctx.w0[3] = 0; + ctx.w1[0] = 0; + ctx.w1[1] = 0; + ctx.w1[2] = 0; + ctx.w1[3] = 0; + ctx.w2[0] = 0; + ctx.w2[1] = 0; + ctx.w2[2] = 0; + ctx.w2[3] = 0; + ctx.w3[0] = 0; + ctx.w3[1] = 0; + ctx.w3[2] = 0; + ctx.w3[3] = 0; + } + + ctx.w3[2] = ctx.len * 8; + ctx.w3[3] = 0; + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, ctx.w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w3[0], MD5C1f, MD5S13); + + MD5_STEP (MD5_H1, a, b, c, d, ctx.w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, ctx.w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w1[0], MD5C3c, MD5S30); + + if (MATCHES_NONE_VS ((a + ctx.h[0] - make_u32x (MD5M_A)), search[0])) continue; + + MD5_STEP (MD5_I , d, a, b, c, ctx.w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w2[1], MD5C3f, MD5S33); + + a += ctx.h[0] - make_u32x (MD5M_A); + b += ctx.h[1] - make_u32x (MD5M_B); + c += ctx.h[2] - make_u32x (MD5M_C); + d += ctx.h[3] - make_u32x (MD5M_D); + + COMPARE_S_SIMD (a, d, c, b); + } +} + +KERNEL_FQ void m32300_s08 (KERN_ATTR_BASIC ()) +{ +} + +KERNEL_FQ void m32300_s16 (KERN_ATTR_BASIC ()) +{ +} diff --git a/OpenCL/m32300_a1-pure.cl b/OpenCL/m32300_a1-pure.cl new file mode 100644 index 000000000..132db135a --- /dev/null +++ b/OpenCL/m32300_a1-pure.cl @@ -0,0 +1,382 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_triple_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + + u32 salt3_buf[64]; + int salt3_len; + +} md5_triple_salt_t; + +KERNEL_FQ void m32300_mxx (KERN_ATTR_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc uppercase array + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32 salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32 salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32 salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * base + */ + + md5_ctx_t ctx0; + + md5_init (&ctx0); + + md5_update_global (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + md5_ctx_t ctx1 = ctx0; + + md5_update_global (&ctx1, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + md5_final (&ctx1); + + u32 a = ctx1.h[0]; + u32 b = ctx1.h[1]; + u32 c = ctx1.h[2]; + u32 d = ctx1.h[3]; + + md5_ctx_t ctx; + + md5_init (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update (&ctx, salt1_buf, salt1_len); + + md5_final (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init (&ctx); + + md5_update (&ctx, salt2_buf, salt2_len); + + u32 ww0[4]; + u32 ww1[4]; + u32 ww2[4]; + u32 ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update (&ctx, salt3_buf, salt3_len); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m32300_sxx (KERN_ATTR_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc uppercase array + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32 salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32 salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32 salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * base + */ + + md5_ctx_t ctx0; + + md5_init (&ctx0); + + md5_update_global (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + md5_ctx_t ctx1 = ctx0; + + md5_update_global (&ctx1, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + md5_final (&ctx1); + + u32 a = ctx1.h[0]; + u32 b = ctx1.h[1]; + u32 c = ctx1.h[2]; + u32 d = ctx1.h[3]; + + md5_ctx_t ctx; + + md5_init (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update (&ctx, salt1_buf, salt1_len); + + md5_final (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init (&ctx); + + md5_update (&ctx, salt2_buf, salt2_len); + + u32 ww0[4]; + u32 ww1[4]; + u32 ww2[4]; + u32 ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update (&ctx, salt3_buf, salt3_len); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m32300_a3-optimized.cl b/OpenCL/m32300_a3-optimized.cl new file mode 100644 index 000000000..74a051cf5 --- /dev/null +++ b/OpenCL/m32300_a3-optimized.cl @@ -0,0 +1,1169 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_triple_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + + u32 salt3_buf[64]; + int salt3_len; + +} md5_triple_salt_t; + +DECLSPEC void m32300m (PRIVATE_AS u32 *w0, PRIVATE_AS u32 *w1, PRIVATE_AS u32 *w2, PRIVATE_AS u32 *w3, const u32 pw_len, KERN_ATTR_FUNC_VECTOR_ESALT (md5_triple_salt_t), LOCAL_AS u32 *l_bin2asc) +{ + /** + * modifiers are taken from args + */ + + /** + * salt1 + */ + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + /** + * salt2 + */ + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + /** + * salt3 + */ + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * loop + */ + + u32 w0l = w0[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0lr = w0l | w0r; + + u32x w0_t[4]; + u32x w1_t[4]; + u32x w2_t[4]; + u32x w3_t[4]; + + w0_t[0] = w0lr; + w0_t[1] = w0[1]; + w0_t[2] = w0[2]; + w0_t[3] = w0[3]; + w1_t[0] = w1[0]; + w1_t[1] = w1[1]; + w1_t[2] = w1[2]; + w1_t[3] = w1[3]; + w2_t[0] = w2[0]; + w2_t[1] = w2[1]; + w2_t[2] = w2[2]; + w2_t[3] = w2[3]; + w3_t[0] = w3[0]; + w3_t[1] = w3[1]; + w3_t[2] = w3[2]; + w3_t[3] = w3[3]; + + /** + * md5 + */ + + u32x a = MD5M_A; + u32x b = MD5M_B; + u32x c = MD5M_C; + u32x d = MD5M_D; + + MD5_STEP (MD5_Fo, a, b, c, d, w0_t[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w0_t[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w0_t[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w0_t[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w1_t[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1_t[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w1_t[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w1_t[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w2_t[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w2_t[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2_t[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w2_t[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w3_t[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w3_t[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w3_t[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3_t[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w0_t[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w1_t[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w2_t[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0_t[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w1_t[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2_t[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3_t[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w1_t[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w2_t[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w3_t[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w0_t[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w2_t[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w3_t[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w0_t[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w1_t[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w3_t[0], MD5C1f, MD5S13); + + u32x t; + + MD5_STEP (MD5_H1, a, b, c, d, w1_t[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w2_t[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w2_t[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w3_t[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w0_t[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w1_t[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w1_t[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w2_t[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w3_t[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w0_t[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w0_t[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w1_t[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w2_t[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w3_t[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w3_t[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w0_t[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, w0_t[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w1_t[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w3_t[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w1_t[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w3_t[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w0_t[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w2_t[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w0_t[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w2_t[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w3_t[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w1_t[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w3_t[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w1_t[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w2_t[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w0_t[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w2_t[1], MD5C3f, MD5S33); + + a += make_u32x (MD5M_A); + b += make_u32x (MD5M_B); + c += make_u32x (MD5M_C); + d += make_u32x (MD5M_D); + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + // md5_final_vector + + const int pos = ctx.len & 63; + + append_0x80_4x4 (ctx.w0, ctx.w1, ctx.w2, ctx.w3, pos); + + if (pos >= 56) + { + md5_transform_vector (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.h); + + ctx.w0[0] = 0; + ctx.w0[1] = 0; + ctx.w0[2] = 0; + ctx.w0[3] = 0; + ctx.w1[0] = 0; + ctx.w1[1] = 0; + ctx.w1[2] = 0; + ctx.w1[3] = 0; + ctx.w2[0] = 0; + ctx.w2[1] = 0; + ctx.w2[2] = 0; + ctx.w2[3] = 0; + ctx.w3[0] = 0; + ctx.w3[1] = 0; + ctx.w3[2] = 0; + ctx.w3[3] = 0; + } + + ctx.w3[2] = ctx.len * 8; + ctx.w3[3] = 0; + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, ctx.w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w3[0], MD5C1f, MD5S13); + + MD5_STEP (MD5_H1, a, b, c, d, ctx.w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, ctx.w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w1[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w2[1], MD5C3f, MD5S33); + + a += ctx.h[0] - make_u32x (MD5M_A); + b += ctx.h[1] - make_u32x (MD5M_B); + c += ctx.h[2] - make_u32x (MD5M_C); + d += ctx.h[3] - make_u32x (MD5M_D); + + COMPARE_M_SIMD (a, d, c, b); + } +} + +DECLSPEC void m32300s (PRIVATE_AS u32 *w0, PRIVATE_AS u32 *w1, PRIVATE_AS u32 *w2, PRIVATE_AS u32 *w3, const u32 pw_len, KERN_ATTR_FUNC_VECTOR_ESALT (md5_triple_salt_t), LOCAL_AS u32 *l_bin2asc) +{ + /** + * modifiers are taken from args + */ + + /** + * salt1 + */ + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + /** + * salt2 + */ + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + /** + * salt3 + */ + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * loop + */ + + u32 w0l = w0[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0lr = w0l | w0r; + + u32x w0_t[4]; + u32x w1_t[4]; + u32x w2_t[4]; + u32x w3_t[4]; + + w0_t[0] = w0lr; + w0_t[1] = w0[1]; + w0_t[2] = w0[2]; + w0_t[3] = w0[3]; + w1_t[0] = w1[0]; + w1_t[1] = w1[1]; + w1_t[2] = w1[2]; + w1_t[3] = w1[3]; + w2_t[0] = w2[0]; + w2_t[1] = w2[1]; + w2_t[2] = w2[2]; + w2_t[3] = w2[3]; + w3_t[0] = w3[0]; + w3_t[1] = w3[1]; + w3_t[2] = w3[2]; + w3_t[3] = w3[3]; + + /** + * md5 + */ + + u32x a = MD5M_A; + u32x b = MD5M_B; + u32x c = MD5M_C; + u32x d = MD5M_D; + + MD5_STEP (MD5_Fo, a, b, c, d, w0_t[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w0_t[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w0_t[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w0_t[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w1_t[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1_t[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w1_t[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w1_t[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w2_t[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w2_t[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2_t[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w2_t[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w3_t[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w3_t[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w3_t[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3_t[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w0_t[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w1_t[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w2_t[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0_t[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w1_t[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2_t[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3_t[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w1_t[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w2_t[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w3_t[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w0_t[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w2_t[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w3_t[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w0_t[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w1_t[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w3_t[0], MD5C1f, MD5S13); + + u32x t; + + MD5_STEP (MD5_H1, a, b, c, d, w1_t[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w2_t[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w2_t[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w3_t[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w0_t[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w1_t[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w1_t[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w2_t[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w3_t[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w0_t[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w0_t[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w1_t[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, w2_t[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, w3_t[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, w3_t[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, w0_t[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, w0_t[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w1_t[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w3_t[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w1_t[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w3_t[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w0_t[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w2_t[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w0_t[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w2_t[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w3_t[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w1_t[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w3_t[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w1_t[0], MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w2_t[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w0_t[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w2_t[1], MD5C3f, MD5S33); + + a += make_u32x (MD5M_A); + b += make_u32x (MD5M_B); + c += make_u32x (MD5M_C); + d += make_u32x (MD5M_D); + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + // md5_final_vector + + const int pos = ctx.len & 63; + + append_0x80_4x4 (ctx.w0, ctx.w1, ctx.w2, ctx.w3, pos); + + if (pos >= 56) + { + md5_transform_vector (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.h); + + ctx.w0[0] = 0; + ctx.w0[1] = 0; + ctx.w0[2] = 0; + ctx.w0[3] = 0; + ctx.w1[0] = 0; + ctx.w1[1] = 0; + ctx.w1[2] = 0; + ctx.w1[3] = 0; + ctx.w2[0] = 0; + ctx.w2[1] = 0; + ctx.w2[2] = 0; + ctx.w2[3] = 0; + ctx.w3[0] = 0; + ctx.w3[1] = 0; + ctx.w3[2] = 0; + ctx.w3[3] = 0; + } + + ctx.w3[2] = ctx.len * 8; + ctx.w3[3] = 0; + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w0[0], MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w0[1], MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w0[2], MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w0[3], MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w1[0], MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w1[1], MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w1[2], MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w1[3], MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w2[0], MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w2[1], MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w2[2], MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w2[3], MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, ctx.w3[0], MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, ctx.w3[1], MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, ctx.w3[2], MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, ctx.w3[3], MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, ctx.w0[1], MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w1[2], MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w2[3], MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w0[0], MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w1[1], MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w2[2], MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w3[3], MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w1[0], MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w2[1], MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w3[2], MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w0[3], MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w2[0], MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, ctx.w3[1], MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, ctx.w0[2], MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, ctx.w1[3], MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, ctx.w3[0], MD5C1f, MD5S13); + + MD5_STEP (MD5_H1, a, b, c, d, ctx.w1[1], MD5C20, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w2[0], MD5C21, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w2[3], MD5C22, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w3[2], MD5C23, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w0[1], MD5C24, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w1[0], MD5C25, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w1[3], MD5C26, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w2[2], MD5C27, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w3[1], MD5C28, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w0[0], MD5C29, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w0[3], MD5C2a, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w1[2], MD5C2b, MD5S23); + MD5_STEP (MD5_H1, a, b, c, d, ctx.w2[1], MD5C2c, MD5S20); + MD5_STEP (MD5_H2, d, a, b, c, ctx.w3[0], MD5C2d, MD5S21); + MD5_STEP (MD5_H1, c, d, a, b, ctx.w3[3], MD5C2e, MD5S22); + MD5_STEP (MD5_H2, b, c, d, a, ctx.w0[2], MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, ctx.w0[0], MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w1[3], MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w3[2], MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w1[1], MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w3[0], MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w0[3], MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w2[2], MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w0[1], MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w2[0], MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, ctx.w3[3], MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w1[2], MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w3[1], MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, ctx.w1[0], MD5C3c, MD5S30); + + if (MATCHES_NONE_VS ((a + ctx.h[0] - make_u32x (MD5M_A)), search[0])) continue; + + MD5_STEP (MD5_I , d, a, b, c, ctx.w2[3], MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, ctx.w0[2], MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, ctx.w2[1], MD5C3f, MD5S33); + + a += ctx.h[0] - make_u32x (MD5M_A); + b += ctx.h[1] - make_u32x (MD5M_B); + c += ctx.h[2] - make_u32x (MD5M_C); + d += ctx.h[3] - make_u32x (MD5M_D); + + COMPARE_S_SIMD (a, d, c, b); + } +} + +KERNEL_FQ void m32300_m04 (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w0[4]; + + w0[0] = pws[gid].i[ 0]; + w0[1] = pws[gid].i[ 1]; + w0[2] = pws[gid].i[ 2]; + w0[3] = pws[gid].i[ 3]; + + u32 w1[4]; + + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + + u32 w2[4]; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + u32 w3[4]; + + w3[0] = 0; + w3[1] = 0; + w3[2] = pws[gid].i[14]; + w3[3] = 0; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m32300m (w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m32300_m08 (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * modifier + */ + + u32 w0[4]; + + w0[0] = pws[gid].i[ 0]; + w0[1] = pws[gid].i[ 1]; + w0[2] = pws[gid].i[ 2]; + w0[3] = pws[gid].i[ 3]; + + u32 w1[4]; + + w1[0] = pws[gid].i[ 4]; + w1[1] = pws[gid].i[ 5]; + w1[2] = pws[gid].i[ 6]; + w1[3] = pws[gid].i[ 7]; + + u32 w2[4]; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + u32 w3[4]; + + w3[0] = 0; + w3[1] = 0; + w3[2] = pws[gid].i[14]; + w3[3] = 0; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * main + */ + + m32300m (w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m32300_m16 (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * modifier + */ + + u32 w0[4]; + + w0[0] = pws[gid].i[ 0]; + w0[1] = pws[gid].i[ 1]; + w0[2] = pws[gid].i[ 2]; + w0[3] = pws[gid].i[ 3]; + + u32 w1[4]; + + w1[0] = pws[gid].i[ 4]; + w1[1] = pws[gid].i[ 5]; + w1[2] = pws[gid].i[ 6]; + w1[3] = pws[gid].i[ 7]; + + u32 w2[4]; + + w2[0] = pws[gid].i[ 8]; + w2[1] = pws[gid].i[ 9]; + w2[2] = pws[gid].i[10]; + w2[3] = pws[gid].i[11]; + + u32 w3[4]; + + w3[0] = pws[gid].i[12]; + w3[1] = pws[gid].i[13]; + w3[2] = pws[gid].i[14]; + w3[3] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * main + */ + + m32300m (w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m32300_s04 (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * modifier + */ + + u32 w0[4]; + + w0[0] = pws[gid].i[ 0]; + w0[1] = pws[gid].i[ 1]; + w0[2] = pws[gid].i[ 2]; + w0[3] = pws[gid].i[ 3]; + + u32 w1[4]; + + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + + u32 w2[4]; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + u32 w3[4]; + + w3[0] = 0; + w3[1] = 0; + w3[2] = pws[gid].i[14]; + w3[3] = 0; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * main + */ + + m32300s (w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m32300_s08 (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * modifier + */ + + u32 w0[4]; + + w0[0] = pws[gid].i[ 0]; + w0[1] = pws[gid].i[ 1]; + w0[2] = pws[gid].i[ 2]; + w0[3] = pws[gid].i[ 3]; + + u32 w1[4]; + + w1[0] = pws[gid].i[ 4]; + w1[1] = pws[gid].i[ 5]; + w1[2] = pws[gid].i[ 6]; + w1[3] = pws[gid].i[ 7]; + + u32 w2[4]; + + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + + u32 w3[4]; + + w3[0] = 0; + w3[1] = 0; + w3[2] = pws[gid].i[14]; + w3[3] = 0; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * main + */ + + m32300s (w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m32300_s16 (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w0[4]; + + w0[0] = pws[gid].i[ 0]; + w0[1] = pws[gid].i[ 1]; + w0[2] = pws[gid].i[ 2]; + w0[3] = pws[gid].i[ 3]; + + u32 w1[4]; + + w1[0] = pws[gid].i[ 4]; + w1[1] = pws[gid].i[ 5]; + w1[2] = pws[gid].i[ 6]; + w1[3] = pws[gid].i[ 7]; + + u32 w2[4]; + + w2[0] = pws[gid].i[ 8]; + w2[1] = pws[gid].i[ 9]; + w2[2] = pws[gid].i[10]; + w2[3] = pws[gid].i[11]; + + u32 w3[4]; + + w3[0] = pws[gid].i[12]; + w3[1] = pws[gid].i[13]; + w3[2] = pws[gid].i[14]; + w3[3] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m32300s (w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} diff --git a/OpenCL/m32300_a3-pure.cl b/OpenCL/m32300_a3-pure.cl new file mode 100644 index 000000000..1345df59d --- /dev/null +++ b/OpenCL/m32300_a3-pure.cl @@ -0,0 +1,408 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_triple_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + + u32 salt3_buf[64]; + int salt3_len; + +} md5_triple_salt_t; + +KERNEL_FQ void m32300_mxx (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /* + * bin2asc uppercase table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + md5_ctx_vector_t ctx0; + + md5_init_vector (&ctx0); + + md5_update_vector (&ctx0, w, pw_len); + + md5_final_vector (&ctx0); + + u32x a = ctx0.h[0]; + u32x b = ctx0.h[1]; + u32x c = ctx0.h[2]; + u32x d = ctx0.h[3]; + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + md5_final_vector (&ctx); + + const u32x r0 = ctx.h[DGST_R0]; + const u32x r1 = ctx.h[DGST_R1]; + const u32x r2 = ctx.h[DGST_R2]; + const u32x r3 = ctx.h[DGST_R3]; + + COMPARE_M_SIMD (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m32300_sxx (KERN_ATTR_VECTOR_ESALT (md5_triple_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /* + * bin2asc uppercase table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + const u32 salt1_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len; + + u32x salt1_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt1_len; i += 4, idx += 1) + { + salt1_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf[idx]; + } + + const u32 salt2_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len; + + u32x salt2_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt2_len; i += 4, idx += 1) + { + salt2_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf[idx]; + } + + const u32 salt3_len = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_len; + + u32x salt3_buf[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt3_len; i += 4, idx += 1) + { + salt3_buf[idx] = esalt_bufs[DIGESTS_OFFSET_HOST].salt3_buf[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + md5_ctx_vector_t ctx0; + + md5_init_vector (&ctx0); + + md5_update_vector (&ctx0, w, pw_len); + + md5_final_vector (&ctx0); + + u32x a = ctx0.h[0]; + u32x b = ctx0.h[1]; + u32x c = ctx0.h[2]; + u32x d = ctx0.h[3]; + + md5_ctx_vector_t ctx; + + md5_init_vector (&ctx); + + ctx.w0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ctx.w0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ctx.w0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ctx.w0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ctx.w1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ctx.w1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ctx.w1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ctx.w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ctx.len = 32; + + md5_update_vector (&ctx, salt1_buf, salt1_len); + + md5_final_vector (&ctx); + + a = ctx.h[0]; + b = ctx.h[1]; + c = ctx.h[2]; + d = ctx.h[3]; + + md5_init_vector (&ctx); + + md5_update_vector (&ctx, salt2_buf, salt2_len); + + u32x ww0[4]; + u32x ww1[4]; + u32x ww2[4]; + u32x ww3[4]; + + ww0[0] = uint_to_hex_lower8 ((a >> 0) & 255) << 0 + | uint_to_hex_lower8 ((a >> 8) & 255) << 16; + ww0[1] = uint_to_hex_lower8 ((a >> 16) & 255) << 0 + | uint_to_hex_lower8 ((a >> 24) & 255) << 16; + ww0[2] = uint_to_hex_lower8 ((b >> 0) & 255) << 0 + | uint_to_hex_lower8 ((b >> 8) & 255) << 16; + ww0[3] = uint_to_hex_lower8 ((b >> 16) & 255) << 0 + | uint_to_hex_lower8 ((b >> 24) & 255) << 16; + ww1[0] = uint_to_hex_lower8 ((c >> 0) & 255) << 0 + | uint_to_hex_lower8 ((c >> 8) & 255) << 16; + ww1[1] = uint_to_hex_lower8 ((c >> 16) & 255) << 0 + | uint_to_hex_lower8 ((c >> 24) & 255) << 16; + ww1[2] = uint_to_hex_lower8 ((d >> 0) & 255) << 0 + | uint_to_hex_lower8 ((d >> 8) & 255) << 16; + ww1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 + | uint_to_hex_lower8 ((d >> 24) & 255) << 16; + + ww2[0] = 0; + ww2[1] = 0; + ww2[2] = 0; + ww2[3] = 0; + ww3[0] = 0; + ww3[1] = 0; + ww3[2] = 0; + ww3[3] = 0; + + md5_update_vector_64 (&ctx, ww0, ww1, ww2, ww3, 32); + + md5_update_vector (&ctx, salt3_buf, salt3_len); + + md5_final_vector (&ctx); + + const u32x r0 = ctx.h[DGST_R0]; + const u32x r1 = ctx.h[DGST_R1]; + const u32x r2 = ctx.h[DGST_R2]; + const u32x r3 = ctx.h[DGST_R3]; + + COMPARE_S_SIMD (r0, r1, r2, r3); + } +} diff --git a/docs/changes.txt b/docs/changes.txt index 6eabdb1d9..f82ac831d 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -15,6 +15,7 @@ - Added hash-mode: BLAKE2s-256 - Added hash-mode: Dahua NVR/DVR/HVR (md5($salt1.strtoupper(md5($salt2.