diff --git a/OpenCL/inc_cipher_aes256.cl b/OpenCL/inc_cipher_aes256.cl index 47a8d2297..bc48e67cb 100644 --- a/OpenCL/inc_cipher_aes256.cl +++ b/OpenCL/inc_cipher_aes256.cl @@ -1008,32 +1008,3 @@ static void aes256_encrypt (const u32 *ks, const u32 *in, u32 *out) out[2] = swap32 (out[2]); out[3] = swap32 (out[3]); } - -static void aes256_decrypt_xts (const u32 *ukey1, const u32 *ukey2, const u32 *in, u32 *out) -{ - u32 T[4] = { 0 }; - u32 Z[4] = { 0 }; - - out[0] = in[0]; - out[1] = in[1]; - out[2] = in[2]; - out[3] = in[3]; - - u32 ks[60]; - - aes256_set_encrypt_key (ks, ukey2); - aes256_encrypt (ks, Z, T); - - out[0] ^= T[0]; - out[1] ^= T[1]; - out[2] ^= T[2]; - out[3] ^= T[3]; - - aes256_set_decrypt_key (ks, ukey1); - aes256_decrypt (ks, out, out); - - out[0] ^= T[0]; - out[1] ^= T[1]; - out[2] ^= T[2]; - out[3] ^= T[3]; -} diff --git a/OpenCL/inc_cipher_serpent256.cl b/OpenCL/inc_cipher_serpent256.cl index 6d2ec6d0b..41d01fc14 100644 --- a/OpenCL/inc_cipher_serpent256.cl +++ b/OpenCL/inc_cipher_serpent256.cl @@ -556,32 +556,3 @@ static void serpent256_decrypt (const u32 *ks, const u32 *in, u32 *out) out[2] = c; out[3] = d; } - -static void serpent256_decrypt_xts (const u32 *ukey1, const u32 *ukey2, const u32 *in, u32 *out) -{ - u32 T[4] = { 0 }; - u32 Z[4] = { 0 }; - - out[0] = in[0]; - out[1] = in[1]; - out[2] = in[2]; - out[3] = in[3]; - - u32 ks[140]; - - serpent256_set_key (ks, ukey2); - serpent256_encrypt (ks, Z, T); - - out[0] ^= T[0]; - out[1] ^= T[1]; - out[2] ^= T[2]; - out[3] ^= T[3]; - - serpent256_set_key (ks, ukey1); - serpent256_decrypt (ks, out, out); - - out[0] ^= T[0]; - out[1] ^= T[1]; - out[2] ^= T[2]; - out[3] ^= T[3]; -} diff --git a/OpenCL/inc_cipher_twofish256.cl b/OpenCL/inc_cipher_twofish256.cl index bd264d478..7fe532d9a 100644 --- a/OpenCL/inc_cipher_twofish256.cl +++ b/OpenCL/inc_cipher_twofish256.cl @@ -435,32 +435,3 @@ static void twofish256_decrypt (const u32 *sk, const u32 *lk, const u32 *in, u32 out[2] = data[0] ^ lk[2]; out[3] = data[1] ^ lk[3]; } - -static void twofish256_decrypt_xts (const u32 *ukey1, const u32 *ukey2, const u32 *in, u32 *out) -{ - u32 T[4] = { 0 }; - u32 Z[4] = { 0 }; - - out[0] = in[0]; - out[1] = in[1]; - out[2] = in[2]; - out[3] = in[3]; - - u32 sk[4]; u32 lk[40]; - - twofish256_set_key (sk, lk, ukey2); - twofish256_encrypt (sk, lk, Z, T); - - out[0] ^= T[0]; - out[1] ^= T[1]; - out[2] ^= T[2]; - out[3] ^= T[3]; - - twofish256_set_key (sk, lk, ukey1); - twofish256_decrypt (sk, lk, out, out); - - out[0] ^= T[0]; - out[1] ^= T[1]; - out[2] ^= T[2]; - out[3] ^= T[3]; -} diff --git a/OpenCL/inc_truecrypt_crc32.cl b/OpenCL/inc_truecrypt_crc32.cl new file mode 100644 index 000000000..4095de919 --- /dev/null +++ b/OpenCL/inc_truecrypt_crc32.cl @@ -0,0 +1,92 @@ +__constant u32 crc32tab[0x100] = +{ + 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, + 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, + 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, + 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, + 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, + 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, + 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, + 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, + 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, + 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, + 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, + 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, + 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, + 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, + 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, + 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, + 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, + 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, + 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, + 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, + 