From 8548af5e79e3061c790eb9600ee378a7a691c8a8 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 16 Jun 2021 12:13:04 +0200 Subject: [PATCH] Fixed false negative in hash-mode 15900 (DPAPI masterkey file v2) if password was longer than 64 characters. Bug was also present in SHA512 based TC and VC kernels, but had no effect because maximum password length is 64. --- OpenCL/m06221-pure.cl | 2 +- OpenCL/m06222-pure.cl | 2 +- OpenCL/m06223-pure.cl | 2 +- OpenCL/m13721-pure.cl | 2 +- OpenCL/m13722-pure.cl | 2 +- OpenCL/m13723-pure.cl | 2 +- OpenCL/m15900-pure.cl | 2 +- docs/changes.txt | 1 + 8 files changed, 8 insertions(+), 7 deletions(-) diff --git a/OpenCL/m06221-pure.cl b/OpenCL/m06221-pure.cl index fbd139fe0..6e0027b2e 100644 --- a/OpenCL/m06221-pure.cl +++ b/OpenCL/m06221-pure.cl @@ -228,7 +228,7 @@ KERNEL_FQ void m06221_init (KERN_ATTR_TMPS_ESALT (tc64_tmp_t, tc_t)) sha512_hmac_ctx_t sha512_hmac_ctx; - sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w5, w5, w6, w7); + sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w4, w5, w6, w7); tmps[gid].ipad[0] = sha512_hmac_ctx.ipad.h[0]; tmps[gid].ipad[1] = sha512_hmac_ctx.ipad.h[1]; diff --git a/OpenCL/m06222-pure.cl b/OpenCL/m06222-pure.cl index 78bd93c9b..7333d397f 100644 --- a/OpenCL/m06222-pure.cl +++ b/OpenCL/m06222-pure.cl @@ -228,7 +228,7 @@ KERNEL_FQ void m06222_init (KERN_ATTR_TMPS_ESALT (tc64_tmp_t, tc_t)) sha512_hmac_ctx_t sha512_hmac_ctx; - sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w5, w5, w6, w7); + sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w4, w5, w6, w7); tmps[gid].ipad[0] = sha512_hmac_ctx.ipad.h[0]; tmps[gid].ipad[1] = sha512_hmac_ctx.ipad.h[1]; diff --git a/OpenCL/m06223-pure.cl b/OpenCL/m06223-pure.cl index fc1312acb..77069c25f 100644 --- a/OpenCL/m06223-pure.cl +++ b/OpenCL/m06223-pure.cl @@ -228,7 +228,7 @@ KERNEL_FQ void m06223_init (KERN_ATTR_TMPS_ESALT (tc64_tmp_t, tc_t)) sha512_hmac_ctx_t sha512_hmac_ctx; - sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w5, w5, w6, w7); + sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w4, w5, w6, w7); tmps[gid].ipad[0] = sha512_hmac_ctx.ipad.h[0]; tmps[gid].ipad[1] = sha512_hmac_ctx.ipad.h[1]; diff --git a/OpenCL/m13721-pure.cl b/OpenCL/m13721-pure.cl index 4e9c3edaf..8f02851fc 100644 --- a/OpenCL/m13721-pure.cl +++ b/OpenCL/m13721-pure.cl @@ -270,7 +270,7 @@ KERNEL_FQ void m13721_init (KERN_ATTR_TMPS_ESALT (vc64_tmp_t, vc_t)) sha512_hmac_ctx_t sha512_hmac_ctx; - sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w5, w5, w6, w7); + sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w4, w5, w6, w7); tmps[gid].ipad[0] = sha512_hmac_ctx.ipad.h[0]; tmps[gid].ipad[1] = sha512_hmac_ctx.ipad.h[1]; diff --git a/OpenCL/m13722-pure.cl b/OpenCL/m13722-pure.cl index f7cbbb83e..27ea184db 100644 --- a/OpenCL/m13722-pure.cl +++ b/OpenCL/m13722-pure.cl @@ -321,7 +321,7 @@ KERNEL_FQ void m13722_init (KERN_ATTR_TMPS_ESALT (vc64_tmp_t, vc_t)) sha512_hmac_ctx_t sha512_hmac_ctx; - sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w5, w5, w6, w7); + sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w4, w5, w6, w7); tmps[gid].ipad[0] = sha512_hmac_ctx.ipad.h[0]; tmps[gid].ipad[1] = sha512_hmac_ctx.ipad.h[1]; diff --git a/OpenCL/m13723-pure.cl b/OpenCL/m13723-pure.cl index 382d67be9..d906d17d7 100644 --- a/OpenCL/m13723-pure.cl +++ b/OpenCL/m13723-pure.cl @@ -386,7 +386,7 @@ KERNEL_FQ void m13723_init (KERN_ATTR_TMPS_ESALT (vc64_tmp_t, vc_t)) sha512_hmac_ctx_t sha512_hmac_ctx; - sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w5, w5, w6, w7); + sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w4, w5, w6, w7); tmps[gid].ipad[0] = sha512_hmac_ctx.ipad.h[0]; tmps[gid].ipad[1] = sha512_hmac_ctx.ipad.h[1]; diff --git a/OpenCL/m15900-pure.cl b/OpenCL/m15900-pure.cl index c44a61149..78caf5fd7 100644 --- a/OpenCL/m15900-pure.cl +++ b/OpenCL/m15900-pure.cl @@ -255,7 +255,7 @@ KERNEL_FQ void m15900_init (KERN_ATTR_TMPS_ESALT (dpapimk_tmp_v2_t, dpapimk_t)) sha512_hmac_ctx_t sha512_hmac_ctx; - sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w5, w5, w6, w7); + sha512_hmac_init_128 (&sha512_hmac_ctx, w0, w1, w2, w3, w4, w5, w6, w7); tmps[gid].ipad64[0] = sha512_hmac_ctx.ipad.h[0]; tmps[gid].ipad64[1] = sha512_hmac_ctx.ipad.h[1]; diff --git a/docs/changes.txt b/docs/changes.txt index 48e1ca44d..ce298a695 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -5,6 +5,7 @@ ## - Fixed 'E' rule in pure kernel mode which was ignoring letters that are in positions that are multiples of 4 +- Fixed false negative in hash-mode 15900 (DPAPI masterkey file v2) if password was longer than 64 characters ## ## Improvements