Move 198xx DiskCryptor to 200xx to not collide with Kerberos 5, etype 17, Pre-Auth

OpenCL/m19800-pure.cl

@@ -380,11 +380,12 @@ KERNEL_FQ void m19800_comp (KERN_ATTR_TMPS_ESALT (krb5pa_17_tmp_t, krb5pa_17_t))
 
   aes128_set_encrypt_key (aes_ks, aes_key, s_te0, s_te1, s_te2, s_te3);
 
-  u32 key_bytes[4];
-
   u32 out[4];
+
   aes128_encrypt_cbc (aes_ks, aes_iv, nfolded, out, s_te0, s_te1, s_te2, s_te3, s_te4);
 
+  u32 key_bytes[4];
+
   key_bytes[0] = hc_swap32_S (out[0]);
   key_bytes[1] = hc_swap32_S (out[1]);
   key_bytes[2] = hc_swap32_S (out[2]);
@@ -443,8 +444,8 @@ KERNEL_FQ void m19800_comp (KERN_ATTR_TMPS_ESALT (krb5pa_17_tmp_t, krb5pa_17_t))
   AES128_set_decrypt_key (aes_cts_decrypt_ks, ke, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3);
 
   // Our first decryption is the last block (currently in c_n-1) using the first portion of (c_n) as our IV, this allows us to get plaintext in one crypto operation
-  aes_iv[0] = esalt_bufs[digests_offset].enc_timestamp[8];
-  aes_iv[1] = esalt_bufs[digests_offset].enc_timestamp[9];
+  aes_iv[0] = esalt_bufs[digests_offset].enc_timestamp[ 8];
+  aes_iv[1] = esalt_bufs[digests_offset].enc_timestamp[ 9];
   aes_iv[2] = esalt_bufs[digests_offset].enc_timestamp[10];
   aes_iv[3] = esalt_bufs[digests_offset].enc_timestamp[11];
 
@@ -471,6 +472,7 @@ KERNEL_FQ void m19800_comp (KERN_ATTR_TMPS_ESALT (krb5pa_17_tmp_t, krb5pa_17_t))
 
     // New c_1,  join c_n with result of the decrypted c_n-1
     int last_block_iter;
+
     for (last_block_iter = 4; last_block_iter < 8; last_block_iter++)
     {
       if (last_word_position > last_block_iter + 4)
@@ -599,16 +601,17 @@ KERNEL_FQ void m19800_comp (KERN_ATTR_TMPS_ESALT (krb5pa_17_tmp_t, krb5pa_17_t))
 
     sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, enc_timestamp_len);
 
-    sha1_hmac_final(&sha1_hmac_ctx);
+    sha1_hmac_final (&sha1_hmac_ctx);
 
     // Compare checksum
-    if(sha1_hmac_ctx.opad.h[0] == esalt_bufs[digests_offset].checksum[0]
-    && sha1_hmac_ctx.opad.h[1] == esalt_bufs[digests_offset].checksum[1]
-    && sha1_hmac_ctx.opad.h[2] == esalt_bufs[digests_offset].checksum[2])
+    if ((sha1_hmac_ctx.opad.h[0] == esalt_bufs[digests_offset].checksum[0])
+     && (sha1_hmac_ctx.opad.h[1] == esalt_bufs[digests_offset].checksum[1])
+     && (sha1_hmac_ctx.opad.h[2] == esalt_bufs[digests_offset].checksum[2]))
     {
       if (atomic_inc (&hashes_shown[digests_offset]) == 0)
       {
         #define il_pos 0
+
         mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0);
       }
     }

OpenCL/m19900-pure.cl

@@ -197,6 +197,7 @@ KERNEL_FQ void m19900_loop (KERN_ATTR_TMPS_ESALT (krb5pa_18_tmp_t, krb5pa_18_t))
   /**
    * base
    */
+
   const u64 gid = get_global_id (0);
 
   if ((gid * VECT_SIZE) >= gid_max) return;
@@ -384,11 +385,12 @@ KERNEL_FQ void m19900_comp (KERN_ATTR_TMPS_ESALT (krb5pa_18_tmp_t, krb5pa_18_t))
 
   aes256_set_encrypt_key (aes_ks, aes_key, s_te0, s_te1, s_te2, s_te3);
 