$pass)))) - Added hash-mode: DANE RFC7929/RFC8162 SHA2-256 +- Added hash-mode: Empire CMS (Admin password) - Added hash-mode: ENCsecurity Datavault (MD5/keychain) - Added hash-mode: ENCsecurity Datavault (MD5/no keychain) - Added hash-mode: ENCsecurity Datavault (PBKDF2/keychain) diff --git a/docs/readme.txt b/docs/readme.txt index d9f2bf808..00f649867 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -387,6 +387,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - MediaWiki B type - Redmine - Umbraco HMAC-SHA1 +- Empire CMS (Admin password) - Joomla < 2.5.18 - OpenCart - PrestaShop diff --git a/src/modules/module_32300.c b/src/modules/module_32300.c new file mode 100644 index 000000000..c97bbd007 --- /dev/null +++ b/src/modules/module_32300.c @@ -0,0 +1,301 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" +#include "emu_inc_hash_md5.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 3; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 1; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_FORUM_SOFTWARE; +static const char *HASH_NAME = "Empire CMS (Admin password)"; +static const u64 KERN_TYPE = 32300; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_PRECOMPUTE_INIT + | OPTI_TYPE_EARLY_SKIP + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_RAW_HASH; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS14; +static const u32 SALT_TYPE = SALT_TYPE_GENERIC; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "5962d4ada95d6493379cd9c05ce7a376:726620866134417802643053384570:6056291339665060317728572165496183"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct md5_triple_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + + u32 salt3_buf[64]; + int salt3_len; + +} md5_triple_salt_t; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (md5_triple_salt_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + md5_triple_salt_t *md5_triple_salt = (md5_triple_salt_t *) esalt_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.sep[0] = hashconfig->separator; + token.len[0] = 32; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.sep[1] = hashconfig->separator; + token.len_min[1] = SALT_MIN; + token.len_max[1] = SALT_MAX; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; + + token.sep[2] = hashconfig->separator; + token.len_min[2] = SALT_MIN; + token.len_max[2] = SALT_MAX; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH; + + if (hashconfig->opts_type & OPTS_TYPE_ST_HEX) + { + token.len_min[1] *= 2; + token.len_max[1] *= 2; + + token.attr[1] |= TOKEN_ATTR_VERIFY_HEX; + + token.len_min[2] *= 2; + token.len_max[2] *= 2; + + token.attr[2] |= TOKEN_ATTR_VERIFY_HEX; + } + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *hash_pos = token.buf[0]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + + if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL) + { + digest[0] -= MD5M_A; + digest[1] -= MD5M_B; + digest[2] -= MD5M_C; + digest[3] -= MD5M_D; + } + + memset (md5_triple_salt, 0, sizeof (md5_triple_salt_t)); + + const bool parse_rc1 = generic_salt_decode (hashconfig, token.buf[1], token.len[1], (u8 *) md5_triple_salt->salt1_buf, (int *) &md5_triple_salt->salt1_len); + + if (parse_rc1 == false) return (PARSER_SALT_LENGTH); + + const bool parse_rc2 = generic_salt_decode (hashconfig, token.buf[2], token.len[2], (u8 *) md5_triple_salt->salt2_buf, (int *) &md5_triple_salt->salt2_len); + + if (parse_rc2 == false) return (PARSER_SALT_LENGTH); + + const u8 *empire_salt1 = (const u8 *) "E!m^p-i(r#e.C:M?S"; + const u32 empire_salt1_len = strlen ((char *) empire_salt1); + + const u8 *empire_salt2 = (const u8 *) "d)i.g^o-d"; + const u32 empire_salt2_len = strlen ((char *) empire_salt2); + + memcpy ((u8 *) md5_triple_salt->salt2_buf + md5_triple_salt->salt2_len, empire_salt1, empire_salt1_len); + + md5_triple_salt->salt2_len += empire_salt1_len; + + memcpy ((u8 *) md5_triple_salt->salt3_buf, empire_salt2, empire_salt2_len); + memcpy ((u8 *) md5_triple_salt->salt3_buf + empire_salt2_len, (u8 *) md5_triple_salt->salt1_buf, md5_triple_salt->salt1_len); + + md5_triple_salt->salt3_len = empire_salt2_len + md5_triple_salt->salt1_len; + + // make salt sorter happy + + md5_ctx_t md5_ctx; + + md5_init (&md5_ctx); + md5_update (&md5_ctx, md5_triple_salt->salt1_buf, md5_triple_salt->salt1_len); + md5_update (&md5_ctx, md5_triple_salt->salt2_buf, md5_triple_salt->salt2_len); + md5_update (&md5_ctx, md5_triple_salt->salt3_buf, md5_triple_salt->salt3_len); + md5_final (&md5_ctx); + + salt->salt_buf[0] = md5_ctx.h[0]; + salt->salt_buf[1] = md5_ctx.h[1]; + salt->salt_buf[2] = md5_ctx.h[2]; + salt->salt_buf[3] = md5_ctx.h[3]; + + salt->salt_len = 16; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + const md5_triple_salt_t *md5_triple_salt = (const md5_triple_salt_t *) esalt_buf; + + u32 tmp[4]; + + tmp[0] = digest[0]; + tmp[1] = digest[1]; + tmp[2] = digest[2]; + tmp[3] = digest[3]; + + if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL) + { + tmp[0] += MD5M_A; + tmp[1] += MD5M_B; + tmp[2] += MD5M_C; + tmp[3] += MD5M_D; + } + + u8 *out_buf = (u8 *) line_buf; + + int out_len = 0; + + u32_to_hex (tmp[0], out_buf + out_len); out_len += 8; + u32_to_hex (tmp[1], out_buf + out_len); out_len += 8; + u32_to_hex (tmp[2], out_buf + out_len); out_len += 8; + u32_to_hex (tmp[3], out_buf + out_len); out_len += 8; + + out_buf[out_len] = hashconfig->separator; + + out_len += 1; + + out_len += generic_salt_encode (hashconfig, (const u8 *) md5_triple_salt->salt1_buf, (const int) md5_triple_salt->salt1_len, out_buf + out_len); + + out_buf[out_len] = hashconfig->separator; + + out_len += 1; + + out_len += generic_salt_encode (hashconfig, (const u8 *) md5_triple_salt->salt2_buf, (const int) md5_triple_salt->salt2_len, out_buf + out_len); + + out_len -= 17; // remove empire_salt1 + + out_buf[out_len] = '\0'; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m32300.pm b/tools/test_modules/m32300.pm new file mode 100644 index 000000000..d9bf0bb8d --- /dev/null +++ b/tools/test_modules/m32300.pm @@ -0,0 +1,59 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::MD5 qw (md5_hex); + +sub module_constraints { [[0, 256], [0, 246], [0, 31], [0, 41], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt1 = shift; + + my $IS_OPTIMIZED = 1; + + if (exists $ENV{"IS_OPTIMIZED"} && defined $ENV{"IS_OPTIMIZED"}) + { + $IS_OPTIMIZED = $ENV{"IS_OPTIMIZED"}; + } + + my $salt2_max_len = $IS_OPTIMIZED == 1 ? 33 : 238; + + my $salt2 = shift || random_numeric_string (random_number (0, $salt2_max_len)); + + my $empireCMS_salt1 = 'E!m^p-i(r#e.C:M?S'; + my $empireCMS_salt2 = 'd)i.g^o-d'; + + my $digest = md5_hex ($salt2 . $empireCMS_salt1 . md5_hex (md5_hex ($word) . $salt1) . $empireCMS_salt2 . $salt1); + + my $hash = sprintf ("%s:%s:%s", $digest, $salt1, $salt2); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my ($hash, $salt1, $salt2, $word) = split (':', $line); + + return unless defined $hash; + return unless defined $salt1; + return unless defined $salt2; + return unless defined $word; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt1, $salt2); + + return ($new_hash, $word); +} + +1; From 8d0ded44d977340cbf12f7e6e26f6f099dc0db31 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sat, 3 Jun 2023 22:36:40 +0200 Subject: [PATCH 20/32] using hc_IOMasterPortDefault instead of kIOMasterPortDefault/kIOMainPortDefault --- include/ext_iokit.h | 3 +++ src/ext_iokit.c | 4 ++-- src/ext_metal.m | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/include/ext_iokit.h b/include/ext_iokit.h index 180be3ef9..36676c948 100644 --- a/include/ext_iokit.h +++ b/include/ext_iokit.h @@ -9,6 +9,9 @@ #if defined(__APPLE__) #include +// kIOMasterPortDefault/kIOMainPortDefault is 0 +static const mach_port_t hc_IOMasterPortDefault = 0; + // Apple SMC Keys #define HM_IOKIT_SMC_SENSOR_GRAPHICS_HOT "SGHT" #define HM_IOKIT_SMC_CPU_PROXIMITY "TC0P" diff --git a/src/ext_iokit.c b/src/ext_iokit.c index 78a7cada3..1c45ea367 100644 --- a/src/ext_iokit.c +++ b/src/ext_iokit.c @@ -48,7 +48,7 @@ kern_return_t hm_IOKIT_SMCOpen (void *hashcat_ctx, io_connect_t *conn) CFMutableDictionaryRef matchingDictionary = IOServiceMatching ("AppleSMC"); - result = IOServiceGetMatchingServices (kIOMasterPortDefault, matchingDictionary, &iterator); + result = IOServiceGetMatchingServices (hc_IOMasterPortDefault, matchingDictionary, &iterator); if (result != kIOReturnSuccess) { @@ -231,7 +231,7 @@ int hm_IOKIT_get_utilization_current (void *hashcat_ctx, int *utilization) CFMutableDictionaryRef matching = IOServiceMatching ("IOAccelerator"); - if (IOServiceGetMatchingServices (kIOMasterPortDefault, matching, &iterator) != kIOReturnSuccess) + if (IOServiceGetMatchingServices (hc_IOMasterPortDefault, matching, &iterator) != kIOReturnSuccess) { event_log_error (hashcat_ctx, "IOServiceGetMatchingServices(): failure"); diff --git a/src/ext_metal.m b/src/ext_metal.m index a9ab89229..6a51d48bd 100644 --- a/src/ext_metal.m +++ b/src/ext_metal.m @@ -47,7 +47,7 @@ static bool iokit_getGPUCore (void *hashcat_ctx, int *gpu_core) CFMutableDictionaryRef matching = IOServiceMatching ("IOAccelerator"); - io_service_t service = IOServiceGetMatchingService (kIOMasterPortDefault, matching); + io_service_t service = IOServiceGetMatchingService (hc_IOMasterPortDefault, matching); if (!service) { From 1821a43420e52463f0fab4025bfa59fcbec74277 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sat, 3 Jun 2023 22:50:41 +0200 Subject: [PATCH 21/32] fix multiple sprintf build warnings by using snprintf --- src/modules/module_07500.c | 4 ++-- src/modules/module_08200.c | 2 +- src/modules/module_08800.c | 2 +- src/modules/module_13100.c | 2 +- src/modules/module_13400.c | 30 +++++++++++------------------- src/modules/module_13500.c | 2 +- src/modules/module_13600.c | 6 +++--- src/modules/module_13800.c | 2 +- src/modules/module_15500.c | 2 +- src/modules/module_16100.c | 2 +- src/modules/module_18200.c | 2 +- src/modules/module_19600.c | 2 +- src/modules/module_19700.c | 2 +- src/modules/module_19800.c | 2 +- src/modules/module_19900.c | 2 +- src/modules/module_29700.c | 30 +++++++++++------------------- src/modules/module_32100.c | 2 +- src/modules/module_32200.c | 2 +- 18 files changed, 41 insertions(+), 57 deletions(-) diff --git a/src/modules/module_07500.c b/src/modules/module_07500.c index f119402cd..30bdb71dc 100644 --- a/src/modules/module_07500.c +++ b/src/modules/module_07500.c @@ -225,12 +225,12 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE for (u32 i = 0; i < 36; i++, ptr_data += 2) { - sprintf (ptr_data, "%02x", ptr_timestamp[i]); + snprintf (ptr_data, 3, "%02x", ptr_timestamp[i]); } for (u32 i = 0; i < 16; i++, ptr_data += 2) { - sprintf (ptr_data, "%02x", ptr_checksum[i]); + snprintf (ptr_data, 3, "%02x", ptr_checksum[i]); } *ptr_data = 0; diff --git a/src/modules/module_08200.c b/src/modules/module_08200.c index 4098df8c8..35c50bd53 100644 --- a/src/modules/module_08200.c +++ b/src/modules/module_08200.c @@ -237,7 +237,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE for (int i = 0, j = 0; i < 512; i += 1, j += 8) { - sprintf (data_buf + j, "%08x", cloudkey->data_buf[i]); + snprintf (data_buf + j, 9, "%08x", cloudkey->data_buf[i]); } data_buf[cloudkey->data_len * 2] = 0; diff --git a/src/modules/module_08800.c b/src/modules/module_08800.c index 7de1ecf2c..6b78e7f16 100644 --- a/src/modules/module_08800.c +++ b/src/modules/module_08800.c @@ -183,7 +183,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE for (u32 i = 0, j = 0; i < 384; i += 1, j += 8) { - sprintf (tmp + j, "%08x", androidfde->data[i]); + snprintf (tmp + j, 9, "%08x", androidfde->data[i]); } tmp[3072] = 0; diff --git a/src/modules/module_13100.c b/src/modules/module_13100.c index 23e0ee1f0..d3949ae75 100644 --- a/src/modules/module_13100.c +++ b/src/modules/module_13100.c @@ -313,7 +313,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_edata2 = (u8 *) krb5tgs->edata2; - sprintf (data + j, "%02x", ptr_edata2[i]); + snprintf (data + j, 3, "%02x", ptr_edata2[i]); } int line_len; diff --git a/src/modules/module_13400.c b/src/modules/module_13400.c index 7187f5815..2ce9fc5ca 100644 --- a/src/modules/module_13400.c +++ b/src/modules/module_13400.c @@ -545,20 +545,17 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < final_random_seed_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_final_random_seed[i]); + for (u32 i = 0; i < final_random_seed_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_final_random_seed[i]); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < transf_random_seed_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_transf_random_seed[i]); + for (u32 i = 0; i < transf_random_seed_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_transf_random_seed[i]); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < enc_iv_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_enc_iv[i]); + for (u32 i = 0; i < enc_iv_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_enc_iv[i]); *ptr_data = '*'; ptr_data++; @@ -568,8 +565,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE u32 contents_len = keepass->contents_len; u32 *ptr_contents = (u32 *) keepass->contents; - for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_contents_hash[i]); + for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_contents_hash[i]); *ptr_data = '*'; ptr_data++; @@ -583,31 +579,28 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE char ptr_contents_len[10] = { 0 }; - sprintf ((char*) ptr_contents_len, "%u", contents_len); + snprintf ((char*) ptr_contents_len, sizeof (ptr_contents_len), "%u", contents_len); - sprintf (ptr_data, "%u", contents_len); + snprintf (ptr_data, sizeof (ptr_contents_len), "%u", contents_len); ptr_data += strlen (ptr_contents_len); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < contents_len / 4; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_contents[i]); + for (u32 i = 0; i < contents_len / 4; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_contents[i]); } else if (version == 2) { expected_bytes_len = 8; ptr_expected_bytes = (u32 *) keepass->expected_bytes; - for (u32 i = 0; i < expected_bytes_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_expected_bytes[i]); + for (u32 i = 0; i < expected_bytes_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_expected_bytes[i]); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_contents_hash[i]); + for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_contents_hash[i]); } if (keyfile_len) @@ -622,15 +615,14 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE *ptr_data = '*'; ptr_data++; - sprintf (ptr_data, "%u", keyfile_len * 2); + snprintf (ptr_data, 3, "%u", keyfile_len * 2); ptr_data += 2; *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < 8; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_keyfile[i]); + for (u32 i = 0; i < 8; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_keyfile[i]); } return strlen (line_buf); diff --git a/src/modules/module_13500.c b/src/modules/module_13500.c index 8aa803f3e..5f59900df 100644 --- a/src/modules/module_13500.c +++ b/src/modules/module_13500.c @@ -184,7 +184,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { const u8 *ptr = (const u8 *) pstoken->salt_buf; - sprintf (pstoken_tmp + j, "%02x", ptr[i]); + snprintf (pstoken_tmp + j, 3, "%02x", ptr[i]); } const int line_len = snprintf (line_buf, line_size, "%08x%08x%08x%08x%08x%c%s", diff --git a/src/modules/module_13600.c b/src/modules/module_13600.c index 6ab9db77f..c6dd15498 100644 --- a/src/modules/module_13600.c +++ b/src/modules/module_13600.c @@ -358,7 +358,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { const u8 *ptr = (const u8 *) zip2->salt_buf; - sprintf (salt_tmp + j, "%02x", ptr[i]); + snprintf (salt_tmp + j, 3, "%02x", ptr[i]); } const u32 data_len = zip2->data_len; @@ -369,7 +369,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { const u8 *ptr = (const u8 *) zip2->data_buf; - sprintf (data_tmp + j, "%02x", ptr[i]); + snprintf (data_tmp + j, 3, "%02x", ptr[i]); } const u32 auth_len = zip2->auth_len; @@ -380,7 +380,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { const u8 *ptr = (const u8 *) zip2->auth_buf; - sprintf (auth_tmp + j, "%02x", ptr[i]); + snprintf (auth_tmp + j, 3, "%02x", ptr[i]); } const int line_len = snprintf (line_buf, line_size, "%s*%u*%u*%u*%s*%x*%x*%s*%s*%s", diff --git a/src/modules/module_13800.c b/src/modules/module_13800.c index af1b68946..199aeebda 100644 --- a/src/modules/module_13800.c +++ b/src/modules/module_13800.c @@ -163,7 +163,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE for (int i = 0, j = 0; i < 32; i += 1, j += 8) { - sprintf (buf + j, "%08x", esalt->salt_buf[i]); + snprintf (buf + j, 9, "%08x", esalt->salt_buf[i]); } const int line_len = snprintf (line_buf, line_size, "%08x%08x%08x%08x%08x%08x%08x%08x%c%s", diff --git a/src/modules/module_15500.c b/src/modules/module_15500.c index 2d190f1dd..dd10ed9cf 100644 --- a/src/modules/module_15500.c +++ b/src/modules/module_15500.c @@ -228,7 +228,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE for (u32 i = 0, j = 0; i < jks_sha1->enc_key_len; i += 1, j += 2) { - sprintf (enc_key + j, "%02X", ptr[i]); + snprintf (enc_key + j, 3, "%02X", ptr[i]); } u8 *der = (u8 *) jks_sha1->der; diff --git a/src/modules/module_16100.c b/src/modules/module_16100.c index edcf33e8b..9e470f079 100644 --- a/src/modules/module_16100.c +++ b/src/modules/module_16100.c @@ -166,7 +166,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE for (u32 i = 0, j = 0; i < tacacs_plus->ct_data_len; i += 1, j += 2) { - sprintf (ct_data + j, "%02x", ct_data_ptr[i]); + snprintf (ct_data + j, 3, "%02x", ct_data_ptr[i]); } const u8 *session_ptr = (const u8 *) tacacs_plus->session_buf; diff --git a/src/modules/module_18200.c b/src/modules/module_18200.c index 05ac3885d..87120b443 100644 --- a/src/modules/module_18200.c +++ b/src/modules/module_18200.c @@ -283,7 +283,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_edata2 = (u8 *) krb5asrep->edata2; - sprintf (data + j, "%02x", ptr_edata2[i]); + snprintf (data + j, 3, "%02x", ptr_edata2[i]); } int line_len = 0; diff --git a/src/modules/module_19600.c b/src/modules/module_19600.c index cbe9a58d3..af5e04a82 100644 --- a/src/modules/module_19600.c +++ b/src/modules/module_19600.c @@ -267,7 +267,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_edata2 = (u8 *) krb5tgs->edata2; - sprintf (data + j, "%02x", ptr_edata2[i]); + snprintf (data + j, 3, "%02x", ptr_edata2[i]); } const int line_len = snprintf (line_buf, line_size, "%s%s$%s$%08x%08x%08x$%s", diff --git a/src/modules/module_19700.c b/src/modules/module_19700.c index e2f296076..d7eba1d4a 100644 --- a/src/modules/module_19700.c +++ b/src/modules/module_19700.c @@ -267,7 +267,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_edata2 = (u8 *) krb5tgs->edata2; - sprintf (data + j, "%02x", ptr_edata2[i]); + snprintf (data + j, 3, "%02x", ptr_edata2[i]); } const int line_len = snprintf (line_buf, line_size, "%s%s$%s$%08x%08x%08x$%s", diff --git a/src/modules/module_19800.c b/src/modules/module_19800.c index 4f28ab31a..28560777f 100644 --- a/src/modules/module_19800.c +++ b/src/modules/module_19800.c @@ -215,7 +215,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_enc_timestamp = (u8 *) krb5pa->enc_timestamp; - sprintf (data + j, "%02x", ptr_enc_timestamp[i]); + snprintf (data + j, 3, "%02x", ptr_enc_timestamp[i]); } const int line_len = snprintf (line_buf, line_size, "%s%s$%s$%s%08x%08x%08x", diff --git a/src/modules/module_19900.c b/src/modules/module_19900.c index af380c9c6..329b4902e 100644 --- a/src/modules/module_19900.c +++ b/src/modules/module_19900.c @@ -215,7 +215,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_enc_timestamp = (u8 *) krb5pa->enc_timestamp; - sprintf (data + j, "%02x", ptr_enc_timestamp[i]); + snprintf (data + j, 3, "%02x", ptr_enc_timestamp[i]); } const int line_len = snprintf (line_buf, line_size, "%s%s$%s$%s%08x%08x%08x", diff --git a/src/modules/module_29700.c b/src/modules/module_29700.c index 857076ab4..bfa0c1801 100644 --- a/src/modules/module_29700.c +++ b/src/modules/module_29700.c @@ -555,20 +555,17 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < final_random_seed_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_final_random_seed[i]); + for (u32 i = 0; i < final_random_seed_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_final_random_seed[i]); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < transf_random_seed_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_transf_random_seed[i]); + for (u32 i = 0; i < transf_random_seed_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_transf_random_seed[i]); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < enc_iv_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_enc_iv[i]); + for (u32 i = 0; i < enc_iv_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_enc_iv[i]); *ptr_data = '*'; ptr_data++; @@ -578,8 +575,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE u32 contents_len = keepass->contents_len; u32 *ptr_contents = (u32 *) keepass->contents; - for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_contents_hash[i]); + for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_contents_hash[i]); *ptr_data = '*'; ptr_data++; @@ -593,31 +589,28 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE char ptr_contents_len[10] = { 0 }; - sprintf ((char*) ptr_contents_len, "%u", contents_len); + snprintf ((char*) ptr_contents_len, sizeof (ptr_contents_len), "%u", contents_len); - sprintf (ptr_data, "%u", contents_len); + snprintf (ptr_data, sizeof (ptr_contents_len), "%u", contents_len); ptr_data += strlen (ptr_contents_len); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < contents_len / 4; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_contents[i]); + for (u32 i = 0; i < contents_len / 4; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_contents[i]); } else if (version == 2) { expected_bytes_len = 8; ptr_expected_bytes = (u32 *) keepass->expected_bytes; - for (u32 i = 0; i < expected_bytes_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_expected_bytes[i]); + for (u32 i = 0; i < expected_bytes_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_expected_bytes[i]); *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_contents_hash[i]); + for (u32 i = 0; i < contents_hash_len; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_contents_hash[i]); } if (keyfile_len) @@ -632,15 +625,14 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE *ptr_data = '*'; ptr_data++; - sprintf (ptr_data, "%u", keyfile_len * 2); + snprintf (ptr_data, 3, "%u", keyfile_len * 2); ptr_data += 2; *ptr_data = '*'; ptr_data++; - for (u32 i = 0; i < 8; i++, ptr_data += 8) - sprintf (ptr_data, "%08x", ptr_keyfile[i]); + for (u32 i = 0; i < 8; i++, ptr_data += 8) snprintf (ptr_data, 9, "%08x", ptr_keyfile[i]); } return strlen (line_buf); diff --git a/src/modules/module_32100.c b/src/modules/module_32100.c index 1b4488097..9ce58a7d6 100755 --- a/src/modules/module_32100.c +++ b/src/modules/module_32100.c @@ -309,7 +309,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_edata2 = (u8 *) krb5asrep->edata2; - sprintf (data + j, "%02x", ptr_edata2[i]); + snprintf (data + j, 3, "%02x", ptr_edata2[i]); } int line_len = 0; diff --git a/src/modules/module_32200.c b/src/modules/module_32200.c index b081c7833..e219a7686 100755 --- a/src/modules/module_32200.c +++ b/src/modules/module_32200.c @@ -308,7 +308,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u8 *ptr_edata2 = (u8 *) krb5asrep->edata2; - sprintf (data + j, "%02x", ptr_edata2[i]); + snprintf (data + j, 3, "%02x", ptr_edata2[i]); } int line_len = 0; From c4462c9de425136d016dce1e9942c37cdb87d888 Mon Sep 17 00:00:00 2001 From: jsteube Date: Sun, 4 Jun 2023 12:06:42 +0000 Subject: [PATCH 22/32] Fix missing interpreter in m21400.pm --- tools/test_modules/m21400.pm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/test_modules/m21400.pm b/tools/test_modules/m21400.pm index 7446133b3..daaa02108 100644 --- a/tools/test_modules/m21400.pm +++ b/tools/test_modules/m21400.pm @@ -1,3 +1,5 @@ +#!