From b25c8d9a5ac34c96b84533efe6da609598796b40 Mon Sep 17 00:00:00 2001 From: Matt Palmer Date: Thu, 23 Apr 2020 12:36:15 +1000 Subject: [PATCH 01/19] Add some more generic error messages These are almost all taken from error messages that are specific to one particular module, and turned into generic errors that can be used for any module. It seemed like a better idea to provide generic messages than to encourage infinite proliferation of error codes (which would probably end up blowing the 255 value threshold sooner or later). It doesn't seem necessary to provide module-specific error messages for things like "Invalid filesize", since users should already know what sort of file they're asking to be parsed. --- include/types.h | 4 ++++ src/shared.c | 8 ++++++++ 2 files changed, 12 insertions(+) diff --git a/include/types.h b/include/types.h index 47eff8f28..8827c9056 100644 --- a/include/types.h +++ b/include/types.h @@ -534,6 +534,10 @@ typedef enum parser_rc PARSER_TOKEN_LENGTH = -35, PARSER_INSUFFICIENT_ENTROPY = -36, PARSER_PKZIP_CT_UNMATCHED = -37, + PARSER_KEY_SIZE = -38, + PARSER_BLOCK_SIZE = -39, + PARSER_CIPHER = -40, + PARSER_FILE_SIZE = -41, PARSER_UNKNOWN_ERROR = -255 } parser_rc_t; diff --git a/src/shared.c b/src/shared.c index 05387f5e6..fd3de496f 100644 --- a/src/shared.c +++ b/src/shared.c @@ -53,6 +53,10 @@ static const char *PA_034 = "Token encoding exception"; static const char *PA_035 = "Token length exception"; static const char *PA_036 = "Insufficient entropy exception"; static const char *PA_037 = "Hash contains unsupported compression type for current mode"; +static const char *PA_038 = "Invalid key size"; +static const char *PA_039 = "Invalid block size"; +static const char *PA_040 = "Invalid or unsupported cipher"; +static const char *PA_041 = "Invalid filesize"; static const char *PA_255 = "Unknown error"; static const char *OPTI_STR_OPTIMIZED_KERNEL = "Optimized-Kernel"; @@ -1002,6 +1006,10 @@ const char *strparser (const u32 parser_status) case PARSER_TOKEN_LENGTH: return PA_035; case PARSER_INSUFFICIENT_ENTROPY: return PA_036; case PARSER_PKZIP_CT_UNMATCHED: return PA_037; + case PARSER_KEY_SIZE: return PA_038; + case PARSER_BLOCK_SIZE: return PA_039; + case PARSER_CIPHER: return PA_040; + case PARSER_FILE_SIZE: return PA_041; } return PA_255; From d1c3274965d8dc071e15d84fd32a91fe7d238577 Mon Sep 17 00:00:00 2001 From: philsmd Date: Thu, 14 May 2020 19:21:59 +0200 Subject: [PATCH 02/19] use our safe free () wrapper hcfree whenever possible --- src/hashes.c | 24 ++++++++++++------------ src/hlfmt.c | 2 +- src/modules/module_06211.c | 2 +- src/modules/module_06212.c | 2 +- src/modules/module_06213.c | 2 +- src/modules/module_06221.c | 2 +- src/modules/module_06222.c | 2 +- src/modules/module_06223.c | 2 +- src/modules/module_06231.c | 2 +- src/modules/module_06232.c | 2 +- src/modules/module_06233.c | 2 +- src/modules/module_06241.c | 2 +- src/modules/module_06242.c | 2 +- src/modules/module_06243.c | 2 +- src/modules/module_13711.c | 2 +- src/modules/module_13712.c | 2 +- src/modules/module_13713.c | 2 +- src/modules/module_13721.c | 2 +- src/modules/module_13722.c | 2 +- src/modules/module_13723.c | 2 +- src/modules/module_13731.c | 2 +- src/modules/module_13732.c | 2 +- src/modules/module_13733.c | 2 +- src/modules/module_13741.c | 2 +- src/modules/module_13742.c | 2 +- src/modules/module_13743.c | 2 +- src/modules/module_13751.c | 2 +- src/modules/module_13752.c | 2 +- src/modules/module_13753.c | 2 +- src/modules/module_13761.c | 2 +- src/modules/module_13762.c | 2 +- src/modules/module_13763.c | 2 +- src/modules/module_13771.c | 2 +- src/modules/module_13772.c | 2 +- src/modules/module_13773.c | 2 +- src/shared.c | 2 +- src/status.c | 8 ++++---- src/terminal.c | 2 +- 38 files changed, 52 insertions(+), 52 deletions(-) diff --git a/src/hashes.c b/src/hashes.c index 789bcd630..bcfa2c1a1 100644 --- a/src/hashes.c +++ b/src/hashes.c @@ -182,8 +182,8 @@ int save_hash (hashcat_ctx_t *hashcat_ctx) { event_log_error (hashcat_ctx, "%s: %s", new_hashfile, strerror (errno)); - free (new_hashfile); - free (old_hashfile); + hcfree (new_hashfile); + hcfree (old_hashfile); return -1; } @@ -194,8 +194,8 @@ int save_hash (hashcat_ctx_t *hashcat_ctx) event_log_error (hashcat_ctx, "%s: %s", new_hashfile, strerror (errno)); - free (new_hashfile); - free (old_hashfile); + hcfree (new_hashfile); + hcfree (old_hashfile); return -1; } @@ -256,8 +256,8 @@ int save_hash (hashcat_ctx_t *hashcat_ctx) event_log_error (hashcat_ctx, "%s: %s", new_hashfile, strerror (errno)); - free (new_hashfile); - free (old_hashfile); + hcfree (new_hashfile); + hcfree (old_hashfile); return -1; } @@ -270,8 +270,8 @@ int save_hash (hashcat_ctx_t *hashcat_ctx) { event_log_error (hashcat_ctx, "Rename file '%s' to '%s': %s", hashfile, old_hashfile, strerror (errno)); - free (new_hashfile); - free (old_hashfile); + hcfree (new_hashfile); + hcfree (old_hashfile); return -1; } @@ -282,16 +282,16 @@ int save_hash (hashcat_ctx_t *hashcat_ctx) { event_log_error (hashcat_ctx, "Rename file '%s' to '%s': %s", new_hashfile, hashfile, strerror (errno)); - free (new_hashfile); - free (old_hashfile); + hcfree (new_hashfile); + hcfree (old_hashfile); return -1; } unlink (old_hashfile); - free (new_hashfile); - free (old_hashfile); + hcfree (new_hashfile); + hcfree (old_hashfile); return 0; } diff --git a/src/hlfmt.c b/src/hlfmt.c index 68ea27c82..0e803445b 100644 --- a/src/hlfmt.c +++ b/src/hlfmt.c @@ -374,7 +374,7 @@ u32 hlfmt_detect (hashcat_ctx_t *hashcat_ctx, HCFILE *fp, u32 max_check) hashlist_format = i; } - free (formats_cnt); + hcfree (formats_cnt); return hashlist_format; } diff --git a/src/modules/module_06211.c b/src/modules/module_06211.c index ef63c4be4..70c43e63f 100644 --- a/src/modules/module_06211.c +++ b/src/modules/module_06211.c @@ -199,7 +199,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06212.c b/src/modules/module_06212.c index a2f6fc4bf..5f3cb9597 100644 --- a/src/modules/module_06212.c +++ b/src/modules/module_06212.c @@ -199,7 +199,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06213.c b/src/modules/module_06213.c index 0cdbd43c5..9f85117a8 100644 --- a/src/modules/module_06213.c +++ b/src/modules/module_06213.c @@ -197,7 +197,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06221.c b/src/modules/module_06221.c index 2744b6b37..64fae66c1 100644 --- a/src/modules/module_06221.c +++ b/src/modules/module_06221.c @@ -181,7 +181,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06222.c b/src/modules/module_06222.c index d4314e47f..664f36655 100644 --- a/src/modules/module_06222.c +++ b/src/modules/module_06222.c @@ -181,7 +181,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06223.c b/src/modules/module_06223.c index ec19b3c56..908ad4ccf 100644 --- a/src/modules/module_06223.c +++ b/src/modules/module_06223.c @@ -179,7 +179,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06231.c b/src/modules/module_06231.c index e86e09b69..612459b16 100644 --- a/src/modules/module_06231.c +++ b/src/modules/module_06231.c @@ -180,7 +180,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06232.c b/src/modules/module_06232.c index 847c2c3e9..7601055d5 100644 --- a/src/modules/module_06232.c +++ b/src/modules/module_06232.c @@ -180,7 +180,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06233.c b/src/modules/module_06233.c index 080976adf..f222af937 100644 --- a/src/modules/module_06233.c +++ b/src/modules/module_06233.c @@ -180,7 +180,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06241.c b/src/modules/module_06241.c index 4ff957c71..de3172b36 100644 --- a/src/modules/module_06241.c +++ b/src/modules/module_06241.c @@ -193,7 +193,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06242.c b/src/modules/module_06242.c index 048df78b1..8540769d9 100644 --- a/src/modules/module_06242.c +++ b/src/modules/module_06242.c @@ -193,7 +193,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_06243.c b/src/modules/module_06243.c index 2ee532815..eee606304 100644 --- a/src/modules/module_06243.c +++ b/src/modules/module_06243.c @@ -193,7 +193,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13711.c b/src/modules/module_13711.c index 2096bd458..00e9ca7f2 100644 --- a/src/modules/module_13711.c +++ b/src/modules/module_13711.c @@ -209,7 +209,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13712.c b/src/modules/module_13712.c index 8a5f1cf13..08be501aa 100644 --- a/src/modules/module_13712.c +++ b/src/modules/module_13712.c @@ -209,7 +209,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13713.c b/src/modules/module_13713.c index 7a5360837..8ea246d70 100644 --- a/src/modules/module_13713.c +++ b/src/modules/module_13713.c @@ -209,7 +209,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13721.c b/src/modules/module_13721.c index 9680018f1..92a4fc182 100644 --- a/src/modules/module_13721.c +++ b/src/modules/module_13721.c @@ -210,7 +210,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13722.c b/src/modules/module_13722.c index 88b7c0862..695dbe140 100644 --- a/src/modules/module_13722.c +++ b/src/modules/module_13722.c @@ -210,7 +210,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13723.c b/src/modules/module_13723.c index bf90814ed..0c2bc5edd 100644 --- a/src/modules/module_13723.c +++ b/src/modules/module_13723.c @@ -210,7 +210,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13731.c b/src/modules/module_13731.c index ab2885331..9b8040b89 100644 --- a/src/modules/module_13731.c +++ b/src/modules/module_13731.c @@ -209,7 +209,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13732.c b/src/modules/module_13732.c index 7ba12cfca..aaf7e1ea1 100644 --- a/src/modules/module_13732.c +++ b/src/modules/module_13732.c @@ -209,7 +209,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13733.c b/src/modules/module_13733.c index 2dfac5939..20d8dae95 100644 --- a/src/modules/module_13733.c +++ b/src/modules/module_13733.c @@ -209,7 +209,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13741.c b/src/modules/module_13741.c index e819dc268..f33448db6 100644 --- a/src/modules/module_13741.c +++ b/src/modules/module_13741.c @@ -211,7 +211,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13742.c b/src/modules/module_13742.c index 42f09c216..7105841f5 100644 --- a/src/modules/module_13742.c +++ b/src/modules/module_13742.c @@ -211,7 +211,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13743.c b/src/modules/module_13743.c index 0c3e07a8b..fdd60b216 100644 --- a/src/modules/module_13743.c +++ b/src/modules/module_13743.c @@ -211,7 +211,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13751.c b/src/modules/module_13751.c index df3dab805..e68c39c3d 100644 --- a/src/modules/module_13751.c +++ b/src/modules/module_13751.c @@ -228,7 +228,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13752.c b/src/modules/module_13752.c index c2675a0e1..ec52ee3ef 100644 --- a/src/modules/module_13752.c +++ b/src/modules/module_13752.c @@ -228,7 +228,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13753.c b/src/modules/module_13753.c index df061adce..1a06ef978 100644 --- a/src/modules/module_13753.c +++ b/src/modules/module_13753.c @@ -228,7 +228,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13761.c b/src/modules/module_13761.c index d121c9928..ae6c1b666 100644 --- a/src/modules/module_13761.c +++ b/src/modules/module_13761.c @@ -230,7 +230,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13762.c b/src/modules/module_13762.c index a772f9180..1f5cb4ab2 100644 --- a/src/modules/module_13762.c +++ b/src/modules/module_13762.c @@ -230,7 +230,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13763.c b/src/modules/module_13763.c index 885e9c1c6..a0dd1fd86 100644 --- a/src/modules/module_13763.c +++ b/src/modules/module_13763.c @@ -230,7 +230,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13771.c b/src/modules/module_13771.c index 21ab8fc58..f61d44336 100644 --- a/src/modules/module_13771.c +++ b/src/modules/module_13771.c @@ -213,7 +213,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13772.c b/src/modules/module_13772.c index ce9a1edd8..ad9f1fb7b 100644 --- a/src/modules/module_13772.c +++ b/src/modules/module_13772.c @@ -213,7 +213,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/modules/module_13773.c b/src/modules/module_13773.c index ed658c123..8cfd75ac4 100644 --- a/src/modules/module_13773.c +++ b/src/modules/module_13773.c @@ -213,7 +213,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE keyfile = strtok_r ((char *) NULL, ",", &saveptr); } - free (keyfiles); + hcfree (keyfiles); } // keyboard layout mapping diff --git a/src/shared.c b/src/shared.c index 8b59d600f..19f3e7e26 100644 --- a/src/shared.c +++ b/src/shared.c @@ -507,7 +507,7 @@ void setup_environment_variables (const folder_config_t *folder_config) putenv (display); - free (display); + hcfree (display); } else { diff --git a/src/status.c b/src/status.c index 26407519e..ebae643cc 100644 --- a/src/status.c +++ b/src/status.c @@ -323,7 +323,7 @@ char *status_get_hash_target (const hashcat_ctx_t *hashcat_ctx) tmp_buf2[tmp_len] = 0; - free (tmp_buf); + hcfree (tmp_buf); return tmp_buf2; } @@ -343,7 +343,7 @@ char *status_get_hash_target (const hashcat_ctx_t *hashcat_ctx) char *tmp_buf2 = strdup (tmp_buf); - free (tmp_buf); + hcfree (tmp_buf); return tmp_buf2; } @@ -1097,14 +1097,14 @@ char *status_get_time_estimated_relative (const hashcat_ctx_t *hashcat_ctx) snprintf (display, HCBUFSIZ_TINY, "%s; Runtime limited: %s", tmp_display, display_left); - free (display_left); + hcfree (display_left); } else { snprintf (display, HCBUFSIZ_TINY, "%s; Runtime limit exceeded", tmp_display); } - free (tmp_display); + hcfree (tmp_display); } return display; diff --git a/src/terminal.c b/src/terminal.c index fb68608a7..411c5b36f 100644 --- a/src/terminal.c +++ b/src/terminal.c @@ -1068,7 +1068,7 @@ void status_display_status_json (hashcat_ctx_t *hashcat_ctx) printf (" \"rejected\": %" PRIu64 ",", hashcat_status->progress_rejected); printf (" \"devices\": ["); - free (target_json_encoded); + hcfree (target_json_encoded); int device_num = 0; From 943c57ae5f8c2783fa98c88cf08f65ccf4d90a2f Mon Sep 17 00:00:00 2001 From: philsmd Date: Thu, 14 May 2020 19:27:39 +0200 Subject: [PATCH 03/19] luks: remove self-test example hash --- src/modules/module_14600.