-  u32 key_bytes[8];
-
   u32 out[4];
+
   aes256_encrypt_cbc (aes_ks, aes_iv, nfolded, out, s_te0, s_te1, s_te2, s_te3, s_te4);
 
+  u32 key_bytes[8];
+
   key_bytes[0] = hc_swap32_S (out[0]);
   key_bytes[1] = hc_swap32_S (out[1]);
   key_bytes[2] = hc_swap32_S (out[2]);
@@ -499,6 +501,7 @@ KERNEL_FQ void m19900_comp (KERN_ATTR_TMPS_ESALT (krb5pa_18_tmp_t, krb5pa_18_t))
 
     // New c_1,  join c_n with result of the decrypted c_n-1
     int last_block_iter;
+
     for (last_block_iter = 4; last_block_iter < 8; last_block_iter++)
     {
       if (last_word_position > last_block_iter + 4)
@@ -530,8 +533,8 @@ KERNEL_FQ void m19900_comp (KERN_ATTR_TMPS_ESALT (krb5pa_18_tmp_t, krb5pa_18_t))
     }
 
     // c_2 aka c_n which is now equal to the old c_n-1
-    enc_blocks[8] = esalt_bufs[digests_offset].enc_timestamp[4];
-    enc_blocks[9] = esalt_bufs[digests_offset].enc_timestamp[5];
+    enc_blocks[ 8] = esalt_bufs[digests_offset].enc_timestamp[4];
+    enc_blocks[ 9] = esalt_bufs[digests_offset].enc_timestamp[5];
     enc_blocks[10] = esalt_bufs[digests_offset].enc_timestamp[6];
     enc_blocks[11] = esalt_bufs[digests_offset].enc_timestamp[7];
 
@@ -541,7 +544,7 @@ KERNEL_FQ void m19900_comp (KERN_ATTR_TMPS_ESALT (krb5pa_18_tmp_t, krb5pa_18_t))
     aes_iv[2] = 0;
     aes_iv[3] = 0;
 
-    aes256_decrypt_cbc (aes_cts_decrypt_ks, enc_blocks, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4);
+    aes256_decrypt_cbc (aes_cts_decrypt_ks, enc_blocks + 0, decrypted_block, aes_iv, s_td0, s_td1, s_td2, s_td3, s_td4);
 
     w0[0] = hc_swap32_S (decrypted_block[0]);
     w0[1] = hc_swap32_S (decrypted_block[1]);
@@ -640,16 +643,17 @@ KERNEL_FQ void m19900_comp (KERN_ATTR_TMPS_ESALT (krb5pa_18_tmp_t, krb5pa_18_t))
 
     sha1_hmac_update_64 (&sha1_hmac_ctx, w0, w1, w2, w3, enc_timestamp_len);
 
-    sha1_hmac_final(&sha1_hmac_ctx);
+    sha1_hmac_final (&sha1_hmac_ctx);
 
     // Compare checksum
-    if(sha1_hmac_ctx.opad.h[0] == esalt_bufs[digests_offset].checksum[0]
-    && sha1_hmac_ctx.opad.h[1] == esalt_bufs[digests_offset].checksum[1]
-    && sha1_hmac_ctx.opad.h[2] == esalt_bufs[digests_offset].checksum[2])
+    if ((sha1_hmac_ctx.opad.h[0] == esalt_bufs[digests_offset].checksum[0])
+     && (sha1_hmac_ctx.opad.h[1] == esalt_bufs[digests_offset].checksum[1])
+     && (sha1_hmac_ctx.opad.h[2] == esalt_bufs[digests_offset].checksum[2]))
     {
       if (atomic_inc (&hashes_shown[digests_offset]) == 0)
       {
         #define il_pos 0
+
         mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0);
       }
     }

OpenCL/m20011-pure.cl

@@ -91,7 +91,7 @@ DECLSPEC void hmac_sha512_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *w
   sha512_transform_vector (w0, w1, w2, w3, w4, w5, w6, w7, digest);
 }
 
-KERNEL_FQ void m19811_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20011_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   /**
    * base
@@ -195,7 +195,7 @@ KERNEL_FQ void m19811_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcrypt
   }
 }
 