/usr/bin/env perl + ## ## Author......: See docs/credits.txt ## License.....: MIT From 6847458a0048129b50206286a57a6c8d0a769099 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Wed, 7 Jun 2023 00:49:37 +0200 Subject: [PATCH 23/32] Fixed a bug in all SCRYPT-based hash modes with Apple Metal --- OpenCL/m08900-pure.cl | 13 +++++++++++++ OpenCL/m15700-pure.cl | 13 +++++++++++++ OpenCL/m22700-pure.cl | 13 +++++++++++++ OpenCL/m27700-pure.cl | 13 +++++++++++++ OpenCL/m28200-pure.cl | 13 +++++++++++++ OpenCL/m29800-pure.cl | 13 +++++++++++++ docs/changes.txt | 1 + 7 files changed, 79 insertions(+) diff --git a/OpenCL/m08900-pure.cl b/OpenCL/m08900-pure.cl index 5f96f8ec4..3064263a2 100644 --- a/OpenCL/m08900-pure.cl +++ b/OpenCL/m08900-pure.cl @@ -327,6 +327,9 @@ KERNEL_FQ void m08900_init (KERN_ATTR_TMPS (scrypt_tmp_t)) #if defined IS_CUDA || defined IS_HIP const uint4 tmp0 = make_uint4 (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = make_uint4 (digest[4], digest[5], digest[6], digest[7]); + #elif defined IS_METAL + const uint4 tmp0 = uint4 (digest[0], digest[1], digest[2], digest[3]); + const uint4 tmp1 = uint4 (digest[4], digest[5], digest[6], digest[7]); #else const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]); @@ -357,6 +360,11 @@ KERNEL_FQ void m08900_init (KERN_ATTR_TMPS (scrypt_tmp_t)) X[1] = make_uint4 (T[1].x, T[2].y, T[3].z, T[0].w); X[2] = make_uint4 (T[2].x, T[3].y, T[0].z, T[1].w); X[3] = make_uint4 (T[3].x, T[0].y, T[1].z, T[2].w); + #elif defined IS_METAL + X[0] = uint4 (T[0].x, T[1].y, T[2].z, T[3].w); + X[1] = uint4 (T[1].x, T[2].y, T[3].z, T[0].w); + X[2] = uint4 (T[2].x, T[3].y, T[0].z, T[1].w); + X[3] = uint4 (T[3].x, T[0].y, T[1].z, T[2].w); #else X[0] = (uint4) (T[0].x, T[1].y, T[2].z, T[3].w); X[1] = (uint4) (T[1].x, T[2].y, T[3].z, T[0].w); @@ -467,6 +475,11 @@ KERNEL_FQ void m08900_comp (KERN_ATTR_TMPS (scrypt_tmp_t)) T[1] = make_uint4 (X[1].x, X[0].y, X[3].z, X[2].w); T[2] = make_uint4 (X[2].x, X[1].y, X[0].z, X[3].w); T[3] = make_uint4 (X[3].x, X[2].y, X[1].z, X[0].w); + #elif defined IS_METAL + T[0] = uint4 (X[0].x, X[3].y, X[2].z, X[1].w); + T[1] = uint4 (X[1].x, X[0].y, X[3].z, X[2].w); + T[2] = uint4 (X[2].x, X[1].y, X[0].z, X[3].w); + T[3] = uint4 (X[3].x, X[2].y, X[1].z, X[0].w); #else T[0] = (uint4) (X[0].x, X[3].y, X[2].z, X[1].w); T[1] = (uint4) (X[1].x, X[0].y, X[3].z, X[2].w); diff --git a/OpenCL/m15700-pure.cl b/OpenCL/m15700-pure.cl index 20cab27d1..e500b4f70 100644 --- a/OpenCL/m15700-pure.cl +++ b/OpenCL/m15700-pure.cl @@ -463,6 +463,9 @@ KERNEL_FQ void m15700_init (KERN_ATTR_TMPS_ESALT (scrypt_tmp_t, ethereum_scrypt_ #if defined IS_CUDA || defined IS_HIP const uint4 tmp0 = make_uint4 (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = make_uint4 (digest[4], digest[5], digest[6], digest[7]); + #elif defined IS_METAL + const uint4 tmp0 = uint4 (digest[0], digest[1], digest[2], digest[3]); + const uint4 tmp1 = uint4 (digest[4], digest[5], digest[6], digest[7]); #else const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]); @@ -493,6 +496,11 @@ KERNEL_FQ void m15700_init (KERN_ATTR_TMPS_ESALT (scrypt_tmp_t, ethereum_scrypt_ X[1] = make_uint4 (T[1].x, T[2].y, T[3].z, T[0].w); X[2] = make_uint4 (T[2].x, T[3].y, T[0].z, T[1].w); X[3] = make_uint4 (T[3].x, T[0].y, T[1].z, T[2].w); + #elif defined IS_METAL + X[0] = uint4 (T[0].x, T[1].y, T[2].z, T[3].w); + X[1] = uint4 (T[1].x, T[2].y, T[3].z, T[0].w); + X[2] = uint4 (T[2].x, T[3].y, T[0].z, T[1].w); + X[3] = uint4 (T[3].x, T[0].y, T[1].z, T[2].w); #else X[0] = (uint4) (T[0].x, T[1].y, T[2].z, T[3].w); X[1] = (uint4) (T[1].x, T[2].y, T[3].z, T[0].w); @@ -603,6 +611,11 @@ KERNEL_FQ void m15700_comp (KERN_ATTR_TMPS_ESALT (scrypt_tmp_t, ethereum_scrypt_ T[1] = make_uint4 (X[1].x, X[0].y, X[3].z, X[2].w); T[2] = make_uint4 (X[2].x, X[1].y, X[0].z, X[3].w); T[3] = make_uint4 (X[3].x, X[2].y, X[1].z, X[0].w); + #elif defined IS_METAL + T[0] = uint4 (X[0].x, X[3].y, X[2].z, X[1].w); + T[1] = uint4 (X[1].x, X[0].y, X[3].z, X[2].w); + T[2] = uint4 (X[2].x, X[1].y, X[0].z, X[3].w); + T[3] = uint4 (X[3].x, X[2].y, X[1].z, X[0].w); #else T[0] = (uint4) (X[0].x, X[3].y, X[2].z, X[1].w); T[1] = (uint4) (X[1].x, X[0].y, X[3].z, X[2].w); diff --git a/OpenCL/m22700-pure.cl b/OpenCL/m22700-pure.cl index 7d65fd52e..a29df1c03 100644 --- a/OpenCL/m22700-pure.cl +++ b/OpenCL/m22700-pure.cl @@ -400,6 +400,9 @@ KERNEL_FQ void m22700_init (KERN_ATTR_TMPS (scrypt_tmp_t)) #if defined IS_CUDA || defined IS_HIP const uint4 tmp0 = make_uint4 (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = make_uint4 (digest[4], digest[5], digest[6], digest[7]); + #elif defined IS_METAL + const uint4 tmp0 = uint4 (digest[0], digest[1], digest[2], digest[3]); + const uint4 tmp1 = uint4 (digest[4], digest[5], digest[6], digest[7]); #else const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]); @@ -430,6 +433,11 @@ KERNEL_FQ void m22700_init (KERN_ATTR_TMPS (scrypt_tmp_t)) X[1] = make_uint4 (T[1].x, T[2].y, T[3].z, T[0].w); X[2] = make_uint4 (T[2].x, T[3].y, T[0].z, T[1].w); X[3] = make_uint4 (T[3].x, T[0].y, T[1].z, T[2].w); + #elif defined IS_METAL + X[0] = uint4 (T[0].x, T[1].y, T[2].z, T[3].w); + X[1] = uint4 (T[1].x, T[2].y, T[3].z, T[0].w); + X[2] = uint4 (T[2].x, T[3].y, T[0].z, T[1].w); + X[3] = uint4 (T[3].x, T[0].y, T[1].z, T[2].w); #else X[0] = (uint4) (T[0].x, T[1].y, T[2].z, T[3].w); X[1] = (uint4) (T[1].x, T[2].y, T[3].z, T[0].w); @@ -605,6 +613,11 @@ KERNEL_FQ void m22700_comp (KERN_ATTR_TMPS (scrypt_tmp_t)) T[1] = make_uint4 (X[1].x, X[0].y, X[3].z, X[2].w); T[2] = make_uint4 (X[2].x, X[1].y, X[0].z, X[3].w); T[3] = make_uint4 (X[3].x, X[2].y, X[1].z, X[0].w); + #elif defined IS_METAL + T[0] = uint4 (X[0].x, X[3].y, X[2].z, X[1].w); + T[1] = uint4 (X[1].x, X[0].y, X[3].z, X[2].w); + T[2] = uint4 (X[2].x, X[1].y, X[0].z, X[3].w); + T[3] = uint4 (X[3].x, X[2].y, X[1].z, X[0].w); #else T[0] = (uint4) (X[0].x, X[3].y, X[2].z, X[1].w); T[1] = (uint4) (X[1].x, X[0].y, X[3].z, X[2].w); diff --git a/OpenCL/m27700-pure.cl b/OpenCL/m27700-pure.cl index feaca11de..c62dc90d6 100644 --- a/OpenCL/m27700-pure.cl +++ b/OpenCL/m27700-pure.cl @@ -351,6 +351,9 @@ KERNEL_FQ void m27700_init (KERN_ATTR_TMPS (scrypt_tmp_t)) #if defined IS_CUDA || defined IS_HIP const uint4 tmp0 = make_uint4 (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = make_uint4 (digest[4], digest[5], digest[6], digest[7]); + #elif defined IS_METAL + const uint4 tmp0 = uint4 (digest[0], digest[1], digest[2], digest[3]); + const uint4 tmp1 = uint4 (digest[4], digest[5], digest[6], digest[7]); #else const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]); @@ -381,6 +384,11 @@ KERNEL_FQ void m27700_init (KERN_ATTR_TMPS (scrypt_tmp_t)) X[1] = make_uint4 (T[1].x, T[2].y, T[3].z, T[0].w); X[2] = make_uint4 (T[2].x, T[3].y, T[0].z, T[1].w); X[3] = make_uint4 (T[3].x, T[0].y, T[1].z, T[2].w); + #elif defined IS_METAL + X[0] = uint4 (T[0].x, T[1].y, T[2].z, T[3].w); + X[1] = uint4 (T[1].x, T[2].y, T[3].z, T[0].w); + X[2] = uint4 (T[2].x, T[3].y, T[0].z, T[1].w); + X[3] = uint4 (T[3].x, T[0].y, T[1].z, T[2].w); #else X[0] = (uint4) (T[0].x, T[1].y, T[2].z, T[3].w); X[1] = (uint4) (T[1].x, T[2].y, T[3].z, T[0].w); @@ -557,6 +565,11 @@ KERNEL_FQ void m27700_comp (KERN_ATTR_TMPS (scrypt_tmp_t)) T[1] = make_uint4 (X[1].x, X[0].y, X[3].z, X[2].w); T[2] = make_uint4 (X[2].x, X[1].y, X[0].z, X[3].w); T[3] = make_uint4 (X[3].x, X[2].y, X[1].z, X[0].w); + #elif defined IS_METAL + T[0] = uint4 (X[0].x, X[3].y, X[2].z, X[1].w); + T[1] = uint4 (X[1].x, X[0].y, X[3].z, X[2].w); + T[2] = uint4 (X[2].x, X[1].y, X[0].z, X[3].w); + T[3] = uint4 (X[3].x, X[2].y, X[1].z, X[0].w); #else T[0] = (uint4) (X[0].x, X[3].y, X[2].z, X[1].w); T[1] = (uint4) (X[1].x, X[0].y, X[3].z, X[2].w); diff --git a/OpenCL/m28200-pure.cl b/OpenCL/m28200-pure.cl index 2ead5b4bc..2260e931b 100644 --- a/OpenCL/m28200-pure.cl +++ b/OpenCL/m28200-pure.cl @@ -337,6 +337,9 @@ KERNEL_FQ void m28200_init (KERN_ATTR_TMPS_ESALT (exodus_tmp_t, exodus_t)) #if defined IS_CUDA || defined IS_HIP const uint4 tmp0 = make_uint4 (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = make_uint4 (digest[4], digest[5], digest[6], digest[7]); + #elif defined IS_METAL + const uint4 tmp0 = uint4 (digest[0], digest[1], digest[2], digest[3]); + const uint4 tmp1 = uint4 (digest[4], digest[5], digest[6], digest[7]); #else const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]); @@ -367,6 +370,11 @@ KERNEL_FQ void m28200_init (KERN_ATTR_TMPS_ESALT (exodus_tmp_t, exodus_t)) X[1] = make_uint4 (T[1].x, T[2].y, T[3].z, T[0].w); X[2] = make_uint4 (T[2].x, T[3].y, T[0].z, T[1].w); X[3] = make_uint4 (T[3].x, T[0].y, T[1].z, T[2].w); + #elif defined IS_METAL + X[0] = uint4 (T[0].x, T[1].y, T[2].z, T[3].w); + X[1] = uint4 (T[1].x, T[2].y, T[3].z, T[0].w); + X[2] = uint4 (T[2].x, T[3].y, T[0].z, T[1].w); + X[3] = uint4 (T[3].x, T[0].y, T[1].z, T[2].w); #else X[0] = (uint4) (T[0].x, T[1].y, T[2].z, T[3].w); X[1] = (uint4) (T[1].x, T[2].y, T[3].z, T[0].w); @@ -525,6 +533,11 @@ KERNEL_FQ void m28200_comp (KERN_ATTR_TMPS_ESALT (exodus_tmp_t, exodus_t)) T[1] = make_uint4 (X[1].x, X[0].y, X[3].z, X[2].w); T[2] = make_uint4 (X[2].x, X[1].y, X[0].z, X[3].w); T[3] = make_uint4 (X[3].x, X[2].y, X[1].z, X[0].w); + #elif defined IS_METAL + T[0] = uint4 (X[0].x, X[3].y, X[2].z, X[1].w); + T[1] = uint4 (X[1].x, X[0].y, X[3].z, X[2].w); + T[2] = uint4 (X[2].x, X[1].y, X[0].z, X[3].w); + T[3] = uint4 (X[3].x, X[2].y, X[1].z, X[0].w); #else T[0] = (uint4) (X[0].x, X[3].y, X[2].z, X[1].w); T[1] = (uint4) (X[1].x, X[0].y, X[3].z, X[2].w); diff --git a/OpenCL/m29800-pure.cl b/OpenCL/m29800-pure.cl index de4260279..c72f5c267 100644 --- a/OpenCL/m29800-pure.cl +++ b/OpenCL/m29800-pure.cl @@ -351,6 +351,9 @@ KERNEL_FQ void m29800_init (KERN_ATTR_TMPS (scrypt_tmp_t)) #if defined IS_CUDA || defined IS_HIP const uint4 tmp0 = make_uint4 (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = make_uint4 (digest[4], digest[5], digest[6], digest[7]); + #elif defined IS_METAL + const uint4 tmp0 = uint4 (digest[0], digest[1], digest[2], digest[3]); + const uint4 tmp1 = uint4 (digest[4], digest[5], digest[6], digest[7]); #else const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]); const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]); @@ -381,6 +384,11 @@ KERNEL_FQ void m29800_init (KERN_ATTR_TMPS (scrypt_tmp_t)) X[1] = make_uint4 (T[1].x, T[2].y, T[3].z, T[0].w); X[2] = make_uint4 (T[2].x, T[3].y, T[0].z, T[1].w); X[3] = make_uint4 (T[3].x, T[0].y, T[1].z, T[2].w); + #elif defined IS_METAL + X[0] = uint4 (T[0].x, T[1].y, T[2].z, T[3].w); + X[1] = uint4 (T[1].x, T[2].y, T[3].z, T[0].w); + X[2] = uint4 (T[2].x, T[3].y, T[0].z, T[1].w); + X[3] = uint4 (T[3].x, T[0].y, T[1].z, T[2].w); #else X[0] = (uint4) (T[0].x, T[1].y, T[2].z, T[3].w); X[1] = (uint4) (T[1].x, T[2].y, T[3].z, T[0].w); @@ -557,6 +565,11 @@ KERNEL_FQ void m29800_comp (KERN_ATTR_TMPS (scrypt_tmp_t)) T[1] = make_uint4 (X[1].x, X[0].y, X[3].z, X[2].w); T[2] = make_uint4 (X[2].x, X[1].y, X[0].z, X[3].w); T[3] = make_uint4 (X[3].x, X[2].y, X[1].z, X[0].w); + #elif defined IS_METAL + T[0] = uint4 (X[0].x, X[3].y, X[2].z, X[1].w); + T[1] = uint4 (X[1].x, X[0].y, X[3].z, X[2].w); + T[2] = uint4 (X[2].x, X[1].y, X[0].z, X[3].w); + T[3] = uint4 (X[3].x, X[2].y, X[1].z, X[0].w); #else T[0] = (uint4) (X[0].x, X[3].y, X[2].z, X[1].w); T[1] = (uint4) (X[1].x, X[0].y, X[3].z, X[2].w); diff --git a/docs/changes.txt b/docs/changes.txt index 90e8a6f0e..c977aaf87 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -70,6 +70,7 @@ - Fixed bug in 29600 module OPTS_TYPE setting - Fixed bug in grep out-of-memory workaround on Unit Test - Fixed bug in input_tokenizer when TOKEN_ATTR_FIXED_LENGTH is used and refactor modules +- Fixed a bug in all SCRYPT-based hash modes with Apple Metal - Added verification of token buffer length when using TOKEN_ATTR_FIXED_LENGTH - Fixed build failed for 4410 with vector width > 1 - Fixed build failed for 10700 optimized with Apple Metal From 737989b7cf2491fa3a473de7ac8fcccaf351bf8f Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Wed, 7 Jun 2023 01:17:30 +0200 Subject: [PATCH 24/32] Metal Backend: allow use of devices with Metal if runtime version is >= 200 --- docs/changes.txt | 1 + src/backend.c | 21 --------------------- 2 files changed, 1 insertion(+), 21 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 90e8a6f0e..9feec0993 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -107,6 +107,7 @@ - MetaMask: update extraction tool to support MetaMask Mobile wallets - SecureCRT MasterPassphrase v2: update module, pure kernels and test unit. Add optimized kernels. - Metal Backend: added workaround to prevent 'Infinite Loop' bug when build kernels +- Metal Backend: allow use of devices with Metal if runtime version is >= 200 - User Options: added --metal-compiler-runtime option - Hardware Monitor: avoid sprintf in src/ext_iokit.c - Help: show supported hash-modes only with -hh diff --git a/src/backend.c b/src/backend.c index ea6fa7acd..c380da868 100644 --- a/src/backend.c +++ b/src/backend.c @@ -4543,27 +4543,6 @@ int backend_ctx_init (hashcat_ctx_t *hashcat_ctx) mtl_close (hashcat_ctx); } - else - { - if (user_options->force == false) - { - // disable metal < 300 - - if (backend_ctx->metal_runtimeVersion < 300) - { - event_log_warning (hashcat_ctx, "Unsupported Apple Metal runtime version '%s' detected! Falling back to OpenCL...", backend_ctx->metal_runtimeVersionStr); - event_log_warning (hashcat_ctx, NULL); - - rc_metal_init = -1; - - backend_ctx->rc_metal_init = rc_metal_init; - - backend_ctx->mtl = NULL; - - mtl_close (hashcat_ctx); - } - } - } } else { From eb276f12f6c976a390cfca76d41fce13831ad9f3 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Wed, 7 Jun 2023 21:06:57 +0200 Subject: [PATCH 25/32] do not allow negative kern_type --- src/backend.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/backend.c b/src/backend.c index ea6fa7acd..ef50b98a3 100644 --- a/src/backend.c +++ b/src/backend.c @@ -9893,6 +9893,13 @@ int backend_session_begin (hashcat_ctx_t *hashcat_ctx) } } + if ((int) kern_type == -1) + { + event_log_error (hashcat_ctx, "Invalid hash-mode selected: -1"); + + return -1; + } + // built options const size_t build_options_sz = 4096; From e6c97eb51b22780cd687663fdad64531ccc484e0 Mon Sep 17 00:00:00 2001 From: jsteube Date: Sat, 10 Jun 2023 19:01:35 +0000 Subject: [PATCH 26/32] Fix vector datatypes usage for HIP --- OpenCL/inc_types.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/OpenCL/inc_types.h b/OpenCL/inc_types.h index 63dc5815d..4d7b937d5 100644 --- a/OpenCL/inc_types.h +++ b/OpenCL/inc_types.h @@ -112,6 +112,15 @@ typedef u64 u64x; #if defined IS_CUDA || defined IS_HIP +#ifndef __device_builtin__ +#define __device_builtin__ +#endif + +#ifndef __builtin_align__ +#define __builtin_align__(x) +#endif + + #if VECT_SIZE == 2 struct __device_builtin__ __builtin_align__(2) u8x From c91615551282a206eff70f95894efd15931752cb Mon Sep 17 00:00:00 2001 From: jsteube Date: Mon, 12 Jun 2023 14:40:14 +0000 Subject: [PATCH 27/32] Add missing changes entry --- docs/changes.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changes.txt b/docs/changes.txt index de9865f9a..9feb6eb7a 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -87,6 +87,7 @@ - Fixed minimum password length in module of hash-mode 29800 - Fixed maximum password length in module/test_module of hash-mode 2400 - Fixed buffer overflow on module_26600.c / module_hash_encode() +- Fixed vector datatypes usage for HIP ## ## Technical From ef81520158367a29d3f91ff321301576dec90a2f Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Wed, 14 Jun 2023 21:11:42 +0200 Subject: [PATCH 28/32] Metal Backend: disable Metal devices only if at least one OpenCL device is active --- docs/changes.txt | 1 + src/backend.c | 80 ++++++++++++++++++++++++++++++------------------ 2 files changed, 52 insertions(+), 29 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index a0a58a8d1..4df3d4c7c 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -111,6 +111,7 @@ - SecureCRT MasterPassphrase v2: update module, pure kernels and test unit. Add optimized kernels. - Metal Backend: added workaround to prevent 'Infinite Loop' bug when build kernels - Metal Backend: allow use of devices with Metal if runtime version is >= 200 +- Metal Backend: disable Metal devices only if at least one OpenCL device is active - User Options: added --metal-compiler-runtime option - Hardware Monitor: avoid sprintf in src/ext_iokit.c - Help: show supported hash-modes only with -hh diff --git a/src/backend.c b/src/backend.c index 67c5cb0de..3b7f20e0d 100644 --- a/src/backend.c +++ b/src/backend.c @@ -6242,35 +6242,6 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (device_param->device_processors == 1) device_param->skipped = true; - // Since we can't match OpenCL with Metal devices (missing PCI ID etc.) and at the same time we have better OpenCL support than Metal support, - // we disable all Metal devices by default. The user can reactivate them with -d. - - if (device_param->skipped == false) - { - if (backend_ctx->backend_devices_filter == -1ULL) - { - if ((user_options->quiet == false) && (user_options->backend_info == 0)) - { - event_log_warning (hashcat_ctx, "The device #%d has been disabled as it most likely also exists as an OpenCL device, but it is not possible to automatically map it.", device_id + 1); - event_log_warning (hashcat_ctx, "You can use -d %d to use Metal API instead of OpenCL API. In some rare cases this is more stable.", device_id + 1); - event_log_warning (hashcat_ctx, NULL); - } - - device_param->skipped = true; - } - else - { - if (backend_ctx->backend_devices_filter & (1ULL << device_id)) - { - // ok - } - else - { - device_param->skipped = true; - } - } - } - /** * activate device */ @@ -7592,6 +7563,57 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) backend_ctx->backend_devices_cnt = cuda_devices_cnt + hip_devices_cnt + metal_devices_cnt + opencl_devices_cnt; backend_ctx->backend_devices_active = cuda_devices_active + hip_devices_active + metal_devices_active + opencl_devices_active; + #if defined (__APPLE__) + // disable Metal devices if at least one OpenCL device is enabled + if (backend_ctx->opencl_devices_active > 0) + { + if (backend_ctx->mtl) + { + for (int backend_devices_cnt = 0; backend_devices_cnt < backend_ctx->backend_devices_cnt; backend_devices_cnt++) + { + hc_device_param_t *device_param = &backend_ctx->devices_param[backend_devices_cnt]; + + if (device_param->is_metal == false) continue; + + // Since we can't match OpenCL with Metal devices (missing PCI ID etc.) and at the same time we have better OpenCL support than Metal support, + // we disable all Metal devices by default. The user can reactivate them with -d. + + if (device_param->skipped == false) + { + if (backend_ctx->backend_devices_filter == -1ULL) + { + if ((user_options->quiet == false) && (user_options->backend_info == 0)) + { + event_log_warning (hashcat_ctx, "The device #%d has been disabled as it most likely also exists as an OpenCL device, but it is not possible to automatically map it.", device_param->device_id + 1); + event_log_warning (hashcat_ctx, "You can use -d %d to use Metal API instead of OpenCL API. In some rare cases this is more stable.", device_param->device_id + 1); + event_log_warning (hashcat_ctx, NULL); + } + + device_param->skipped = true; + } + else + { + if (backend_ctx->backend_devices_filter & (1ULL << device_param->device_id)) + { + // ok + } + else + { + device_param->skipped = true; + } + } + + if (device_param->skipped == true) + { + backend_ctx->metal_devices_active--; + backend_ctx->backend_devices_active--; + } + } + } + } + } + #endif + // find duplicate devices //if ((cuda_devices_cnt > 0) && (hip_devices_cnt > 0) && (opencl_devices_cnt > 0)) From ec13e6123af02a9814bc169e02c35ace2beb294b Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Wed, 14 Jun 2023 22:51:39 +0200 Subject: [PATCH 29/32] Added hash-mode: sha512(sha512($pass).$salt) --- OpenCL/m32410_a0-pure.cl | 369 +++++++++++++++++++++++++++++++++ OpenCL/m32410_a1-pure.cl | 363 ++++++++++++++++++++++++++++++++ OpenCL/m32410_a3-pure.cl | 389 +++++++++++++++++++++++++++++++++++ docs/changes.txt | 1 + docs/readme.txt | 1 + src/modules/module_32410.c | 271 ++++++++++++++++++++++++ tools/test_modules/m32410.pm | 44 ++++ 7 files changed, 1438 insertions(+) create mode 100644 OpenCL/m32410_a0-pure.cl create mode 100644 OpenCL/m32410_a1-pure.cl create mode 100644 OpenCL/m32410_a3-pure.cl create mode 100644 src/modules/module_32410.c create mode 100644 tools/test_modules/m32410.pm diff --git a/OpenCL/m32410_a0-pure.cl b/OpenCL/m32410_a0-pure.cl new file mode 100644 index 000000000..864468195 --- /dev/null +++ b/OpenCL/m32410_a0-pure.cl @@ -0,0 +1,369 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_rp.h) +#include M2S(INCLUDE_PATH/inc_rp.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha512.