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/module_14600.c b/src/modules/module_14600.c index 8999d6091..9ac94e50d 100644 --- a/src/modules/module_14600.c +++ b/src/modules/module_14600.c @@ -26,8 +26,8 @@ static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE | OPTS_TYPE_SELF_TEST_DISABLE | OPTS_TYPE_BINARY_HASHFILE; static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; -static const char *ST_PASS = "hashcat"; -static const char *ST_HASH = "tbd"; +static const char *ST_PASS = NULL; +static const char *ST_HASH = NULL; u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } From 5190441dfd9cbae8b1f57f9757495327cb91123d Mon Sep 17 00:00:00 2001 From: philsmd <921533+philsmd@users.noreply.github.com> Date: Mon, 18 May 2020 10:37:58 +0200 Subject: [PATCH 04/19] -m 21000 = BitShares fix for different vector width --- OpenCL/m21000_a3-pure.cl | 64 ++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/OpenCL/m21000_a3-pure.cl b/OpenCL/m21000_a3-pure.cl index 87c56c54f..4fd40a511 100644 --- a/OpenCL/m21000_a3-pure.cl +++ b/OpenCL/m21000_a3-pure.cl @@ -66,22 +66,22 @@ KERNEL_FQ void m21000_mxx (KERN_ATTR_VECTOR ()) u32x final[32] = { 0 }; - final[ 0] = h32_from_64_S (ctx0.h[0]); - final[ 1] = l32_from_64_S (ctx0.h[0]); - final[ 2] = h32_from_64_S (ctx0.h[1]); - final[ 3] = l32_from_64_S (ctx0.h[1]); - final[ 4] = h32_from_64_S (ctx0.h[2]); - final[ 5] = l32_from_64_S (ctx0.h[2]); - final[ 6] = h32_from_64_S (ctx0.h[3]); - final[ 7] = l32_from_64_S (ctx0.h[3]); - final[ 8] = h32_from_64_S (ctx0.h[4]); - final[ 9] = l32_from_64_S (ctx0.h[4]); - final[10] = h32_from_64_S (ctx0.h[5]); - final[11] = l32_from_64_S (ctx0.h[5]); - final[12] = h32_from_64_S (ctx0.h[6]); - final[13] = l32_from_64_S (ctx0.h[6]); - final[14] = h32_from_64_S (ctx0.h[7]); - final[15] = l32_from_64_S (ctx0.h[7]); + final[ 0] = h32_from_64 (ctx0.h[0]); + final[ 1] = l32_from_64 (ctx0.h[0]); + final[ 2] = h32_from_64 (ctx0.h[1]); + final[ 3] = l32_from_64 (ctx0.h[1]); + final[ 4] = h32_from_64 (ctx0.h[2]); + final[ 5] = l32_from_64 (ctx0.h[2]); + final[ 6] = h32_from_64 (ctx0.h[3]); + final[ 7] = l32_from_64 (ctx0.h[3]); + final[ 8] = h32_from_64 (ctx0.h[4]); + final[ 9] = l32_from_64 (ctx0.h[4]); + final[10] = h32_from_64 (ctx0.h[5]); + final[11] = l32_from_64 (ctx0.h[5]); + final[12] = h32_from_64 (ctx0.h[6]); + final[13] = l32_from_64 (ctx0.h[6]); + final[14] = h32_from_64 (ctx0.h[7]); + final[15] = l32_from_64 (ctx0.h[7]); sha512_update_vector (&ctx, final, 64); @@ -160,22 +160,22 @@ KERNEL_FQ void m21000_sxx (KERN_ATTR_VECTOR ()) u32x final[32] = { 0 }; - final[ 0] = h32_from_64_S (ctx0.h[0]); - final[ 1] = l32_from_64_S (ctx0.h[0]); - final[ 2] = h32_from_64_S (ctx0.h[1]); - final[ 3] = l32_from_64_S (ctx0.h[1]); - final[ 4] = h32_from_64_S (ctx0.h[2]); - final[ 5] = l32_from_64_S (ctx0.h[2]); - final[ 6] = h32_from_64_S (ctx0.h[3]); - final[ 7] = l32_from_64_S (ctx0.h[3]); - final[ 8] = h32_from_64_S (ctx0.h[4]); - final[ 9] = l32_from_64_S (ctx0.h[4]); - final[10] = h32_from_64_S (ctx0.h[5]); - final[11] = l32_from_64_S (ctx0.h[5]); - final[12] = h32_from_64_S (ctx0.h[6]); - final[13] = l32_from_64_S (ctx0.h[6]); - final[14] = h32_from_64_S (ctx0.h[7]); - final[15] = l32_from_64_S (ctx0.h[7]); + final[ 0] = h32_from_64 (ctx0.h[0]); + final[ 1] = l32_from_64 (ctx0.h[0]); + final[ 2] = h32_from_64 (ctx0.h[1]); + final[ 3] = l32_from_64 (ctx0.h[1]); + final[ 4] = h32_from_64 (ctx0.h[2]); + final[ 5] = l32_from_64 (ctx0.h[2]); + final[ 6] = h32_from_64 (ctx0.h[3]); + final[ 7] = l32_from_64 (ctx0.h[3]); + final[ 8] = h32_from_64 (ctx0.h[4]); + final[ 9] = l32_from_64 (ctx0.h[4]); + final[10] = h32_from_64 (ctx0.h[5]); + final[11] = l32_from_64 (ctx0.h[5]); + final[12] = h32_from_64 (ctx0.h[6]); + final[13] = l32_from_64 (ctx0.h[6]); + final[14] = h32_from_64 (ctx0.h[7]); + final[15] = l32_from_64 (ctx0.h[7]); sha512_update_vector (&ctx, final, 64); From abd204565958e190dc32face7955047278623978 Mon Sep 17 00:00:00 2001 From: philsmd Date: Mon, 25 May 2020 10:58:08 +0200 Subject: [PATCH 05/19] fixes #2413: documentation of rule "*" was incorrect --- docs/rules.txt | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/rules.txt b/docs/rules.txt index 622a9bc8d..52fba68ca 100644 --- a/docs/rules.txt +++ b/docs/rules.txt @@ -28,7 +28,7 @@ #define RULE_OP_MANGLE_DUPECHAR_ALL 'q' // duplicate all chars. ex: hello -> hheelllloo #define RULE_OP_MANGLE_SWITCH_FIRST 'k' // switches the first 2 chars. ex: hello -> ehllo #define RULE_OP_MANGLE_SWITCH_LAST 'K' // switches the last 2 chars. ex: hello -> helol -#define RULE_OP_MANGLE_SWITCH_AT '*' // switches the first 2 chars after pos N. ex: hello -> hlelo +#define RULE_OP_MANGLE_SWITCH_AT '*' // switches char at pos N with char at pos M. ex: hello -> holle #define RULE_OP_MANGLE_CHR_SHIFTL 'L' // bitwise shift left char at pos N. ex: hello0 -> hello` #define RULE_OP_MANGLE_CHR_SHIFTR 'R' // bitwise shift right char at pos N. ex: hello` -> hello0 #define RULE_OP_MANGLE_CHR_INCR '+' // bytewise increase at pos N. ex: hello0 -> hello1 @@ -42,7 +42,7 @@ /* With -j or -k only */ -#define RULE_OP_MANGLE_EXTRACT_MEMORY 'X' // insert substring delimited by N and M into current word at position I +#define RULE_OP_MANGLE_EXTRACT_MEMORY 'X' // insert substring delimited by N and M into current word at pos I #define RULE_OP_MANGLE_APPEND_MEMORY '4' // insert the word saved by 'M' at the end of current word #define RULE_OP_MANGLE_PREPEND_MEMORY '6' // insert the word saved by 'M' at the beginning of current word #define RULE_OP_MEMORIZE_WORD 'M' // memorize current word @@ -52,9 +52,9 @@ #define RULE_OP_REJECT_EQUAL '_' // reject plains of length not equal to N #define RULE_OP_REJECT_CONTAIN '!' // reject plains that contain char X #define RULE_OP_REJECT_NOT_CONTAIN '/' // reject plains that do not contain char X -#define RULE_OP_REJECT_EQUAL_FIRST '(' // reject plains that do not contain char X at first position -#define RULE_OP_REJECT_EQUAL_LAST ')' // reject plains that do not contain char X at last position -#define RULE_OP_REJECT_EQUAL_AT '=' // reject plains that do not contain char X at position N +#define RULE_OP_REJECT_EQUAL_FIRST '(' // reject plains that do not contain char X at first pos +#define RULE_OP_REJECT_EQUAL_LAST ')' // reject plains that do not contain char X at last pos +#define RULE_OP_REJECT_EQUAL_AT '=' // reject plains that do not contain char X at pos N #define RULE_OP_REJECT_CONTAINS '%' // reject plains that contain char X less than N times #define RULE_OP_REJECT_MEMORY 'Q' // reject plains that match the plain saved (see M), i.e. if unchanged -#define RULE_LAST_REJECTED_SAVED_POS 'p' // position of the character last found with '/' or '%' +#define RULE_LAST_REJECTED_SAVED_POS 'p' // pos of the character last found with '/' or '%' From edfe21b902c727a1f60e03decb30154358e97f37 Mon Sep 17 00:00:00 2001 From: philsmd Date: Mon, 25 May 2020 11:08:33 +0200 Subject: [PATCH 06/19] fixes #2390: RAR3-hp cracking w/ pass > 28 (pure kernel) + tests added --- OpenCL/m12500-pure.cl | 917 ++++++++++++++++++++++++++++++----- docs/changes.txt | 1 + src/modules/module_12500.c | 23 +- tools/test_modules/m12500.pm | 405 ++++++++++++++++ 4 files changed, 1218 insertions(+), 128 deletions(-) create mode 100644 tools/test_modules/m12500.pm diff --git a/OpenCL/m12500-pure.cl b/OpenCL/m12500-pure.cl index 24b0a8f05..eefd4b30d 100644 --- a/OpenCL/m12500-pure.cl +++ b/OpenCL/m12500-pure.cl @@ -17,14 +17,6 @@ #define ROUNDS 0x40000 -#define PUTCHAR(a,p,c) ((u8 *)(a))[(p)] = (u8) (c) -#define GETCHAR(a,p) ((u8 *)(a))[(p)] - -#define PUTCHAR_BE(a,p,c) ((u8 *)(a))[(p) ^ 3] = (u8) (c) -#define GETCHAR_BE(a,p) ((u8 *)(a))[(p) ^ 3] - -#define MIN(a,b) (((a) < (b)) ? (a) : (b)) - typedef struct pbkdf2_sha1 { u32 salt_buf[64]; @@ -33,7 +25,11 @@ typedef struct pbkdf2_sha1 typedef struct rar3_tmp { - u32 dgst[17][5]; + u32 dgst[5]; + + u32 w[66]; // 256 byte pass + 8 byte salt + + u32 iv[4]; } rar3_tmp_t; @@ -138,6 +134,627 @@ DECLSPEC void memcat8c_be (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 len, co } } +// only change in this function compared to OpenCL/inc_hash_sha1.cl is that it returns +// the expanded 64 byte buffer w0_t..wf_t in t[]: + +DECLSPEC void sha1_transform_rar29 (const u32 *w0, const u32 *w1, const u32 *w2, const u32 *w3, u32 *digest, u32 *t) +{ + u32 a = digest[0]; + u32 b = digest[1]; + u32 c = digest[2]; + u32 d = digest[3]; + u32 e = digest[4]; + + #ifdef IS_CPU + + u32 w0_t = w0[0]; + u32 w1_t = w0[1]; + u32 w2_t = w0[2]; + u32 w3_t = w0[3]; + u32 w4_t = w1[0]; + u32 w5_t = w1[1]; + u32 w6_t = w1[2]; + u32 w7_t = w1[3]; + u32 w8_t = w2[0]; + u32 w9_t = w2[1]; + u32 wa_t = w2[2]; + u32 wb_t = w2[3]; + u32 wc_t = w3[0]; + u32 wd_t = w3[1]; + u32 we_t = w3[2]; + u32 wf_t = w3[3]; + + #define K SHA1C00 + + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, wf_t); + + t[ 0] = w0_t; + t[ 1] = w1_t; + t[ 2] = w2_t; + t[ 3] = w3_t; + t[ 4] = w4_t; + t[ 5] = w5_t; + t[ 6] = w6_t; + t[ 7] = w7_t; + t[ 8] = w8_t; + t[ 9] = w9_t; + t[10] = wa_t; + t[11] = wb_t; + t[12] = wc_t; + t[13] = wd_t; + t[14] = we_t; + t[15] = wf_t; + + #undef K + + #else + + u32 w00_t = w0[0]; + u32 w01_t = w0[1]; + u32 w02_t = w0[2]; + u32 w03_t = w0[3]; + u32 w04_t = w1[0]; + u32 w05_t = w1[1]; + u32 w06_t = w1[2]; + u32 w07_t = w1[3]; + u32 w08_t = w2[0]; + u32 w09_t = w2[1]; + u32 w0a_t = w2[2]; + u32 w0b_t = w2[3]; + u32 w0c_t = w3[0]; + u32 w0d_t = w3[1]; + u32 w0e_t = w3[2]; + u32 w0f_t = w3[3]; + u32 w10_t; + u32 w11_t; + u32 w12_t; + u32 w13_t; + u32 w14_t; + u32 w15_t; + u32 w16_t; + u32 w17_t; + u32 w18_t; + u32 w19_t; + u32 w1a_t; + u32 w1b_t; + u32 w1c_t; + u32 w1d_t; + u32 w1e_t; + u32 w1f_t; + u32 w20_t; + u32 w21_t; + u32 w22_t; + u32 w23_t; + u32 w24_t; + u32 w25_t; + u32 w26_t; + u32 w27_t; + u32 w28_t; + u32 w29_t; + u32 w2a_t; + u32 w2b_t; + u32 w2c_t; + u32 w2d_t; + u32 w2e_t; + u32 w2f_t; + u32 w30_t; + u32 w31_t; + u32 w32_t; + u32 w33_t; + u32 w34_t; + u32 w35_t; + u32 w36_t; + u32 w37_t; + u32 w38_t; + u32 w39_t; + u32 w3a_t; + u32 w3b_t; + u32 w3c_t; + u32 w3d_t; + u32 w3e_t; + u32 w3f_t; + u32 w40_t; + u32 w41_t; + u32 w42_t; + u32 w43_t; + u32 w44_t; + u32 w45_t; + u32 w46_t; + u32 w47_t; + u32 w48_t; + u32 w49_t; + u32 w4a_t; + u32 w4b_t; + u32 w4c_t; + u32 w4d_t; + u32 w4e_t; + u32 w4f_t; + + #define K SHA1C00 + + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w00_t); + SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w01_t); + SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w02_t); + SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w03_t); + SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w04_t); + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w05_t); + SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w06_t); + SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w07_t); + SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w08_t); + SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w09_t); + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w0a_t); + SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w0b_t); + SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w0c_t); + SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w0d_t); + SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w0e_t); + SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w0f_t); + w10_t = hc_rotl32_S ((w0d_t ^ w08_t ^ w02_t ^ w00_t), 1u); SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w10_t); + w11_t = hc_rotl32_S ((w0e_t ^ w09_t ^ w03_t ^ w01_t), 1u); SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w11_t); + w12_t = hc_rotl32_S ((w0f_t ^ w0a_t ^ w04_t ^ w02_t), 1u); SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w12_t); + w13_t = hc_rotl32_S ((w10_t ^ w0b_t ^ w05_t ^ w03_t), 1u); SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w13_t); + + #undef K + #define K SHA1C01 + + w14_t = hc_rotl32_S ((w11_t ^ w0c_t ^ w06_t ^ w04_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w14_t); + w15_t = hc_rotl32_S ((w12_t ^ w0d_t ^ w07_t ^ w05_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w15_t); + w16_t = hc_rotl32_S ((w13_t ^ w0e_t ^ w08_t ^ w06_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w16_t); + w17_t = hc_rotl32_S ((w14_t ^ w0f_t ^ w09_t ^ w07_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w17_t); + w18_t = hc_rotl32_S ((w15_t ^ w10_t ^ w0a_t ^ w08_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w18_t); + w19_t = hc_rotl32_S ((w16_t ^ w11_t ^ w0b_t ^ w09_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w19_t); + w1a_t = hc_rotl32_S ((w17_t ^ w12_t ^ w0c_t ^ w0a_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w1a_t); + w1b_t = hc_rotl32_S ((w18_t ^ w13_t ^ w0d_t ^ w0b_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w1b_t); + w1c_t = hc_rotl32_S ((w19_t ^ w14_t ^ w0e_t ^ w0c_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w1c_t); + w1d_t = hc_rotl32_S ((w1a_t ^ w15_t ^ w0f_t ^ w0d_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w1d_t); + w1e_t = hc_rotl32_S ((w1b_t ^ w16_t ^ w10_t ^ w0e_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w1e_t); + w1f_t = hc_rotl32_S ((w1c_t ^ w17_t ^ w11_t ^ w0f_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w1f_t); + w20_t = hc_rotl32_S ((w1a_t ^ w10_t ^ w04_t ^ w00_t), 2u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w20_t); + w21_t = hc_rotl32_S ((w1b_t ^ w11_t ^ w05_t ^ w01_t), 2u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w21_t); + w22_t = hc_rotl32_S ((w1c_t ^ w12_t ^ w06_t ^ w02_t), 2u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w22_t); + w23_t = hc_rotl32_S ((w1d_t ^ w13_t ^ w07_t ^ w03_t), 2u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w23_t); + w24_t = hc_rotl32_S ((w1e_t ^ w14_t ^ w08_t ^ w04_t), 2u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w24_t); + w25_t = hc_rotl32_S ((w1f_t ^ w15_t ^ w09_t ^ w05_t), 2u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w25_t); + w26_t = hc_rotl32_S ((w20_t ^ w16_t ^ w0a_t ^ w06_t), 2u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w26_t); + w27_t = hc_rotl32_S ((w21_t ^ w17_t ^ w0b_t ^ w07_t), 2u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w27_t); + + #undef K + #define K SHA1C02 + + w28_t = hc_rotl32_S ((w22_t ^ w18_t ^ w0c_t ^ w08_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w28_t); + w29_t = hc_rotl32_S ((w23_t ^ w19_t ^ w0d_t ^ w09_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w29_t); + w2a_t = hc_rotl32_S ((w24_t ^ w1a_t ^ w0e_t ^ w0a_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w2a_t); + w2b_t = hc_rotl32_S ((w25_t ^ w1b_t ^ w0f_t ^ w0b_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w2b_t); + w2c_t = hc_rotl32_S ((w26_t ^ w1c_t ^ w10_t ^ w0c_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w2c_t); + w2d_t = hc_rotl32_S ((w27_t ^ w1d_t ^ w11_t ^ w0d_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w2d_t); + w2e_t = hc_rotl32_S ((w28_t ^ w1e_t ^ w12_t ^ w0e_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w2e_t); + w2f_t = hc_rotl32_S ((w29_t ^ w1f_t ^ w13_t ^ w0f_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w2f_t); + w30_t = hc_rotl32_S ((w2a_t ^ w20_t ^ w14_t ^ w10_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w30_t); + w31_t = hc_rotl32_S ((w2b_t ^ w21_t ^ w15_t ^ w11_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w31_t); + w32_t = hc_rotl32_S ((w2c_t ^ w22_t ^ w16_t ^ w12_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w32_t); + w33_t = hc_rotl32_S ((w2d_t ^ w23_t ^ w17_t ^ w13_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w33_t); + w34_t = hc_rotl32_S ((w2e_t ^ w24_t ^ w18_t ^ w14_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w34_t); + w35_t = hc_rotl32_S ((w2f_t ^ w25_t ^ w19_t ^ w15_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w35_t); + w36_t = hc_rotl32_S ((w30_t ^ w26_t ^ w1a_t ^ w16_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w36_t); + w37_t = hc_rotl32_S ((w31_t ^ w27_t ^ w1b_t ^ w17_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w37_t); + w38_t = hc_rotl32_S ((w32_t ^ w28_t ^ w1c_t ^ w18_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w38_t); + w39_t = hc_rotl32_S ((w33_t ^ w29_t ^ w1d_t ^ w19_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w39_t); + w3a_t = hc_rotl32_S ((w34_t ^ w2a_t ^ w1e_t ^ w1a_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w3a_t); + w3b_t = hc_rotl32_S ((w35_t ^ w2b_t ^ w1f_t ^ w1b_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w3b_t); + + #undef K + #define K SHA1C03 + + w3c_t = hc_rotl32_S ((w36_t ^ w2c_t ^ w20_t ^ w1c_t), 2u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w3c_t); + w3d_t = hc_rotl32_S ((w37_t ^ w2d_t ^ w21_t ^ w1d_t), 2u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w3d_t); + w3e_t = hc_rotl32_S ((w38_t ^ w2e_t ^ w22_t ^ w1e_t), 2u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w3e_t); + w3f_t = hc_rotl32_S ((w39_t ^ w2f_t ^ w23_t ^ w1f_t), 2u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w3f_t); + w40_t = hc_rotl32_S ((w34_t ^ w20_t ^ w08_t ^ w00_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w40_t); + w41_t = hc_rotl32_S ((w35_t ^ w21_t ^ w09_t ^ w01_t), 4u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w41_t); + w42_t = hc_rotl32_S ((w36_t ^ w22_t ^ w0a_t ^ w02_t), 4u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w42_t); + w43_t = hc_rotl32_S ((w37_t ^ w23_t ^ w0b_t ^ w03_t), 4u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w43_t); + w44_t = hc_rotl32_S ((w38_t ^ w24_t ^ w0c_t ^ w04_t), 4u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w44_t); + w45_t = hc_rotl32_S ((w39_t ^ w25_t ^ w0d_t ^ w05_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w45_t); + w46_t = hc_rotl32_S ((w3a_t ^ w26_t ^ w0e_t ^ w06_t), 4u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w46_t); + w47_t = hc_rotl32_S ((w3b_t ^ w27_t ^ w0f_t ^ w07_t), 4u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w47_t); + w48_t = hc_rotl32_S ((w3c_t ^ w28_t ^ w10_t ^ w08_t), 4u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w48_t); + w49_t = hc_rotl32_S ((w3d_t ^ w29_t ^ w11_t ^ w09_t), 4u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w49_t); + w4a_t = hc_rotl32_S ((w3e_t ^ w2a_t ^ w12_t ^ w0a_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w4a_t); + w4b_t = hc_rotl32_S ((w3f_t ^ w2b_t ^ w13_t ^ w0b_t), 4u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w4b_t); + w4c_t = hc_rotl32_S ((w40_t ^ w2c_t ^ w14_t ^ w0c_t), 4u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w4c_t); + w4d_t = hc_rotl32_S ((w41_t ^ w2d_t ^ w15_t ^ w0d_t), 4u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w4d_t); + w4e_t = hc_rotl32_S ((w42_t ^ w2e_t ^ w16_t ^ w0e_t), 4u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w4e_t); + w4f_t = hc_rotl32_S ((w43_t ^ w2f_t ^ w17_t ^ w0f_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w4f_t); + + t[ 0] = w40_t; + t[ 1] = w41_t; + t[ 2] = w42_t; + t[ 3] = w43_t; + t[ 4] = w44_t; + t[ 5] = w45_t; + t[ 6] = w46_t; + t[ 7] = w47_t; + t[ 8] = w48_t; + t[ 9] = w49_t; + t[10] = w4a_t; + t[11] = w4b_t; + t[12] = w4c_t; + t[13] = w4d_t; + t[14] = w4e_t; + t[15] = w4f_t; + + #undef K + #endif + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; + digest[4] += e; +} + +// only change in this function compared to OpenCL/inc_hash_sha1.cl is that +// it calls our modified sha1_transform_rar29 () function + +DECLSPEC void sha1_update_64_rar29 (sha1_ctx_t *ctx, u32 *w0, u32 *w1, u32 *w2, u32 *w3, const int bytes, u32 *t) +{ + MAYBE_VOLATILE const int pos = ctx->len & 63; + + int len = 64; + + if (bytes < 64) + { + len = bytes; + } + + ctx->len += len; + + if (pos == 0) + { + ctx->w0[0] = w0[0]; + ctx->w0[1] = w0[1]; + ctx->w0[2] = w0[2]; + ctx->w0[3] = w0[3]; + ctx->w1[0] = w1[0]; + ctx->w1[1] = w1[1]; + ctx->w1[2] = w1[2]; + ctx->w1[3] = w1[3]; + ctx->w2[0] = w2[0]; + ctx->w2[1] = w2[1]; + ctx->w2[2] = w2[2]; + ctx->w2[3] = w2[3]; + ctx->w3[0] = w3[0]; + ctx->w3[1] = w3[1]; + ctx->w3[2] = w3[2]; + ctx->w3[3] = w3[3]; + + if (len == 64) + { + sha1_transform_rar29 (ctx->w0, ctx->w1, ctx->w2, ctx->w3, ctx->h, t); + + ctx->w0[0] = 0; + ctx->w0[1] = 0; + ctx->w0[2] = 0; + ctx->w0[3] = 0; + ctx->w1[0] = 0; + ctx->w1[1] = 0; + ctx->w1[2] = 0; + ctx->w1[3] = 0; + ctx->w2[0] = 0; + ctx->w2[1] = 0; + ctx->w2[2] = 0; + ctx->w2[3] = 0; + ctx->w3[0] = 0; + ctx->w3[1] = 0; + ctx->w3[2] = 0; + ctx->w3[3] = 0; + } + } + else + { + if ((pos + len) < 64) + { + switch_buffer_by_offset_be_S (w0, w1, w2, w3, pos); + + ctx->w0[0] |= w0[0]; + ctx->w0[1] |= w0[1]; + ctx->w0[2] |= w0[2]; + ctx->w0[3] |= w0[3]; + ctx->w1[0] |= w1[0]; + ctx->w1[1] |= w1[1]; + ctx->w1[2] |= w1[2]; + ctx->w1[3] |= w1[3]; + ctx->w2[0] |= w2[0]; + ctx->w2[1] |= w2[1]; + ctx->w2[2] |= w2[2]; + ctx->w2[3] |= w2[3]; + ctx->w3[0] |= w3[0]; + ctx->w3[1] |= w3[1]; + ctx->w3[2] |= w3[2]; + ctx->w3[3] |= w3[3]; + } + else + { + u32 c0[4] = { 0 }; + u32 c1[4] = { 0 }; + u32 c2[4] = { 0 }; + u32 c3[4] = { 0 }; + + switch_buffer_by_offset_carry_be_S (w0, w1, w2, w3, c0, c1, c2, c3, pos); + + ctx->w0[0] |= w0[0]; + ctx->w0[1] |= w0[1]; + ctx->w0[2] |= w0[2]; + ctx->w0[3] |= w0[3]; + ctx->w1[0] |= w1[0]; + ctx->w1[1] |= w1[1]; + ctx->w1[2] |= w1[2]; + ctx->w1[3] |= w1[3]; + ctx->w2[0] |= w2[0]; + ctx->w2[1] |= w2[1]; + ctx->w2[2] |= w2[2]; + ctx->w2[3] |= w2[3]; + ctx->w3[0] |= w3[0]; + ctx->w3[1] |= w3[1]; + ctx->w3[2] |= w3[2]; + ctx->w3[3] |= w3[3]; + + sha1_transform_rar29 (ctx->w0, ctx->w1, ctx->w2, ctx->w3, ctx->h, t); + + ctx->w0[0] = c0[0]; + ctx->w0[1] = c0[1]; + ctx->w0[2] = c0[2]; + ctx->w0[3] = c0[3]; + ctx->w1[0] = c1[0]; + ctx->w1[1] = c1[1]; + ctx->w1[2] = c1[2]; + ctx->w1[3] = c1[3]; + ctx->w2[0] = c2[0]; + ctx->w2[1] = c2[1]; + ctx->w2[2] = c2[2]; + ctx->w2[3] = c2[3]; + ctx->w3[0] = c3[0]; + ctx->w3[1] = c3[1]; + ctx->w3[2] = c3[2]; + ctx->w3[3] = c3[3]; + } + } +} + +// main change in this function compared to OpenCL/inc_hash_sha1.cl is that +// we call sha1_update_64_rar29 () and sometimes replace w[] + +DECLSPEC void sha1_update_rar29 (sha1_ctx_t *ctx, u32 *w, const int len) +{ + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + MAYBE_VOLATILE const int pos = ctx->len & 63; + + int pos1 = 0; + int pos4 = 0; + + if (len > 64) // or: if (pos1 < (len - 64)) + { + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + sha1_update_64 (ctx, w0, w1, w2, w3, 64); + + pos1 += 64; + pos4 += 16; + } + + for (int diff = 64 - pos; pos1 < len; pos1 += 64, pos4 += 16, diff += 64) + { + w0[0] = w[pos4 + 0]; + w0[1] = w[pos4 + 1]; + w0[2] = w[pos4 + 2]; + w0[3] = w[pos4 + 3]; + w1[0] = w[pos4 + 4]; + w1[1] = w[pos4 + 5]; + w1[2] = w[pos4 + 6]; + w1[3] = w[pos4 + 7]; + w2[0] = w[pos4 + 8]; + w2[1] = w[pos4 + 9]; + w2[2] = w[pos4 + 10]; + w2[3] = w[pos4 + 11]; + w3[0] = w[pos4 + 12]; + w3[1] = w[pos4 + 13]; + w3[2] = w[pos4 + 14]; + w3[3] = w[pos4 + 15]; + + // only major change in this function compared to OpenCL/inc_hash_sha1.cl: + + u32 t[17] = { 0 }; + + sha1_update_64_rar29 (ctx, w0, w1, w2, w3, len - pos1, t); + + + if ((diff + 63) >= len) break; + + // replaces 64 bytes (with offset diff) of the underlying data w[] with t[]: + + // for (int i = 0; i < 16; i++) t[i] = hc_swap32_S (t[i]); + + t[ 0] = hc_swap32_S (t[ 0]); // unroll seems to be faster + t[ 1] = hc_swap32_S (t[ 1]); + t[ 2] = hc_swap32_S (t[ 2]); + t[ 3] = hc_swap32_S (t[ 3]); + t[ 4] = hc_swap32_S (t[ 4]); + t[ 5] = hc_swap32_S (t[ 5]); + t[ 6] = hc_swap32_S (t[ 6]); + t[ 7] = hc_swap32_S (t[ 7]); + t[ 8] = hc_swap32_S (t[ 8]); + t[ 9] = hc_swap32_S (t[ 9]); + t[10] = hc_swap32_S (t[10]); + t[11] = hc_swap32_S (t[11]); + t[12] = hc_swap32_S (t[12]); + t[13] = hc_swap32_S (t[13]); + t[14] = hc_swap32_S (t[14]); + t[15] = hc_swap32_S (t[15]); + + const u32 n_idx = diff >> 2; + const u32 n_off = diff & 3; + + if (n_off) + { + const u32 off_mul = n_off << 3; + const u32 off_sub = 32 - off_mul; + + t[16] = (t[15] << off_sub); + t[15] = (t[15] >> off_mul) | (t[14] << off_sub); + t[14] = (t[14] >> off_mul) | (t[13] << off_sub); + t[13] = (t[13] >> off_mul) | (t[12] << off_sub); + t[12] = (t[12] >> off_mul) | (t[11] << off_sub); + t[11] = (t[11] >> off_mul) | (t[10] << off_sub); + t[10] = (t[10] >> off_mul) | (t[ 9] << off_sub); + t[ 9] = (t[ 9] >> off_mul) | (t[ 8] << off_sub); + t[ 8] = (t[ 8] >> off_mul) | (t[ 7] << off_sub); + t[ 7] = (t[ 7] >> off_mul) | (t[ 6] << off_sub); + t[ 6] = (t[ 6] >> off_mul) | (t[ 5] << off_sub); + t[ 5] = (t[ 5] >> off_mul) | (t[ 4] << off_sub); + t[ 4] = (t[ 4] >> off_mul) | (t[ 3] << off_sub); + t[ 3] = (t[ 3] >> off_mul) | (t[ 2] << off_sub); + t[ 2] = (t[ 2] >> off_mul) | (t[ 1] << off_sub); + t[ 1] = (t[ 1] >> off_mul) | (t[ 0] << off_sub); + t[ 0] = (t[ 0] >> off_mul); + } + + w[n_idx] &= 0xffffff00 << ((3 - n_off) << 3); + + w[n_idx] |= t[0]; + + w[n_idx + 1] = t[ 1]; + w[n_idx + 2] = t[ 2]; + w[n_idx + 3] = t[ 3]; + w[n_idx + 4] = t[ 4]; + w[n_idx + 5] = t[ 5]; + w[n_idx + 6] = t[ 6]; + w[n_idx + 7] = t[ 7]; + w[n_idx + 8] = t[ 8]; + w[n_idx + 9] = t[ 9]; + w[n_idx + 10] = t[10]; + w[n_idx + 11] = t[11]; + w[n_idx + 12] = t[12]; + w[n_idx + 13] = t[13]; + w[n_idx + 14] = t[14]; + w[n_idx + 15] = t[15]; + + // the final set is only meaningful: if (n_off) + + w[n_idx + 16] &= 0xffffffff >> (n_off << 3); + + w[n_idx + 16] |= t[16]; + } +} + KERNEL_FQ void m12500_init (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t)) { /** @@ -148,19 +765,82 @@ KERNEL_FQ void m12500_init (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t)) if (gid >= gid_max) return; - tmps[gid].dgst[0][0] = SHA1M_A; - tmps[gid].dgst[0][1] = SHA1M_B; - tmps[gid].dgst[0][2] = SHA1M_C; - tmps[gid].dgst[0][3] = SHA1M_D; - tmps[gid].dgst[0][4] = SHA1M_E; + tmps[gid].dgst[0] = SHA1M_A; + tmps[gid].dgst[1] = SHA1M_B; + tmps[gid].dgst[2] = SHA1M_C; + tmps[gid].dgst[3] = SHA1M_D; + tmps[gid].dgst[4] = SHA1M_E; - /** - * context save - */ + // store pass and salt in tmps: - sha1_ctx_t ctx; + const u32 pw_len = pws[gid].pw_len; - sha1_init (&ctx); + // first set the utf16le pass: + + u32 w[80] = { 0 }; + + for (u32 i = 0, j = 0, k = 0; i < pw_len; i += 16, j += 4, k += 8) + { + u32 a[4]; + + a[0] = pws[gid].i[j + 0]; + a[1] = pws[gid].i[j + 1]; + a[2] = pws[gid].i[j + 2]; + a[3] = pws[gid].i[j + 3]; + + u32 b[4]; + u32 c[4]; + + make_utf16le (a, b, c); + + w[k + 0] = hc_swap32_S (b[0]); + w[k + 1] = hc_swap32_S (b[1]); + w[k + 2] = hc_swap32_S (b[2]); + w[k + 3] = hc_swap32_S (b[3]); + w[k + 4] = hc_swap32_S (c[0]); + w[k + 5] = hc_swap32_S (c[1]); + w[k + 6] = hc_swap32_S (c[2]); + w[k + 7] = hc_swap32_S (c[3]); + } + + // append salt: + + const u32 salt_idx = (pw_len * 2) / 4; + const u32 salt_off = (pw_len * 2) & 3; + + u32 salt_buf[3]; + + salt_buf[0] = hc_swap32_S (salt_bufs[salt_pos].salt_buf[0]); // swap needed due to -O kernel + salt_buf[1] = hc_swap32_S (salt_bufs[salt_pos].salt_buf[1]); + salt_buf[2] = 0; + + // switch buffer by offset (can only be 0 or 2 because of utf16): + + if (salt_off == 2) // or just: if (salt_off) + { + salt_buf[2] = (salt_buf[1] << 16); + salt_buf[1] = (salt_buf[1] >> 16) | (salt_buf[0] << 16); + salt_buf[0] = (salt_buf[0] >> 16); + } + + w[salt_idx] |= salt_buf[0]; + + w[salt_idx + 1] = salt_buf[1]; + w[salt_idx + 2] = salt_buf[2]; + + // store initial w[] (pass and salt) in tmps: + + for (u32 i = 0; i < 66; i++) // unroll ? + { + tmps[gid].w[i] = w[i]; + } + + // iv: + + tmps[gid].iv[0] = 0; + tmps[gid].iv[1] = 0; + tmps[gid].iv[2] = 0; + tmps[gid].iv[3] = 0; } KERNEL_FQ void m12500_loop (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t)) @@ -175,62 +855,106 @@ KERNEL_FQ void m12500_loop (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t)) const u32 pw_len = pws[gid].pw_len; - u32 w[64] = { 0 }; + const u32 salt_len = 8; + + const u32 pw_salt_len = (pw_len * 2) + salt_len; + + const u32 p3 = pw_salt_len + 3; - for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + u32 w[80] = { 0 }; // 64 byte aligned + + for (u32 i = 0; i < 66; i++) // unroll ? { - w[idx] = pws[gid].i[idx]; + w[i] = tmps[gid].w[i]; } - u32 salt_buf[16]; - - salt_buf[ 0] = salt_bufs[salt_pos].salt_buf[0]; - salt_buf[ 1] = salt_bufs[salt_pos].salt_buf[1]; - salt_buf[ 2] = 0; - salt_buf[ 3] = 0; - salt_buf[ 4] = 0; - salt_buf[ 5] = 0; - salt_buf[ 6] = 0; - salt_buf[ 7] = 0; - salt_buf[ 8] = 0; - salt_buf[ 9] = 0; - salt_buf[10] = 0; - salt_buf[11] = 0; - salt_buf[12] = 0; - salt_buf[13] = 0; - salt_buf[14] = 0; - salt_buf[15] = 0; - - const u32 salt_len = 8; + // update IV: const u32 init_pos = loop_pos / (ROUNDS / 16); + sha1_ctx_t ctx_iv; + + sha1_init (&ctx_iv); + + ctx_iv.h[0] = tmps[gid].dgst[0]; + ctx_iv.h[1] = tmps[gid].dgst[1]; + ctx_iv.h[2] = tmps[gid].dgst[2]; + ctx_iv.h[3] = tmps[gid].dgst[3]; + ctx_iv.h[4] = tmps[gid].dgst[4]; + + ctx_iv.len = loop_pos * p3; + + sha1_update_rar29 (&ctx_iv, w, pw_salt_len); + + memcat8c_be (ctx_iv.w0, ctx_iv.w1, ctx_iv.w2, ctx_iv.w3, ctx_iv.len, hc_swap32_S (loop_pos), ctx_iv.h); + + ctx_iv.len += 3; + + + // copy the context from ctx_iv to ctx: + sha1_ctx_t ctx; - sha1_init (&ctx); + ctx.h[0] = ctx_iv.h[0]; + ctx.h[1] = ctx_iv.h[1]; + ctx.h[2] = ctx_iv.h[2]; + ctx.h[3] = ctx_iv.h[3]; + ctx.h[4] = ctx_iv.h[4]; - ctx.h[0] = tmps[gid].dgst[init_pos][0]; - ctx.h[1] = tmps[gid].dgst[init_pos][1]; - ctx.h[2] = tmps[gid].dgst[init_pos][2]; - ctx.h[3] = tmps[gid].dgst[init_pos][3]; - ctx.h[4] = tmps[gid].dgst[init_pos][4]; + ctx.w0[0] = ctx_iv.w0[0]; + ctx.w0[1] = ctx_iv.w0[1]; + ctx.w0[2] = ctx_iv.w0[2]; + ctx.w0[3] = ctx_iv.w0[3]; - for (u32 i = 0, j = loop_pos; i < 16384; i++, j++) - { - sha1_update_utf16le_swap (&ctx, w, pw_len); + ctx.w1[0] = ctx_iv.w1[0]; + ctx.w1[1] = ctx_iv.w1[1]; + ctx.w1[2] = ctx_iv.w1[2]; + ctx.w1[3] = ctx_iv.w1[3]; + + ctx.w2[0] = ctx_iv.w2[0]; + ctx.w2[1] = ctx_iv.w2[1]; + ctx.w2[2] = ctx_iv.w2[2]; + ctx.w2[3] = ctx_iv.w2[3]; + + ctx.w3[0] = ctx_iv.w3[0]; + ctx.w3[1] = ctx_iv.w3[1]; + ctx.w3[2] = ctx_iv.w3[2]; + ctx.w3[3] = ctx_iv.w3[3]; + + ctx.len = p3; // or ctx_iv.len ? + + // final () for the IV byte: + + sha1_final (&ctx_iv); - sha1_update_swap (&ctx, salt_buf, salt_len); + const u32 iv_idx = init_pos / 4; + const u32 iv_off = init_pos & 3; + + tmps[gid].iv[iv_idx] |= (ctx_iv.h[4] & 0xff) << (iv_off << 3); + + // main loop: + + for (u32 i = 0, j = (loop_pos + 1); i < 16383; i++, j++) + { + sha1_update_rar29 (&ctx, w, pw_salt_len); memcat8c_be (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.len, hc_swap32_S (j), ctx.h); ctx.len += 3; } - tmps[gid].dgst[init_pos + 1][0] = ctx.h[0]; - tmps[gid].dgst[init_pos + 1][1] = ctx.h[1]; - tmps[gid].dgst[init_pos + 1][2] = ctx.h[2]; - tmps[gid].dgst[init_pos + 1][3] = ctx.h[3]; - tmps[gid].dgst[init_pos + 1][4] = ctx.h[4]; + tmps[gid].dgst[0] = ctx.h[0]; + tmps[gid].dgst[1] = ctx.h[1]; + tmps[gid].dgst[2] = ctx.h[2]; + tmps[gid].dgst[3] = ctx.h[3]; + tmps[gid].dgst[4] = ctx.h[4]; + + // only needed if pw_len > 28: + + for (u32 i = 0; i < 66; i++) // unroll ? + { + tmps[gid].w[i] = w[i]; + } } KERNEL_FQ void m12500_comp (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t)) @@ -298,43 +1022,19 @@ KERNEL_FQ void m12500_comp (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t)) const u32 pw_len = pws[gid].pw_len; - u32 w[64] = { 0 }; - - for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) - { - w[idx] = pws[gid].i[idx]; - } - - u32 salt_buf[16]; - - salt_buf[ 0] = salt_bufs[salt_pos].salt_buf[0]; - salt_buf[ 1] = salt_bufs[salt_pos].salt_buf[1]; - salt_buf[ 2] = 0; - salt_buf[ 3] = 0; - salt_buf[ 4] = 0; - salt_buf[ 5] = 0; - salt_buf[ 6] = 0; - salt_buf[ 7] = 0; - salt_buf[ 8] = 0; - salt_buf[ 9] = 0; - salt_buf[10] = 0; - salt_buf[11] = 0; - salt_buf[12] = 0; - salt_buf[13] = 0; - salt_buf[14] = 0; - salt_buf[15] = 0; - const u32 salt_len = 8; - const u32 p3 = (pw_len * 2) + salt_len + 3; + const u32 pw_salt_len = (pw_len * 2) + salt_len; + + const u32 p3 = pw_salt_len + 3; u32 h[5]; - h[0] = tmps[gid].dgst[16][0]; - h[1] = tmps[gid].dgst[16][1]; - h[2] = tmps[gid].dgst[16][2]; - h[3] = tmps[gid].dgst[16][3]; - h[4] = tmps[gid].dgst[16][4]; + h[0] = tmps[gid].dgst[0]; + h[1] = tmps[gid].dgst[1]; + h[2] = tmps[gid].dgst[2]; + h[3] = tmps[gid].dgst[3]; + h[4] = tmps[gid].dgst[4]; u32 w0[4]; u32 w1[4]; @@ -382,46 +1082,13 @@ KERNEL_FQ void m12500_comp (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t)) AES128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); - u32 iv[4]; + u32 iv[2]; - iv[0] = 0; - iv[1] = 0; - iv[2] = 0; - iv[3] = 0; - - for (int i = 0; i < 16; i++) - { - sha1_ctx_t