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, + 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, + 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, + 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, + 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, + 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, + 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, + 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, + 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, + 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, + 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, + 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, + 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, + 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, + 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, + 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, + 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, + 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, + 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, + 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, + 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, + 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, + 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, + 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, + 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, + 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, + 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, + 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, + 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, + 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, + 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, + 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, + 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, + 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, + 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, + 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, + 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, + 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, + 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, + 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, + 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, + 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, + 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, + 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d +}; + +static u32 round_crc32 (u32 a, const u32 v) +{ + const u32 k = (a ^ v) & 0xff; + + const u32 s = a >> 8; + + a = crc32tab[k]; + + a ^= s; + + return a; +} + +static u32 round_crc32_4 (const u32 w, const u32 iv) +{ + u32 a = iv; + + a = round_crc32 (a, w >> 0); + a = round_crc32 (a, w >> 8); + a = round_crc32 (a, w >> 16); + a = round_crc32 (a, w >> 24); + + return a; +} diff --git a/OpenCL/inc_truecrypt_xts.cl b/OpenCL/inc_truecrypt_xts.cl new file mode 100644 index 000000000..337a60259 --- /dev/null +++ b/OpenCL/inc_truecrypt_xts.cl @@ -0,0 +1,649 @@ +static void xts_mul2 (u32 *in, u32 *out) +{ + const u32 c = in[3] >> 31; + + out[3] = (in[3] << 1) | (in[2] >> 31); + out[2] = (in[2] << 1) | (in[1] >> 31); + out[1] = (in[1] << 1) | (in[0] >> 31); + out[0] = (in[0] << 1); + + out[0] ^= c * 0x87; +} + +static void aes256_decrypt_xts_first (const u32 *ukey1, const u32 *ukey2, const u32 *in, u32 *out, u32 *S, u32 *T, u32 *ks) +{ + out[0] = in[0]; + out[1] = in[1]; + out[2] = in[2]; + out[3] = in[3]; + + aes256_set_encrypt_key (ks, ukey2); + aes256_encrypt (ks, S, T); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; + + aes256_set_decrypt_key (ks, ukey1); + aes256_decrypt (ks, out, out); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; +} + +static void aes256_decrypt_xts_next (const u32 *in, u32 *out, u32 *T, u32 *ks) +{ + out[0] = in[0]; + out[1] = in[1]; + out[2] = in[2]; + out[3] = in[3]; + + xts_mul2 (T, T); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; + + aes256_decrypt (ks, out, out); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; +} + +static void serpent256_decrypt_xts_first (const u32 *ukey1, const u32 *ukey2, const u32 *in, u32 *out, u32 *S, u32 *T, u32 *ks) +{ + out[0] = in[0]; + out[1] = in[1]; + out[2] = in[2]; + out[3] = in[3]; + + serpent256_set_key (ks, ukey2); + serpent256_encrypt (ks, S, T); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; + + serpent256_set_key (ks, ukey1); + serpent256_decrypt (ks, out, out); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; +} + +static void serpent256_decrypt_xts_next (const u32 *in, u32 *out, u32 *T, u32 *ks) +{ + out[0] = in[0]; + out[1] = in[1]; + out[2] = in[2]; + out[3] = in[3]; + + xts_mul2 (T, T); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; + + serpent256_decrypt (ks, out, out); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; +} + +static void twofish256_decrypt_xts_first (const u32 *ukey1, const u32 *ukey2, const u32 *in, u32 *out, u32 *S, u32 *T, u32 *sk, u32 *lk) +{ + out[0] = in[0]; + out[1] = in[1]; + out[2] = in[2]; + out[3] = in[3]; + + twofish256_set_key (sk, lk, ukey2); + twofish256_encrypt (sk, lk, S, T); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; + + twofish256_set_key (sk, lk, ukey1); + twofish256_decrypt (sk, lk, out, out); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; +} + +static void twofish256_decrypt_xts_next (const u32 *in, u32 *out, u32 *T, u32 *sk, u32 *lk) +{ + out[0] = in[0]; + out[1] = in[1]; + out[2] = in[2]; + out[3] = in[3]; + + xts_mul2 (T, T); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; + + twofish256_decrypt (sk, lk, out, out); + + out[0] ^= T[0]; + out[1] ^= T[1]; + out[2] ^= T[2]; + out[3] ^= T[3]; +} + +// 512 bit + +static int verify_header_aes (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2) +{ + u32 ks_aes[60]; + + u32 S[4] = { 0 }; + + u32 T_aes[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + aes256_decrypt_xts_first (ukey1, ukey2, data, tmp, S, T_aes, ks_aes); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_aes, T_aes); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + aes256_decrypt_xts_next (data, tmp, T_aes, ks_aes); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} + +static int verify_header_serpent (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2) +{ + u32 ks_serpent[140]; + + u32 S[4] = { 0 }; + + u32 T_serpent[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + serpent256_decrypt_xts_first (ukey1, ukey2, data, tmp, S, T_serpent, ks_serpent); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_serpent, T_serpent); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + serpent256_decrypt_xts_next (data, tmp, T_serpent, ks_serpent); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} + +static int verify_header_twofish (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2) +{ + u32 sk_twofish[4]; + u32 lk_twofish[40]; + + u32 S[4] = { 0 }; + + u32 T_twofish[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + twofish256_decrypt_xts_first (ukey1, ukey2, data, tmp, S, T_twofish, sk_twofish, lk_twofish); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_twofish, T_twofish); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + twofish256_decrypt_xts_next (data, tmp, T_twofish, sk_twofish, lk_twofish); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} + +// 1024 bit + +static int verify_header_aes_twofish (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2, const u32 *ukey3, const u32 *ukey4) +{ + u32 ks_aes[60]; + + u32 sk_twofish[4]; + u32 lk_twofish[40]; + + u32 S[4] = { 0 }; + + u32 T_aes[4] = { 0 }; + u32 T_twofish[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + aes256_decrypt_xts_first (ukey2, ukey4, data, tmp, S, T_aes, ks_aes); + twofish256_decrypt_xts_first (ukey1, ukey3, tmp, tmp, S, T_twofish, sk_twofish, lk_twofish); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_aes, T_aes); + xts_mul2 (T_twofish, T_twofish); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + aes256_decrypt_xts_next (data, tmp, T_aes, ks_aes); + twofish256_decrypt_xts_next (tmp, tmp, T_twofish, sk_twofish, lk_twofish); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} + +static int verify_header_serpent_aes (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2, const u32 *ukey3, const u32 *ukey4) +{ + u32 ks_serpent[140]; + u32 ks_aes[60]; + + u32 S[4] = { 0 }; + + u32 T_serpent[4] = { 0 }; + u32 T_aes[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + serpent256_decrypt_xts_first (ukey2, ukey4, data, tmp, S, T_serpent, ks_serpent); + aes256_decrypt_xts_first (ukey1, ukey3, tmp, tmp, S, T_aes, ks_aes); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_serpent, T_serpent); + xts_mul2 (T_aes, T_aes); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + serpent256_decrypt_xts_next (data, tmp, T_serpent, ks_serpent); + aes256_decrypt_xts_next (tmp, tmp, T_aes, ks_aes); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} + +static int verify_header_twofish_serpent (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2, const u32 *ukey3, const u32 *ukey4) +{ + u32 sk_twofish[4]; + u32 lk_twofish[40]; + + u32 ks_serpent[140]; + + u32 S[4] = { 0 }; + + u32 T_twofish[4] = { 0 }; + u32 T_serpent[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + twofish256_decrypt_xts_first (ukey2, ukey4, data, tmp, S, T_twofish, sk_twofish, lk_twofish); + serpent256_decrypt_xts_first (ukey1, ukey3, tmp, tmp, S, T_serpent, ks_serpent); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_twofish, T_twofish); + xts_mul2 (T_serpent, T_serpent); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + twofish256_decrypt_xts_next (data, tmp, T_twofish, sk_twofish, lk_twofish); + serpent256_decrypt_xts_next (tmp, tmp, T_serpent, ks_serpent); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} + +// 1536 bit + +static int verify_header_aes_twofish_serpent (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2, const u32 *ukey3, const u32 *ukey4, const u32 *ukey5, const u32 *ukey6) +{ + u32 ks_aes[60]; + + u32 sk_twofish[4]; + u32 lk_twofish[40]; + + u32 ks_serpent[140]; + + u32 S[4] = { 0 }; + + u32 T_aes[4] = { 0 }; + u32 T_twofish[4] = { 0 }; + u32 T_serpent[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + aes256_decrypt_xts_first (ukey3, ukey6, data, tmp, S, T_aes, ks_aes); + twofish256_decrypt_xts_first (ukey2, ukey5, tmp, tmp, S, T_twofish, sk_twofish, lk_twofish); + serpent256_decrypt_xts_first (ukey1, ukey4, tmp, tmp, S, T_serpent, ks_serpent); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_aes, T_aes); + xts_mul2 (T_twofish, T_twofish); + xts_mul2 (T_serpent, T_serpent); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + aes256_decrypt_xts_next (data, tmp, T_aes, ks_aes); + twofish256_decrypt_xts_next (tmp, tmp, T_twofish, sk_twofish, lk_twofish); + serpent256_decrypt_xts_next (tmp, tmp, T_serpent, ks_serpent); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} + +static int verify_header_serpent_twofish_aes (__global tc_t *esalt_bufs, const u32 *ukey1, const u32 *ukey2, const u32 *ukey3, const u32 *ukey4, const u32 *ukey5, const u32 *ukey6) +{ + u32 ks_serpent[140]; + + u32 sk_twofish[4]; + u32 lk_twofish[40]; + + u32 ks_aes[60]; + + u32 S[4] = { 0 }; + + u32 T_serpent[4] = { 0 }; + u32 T_twofish[4] = { 0 }; + u32 T_aes[4] = { 0 }; + + u32 data[4]; + + data[0] = esalt_bufs[0].data_buf[0]; + data[1] = esalt_bufs[0].data_buf[1]; + data[2] = esalt_bufs[0].data_buf[2]; + data[3] = esalt_bufs[0].data_buf[3]; + + u32 tmp[4]; + + serpent256_decrypt_xts_first (ukey3, ukey6, data, tmp, S, T_serpent, ks_serpent); + twofish256_decrypt_xts_first (ukey2, ukey5, tmp, tmp, S, T_twofish, sk_twofish, lk_twofish); + aes256_decrypt_xts_first (ukey1, ukey4, tmp, tmp, S, T_aes, ks_aes); + + const u32 signature = esalt_bufs[0].signature; + + if (tmp[0] != signature) return 0; + + const u32 crc32_save = swap32 (~tmp[2]); + + // seek to byte 256 + + for (int i = 4; i < 64 - 16; i += 4) + { + xts_mul2 (T_serpent, T_serpent); + xts_mul2 (T_twofish, T_twofish); + xts_mul2 (T_aes, T_aes); + } + + // calculate crc32 from here + + u32 crc32 = ~0; + + for (int i = 64 - 16; i < 128 - 16; i += 4) + { + data[0] = esalt_bufs[0].data_buf[i + 0]; + data[1] = esalt_bufs[0].data_buf[i + 1]; + data[2] = esalt_bufs[0].data_buf[i + 2]; + data[3] = esalt_bufs[0].data_buf[i + 3]; + + serpent256_decrypt_xts_next (data, tmp, T_serpent, ks_serpent); + twofish256_decrypt_xts_next (tmp, tmp, T_twofish, sk_twofish, lk_twofish); + aes256_decrypt_xts_next (tmp, tmp, T_aes, ks_aes); + + crc32 = round_crc32_4 (tmp[0], crc32); + crc32 = round_crc32_4 (tmp[1], crc32); + crc32 = round_crc32_4 (tmp[2], crc32); + crc32 = round_crc32_4 (tmp[3], crc32); + } + + if (crc32 != crc32_save) return 0; + + return 1; +} diff --git a/OpenCL/m06211.cl b/OpenCL/m06211.cl index d532bfe23..37888a785 100644 --- a/OpenCL/m06211.cl +++ b/OpenCL/m06211.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + static void ripemd160_transform (const u32 w[16], u32 dgst[5]) { u32 a1 = dgst[0]; @@ -639,56 +642,18 @@ __kernel void m06211_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = tmps[gid].out[14]; ukey2[7] = tmps[gid].out[15]; - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/OpenCL/m06212.cl b/OpenCL/m06212.cl index 8b5dff286..f05e8585f 100644 --- a/OpenCL/m06212.cl +++ b/OpenCL/m06212.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + static void ripemd160_transform (const u32 w[16], u32 dgst[5]) { u32 a1 = dgst[0]; @@ -639,57 +642,19 @@ __kernel void m06212_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = tmps[gid].out[14]; ukey2[7] = tmps[gid].out[15]; - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -714,48 +679,18 @@ __kernel void m06212_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = tmps[gid].out[30]; ukey4[7] = tmps[gid].out[31]; + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/OpenCL/m06213.cl b/OpenCL/m06213.cl index 8ca2bcc66..e5c01905d 100644 --- a/OpenCL/m06213.cl +++ b/OpenCL/m06213.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + static void ripemd160_transform (const u32 w[16], u32 dgst[5]) { u32 a1 = dgst[0]; @@ -639,57 +642,19 @@ __kernel void m06213_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = tmps[gid].out[14]; ukey2[7] = tmps[gid].out[15]; - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -718,49 +683,19 @@ __kernel void m06213_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = tmps[gid].out[30]; ukey4[7] = tmps[gid].out[31]; + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } #if defined (IS_APPLE) && defined (IS_GPU) @@ -793,36 +728,13 @@ __kernel void m06213_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey6[6] = tmps[gid].out[46]; ukey6[7] = tmps[gid].out[47]; + if (verify_header_aes_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_twofish_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } - diff --git a/OpenCL/m06221.cl b/OpenCL/m06221.cl index 48d5f908c..acb228bb6 100644 --- a/OpenCL/m06221.cl +++ b/OpenCL/m06221.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + __constant u64 k_sha512[80] = { SHA512C00, SHA512C01, SHA512C02, SHA512C03, @@ -547,57 +550,18 @@ __kernel void m06221_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (h32_from_64 (tmps[gid].out[ 7])); ukey2[7] = swap32 (l32_from_64 (tmps[gid].out[ 7])); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } - diff --git a/OpenCL/m06222.cl b/OpenCL/m06222.cl index d4095d561..7966bc729 100644 --- a/OpenCL/m06222.cl +++ b/OpenCL/m06222.