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +KERNEL_FQ void m32410_mxx (KERN_ATTR_RULES ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + u32 w4[4]; + u32 w5[4]; + u32 w6[4]; + u32 w7[4]; + + COPY_PW (pws[gid]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32 s[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha512_ctx_t ctx0; + + sha512_init (&ctx0); + + sha512_update_swap (&ctx0, tmp.i, tmp.pw_len); + + sha512_final (&ctx0); + + const u64 a = ctx0.h[0]; + const u64 b = ctx0.h[1]; + const u64 c = ctx0.h[2]; + const u64 d = ctx0.h[3]; + const u64 e = ctx0.h[4]; + const u64 f = ctx0.h[5]; + const u64 g = ctx0.h[6]; + const u64 h = ctx0.h[7]; + + sha512_ctx_t ctx; + + sha512_init (&ctx); + + w0[0] = uint_to_hex_lower8 ((a >> 56) & 255) << 16 + | uint_to_hex_lower8 ((a >> 48) & 255) << 0; + w0[1] = uint_to_hex_lower8 ((a >> 40) & 255) << 16 + | uint_to_hex_lower8 ((a >> 32) & 255) << 0; + w0[2] = uint_to_hex_lower8 ((a >> 24) & 255) << 16 + | uint_to_hex_lower8 ((a >> 16) & 255) << 0; + w0[3] = uint_to_hex_lower8 ((a >> 8) & 255) << 16 + | uint_to_hex_lower8 ((a >> 0) & 255) << 0; + w1[0] = uint_to_hex_lower8 ((b >> 56) & 255) << 16 + | uint_to_hex_lower8 ((b >> 48) & 255) << 0; + w1[1] = uint_to_hex_lower8 ((b >> 40) & 255) << 16 + | uint_to_hex_lower8 ((b >> 32) & 255) << 0; + w1[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 16 + | uint_to_hex_lower8 ((b >> 16) & 255) << 0; + w1[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 16 + | uint_to_hex_lower8 ((b >> 0) & 255) << 0; + w2[0] = uint_to_hex_lower8 ((c >> 56) & 255) << 16 + | uint_to_hex_lower8 ((c >> 48) & 255) << 0; + w2[1] = uint_to_hex_lower8 ((c >> 40) & 255) << 16 + | uint_to_hex_lower8 ((c >> 32) & 255) << 0; + w2[2] = uint_to_hex_lower8 ((c >> 24) & 255) << 16 + | uint_to_hex_lower8 ((c >> 16) & 255) << 0; + w2[3] = uint_to_hex_lower8 ((c >> 8) & 255) << 16 + | uint_to_hex_lower8 ((c >> 0) & 255) << 0; + w3[0] = uint_to_hex_lower8 ((d >> 56) & 255) << 16 + | uint_to_hex_lower8 ((d >> 48) & 255) << 0; + w3[1] = uint_to_hex_lower8 ((d >> 40) & 255) << 16 + | uint_to_hex_lower8 ((d >> 32) & 255) << 0; + w3[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 16 + | uint_to_hex_lower8 ((d >> 16) & 255) << 0; + w3[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 16 + | uint_to_hex_lower8 ((d >> 0) & 255) << 0; + w4[0] = uint_to_hex_lower8 ((e >> 56) & 255) << 16 + | uint_to_hex_lower8 ((e >> 48) & 255) << 0; + w4[1] = uint_to_hex_lower8 ((e >> 40) & 255) << 16 + | uint_to_hex_lower8 ((e >> 32) & 255) << 0; + w4[2] = uint_to_hex_lower8 ((e >> 24) & 255) << 16 + | uint_to_hex_lower8 ((e >> 16) & 255) << 0; + w4[3] = uint_to_hex_lower8 ((e >> 8) & 255) << 16 + | uint_to_hex_lower8 ((e >> 0) & 255) << 0; + w5[0] = uint_to_hex_lower8 ((f >> 56) & 255) << 16 + | uint_to_hex_lower8 ((f >> 48) & 255) << 0; + w5[1] = uint_to_hex_lower8 ((f >> 40) & 255) << 16 + | uint_to_hex_lower8 ((f >> 32) & 255) << 0; + w5[2] = uint_to_hex_lower8 ((f >> 24) & 255) << 16 + | uint_to_hex_lower8 ((f >> 16) & 255) << 0; + w5[3] = uint_to_hex_lower8 ((f >> 8) & 255) << 16 + | uint_to_hex_lower8 ((f >> 0) & 255) << 0; + w6[0] = uint_to_hex_lower8 ((g >> 56) & 255) << 16 + | uint_to_hex_lower8 ((g >> 48) & 255) << 0; + w6[1] = uint_to_hex_lower8 ((g >> 40) & 255) << 16 + | uint_to_hex_lower8 ((g >> 32) & 255) << 0; + w6[2] = uint_to_hex_lower8 ((g >> 24) & 255) << 16 + | uint_to_hex_lower8 ((g >> 16) & 255) << 0; + w6[3] = uint_to_hex_lower8 ((g >> 8) & 255) << 16 + | uint_to_hex_lower8 ((g >> 0) & 255) << 0; + w7[0] = uint_to_hex_lower8 ((h >> 56) & 255) << 16 + | uint_to_hex_lower8 ((h >> 48) & 255) << 0; + w7[1] = uint_to_hex_lower8 ((h >> 40) & 255) << 16 + | uint_to_hex_lower8 ((h >> 32) & 255) << 0; + w7[2] = uint_to_hex_lower8 ((h >> 24) & 255) << 16 + | uint_to_hex_lower8 ((h >> 16) & 255) << 0; + w7[3] = uint_to_hex_lower8 ((h >> 8) & 255) << 16 + | uint_to_hex_lower8 ((h >> 0) & 255) << 0; + + sha512_update_128 (&ctx, w0, w1, w2, w3, w4, w5, w6, w7, 128); + + sha512_update (&ctx, s, salt_len); + + sha512_final (&ctx); + + const u32 r0 = l32_from_64_S (ctx.h[7]); + const u32 r1 = h32_from_64_S (ctx.h[7]); + const u32 r2 = l32_from_64_S (ctx.h[3]); + const u32 r3 = h32_from_64_S (ctx.h[3]); + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m32410_sxx (KERN_ATTR_RULES ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + u32 w4[4]; + u32 w5[4]; + u32 w6[4]; + u32 w7[4]; + + COPY_PW (pws[gid]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32 s[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha512_ctx_t ctx0; + + sha512_init (&ctx0); + + sha512_update_swap (&ctx0, tmp.i, tmp.pw_len); + + sha512_final (&ctx0); + + const u64 a = ctx0.h[0]; + const u64 b = ctx0.h[1]; + const u64 c = ctx0.h[2]; + const u64 d = ctx0.h[3]; + const u64 e = ctx0.h[4]; + const u64 f = ctx0.h[5]; + const u64 g = ctx0.h[6]; + const u64 h = ctx0.h[7]; + + sha512_ctx_t ctx; + + sha512_init (&ctx); + + w0[0] = uint_to_hex_lower8 ((a >> 56) & 255) << 16 + | uint_to_hex_lower8 ((a >> 48) & 255) << 0; + w0[1] = uint_to_hex_lower8 ((a >> 40) & 255) << 16 + | uint_to_hex_lower8 ((a >> 32) & 255) << 0; + w0[2] = uint_to_hex_lower8 ((a >> 24) & 255) << 16 + | uint_to_hex_lower8 ((a >> 16) & 255) << 0; + w0[3] = uint_to_hex_lower8 ((a >> 8) & 255) << 16 + | uint_to_hex_lower8 ((a >> 0) & 255) << 0; + w1[0] = uint_to_hex_lower8 ((b >> 56) & 255) << 16 + | uint_to_hex_lower8 ((b >> 48) & 255) << 0; + w1[1] = uint_to_hex_lower8 ((b >> 40) & 255) << 16 + | uint_to_hex_lower8 ((b >> 32) & 255) << 0; + w1[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 16 + | uint_to_hex_lower8 ((b >> 16) & 255) << 0; + w1[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 16 + | uint_to_hex_lower8 ((b >> 0) & 255) << 0; + w2[0] = uint_to_hex_lower8 ((c >> 56) & 255) << 16 + | uint_to_hex_lower8 ((c >> 48) & 255) << 0; + w2[1] = uint_to_hex_lower8 ((c >> 40) & 255) << 16 + | uint_to_hex_lower8 ((c >> 32) & 255) << 0; + w2[2] = uint_to_hex_lower8 ((c >> 24) & 255) << 16 + | uint_to_hex_lower8 ((c >> 16) & 255) << 0; + w2[3] = uint_to_hex_lower8 ((c >> 8) & 255) << 16 + | uint_to_hex_lower8 ((c >> 0) & 255) << 0; + w3[0] = uint_to_hex_lower8 ((d >> 56) & 255) << 16 + | uint_to_hex_lower8 ((d >> 48) & 255) << 0; + w3[1] = uint_to_hex_lower8 ((d >> 40) & 255) << 16 + | uint_to_hex_lower8 ((d >> 32) & 255) << 0; + w3[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 16 + | uint_to_hex_lower8 ((d >> 16) & 255) << 0; + w3[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 16 + | uint_to_hex_lower8 ((d >> 0) & 255) << 0; + w4[0] = uint_to_hex_lower8 ((e >> 56) & 255) << 16 + | uint_to_hex_lower8 ((e >> 48) & 255) << 0; + w4[1] = uint_to_hex_lower8 ((e >> 40) & 255) << 16 + | uint_to_hex_lower8 ((e >> 32) & 255) << 0; + w4[2] = uint_to_hex_lower8 ((e >> 24) & 255) << 16 + | uint_to_hex_lower8 ((e >> 16) & 255) << 0; + w4[3] = uint_to_hex_lower8 ((e >> 8) & 255) << 16 + | uint_to_hex_lower8 ((e >> 0) & 255) << 0; + w5[0] = uint_to_hex_lower8 ((f >> 56) & 255) << 16 + | uint_to_hex_lower8 ((f >> 48) & 255) << 0; + w5[1] = uint_to_hex_lower8 ((f >> 40) & 255) << 16 + | uint_to_hex_lower8 ((f >> 32) & 255) << 0; + w5[2] = uint_to_hex_lower8 ((f >> 24) & 255) << 16 + | uint_to_hex_lower8 ((f >> 16) & 255) << 0; + w5[3] = uint_to_hex_lower8 ((f >> 8) & 255) << 16 + | uint_to_hex_lower8 ((f >> 0) & 255) << 0; + w6[0] = uint_to_hex_lower8 ((g >> 56) & 255) << 16 + | uint_to_hex_lower8 ((g >> 48) & 255) << 0; + w6[1] = uint_to_hex_lower8 ((g >> 40) & 255) << 16 + | uint_to_hex_lower8 ((g >> 32) & 255) << 0; + w6[2] = uint_to_hex_lower8 ((g >> 24) & 255) << 16 + | uint_to_hex_lower8 ((g >> 16) & 255) << 0; + w6[3] = uint_to_hex_lower8 ((g >> 8) & 255) << 16 + | uint_to_hex_lower8 ((g >> 0) & 255) << 0; + w7[0] = uint_to_hex_lower8 ((h >> 56) & 255) << 16 + | uint_to_hex_lower8 ((h >> 48) & 255) << 0; + w7[1] = uint_to_hex_lower8 ((h >> 40) & 255) << 16 + | uint_to_hex_lower8 ((h >> 32) & 255) << 0; + w7[2] = uint_to_hex_lower8 ((h >> 24) & 255) << 16 + | uint_to_hex_lower8 ((h >> 16) & 255) << 0; + w7[3] = uint_to_hex_lower8 ((h >> 8) & 255) << 16 + | uint_to_hex_lower8 ((h >> 0) & 255) << 0; + + sha512_update_128 (&ctx, w0, w1, w2, w3, w4, w5, w6, w7, 128); + + sha512_update (&ctx, s, salt_len); + + sha512_final (&ctx); + + const u32 r0 = l32_from_64_S (ctx.h[7]); + const u32 r1 = h32_from_64_S (ctx.h[7]); + const u32 r2 = l32_from_64_S (ctx.h[3]); + const u32 r3 = h32_from_64_S (ctx.h[3]); + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m32410_a1-pure.cl b/OpenCL/m32410_a1-pure.cl new file mode 100644 index 000000000..65dccc7d6 --- /dev/null +++ b/OpenCL/m32410_a1-pure.cl @@ -0,0 +1,363 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha512.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +KERNEL_FQ void m32410_mxx (KERN_ATTR_BASIC ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + u32 w4[4]; + u32 w5[4]; + u32 w6[4]; + u32 w7[4]; + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32 s[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + sha512_ctx_t ctx0; + + sha512_init (&ctx0); + + sha512_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + sha512_ctx_t ctx1 = ctx0; + + sha512_update_global_swap (&ctx1, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha512_final (&ctx1); + + const u64 a = ctx1.h[0]; + const u64 b = ctx1.h[1]; + const u64 c = ctx1.h[2]; + const u64 d = ctx1.h[3]; + const u64 e = ctx1.h[4]; + const u64 f = ctx1.h[5]; + const u64 g = ctx1.h[6]; + const u64 h = ctx1.h[7]; + + sha512_ctx_t ctx; + + sha512_init (&ctx); + + w0[0] = uint_to_hex_lower8 ((a >> 56) & 255) << 16 + | uint_to_hex_lower8 ((a >> 48) & 255) << 0; + w0[1] = uint_to_hex_lower8 ((a >> 40) & 255) << 16 + | uint_to_hex_lower8 ((a >> 32) & 255) << 0; + w0[2] = uint_to_hex_lower8 ((a >> 24) & 255) << 16 + | uint_to_hex_lower8 ((a >> 16) & 255) << 0; + w0[3] = uint_to_hex_lower8 ((a >> 8) & 255) << 16 + | uint_to_hex_lower8 ((a >> 0) & 255) << 0; + w1[0] = uint_to_hex_lower8 ((b >> 56) & 255) << 16 + | uint_to_hex_lower8 ((b >> 48) & 255) << 0; + w1[1] = uint_to_hex_lower8 ((b >> 40) & 255) << 16 + | uint_to_hex_lower8 ((b >> 32) & 255) << 0; + w1[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 16 + | uint_to_hex_lower8 ((b >> 16) & 255) << 0; + w1[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 16 + | uint_to_hex_lower8 ((b >> 0) & 255) << 0; + w2[0] = uint_to_hex_lower8 ((c >> 56) & 255) << 16 + | uint_to_hex_lower8 ((c >> 48) & 255) << 0; + w2[1] = uint_to_hex_lower8 ((c >> 40) & 255) << 16 + | uint_to_hex_lower8 ((c >> 32) & 255) << 0; + w2[2] = uint_to_hex_lower8 ((c >> 24) & 255) << 16 + | uint_to_hex_lower8 ((c >> 16) & 255) << 0; + w2[3] = uint_to_hex_lower8 ((c >> 8) & 255) << 16 + | uint_to_hex_lower8 ((c >> 0) & 255) << 0; + w3[0] = uint_to_hex_lower8 ((d >> 56) & 255) << 16 + | uint_to_hex_lower8 ((d >> 48) & 255) << 0; + w3[1] = uint_to_hex_lower8 ((d >> 40) & 255) << 16 + | uint_to_hex_lower8 ((d >> 32) & 255) << 0; + w3[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 16 + | uint_to_hex_lower8 ((d >> 16) & 255) << 0; + w3[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 16 + | uint_to_hex_lower8 ((d >> 0) & 255) << 0; + w4[0] = uint_to_hex_lower8 ((e >> 56) & 255) << 16 + | uint_to_hex_lower8 ((e >> 48) & 255) << 0; + w4[1] = uint_to_hex_lower8 ((e >> 40) & 255) << 16 + | uint_to_hex_lower8 ((e >> 32) & 255) << 0; + w4[2] = uint_to_hex_lower8 ((e >> 24) & 255) << 16 + | uint_to_hex_lower8 ((e >> 16) & 255) << 0; + w4[3] = uint_to_hex_lower8 ((e >> 8) & 255) << 16 + | uint_to_hex_lower8 ((e >> 0) & 255) << 0; + w5[0] = uint_to_hex_lower8 ((f >> 56) & 255) << 16 + | uint_to_hex_lower8 ((f >> 48) & 255) << 0; + w5[1] = uint_to_hex_lower8 ((f >> 40) & 255) << 16 + | uint_to_hex_lower8 ((f >> 32) & 255) << 0; + w5[2] = uint_to_hex_lower8 ((f >> 24) & 255) << 16 + | uint_to_hex_lower8 ((f >> 16) & 255) << 0; + w5[3] = uint_to_hex_lower8 ((f >> 8) & 255) << 16 + | uint_to_hex_lower8 ((f >> 0) & 255) << 0; + w6[0] = uint_to_hex_lower8 ((g >> 56) & 255) << 16 + | uint_to_hex_lower8 ((g >> 48) & 255) << 0; + w6[1] = uint_to_hex_lower8 ((g >> 40) & 255) << 16 + | uint_to_hex_lower8 ((g >> 32) & 255) << 0; + w6[2] = uint_to_hex_lower8 ((g >> 24) & 255) << 16 + | uint_to_hex_lower8 ((g >> 16) & 255) << 0; + w6[3] = uint_to_hex_lower8 ((g >> 8) & 255) << 16 + | uint_to_hex_lower8 ((g >> 0) & 255) << 0; + w7[0] = uint_to_hex_lower8 ((h >> 56) & 255) << 16 + | uint_to_hex_lower8 ((h >> 48) & 255) << 0; + w7[1] = uint_to_hex_lower8 ((h >> 40) & 255) << 16 + | uint_to_hex_lower8 ((h >> 32) & 255) << 0; + w7[2] = uint_to_hex_lower8 ((h >> 24) & 255) << 16 + | uint_to_hex_lower8 ((h >> 16) & 255) << 0; + w7[3] = uint_to_hex_lower8 ((h >> 8) & 255) << 16 + | uint_to_hex_lower8 ((h >> 0) & 255) << 0; + + sha512_update_128 (&ctx, w0, w1, w2, w3, w4, w5, w6, w7, 128); + + sha512_update (&ctx, s, salt_len); + + sha512_final (&ctx); + + const u32 r0 = l32_from_64_S (ctx.h[7]); + const u32 r1 = h32_from_64_S (ctx.h[7]); + const u32 r2 = l32_from_64_S (ctx.h[3]); + const u32 r3 = h32_from_64_S (ctx.h[3]); + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m32410_sxx (KERN_ATTR_BASIC ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + u32 w4[4]; + u32 w5[4]; + u32 w6[4]; + u32 w7[4]; + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32 s[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + sha512_ctx_t ctx0; + + sha512_init (&ctx0); + + sha512_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + sha512_ctx_t ctx1 = ctx0; + + sha512_update_global_swap (&ctx1, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha512_final (&ctx1); + + const u64 a = ctx1.h[0]; + const u64 b = ctx1.h[1]; + const u64 c = ctx1.h[2]; + const u64 d = ctx1.h[3]; + const u64 e = ctx1.h[4]; + const u64 f = ctx1.h[5]; + const u64 g = ctx1.h[6]; + const u64 h = ctx1.h[7]; + + sha512_ctx_t ctx; + + sha512_init (&ctx); + + w0[0] = uint_to_hex_lower8 ((a >> 56) & 255) << 16 + | uint_to_hex_lower8 ((a >> 48) & 255) << 0; + w0[1] = uint_to_hex_lower8 ((a >> 40) & 255) << 16 + | uint_to_hex_lower8 ((a >> 32) & 255) << 0; + w0[2] = uint_to_hex_lower8 ((a >> 24) & 255) << 16 + | uint_to_hex_lower8 ((a >> 16) & 255) << 0; + w0[3] = uint_to_hex_lower8 ((a >> 8) & 255) << 16 + | uint_to_hex_lower8 ((a >> 0) & 255) << 0; + w1[0] = uint_to_hex_lower8 ((b >> 56) & 255) << 16 + | uint_to_hex_lower8 ((b >> 48) & 255) << 0; + w1[1] = uint_to_hex_lower8 ((b >> 40) & 255) << 16 + | uint_to_hex_lower8 ((b >> 32) & 255) << 0; + w1[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 16 + | uint_to_hex_lower8 ((b >> 16) & 255) << 0; + w1[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 16 + | uint_to_hex_lower8 ((b >> 0) & 255) << 0; + w2[0] = uint_to_hex_lower8 ((c >> 56) & 255) << 16 + | uint_to_hex_lower8 ((c >> 48) & 255) << 0; + w2[1] = uint_to_hex_lower8 ((c >> 40) & 255) << 16 + | uint_to_hex_lower8 ((c >> 32) & 255) << 0; + w2[2] = uint_to_hex_lower8 ((c >> 24) & 255) << 16 + | uint_to_hex_lower8 ((c >> 16) & 255) << 0; + w2[3] = uint_to_hex_lower8 ((c >> 8) & 255) << 16 + | uint_to_hex_lower8 ((c >> 0) & 255) << 0; + w3[0] = uint_to_hex_lower8 ((d >> 56) & 255) << 16 + | uint_to_hex_lower8 ((d >> 48) & 255) << 0; + w3[1] = uint_to_hex_lower8 ((d >> 40) & 255) << 16 + | uint_to_hex_lower8 ((d >> 32) & 255) << 0; + w3[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 16 + | uint_to_hex_lower8 ((d >> 16) & 255) << 0; + w3[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 16 + | uint_to_hex_lower8 ((d >> 0) & 255) << 0; + w4[0] = uint_to_hex_lower8 ((e >> 56) & 255) << 16 + | uint_to_hex_lower8 ((e >> 48) & 255) << 0; + w4[1] = uint_to_hex_lower8 ((e >> 40) & 255) << 16 + | uint_to_hex_lower8 ((e >> 32) & 255) << 0; + w4[2] = uint_to_hex_lower8 ((e >> 24) & 255) << 16 + | uint_to_hex_lower8 ((e >> 16) & 255) << 0; + w4[3] = uint_to_hex_lower8 ((e >> 8) & 255) << 16 + | uint_to_hex_lower8 ((e >> 0) & 255) << 0; + w5[0] = uint_to_hex_lower8 ((f >> 56) & 255) << 16 + | uint_to_hex_lower8 ((f >> 48) & 255) << 0; + w5[1] = uint_to_hex_lower8 ((f >> 40) & 255) << 16 + | uint_to_hex_lower8 ((f >> 32) & 255) << 0; + w5[2] = uint_to_hex_lower8 ((f >> 24) & 255) << 16 + | uint_to_hex_lower8 ((f >> 16) & 255) << 0; + w5[3] = uint_to_hex_lower8 ((f >> 8) & 255) << 16 + | uint_to_hex_lower8 ((f >> 0) & 255) << 0; + w6[0] = uint_to_hex_lower8 ((g >> 56) & 255) << 16 + | uint_to_hex_lower8 ((g >> 48) & 255) << 0; + w6[1] = uint_to_hex_lower8 ((g >> 40) & 255) << 16 + | uint_to_hex_lower8 ((g >> 32) & 255) << 0; + w6[2] = uint_to_hex_lower8 ((g >> 24) & 255) << 16 + | uint_to_hex_lower8 ((g >> 16) & 255) << 0; + w6[3] = uint_to_hex_lower8 ((g >> 8) & 255) << 16 + | uint_to_hex_lower8 ((g >> 0) & 255) << 0; + w7[0] = uint_to_hex_lower8 ((h >> 56) & 255) << 16 + | uint_to_hex_lower8 ((h >> 48) & 255) << 0; + w7[1] = uint_to_hex_lower8 ((h >> 40) & 255) << 16 + | uint_to_hex_lower8 ((h >> 32) & 255) << 0; + w7[2] = uint_to_hex_lower8 ((h >> 24) & 255) << 16 + | uint_to_hex_lower8 ((h >> 16) & 255) << 0; + w7[3] = uint_to_hex_lower8 ((h >> 8) & 255) << 16 + | uint_to_hex_lower8 ((h >> 0) & 255) << 0; + + sha512_update_128 (&ctx, w0, w1, w2, w3, w4, w5, w6, w7, 128); + + sha512_update (&ctx, s, salt_len); + + sha512_final (&ctx); + + const u32 r0 = l32_from_64_S (ctx.h[7]); + const u32 r1 = h32_from_64_S (ctx.h[7]); + const u32 r2 = l32_from_64_S (ctx.h[3]); + const u32 r3 = h32_from_64_S (ctx.h[3]); + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m32410_a3-pure.cl b/OpenCL/m32410_a3-pure.cl new file mode 100644 index 000000000..32b0c17d9 --- /dev/null +++ b/OpenCL/m32410_a3-pure.cl @@ -0,0 +1,389 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha512.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +KERNEL_FQ void m32410_mxx (KERN_ATTR_VECTOR ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + u32x w4[4]; + u32x w5[4]; + u32x w6[4]; + u32x w7[4]; + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32x s[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0_final = w0l | w0r; + + w[0] = w0_final; + + sha512_ctx_vector_t ctx0; + + sha512_init_vector (&ctx0); + + sha512_update_vector (&ctx0, w, pw_len); + + sha512_final_vector (&ctx0); + + const u64x a = ctx0.h[0]; + const u64x b = ctx0.h[1]; + const u64x c = ctx0.h[2]; + const u64x d = ctx0.h[3]; + const u64x e = ctx0.h[4]; + const u64x f = ctx0.h[5]; + const u64x g = ctx0.h[6]; + const u64x h = ctx0.h[7]; + + sha512_ctx_vector_t ctx; + + sha512_init_vector (&ctx); + + w0[0] = uint_to_hex_lower8 ((a >> 56) & 255) << 16 + | uint_to_hex_lower8 ((a >> 48) & 255) << 0; + w0[1] = uint_to_hex_lower8 ((a >> 40) & 255) << 16 + | uint_to_hex_lower8 ((a >> 32) & 255) << 0; + w0[2] = uint_to_hex_lower8 ((a >> 24) & 255) << 16 + | uint_to_hex_lower8 ((a >> 16) & 255) << 0; + w0[3] = uint_to_hex_lower8 ((a >> 8) & 255) << 16 + | uint_to_hex_lower8 ((a >> 0) & 255) << 0; + w1[0] = uint_to_hex_lower8 ((b >> 56) & 255) << 16 + | uint_to_hex_lower8 ((b >> 48) & 255) << 0; + w1[1] = uint_to_hex_lower8 ((b >> 40) & 255) << 16 + | uint_to_hex_lower8 ((b >> 32) & 255) << 0; + w1[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 16 + | uint_to_hex_lower8 ((b >> 16) & 255) << 0; + w1[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 16 + | uint_to_hex_lower8 ((b >> 0) & 255) << 0; + w2[0] = uint_to_hex_lower8 ((c >> 56) & 255) << 16 + | uint_to_hex_lower8 ((c >> 48) & 255) << 0; + w2[1] = uint_to_hex_lower8 ((c >> 40) & 255) << 16 + | uint_to_hex_lower8 ((c >> 32) & 255) << 0; + w2[2] = uint_to_hex_lower8 ((c >> 24) & 255) << 16 + | uint_to_hex_lower8 ((c >> 16) & 255) << 0; + w2[3] = uint_to_hex_lower8 ((c >> 8) & 255) << 16 + | uint_to_hex_lower8 ((c >> 0) & 255) << 0; + w3[0] = uint_to_hex_lower8 ((d >> 56) & 255) << 16 + | uint_to_hex_lower8 ((d >> 48) & 255) << 0; + w3[1] = uint_to_hex_lower8 ((d >> 40) & 255) << 16 + | uint_to_hex_lower8 ((d >> 32) & 255) << 0; + w3[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 16 + | uint_to_hex_lower8 ((d >> 16) & 255) << 0; + w3[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 16 + | uint_to_hex_lower8 ((d >> 0) & 255) << 0; + w4[0] = uint_to_hex_lower8 ((e >> 56) & 255) << 16 + | uint_to_hex_lower8 ((e >> 48) & 255) << 0; + w4[1] = uint_to_hex_lower8 ((e >> 40) & 255) << 16 + | uint_to_hex_lower8 ((e >> 32) & 255) << 0; + w4[2] = uint_to_hex_lower8 ((e >> 24) & 255) << 16 + | uint_to_hex_lower8 ((e >> 16) & 255) << 0; + w4[3] = uint_to_hex_lower8 ((e >> 8) & 255) << 16 + | uint_to_hex_lower8 ((e >> 0) & 255) << 0; + w5[0] = uint_to_hex_lower8 ((f >> 56) & 255) << 16 + | uint_to_hex_lower8 ((f >> 48) & 255) << 0; + w5[1] = uint_to_hex_lower8 ((f >> 40) & 255) << 16 + | uint_to_hex_lower8 ((f >> 32) & 255) << 0; + w5[2] = uint_to_hex_lower8 ((f >> 24) & 255) << 16 + | uint_to_hex_lower8 ((f >> 16) & 255) << 0; + w5[3] = uint_to_hex_lower8 ((f >> 8) & 255) << 16 + | uint_to_hex_lower8 ((f >> 0) & 255) << 0; + w6[0] = uint_to_hex_lower8 ((g >> 56) & 255) << 16 + | uint_to_hex_lower8 ((g >> 48) & 255) << 0; + w6[1] = uint_to_hex_lower8 ((g >> 40) & 255) << 16 + | uint_to_hex_lower8 ((g >> 32) & 255) << 0; + w6[2] = uint_to_hex_lower8 ((g >> 24) & 255) << 16 + | uint_to_hex_lower8 ((g >> 16) & 255) << 0; + w6[3] = uint_to_hex_lower8 ((g >> 8) & 255) << 16 + | uint_to_hex_lower8 ((g >> 0) & 255) << 0; + w7[0] = uint_to_hex_lower8 ((h >> 56) & 255) << 16 + | uint_to_hex_lower8 ((h >> 48) & 255) << 0; + w7[1] = uint_to_hex_lower8 ((h >> 40) & 255) << 16 + | uint_to_hex_lower8 ((h >> 32) & 255) << 0; + w7[2] = uint_to_hex_lower8 ((h >> 24) & 255) << 16 + | uint_to_hex_lower8 ((h >> 16) & 255) << 0; + w7[3] = uint_to_hex_lower8 ((h >> 8) & 255) << 16 + | uint_to_hex_lower8 ((h >> 0) & 255) << 0; + + sha512_update_vector_128 (&ctx, w0, w1, w2, w3, w4, w5, w6, w7, 128); + + sha512_update_vector (&ctx, s, salt_len); + + sha512_final_vector (&ctx); + + const u32x r0 = l32_from_64 (ctx.h[7]); + const u32x r1 = h32_from_64 (ctx.h[7]); + const u32x r2 = l32_from_64 (ctx.h[3]); + const u32x r3 = h32_from_64 (ctx.h[3]); + + COMPARE_M_SIMD (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m32410_sxx (KERN_ATTR_VECTOR ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + u32x w4[4]; + u32x w5[4]; + u32x w6[4]; + u32x w7[4]; + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32x s[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0_final = w0l | w0r; + + w[0] = w0_final; + + sha512_ctx_vector_t ctx0; + + sha512_init_vector (&ctx0); + + sha512_update_vector (&ctx0, w, pw_len); + + sha512_final_vector (&ctx0); + + const u64x a = ctx0.h[0]; + const u64x b = ctx0.h[1]; + const u64x c = ctx0.h[2]; + const u64x d = ctx0.h[3]; + const u64x e = ctx0.h[4]; + const u64x f = ctx0.h[5]; + const u64x g = ctx0.h[6]; + const u64x h = ctx0.h[7]; + + sha512_ctx_vector_t ctx; + + sha512_init_vector (&ctx); + + w0[0] = uint_to_hex_lower8 ((a >> 56) & 255) << 16 + | uint_to_hex_lower8 ((a >> 48) & 255) << 0; + w0[1] = uint_to_hex_lower8 ((a >> 40) & 255) << 16 + | uint_to_hex_lower8 ((a >> 32) & 255) << 0; + w0[2] = uint_to_hex_lower8 ((a >> 24) & 255) << 16 + | uint_to_hex_lower8 ((a >> 16) & 255) << 0; + w0[3] = uint_to_hex_lower8 ((a >> 8) & 255) << 16 + | uint_to_hex_lower8 ((a >> 0) & 255) << 0; + w1[0] = uint_to_hex_lower8 ((b >> 56) & 255) << 16 + | uint_to_hex_lower8 ((b >> 48) & 255) << 0; + w1[1] = uint_to_hex_lower8 ((b >> 40) & 255) << 16 + | uint_to_hex_lower8 ((b >> 32) & 255) << 0; + w1[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 16 + | uint_to_hex_lower8 ((b >> 16) & 255) << 0; + w1[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 16 + | uint_to_hex_lower8 ((b >> 0) & 255) << 0; + w2[0] = uint_to_hex_lower8 ((c >> 56) & 255) << 16 + | uint_to_hex_lower8 ((c >> 48) & 255) << 0; + w2[1] = uint_to_hex_lower8 ((c >> 40) & 255) << 16 + | uint_to_hex_lower8 ((c >> 32) & 255) << 0; + w2[2] = uint_to_hex_lower8 ((c >> 24) & 255) << 16 + | uint_to_hex_lower8 ((c >> 16) & 255) << 0; + w2[3] = uint_to_hex_lower8 ((c >> 8) & 255) << 16 + | uint_to_hex_lower8 ((c >> 0) & 255) << 0; + w3[0] = uint_to_hex_lower8 ((d >> 56) & 255) << 16 + | uint_to_hex_lower8 ((d >> 48) & 255) << 0; + w3[1] = uint_to_hex_lower8 ((d >> 40) & 255) << 16 + | uint_to_hex_lower8 ((d >> 32) & 255) << 0; + w3[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 16 + | uint_to_hex_lower8 ((d >> 16) & 255) << 0; + w3[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 16 + | uint_to_hex_lower8 ((d >> 0) & 255) << 0; + w4[0] = uint_to_hex_lower8 ((e >> 56) & 255) << 16 + | uint_to_hex_lower8 ((e >> 48) & 255) << 0; + w4[1] = uint_to_hex_lower8 ((e >> 40) & 255) << 16 + | uint_to_hex_lower8 ((e >> 32) & 255) << 0; + w4[2] = uint_to_hex_lower8 ((e >> 24) & 255) << 16 + | uint_to_hex_lower8 ((e >> 16) & 255) << 0; + w4[3] = uint_to_hex_lower8 ((e >> 8) & 255) << 16 + | uint_to_hex_lower8 ((e >> 0) & 255) << 0; + w5[0] = uint_to_hex_lower8 ((f >> 56) & 255) << 16 + | uint_to_hex_lower8 ((f >> 48) & 255) << 0; + w5[1] = uint_to_hex_lower8 ((f >> 40) & 255) << 16 + | uint_to_hex_lower8 ((f >> 32) & 255) << 0; + w5[2] = uint_to_hex_lower8 ((f >> 24) & 255) << 16 + | uint_to_hex_lower8 ((f >> 16) & 255) << 0; + w5[3] = uint_to_hex_lower8 ((f >> 8) & 255) << 16 + | uint_to_hex_lower8 ((f >> 0) & 255) << 0; + w6[0] = uint_to_hex_lower8 ((g >> 56) & 255) << 16 + | uint_to_hex_lower8 ((g >> 48) & 255) << 0; + w6[1] = uint_to_hex_lower8 ((g >> 40) & 255) << 16 + | uint_to_hex_lower8 ((g >> 32) & 255) << 0; + w6[2] = uint_to_hex_lower8 ((g >> 24) & 255) << 16 + | uint_to_hex_lower8 ((g >> 16) & 255) << 0; + w6[3] = uint_to_hex_lower8 ((g >> 8) & 255) << 16 + | uint_to_hex_lower8 ((g >> 0) & 255) << 0; + w7[0] = uint_to_hex_lower8 ((h >> 56) & 255) << 16 + | uint_to_hex_lower8 ((h >> 48) & 255) << 0; + w7[1] = uint_to_hex_lower8 ((h >> 40) & 255) << 16 + | uint_to_hex_lower8 ((h >> 32) & 255) << 0; + w7[2] = uint_to_hex_lower8 ((h >> 24) & 255) << 16 + | uint_to_hex_lower8 ((h >> 16) & 255) << 0; + w7[3] = uint_to_hex_lower8 ((h >> 8) & 255) << 16 + | uint_to_hex_lower8 ((h >> 0) & 255) << 0; + + sha512_update_vector_128 (&ctx, w0, w1, w2, w3, w4, w5, w6, w7, 128); + + sha512_update_vector (&ctx, s, salt_len); + + sha512_final_vector (&ctx); + + const u32x r0 = l32_from_64 (ctx.h[7]); + const u32x r1 = h32_from_64 (ctx.h[7]); + const u32x r2 = l32_from_64 (ctx.h[3]); + const u32x r3 = h32_from_64 (ctx.h[3]); + + COMPARE_S_SIMD (r0, r1, r2, r3); + } +} diff --git a/docs/changes.txt b/docs/changes.txt index a0a58a8d1..17b8d4d1f 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -43,6 +43,7 @@ - Added hash-mode: md5(md5($salt).md5(md5($pass))) - Added hash-mode: md5(md5(md5($pass).