-KERNEL_FQ void m19811_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20011_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   const u64 gid = get_global_id (0);
 
@@ -321,7 +321,7 @@ KERNEL_FQ void m19811_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcrypt
   }
 }
 
-KERNEL_FQ void m19811_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20011_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   const u64 gid = get_global_id (0);
   const u64 lid = get_local_id (0);

OpenCL/m20012-pure.cl

@@ -91,7 +91,7 @@ DECLSPEC void hmac_sha512_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *w
   sha512_transform_vector (w0, w1, w2, w3, w4, w5, w6, w7, digest);
 }
 
-KERNEL_FQ void m19812_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20012_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   /**
    * base
@@ -195,7 +195,7 @@ KERNEL_FQ void m19812_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcrypt
   }
 }
 
-KERNEL_FQ void m19812_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20012_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   const u64 gid = get_global_id (0);
 
@@ -321,7 +321,7 @@ KERNEL_FQ void m19812_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcrypt
   }
 }
 
-KERNEL_FQ void m19812_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20012_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   const u64 gid = get_global_id (0);
   const u64 lid = get_local_id (0);

OpenCL/m20013-pure.cl

@@ -91,7 +91,7 @@ DECLSPEC void hmac_sha512_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *w
   sha512_transform_vector (w0, w1, w2, w3, w4, w5, w6, w7, digest);
 }
 
-KERNEL_FQ void m19813_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20013_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   /**
    * base
@@ -195,7 +195,7 @@ KERNEL_FQ void m19813_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcrypt
   }
 }
 
-KERNEL_FQ void m19813_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20013_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   const u64 gid = get_global_id (0);
 
@@ -321,7 +321,7 @@ KERNEL_FQ void m19813_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcrypt
   }
 }
 
-KERNEL_FQ void m19813_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
+KERNEL_FQ void m20013_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, diskcryptor_esalt_t))
 {
   const u64 gid = get_global_id (0);
   const u64 lid = get_local_id (0);

docs/changes.txt

@@ -21,6 +21,8 @@
 - Added hash-mode: QNX /etc/shadow (SHA512)
 - Added hash-mode: Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96)
 - Added hash-mode: Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96)
+- Added hash-mode: Kerberos 5 Pre-Auth etype 17 (AES128-CTS-HMAC-SHA1-96)
+- Added hash-mode: Kerberos 5 Pre-Auth etype 18 (AES256-CTS-HMAC-SHA1-96)
 - Added hash-mode: sha1(md5(md5($pass)))
 - Added hash-mode: sha1($salt1.$pass.$salt2)
 - Added hash-mode: Ruby on Rails Restful-Authentication

docs/readme.txt

@@ -123,12 +123,15 @@ NVIDIA GPUs require "NVIDIA Driver" (418.56 or later)
 - NetNTLMv2
 - IPMI2 RAKP HMAC-SHA1
 - Kerberos 5 AS-REQ Pre-Auth etype 23            
+- Kerberos 5 AS-REP etype 23                     
+- Kerberos 5 TGS-REP etype 23 (RC4-HMAC-MD5)       
+- Kerberos 5 Pre-Auth etype 17/18 (AES128-CTS-HMAC-SHA1-96)
+- Kerberos 5 TGS-REP etype 17/18 (AES128-CTS-HMAC-SHA1-96)
 - DNSSEC (NSEC3)
 - CRAM-MD5
 - PostgreSQL CRAM (MD5)
 - MySQL CRAM (SHA1)
 - SIP digest authentication (MD5)
-- Kerberos 5 TGS-REP etype 23
 - TACACS+
 - JWT (JSON Web Token)
 - SMF (Simple Machines Forum) > v1.1
@@ -266,7 +269,6 @@ NVIDIA GPUs require "NVIDIA Driver" (418.56 or later)
 - Ethereum Wallet, SCRYPT
 - Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256
 - Ansible Vault
-- Kerberos 5 AS-REP etype 23
 - Plaintext
 