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + __constant u64 k_sha512[80] = { SHA512C00, SHA512C01, SHA512C02, SHA512C03, @@ -547,57 +550,19 @@ __kernel void m06222_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (h32_from_64 (tmps[gid].out[ 7])); ukey2[7] = swap32 (l32_from_64 (tmps[gid].out[ 7])); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -622,49 +587,18 @@ __kernel void m06222_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = swap32 (h32_from_64 (tmps[gid].out[15])); ukey4[7] = swap32 (l32_from_64 (tmps[gid].out[15])); + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } - diff --git a/OpenCL/m06223.cl b/OpenCL/m06223.cl index 9618c866a..d0be667e2 100644 --- a/OpenCL/m06223.cl +++ b/OpenCL/m06223.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + __constant u64 k_sha512[80] = { SHA512C00, SHA512C01, SHA512C02, SHA512C03, @@ -547,57 +550,19 @@ __kernel void m06223_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (h32_from_64 (tmps[gid].out[ 7])); ukey2[7] = swap32 (l32_from_64 (tmps[gid].out[ 7])); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -626,49 +591,19 @@ __kernel void m06223_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = swap32 (h32_from_64 (tmps[gid].out[15])); ukey4[7] = swap32 (l32_from_64 (tmps[gid].out[15])); + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } volatile u32 ukey5[8]; @@ -693,36 +628,13 @@ __kernel void m06223_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey6[6] = swap32 (h32_from_64 (tmps[gid].out[23])); ukey6[7] = swap32 (l32_from_64 (tmps[gid].out[23])); + if (verify_header_aes_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_twofish_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } - diff --git a/OpenCL/m06231.cl b/OpenCL/m06231.cl index 918cf699d..06a86978a 100644 --- a/OpenCL/m06231.cl +++ b/OpenCL/m06231.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + #define R 10 __constant u32 Ch[8][256] = @@ -2182,56 +2185,18 @@ __kernel void m06231_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (tmps[gid].out[14]); ukey2[7] = swap32 (tmps[gid].out[15]); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/OpenCL/m06232.cl b/OpenCL/m06232.cl index 099f9aa2b..78ca53fac 100644 --- a/OpenCL/m06232.cl +++ b/OpenCL/m06232.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + #define R 10 __constant u32 Ch[8][256] = @@ -1951,57 +1954,19 @@ __kernel void m06232_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (tmps[gid].out[14]); ukey2[7] = swap32 (tmps[gid].out[15]); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -2026,48 +1991,18 @@ __kernel void m06232_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = swap32 (tmps[gid].out[30]); ukey4[7] = swap32 (tmps[gid].out[31]); + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/OpenCL/m06233.cl b/OpenCL/m06233.cl index 1a3e05619..342bddf60 100644 --- a/OpenCL/m06233.cl +++ b/OpenCL/m06233.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + #define R 10 __constant u32 Ch[8][256] = @@ -1951,57 +1954,19 @@ __kernel void m06233_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (tmps[gid].out[14]); ukey2[7] = swap32 (tmps[gid].out[15]); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -2030,49 +1995,19 @@ __kernel void m06233_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = swap32 (tmps[gid].out[30]); ukey4[7] = swap32 (tmps[gid].out[31]); + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } #if defined (IS_APPLE) && defined (IS_GPU) @@ -2105,35 +2040,13 @@ __kernel void m06233_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey6[6] = swap32 (tmps[gid].out[46]); ukey6[7] = swap32 (tmps[gid].out[47]); + if (verify_header_aes_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_twofish_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/OpenCL/m13751.cl b/OpenCL/m13751.cl index 87504ea20..3a339b25c 100644 --- a/OpenCL/m13751.cl +++ b/OpenCL/m13751.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + __constant u32 k_sha256[64] = { SHA256C00, SHA256C01, SHA256C02, SHA256C03, @@ -610,56 +613,18 @@ __kernel void m13751_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (tmps[gid].out[14]); ukey2[7] = swap32 (tmps[gid].out[15]); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/OpenCL/m13752.cl b/OpenCL/m13752.cl index 517df9423..b49e50e92 100644 --- a/OpenCL/m13752.cl +++ b/OpenCL/m13752.