$salt1).$salt2) - Added hash-mode: md5(md5(md5($pass)).$salt) +- Added hash-mode: sha512(sha512($pass).$salt) ## ## Features diff --git a/docs/readme.txt b/docs/readme.txt index 00f649867..10fb5302d 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -130,6 +130,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - sha512($pass.$salt) - sha512($salt.$pass) - sha512($salt.utf16le($pass)) +- sha512(sha512($pass).$salt) - sha512(utf16le($pass).$salt) - HMAC-MD5 (key = $pass) - HMAC-MD5 (key = $salt) diff --git a/src/modules/module_32410.c b/src/modules/module_32410.c new file mode 100644 index 000000000..9554e980b --- /dev/null +++ b/src/modules/module_32410.c @@ -0,0 +1,271 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 14; +static const u32 DGST_POS1 = 15; +static const u32 DGST_POS2 = 6; +static const u32 DGST_POS3 = 7; +static const u32 DGST_SIZE = DGST_SIZE_8_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_RAW_HASH_SALTED; +static const char *HASH_NAME = "sha512(sha512($pass).$salt)"; +static const u64 KERN_TYPE = 32410; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_PRECOMPUTE_INIT + | OPTI_TYPE_EARLY_SKIP + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_APPENDED_SALT + | OPTI_TYPE_USES_BITS_64 + | OPTI_TYPE_RAW_HASH; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_BE + | OPTS_TYPE_ST_ADD80 + | OPTS_TYPE_ST_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_GENERIC; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "25d509824028a999f4ee851b5de404bb316b78ae8e974874376484018f58520e082747a7ce9f769bcaccb5f63878356c780f602e23393f12b650a6931e4b9338:21881837027919828109608"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +char *module_jit_build_options (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const hc_device_param_t *device_param) +{ + char *jit_build_options = NULL; + + // Extra treatment for Apple systems + if (device_param->opencl_platform_vendor_id == VENDOR_ID_APPLE) + { + // Metal + if (device_param->is_metal == true) + { + hc_asprintf (&jit_build_options, "-D _unroll"); + } + + return jit_build_options; + } + + // HIP + if (device_param->opencl_device_vendor_id == VENDOR_ID_AMD_USE_HIP) + { + hc_asprintf (&jit_build_options, "-D _unroll"); + } + + // ROCM + if ((device_param->opencl_device_vendor_id == VENDOR_ID_AMD) && (device_param->has_vperm == true)) + { + hc_asprintf (&jit_build_options, "-D _unroll"); + } + + return jit_build_options; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u64 *digest = (u64 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 2; + + token.sep[0] = hashconfig->separator; + token.len[0] = 128; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[1] = SALT_MIN; + token.len_max[1] = SALT_MAX; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; + + if (hashconfig->opts_type & OPTS_TYPE_ST_HEX) + { + token.len_min[1] *= 2; + token.len_max[1] *= 2; + + token.attr[1] |= TOKEN_ATTR_VERIFY_HEX; + } + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *hash_pos = token.buf[0]; + + digest[0] = hex_to_u64 (hash_pos + 0); + digest[1] = hex_to_u64 (hash_pos + 16); + digest[2] = hex_to_u64 (hash_pos + 32); + digest[3] = hex_to_u64 (hash_pos + 48); + digest[4] = hex_to_u64 (hash_pos + 64); + digest[5] = hex_to_u64 (hash_pos + 80); + digest[6] = hex_to_u64 (hash_pos + 96); + digest[7] = hex_to_u64 (hash_pos + 112); + + digest[0] = byte_swap_64 (digest[0]); + digest[1] = byte_swap_64 (digest[1]); + digest[2] = byte_swap_64 (digest[2]); + digest[3] = byte_swap_64 (digest[3]); + digest[4] = byte_swap_64 (digest[4]); + digest[5] = byte_swap_64 (digest[5]); + digest[6] = byte_swap_64 (digest[6]); + digest[7] = byte_swap_64 (digest[7]); + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len); + + if (parse_rc == false) return (PARSER_SALT_LENGTH); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u64 *digest = (const u64 *) digest_buf; + + // we can not change anything in the original buffer, otherwise destroying sorting + // therefore create some local buffer + + u64 tmp[8]; + + tmp[0] = digest[0]; + tmp[1] = digest[1]; + tmp[2] = digest[2]; + tmp[3] = digest[3]; + tmp[4] = digest[4]; + tmp[5] = digest[5]; + tmp[6] = digest[6]; + tmp[7] = digest[7]; + + tmp[0] = byte_swap_64 (tmp[0]); + tmp[1] = byte_swap_64 (tmp[1]); + tmp[2] = byte_swap_64 (tmp[2]); + tmp[3] = byte_swap_64 (tmp[3]); + tmp[4] = byte_swap_64 (tmp[4]); + tmp[5] = byte_swap_64 (tmp[5]); + tmp[6] = byte_swap_64 (tmp[6]); + tmp[7] = byte_swap_64 (tmp[7]); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = 0; + + u64_to_hex (tmp[0], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[1], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[2], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[3], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[4], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[5], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[6], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[7], out_buf + out_len); out_len += 16; + + out_buf[out_len] = hashconfig->separator; + + out_len += 1; + + out_len += generic_salt_encode (hashconfig, (const u8 *) salt->salt_buf, (const int) salt->salt_len, out_buf + out_len); + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = module_jit_build_options; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m32410.pm b/tools/test_modules/m32410.pm new file mode 100644 index 000000000..658251704 --- /dev/null +++ b/tools/test_modules/m32410.pm @@ -0,0 +1,44 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA qw (sha512_hex); + +sub module_constraints { [[0, 256], [0, 256], [0, 55], [0, 55], [0, 55]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + my $digest = sha512_hex (sha512_hex ($word) . $salt); + + my $hash = sprintf ("%s:%s", $digest, $salt); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my ($hash, $salt, $word) = split (':', $line); + + return unless defined $hash; + return unless defined $salt; + return unless defined $word; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; From 19a36e73a256d04eecea39798a54158c810beedd Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Thu, 15 Jun 2023 19:01:52 +0200 Subject: [PATCH 30/32] Added hash-mode: md5($salt1.sha1($salt2.$pass)) --- OpenCL/m21310_a0-pure.cl | 282 +++++++++++++++++++++++++++++++ OpenCL/m21310_a1-pure.cl | 275 ++++++++++++++++++++++++++++++ OpenCL/m21310_a3-pure.cl | 312 +++++++++++++++++++++++++++++++++++ docs/changes.txt | 1 + docs/readme.txt | 1 + src/modules/module_21310.c | 296 +++++++++++++++++++++++++++++++++ tools/test_modules/m21310.pm | 47 ++++++ 7 files changed, 1214 insertions(+) create mode 100644 OpenCL/m21310_a0-pure.cl create mode 100644 OpenCL/m21310_a1-pure.cl create mode 100644 OpenCL/m21310_a3-pure.cl create mode 100644 src/modules/module_21310.c create mode 100644 tools/test_modules/m21310.pm diff --git a/OpenCL/m21310_a0-pure.cl b/OpenCL/m21310_a0-pure.cl new file mode 100644 index 000000000..dba86ea7d --- /dev/null +++ b/OpenCL/m21310_a0-pure.cl @@ -0,0 +1,282 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_rp.h) +#include M2S(INCLUDE_PATH/inc_rp.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha1.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_double_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + +} md5_double_salt_t; + +KERNEL_FQ void m21310_mxx (KERN_ATTR_RULES_ESALT (md5_double_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + sha1_ctx_t ctx00; + + sha1_init(&ctx00); + + sha1_update_global (&ctx00, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len); + + md5_ctx_t ctx11; + + md5_init (&ctx11); + + md5_update_global (&ctx11, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len); + + /** + * loop + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + sha1_ctx_t ctx0 = ctx00; + + sha1_update_swap (&ctx0, tmp.i, tmp.pw_len); + + sha1_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + + md5_ctx_t ctx = ctx11; + + w0[0] = uint_to_hex_lower8 ((a >> 24) & 255) << 0 + | uint_to_hex_lower8 ((a >> 16) & 255) << 16; + w0[1] = uint_to_hex_lower8 ((a >> 8) & 255) << 0 + | uint_to_hex_lower8 ((a >> 0) & 255) << 16; + w0[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 0 + | uint_to_hex_lower8 ((b >> 16) & 255) << 16; + w0[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 0 + | uint_to_hex_lower8 ((b >> 0) & 255) << 16; + w1[0] = uint_to_hex_lower8 ((c >> 24) & 255) << 0 + | uint_to_hex_lower8 ((c >> 16) & 255) << 16; + w1[1] = uint_to_hex_lower8 ((c >> 8) & 255) << 0 + | uint_to_hex_lower8 ((c >> 0) & 255) << 16; + w1[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 0 + | uint_to_hex_lower8 ((d >> 16) & 255) << 16; + w1[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 0 + | uint_to_hex_lower8 ((d >> 0) & 255) << 16; + w2[0] = uint_to_hex_lower8 ((e >> 24) & 255) << 0 + | uint_to_hex_lower8 ((e >> 16) & 255) << 16; + w2[1] = uint_to_hex_lower8 ((e >> 8) & 255) << 0 + | uint_to_hex_lower8 ((e >> 0) & 255) << 16; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + md5_update_64 (&ctx, w0, w1, w2, w3, 40); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m21310_sxx (KERN_ATTR_RULES_ESALT (md5_double_salt_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + COPY_PW (pws[gid]); + + sha1_ctx_t ctx00; + + sha1_init(&ctx00); + + sha1_update_global (&ctx00, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len); + + md5_ctx_t ctx11; + + md5_init (&ctx11); + + md5_update_global (&ctx11, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len); + + /** + * loop + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha1_ctx_t ctx0 = ctx00; + + sha1_update_swap (&ctx0, tmp.i, tmp.pw_len); + + sha1_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + + md5_ctx_t ctx = ctx11; + + w0[0] = uint_to_hex_lower8 ((a >> 24) & 255) << 0 + | uint_to_hex_lower8 ((a >> 16) & 255) << 16; + w0[1] = uint_to_hex_lower8 ((a >> 8) & 255) << 0 + | uint_to_hex_lower8 ((a >> 0) & 255) << 16; + w0[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 0 + | uint_to_hex_lower8 ((b >> 16) & 255) << 16; + w0[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 0 + | uint_to_hex_lower8 ((b >> 0) & 255) << 16; + w1[0] = uint_to_hex_lower8 ((c >> 24) & 255) << 0 + | uint_to_hex_lower8 ((c >> 16) & 255) << 16; + w1[1] = uint_to_hex_lower8 ((c >> 8) & 255) << 0 + | uint_to_hex_lower8 ((c >> 0) & 255) << 16; + w1[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 0 + | uint_to_hex_lower8 ((d >> 16) & 255) << 16; + w1[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 0 + | uint_to_hex_lower8 ((d >> 0) & 255) << 16; + w2[0] = uint_to_hex_lower8 ((e >> 24) & 255) << 0 + | uint_to_hex_lower8 ((e >> 16) & 255) << 16; + w2[1] = uint_to_hex_lower8 ((e >> 8) & 255) << 0 + | uint_to_hex_lower8 ((e >> 0) & 255) << 16; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + md5_update_64 (&ctx, w0, w1, w2, w3, 40); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m21310_a1-pure.cl b/OpenCL/m21310_a1-pure.cl new file mode 100644 index 000000000..be8285e50 --- /dev/null +++ b/OpenCL/m21310_a1-pure.cl @@ -0,0 +1,275 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha1.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_double_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + +} md5_double_salt_t; + +KERNEL_FQ void m21310_mxx (KERN_ATTR_ESALT (md5_double_salt)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + sha1_ctx_t ctx00; + + sha1_init (&ctx00); + + sha1_update_global (&ctx00, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len); + + sha1_update_global_swap (&ctx00, pws[gid].i, pws[gid].pw_len); + + md5_ctx_t ctx11; + + md5_init (&ctx11); + + md5_update_global (&ctx11, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len); + + /** + * loop + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + sha1_ctx_t ctx0 = ctx00; + + sha1_update_global_swap (&ctx0, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + + md5_ctx_t ctx = ctx11; + + w0[0] = uint_to_hex_lower8 ((a >> 24) & 255) << 0 + | uint_to_hex_lower8 ((a >> 16) & 255) << 16; + w0[1] = uint_to_hex_lower8 ((a >> 8) & 255) << 0 + | uint_to_hex_lower8 ((a >> 0) & 255) << 16; + w0[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 0 + | uint_to_hex_lower8 ((b >> 16) & 255) << 16; + w0[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 0 + | uint_to_hex_lower8 ((b >> 0) & 255) << 16; + w1[0] = uint_to_hex_lower8 ((c >> 24) & 255) << 0 + | uint_to_hex_lower8 ((c >> 16) & 255) << 16; + w1[1] = uint_to_hex_lower8 ((c >> 8) & 255) << 0 + | uint_to_hex_lower8 ((c >> 0) & 255) << 16; + w1[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 0 + | uint_to_hex_lower8 ((d >> 16) & 255) << 16; + w1[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 0 + | uint_to_hex_lower8 ((d >> 0) & 255) << 16; + w2[0] = uint_to_hex_lower8 ((e >> 24) & 255) << 0 + | uint_to_hex_lower8 ((e >> 16) & 255) << 16; + w2[1] = uint_to_hex_lower8 ((e >> 8) & 255) << 0 + | uint_to_hex_lower8 ((e >> 0) & 255) << 16; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + md5_update_64 (&ctx, w0, w1, w2, w3, 40); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m21310_sxx (KERN_ATTR_ESALT (md5_double_salt)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + sha1_ctx_t ctx00; + + sha1_init (&ctx00); + + sha1_update_global (&ctx00, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len); + + sha1_update_global_swap (&ctx00, pws[gid].i, pws[gid].pw_len); + + md5_ctx_t ctx11; + + md5_init (&ctx11); + + md5_update_global (&ctx11, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len); + + /** + * loop + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + sha1_ctx_t ctx0 = ctx00; + + sha1_update_global_swap (&ctx0, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + + md5_ctx_t ctx = ctx11; + + w0[0] = uint_to_hex_lower8 ((a >> 24) & 255) << 0 + | uint_to_hex_lower8 ((a >> 16) & 255) << 16; + w0[1] = uint_to_hex_lower8 ((a >> 8) & 255) << 0 + | uint_to_hex_lower8 ((a >> 0) & 255) << 16; + w0[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 0 + | uint_to_hex_lower8 ((b >> 16) & 255) << 16; + w0[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 0 + | uint_to_hex_lower8 ((b >> 0) & 255) << 16; + w1[0] = uint_to_hex_lower8 ((c >> 24) & 255) << 0 + | uint_to_hex_lower8 ((c >> 16) & 255) << 16; + w1[1] = uint_to_hex_lower8 ((c >> 8) & 255) << 0 + | uint_to_hex_lower8 ((c >> 0) & 255) << 16; + w1[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 0 + | uint_to_hex_lower8 ((d >> 16) & 255) << 16; + w1[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 0 + | uint_to_hex_lower8 ((d >> 0) & 255) << 16; + w2[0] = uint_to_hex_lower8 ((e >> 24) & 255) << 0 + | uint_to_hex_lower8 ((e >> 16) & 255) << 16; + w2[1] = uint_to_hex_lower8 ((e >> 8) & 255) << 0 + | uint_to_hex_lower8 ((e >> 0) & 255) << 16; + + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + md5_update_64 (&ctx, w0, w1, w2, w3, 40); + + md5_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m21310_a3-pure.cl b/OpenCL/m21310_a3-pure.cl new file mode 100644 index 000000000..546e7defb --- /dev/null +++ b/OpenCL/m21310_a3-pure.cl @@ -0,0 +1,312 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_md5.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha1.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +typedef struct md5_double_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + +} md5_double_salt_t; + +KERNEL_FQ void m21310_mxx (KERN_ATTR_VECTOR_ESALT (md5_double_salt)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + sha1_ctx_t ctx00; + + sha1_init (&ctx00); + + sha1_update_global (&ctx00, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len); + + md5_ctx_t ctx11; + + md5_init (&ctx11); + + md5_update_global (&ctx11, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len); + + /** + * loop + */ + + u32x _w0[4]; + u32x _w1[4]; + u32x _w2[4]; + u32x _w3[4]; + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx0; + + sha1_init_vector_from_scalar (&ctx0, &ctx00); + + sha1_update_vector_swap (&ctx0, w, pw_len); + + sha1_final_vector (&ctx0); + + const u32x a = ctx0.h[0]; + const u32x b = ctx0.h[1]; + const u32x c = ctx0.h[2]; + const u32x d = ctx0.h[3]; + const u32x e = ctx0.h[4]; + + md5_ctx_vector_t ctx; + + md5_init_vector_from_scalar (&ctx, &ctx11); + + _w0[0] = uint_to_hex_lower8 ((a >> 24) & 255) << 0 + | uint_to_hex_lower8 ((a >> 16) & 255) << 16; + _w0[1] = uint_to_hex_lower8 ((a >> 8) & 255) << 0 + | uint_to_hex_lower8 ((a >> 0) & 255) << 16; + _w0[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 0 + | uint_to_hex_lower8 ((b >> 16) & 255) << 16; + _w0[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 0 + | uint_to_hex_lower8 ((b >> 0) & 255) << 16; + _w1[0] = uint_to_hex_lower8 ((c >> 24) & 255) << 0 + | uint_to_hex_lower8 ((c >> 16) & 255) << 16; + _w1[1] = uint_to_hex_lower8 ((c >> 8) & 255) << 0 + | uint_to_hex_lower8 ((c >> 0) & 255) << 16; + _w1[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 0 + | uint_to_hex_lower8 ((d >> 16) & 255) << 16; + _w1[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 0 + | uint_to_hex_lower8 ((d >> 0) & 255) << 16; + _w2[0] = uint_to_hex_lower8 ((e >> 24) & 255) << 0 + | uint_to_hex_lower8 ((e >> 16) & 255) << 16; + _w2[1] = uint_to_hex_lower8 ((e >> 8) & 255) << 0 + | uint_to_hex_lower8 ((e >> 0) & 255) << 16; + _w2[2] = 0; + _w2[3] = 0; + _w3[0] = 0; + _w3[1] = 0; + _w3[2] = 0; + _w3[3] = 0; + + md5_update_vector_64 (&ctx, _w0, _w1, _w2, _w3, 40); + + md5_final_vector (&ctx); + + const u32x r0 = ctx.h[DGST_R0]; + const u32x r1 = ctx.h[DGST_R1]; + const u32x r2 = ctx.h[DGST_R2]; + const u32x r3 = ctx.h[DGST_R3]; + + COMPARE_M_SIMD (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m21310_sxx (KERN_ATTR_VECTOR_ESALT (md5_double_salt)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'a' - 10 + i0) << 8 + | ((i1 < 10) ? '0' + i1 : 'a' - 10 + i1) << 0; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + sha1_ctx_t ctx00; + + sha1_init (&ctx00); + + sha1_update_global (&ctx00, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt2_len); + + md5_ctx_t ctx11; + + md5_init (&ctx11); + + md5_update_global (&ctx11, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_buf, esalt_bufs[DIGESTS_OFFSET_HOST].salt1_len); + + /** + * loop + */ + + u32x _w0[4]; + u32x _w1[4]; + u32x _w2[4]; + u32x _w3[4]; + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx0; + + sha1_init_vector_from_scalar (&ctx0, &ctx00); + + sha1_update_vector_swap (&ctx0, w, pw_len); + + sha1_final_vector (&ctx0); + + const u32x a = ctx0.h[0]; + const u32x b = ctx0.h[1]; + const u32x c = ctx0.h[2]; + const u32x d = ctx0.h[3]; + const u32x e = ctx0.h[4]; + + md5_ctx_vector_t ctx; + + md5_init_vector_from_scalar (&ctx, &ctx11); + + _w0[0] = uint_to_hex_lower8 ((a >> 24) & 255) << 0 + | uint_to_hex_lower8 ((a >> 16) & 255) << 16; + _w0[1] = uint_to_hex_lower8 ((a >> 8) & 255) << 0 + | uint_to_hex_lower8 ((a >> 0) & 255) << 16; + _w0[2] = uint_to_hex_lower8 ((b >> 24) & 255) << 0 + | uint_to_hex_lower8 ((b >> 16) & 255) << 16; + _w0[3] = uint_to_hex_lower8 ((b >> 8) & 255) << 0 + | uint_to_hex_lower8 ((b >> 0) & 255) << 16; + _w1[0] = uint_to_hex_lower8 ((c >> 24) & 255) << 0 + | uint_to_hex_lower8 ((c >> 16) & 255) << 16; + _w1[1] = uint_to_hex_lower8 ((c >> 8) & 255) << 0 + | uint_to_hex_lower8 ((c >> 0) & 255) << 16; + _w1[2] = uint_to_hex_lower8 ((d >> 24) & 255) << 0 + | uint_to_hex_lower8 ((d >> 16) & 255) << 16; + _w1[3] = uint_to_hex_lower8 ((d >> 8) & 255) << 0 + | uint_to_hex_lower8 ((d >> 0) & 255) << 16; + _w2[0] = uint_to_hex_lower8 ((e >> 24) & 255) << 0 + | uint_to_hex_lower8 ((e >> 16) & 255) << 16; + _w2[1] = uint_to_hex_lower8 ((e >> 8) & 255) << 0 + | uint_to_hex_lower8 ((e >> 0) & 255) << 16; + _w2[2] = 0; + _w2[3] = 0; + _w3[0] = 0; + _w3[1] = 0; + _w3[2] = 0; + _w3[3] = 0; + + md5_update_vector_64 (&ctx, _w0, _w1, _w2, _w3, 40); + + md5_final_vector (&ctx); + + const u32x r0 = ctx.h[DGST_R0]; + const u32x r1 = ctx.h[DGST_R1]; + const u32x r2 = ctx.h[DGST_R2]; + const u32x r3 = ctx.h[DGST_R3]; + + COMPARE_S_SIMD (r0, r1, r2, r3); + } +} diff --git a/docs/changes.txt b/docs/changes.txt index a0a58a8d1..c67fe919e 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -40,6 +40,7 @@ - Added hash-mode: bcrypt(sha256($pass)) - Added hash-mode: HMAC-RIPEMD160 (key = $pass) - Added hash-mode: HMAC-RIPEMD160 (key = $salt) +- Added hash-mode: md5($salt1.sha1($salt2.$pass)) - Added hash-mode: md5(md5($salt).md5(md5($pass))) - Added hash-mode: md5(md5(md5($pass).$salt1).$salt2) - Added hash-mode: md5(md5(md5($pass)).$salt) diff --git a/docs/readme.txt b/docs/readme.txt index 00f649867..0b528afa4 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -85,6 +85,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - md5($salt.md5($salt.$pass)) - md5($salt.sha1($salt.$pass)) - md5($salt.utf16le($pass)) +- md5($salt1.sha1($salt2.$pass)) - md5($salt1.strtoupper(md5($salt2.$pass))) - md5(md5($pass)) - md5(md5($pass).md5($salt)) diff --git a/src/modules/module_21310.c b/src/modules/module_21310.c new file mode 100644 index 000000000..106424fb0 --- /dev/null +++ b/src/modules/module_21310.c @@ -0,0 +1,296 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" +#include "emu_inc_hash_md5.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 3; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 1; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_RAW_HASH_SALTED; +static const char *HASH_NAME = "md5($salt1.sha1($salt2.