ctx; - - sha1_init (&ctx); - - ctx.h[0] = tmps[gid].dgst[i][0]; - ctx.h[1] = tmps[gid].dgst[i][1]; - ctx.h[2] = tmps[gid].dgst[i][2]; - ctx.h[3] = tmps[gid].dgst[i][3]; - ctx.h[4] = tmps[gid].dgst[i][4]; - - const u32 iter_pos = i * (ROUNDS / 16); - - ctx.len = iter_pos * p3; - - sha1_update_utf16le_swap (&ctx, w, pw_len); - - sha1_update_swap (&ctx, salt_buf, salt_len); - - memcat8c_be (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.len, hc_swap32_S (iter_pos), ctx.h); - - ctx.len += 3; - - sha1_final (&ctx); - - PUTCHAR (iv, i, ctx.h[4] & 0xff); - } + iv[0] = tmps[gid].iv[0]; + iv[1] = tmps[gid].iv[1]; out[0] ^= hc_swap32_S (iv[0]); out[1] ^= hc_swap32_S (iv[1]); - out[2] ^= hc_swap32_S (iv[2]); - out[3] ^= hc_swap32_S (iv[3]); const u32 r0 = out[0]; const u32 r1 = out[1]; diff --git a/docs/changes.txt b/docs/changes.txt index afdd8b716..20e930f62 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -85,6 +85,7 @@ - Fixed cracking of Cisco-PIX and Cisco-ASA MD5 passwords in mask-attack mode if mask > length 16 - Fixed cracking of Electrum Wallet Salt-Type 2 hashes - Fixed cracking of NetNTLMv1 passwords in mask-attack mode if mask > length 16 (optimized kernels only) +- Fixed cracking of RAR3-hp hashes with passwords longer than 28 bytes with pure kernel - Fixed cracking of VeraCrypt Streebog-512 hashes (CPU only) - Fixed cracking raw Streebog-HMAC 256 and 512 hashes with password of length >= 64 - Fixed cracking raw Whirlpool hashes cracking with password of length >= 32 diff --git a/src/modules/module_12500.c b/src/modules/module_12500.c index 6e5c46635..45540e0d4 100644 --- a/src/modules/module_12500.c +++ b/src/modules/module_12500.c @@ -42,16 +42,33 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, typedef struct rar3_tmp { - u32 dgst[17][5]; + u32 dgst[5]; + + u32 w[66]; // 256 byte pass + 8 byte salt + + u32 iv[4]; } rar3_tmp_t; +typedef struct rar3_tmp_optimized +{ + u32 dgst[17][5]; + +} rar3_tmp_optimized_t; + static const int ROUNDS_RAR3 = 262144; static const char *SIGNATURE_RAR3 = "$RAR3$"; u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { - const u64 tmp_size = (const u64) sizeof (rar3_tmp_t); + const bool optimized_kernel = (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL); + + u64 tmp_size = (u64) sizeof (rar3_tmp_t); + + if (optimized_kernel == true) + { + tmp_size = (u64) sizeof (rar3_tmp_optimized_t); + } return tmp_size; } @@ -74,7 +91,7 @@ u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED con { const bool optimized_kernel = (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL); - u32 pw_max = PW_MAX; + u32 pw_max = 127; if (optimized_kernel == true) { diff --git a/tools/test_modules/m12500.pm b/tools/test_modules/m12500.pm new file mode 100644 index 000000000..155683a15 --- /dev/null +++ b/tools/test_modules/m12500.pm @@ -0,0 +1,405 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA; +use Crypt::CBC; +use Encode; + +sub module_constraints { [[0, 127], [8, 8], [0, 20], [8, 8], [-1, -1]] } + +my $ITERATIONS = 0x40000; + +my $FIXED_RAW_STRING = pack ("H*", "c43d7b00400700000000000000000000"); + +my $SHA1C00 = 0x5a827999; +my $SHA1C01 = 0x6ed9eba1; +my $SHA1C02 = 0x8f1bbcdc; +my $SHA1C03 = 0xca62c1d6; + +my $SHA1M_A = 0x67452301; +my $SHA1M_B = 0xefcdab89; +my $SHA1M_C = 0x98badcfe; +my $SHA1M_D = 0x10325476; +my $SHA1M_E = 0xc3d2e1f0; + +sub rotl32 +{ + my $x = shift; + my $n = shift; + + return (($x << $n) | ($x >> (32 - $n))) & 0xffffffff; +} + +sub blk +{ + my $b = shift; + my $i = shift; + + $$b[$i & 15] = rotl32 ($$b[($i + 13) & 15] ^ + $$b[($i + 8) & 15] ^ + $$b[($i + 2) & 15] ^ + $$b[($i + 0) & 15], 1); + + return $$b[$i & 15]; +} + +sub R0 +{ + my ($b, $v, $w, $x, $y, $z, $i) = @_; + + $$b[$i] = unpack ("L<", pack ("L>", $$b[$i])); # blk0 or just swap_byte32 () + + $z += (($w & ($x ^ $y)) ^ $y) + $$b[$i] + $SHA1C00 + rotl32 ($v, 5); + + $z &= 0xffffffff; + + $w = rotl32 ($w, 30); + + return ($z, $w); +} + +sub R1 +{ + my ($b, $v, $w, $x, $y, $z, $i) = @_; + + $z += (($w & ($x ^ $y)) ^ $y) + blk ($b, $i) + $SHA1C00 + rotl32 ($v, 5); + + $z &= 0xffffffff; + + $w = rotl32 ($w, 30); + + return ($z, $w); +} + +sub R2 +{ + my ($b, $v, $w, $x, $y, $z, $i) = @_; + + $z += ($w ^ $x ^ $y) + blk ($b, $i) + $SHA1C01 + rotl32 ($v, 5); + + $z &= 0xffffffff; + + $w = rotl32 ($w, 30); + + return ($z, $w); +} + +sub R3 +{ + my ($b, $v, $w, $x, $y, $z, $i) = @_; + + $z += ((($w | $x) & $y) | ($w & $x)) + blk ($b, $i) + $SHA1C02 + rotl32 ($v, 5); + + $z &= 0xffffffff; + + $w = rotl32 ($w, 30); + + return ($z, $w); +} + +sub R4 +{ + my ($b, $v, $w, $x, $y, $z, $i) = @_; + + $z += ($w ^ $x ^ $y) + blk ($b, $i) + $SHA1C03 + rotl32 ($v, 5); + + $z &= 0xffffffff; + + $w = rotl32 ($w, 30); + + return ($z, $w); +} + +sub sha1_transform +{ + my ($state, $buffer) = @_; + + my @block = unpack ("L<*", $$buffer); + + my $a = $$state[0]; + my $b = $$state[1]; + my $c = $$state[2]; + my $d = $$state[3]; + my $e = $$state[4]; + + ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 0); + ($d, $a) = R0 (\@block, $e, $a, $b, $c, $d, 1); + ($c, $e) = R0 (\@block, $d, $e, $a, $b, $c, 2); + ($b, $d) = R0 (\@block, $c, $d, $e, $a, $b, 3); + + ($a, $c) = R0 (\@block, $b, $c, $d, $e, $a, 4); + ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 5); + ($d, $a) = R0 (\@block, $e, $a, $b, $c, $d, 6); + ($c, $e) = R0 (\@block, $d, $e, $a, $b, $c, 7); + + ($b, $d) = R0 (\@block, $c, $d, $e, $a, $b, 8); + ($a, $c) = R0 (\@block, $b, $c, $d, $e, $a, 9); + ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 10); + ($d, $a) = R0 (\@block, $e, $a, $b, $c, $d, 11); + + ($c, $e) = R0 (\@block, $d, $e, $a, $b, $c, 12); + ($b, $d) = R0 (\@block, $c, $d, $e, $a, $b, 13); + ($a, $c) = R0 (\@block, $b, $c, $d, $e, $a, 14); + ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 15); + + ($d, $a) = R1 (\@block, $e, $a, $b, $c, $d, 16); + ($c, $e) = R1 (\@block, $d, $e, $a, $b, $c, 17); + ($b, $d) = R1 (\@block, $c, $d, $e, $a, $b, 18); + ($a, $c) = R1 (\@block, $b, $c, $d, $e, $a, 19); + + ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 20); + ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 21); + ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 22); + ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 23); + + ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 24); + ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 25); + ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 26); + ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 27); + + ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 28); + ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 29); + ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 30); + ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 31); + + ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 32); + ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 33); + ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 34); + ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 35); + + ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 36); + ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 37); + ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 38); + ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 39); + + ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 40); + ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 41); + ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 42); + ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 43); + + ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 44); + ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 45); + ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 46); + ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 47); + + ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 48); + ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 49); + ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 50); + ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 51); + + ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 52); + ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 53); + ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 54); + ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 55); + + ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 56); + ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 57); + ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 58); + ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 59); + + ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 60); + ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 61); + ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 62); + ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 63); + + ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 64); + ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 65); + ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 66); + ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 67); + + ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 68); + ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 69); + ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 70); + ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 71); + + ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 72); + ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 73); + ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 74); + ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 75); + + ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 76); + ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 77); + ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 78); + ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 79); + + $$state[0] = ($$state[0] + $a) & 0xffffffff; + $$state[1] = ($$state[1] + $b) & 0xffffffff; + $$state[2] = ($$state[2] + $c) & 0xffffffff; + $$state[3] = ($$state[3] + $d) & 0xffffffff; + $$state[4] = ($$state[4] + $e) & 0xffffffff; + + $$buffer = pack ("L<*", @block); +} + +sub sha1_getstate +{ + my $ctx = shift; + + my $info = $ctx->getstate; + + # state: + + my $idx = index ($info, "H:"); + + my $state = substr ($info, $idx + 2, 44); + + $state =~ s/://g; + + my @state_arr = unpack ("L>*", pack ("H*", $state)); + + # block: + + $idx = index ($info, "block:"); + + my $block = substr ($info, $idx + 6, 191); + + $block =~ s/://g; + + $block = pack ("H*", $block); + + + return (\@state_arr, $block); +} + +sub sha1_update_rar29 +{ + my $ctx = shift; + my $data = shift; + my $len = shift; + my $count = shift; + + my $ctx_orig = $ctx->clone; + + $ctx->add ($$data); + + + # two early exits from this function, if (strange data) manipulation is not needed: + + my $j = $count & 63; + + return if (($j + $len) <= 63); + + + my $i = 64 - $j; + + return if (($i + 63) >= $len); + + + # proceed with updating $data: + + my ($state, $block) = sha1_getstate ($ctx_orig); + + + substr ($block, $j, $i) = substr ($$data, 0, $i); + + sha1_transform ($state, \$block); + + + while (($i + 63) < $len) + { + my $workspace = substr ($$data, $i, 64); + + sha1_transform ($state, \$workspace); + + substr ($$data, $i, 64) = $workspace; + + $i += 64; + } +} + +sub module_generate_hash +{ + my $pass = shift; + my $salt = shift; + + # convert to utf16le: + + my $buf = encode ("UTF-16LE", $pass); + + # add the salt to the password buffer: + + $buf .= $salt; + + my $len = length ($buf); + + my $count = 0; + + my $ctx = Digest::SHA->new ('SHA1'); + + my $iv = ""; + + # main loop: + + for (my $i = 0; $i < $ITERATIONS; $i++) + { + sha1_update_rar29 ($ctx, \$buf, $len, $count); + + $count += $len; + + my $pos = substr (pack ("L<", $i), 0, 3); + + $ctx->add ($pos); + + $count += 3; + + if (($i & 0x3fff) == 0) + { + my $dgst = $ctx->clone->digest; + + $iv .= substr ($dgst, 19, 1); + } + } + + my $k = $ctx->digest; + + $k = pack ("L<*", unpack ("L>4", $k)); # byte swap the first 4 * 4 = 16 bytes + + my $aes = Crypt::CBC->new ( + -cipher => "Crypt::Rijndael", + -key => $k, + -iv => $iv, + -keysize => 16, + -literal_key => 1, + -header => 'none'); + + my $hash = $aes->encrypt ($FIXED_RAW_STRING); + + return sprintf ("\$RAR3\$*0*%s*%s", unpack ("H*", $salt), unpack ("H*", substr ($hash, 0, 16))); +} + +sub module_verify_hash +{ + my $line = shift; + + my $idx = index ($line, ':'); + + return if ($idx < 1); + + my $hash = substr ($line, 0, $idx); + my $word = substr ($line, $idx + 1); + + return if (substr ($hash, 0, 9) ne "\$RAR3\$*0*"); + + $idx = index ($hash, '*', 9); + + return if ($idx < 1); + + my $salt = substr ($hash, 9, $idx - 9); + + $salt = pack ("H*", $salt); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt); + + return ($new_hash, $word); +} + +1; From 84d3981e7b6bc4efe3c1bcbaa6f4198f4c523204 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 27 May 2020 15:23:02 +0200 Subject: [PATCH 07/19] Add returncode PARSER_HAVE_ERRNO as a valid returncode from module_hash_binary_count() and module_hash_binary_parse() module hooks. You can use this in case fopen() fails and you want to transport back the original error from the OS --- include/types.h | 1 + src/hashes.c | 19 +++++++++++++++---- src/modules/module_02500.c | 4 ++-- src/modules/module_02501.c | 4 ++-- src/modules/module_06211.c | 2 +- src/modules/module_06212.c | 2 +- src/modules/module_06213.c | 2 +- src/modules/module_06221.c | 2 +- src/modules/module_06222.c | 2 +- src/modules/module_06223.c | 2 +- src/modules/module_06231.c | 2 +- src/modules/module_06232.c | 2 +- src/modules/module_06233.c | 2 +- src/modules/module_06241.c | 2 +- src/modules/module_06242.c | 2 +- src/modules/module_06243.c | 2 +- src/modules/module_13711.c | 2 +- src/modules/module_13712.c | 2 +- src/modules/module_13713.c | 2 +- src/modules/module_13721.c | 2 +- src/modules/module_13722.c | 2 +- src/modules/module_13723.c | 2 +- src/modules/module_13731.c | 2 +- src/modules/module_13732.c | 2 +- src/modules/module_13733.c | 2 +- src/modules/module_13741.c | 2 +- src/modules/module_13742.c | 2 +- src/modules/module_13743.c | 2 +- src/modules/module_13751.c | 2 +- src/modules/module_13752.c | 2 +- src/modules/module_13753.c | 2 +- src/modules/module_13761.c | 2 +- src/modules/module_13762.c | 2 +- src/modules/module_13763.c | 2 +- src/modules/module_13771.c | 2 +- src/modules/module_13772.c | 2 +- src/modules/module_13773.c | 2 +- src/modules/module_14600.c | 2 +- src/modules/module_22000.c | 4 ++-- src/modules/module_22001.c | 4 ++-- 40 files changed, 58 insertions(+), 46 deletions(-) diff --git a/include/types.h b/include/types.h index b610b46fa..2dc786fdb 100644 --- a/include/types.h +++ b/include/types.h @@ -539,6 +539,7 @@ typedef enum parser_rc PARSER_BLOCK_SIZE = -39, PARSER_CIPHER = -40, PARSER_FILE_SIZE = -41, + PARSER_HAVE_ERRNO = -100, PARSER_UNKNOWN_ERROR = -255 } parser_rc_t; diff --git a/src/hashes.c b/src/hashes.c index ab1d7c692..86f9740ab 100644 --- a/src/hashes.c +++ b/src/hashes.c @@ -735,21 +735,28 @@ int hashes_init_stage1 (hashcat_ctx_t *hashcat_ctx) { const int binary_count = module_ctx->module_hash_binary_count (hashes); - if (binary_count == 0) + if (binary_count > 0) + { + hashes_avail = binary_count; + } + else if (binary_count == 0) { event_log_error (hashcat_ctx, "No hashes loaded."); return -1; } - - if (binary_count == -1) + else if (binary_count == PARSER_HAVE_ERRNO) { event_log_error (hashcat_ctx, "%s: %s", hashes->hashfile, strerror (errno)); return -1; } + else + { + event_log_error (hashcat_ctx, "%s: %s", hashes->hashfile, strerror (binary_count)); - hashes_avail = binary_count; + return -1; + } } else { @@ -1289,6 +1296,10 @@ int hashes_init_stage1 (hashcat_ctx_t *hashcat_ctx) hashes_cnt = hashes_parsed; } else if (hashes_parsed == 0) + { + event_log_warning (hashcat_ctx, "No hashes loaded."); + } + else if (hashes_parsed == PARSER_HAVE_ERRNO) { event_log_warning (hashcat_ctx, "Hashfile '%s': %s", hashes->hashfile, strerror (errno)); } diff --git a/src/modules/module_02500.c b/src/modules/module_02500.c index 753636dc1..5ae58066e 100644 --- a/src/modules/module_02500.c +++ b/src/modules/module_02500.c @@ -376,7 +376,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return -1; + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); char *in = (char *) hcmalloc (sizeof (hccapx_t)); @@ -467,7 +467,7 @@ int module_hash_binary_count (MAYBE_UNUSED const hashes_t *hashes) { struct stat st; - if (stat (hashes->hashfile, &st) == -1) return -1; + if (stat (hashes->hashfile, &st) == -1) return (PARSER_HAVE_ERRNO); return st.st_size / sizeof (hccapx_t); } diff --git a/src/modules/module_02501.c b/src/modules/module_02501.c index 41aa86acd..0a5f349f8 100644 --- a/src/modules/module_02501.c +++ b/src/modules/module_02501.c @@ -351,7 +351,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return -1; + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); char *in = (char *) hcmalloc (sizeof (hccapx_t)); @@ -442,7 +442,7 @@ int module_hash_binary_count (MAYBE_UNUSED const hashes_t *hashes) { struct stat st; - if (stat (hashes->hashfile, &st) == -1) return -1; + if (stat (hashes->hashfile, &st) == -1) return (PARSER_HAVE_ERRNO); return st.st_size / sizeof (hccapx_t); } diff --git a/src/modules/module_06211.c b/src/modules/module_06211.c index ef63c4be4..72906e846 100644 --- a/src/modules/module_06211.c +++ b/src/modules/module_06211.c @@ -155,7 +155,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06212.c b/src/modules/module_06212.c index a2f6fc4bf..e6834511d 100644 --- a/src/modules/module_06212.c +++ b/src/modules/module_06212.c @@ -155,7 +155,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06213.c b/src/modules/module_06213.c index 0cdbd43c5..dd866e6c4 100644 --- a/src/modules/module_06213.c +++ b/src/modules/module_06213.c @@ -153,7 +153,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06221.c b/src/modules/module_06221.c index 2744b6b37..b2131313d 100644 --- a/src/modules/module_06221.c +++ b/src/modules/module_06221.c @@ -137,7 +137,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06222.c b/src/modules/module_06222.c index d4314e47f..099b3e0e5 100644 --- a/src/modules/module_06222.c +++ b/src/modules/module_06222.c @@ -137,7 +137,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06223.c b/src/modules/module_06223.c index ec19b3c56..a26dac667 100644 --- a/src/modules/module_06223.c +++ b/src/modules/module_06223.c @@ -135,7 +135,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06231.c b/src/modules/module_06231.c index e86e09b69..7e59b30e0 100644 --- a/src/modules/module_06231.c +++ b/src/modules/module_06231.c @@ -136,7 +136,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06232.c b/src/modules/module_06232.c index 847c2c3e9..fc0124c3c 100644 --- a/src/modules/module_06232.c +++ b/src/modules/module_06232.c @@ -136,7 +136,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06233.c b/src/modules/module_06233.c index 080976adf..0e88e15b6 100644 --- a/src/modules/module_06233.c +++ b/src/modules/module_06233.c @@ -136,7 +136,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06241.c b/src/modules/module_06241.c index 4ff957c71..3ffb6fe9f 100644 --- a/src/modules/module_06241.c +++ b/src/modules/module_06241.c @@ -149,7 +149,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06242.c b/src/modules/module_06242.c index 048df78b1..98b081416 100644 --- a/src/modules/module_06242.c +++ b/src/modules/module_06242.c @@ -149,7 +149,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_06243.c b/src/modules/module_06243.c index 2ee532815..af318305a 100644 --- a/src/modules/module_06243.c +++ b/src/modules/module_06243.c @@ -149,7 +149,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define TC_HEADER_SIZE 512 diff --git a/src/modules/module_13711.c b/src/modules/module_13711.c index 2096bd458..037bd5940 100644 --- a/src/modules/module_13711.c +++ b/src/modules/module_13711.c @@ -165,7 +165,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13712.c b/src/modules/module_13712.c index 8a5f1cf13..5a8465ced 100644 --- a/src/modules/module_13712.c +++ b/src/modules/module_13712.c @@ -165,7 +165,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13713.c b/src/modules/module_13713.c index 7a5360837..589be1f66 100644 --- a/src/modules/module_13713.c +++ b/src/modules/module_13713.c @@ -165,7 +165,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13721.c b/src/modules/module_13721.c index 9680018f1..c5f375352 100644 --- a/src/modules/module_13721.c +++ b/src/modules/module_13721.c @@ -166,7 +166,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13722.c b/src/modules/module_13722.c index 88b7c0862..b17e22383 100644 --- a/src/modules/module_13722.c +++ b/src/modules/module_13722.c @@ -166,7 +166,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13723.c b/src/modules/module_13723.c index bf90814ed..675db5514 100644 --- a/src/modules/module_13723.c +++ b/src/modules/module_13723.c @@ -166,7 +166,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13731.c b/src/modules/module_13731.c index ab2885331..4eb6b39c5 100644 --- a/src/modules/module_13731.c +++ b/src/modules/module_13731.c @@ -165,7 +165,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13732.c b/src/modules/module_13732.c index 7ba12cfca..3b84699dd 100644 --- a/src/modules/module_13732.c +++ b/src/modules/module_13732.c @@ -165,7 +165,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13733.c b/src/modules/module_13733.c index 2dfac5939..b74eb5d0b 100644 --- a/src/modules/module_13733.c +++ b/src/modules/module_13733.c @@ -165,7 +165,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13741.c b/src/modules/module_13741.c index e819dc268..c75b54c25 100644 --- a/src/modules/module_13741.c +++ b/src/modules/module_13741.c @@ -167,7 +167,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13742.c b/src/modules/module_13742.c index 42f09c216..c4f4c8165 100644 --- a/src/modules/module_13742.c +++ b/src/modules/module_13742.c @@ -167,7 +167,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13743.c b/src/modules/module_13743.c index 0c3e07a8b..2b64b8c3c 100644 --- a/src/modules/module_13743.c +++ b/src/modules/module_13743.c @@ -167,7 +167,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13751.c b/src/modules/module_13751.c index df3dab805..db59b7da4 100644 --- a/src/modules/module_13751.c +++ b/src/modules/module_13751.c @@ -184,7 +184,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13752.c b/src/modules/module_13752.c index c2675a0e1..24a542653 100644 --- a/src/modules/module_13752.c +++ b/src/modules/module_13752.c @@ -184,7 +184,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13753.c b/src/modules/module_13753.c index df061adce..8617b90ab 100644 --- a/src/modules/module_13753.c +++ b/src/modules/module_13753.c @@ -184,7 +184,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13761.c b/src/modules/module_13761.c index d121c9928..dd3385d3d 100644 --- a/src/modules/module_13761.c +++ b/src/modules/module_13761.c @@ -186,7 +186,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13762.c b/src/modules/module_13762.c index a772f9180..3c4376e88 100644 --- a/src/modules/module_13762.c +++ b/src/modules/module_13762.c @@ -186,7 +186,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13763.c b/src/modules/module_13763.c index 885e9c1c6..9e1e94fd0 100644 --- a/src/modules/module_13763.c +++ b/src/modules/module_13763.c @@ -186,7 +186,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13771.c b/src/modules/module_13771.c index 21ab8fc58..390477186 100644 --- a/src/modules/module_13771.c +++ b/src/modules/module_13771.c @@ -169,7 +169,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13772.c b/src/modules/module_13772.c index ce9a1edd8..458091fe4 100644 --- a/src/modules/module_13772.c +++ b/src/modules/module_13772.c @@ -169,7 +169,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_13773.c b/src/modules/module_13773.c index ed658c123..5d3f58c25 100644 --- a/src/modules/module_13773.c +++ b/src/modules/module_13773.c @@ -169,7 +169,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); #define VC_HEADER_SIZE 512 diff --git a/src/modules/module_14600.c b/src/modules/module_14600.c index f506ef58a..4affa0e49 100644 --- a/src/modules/module_14600.c +++ b/src/modules/module_14600.c @@ -377,7 +377,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE HCFILE fp; - if (hc_fopen (&fp, (const char *) line_buf, "rb") == false) return (PARSER_HASH_FILE); + if (hc_fopen (&fp, (const char *) line_buf, "rb") == false) return (PARSER_HAVE_ERRNO); struct luks_phdr hdr; diff --git a/src/modules/module_22000.c b/src/modules/module_22000.c index b914157e4..32b9b5ffe 100644 --- a/src/modules/module_22000.c +++ b/src/modules/module_22000.c @@ -171,7 +171,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return -1; + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); const bool r = is_hccapx (&fp); @@ -258,7 +258,7 @@ int module_hash_binary_count (MAYBE_UNUSED const hashes_t *hashes) HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return -1; + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); const bool r = is_hccapx (&fp); diff --git a/src/modules/module_22001.c b/src/modules/module_22001.c index 9a3465266..7937d5211 100644 --- a/src/modules/module_22001.c +++ b/src/modules/module_22001.c @@ -172,7 +172,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return -1; + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); const bool r = is_hccapx (&fp); @@ -259,7 +259,7 @@ int module_hash_binary_count (MAYBE_UNUSED const hashes_t *hashes) HCFILE fp; - if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return -1; + if (hc_fopen (&fp, hashes->hashfile, "rb") == false) return (PARSER_HAVE_ERRNO); const bool r = is_hccapx (&fp); From 6c0dc7493e83b9b11a2d2c98e15af04af0dc4875 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Fri, 29 May 2020 11:19:49 +0200 Subject: [PATCH 08/19] Fix modules where salt->salt_buf[] is used but salt->salt_len was not set --- src/modules/module_14000.c | 2 ++ src/modules/module_14100.c | 2 ++ src/modules/module_19600.c | 2 ++ src/modules/module_19700.c | 2 ++ src/modules/module_19800.c | 2 ++ src/modules/module_19900.c | 2 ++ 6 files changed, 12 insertions(+) diff --git a/src/modules/module_14000.c b/src/modules/module_14000.c index e2dabbed1..8ccf0cdc3 100644 --- a/src/modules/module_14000.c +++ b/src/modules/module_14000.c @@ -178,6 +178,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt->salt_buf[2] = 0; salt->salt_buf[3] = 0; + salt->salt_len = 8; + salt->salt_buf_pc[0] = salt->salt_buf[0]; salt->salt_buf_pc[1] = salt->salt_buf[1]; diff --git a/src/modules/module_14100.c b/src/modules/module_14100.c index 3449b6844..77ffe0a61 100644 --- a/src/modules/module_14100.c +++ b/src/modules/module_14100.c @@ -139,6 +139,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt->salt_buf[2] = 0; salt->salt_buf[3] = 0; + salt->salt_len = 8; + salt->salt_buf_pc[0] = salt->salt_buf[0]; salt->salt_buf_pc[1] = salt->salt_buf[1]; diff --git a/src/modules/module_19600.c b/src/modules/module_19600.c index a96be303b..5f686a5be 100644 --- a/src/modules/module_19600.c +++ b/src/modules/module_19600.c @@ -242,6 +242,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt->salt_buf[1] = krb5tgs->checksum[1]; salt->salt_buf[2] = krb5tgs->checksum[2]; + salt->salt_len = 12; + salt->salt_iter = 4096 - 1; digest[0] = krb5tgs->checksum[0]; diff --git a/src/modules/module_19700.c b/src/modules/module_19700.c index 52a4c1ef3..f1602593d 100644 --- a/src/modules/module_19700.c +++ b/src/modules/module_19700.c @@ -242,6 +242,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt->salt_buf[1] = krb5tgs->checksum[1]; salt->salt_buf[2] = krb5tgs->checksum[2]; + salt->salt_len = 12; + salt->salt_iter = 4096 - 1; digest[0] = krb5tgs->checksum[0]; diff --git a/src/modules/module_19800.c b/src/modules/module_19800.c index 5d92c6fde..3bca20227 100644 --- a/src/modules/module_19800.c +++ b/src/modules/module_19800.c @@ -188,6 +188,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt->salt_buf[1] = krb5pa->checksum[1]; salt->salt_buf[2] = krb5pa->checksum[2]; + salt->salt_len = 12; + salt->salt_iter = 4096 - 1; digest[0] = krb5pa->checksum[0]; diff --git a/src/modules/module_19900.c b/src/modules/module_19900.c index 6e355c4ac..117887cb9 100644 --- a/src/modules/module_19900.c +++ b/src/modules/module_19900.c @@ -188,6 +188,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt->salt_buf[1] = krb5pa->checksum[1]; salt->salt_buf[2] = krb5pa->checksum[2]; + salt->salt_len = 12; + salt->salt_iter = 4096 - 1; digest[0] = krb5pa->checksum[0]; From ea6eab29f8839fd544c92f11c753a6b2cb2ab8a5 Mon Sep 17 00:00:00 2001 From: philsmd Date: Sun, 31 May 2020 10:30:19 +0200 Subject: [PATCH 09/19] added OpenCL kernel code for AES-192 --- OpenCL/inc_cipher_aes.cl | 449 +++++++++++++++++++++++++++++++++++++++ OpenCL/inc_cipher_aes.h | 10 + 2 files changed, 459 insertions(+) diff --git a/OpenCL/inc_cipher_aes.cl b/OpenCL/inc_cipher_aes.cl index 716addc39..ed98d58d9 100644 --- a/OpenCL/inc_cipher_aes.cl +++ b/OpenCL/inc_cipher_aes.cl @@ -1040,6 +1040,389 @@ DECLSPEC void aes128_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u out[3] = hc_swap32_S (out[3]); } +// 192 bit key + +DECLSPEC void aes192_ExpandKey (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3) +{ + ks[ 0] = ukey[0]; + ks[ 1] = ukey[1]; + ks[ 2] = ukey[2]; + ks[ 3] = ukey[3]; + ks[ 4] = ukey[4]; + ks[ 5] = ukey[5]; + ks[ 6] = ks[ 0] ^ 0x01000000 + ^ (s_te2[(ks[ 5] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[ 5] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[ 5] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[ 5] >> 24) & 0xff] & 0x000000ff); + ks[ 7] = ks[ 1] ^ ks[ 6]; + ks[ 8] = ks[ 2] ^ ks[ 7]; + ks[ 9] = ks[ 3] ^ ks[ 8]; + ks[10] = ks[ 4] ^ ks[ 9]; + ks[11] = ks[ 5] ^ ks[10]; + ks[12] = ks[ 6] ^ 0x02000000 + ^ (s_te2[(ks[11] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[11] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[11] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[11] >> 24) & 0xff] & 0x000000ff); + ks[13] = ks[ 7] ^ ks[12]; + ks[14] = ks[ 8] ^ ks[13]; + ks[15] = ks[ 9] ^ ks[14]; + ks[16] = ks[10] ^ ks[15]; + ks[17] = ks[11] ^ ks[16]; + ks[18] = ks[12] ^ 0x04000000 + ^ (s_te2[(ks[17] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[17] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[17] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[17] >> 24) & 0xff] & 0x000000ff); + ks[19] = ks[13] ^ ks[18]; + ks[20] = ks[14] ^ ks[19]; + ks[21] = ks[15] ^ ks[20]; + ks[22] = ks[16] ^ ks[21]; + ks[23] = ks[17] ^ ks[22]; + ks[24] = ks[18] ^ 0x08000000 + ^ (s_te2[(ks[23] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[23] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[23] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[23] >> 24) & 0xff] & 0x000000ff); + ks[25] = ks[19] ^ ks[24]; + ks[26] = ks[20] ^ ks[25]; + ks[27] = ks[21] ^ ks[26]; + ks[28] = ks[22] ^ ks[27]; + ks[29] = ks[23] ^ ks[28]; + ks[30] = ks[24] ^ 0x10000000 + ^ (s_te2[(ks[29] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[29] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[29] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[29] >> 24) & 0xff] & 0x000000ff); + ks[31] = ks[25] ^ ks[30]; + ks[32] = ks[26] ^ ks[31]; + ks[33] = ks[27] ^ ks[32]; + ks[34] = ks[28] ^ ks[33]; + ks[35] = ks[29] ^ ks[34]; + ks[36] = ks[30] ^ 0x20000000 + ^ (s_te2[(ks[35] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[35] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[35] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[35] >> 24) & 0xff] & 0x000000ff); + ks[37] = ks[31] ^ ks[36]; + ks[38] = ks[32] ^ ks[37]; + ks[39] = ks[33] ^ ks[38]; + ks[40] = ks[34] ^ ks[39]; + ks[41] = ks[35] ^ ks[40]; + ks[42] = ks[36] ^ 0x40000000 + ^ (s_te2[(ks[41] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[41] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[41] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[41] >> 24) & 0xff] & 0x000000ff); + ks[43] = ks[37] ^ ks[42]; + ks[44] = ks[38] ^ ks[43]; + ks[45] = ks[39] ^ ks[44]; + ks[46] = ks[40] ^ ks[45]; + ks[47] = ks[41] ^ ks[46]; + ks[48] = ks[42] ^ 0x80000000 + ^ (s_te2[(ks[47] >> 16) & 0xff] & 0xff000000) + ^ (s_te3[(ks[47] >> 8) & 0xff] & 0x00ff0000) + ^ (s_te0[(ks[47] >> 0) & 0xff] & 0x0000ff00) + ^ (s_te1[(ks[47] >> 24) & 0xff] & 0x000000ff); + ks[49] = ks[43] ^ ks[48]; + ks[50] = ks[44] ^ ks[49]; + ks[51] = ks[45] ^ ks[50]; +} + +DECLSPEC void aes192_InvertKey (u32 *ks, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3) +{ + u32 temp; + + temp = ks[ 0]; ks[ 0] = ks[48]; ks[48] = temp; + temp = ks[ 1]; ks[ 1] = ks[49]; ks[49] = temp; + temp = ks[ 2]; ks[ 2] = ks[50]; ks[50] = temp; + temp = ks[ 3]; ks[ 3] = ks[51]; ks[51] = temp; + temp = ks[ 4]; ks[ 4] = ks[44]; ks[44] = temp; + temp = ks[ 5]; ks[ 5] = ks[45]; ks[45] = temp; + temp = ks[ 6]; ks[ 6] = ks[46]; ks[46] = temp; + temp = ks[ 7]; ks[ 7] = ks[47]; ks[47] = temp; + temp = ks[ 8]; ks[ 8] = ks[40]; ks[40] = temp; + temp = ks[ 9]; ks[ 9] = ks[41]; ks[41] = temp; + temp = ks[10]; ks[10] = ks[42]; ks[42] = temp; + temp = ks[11]; ks[11] = ks[43]; ks[43] = temp; + temp = ks[12]; ks[12] = ks[36]; ks[36] = temp; + temp = ks[13]; ks[13] = ks[37]; ks[37] = temp; + temp = ks[14]; ks[14] = ks[38]; ks[38] = temp; + temp = ks[15]; ks[15] = ks[39]; ks[39] = temp; + temp = ks[16]; ks[16] = ks[32]; ks[32] = temp; + temp = ks[17]; ks[17] = ks[33]; ks[33] = temp; + temp = ks[18]; ks[18] = ks[34]; ks[34] = temp; + temp = ks[19]; ks[19] = ks[35]; ks[35] = temp; + temp = ks[20]; ks[20] = ks[28]; ks[28] = temp; + temp = ks[21]; ks[21] = ks[29]; ks[29] = temp; + temp = ks[22]; ks[22] = ks[30]; ks[30] = temp; + temp = ks[23]; ks[23] = ks[31]; ks[31] = temp; + + ks[ 4] = s_td0[s_te1[(ks[ 4] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[ 4] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[ 4] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[ 4] >> 0) & 0xff] & 0xff]; + ks[ 5] = s_td0[s_te1[(ks[ 5] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[ 5] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[ 5] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[ 5] >> 0) & 0xff] & 0xff]; + ks[ 6] = s_td0[s_te1[(ks[ 6] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[ 6] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[ 6] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[ 6] >> 0) & 0xff] & 0xff]; + ks[ 7] = s_td0[s_te1[(ks[ 7] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[ 7] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[ 7] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[ 7] >> 0) & 0xff] & 0xff]; + ks[ 8] = s_td0[s_te1[(ks[ 8] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[ 8] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[ 8] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[ 8] >> 0) & 0xff] & 0xff]; + ks[ 9] = s_td0[s_te1[(ks[ 9] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[ 9] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[ 9] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[ 9] >> 0) & 0xff] & 0xff]; + ks[10] = s_td0[s_te1[(ks[10] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[10] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[10] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[10] >> 0) & 0xff] & 0xff]; + ks[11] = s_td0[s_te1[(ks[11] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[11] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[11] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[11] >> 0) & 0xff] & 0xff]; + ks[12] = s_td0[s_te1[(ks[12] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[12] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[12] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[12] >> 0) & 0xff] & 0xff]; + ks[13] = s_td0[s_te1[(ks[13] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[13] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[13] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[13] >> 0) & 0xff] & 0xff]; + ks[14] = s_td0[s_te1[(ks[14] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[14] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[14] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[14] >> 0) & 0xff] & 0xff]; + ks[15] = s_td0[s_te1[(ks[15] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[15] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[15] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[15] >> 0) & 0xff] & 0xff]; + ks[16] = s_td0[s_te1[(ks[16] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[16] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[16] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[16] >> 0) & 0xff] & 0xff]; + ks[17] = s_td0[s_te1[(ks[17] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[17] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[17] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[17] >> 0) & 0xff] & 0xff]; + ks[18] = s_td0[s_te1[(ks[18] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[18] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[18] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[18] >> 0) & 0xff] & 0xff]; + ks[19] = s_td0[s_te1[(ks[19] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[19] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[19] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[19] >> 0) & 0xff] & 0xff]; + ks[20] = s_td0[s_te1[(ks[20] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[20] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[20] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[20] >> 0) & 0xff] & 0xff]; + ks[21] = s_td0[s_te1[(ks[21] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[21] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[21] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[21] >> 0) & 0xff] & 0xff]; + ks[22] = s_td0[s_te1[(ks[22] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[22] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[22] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[22] >> 0) & 0xff] & 0xff]; + ks[23] = s_td0[s_te1[(ks[23] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[23] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[23] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[23] >> 0) & 0xff] & 0xff]; + ks[24] = s_td0[s_te1[(ks[24] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[24] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[24] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[24] >> 0) & 0xff] & 0xff]; + ks[25] = s_td0[s_te1[(ks[25] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[25] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[25] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[25] >> 0) & 0xff] & 0xff]; + ks[26] = s_td0[s_te1[(ks[26] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[26] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[26] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[26] >> 0) & 0xff] & 0xff]; + ks[27] = s_td0[s_te1[(ks[27] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[27] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[27] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[27] >> 0) & 0xff] & 0xff]; + ks[28] = s_td0[s_te1[(ks[28] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[28] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[28] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[28] >> 0) & 0xff] & 0xff]; + ks[29] = s_td0[s_te1[(ks[29] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[29] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[29] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[29] >> 0) & 0xff] & 0xff]; + ks[30] = s_td0[s_te1[(ks[30] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[30] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[30] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[30] >> 0) & 0xff] & 0xff]; + ks[31] = s_td0[s_te1[(ks[31] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[31] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[31] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[31] >> 0) & 0xff] & 0xff]; + ks[32] = s_td0[s_te1[(ks[32] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[32] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[32] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[32] >> 0) & 0xff] & 0xff]; + ks[33] = s_td0[s_te1[(ks[33] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[33] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[33] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[33] >> 0) & 0xff] & 0xff]; + ks[34] = s_td0[s_te1[(ks[34] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[34] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[34] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[34] >> 0) & 0xff] & 0xff]; + ks[35] = s_td0[s_te1[(ks[35] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[35] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[35] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[35] >> 0) & 0xff] & 0xff]; + ks[36] = s_td0[s_te1[(ks[36] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[36] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[36] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[36] >> 0) & 0xff] & 0xff]; + ks[37] = s_td0[s_te1[(ks[37] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[37] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[37] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[37] >> 0) & 0xff] & 0xff]; + ks[38] = s_td0[s_te1[(ks[38] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[38] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[38] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[38] >> 0) & 0xff] & 0xff]; + ks[39] = s_td0[s_te1[(ks[39] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[39] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[39] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[39] >> 0) & 0xff] & 0xff]; + ks[40] = s_td0[s_te1[(ks[40] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[40] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[40] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[40] >> 0) & 0xff] & 0xff]; + ks[41] = s_td0[s_te1[(ks[41] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[41] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[41] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[41] >> 0) & 0xff] & 0xff]; + ks[42] = s_td0[s_te1[(ks[42] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[42] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[42] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[42] >> 0) & 0xff] & 0xff]; + ks[43] = s_td0[s_te1[(ks[43] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[43] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[43] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[43] >> 0) & 0xff] & 0xff]; + ks[44] = s_td0[s_te1[(ks[44] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[44] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[44] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[44] >> 0) & 0xff] & 0xff]; + ks[45] = s_td0[s_te1[(ks[45] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[45] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[45] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[45] >> 0) & 0xff] & 0xff]; + ks[46] = s_td0[s_te1[(ks[46] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[46] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[46] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[46] >> 0) & 0xff] & 0xff]; + ks[47] = s_td0[s_te1[(ks[47] >> 24) & 0xff] & 0xff] ^ s_td1[s_te1[(ks[47] >> 16) & 0xff] & 0xff] ^ s_td2[s_te1[(ks[47] >> 8) & 0xff] & 0xff] ^ s_td3[s_te1[(ks[47] >> 0) & 0xff] & 0xff]; +} + +DECLSPEC void aes192_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3) +{ + u32 ukey_s[6]; + + ukey_s[0] = hc_swap32_S (ukey[0]); + ukey_s[1] = hc_swap32_S (ukey[1]); + ukey_s[2] = hc_swap32_S (ukey[2]); + ukey_s[3] = hc_swap32_S (ukey[3]); + ukey_s[4] = hc_swap32_S (ukey[4]); + ukey_s[5] = hc_swap32_S (ukey[5]); + + aes192_ExpandKey (ks, ukey_s, s_te0, s_te1, s_te2, s_te3); +} + +DECLSPEC void aes192_set_decrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3) +{ + u32 ukey_s[6]; + + ukey_s[0] = hc_swap32_S (ukey[0]); + ukey_s[1] = hc_swap32_S (ukey[1]); + ukey_s[2] = hc_swap32_S (ukey[2]); + ukey_s[3] = hc_swap32_S (ukey[3]); + ukey_s[4] = hc_swap32_S (ukey[4]); + ukey_s[5] = hc_swap32_S (ukey[5]); + + aes192_ExpandKey (ks, ukey_s, s_te0, s_te1, s_te2, s_te3); + + aes192_InvertKey (ks, s_te1, s_td0, s_td1, s_td2, s_td3); +} + +DECLSPEC void aes192_encrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4) +{ + u32 in_s[4]; + + in_s[0] = hc_swap32_S (in[0]); + in_s[1] = hc_swap32_S (in[1]); + in_s[2] = hc_swap32_S (in[2]); + in_s[3] = hc_swap32_S (in[3]); + + u32 s0 = in_s[0] ^ ks[0]; + u32 s1 = in_s[1] ^ ks[1]; + u32 s2 = in_s[2] ^ ks[2]; + u32 s3 = in_s[3] ^ ks[3]; + + u32 t0; + u32 t1; + u32 t2; + u32 t3; + + t0 = s_te0[s0 >> 24] ^ s_te1[(s1 >> 16) & 0xff] ^ s_te2[(s2 >> 8) & 0xff] ^ s_te3[s3 & 0xff] ^ ks[ 4]; + t1 = s_te0[s1 >> 24] ^ s_te1[(s2 >> 16) & 0xff] ^ s_te2[(s3 >> 8) & 0xff] ^ s_te3[s0 & 0xff] ^ ks[ 5]; + t2 = s_te0[s2 >> 24] ^ s_te1[(s3 >> 16) & 0xff] ^ s_te2[(s0 >> 8) & 0xff] ^ s_te3[s1 & 0xff] ^ ks[ 6]; + t3 = s_te0[s3 >> 24] ^ s_te1[(s0 >> 16) & 0xff] ^ s_te2[(s1 >> 8) & 0xff] ^ s_te3[s2 & 0xff] ^ ks[ 7]; + s0 = s_te0[t0 >> 24] ^ s_te1[(t1 >> 16) & 0xff] ^ s_te2[(t2 >> 8) & 0xff] ^ s_te3[t3 & 0xff] ^ ks[ 8]; + s1 = s_te0[t1 >> 24] ^ s_te1[(t2 >> 16) & 0xff] ^ s_te2[(t3 >> 8) & 0xff] ^ s_te3[t0 & 0xff] ^ ks[ 9]; + s2 = s_te0[t2 >> 24] ^ s_te1[(t3 >> 16) & 0xff] ^ s_te2[(t0 >> 8) & 0xff] ^ s_te3[t1 & 0xff] ^ ks[10]; + s3 = s_te0[t3 >> 24] ^ s_te1[(t0 >> 16) & 0xff] ^ s_te2[(t1 >> 8) & 0xff] ^ s_te3[t2 & 0xff] ^ ks[11]; + t0 = s_te0[s0 >> 24] ^ s_te1[(s1 >> 16) & 0xff] ^ s_te2[(s2 >> 8) & 0xff] ^ s_te3[s3 & 0xff] ^ ks[12]; + t1 = s_te0[s1 >> 24] ^ s_te1[(s2 >> 16) & 0xff] ^ s_te2[(s3 >> 8) & 0xff] ^ s_te3[s0 & 0xff] ^ ks[13]; + t2 = s_te0[s2 >> 24] ^ s_te1[(s3 >> 16) & 0xff] ^ s_te2[(s0 >> 8) & 0xff] ^ s_te3[s1 & 0xff] ^ ks[14]; + t3 = s_te0[s3 >> 24] ^ s_te1[(s0 >> 16) & 0xff] ^ s_te2[(s1 >> 8) & 0xff] ^ s_te3[s2 & 0xff] ^ ks[15]; + s0 = s_te0[t0 >> 24] ^ s_te1[(t1 >> 16) & 0xff] ^ s_te2[(t2 >> 8) & 0xff] ^ s_te3[t3 & 0xff] ^ ks[16]; + s1 = s_te0[t1 >> 24] ^ s_te1[(t2 >> 16) & 0xff] ^ s_te2[(t3 >> 8) & 0xff] ^ s_te3[t0 & 0xff] ^ ks[17]; + s2 = s_te0[t2 >> 24] ^ s_te1[(t3 >> 16) & 0xff] ^ s_te2[(t0 >> 8) & 0xff] ^ s_te3[t1 & 0xff] ^ ks[18]; + s3 = s_te0[t3 >> 24] ^ s_te1[(t0 >> 16) & 0xff] ^ s_te2[(t1 >> 8) & 0xff] ^ s_te3[t2 & 0xff] ^ ks[19]; + t0 = s_te0[s0 >> 24] ^ s_te1[(s1 >> 16) & 0xff] ^ s_te2[(s2 >> 8) & 0xff] ^ s_te3[s3 & 0xff] ^ ks[20]; + t1 = s_te0[s1 >> 24] ^ s_te1[(s2 >> 16) & 0xff] ^ s_te2[(s3 >> 8) & 0xff] ^ s_te3[s0 & 0xff] ^ ks[21]; + t2 = s_te0[s2 >> 24] ^ s_te1[(s3 >> 16) & 0xff] ^ s_te2[(s0 >> 8) & 0xff] ^ s_te3[s1 & 0xff] ^ ks[22]; + t3 = s_te0[s3 >> 24] ^ s_te1[(s0 >> 16) & 0xff] ^ s_te2[(s1 >> 8) & 0xff] ^ s_te3[s2 & 0xff] ^ ks[23]; + s0 = s_te0[t0 >> 24] ^ s_te1[(t1 >> 16) & 0xff] ^ s_te2[(t2 >> 8) & 0xff] ^ s_te3[t3 & 0xff] ^ ks[24]; + s1 = s_te0[t1 >> 24] ^ s_te1[(t2 >> 16) & 0xff] ^ s_te2[(t3 >> 8) & 0xff] ^ s_te3[t0 & 0xff] ^ ks[25]; + s2 = s_te0[t2 >> 24] ^ s_te1[(t3 >> 16) & 0xff] ^ s_te2[(t0 >> 8) & 0xff] ^ s_te3[t1 & 0xff] ^ ks[26]; + s3 = s_te0[t3 >> 24] ^ s_te1[(t0 >> 16) & 0xff] ^ s_te2[(t1 >> 8) & 0xff] ^ s_te3[t2 & 0xff] ^ ks[27]; + t0 = s_te0[s0 >> 24] ^ s_te1[(s1 >> 16) & 0xff] ^ s_te2[(s2 >> 8) & 0xff] ^ s_te3[s3 & 0xff] ^ ks[28]; + t1 = s_te0[s1 >> 24] ^ s_te1[(s2 >> 16) & 0xff] ^ s_te2[(s3 >> 8) & 0xff] ^ s_te3[s0 & 0xff] ^ ks[29]; + t2 = s_te0[s2 >> 24] ^ s_te1[(s3 >> 16) & 0xff] ^ s_te2[(s0 >> 8) & 0xff] ^ s_te3[s1 & 0xff] ^ ks[30]; + t3 = s_te0[s3 >> 24] ^ s_te1[(s0 >> 16) & 0xff] ^ s_te2[(s1 >> 8) & 0xff] ^ s_te3[s2 & 0xff] ^ ks[31]; + s0 = s_te0[t0 >> 24] ^ s_te1[(t1 >> 16) & 0xff] ^ s_te2[(t2 >> 8) & 0xff] ^ s_te3[t3 & 0xff] ^ ks[32]; + s1 = s_te0[t1 >> 24] ^ s_te1[(t2 >> 16) & 0xff] ^ s_te2[(t3 >> 8) & 0xff] ^ s_te3[t0 & 0xff] ^ ks[33]; + s2 = s_te0[t2 >> 24] ^ s_te1[(t3 >> 16) & 0xff] ^ s_te2[(t0 >> 8) & 0xff] ^ s_te3[t1 & 0xff] ^ ks[34]; + s3 = s_te0[t3 >> 24] ^ s_te1[(t0 >> 16) & 0xff] ^ s_te2[(t1 >> 8) & 0xff] ^ s_te3[t2 & 0xff] ^ ks[35]; + t0 = s_te0[s0 >> 24] ^ s_te1[(s1 >> 16) & 0xff] ^ s_te2[(s2 >> 8) & 0xff] ^ s_te3[s3 & 0xff] ^ ks[36]; + t1 = s_te0[s1 >> 24] ^ s_te1[(s2 >> 16) & 0xff] ^ s_te2[(s3 >> 8) & 0xff] ^ s_te3[s0 & 0xff] ^ ks[37]; + t2 = s_te0[s2 >> 24] ^ s_te1[(s3 >> 16) & 0xff] ^ s_te2[(s0 >> 8) & 0xff] ^ s_te3[s1 & 0xff] ^ ks[38]; + t3 = s_te0[s3 >> 24] ^ s_te1[(s0 >> 16) & 0xff] ^ s_te2[(s1 >> 8) & 0xff] ^ s_te3[s2 & 0xff] ^ ks[39]; + s0 = s_te0[t0 >> 24] ^ s_te1[(t1 >> 16) & 0xff] ^ s_te2[(t2 >> 8) & 0xff] ^ s_te3[t3 & 0xff] ^ ks[40]; + s1 = s_te0[t1 >> 24] ^ s_te1[(t2 >> 16) & 0xff] ^ s_te2[(t3 >> 8) & 0xff] ^ s_te3[t0 & 0xff] ^ ks[41]; + s2 = s_te0[t2 >> 24] ^ s_te1[(t3 >> 16) & 0xff] ^ s_te2[(t0 >> 8) & 0xff] ^ s_te3[t1 & 0xff] ^ ks[42]; + s3 = s_te0[t3 >> 24] ^ s_te1[(t0 >> 16) & 0xff] ^ s_te2[(t1 >> 8) & 0xff] ^ s_te3[t2 & 0xff] ^ ks[43]; + t0 = s_te0[s0 >> 24] ^ s_te1[(s1 >> 16) & 0xff] ^ s_te2[(s2 >> 8) & 0xff] ^ s_te3[s3 & 0xff] ^ ks[44]; + t1 = s_te0[s1 >> 24] ^ s_te1[(s2 >> 16) & 0xff] ^ s_te2[(s3 >> 8) & 0xff] ^ s_te3[s0 & 0xff] ^ ks[45]; + t2 = s_te0[s2 >> 24] ^ s_te1[(s3 >> 16) & 0xff] ^ s_te2[(s0 >> 8) & 0xff] ^ s_te3[s1 & 0xff] ^ ks[46]; + t3 = s_te0[s3 >> 24] ^ s_te1[(s0 >> 16) & 0xff] ^ s_te2[(s1 >> 8) & 0xff] ^ s_te3[s2 & 0xff] ^ ks[47]; + + out[0] = (s_te4[(t0 >> 24) & 0xff] & 0xff000000) + ^ (s_te4[(t1 >> 16) & 0xff] & 0x00ff0000) + ^ (s_te4[(t2 >> 8) & 0xff] & 0x0000ff00) + ^ (s_te4[(t3 >> 0) & 0xff] & 0x000000ff) + ^ ks[48]; + + out[1] = (s_te4[(t1 >> 24) & 0xff] & 0xff000000) + ^ (s_te4[(t2 >> 16) & 0xff] & 0x00ff0000) + ^ (s_te4[(t3 >> 8) & 0xff] & 0x0000ff00) + ^ (s_te4[(t0 >> 0) & 0xff] & 0x000000ff) + ^ ks[49]; + + out[2] = (s_te4[(t2 >> 24) & 0xff] & 0xff000000) + ^ (s_te4[(t3 >> 16) & 0xff] & 0x00ff0000) + ^ (s_te4[(t0 >> 8) & 0xff] & 0x0000ff00) + ^ (s_te4[(t1 >> 0) & 0xff] & 0x000000ff) + ^ ks[50]; + + out[3] = (s_te4[(t3 >> 24) & 0xff] & 0xff000000) + ^ (s_te4[(t0 >> 16) & 0xff] & 0x00ff0000) + ^ (s_te4[(t1 >> 8) & 0xff] & 0x0000ff00) + ^ (s_te4[(t2 >> 0) & 0xff] & 0x000000ff) + ^ ks[51]; + + out[0] = hc_swap32_S (out[0]); + out[1] = hc_swap32_S (out[1]); + out[2] = hc_swap32_S (out[2]); + out[3] = hc_swap32_S (out[3]); +} + +DECLSPEC void aes192_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4) +{ + u32 in_s[4]; + + in_s[0] = hc_swap32_S (in[0]); + in_s[1] = hc_swap32_S (in[1]); + in_s[2] = hc_swap32_S (in[2]); + in_s[3] = hc_swap32_S (in[3]); + + u32 s0 = in_s[0] ^ ks[0]; + u32 s1 = in_s[1] ^ ks[1]; + u32 s2 = in_s[2] ^ ks[2]; + u32 s3 = in_s[3] ^ ks[3]; + + u32 t0; + u32 t1; + u32 t2; + u32 t3; + + t0 = s_td0[s0 >> 24] ^ s_td1[(s3 >> 16) & 0xff] ^ s_td2[(s2 >> 8) & 0xff] ^ s_td3[s1 & 0xff] ^ ks[ 4]; + t1 = s_td0[s1 >> 24] ^ s_td1[(s0 >> 16) & 0xff] ^ s_td2[(s3 >> 8) & 0xff] ^ s_td3[s2 & 0xff] ^ ks[ 5]; + t2 = s_td0[s2 >> 24] ^ s_td1[(s1 >> 16) & 0xff] ^ s_td2[(s0 >> 8) & 0xff] ^ s_td3[s3 & 0xff] ^ ks[ 6]; + t3 = s_td0[s3 >> 24] ^ s_td1[(s2 >> 16) & 0xff] ^ s_td2[(s1 >> 8) & 0xff] ^ s_td3[s0 & 0xff] ^ ks[ 7]; + s0 = s_td0[t0 >> 24] ^ s_td1[(t3 >> 16) & 0xff] ^ s_td2[(t2 >> 8) & 0xff] ^ s_td3[t1 & 0xff] ^ ks[ 8]; + s1 = s_td0[t1 >> 24] ^ s_td1[(t0 >> 16) & 0xff] ^ s_td2[(t3 >> 8) & 0xff] ^ s_td3[t2 & 0xff] ^ ks[ 9]; + s2 = s_td0[t2 >> 24] ^ s_td1[(t1 >> 16) & 0xff] ^ s_td2[(t0 >> 8) & 0xff] ^ s_td3[t3 & 0xff] ^ ks[10]; + s3 = s_td0[t3 >> 24] ^ s_td1[(t2 >> 16) & 0xff] ^ s_td2[(t1 >> 8) & 0xff] ^ s_td3[t0 & 0xff] ^ ks[11]; + t0 = s_td0[s0 >> 24] ^ s_td1[(s3 >> 16) & 0xff] ^ s_td2[(s2 >> 8) & 0xff] ^ s_td3[s1 & 0xff] ^ ks[12]; + t1 = s_td0[s1 >> 24] ^ s_td1[(s0 >> 16) & 0xff] ^ s_td2[(s3 >> 8) & 0xff] ^ s_td3[s2 & 0xff] ^ ks[13]; + t2 = s_td0[s2 >> 24] ^ s_td1[(s1 >> 16) & 0xff] ^ s_td2[(s0 >> 8) & 0xff] ^ s_td3[s3 & 0xff] ^ ks[14]; + t3 = s_td0[s3 >> 24] ^ s_td1[(s2 >> 16) & 0xff] ^ s_td2[(s1 >> 8) & 0xff] ^ s_td3[s0 & 0xff] ^ ks[15]; + s0 = s_td0[t0 >> 24] ^ s_td1[(t3 >> 16) & 0xff] ^ s_td2[(t2 >> 8) & 0xff] ^ s_td3[t1 & 0xff] ^ ks[16]; + s1 = s_td0[t1 >> 24] ^ s_td1[(t0 >> 16) & 0xff] ^ s_td2[(t3 >> 8) & 0xff] ^ s_td3[t2 & 0xff] ^ ks[17]; + s2 = s_td0[t2 >> 24] ^ s_td1[(t1 >> 16) & 0xff] ^ s_td2[(t0 >> 8) & 0xff] ^ s_td3[t3 & 0xff] ^ ks[18]; + s3 = s_td0[t3 >> 24] ^ s_td1[(t2 >> 16) & 0xff] ^ s_td2[(t1 >> 8) & 0xff] ^ s_td3[t0 & 0xff] ^ ks[19]; + t0 = s_td0[s0 >> 24] ^ s_td1[(s3 >> 16) & 0xff] ^ s_td2[(s2 >> 8) & 0xff] ^ s_td3[s1 & 0xff] ^ ks[20]; + t1 = s_td0[s1 >> 24] ^ s_td1[(s0 >> 16) & 0xff] ^ s_td2[(s3 >> 8) & 0xff] ^ s_td3[s2 & 0xff] ^ ks[21]; + t2 = s_td0[s2 >> 24] ^ s_td1[(s1 >> 16) & 0xff] ^ s_td2[(s0 >> 8) & 0xff] ^ s_td3[s3 & 0xff] ^ ks[22]; + t3 = s_td0[s3 >> 24] ^ s_td1[(s2 >> 16) & 0xff] ^ s_td2[(s1 >> 8) & 0xff] ^ s_td3[s0 & 0xff] ^ ks[23]; + s0 = s_td0[t0 >> 24] ^ s_td1[(t3 >> 16) & 0xff] ^ s_td2[(t2 >> 8) & 0xff] ^ s_td3[t1 & 0xff] ^ ks[24]; + s1 = s_td0[t1 >> 24] ^ s_td1[(t0 >> 16) & 0xff] ^ s_td2[(t3 >> 8) & 0xff] ^ s_td3[t2 & 0xff] ^ ks[25]; + s2 = s_td0[t2 >> 24] ^ s_td1[(t1 >> 16) & 0xff] ^ s_td2[(t0 >> 8) & 0xff] ^ s_td3[t3 & 0xff] ^ ks[26]; + s3 = s_td0[t3 >> 24] ^ s_td1[(t2 >> 16) & 0xff] ^ s_td2[(t1 >> 8) & 0xff] ^ s_td3[t0 & 0xff] ^ ks[27]; + t0 = s_td0[s0 >> 24] ^ s_td1[(s3 >> 16) & 0xff] ^ s_td2[(s2 >> 8) & 0xff] ^ s_td3[s1 & 0xff] ^ ks[28]; + t1 = s_td0[s1 >> 24] ^ s_td1[(s0 >> 16) & 0xff] ^ s_td2[(s3 >> 8) & 0xff] ^ s_td3[s2 & 0xff] ^ ks[29]; + t2 = s_td0[s2 >> 24] ^ s_td1[(s1 >> 16) & 0xff] ^ s_td2[(s0 >> 8) & 0xff] ^ s_td3[s3 & 0xff] ^ ks[30]; + t3 = s_td0[s3 >> 24] ^ s_td1[(s2 >> 16) & 0xff] ^ s_td2[(s1 >> 8) & 0xff] ^ s_td3[s0 & 0xff] ^ ks[31]; + s0 = s_td0[t0 >> 24] ^ s_td1[(t3 >> 16) & 0xff] ^ s_td2[(t2 >> 8) & 0xff] ^ s_td3[t1 & 0xff] ^ ks[32]; + s1 = s_td0[t1 >> 24] ^ s_td1[(t0 >> 16) & 0xff] ^ s_td2[(t3 >> 8) & 0xff] ^ s_td3[t2 & 0xff] ^ ks[33]; + s2 = s_td0[t2 >> 24] ^ s_td1[(t1 >> 16) & 0xff] ^ s_td2[(t0 >> 8) & 0xff] ^ s_td3[t3 & 0xff] ^ ks[34]; + s3 = s_td0[t3 >> 24] ^ s_td1[(t2 >> 16) & 0xff] ^ s_td2[(t1 >> 8) & 0xff] ^ s_td3[t0 & 0xff] ^ ks[35]; + t0 = s_td0[s0 >> 24] ^ s_td1[(s3 >> 16) & 0xff] ^ s_td2[(s2 >> 8) & 0xff] ^ s_td3[s1 & 0xff] ^ ks[36]; + t1 = s_td0[s1 >> 24] ^ s_td1[(s0 >> 16) & 0xff] ^ s_td2[(s3 >> 8) & 0xff] ^ s_td3[s2 & 0xff] ^ ks[37]; + t2 = s_td0[s2 >> 24] ^ s_td1[(s1 >> 16) & 0xff] ^ s_td2[(s0 >> 8) & 0xff] ^ s_td3[s3 & 0xff] ^ ks[38]; + t3 = s_td0[s3 >> 24] ^ s_td1[(s2 >> 16) & 0xff] ^ s_td2[(s1 >> 8) & 0xff] ^ s_td3[s0 & 0xff] ^ ks[39]; + s0 = s_td0[t0 >> 24] ^ s_td1[(t3 >> 16) & 0xff] ^ s_td2[(t2 >> 8) & 0xff] ^ s_td3[t1 & 0xff] ^ ks[40]; + s1 = s_td0[t1 >> 24] ^ s_td1[(t0 >> 16) & 0xff] ^ s_td2[(t3 >> 8) & 0xff] ^ s_td3[t2 & 0xff] ^ ks[41]; + s2 = s_td0[t2 >> 24] ^ s_td1[(t1 >> 16) & 0xff] ^ s_td2[(t0 >> 8) & 0xff] ^ s_td3[t3 & 0xff] ^ ks[42]; + s3 = s_td0[t3 >> 24] ^ s_td1[(t2 >> 16) & 0xff] ^ s_td2[(t1 >> 8) & 0xff] ^ s_td3[t0 & 0xff] ^ ks[43]; + t0 = s_td0[s0 >> 24] ^ s_td1[(s3 >> 16) & 0xff] ^ s_td2[(s2 >> 8) & 0xff] ^ s_td3[s1 & 0xff] ^ ks[44]; + t1 = s_td0[s1 >> 24] ^ s_td1[(s0 >> 16) & 0xff] ^ s_td2[(s3 >> 8) & 0xff] ^ s_td3[s2 & 0xff] ^ ks[45]; + t2 = s_td0[s2 >> 24] ^ s_td1[(s1 >> 16) & 0xff] ^ s_td2[(s0 >> 8) & 0xff] ^ s_td3[s3 & 0xff] ^ ks[46]; + t3 = s_td0[s3 >> 24] ^ s_td1[(s2 >> 16) & 0xff] ^ s_td2[(s1 >> 8) & 0xff] ^ s_td3[s0 & 0xff] ^ ks[47]; + + out[0] = (s_td4[(t0 >> 24) & 0xff] & 0xff000000) + ^ (s_td4[(t3 >> 16) & 0xff] & 0x00ff0000) + ^ (s_td4[(t2 >> 8) & 0xff] & 0x0000ff00) + ^ (s_td4[(t1 >> 0) & 0xff] & 0x000000ff) + ^ ks[48]; + + out[1] = (s_td4[(t1 >> 24) & 0xff] & 0xff000000) + ^ (s_td4[(t0 >> 16) & 0xff] & 0x00ff0000) + ^ (s_td4[(t3 >> 8) & 0xff] & 0x0000ff00) + ^ (s_td4[(t2 >> 0) & 0xff] & 0x000000ff) + ^ ks[49]; + + out[2] = (s_td4[(t2 >> 24) & 0xff] & 0xff000000) + ^ (s_td4[(t1 >> 16) & 0xff] & 0x00ff0000) + ^ (s_td4[(t0 >> 8) & 0xff] & 0x0000ff00) + ^ (s_td4[(t3 >> 0) & 0xff] & 0x000000ff) + ^ ks[50]; + + out[3] = (s_td4[(t3 >> 24) & 0xff] & 0xff000000) + ^ (s_td4[(t2 >> 16) & 0xff] & 0x00ff0000) + ^ (s_td4[(t1 >> 8) & 0xff] & 0x0000ff00) + ^ (s_td4[(t0 >> 0) & 0xff] & 0x000000ff) + ^ ks[51]; + + out[0] = hc_swap32_S (out[0]); + out[1] = hc_swap32_S (out[1]); + out[2] = hc_swap32_S (out[2]); + out[3] = hc_swap32_S (out[3]); +} + // 256 bit key DECLSPEC void aes256_ExpandKey (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3) @@ -1547,6 +1930,72 @@ DECLSPEC void AES128_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u out[3] = hc_swap32_S (out_s[3]); } +DECLSPEC void AES192_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3) +{ + u32 ukey_s[6]; + + ukey_s[0] = hc_swap32_S (ukey[0]); + ukey_s[1] = hc_swap32_S (ukey[1]); + ukey_s[2] = hc_swap32_S (ukey[2]); + ukey_s[3] = hc_swap32_S (ukey[3]); + ukey_s[4] = hc_swap32_S (ukey[4]); + ukey_s[5] = hc_swap32_S (ukey[5]); + + aes192_set_encrypt_key (ks, ukey_s, s_te0, s_te1, s_te2, s_te3); +} + +DECLSPEC void AES192_set_decrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3) +{ + u32 ukey_s[6]; + + ukey_s[0] = hc_swap32_S (ukey[0]); + ukey_s[1] = hc_swap32_S (ukey[1]); + ukey_s[2] = hc_swap32_S (ukey[2]); + ukey_s[3] = hc_swap32_S (ukey[3]); + ukey_s[4] = hc_swap32_S (ukey[4]); + ukey_s[5] = hc_swap32_S (ukey[5]); + + aes192_set_decrypt_key (ks, ukey_s, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); +} + +DECLSPEC void AES192_encrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4) +{ + u32 in_s[4]; + + in_s[0] = hc_swap32_S (in[0]); + in_s[1] = hc_swap32_S (in[1]); + in_s[2] = hc_swap32_S (in[2]); + in_s[3] = hc_swap32_S (in[3]); + + u32 out_s[4]; + + aes192_encrypt (ks, in_s, out_s, s_te0, s_te1, s_te2, s_te3, s_te4); + + out[0] = hc_swap32_S (out_s[0]); + out[1] = hc_swap32_S (out_s[1]); + out[2] = hc_swap32_S (out_s[2]); + out[3] = hc_swap32_S (out_s[3]); +} + +DECLSPEC void AES192_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4) +{ + u32 in_s[4]; + + in_s[0] = hc_swap32_S (in[0]); + in_s[1] = hc_swap32_S (in[1]); + in_s[2] = hc_swap32_S (in[2]); + in_s[3] = hc_swap32_S (in[3]); + + u32 out_s[4]; + + aes192_decrypt (ks, in_s, out_s, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] = hc_swap32_S (out_s[0]); + out[1] = hc_swap32_S (out_s[1]); + out[2] = hc_swap32_S (out_s[2]); + out[3] = hc_swap32_S (out_s[3]); +} + DECLSPEC void AES256_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3) { u32 ukey_s[8]; diff --git a/OpenCL/inc_cipher_aes.h b/OpenCL/inc_cipher_aes.h index b0394e2a6..d2edaf3ae 100644 --- a/OpenCL/inc_cipher_aes.h +++ b/OpenCL/inc_cipher_aes.h @@ -12,6 +12,12 @@ DECLSPEC void aes128_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_ DECLSPEC void aes128_set_decrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3); DECLSPEC void aes128_encrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4); DECLSPEC void aes128_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4); +DECLSPEC void aes192_ExpandKey (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3); +DECLSPEC void aes192_InvertKey (u32 *ks, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3); +DECLSPEC void aes192_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3); +DECLSPEC void aes192_set_decrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3); +DECLSPEC void aes192_encrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4); +DECLSPEC void aes192_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4); DECLSPEC void aes256_ExpandKey (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3); DECLSPEC void aes256_InvertKey (u32 *ks, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3); DECLSPEC void aes256_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3); @@ -22,6 +28,10 @@ DECLSPEC void AES128_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_ DECLSPEC void AES128_set_decrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3); DECLSPEC void AES128_encrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4); DECLSPEC void AES128_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4); +DECLSPEC void AES192_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3); +DECLSPEC void AES192_set_decrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3); +DECLSPEC void AES192_encrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4); +DECLSPEC void AES192_decrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3, SHM_TYPE u32 *s_td4); DECLSPEC void AES256_set_encrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3); DECLSPEC void AES256_set_decrypt_key (u32 *ks, const u32 *ukey, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_td0, SHM_TYPE u32 *s_td1, SHM_TYPE u32 *s_td2, SHM_TYPE u32 *s_td3); DECLSPEC void AES256_encrypt (const u32 *ks, const u32 *in, u32 *out, SHM_TYPE u32 *s_te0, SHM_TYPE u32 *s_te1, SHM_TYPE u32 *s_te2, SHM_TYPE u32 *s_te3, SHM_TYPE u32 *s_te4); From 5df743cb8593833d633b0e75a54b3bf7972fa607 Mon Sep 17 00:00:00 2001 From: philsmd Date: Sun, 31 May 2020 10:36:41 +0200 Subject: [PATCH 10/19] fixes #2410: added -m 2300x = SecureZIP --- OpenCL/m23001_a0-optimized.cl | 695 +++++++++++++++++ OpenCL/m23001_a0-pure.cl | 411 ++++++++++ OpenCL/m23001_a1-optimized.cl | 809 +++++++++++++++++++ OpenCL/m23001_a1-pure.cl | 405 ++++++++++ OpenCL/m23001_a3-optimized.cl | 1279 ++++++++++++++++++++++++++++++ OpenCL/m23001_a3-pure.cl | 431 ++++++++++ OpenCL/m23002_a0-optimized.cl | 801 +++++++++++++++++++ OpenCL/m23002_a0-pure.cl | 517 ++++++++++++ OpenCL/m23002_a1-optimized.cl | 915 ++++++++++++++++++++++ OpenCL/m23002_a1-pure.cl | 511 ++++++++++++ OpenCL/m23002_a3-optimized.cl | 1385 ++++++++++++++++++++++++++++++++ OpenCL/m23002_a3-pure.cl | 537 +++++++++++++ OpenCL/m23003_a0-optimized.cl | 805 +++++++++++++++++++ OpenCL/m23003_a0-pure.cl | 521 +++++++++++++ OpenCL/m23003_a1-optimized.cl | 919 ++++++++++++++++++++++ OpenCL/m23003_a1-pure.cl | 515 ++++++++++++ OpenCL/m23003_a3-optimized.cl | 1389 +++++++++++++++++++++++++++++++++ OpenCL/m23003_a3-pure.cl | 541 +++++++++++++ docs/changes.txt | 3 + docs/readme.txt | 3 + src/modules/module_23001.c | 338 ++++++++ src/modules/module_23002.c | 338 ++++++++ src/modules/module_23003.c | 338 ++++++++ tools/test_modules/m23001.pm | 193 +++++ tools/test_modules/m23002.pm | 193 +++++ tools/test_modules/m23003.pm | 193 +++++ 26 files changed, 14985 insertions(+) create mode 100644 OpenCL/m23001_a0-optimized.cl create mode 100644 OpenCL/m23001_a0-pure.cl create mode 100644 OpenCL/m23001_a1-optimized.cl create mode 100644 OpenCL/m23001_a1-pure.cl create mode 100644 OpenCL/m23001_a3-optimized.cl create mode 100644 OpenCL/m23001_a3-pure.cl create mode 100644 OpenCL/m23002_a0-optimized.cl create mode 100644 OpenCL/m23002_a0-pure.cl create mode 100644 OpenCL/m23002_a1-optimized.cl create mode 100644 OpenCL/m23002_a1-pure.cl create mode 100644 OpenCL/m23002_a3-optimized.cl create mode 100644 OpenCL/m23002_a3-pure.cl create mode 100644 OpenCL/m23003_a0-optimized.cl create mode 100644 OpenCL/m23003_a0-pure.cl create mode 100644 OpenCL/m23003_a1-optimized.cl create mode 100644 OpenCL/m23003_a1-pure.cl create mode 100644 OpenCL/m23003_a3-optimized.cl create mode 100644 OpenCL/m23003_a3-pure.cl create mode 100644 src/modules/module_23001.c create mode 100644 src/modules/module_23002.c create mode 100644 src/modules/module_23003.c create mode 100644 tools/test_modules/m23001.pm create mode 100644 tools/test_modules/m23002.pm create mode 100644 tools/test_modules/m23003.pm diff --git a/OpenCL/m23001_a0-optimized.cl b/OpenCL/m23001_a0-optimized.cl new file mode 100644 index 000000000..38e36df2d --- /dev/null +++ b/OpenCL/m23001_a0-optimized.cl @@ -0,0 +1,695 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp_optimized.h" +#include "inc_rp_optimized.