 ##

src/modules/module_07500.c

@@ -17,7 +17,7 @@ static const u32   DGST_POS2      = 2;
 static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_NETWORK_PROTOCOL;
-static const char *HASH_NAME      = "Kerberos 5 AS-REQ Pre-Auth etype 23";
+static const char *HASH_NAME      = "Kerberos 5, etype 23, AS-REQ Pre-Auth";
 static const u64   KERN_TYPE      = 7500;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_NOT_ITERATED;

src/modules/module_13100.c

@@ -17,7 +17,7 @@ static const u32   DGST_POS2      = 2;
 static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_NETWORK_PROTOCOL;
-static const char *HASH_NAME      = "Kerberos 5 TGS-REP etype 23 (RC4-HMAC-MD5)";
+static const char *HASH_NAME      = "Kerberos 5, etype 23, TGS-REP";
 static const u64   KERN_TYPE      = 13100;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_NOT_ITERATED;

src/modules/module_18200.c

@@ -17,7 +17,7 @@ static const u32   DGST_POS2      = 2;
 static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_NETWORK_PROTOCOL;
-static const char *HASH_NAME      = "Kerberos 5 AS-REP etype 23";
+static const char *HASH_NAME      = "Kerberos 5, etype 23, AS-REP";
 static const u64   KERN_TYPE      = 18200;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_NOT_ITERATED;

src/modules/module_19600.c

@@ -17,7 +17,7 @@ static const u32   DGST_POS2      = 2;
 static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_NETWORK_PROTOCOL;
-static const char *HASH_NAME      = "Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96)";
+static const char *HASH_NAME      = "Kerberos 5, etype 17, TGS-REP";
 static const u64   KERN_TYPE      = 19600;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_NOT_ITERATED

src/modules/module_19700.c

@@ -17,7 +17,7 @@ static const u32   DGST_POS2      = 2;
 static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_NETWORK_PROTOCOL;
-static const char *HASH_NAME      = "Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96)";
+static const char *HASH_NAME      = "Kerberos 5, etype 18, TGS-REP";
 static const u64   KERN_TYPE      = 19700;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_NOT_ITERATED

src/modules/module_19800.c

@@ -17,7 +17,7 @@ static const u32   DGST_POS2      = 2;
 static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_NETWORK_PROTOCOL;
-static const char *HASH_NAME      = "Kerberos 5 Pre-Auth etype 17 (AES128-CTS-HMAC-SHA1-96)";
+static const char *HASH_NAME      = "Kerberos 5, etype 17, Pre-Auth";
 static const u64   KERN_TYPE      = 19800;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_NOT_ITERATED

src/modules/module_19900.c

@@ -17,7 +17,7 @@ static const u32   DGST_POS2      = 2;
 static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_NETWORK_PROTOCOL;
-static const char *HASH_NAME      = "Kerberos 5 Pre-Auth etype 18 (AES256-CTS-HMAC-SHA1-96)";
+static const char *HASH_NAME      = "Kerberos 5, etype 18, Pre-Auth";
 static const u64   KERN_TYPE      = 19900;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_NOT_ITERATED

src/modules/module_20011.c

@@ -18,7 +18,7 @@ static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_FDE;
 static const char *HASH_NAME      = "DiskCryptor SHA512 + XTS 512 bit";
-static const u64   KERN_TYPE      = 19811;
+static const u64   KERN_TYPE      = 20011;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_USES_BITS_64
                                   | OPTI_TYPE_SLOW_HASH_SIMD_LOOP;

src/modules/module_20012.c

@@ -18,7 +18,7 @@ static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_FDE;
 static const char *HASH_NAME      = "DiskCryptor SHA512 + XTS 1024 bit";
-static const u64   KERN_TYPE      = 19812;
+static const u64   KERN_TYPE      = 20012;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_USES_BITS_64
                                   | OPTI_TYPE_SLOW_HASH_SIMD_LOOP;

src/modules/module_20013.c

@@ -18,7 +18,7 @@ static const u32   DGST_POS3      = 3;
 static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_FDE;
 static const char *HASH_NAME      = "DiskCryptor SHA512 + XTS 1536 bit";
-static const u64   KERN_TYPE      = 19813;
+static const u64   KERN_TYPE      = 20013;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
                                   | OPTI_TYPE_USES_BITS_64
                                   | OPTI_TYPE_SLOW_HASH_SIMD_LOOP;