$pass))"; +static const u64 KERN_TYPE = 21310; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_PRECOMPUTE_INIT + | OPTI_TYPE_EARLY_SKIP + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_RAW_HASH; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS14; +static const u32 SALT_TYPE = SALT_TYPE_GENERIC; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "dc91b5a658ef4b7d859e90742f340e24:708237:d270e9eea5802e346bcaa9b229f37766"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct md5_double_salt +{ + u32 salt1_buf[64]; + int salt1_len; + + u32 salt2_buf[64]; + int salt2_len; + +} md5_double_salt_t; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (md5_double_salt_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + md5_double_salt_t *md5_double_salt = (md5_double_salt_t *) esalt_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 3; + + token.sep[0] = hashconfig->separator; + token.len[0] = 32; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.sep[1] = hashconfig->separator; + token.len_min[1] = SALT_MIN; + token.len_max[1] = SALT_MAX; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; + + token.sep[2] = hashconfig->separator; + token.len_min[2] = SALT_MIN; + token.len_max[2] = SALT_MAX; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH; + + if (hashconfig->opts_type & OPTS_TYPE_ST_HEX) + { + token.len_min[1] *= 2; + token.len_max[1] *= 2; + + token.attr[1] |= TOKEN_ATTR_VERIFY_HEX; + + token.len_min[2] *= 2; + token.len_max[2] *= 2; + + token.attr[2] |= TOKEN_ATTR_VERIFY_HEX; + } + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *hash_pos = token.buf[0]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + + if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL) + { + digest[0] -= MD5M_A; + digest[1] -= MD5M_B; + digest[2] -= MD5M_C; + digest[3] -= MD5M_D; + } + + memset (md5_double_salt->salt1_buf, 0, sizeof (md5_double_salt->salt1_buf)); + + const bool parse_rc1 = generic_salt_decode (hashconfig, token.buf[1], token.len[1], (u8 *) md5_double_salt->salt1_buf, (int *) &md5_double_salt->salt1_len); + + if (parse_rc1 == false) return (PARSER_SALT_LENGTH); + + memset (md5_double_salt->salt2_buf, 0, sizeof (md5_double_salt->salt2_buf)); + + const bool parse_rc2 = generic_salt_decode (hashconfig, token.buf[2], token.len[2], (u8 *) md5_double_salt->salt2_buf, (int *) &md5_double_salt->salt2_len); + + if (parse_rc2 == false) return (PARSER_SALT_LENGTH); + + for (int i = 0; i < 64; i++) + { + md5_double_salt->salt2_buf[i] = byte_swap_32 (md5_double_salt->salt2_buf[i]); + } + + // make salt sorter happy + + md5_ctx_t md5_ctx; + + md5_init (&md5_ctx); + md5_update (&md5_ctx, md5_double_salt->salt1_buf, md5_double_salt->salt1_len); + md5_update (&md5_ctx, md5_double_salt->salt2_buf, md5_double_salt->salt2_len); + md5_final (&md5_ctx); + + salt->salt_buf[0] = md5_ctx.h[0]; + salt->salt_buf[1] = md5_ctx.h[1]; + salt->salt_buf[2] = md5_ctx.h[2]; + salt->salt_buf[3] = md5_ctx.h[3]; + + salt->salt_len = 16; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + md5_double_salt_t *md5_double_salt = (md5_double_salt_t *) esalt_buf; + + // we can not change anything in the original buffer, otherwise destroying sorting + // therefore create some local buffer + + u32 tmp[4]; + + tmp[0] = digest[0]; + tmp[1] = digest[1]; + tmp[2] = digest[2]; + tmp[3] = digest[3]; + + if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL) + { + tmp[0] += MD5M_A; + tmp[1] += MD5M_B; + tmp[2] += MD5M_C; + tmp[3] += MD5M_D; + } + + u8 *out_buf = (u8 *) line_buf; + + int out_len = 0; + + u32_to_hex (tmp[0], out_buf + out_len); out_len += 8; + u32_to_hex (tmp[1], out_buf + out_len); out_len += 8; + u32_to_hex (tmp[2], out_buf + out_len); out_len += 8; + u32_to_hex (tmp[3], out_buf + out_len); out_len += 8; + + out_buf[out_len] = hashconfig->separator; + + out_len += 1; + + out_len += generic_salt_encode (hashconfig, (const u8 *) md5_double_salt->salt1_buf, (const int) md5_double_salt->salt1_len, out_buf + out_len); + + out_buf[out_len] = hashconfig->separator; + + out_len += 1; + + u32 salt2_buf[64]; + + for (int i = 0; i < 64; i++) + { + salt2_buf[i] = byte_swap_32 (md5_double_salt->salt2_buf[i]); + } + + out_len += generic_salt_encode (hashconfig, (const u8 *) salt2_buf, (const int) md5_double_salt->salt2_len, out_buf + out_len); + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m21310.pm b/tools/test_modules/m21310.pm new file mode 100644 index 000000000..9a20f8ae3 --- /dev/null +++ b/tools/test_modules/m21310.pm @@ -0,0 +1,47 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::MD5 qw (md5_hex); +use Digest::SHA qw (sha1_hex); + +sub module_constraints { [[0, 256], [0, 256], [0, 55], [0, 55], [0, 55]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt1 = shift; + my $salt2 = shift // random_hex_string(32); + + my $digest = md5_hex ($salt1 . sha1_hex ($salt2 . $word)); + + my $hash = sprintf ("%s:%s:%s", $digest, $salt1, $salt2); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my ($hash, $salt1, $salt2, $word) = split (':', $line); + + return unless defined $hash; + return unless defined $salt1; + return unless defined $salt2; + return unless defined $word; + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt1, $salt2); + + return ($new_hash, $word); +} + +1; From 79869badf18601ba7971c136dabc718c24f6b4dd Mon Sep 17 00:00:00 2001 From: philsmd Date: Sat, 17 Jun 2023 10:08:55 +0200 Subject: [PATCH 31/32] fix trailing spaces --- OpenCL/m03610_a0-optimized.cl | 8 ++++---- OpenCL/m03610_a1-optimized.cl | 2 +- OpenCL/m03610_a3-optimized.cl | 2 +- OpenCL/m31400_a0-optimized.cl | 4 ++-- OpenCL/m31400_a1-optimized.cl | 4 ++-- src/modules/module_32100.c | 12 ++++++------ src/modules/module_32200.c | 12 ++++++------ 7 files changed, 22 insertions(+), 22 deletions(-) diff --git a/OpenCL/m03610_a0-optimized.cl b/OpenCL/m03610_a0-optimized.cl index a2957f1e5..7829bf6fd 100644 --- a/OpenCL/m03610_a0-optimized.cl +++ b/OpenCL/m03610_a0-optimized.cl @@ -217,7 +217,7 @@ KERNEL_FQ void m03610_m04 (KERN_ATTR_RULES ()) | uint_to_hex_lower8 ((d >> 8) & 255) << 16; w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 | uint_to_hex_lower8 ((d >> 24) & 255) << 16; - + w2[0] = 0x80; w2[1] = 0; w2[2] = 0; @@ -226,7 +226,7 @@ KERNEL_FQ void m03610_m04 (KERN_ATTR_RULES ()) w3[1] = 0; w3[2] = 32 * 8; w3[3] = 0; - + a = MD5M_A; b = MD5M_B; c = MD5M_C; @@ -617,7 +617,7 @@ KERNEL_FQ void m03610_s04 (KERN_ATTR_RULES ()) | uint_to_hex_lower8 ((d >> 8) & 255) << 16; w1[3] = uint_to_hex_lower8 ((d >> 16) & 255) << 0 | uint_to_hex_lower8 ((d >> 24) & 255) << 16; - + w2[0] = 0x80; w2[1] = 0; w2[2] = 0; @@ -631,7 +631,7 @@ KERNEL_FQ void m03610_s04 (KERN_ATTR_RULES ()) b = MD5M_B; c = MD5M_C; d = MD5M_D; - + MD5_STEP (MD5_Fo, a, b, c, d, w0[0], MD5C00, MD5S00); MD5_STEP (MD5_Fo, d, a, b, c, w0[1], MD5C01, MD5S01); MD5_STEP (MD5_Fo, c, d, a, b, w0[2], MD5C02, MD5S02); diff --git a/OpenCL/m03610_a1-optimized.cl b/OpenCL/m03610_a1-optimized.cl index 324d3dd61..b8ed49a7a 100644 --- a/OpenCL/m03610_a1-optimized.cl +++ b/OpenCL/m03610_a1-optimized.cl @@ -282,7 +282,7 @@ KERNEL_FQ void m03610_m04 (KERN_ATTR_BASIC ()) w3[1] = 0; w3[2] = 32 * 8; w3[3] = 0; - + a = MD5M_A; b = MD5M_B; c = MD5M_C; diff --git a/OpenCL/m03610_a3-optimized.cl b/OpenCL/m03610_a3-optimized.cl index 91cb5d6a3..55a6d7bf5 100644 --- a/OpenCL/m03610_a3-optimized.cl +++ b/OpenCL/m03610_a3-optimized.cl @@ -202,7 +202,7 @@ DECLSPEC void m03610m (PRIVATE_AS u32 *w0, PRIVATE_AS u32 *w1, PRIVATE_AS u32 *w w3_t[1] = 0; w3_t[2] = 32 * 8; w3_t[3] = 0; - + a = MD5M_A; b = MD5M_B; c = MD5M_C; diff --git a/OpenCL/m31400_a0-optimized.cl b/OpenCL/m31400_a0-optimized.cl index 67af97d2d..3ebf076da 100644 --- a/OpenCL/m31400_a0-optimized.cl +++ b/OpenCL/m31400_a0-optimized.cl @@ -496,7 +496,7 @@ KERNEL_FQ void m31400_m04 (KERN_ATTR_RULES_ESALT (scrtv2_t)) we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); - u32x digest[8]; + u32x digest[8]; digest[0] = a + make_u32x (SHA256M_A); digest[1] = b + make_u32x (SHA256M_B); @@ -725,7 +725,7 @@ KERNEL_FQ void m31400_s04 (KERN_ATTR_RULES_ESALT (scrtv2_t)) we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); - u32x digest[8]; + u32x digest[8]; digest[0] = a + make_u32x (SHA256M_A); digest[1] = b + make_u32x (SHA256M_B); diff --git a/OpenCL/m31400_a1-optimized.cl b/OpenCL/m31400_a1-optimized.cl index f37066f84..e6b266a23 100644 --- a/OpenCL/m31400_a1-optimized.cl +++ b/OpenCL/m31400_a1-optimized.cl @@ -562,7 +562,7 @@ KERNEL_FQ void m31400_m04 (KERN_ATTR_ESALT (scrtv2_t)) we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); - u32x digest[8]; + u32x digest[8]; digest[0] = a + make_u32x (SHA256M_A); digest[1] = b + make_u32x (SHA256M_B); @@ -868,7 +868,7 @@ KERNEL_FQ void m31400_s04 (KERN_ATTR_BASIC ()) we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); - u32x digest[8]; + u32x digest[8]; digest[0] = a + make_u32x (SHA256M_A); digest[1] = b + make_u32x (SHA256M_B); diff --git a/src/modules/module_32100.c b/src/modules/module_32100.c index 9ce58a7d6..cf6401133 100644 --- a/src/modules/module_32100.c +++ b/src/modules/module_32100.c @@ -117,13 +117,13 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE * separator ('$') being at a fixed length from the end of the line. Checksum * is 24 characters in length, so then there should be a '$' at line_len - 25 */ - + if (line_buf[line_len - 25] == '$') { // JtR format krb5asrep->format = 2; } - else + else { // Hashcat format krb5asrep->format = 1; @@ -186,7 +186,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); - + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); const u8 *user_pos; @@ -225,7 +225,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE account_info_len = token.len[1]; memcpy (krb5asrep->account_info, salt_pos, account_info_len); - + /** * JtR format only has the final salt/account_info value (combination of * user and domain), rather than separate "user" and "domain" values. Since @@ -250,7 +250,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE } u8 *account_info_ptr = (u8 *) krb5asrep->account_info; - + // Domain must be uppercase u8 domain[128]; @@ -262,7 +262,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE memcpy (account_info_ptr, domain, domain_len); memcpy (account_info_ptr + domain_len, user_pos, user_len); } - + krb5asrep->account_info_len = account_info_len; // hmac-sha1 is reduced to 12 bytes diff --git a/src/modules/module_32200.c b/src/modules/module_32200.c index e219a7686..9c5f23774 100644 --- a/src/modules/module_32200.c +++ b/src/modules/module_32200.c @@ -117,13 +117,13 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE * separator ('$') being at a fixed length from the end of the line. Checksum * is 24 characters in length, so then there should be a '$' at line_len - 25 */ - + if (line_buf[line_len - 25] == '$') { // JtR format krb5asrep->format = 2; } - else + else { // Hashcat format krb5asrep->format = 1; @@ -185,7 +185,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE } const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); - + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); const u8 *user_pos; @@ -224,7 +224,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE account_info_len = token.len[1]; memcpy (krb5asrep->account_info, salt_pos, account_info_len); - + /** * JtR format only has the final salt/account_info value (combination of * user and domain), rather than separate "user" and "domain" values. Since @@ -249,7 +249,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE } u8 *account_info_ptr = (u8 *) krb5asrep->account_info; - + // Domain must be uppercase u8 domain[128]; @@ -261,7 +261,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE memcpy (account_info_ptr, domain, domain_len); memcpy (account_info_ptr + domain_len, user_pos, user_len); } - + krb5asrep->account_info_len = account_info_len; // hmac-sha1 is reduced to 12 bytes From e50682377209c964ed2f56e8a65c808f00efad01 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Sat, 17 Jun 2023 14:41:17 +0200 Subject: [PATCH 32/32] Added hash-mode: RSA Security Analytics / NetWitness (sha256) --- OpenCL/m20712_a0-optimized.cl | 1233 +++++++++++++++++++++++++++ OpenCL/m20712_a0-pure.cl | 265 ++++++ OpenCL/m20712_a1-optimized.cl | 1347 +++++++++++++++++++++++++++++ OpenCL/m20712_a1-pure.cl | 259 ++++++ OpenCL/m20712_a3-optimized.cl | 1490 +++++++++++++++++++++++++++++++++ OpenCL/m20712_a3-pure.cl | 285 +++++++ docs/changes.txt | 1 + docs/readme.txt | 1 + src/modules/module_20712.c | 266 ++++++ tools/test_modules/m20712.pm | 52 ++ 10 files changed, 5199 insertions(+) create mode 100644 OpenCL/m20712_a0-optimized.cl create mode 100644 OpenCL/m20712_a0-pure.cl create mode 100644 OpenCL/m20712_a1-optimized.cl create mode 100644 OpenCL/m20712_a1-pure.cl create mode 100644 OpenCL/m20712_a3-optimized.cl create mode 100644 OpenCL/m20712_a3-pure.cl create mode 100644 src/modules/module_20712.c create mode 100644 tools/test_modules/m20712.pm diff --git a/OpenCL/m20712_a0-optimized.cl b/OpenCL/m20712_a0-optimized.cl new file mode 100644 index 000000000..48f5e9463 --- /dev/null +++ b/OpenCL/m20712_a0-optimized.cl @@ -0,0 +1,1233 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_rp_optimized.h) +#include M2S(INCLUDE_PATH/inc_rp_optimized.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha256.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +#define SHA256_STEP_REV(a,b,c,d,e,f,g,h) \ +{ \ + u32 t2 = SHA256_S2_S(b) + SHA256_F0o(b,c,d); \ + u32 t1 = a - t2; \ + a = b; \ + b = c; \ + c = d; \ + d = e - t1; \ + e = f; \ + f = g; \ + g = h; \ + h = 0; \ +} + +KERNEL_FQ void m20712_m04 (KERN_ATTR_RULES ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 0]); + salt_buf0[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 1]); + salt_buf0[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 2]); + salt_buf0[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 3]); + salt_buf1[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 4]); + salt_buf1[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 5]); + salt_buf1[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 6]); + salt_buf1[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 7]); + salt_buf2[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 8]); + salt_buf2[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 9]); + salt_buf2[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[10]); + salt_buf2[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[11]); + salt_buf3[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[12]); + salt_buf3[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[13]); + salt_buf3[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[14]); + salt_buf3[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[15]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha256(pass) + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA256M_A; + u32x b = SHA256M_B; + u32x c = SHA256M_C; + u32x d = SHA256M_D; + u32x e = SHA256M_E; + u32x f = SHA256M_F; + u32x g = SHA256M_G; + u32x h = SHA256M_H; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + a += make_u32x (SHA256M_A); + b += make_u32x (SHA256M_B); + c += make_u32x (SHA256M_C); + d += make_u32x (SHA256M_D); + e += make_u32x (SHA256M_E); + f += make_u32x (SHA256M_F); + g += make_u32x (SHA256M_G); + h += make_u32x (SHA256M_H); + + // final sha256 + + // sha256_update_64, len 64, pos 0 + + w0_t = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w1_t = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w2_t = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w3_t = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w4_t = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w5_t = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w6_t = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w7_t = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w8_t = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w9_t = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + wa_t = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + wb_t = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + wc_t = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + wd_t = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + we_t = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + wf_t = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + // sha256 transform + + a = SHA256M_A; + b = SHA256M_B; + c = SHA256M_C; + d = SHA256M_D; + e = SHA256M_E; + f = SHA256M_F; + g = SHA256M_G; + h = SHA256M_H; + + u32x digest[8]; + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + // append salt + + // sha256_update: ctx_len 64, pos 0, len = salt_len + + w0_t = salt_buf0[0]; + w1_t = salt_buf0[1]; + w2_t = salt_buf0[2]; + w3_t = salt_buf0[3]; + w4_t = salt_buf1[0]; + w5_t = salt_buf1[1]; + w6_t = salt_buf1[2]; + w7_t = salt_buf1[3]; + w8_t = salt_buf2[0]; + w9_t = salt_buf2[1]; + wa_t = salt_buf2[2]; + wb_t = salt_buf2[3]; + wc_t = salt_buf3[0]; + wd_t = salt_buf3[1]; + we_t = salt_buf3[2]; + wf_t = salt_buf3[3]; + + // sha256_update_64: pos 0 + + const int ctx_len = 64 + salt_len; + + const int pos = ctx_len & 63; + + // append_0x80_4x4, offset = pos ^ 3 + + const u32 off = pos ^ 3; + + const u32 c0 = (off & 15) / 4; + + const u32 r0 = 0xff << ((off & 3) * 8); + + const u32 m0[4] = { ((c0 == 0) ? r0 : 0), ((c0 == 1) ? r0 : 0), ((c0 == 2) ? r0 : 0), ((c0 == 3) ? r0 : 0) }; + + const u32 off16 = off / 16; + + const u32 v0[4] = { ((off16 == 0) ? 0x80808080 : 0), ((off16 == 1) ? 0x80808080 : 0), ((off16 == 2) ? 0x80808080 : 0), ((off16 == 3) ? 0x80808080 : 0) }; + + w0_t |= v0[0] & m0[0]; + w1_t |= v0[0] & m0[1]; + w2_t |= v0[0] & m0[2]; + w3_t |= v0[0] & m0[3]; + w4_t |= v0[1] & m0[0]; + w5_t |= v0[1] & m0[1]; + w6_t |= v0[1] & m0[2]; + w7_t |= v0[1] & m0[3]; + w8_t |= v0[2] & m0[0]; + w9_t |= v0[2] & m0[1]; + wa_t |= v0[2] & m0[2]; + wb_t |= v0[2] & m0[3]; + wc_t |= v0[3] & m0[0]; + wd_t |= v0[3] & m0[1]; + we_t |= v0[3] & m0[2]; + wf_t |= v0[3] & m0[3]; + + if (pos >= 56) + { + // sha256 transform + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + w0_t = 0; + w1_t = 0; + w2_t = 0; + w3_t = 0; + w4_t = 0; + w5_t = 0; + w6_t = 0; + w7_t = 0; + w8_t = 0; + w9_t = 0; + wa_t = 0; + wb_t = 0; + wc_t = 0; + wd_t = 0; + we_t = 0; + wf_t = 0; + } + + // last sha256 transform + + we_t = 0; + wf_t = ctx_len * 8; + + a = digest[0]; + b = digest[1]; + c = digest[2]; + d = digest[3]; + e = digest[4]; + f = digest[5]; + g = digest[6]; + h = digest[7]; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + +// a += digest[0] - SHA256M_A; +// b += digest[1] - SHA256M_B; + c += digest[2] - make_u32x (SHA256M_C); + d += digest[3] - make_u32x (SHA256M_D); +// e += digest[4] - SHA256M_E; +// f += digest[5] - SHA256M_F; + g += digest[6] - make_u32x (SHA256M_G); + h += digest[7] - make_u32x (SHA256M_H); + + COMPARE_M_SIMD (d, h, c, g); + } +} + +KERNEL_FQ void m20712_m08 (KERN_ATTR_RULES ()) +{ +} + +KERNEL_FQ void m20712_m16 (KERN_ATTR_RULES ()) +{ +} + +KERNEL_FQ void m20712_s04 (KERN_ATTR_RULES ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 0]); + salt_buf0[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 1]); + salt_buf0[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 2]); + salt_buf0[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 3]); + salt_buf1[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 4]); + salt_buf1[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 5]); + salt_buf1[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 6]); + salt_buf1[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 7]); + salt_buf2[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 8]); + salt_buf2[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 9]); + salt_buf2[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[10]); + salt_buf2[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[11]); + salt_buf3[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[12]); + salt_buf3[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[13]); + salt_buf3[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[14]); + salt_buf3[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[15]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha256(pass) + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA256M_A; + u32x b = SHA256M_B; + u32x c = SHA256M_C; + u32x d = SHA256M_D; + u32x e = SHA256M_E; + u32x f = SHA256M_F; + u32x g = SHA256M_G; + u32x h = SHA256M_H; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + a += make_u32x (SHA256M_A); + b += make_u32x (SHA256M_B); + c += make_u32x (SHA256M_C); + d += make_u32x (SHA256M_D); + e += make_u32x (SHA256M_E); + f += make_u32x (SHA256M_F); + g += make_u32x (SHA256M_G); + h += make_u32x (SHA256M_H); + + // final sha256 + + // sha256_update_64, len 64, pos 0 + + w0_t = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w1_t = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w2_t = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w3_t = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w4_t = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w5_t = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w6_t = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w7_t = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w8_t = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w9_t = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + wa_t = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + wb_t = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + wc_t = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + wd_t = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + we_t = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + wf_t = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + // sha256 transform + + a = SHA256M_A; + b = SHA256M_B; + c = SHA256M_C; + d = SHA256M_D; + e = SHA256M_E; + f = SHA256M_F; + g = SHA256M_G; + h = SHA256M_H; + + u32x digest[8]; + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + // append salt + + // sha256_update: ctx_len 64, pos 0, len = salt_len + + w0_t = salt_buf0[0]; + w1_t = salt_buf0[1]; + w2_t = salt_buf0[2]; + w3_t = salt_buf0[3]; + w4_t = salt_buf1[0]; + w5_t = salt_buf1[1]; + w6_t = salt_buf1[2]; + w7_t = salt_buf1[3]; + w8_t = salt_buf2[0]; + w9_t = salt_buf2[1]; + wa_t = salt_buf2[2]; + wb_t = salt_buf2[3]; + wc_t = salt_buf3[0]; + wd_t = salt_buf3[1]; + we_t = salt_buf3[2]; + wf_t = salt_buf3[3]; + + // sha256_update_64: pos 0 + + const int ctx_len = 64 + salt_len; + + const int pos = ctx_len & 63; + + // append_0x80_4x4, offset = pos ^ 3 + + const u32 off = pos ^ 3; + + const u32 c0 = (off & 15) / 4; + + const u32 r0 = 0xff << ((off & 3) * 8); + + const u32 m0[4] = { ((c0 == 0) ? r0 : 0), ((c0 == 1) ? r0 : 0), ((c0 == 2) ? r0 : 0), ((c0 == 3) ? r0 : 0) }; + + const u32 off16 = off / 16; + + const u32 v0[4] = { ((off16 == 0) ? 0x80808080 : 0), ((off16 == 1) ? 0x80808080 : 0), ((off16 == 2) ? 0x80808080 : 0), ((off16 == 3) ? 0x80808080 : 0) }; + + w0_t |= v0[0] & m0[0]; + w1_t |= v0[0] & m0[1]; + w2_t |= v0[0] & m0[2]; + w3_t |= v0[0] & m0[3]; + w4_t |= v0[1] & m0[0]; + w5_t |= v0[1] & m0[1]; + w6_t |= v0[1] & m0[2]; + w7_t |= v0[1] & m0[3]; + w8_t |= v0[2] & m0[0]; + w9_t |= v0[2] & m0[1]; + wa_t |= v0[2] & m0[2]; + wb_t |= v0[2] & m0[3]; + wc_t |= v0[3] & m0[0]; + wd_t |= v0[3] & m0[1]; + we_t |= v0[3] & m0[2]; + wf_t |= v0[3] & m0[3]; + + if (pos >= 56) + { + // sha256 transform + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + w0_t = 0; + w1_t = 0; + w2_t = 0; + w3_t = 0; + w4_t = 0; + w5_t = 0; + w6_t = 0; + w7_t = 0; + w8_t = 0; + w9_t = 0; + wa_t = 0; + wb_t = 0; + wc_t = 0; + wd_t = 0; + we_t = 0; + wf_t = 0; + } + + // last sha256 transform + + we_t = 0; + wf_t = ctx_len * 8; + + a = digest[0]; + b = digest[1]; + c = digest[2]; + d = digest[3]; + e = digest[4]; + f = digest[5]; + g = digest[6]; + h = digest[7]; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + + // if (MATCHES_NONE_VS ((h + digest[7] - make_u32x (SHA256M_H)), d_rev)) continue; + + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + + if (MATCHES_NONE_VS ((h + digest[7] - make_u32x (SHA256M_H)), search[1])) continue; + + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + +// a += digest[0] - SHA256M_A; +// b += digest[1] - SHA256M_B; + c += digest[2] - make_u32x (SHA256M_C); + d += digest[3] - make_u32x (SHA256M_D); +// e += digest[4] - SHA256M_E; +// f += digest[5] - SHA256M_F; + g += digest[6] - make_u32x (SHA256M_G); + h += digest[7] - make_u32x (SHA256M_H); + + COMPARE_S_SIMD (d, h, c, g); + } +} + +KERNEL_FQ void m20712_s08 (KERN_ATTR_RULES ()) +{ +} + +KERNEL_FQ void m20712_s16 (KERN_ATTR_RULES ()) +{ +} diff --git a/OpenCL/m20712_a0-pure.cl b/OpenCL/m20712_a0-pure.cl new file mode 100644 index 000000000..4ec9014e3 --- /dev/null +++ b/OpenCL/m20712_a0-pure.cl @@ -0,0 +1,265 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_rp.h) +#include M2S(INCLUDE_PATH/inc_rp.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha256.