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + __constant u32 k_sha256[64] = { SHA256C00, SHA256C01, SHA256C02, SHA256C03, @@ -610,57 +613,19 @@ __kernel void m13752_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (tmps[gid].out[14]); ukey2[7] = swap32 (tmps[gid].out[15]); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -685,48 +650,18 @@ __kernel void m13752_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = swap32 (tmps[gid].out[30]); ukey4[7] = swap32 (tmps[gid].out[31]); + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/OpenCL/m13753.cl b/OpenCL/m13753.cl index b40643e1c..1c3be2bf8 100644 --- a/OpenCL/m13753.cl +++ b/OpenCL/m13753.cl @@ -15,6 +15,9 @@ #include "inc_cipher_twofish256.cl" #include "inc_cipher_serpent256.cl" +#include "inc_truecrypt_crc32.cl" +#include "inc_truecrypt_xts.cl" + __constant u32 k_sha256[64] = { SHA256C00, SHA256C01, SHA256C02, SHA256C03, @@ -610,57 +613,19 @@ __kernel void m13753_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey2[6] = swap32 (tmps[gid].out[14]); ukey2[7] = swap32 (tmps[gid].out[15]); - u32 data[4]; - - data[0] = esalt_bufs[0].data_buf[0]; - data[1] = esalt_bufs[0].data_buf[1]; - data[2] = esalt_bufs[0].data_buf[2]; - data[3] = esalt_bufs[0].data_buf[3]; - - const u32 signature = esalt_bufs[0].signature; - - u32 tmp[4]; - + if (verify_header_aes (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish (esalt_bufs, ukey1, ukey2) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey1, ukey2, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey3[8]; @@ -685,49 +650,19 @@ __kernel void m13753_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey4[6] = swap32 (tmps[gid].out[30]); ukey4[7] = swap32 (tmps[gid].out[31]); + if (verify_header_aes_twofish (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey2, ukey4, tmp, tmp); - twofish256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey2, ukey4, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - twofish256_decrypt_xts (ukey2, ukey4, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey3, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } u32 ukey5[8]; @@ -752,35 +687,13 @@ __kernel void m13753_comp (__global pw_t *pws, __global const kernel_rule_t *rul ukey6[6] = swap32 (tmps[gid].out[46]); ukey6[7] = swap32 (tmps[gid].out[47]); + if (verify_header_aes_twofish_serpent (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - aes256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - serpent256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } + if (verify_header_serpent_twofish_aes (esalt_bufs, ukey1, ukey2, ukey3, ukey4, ukey5, ukey6) == 1) { - tmp[0] = data[0]; - tmp[1] = data[1]; - tmp[2] = data[2]; - tmp[3] = data[3]; - - serpent256_decrypt_xts (ukey3, ukey6, tmp, tmp); - twofish256_decrypt_xts (ukey2, ukey5, tmp, tmp); - aes256_decrypt_xts (ukey1, ukey4, tmp, tmp); - - if (((tmp[0] == signature) && (tmp[3] == 0)) || ((tmp[0] == signature) && ((tmp[1] >> 16) <= 5))) - { - mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); - } + mark_hash (plains_buf, d_return_buf, salt_pos, 0, 0, gid, 0); } } diff --git a/docs/changes.txt b/docs/changes.txt index b3e383553..c2f3e86da 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -7,6 +7,7 @@ - Files: Use $HEX[...] in case the password includes the separater character, increases potfile reading performance - New option --progress-only: Quickly provides ideal progress step size and time to process on the user hashes and selected options, then quit - Status screen: Reenabled automatic status screen display in case of stdin used +- Truecrypt/Veracrypt: Use CRC32 to verify headers instead of fuzzy logic, greatly reduces false positives from 18:2^48 to 3:2^64 - WPA cracking: Reuse PBKDF2 intermediate keys if duplicate essid is detected ##