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +KERNEL_FQ void m20712_mxx (KERN_ATTR_RULES ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + COPY_PW (pws[gid]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32 s[64] = { 0 }; + + for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha256_ctx_t ctx0; + + sha256_init (&ctx0); + + sha256_update_swap (&ctx0, tmp.i, tmp.pw_len); + + sha256_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + const u32 f = ctx0.h[5]; + const u32 g = ctx0.h[6]; + const u32 h = ctx0.h[7]; + + sha256_ctx_t ctx; + + sha256_init (&ctx); + + w0[0] = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w0[1] = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w0[2] = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w0[3] = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w1[0] = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w1[1] = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w1[2] = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w1[3] = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w2[0] = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w2[1] = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + w2[2] = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + w2[3] = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + w3[0] = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + w3[1] = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + w3[2] = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + w3[3] = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + sha256_update_64 (&ctx, w0, w1, w2, w3, 64); + + sha256_update (&ctx, s, salt_len); + + sha256_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m20712_sxx (KERN_ATTR_RULES ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + COPY_PW (pws[gid]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32 s[64] = { 0 }; + + for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha256_ctx_t ctx0; + + sha256_init (&ctx0); + + sha256_update_swap (&ctx0, tmp.i, tmp.pw_len); + + sha256_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + const u32 f = ctx0.h[5]; + const u32 g = ctx0.h[6]; + const u32 h = ctx0.h[7]; + + sha256_ctx_t ctx; + + sha256_init (&ctx); + + w0[0] = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w0[1] = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w0[2] = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w0[3] = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w1[0] = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w1[1] = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w1[2] = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w1[3] = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w2[0] = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w2[1] = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + w2[2] = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + w2[3] = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + w3[0] = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + w3[1] = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + w3[2] = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + w3[3] = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + sha256_update_64 (&ctx, w0, w1, w2, w3, 64); + + sha256_update (&ctx, s, salt_len); + + sha256_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m20712_a1-optimized.cl b/OpenCL/m20712_a1-optimized.cl new file mode 100644 index 000000000..b1088a630 --- /dev/null +++ b/OpenCL/m20712_a1-optimized.cl @@ -0,0 +1,1347 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha256.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +#define SHA256_STEP_REV(a,b,c,d,e,f,g,h) \ +{ \ + u32 t2 = SHA256_S2_S(b) + SHA256_F0o(b,c,d); \ + u32 t1 = a - t2; \ + a = b; \ + b = c; \ + c = d; \ + d = e - t1; \ + e = f; \ + f = g; \ + g = h; \ + h = 0; \ +} + +KERNEL_FQ void m20712_m04 (KERN_ATTR_BASIC ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 0]); + salt_buf0[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 1]); + salt_buf0[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 2]); + salt_buf0[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 3]); + salt_buf1[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 4]); + salt_buf1[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 5]); + salt_buf1[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 6]); + salt_buf1[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 7]); + salt_buf2[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 8]); + salt_buf2[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 9]); + salt_buf2[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[10]); + salt_buf2[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[11]); + salt_buf3[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[12]); + salt_buf3[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[13]); + salt_buf3[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[14]); + salt_buf3[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[15]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (COMBS_MODE == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha256(pass) + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA256M_A; + u32x b = SHA256M_B; + u32x c = SHA256M_C; + u32x d = SHA256M_D; + u32x e = SHA256M_E; + u32x f = SHA256M_F; + u32x g = SHA256M_G; + u32x h = SHA256M_H; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + a += make_u32x (SHA256M_A); + b += make_u32x (SHA256M_B); + c += make_u32x (SHA256M_C); + d += make_u32x (SHA256M_D); + e += make_u32x (SHA256M_E); + f += make_u32x (SHA256M_F); + g += make_u32x (SHA256M_G); + h += make_u32x (SHA256M_H); + + // final sha256 + + // sha256_update_64, len 64, pos 0 + + w0_t = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w1_t = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w2_t = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w3_t = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w4_t = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w5_t = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w6_t = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w7_t = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w8_t = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w9_t = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + wa_t = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + wb_t = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + wc_t = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + wd_t = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + we_t = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + wf_t = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + // sha256 transform + + a = SHA256M_A; + b = SHA256M_B; + c = SHA256M_C; + d = SHA256M_D; + e = SHA256M_E; + f = SHA256M_F; + g = SHA256M_G; + h = SHA256M_H; + + u32x digest[8]; + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + // append salt + + // sha256_update: ctx_len 64, pos 0, len = salt_len + + w0_t = salt_buf0[0]; + w1_t = salt_buf0[1]; + w2_t = salt_buf0[2]; + w3_t = salt_buf0[3]; + w4_t = salt_buf1[0]; + w5_t = salt_buf1[1]; + w6_t = salt_buf1[2]; + w7_t = salt_buf1[3]; + w8_t = salt_buf2[0]; + w9_t = salt_buf2[1]; + wa_t = salt_buf2[2]; + wb_t = salt_buf2[3]; + wc_t = salt_buf3[0]; + wd_t = salt_buf3[1]; + we_t = salt_buf3[2]; + wf_t = salt_buf3[3]; + + // sha256_update_64: pos 0 + + const int ctx_len = 64 + salt_len; + + const int pos = ctx_len & 63; + + // append_0x80_4x4, offset = pos ^ 3 + + const u32 off = pos ^ 3; + + const u32 c0 = (off & 15) / 4; + + const u32 r0 = 0xff << ((off & 3) * 8); + + const u32 m0[4] = { ((c0 == 0) ? r0 : 0), ((c0 == 1) ? r0 : 0), ((c0 == 2) ? r0 : 0), ((c0 == 3) ? r0 : 0) }; + + const u32 off16 = off / 16; + + const u32 v0[4] = { ((off16 == 0) ? 0x80808080 : 0), ((off16 == 1) ? 0x80808080 : 0), ((off16 == 2) ? 0x80808080 : 0), ((off16 == 3) ? 0x80808080 : 0) }; + + w0_t |= v0[0] & m0[0]; + w1_t |= v0[0] & m0[1]; + w2_t |= v0[0] & m0[2]; + w3_t |= v0[0] & m0[3]; + w4_t |= v0[1] & m0[0]; + w5_t |= v0[1] & m0[1]; + w6_t |= v0[1] & m0[2]; + w7_t |= v0[1] & m0[3]; + w8_t |= v0[2] & m0[0]; + w9_t |= v0[2] & m0[1]; + wa_t |= v0[2] & m0[2]; + wb_t |= v0[2] & m0[3]; + wc_t |= v0[3] & m0[0]; + wd_t |= v0[3] & m0[1]; + we_t |= v0[3] & m0[2]; + wf_t |= v0[3] & m0[3]; + + if (pos >= 56) + { + // sha256 transform + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + w0_t = 0; + w1_t = 0; + w2_t = 0; + w3_t = 0; + w4_t = 0; + w5_t = 0; + w6_t = 0; + w7_t = 0; + w8_t = 0; + w9_t = 0; + wa_t = 0; + wb_t = 0; + wc_t = 0; + wd_t = 0; + we_t = 0; + wf_t = 0; + } + + // last sha256 transform + + we_t = 0; + wf_t = ctx_len * 8; + + a = digest[0]; + b = digest[1]; + c = digest[2]; + d = digest[3]; + e = digest[4]; + f = digest[5]; + g = digest[6]; + h = digest[7]; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + +// a += digest[0] - SHA256M_A; +// b += digest[1] - SHA256M_B; + c += digest[2] - make_u32x (SHA256M_C); + d += digest[3] - make_u32x (SHA256M_D); +// e += digest[4] - SHA256M_E; +// f += digest[5] - SHA256M_F; + g += digest[6] - make_u32x (SHA256M_G); + h += digest[7] - make_u32x (SHA256M_H); + + COMPARE_M_SIMD (d, h, c, g); + } +} + +KERNEL_FQ void m20712_m08 (KERN_ATTR_BASIC ()) +{ +} + +KERNEL_FQ void m20712_m16 (KERN_ATTR_BASIC ()) +{ +} + +KERNEL_FQ void m20712_s04 (KERN_ATTR_BASIC ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 0]); + salt_buf0[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 1]); + salt_buf0[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 2]); + salt_buf0[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 3]); + salt_buf1[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 4]); + salt_buf1[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 5]); + salt_buf1[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 6]); + salt_buf1[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 7]); + salt_buf2[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 8]); + salt_buf2[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 9]); + salt_buf2[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[10]); + salt_buf2[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[11]); + salt_buf3[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[12]); + salt_buf3[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[13]); + salt_buf3[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[14]); + salt_buf3[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[15]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (COMBS_MODE == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha256(pass) + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA256M_A; + u32x b = SHA256M_B; + u32x c = SHA256M_C; + u32x d = SHA256M_D; + u32x e = SHA256M_E; + u32x f = SHA256M_F; + u32x g = SHA256M_G; + u32x h = SHA256M_H; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + a += make_u32x (SHA256M_A); + b += make_u32x (SHA256M_B); + c += make_u32x (SHA256M_C); + d += make_u32x (SHA256M_D); + e += make_u32x (SHA256M_E); + f += make_u32x (SHA256M_F); + g += make_u32x (SHA256M_G); + h += make_u32x (SHA256M_H); + + // final sha256 + + // sha256_update_64, len 64, pos 0 + + w0_t = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w1_t = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w2_t = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w3_t = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w4_t = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w5_t = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w6_t = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w7_t = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w8_t = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w9_t = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + wa_t = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + wb_t = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + wc_t = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + wd_t = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + we_t = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + wf_t = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + // sha256 transform + + a = SHA256M_A; + b = SHA256M_B; + c = SHA256M_C; + d = SHA256M_D; + e = SHA256M_E; + f = SHA256M_F; + g = SHA256M_G; + h = SHA256M_H; + + u32x digest[8]; + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + // append salt + + // sha256_update: ctx_len 64, pos 0, len = salt_len + + w0_t = salt_buf0[0]; + w1_t = salt_buf0[1]; + w2_t = salt_buf0[2]; + w3_t = salt_buf0[3]; + w4_t = salt_buf1[0]; + w5_t = salt_buf1[1]; + w6_t = salt_buf1[2]; + w7_t = salt_buf1[3]; + w8_t = salt_buf2[0]; + w9_t = salt_buf2[1]; + wa_t = salt_buf2[2]; + wb_t = salt_buf2[3]; + wc_t = salt_buf3[0]; + wd_t = salt_buf3[1]; + we_t = salt_buf3[2]; + wf_t = salt_buf3[3]; + + // sha256_update_64: pos 0 + + const int ctx_len = 64 + salt_len; + + const int pos = ctx_len & 63; + + // append_0x80_4x4, offset = pos ^ 3 + + const u32 off = pos ^ 3; + + const u32 c0 = (off & 15) / 4; + + const u32 r0 = 0xff << ((off & 3) * 8); + + const u32 m0[4] = { ((c0 == 0) ? r0 : 0), ((c0 == 1) ? r0 : 0), ((c0 == 2) ? r0 : 0), ((c0 == 3) ? r0 : 0) }; + + const u32 off16 = off / 16; + + const u32 v0[4] = { ((off16 == 0) ? 0x80808080 : 0), ((off16 == 1) ? 0x80808080 : 0), ((off16 == 2) ? 0x80808080 : 0), ((off16 == 3) ? 0x80808080 : 0) }; + + w0_t |= v0[0] & m0[0]; + w1_t |= v0[0] & m0[1]; + w2_t |= v0[0] & m0[2]; + w3_t |= v0[0] & m0[3]; + w4_t |= v0[1] & m0[0]; + w5_t |= v0[1] & m0[1]; + w6_t |= v0[1] & m0[2]; + w7_t |= v0[1] & m0[3]; + w8_t |= v0[2] & m0[0]; + w9_t |= v0[2] & m0[1]; + wa_t |= v0[2] & m0[2]; + wb_t |= v0[2] & m0[3]; + wc_t |= v0[3] & m0[0]; + wd_t |= v0[3] & m0[1]; + we_t |= v0[3] & m0[2]; + wf_t |= v0[3] & m0[3]; + + if (pos >= 56) + { + // sha256 transform + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + w0_t = 0; + w1_t = 0; + w2_t = 0; + w3_t = 0; + w4_t = 0; + w5_t = 0; + w6_t = 0; + w7_t = 0; + w8_t = 0; + w9_t = 0; + wa_t = 0; + wb_t = 0; + wc_t = 0; + wd_t = 0; + we_t = 0; + wf_t = 0; + } + + // last sha256 transform + + we_t = 0; + wf_t = ctx_len * 8; + + a = digest[0]; + b = digest[1]; + c = digest[2]; + d = digest[3]; + e = digest[4]; + f = digest[5]; + g = digest[6]; + h = digest[7]; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + + // if (MATCHES_NONE_VS ((h + digest[7] - make_u32x (SHA256M_H)), d_rev)) continue; + + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + + if (MATCHES_NONE_VS ((h + digest[7] - make_u32x (SHA256M_H)), search[1])) continue; + + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + +// a += digest[0] - SHA256M_A; +// b += digest[1] - SHA256M_B; + c += digest[2] - make_u32x (SHA256M_C); + d += digest[3] - make_u32x (SHA256M_D); +// e += digest[4] - SHA256M_E; +// f += digest[5] - SHA256M_F; + g += digest[6] - make_u32x (SHA256M_G); + h += digest[7] - make_u32x (SHA256M_H); + + COMPARE_S_SIMD (d, h, c, g); + } +} + +KERNEL_FQ void m20712_s08 (KERN_ATTR_BASIC ()) +{ +} + +KERNEL_FQ void m20712_s16 (KERN_ATTR_BASIC ()) +{ +} diff --git a/OpenCL/m20712_a1-pure.cl b/OpenCL/m20712_a1-pure.cl new file mode 100644 index 000000000..b713e2eca --- /dev/null +++ b/OpenCL/m20712_a1-pure.cl @@ -0,0 +1,259 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_scalar.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha256.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +KERNEL_FQ void m20712_mxx (KERN_ATTR_BASIC ()) +{ + /** + * modifier + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + u32 s[64] = { 0 }; + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + sha256_ctx_t ctx1; + + sha256_init (&ctx1); + + sha256_update_global_swap (&ctx1, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + sha256_ctx_t ctx0 = ctx1; + + sha256_update_global_swap (&ctx0, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha256_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + const u32 f = ctx0.h[5]; + const u32 g = ctx0.h[6]; + const u32 h = ctx0.h[7]; + + sha256_ctx_t ctx; + + sha256_init (&ctx); + + w0[0] = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w0[1] = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w0[2] = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w0[3] = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w1[0] = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w1[1] = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w1[2] = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w1[3] = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w2[0] = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w2[1] = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + w2[2] = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + w2[3] = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + w3[0] = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + w3[1] = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + w3[2] = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + w3[3] = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + sha256_update_64 (&ctx, w0, w1, w2, w3, 64); + + sha256_update (&ctx, s, salt_len); + + sha256_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_M_SCALAR (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m20712_sxx (KERN_ATTR_BASIC ()) +{ + /** + * modifier + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32 s[64] = { 0 }; + + for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + sha256_ctx_t ctx1; + + sha256_init (&ctx1); + + sha256_update_global_swap (&ctx1, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++) + { + sha256_ctx_t ctx0 = ctx1; + + sha256_update_global_swap (&ctx0, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha256_final (&ctx0); + + const u32 a = ctx0.h[0]; + const u32 b = ctx0.h[1]; + const u32 c = ctx0.h[2]; + const u32 d = ctx0.h[3]; + const u32 e = ctx0.h[4]; + const u32 f = ctx0.h[5]; + const u32 g = ctx0.h[6]; + const u32 h = ctx0.h[7]; + + sha256_ctx_t ctx; + + sha256_init (&ctx); + + w0[0] = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w0[1] = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w0[2] = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w0[3] = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w1[0] = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w1[1] = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w1[2] = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w1[3] = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w2[0] = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w2[1] = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + w2[2] = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + w2[3] = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + w3[0] = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + w3[1] = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + w3[2] = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + w3[3] = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + sha256_update_64 (&ctx, w0, w1, w2, w3, 64); + + sha256_update (&ctx, s, salt_len); + + sha256_final (&ctx); + + const u32 r0 = ctx.h[DGST_R0]; + const u32 r1 = ctx.h[DGST_R1]; + const u32 r2 = ctx.h[DGST_R2]; + const u32 r3 = ctx.h[DGST_R3]; + + COMPARE_S_SCALAR (r0, r1, r2, r3); + } +} diff --git a/OpenCL/m20712_a3-optimized.cl b/OpenCL/m20712_a3-optimized.cl new file mode 100644 index 000000000..2814cbe69 --- /dev/null +++ b/OpenCL/m20712_a3-optimized.cl @@ -0,0 +1,1490 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha256.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +#define SHA256_STEP_REV(a,b,c,d,e,f,g,h) \ +{ \ + u32 t2 = SHA256_S2_S(b) + SHA256_F0o(b,c,d); \ + u32 t1 = a - t2; \ + a = b; \ + b = c; \ + c = d; \ + d = e - t1; \ + e = f; \ + f = g; \ + g = h; \ + h = 0; \ +} + +DECLSPEC void m20712m (PRIVATE_AS u32 *w, const u32 pw_len, KERN_ATTR_FUNC_VECTOR (), LOCAL_AS u32 *l_bin2asc) +{ + /** + * modifiers are taken from args + */ + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 0]); + salt_buf0[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 1]); + salt_buf0[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 2]); + salt_buf0[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 3]); + salt_buf1[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 4]); + salt_buf1[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 5]); + salt_buf1[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 6]); + salt_buf1[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 7]); + salt_buf2[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 8]); + salt_buf2[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 9]); + salt_buf2[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[10]); + salt_buf2[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[11]); + salt_buf3[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[12]); + salt_buf3[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[13]); + salt_buf3[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[14]); + salt_buf3[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[15]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + /** + * sha256(pass) + */ + + u32x w0_t = w0; + u32x w1_t = w[ 1]; + u32x w2_t = w[ 2]; + u32x w3_t = w[ 3]; + u32x w4_t = w[ 4]; + u32x w5_t = w[ 5]; + u32x w6_t = w[ 6]; + u32x w7_t = w[ 7]; + u32x w8_t = w[ 8]; + u32x w9_t = w[ 9]; + u32x wa_t = w[10]; + u32x wb_t = w[11]; + u32x wc_t = w[12]; + u32x wd_t = w[13]; + u32x we_t = w[14]; + u32x wf_t = w[15]; + + u32x a = SHA256M_A; + u32x b = SHA256M_B; + u32x c = SHA256M_C; + u32x d = SHA256M_D; + u32x e = SHA256M_E; + u32x f = SHA256M_F; + u32x g = SHA256M_G; + u32x h = SHA256M_H; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + a += make_u32x (SHA256M_A); + b += make_u32x (SHA256M_B); + c += make_u32x (SHA256M_C); + d += make_u32x (SHA256M_D); + e += make_u32x (SHA256M_E); + f += make_u32x (SHA256M_F); + g += make_u32x (SHA256M_G); + h += make_u32x (SHA256M_H); + + // final sha256 + + // sha256_update_64, len 64, pos 0 + + w0_t = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w1_t = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w2_t = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w3_t = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w4_t = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w5_t = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w6_t = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w7_t = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w8_t = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w9_t = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + wa_t = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + wb_t = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + wc_t = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + wd_t = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + we_t = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + wf_t = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + // sha256 transform + + a = SHA256M_A; + b = SHA256M_B; + c = SHA256M_C; + d = SHA256M_D; + e = SHA256M_E; + f = SHA256M_F; + g = SHA256M_G; + h = SHA256M_H; + + u32x digest[8]; + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + // append salt + + // sha256_update: ctx_len 64, pos 0, len = salt_len + + w0_t = salt_buf0[0]; + w1_t = salt_buf0[1]; + w2_t = salt_buf0[2]; + w3_t = salt_buf0[3]; + w4_t = salt_buf1[0]; + w5_t = salt_buf1[1]; + w6_t = salt_buf1[2]; + w7_t = salt_buf1[3]; + w8_t = salt_buf2[0]; + w9_t = salt_buf2[1]; + wa_t = salt_buf2[2]; + wb_t = salt_buf2[3]; + wc_t = salt_buf3[0]; + wd_t = salt_buf3[1]; + we_t = salt_buf3[2]; + wf_t = salt_buf3[3]; + + // sha256_update_64: pos 0 + + const int ctx_len = 64 + salt_len; + + const int pos = ctx_len & 63; + + // append_0x80_4x4, offset = pos ^ 3 + + const u32 off = pos ^ 3; + + const u32 c0 = (off & 15) / 4; + + const u32 r0 = 0xff << ((off & 3) * 8); + + const u32 m0[4] = { ((c0 == 0) ? r0 : 0), ((c0 == 1) ? r0 : 0), ((c0 == 2) ? r0 : 0), ((c0 == 3) ? r0 : 0) }; + + const u32 off16 = off / 16; + + const u32 v0[4] = { ((off16 == 0) ? 0x80808080 : 0), ((off16 == 1) ? 0x80808080 : 0), ((off16 == 2) ? 0x80808080 : 0), ((off16 == 3) ? 0x80808080 : 0) }; + + w0_t |= v0[0] & m0[0]; + w1_t |= v0[0] & m0[1]; + w2_t |= v0[0] & m0[2]; + w3_t |= v0[0] & m0[3]; + w4_t |= v0[1] & m0[0]; + w5_t |= v0[1] & m0[1]; + w6_t |= v0[1] & m0[2]; + w7_t |= v0[1] & m0[3]; + w8_t |= v0[2] & m0[0]; + w9_t |= v0[2] & m0[1]; + wa_t |= v0[2] & m0[2]; + wb_t |= v0[2] & m0[3]; + wc_t |= v0[3] & m0[0]; + wd_t |= v0[3] & m0[1]; + we_t |= v0[3] & m0[2]; + wf_t |= v0[3] & m0[3]; + + if (pos >= 56) + { + // sha256 transform + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + w0_t = 0; + w1_t = 0; + w2_t = 0; + w3_t = 0; + w4_t = 0; + w5_t = 0; + w6_t = 0; + w7_t = 0; + w8_t = 0; + w9_t = 0; + wa_t = 0; + wb_t = 0; + wc_t = 0; + wd_t = 0; + we_t = 0; + wf_t = 0; + } + + // last sha256 transform + + we_t = 0; + wf_t = ctx_len * 8; + + a = digest[0]; + b = digest[1]; + c = digest[2]; + d = digest[3]; + e = digest[4]; + f = digest[5]; + g = digest[6]; + h = digest[7]; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + +// a += digest[0] - SHA256M_A; +// b += digest[1] - SHA256M_B; + c += digest[2] - make_u32x (SHA256M_C); + d += digest[3] - make_u32x (SHA256M_D); +// e += digest[4] - SHA256M_E; +// f += digest[5] - SHA256M_F; + g += digest[6] - make_u32x (SHA256M_G); + h += digest[7] - make_u32x (SHA256M_H); + + COMPARE_M_SIMD (d, h, c, g); + } +} + +DECLSPEC void m20712s (PRIVATE_AS u32 *w, const u32 pw_len, KERN_ATTR_FUNC_VECTOR (), LOCAL_AS u32 *l_bin2asc) +{ + /** + * modifiers are taken from args + */ + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 0]); + salt_buf0[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 1]); + salt_buf0[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 2]); + salt_buf0[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 3]); + salt_buf1[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 4]); + salt_buf1[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 5]); + salt_buf1[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 6]); + salt_buf1[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 7]); + salt_buf2[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 8]); + salt_buf2[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[ 9]); + salt_buf2[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[10]); + salt_buf2[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[11]); + salt_buf3[0] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[12]); + salt_buf3[1] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[13]); + salt_buf3[2] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[14]); + salt_buf3[3] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[15]); + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + /** + * sha256(pass) + */ + + u32x w0_t = w0; + u32x w1_t = w[ 1]; + u32x w2_t = w[ 2]; + u32x w3_t = w[ 3]; + u32x w4_t = w[ 4]; + u32x w5_t = w[ 5]; + u32x w6_t = w[ 6]; + u32x w7_t = w[ 7]; + u32x w8_t = w[ 8]; + u32x w9_t = w[ 9]; + u32x wa_t = w[10]; + u32x wb_t = w[11]; + u32x wc_t = w[12]; + u32x wd_t = w[13]; + u32x we_t = w[14]; + u32x wf_t = w[15]; + + u32x a = SHA256M_A; + u32x b = SHA256M_B; + u32x c = SHA256M_C; + u32x d = SHA256M_D; + u32x e = SHA256M_E; + u32x f = SHA256M_F; + u32x g = SHA256M_G; + u32x h = SHA256M_H; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + a += make_u32x (SHA256M_A); + b += make_u32x (SHA256M_B); + c += make_u32x (SHA256M_C); + d += make_u32x (SHA256M_D); + e += make_u32x (SHA256M_E); + f += make_u32x (SHA256M_F); + g += make_u32x (SHA256M_G); + h += make_u32x (SHA256M_H); + + // final sha256 + + // sha256_update_64, len 64, pos 0 + + w0_t = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + w1_t = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + w2_t = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + w3_t = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + w4_t = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + w5_t = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + w6_t = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + w7_t = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + w8_t = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + w9_t = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + wa_t = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + wb_t = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + wc_t = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + wd_t = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + we_t = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + wf_t = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + // sha256 transform + + a = SHA256M_A; + b = SHA256M_B; + c = SHA256M_C; + d = SHA256M_D; + e = SHA256M_E; + f = SHA256M_F; + g = SHA256M_G; + h = SHA256M_H; + + u32x digest[8]; + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + // append salt + + // sha256_update: ctx_len 64, pos 0, len = salt_len + + w0_t = salt_buf0[0]; + w1_t = salt_buf0[1]; + w2_t = salt_buf0[2]; + w3_t = salt_buf0[3]; + w4_t = salt_buf1[0]; + w5_t = salt_buf1[1]; + w6_t = salt_buf1[2]; + w7_t = salt_buf1[3]; + w8_t = salt_buf2[0]; + w9_t = salt_buf2[1]; + wa_t = salt_buf2[2]; + wb_t = salt_buf2[3]; + wc_t = salt_buf3[0]; + wd_t = salt_buf3[1]; + we_t = salt_buf3[2]; + wf_t = salt_buf3[3]; + + // sha256_update_64: pos 0 + + const int ctx_len = 64 + salt_len; + + const int pos = ctx_len & 63; + + // append_0x80_4x4, offset = pos ^ 3 + + const u32 off = pos ^ 3; + + const u32 c0 = (off & 15) / 4; + + const u32 r0 = 0xff << ((off & 3) * 8); + + const u32 m0[4] = { ((c0 == 0) ? r0 : 0), ((c0 == 1) ? r0 : 0), ((c0 == 2) ? r0 : 0), ((c0 == 3) ? r0 : 0) }; + + const u32 off16 = off / 16; + + const u32 v0[4] = { ((off16 == 0) ? 0x80808080 : 0), ((off16 == 1) ? 0x80808080 : 0), ((off16 == 2) ? 0x80808080 : 0), ((off16 == 3) ? 0x80808080 : 0) }; + + w0_t |= v0[0] & m0[0]; + w1_t |= v0[0] & m0[1]; + w2_t |= v0[0] & m0[2]; + w3_t |= v0[0] & m0[3]; + w4_t |= v0[1] & m0[0]; + w5_t |= v0[1] & m0[1]; + w6_t |= v0[1] & m0[2]; + w7_t |= v0[1] & m0[3]; + w8_t |= v0[2] & m0[0]; + w9_t |= v0[2] & m0[1]; + wa_t |= v0[2] & m0[2]; + wb_t |= v0[2] & m0[3]; + wc_t |= v0[3] & m0[0]; + wd_t |= v0[3] & m0[1]; + we_t |= v0[3] & m0[2]; + wf_t |= v0[3] & m0[3]; + + if (pos >= 56) + { + // sha256 transform + + digest[0] = a; + digest[1] = b; + digest[2] = c; + digest[3] = d; + digest[4] = e; + digest[5] = f; + digest[6] = g; + digest[7] = h; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; + digest[5] += f; + digest[6] += g; + digest[7] += h; + + w0_t = 0; + w1_t = 0; + w2_t = 0; + w3_t = 0; + w4_t = 0; + w5_t = 0; + w6_t = 0; + w7_t = 0; + w8_t = 0; + w9_t = 0; + wa_t = 0; + wb_t = 0; + wc_t = 0; + wd_t = 0; + we_t = 0; + wf_t = 0; + } + + // last sha256 transform + + we_t = 0; + wf_t = ctx_len * 8; + + a = digest[0]; + b = digest[1]; + c = digest[2]; + d = digest[3]; + e = digest[4]; + f = digest[5]; + g = digest[6]; + h = digest[7]; + + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C00); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C01); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C02); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C03); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C04); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C05); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C06); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C07); + SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C08); + SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C09); + SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C0a); + SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C0b); + SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C0c); + SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C0d); + SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C0e); + SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C0f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C10); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C11); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C12); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C13); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C14); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C15); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C16); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C17); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C18); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C19); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C1a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C1b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C1c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C1d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C1e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C1f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C20); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C21); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C22); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C23); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C24); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C25); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C26); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C27); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C28); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C29); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C2a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C2b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C2c); + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C2d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C2e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C2f); + + w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, SHA256C30); + w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, SHA256C31); + w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, SHA256C32); + w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, SHA256C33); + w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, SHA256C34); + w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, SHA256C35); + w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, SHA256C36); + w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, SHA256C37); + w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, SHA256C38); + w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, SHA256C39); + wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, SHA256C3a); + wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, SHA256C3b); + wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, SHA256C3c); + + if (MATCHES_NONE_VS ((h + digest[7] - make_u32x (SHA256M_H)), search[1])) continue; + + wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, SHA256C3d); + we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, SHA256C3e); + wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, SHA256C3f); + +// a += digest[0] - SHA256M_A; +// b += digest[1] - SHA256M_B; + c += digest[2] - make_u32x (SHA256M_C); + d += digest[3] - make_u32x (SHA256M_D); +// e += digest[4] - SHA256M_E; +// f += digest[5] - SHA256M_F; + g += digest[6] - make_u32x (SHA256M_G); + h += digest[7] - make_u32x (SHA256M_H); + + COMPARE_S_SIMD (d, h, c, g); + } +} + +KERNEL_FQ void m20712_m04 (KERN_ATTR_VECTOR ()) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m20712m (w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m20712_m08 (KERN_ATTR_VECTOR ()) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m20712m (w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m20712_m16 (KERN_ATTR_VECTOR ()) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m20712m (w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m20712_s04 (KERN_ATTR_VECTOR ()) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m20712s (w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m20712_s08 (KERN_ATTR_VECTOR ()) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m20712s (w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} + +KERNEL_FQ void m20712_s16 (KERN_ATTR_VECTOR ()) +{ + /** + * base + */ + + const u64 lid = get_local_id (0); + const u64 gid = get_global_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * modifier + */ + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m20712s (w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, kernel_param, gid, lid, lsz, l_bin2asc); +} diff --git a/OpenCL/m20712_a3-pure.cl b/OpenCL/m20712_a3-pure.cl new file mode 100644 index 000000000..908b8ca2d --- /dev/null +++ b/OpenCL/m20712_a3-pure.cl @@ -0,0 +1,285 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include M2S(INCLUDE_PATH/inc_vendor.h) +#include M2S(INCLUDE_PATH/inc_types.h) +#include M2S(INCLUDE_PATH/inc_platform.cl) +#include M2S(INCLUDE_PATH/inc_common.cl) +#include M2S(INCLUDE_PATH/inc_simd.cl) +#include M2S(INCLUDE_PATH/inc_hash_sha256.cl) +#endif + +#if VECT_SIZE == 1 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i)]) +#elif VECT_SIZE == 2 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1]) +#elif VECT_SIZE == 4 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3]) +#elif VECT_SIZE == 8 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7]) +#elif VECT_SIZE == 16 +#define uint_to_hex_lower8_le(i) make_u32x (l_bin2asc[(i).s0], l_bin2asc[(i).s1], l_bin2asc[(i).s2], l_bin2asc[(i).s3], l_bin2asc[(i).s4], l_bin2asc[(i).s5], l_bin2asc[(i).s6], l_bin2asc[(i).s7], l_bin2asc[(i).s8], l_bin2asc[(i).s9], l_bin2asc[(i).sa], l_bin2asc[(i).sb], l_bin2asc[(i).sc], l_bin2asc[(i).sd], l_bin2asc[(i).se], l_bin2asc[(i).sf]) +#endif + +KERNEL_FQ void m20712_mxx (KERN_ATTR_VECTOR ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * base + */ + + u32x _w0[4]; + u32x _w1[4]; + u32x _w2[4]; + u32x _w3[4]; + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32x s[64] = { 0 }; + + for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha256_ctx_vector_t ctx0; + + sha256_init_vector (&ctx0); + + sha256_update_vector (&ctx0, w, pw_len); + + sha256_final_vector (&ctx0); + + const u32x a = ctx0.h[0]; + const u32x b = ctx0.h[1]; + const u32x c = ctx0.h[2]; + const u32x d = ctx0.h[3]; + const u32x e = ctx0.h[4]; + const u32x f = ctx0.h[5]; + const u32x g = ctx0.h[6]; + const u32x h = ctx0.h[7]; + + sha256_ctx_vector_t ctx; + + sha256_init_vector (&ctx); + + _w0[0] = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + _w0[1] = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + _w0[2] = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + _w0[3] = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + _w1[0] = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + _w1[1] = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + _w1[2] = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + _w1[3] = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + _w2[0] = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + _w2[1] = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + _w2[2] = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + _w2[3] = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + _w3[0] = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + _w3[1] = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + _w3[2] = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + _w3[3] = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + sha256_update_vector_64 (&ctx, _w0, _w1, _w2, _w3, 64); + + sha256_update_vector (&ctx, s, salt_len); + + sha256_final_vector (&ctx); + + const u32x r0 = ctx.h[DGST_R0]; + const u32x r1 = ctx.h[DGST_R1]; + const u32x r2 = ctx.h[DGST_R2]; + const u32x r3 = ctx.h[DGST_R3]; + + COMPARE_M_SIMD (r0, r1, r2, r3); + } +} + +KERNEL_FQ void m20712_sxx (KERN_ATTR_VECTOR ()) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * bin2asc table + */ + + LOCAL_VK u32 l_bin2asc[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + const u32 i0 = (i >> 0) & 15; + const u32 i1 = (i >> 4) & 15; + + l_bin2asc[i] = ((i0 < 10) ? '0' + i0 : 'A' - 10 + i0) << 0 + | ((i1 < 10) ? '0' + i1 : 'A' - 10 + i1) << 8; + } + + SYNC_THREADS (); + + if (gid >= GID_CNT) return; + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2], + digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3] + }; + + /** + * base + */ + + u32x _w0[4]; + u32x _w1[4]; + u32x _w2[4]; + u32x _w3[4]; + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + const u32 salt_len = salt_bufs[SALT_POS_HOST].salt_len; + + u32x s[64] = { 0 }; + + for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1) + { + s[idx] = hc_swap32_S (salt_bufs[SALT_POS_HOST].salt_buf[idx]); + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < IL_CNT; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha256_ctx_vector_t ctx0; + + sha256_init_vector (&ctx0); + + sha256_update_vector (&ctx0, w, pw_len); + + sha256_final_vector (&ctx0); + + const u32x a = ctx0.h[0]; + const u32x b = ctx0.h[1]; + const u32x c = ctx0.h[2]; + const u32x d = ctx0.h[3]; + const u32x e = ctx0.h[4]; + const u32x f = ctx0.h[5]; + const u32x g = ctx0.h[6]; + const u32x h = ctx0.h[7]; + + sha256_ctx_vector_t ctx; + + sha256_init_vector (&ctx); + + _w0[0] = uint_to_hex_lower8_le ((a >> 16) & 255) << 0 | uint_to_hex_lower8_le ((a >> 24) & 255) << 16; + _w0[1] = uint_to_hex_lower8_le ((a >> 0) & 255) << 0 | uint_to_hex_lower8_le ((a >> 8) & 255) << 16; + _w0[2] = uint_to_hex_lower8_le ((b >> 16) & 255) << 0 | uint_to_hex_lower8_le ((b >> 24) & 255) << 16; + _w0[3] = uint_to_hex_lower8_le ((b >> 0) & 255) << 0 | uint_to_hex_lower8_le ((b >> 8) & 255) << 16; + _w1[0] = uint_to_hex_lower8_le ((c >> 16) & 255) << 0 | uint_to_hex_lower8_le ((c >> 24) & 255) << 16; + _w1[1] = uint_to_hex_lower8_le ((c >> 0) & 255) << 0 | uint_to_hex_lower8_le ((c >> 8) & 255) << 16; + _w1[2] = uint_to_hex_lower8_le ((d >> 16) & 255) << 0 | uint_to_hex_lower8_le ((d >> 24) & 255) << 16; + _w1[3] = uint_to_hex_lower8_le ((d >> 0) & 255) << 0 | uint_to_hex_lower8_le ((d >> 8) & 255) << 16; + _w2[0] = uint_to_hex_lower8_le ((e >> 16) & 255) << 0 | uint_to_hex_lower8_le ((e >> 24) & 255) << 16; + _w2[1] = uint_to_hex_lower8_le ((e >> 0) & 255) << 0 | uint_to_hex_lower8_le ((e >> 8) & 255) << 16; + _w2[2] = uint_to_hex_lower8_le ((f >> 16) & 255) << 0 | uint_to_hex_lower8_le ((f >> 24) & 255) << 16; + _w2[3] = uint_to_hex_lower8_le ((f >> 0) & 255) << 0 | uint_to_hex_lower8_le ((f >> 8) & 255) << 16; + _w3[0] = uint_to_hex_lower8_le ((g >> 16) & 255) << 0 | uint_to_hex_lower8_le ((g >> 24) & 255) << 16; + _w3[1] = uint_to_hex_lower8_le ((g >> 0) & 255) << 0 | uint_to_hex_lower8_le ((g >> 8) & 255) << 16; + _w3[2] = uint_to_hex_lower8_le ((h >> 16) & 255) << 0 | uint_to_hex_lower8_le ((h >> 24) & 255) << 16; + _w3[3] = uint_to_hex_lower8_le ((h >> 0) & 255) << 0 | uint_to_hex_lower8_le ((h >> 8) & 255) << 16; + + sha256_update_vector_64 (&ctx, _w0, _w1, _w2, _w3, 64); + + sha256_update_vector (&ctx, s, salt_len); + + sha256_final_vector (&ctx); + + const u32x r0 = ctx.h[DGST_R0]; + const u32x r1 = ctx.h[DGST_R1]; + const u32x r2 = ctx.h[DGST_R2]; + const u32x r3 = ctx.h[DGST_R3]; + + COMPARE_S_SIMD (r0, r1, r2, r3); + } +} diff --git a/docs/changes.txt b/docs/changes.txt index 51498d12a..c6ca5bec4 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -35,6 +35,7 @@ - Added hash-mode: NetIQ SSPR (SHA-256 with Salt) - Added hash-mode: NetIQ SSPR (SHA-512 with Salt) - Added hash-mode: NetIQ SSPR (SHA1) +- Added hash-mode: RSA Security Analytics / NetWitness (sha256) - Added hash-mode: SecureCRT MasterPassphrase v2 - Added hash-mode: Veeam VB - Added hash-mode: bcrypt(sha256($pass)) diff --git a/docs/readme.txt b/docs/readme.txt index 10fb5302d..9d131d543 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -291,6 +291,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - SAP CODVN F/G (PASSCODE) - SAP CODVN F/G (PASSCODE) from RFC_READ_TABLE - SAP CODVN H (PWDSALTEDHASH) iSSHA-1 +- RSA Security Analytics / NetWitness (sha256) - Adobe AEM (SSPR, SHA-256 with Salt) - Adobe AEM (SSPR, SHA-512 with Salt) - PeopleSoft diff --git a/src/modules/module_20712.c b/src/modules/module_20712.c new file mode 100644 index 000000000..e2b5a492d --- /dev/null +++ b/src/modules/module_20712.c @@ -0,0 +1,266 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" +#include "memory.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 3; +static const u32 DGST_POS1 = 7; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 6; +static const u32 DGST_SIZE = DGST_SIZE_4_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; +static const char *HASH_NAME = "RSA Security Analytics / NetWitness (sha256)"; +static const u64 KERN_TYPE = 20712; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_PRECOMPUTE_INIT + | OPTI_TYPE_EARLY_SKIP + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_RAW_HASH; +static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE + | OPTS_TYPE_PT_GENERATE_BE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15 + | OPTS_TYPE_ST_BASE64; +static const u32 SALT_TYPE = SALT_TYPE_GENERIC; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "6F48F44C46F5ADC534597687B086278F0AAF7D262ADDB3978562A7D55BBDF467:MDAwMzY1NzYwODI4MQ=="; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + hc_token_t token; + + memset (&token, 0, sizeof (hc_token_t)); + + token.token_cnt = 2; + + token.sep[0] = hashconfig->separator; + token.len[0] = 64; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[1] = SALT_MIN; + token.len_max[1] = SALT_MAX; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *hash_pos = token.buf[0]; + + digest[0] = hex_to_u32 (hash_pos + 0); + digest[1] = hex_to_u32 (hash_pos + 8); + digest[2] = hex_to_u32 (hash_pos + 16); + digest[3] = hex_to_u32 (hash_pos + 24); + digest[4] = hex_to_u32 (hash_pos + 32); + digest[5] = hex_to_u32 (hash_pos + 40); + digest[6] = hex_to_u32 (hash_pos + 48); + digest[7] = hex_to_u32 (hash_pos + 56); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + digest[5] = byte_swap_32 (digest[5]); + digest[6] = byte_swap_32 (digest[6]); + digest[7] = byte_swap_32 (digest[7]); + + if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL) + { + digest[0] -= SHA256M_A; + digest[1] -= SHA256M_B; + digest[2] -= SHA256M_C; + digest[3] -= SHA256M_D; + digest[4] -= SHA256M_E; + digest[5] -= SHA256M_F; + digest[6] -= SHA256M_G; + digest[7] -= SHA256M_H; + } + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len); + + if (parse_rc == false) return (PARSER_SALT_LENGTH); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + u32 tmp[8]; + + tmp[0] = digest[0]; + tmp[1] = digest[1]; + tmp[2] = digest[2]; + tmp[3] = digest[3]; + tmp[4] = digest[4]; + tmp[5] = digest[5]; + tmp[6] = digest[6]; + tmp[7] = digest[7]; + + if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL) + { + tmp[0] += SHA256M_A; + tmp[1] += SHA256M_B; + tmp[2] += SHA256M_C; + tmp[3] += SHA256M_D; + tmp[4] += SHA256M_E; + tmp[5] += SHA256M_F; + tmp[6] += SHA256M_G; + tmp[7] += SHA256M_H; + } + + tmp[0] = byte_swap_32 (tmp[0]); + tmp[1] = byte_swap_32 (tmp[1]); + tmp[2] = byte_swap_32 (tmp[2]); + tmp[3] = byte_swap_32 (tmp[3]); + tmp[4] = byte_swap_32 (tmp[4]); + tmp[5] = byte_swap_32 (tmp[5]); + tmp[6] = byte_swap_32 (tmp[6]); + tmp[7] = byte_swap_32 (tmp[7]); + + u8 tmp_uc[64]; + + memset (tmp_uc, 0, sizeof (tmp_uc)); + + int tmp_off = 0; + + u32_to_hex (tmp[0], tmp_uc + tmp_off); tmp_off += 8; + u32_to_hex (tmp[1], tmp_uc + tmp_off); tmp_off += 8; + u32_to_hex (tmp[2], tmp_uc + tmp_off); tmp_off += 8; + u32_to_hex (tmp[3], tmp_uc + tmp_off); tmp_off += 8; + u32_to_hex (tmp[4], tmp_uc + tmp_off); tmp_off += 8; + u32_to_hex (tmp[5], tmp_uc + tmp_off); tmp_off += 8; + u32_to_hex (tmp[6], tmp_uc + tmp_off); tmp_off += 8; + u32_to_hex (tmp[7], tmp_uc + tmp_off); tmp_off += 8; + + uppercase (tmp_uc, 64); + + u8 *out_buf = (u8 *) line_buf; + + int out_len = 0; + + memcpy (out_buf, tmp_uc, 64); + + out_len += 64; + + out_buf[out_len] = hashconfig->separator; + + out_len += 1; + + out_len += generic_salt_encode (hashconfig, (const u8 *) salt->salt_buf, (const int) salt->salt_len, out_buf + out_len); + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_charset = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_deprecated_notice = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; + module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m20712.pm b/tools/test_modules/m20712.pm new file mode 100644 index 000000000..7cea4821f --- /dev/null +++ b/tools/test_modules/m20712.pm @@ -0,0 +1,52 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA qw (sha256_hex); +use MIME::Base64 qw (decode_base64 encode_base64); + +sub module_constraints { [[0, 256], [0, 256], [0, 55], [0, 51], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + + #$word = "hashcat"; + #$salt = decode_base64 ("c2FsdHNhbHQ="); + + my $salt_b64 = encode_base64 ($salt, ""); + + my $digest = uc (sha256_hex ( uc (sha256_hex ($word)) . $salt)); + + my $hash = sprintf ("%s:%s", $digest, $salt_b64); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my ($digest, $salt, $word) = split (':', $line); + + return unless defined $digest; + return unless defined $salt; + return unless defined $word; + + my $salt_b64 = decode_base64 ($salt); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt_b64); + + return ($new_hash, $word); +} + +1;