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23001_m04 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_m08 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23001_m16 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23001_s04 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_s08 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23001_s16 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} diff --git a/OpenCL/m23001_a0-pure.cl b/OpenCL/m23001_a0-pure.cl new file mode 100644 index 000000000..0ce3cf586 --- /dev/null +++ b/OpenCL/m23001_a0-pure.cl @@ -0,0 +1,411 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp.h" +#include "inc_rp.cl" +#include "inc_scalar.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23001_mxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_swap (&ctx, tmp.i, tmp.pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_sxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_swap (&ctx, tmp.i, tmp.pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23001_a1-optimized.cl b/OpenCL/m23001_a1-optimized.cl new file mode 100644 index 000000000..dcbcab1cc --- /dev/null +++ b/OpenCL/m23001_a1-optimized.cl @@ -0,0 +1,809 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23001_m04 (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (combs_mode == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_m08 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23001_m16 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23001_s04 (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (combs_mode == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_s08 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23001_s16 (KERN_ATTR_ESALT (securezip_t)) +{ +} diff --git a/OpenCL/m23001_a1-pure.cl b/OpenCL/m23001_a1-pure.cl new file mode 100644 index 000000000..cf4f004c2 --- /dev/null +++ b/OpenCL/m23001_a1-pure.cl @@ -0,0 +1,405 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_scalar.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23001_mxx (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + sha1_ctx_t ctx0; + + sha1_init (&ctx0); + + sha1_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + sha1_ctx_t ctx = ctx0; + + sha1_update_global_swap (&ctx, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_sxx (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + sha1_ctx_t ctx0; + + sha1_init (&ctx0); + + sha1_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + sha1_ctx_t ctx = ctx0; + + sha1_update_global_swap (&ctx, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23001_a3-optimized.cl b/OpenCL/m23001_a3-optimized.cl new file mode 100644 index 000000000..04c4c264b --- /dev/null +++ b/OpenCL/m23001_a3-optimized.cl @@ -0,0 +1,1279 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +DECLSPEC void m23001m (SHM_TYPE u32a *s_te0, SHM_TYPE u32a *s_te1, SHM_TYPE u32a *s_te2, SHM_TYPE u32a *s_te3, SHM_TYPE u32a *s_te4, SHM_TYPE u32a *s_td0, SHM_TYPE u32a *s_td1, SHM_TYPE u32a *s_td2, SHM_TYPE u32a *s_td3, SHM_TYPE u32a *s_td4, u32 *w, const u32 pw_len, KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + + /** + * base + */ + + const u32 c_16s = hc_rotl32_S ((w[13] ^ w[ 8] ^ w[ 2] ), 1u); + const u32 c_17s = hc_rotl32_S ((w[14] ^ w[ 9] ^ w[ 3] ^ w[ 1]), 1u); + const u32 c_18s = hc_rotl32_S ((w[15] ^ w[10] ^ w[ 4] ^ w[ 2]), 1u); + const u32 c_19s = hc_rotl32_S ((c_16s ^ w[11] ^ w[ 5] ^ w[ 3]), 1u); + const u32 c_20s = hc_rotl32_S ((c_17s ^ w[12] ^ w[ 6] ^ w[ 4]), 1u); + const u32 c_21s = hc_rotl32_S ((c_18s ^ w[13] ^ w[ 7] ^ w[ 5]), 1u); + const u32 c_22s = hc_rotl32_S ((c_19s ^ w[14] ^ w[ 8] ^ w[ 6]), 1u); + const u32 c_23s = hc_rotl32_S ((c_20s ^ w[15] ^ w[ 9] ^ w[ 7]), 1u); + const u32 c_24s = hc_rotl32_S ((c_21s ^ c_16s ^ w[10] ^ w[ 8]), 1u); + const u32 c_25s = hc_rotl32_S ((c_22s ^ c_17s ^ w[11] ^ w[ 9]), 1u); + const u32 c_26s = hc_rotl32_S ((c_23s ^ c_18s ^ w[12] ^ w[10]), 1u); + const u32 c_27s = hc_rotl32_S ((c_24s ^ c_19s ^ w[13] ^ w[11]), 1u); + const u32 c_28s = hc_rotl32_S ((c_25s ^ c_20s ^ w[14] ^ w[12]), 1u); + const u32 c_29s = hc_rotl32_S ((c_26s ^ c_21s ^ w[15] ^ w[13]), 1u); + const u32 c_30s = hc_rotl32_S ((c_27s ^ c_22s ^ c_16s ^ w[14]), 1u); + const u32 c_31s = hc_rotl32_S ((c_28s ^ c_23s ^ c_17s ^ w[15]), 1u); + const u32 c_32s = hc_rotl32_S ((c_29s ^ c_24s ^ c_18s ^ c_16s), 1u); + const u32 c_33s = hc_rotl32_S ((c_30s ^ c_25s ^ c_19s ^ c_17s), 1u); + const u32 c_34s = hc_rotl32_S ((c_31s ^ c_26s ^ c_20s ^ c_18s), 1u); + const u32 c_35s = hc_rotl32_S ((c_32s ^ c_27s ^ c_21s ^ c_19s), 1u); + const u32 c_36s = hc_rotl32_S ((c_33s ^ c_28s ^ c_22s ^ c_20s), 1u); + const u32 c_37s = hc_rotl32_S ((c_34s ^ c_29s ^ c_23s ^ c_21s), 1u); + const u32 c_38s = hc_rotl32_S ((c_35s ^ c_30s ^ c_24s ^ c_22s), 1u); + const u32 c_39s = hc_rotl32_S ((c_36s ^ c_31s ^ c_25s ^ c_23s), 1u); + const u32 c_40s = hc_rotl32_S ((c_37s ^ c_32s ^ c_26s ^ c_24s), 1u); + const u32 c_41s = hc_rotl32_S ((c_38s ^ c_33s ^ c_27s ^ c_25s), 1u); + const u32 c_42s = hc_rotl32_S ((c_39s ^ c_34s ^ c_28s ^ c_26s), 1u); + const u32 c_43s = hc_rotl32_S ((c_40s ^ c_35s ^ c_29s ^ c_27s), 1u); + const u32 c_44s = hc_rotl32_S ((c_41s ^ c_36s ^ c_30s ^ c_28s), 1u); + const u32 c_45s = hc_rotl32_S ((c_42s ^ c_37s ^ c_31s ^ c_29s), 1u); + const u32 c_46s = hc_rotl32_S ((c_43s ^ c_38s ^ c_32s ^ c_30s), 1u); + const u32 c_47s = hc_rotl32_S ((c_44s ^ c_39s ^ c_33s ^ c_31s), 1u); + const u32 c_48s = hc_rotl32_S ((c_45s ^ c_40s ^ c_34s ^ c_32s), 1u); + const u32 c_49s = hc_rotl32_S ((c_46s ^ c_41s ^ c_35s ^ c_33s), 1u); + const u32 c_50s = hc_rotl32_S ((c_47s ^ c_42s ^ c_36s ^ c_34s), 1u); + const u32 c_51s = hc_rotl32_S ((c_48s ^ c_43s ^ c_37s ^ c_35s), 1u); + const u32 c_52s = hc_rotl32_S ((c_49s ^ c_44s ^ c_38s ^ c_36s), 1u); + const u32 c_53s = hc_rotl32_S ((c_50s ^ c_45s ^ c_39s ^ c_37s), 1u); + const u32 c_54s = hc_rotl32_S ((c_51s ^ c_46s ^ c_40s ^ c_38s), 1u); + const u32 c_55s = hc_rotl32_S ((c_52s ^ c_47s ^ c_41s ^ c_39s), 1u); + const u32 c_56s = hc_rotl32_S ((c_53s ^ c_48s ^ c_42s ^ c_40s), 1u); + const u32 c_57s = hc_rotl32_S ((c_54s ^ c_49s ^ c_43s ^ c_41s), 1u); + const u32 c_58s = hc_rotl32_S ((c_55s ^ c_50s ^ c_44s ^ c_42s), 1u); + const u32 c_59s = hc_rotl32_S ((c_56s ^ c_51s ^ c_45s ^ c_43s), 1u); + const u32 c_60s = hc_rotl32_S ((c_57s ^ c_52s ^ c_46s ^ c_44s), 1u); + const u32 c_61s = hc_rotl32_S ((c_58s ^ c_53s ^ c_47s ^ c_45s), 1u); + const u32 c_62s = hc_rotl32_S ((c_59s ^ c_54s ^ c_48s ^ c_46s), 1u); + const u32 c_63s = hc_rotl32_S ((c_60s ^ c_55s ^ c_49s ^ c_47s), 1u); + const u32 c_64s = hc_rotl32_S ((c_61s ^ c_56s ^ c_50s ^ c_48s), 1u); + const u32 c_65s = hc_rotl32_S ((c_62s ^ c_57s ^ c_51s ^ c_49s), 1u); + const u32 c_66s = hc_rotl32_S ((c_63s ^ c_58s ^ c_52s ^ c_50s), 1u); + const u32 c_67s = hc_rotl32_S ((c_64s ^ c_59s ^ c_53s ^ c_51s), 1u); + const u32 c_68s = hc_rotl32_S ((c_65s ^ c_60s ^ c_54s ^ c_52s), 1u); + const u32 c_69s = hc_rotl32_S ((c_66s ^ c_61s ^ c_55s ^ c_53s), 1u); + const u32 c_70s = hc_rotl32_S ((c_67s ^ c_62s ^ c_56s ^ c_54s), 1u); + const u32 c_71s = hc_rotl32_S ((c_68s ^ c_63s ^ c_57s ^ c_55s), 1u); + const u32 c_72s = hc_rotl32_S ((c_69s ^ c_64s ^ c_58s ^ c_56s), 1u); + const u32 c_73s = hc_rotl32_S ((c_70s ^ c_65s ^ c_59s ^ c_57s), 1u); + const u32 c_74s = hc_rotl32_S ((c_71s ^ c_66s ^ c_60s ^ c_58s), 1u); + const u32 c_75s = hc_rotl32_S ((c_72s ^ c_67s ^ c_61s ^ c_59s), 1u); + + const u32 c_17sK = c_17s + SHA1C00; + const u32 c_18sK = c_18s + SHA1C00; + const u32 c_20sK = c_20s + SHA1C01; + const u32 c_21sK = c_21s + SHA1C01; + const u32 c_23sK = c_23s + SHA1C01; + const u32 c_26sK = c_26s + SHA1C01; + const u32 c_27sK = c_27s + SHA1C01; + const u32 c_29sK = c_29s + SHA1C01; + const u32 c_33sK = c_33s + SHA1C01; + const u32 c_39sK = c_39s + SHA1C01; + const u32 c_41sK = c_41s + SHA1C02; + const u32 c_45sK = c_45s + SHA1C02; + const u32 c_53sK = c_53s + SHA1C02; + const u32 c_65sK = c_65s + SHA1C03; + const u32 c_69sK = c_69s + SHA1C03; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + const u32x w0s01 = hc_rotl32 (w0, 1u); + const u32x w0s02 = hc_rotl32 (w0, 2u); + const u32x w0s03 = hc_rotl32 (w0, 3u); + const u32x w0s04 = hc_rotl32 (w0, 4u); + const u32x w0s05 = hc_rotl32 (w0, 5u); + const u32x w0s06 = hc_rotl32 (w0, 6u); + const u32x w0s07 = hc_rotl32 (w0, 7u); + const u32x w0s08 = hc_rotl32 (w0, 8u); + const u32x w0s09 = hc_rotl32 (w0, 9u); + const u32x w0s10 = hc_rotl32 (w0, 10u); + const u32x w0s11 = hc_rotl32 (w0, 11u); + const u32x w0s12 = hc_rotl32 (w0, 12u); + const u32x w0s13 = hc_rotl32 (w0, 13u); + const u32x w0s14 = hc_rotl32 (w0, 14u); + const u32x w0s15 = hc_rotl32 (w0, 15u); + const u32x w0s16 = hc_rotl32 (w0, 16u); + const u32x w0s17 = hc_rotl32 (w0, 17u); + const u32x w0s18 = hc_rotl32 (w0, 18u); + const u32x w0s19 = hc_rotl32 (w0, 19u); + const u32x w0s20 = hc_rotl32 (w0, 20u); + + const u32x w0s04___w0s06 = w0s04 ^ w0s06; + const u32x w0s04___w0s08 = w0s04 ^ w0s08; + const u32x w0s08___w0s12 = w0s08 ^ w0s12; + const u32x w0s04___w0s06___w0s07 = w0s04___w0s06 ^ w0s07; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 1]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 2]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 3]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 4]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[ 5]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 6]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 7]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 8]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 9]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[10]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[11]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[12]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[13]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[14]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[15]); + + SHA1_STEP (SHA1_F0o, e, a, b, c, d, (c_16s ^ w0s01)); + SHA1_STEPX(SHA1_F0o, d, e, a, b, c, (c_17sK)); + SHA1_STEPX(SHA1_F0o, c, d, e, a, b, (c_18sK)); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, (c_19s ^ w0s02)); + + #undef K + #define K SHA1C01 + + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_20sK)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_21sK)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_22s ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_23sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_24s ^ w0s02)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_25s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_26sK)); + SHA1_STEPX(SHA1_F1 , d, e, a, b, c, (c_27sK)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_28s ^ w0s05)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_29sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_30s ^ w0s02 ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_31s ^ w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_32s ^ w0s02 ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_33sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_34s ^ w0s07)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_35s ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_36s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_37s ^ w0s08)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_38s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_39sK)); + + #undef K + #define K SHA1C02 + + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_40s ^ w0s04 ^ w0s09)); + SHA1_STEPX(SHA1_F2o, e, a, b, c, d, (c_41sK)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_42s ^ w0s06 ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_43s ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_44s ^ w0s03 ^ w0s06 ^ w0s07)); + SHA1_STEPX(SHA1_F2o, a, b, c, d, e, (c_45sK)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_46s ^ w0s04 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_47s ^ w0s04___w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_48s ^ w0s03 ^ w0s04___w0s08 ^ w0s05 ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_49s ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_50s ^ w0s08)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_51s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_52s ^ w0s04___w0s08 ^ w0s13)); + SHA1_STEPX(SHA1_F2o, c, d, e, a, b, (c_53sK)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_54s ^ w0s07 ^ w0s10 ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_55s ^ w0s14)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_56s ^ w0s04___w0s06___w0s07 ^ w0s10 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_57s ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_58s ^ w0s04___w0s08 ^ w0s15)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_59s ^ w0s08___w0s12)); + + #undef K + #define K SHA1C03 + + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_60s ^ w0s04 ^ w0s08___w0s12 ^ w0s07 ^ w0s14)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_61s ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_62s ^ w0s04___w0s06 ^ w0s08___w0s12)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_63s ^ w0s08)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_64s ^ w0s04___w0s06___w0s07 ^ w0s08___w0s12 ^ w0s17)); + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_65sK)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_66s ^ w0s14 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_67s ^ w0s08 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_68s ^ w0s11 ^ w0s14 ^ w0s15)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_69sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_70s ^ w0s12 ^ w0s19)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_71s ^ w0s12 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_72s ^ w0s05 ^ w0s11 ^ w0s12 ^ w0s13 ^ w0s16 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_73s ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_74s ^ w0s08 ^ w0s16)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_75s ^ w0s06 ^ w0s12 ^ w0s14)); + + const u32x c_76s = hc_rotl32 ((c_73s ^ c_68s ^ c_62s ^ c_60s), 1u); + const u32x c_77s = hc_rotl32 ((c_74s ^ c_69s ^ c_63s ^ c_61s), 1u); + const u32x c_78s = hc_rotl32 ((c_75s ^ c_70s ^ c_64s ^ c_62s), 1u); + const u32x c_79s = hc_rotl32 ((c_76s ^ c_71s ^ c_65s ^ c_63s), 1u); + + const u32x w0s21 = hc_rotl32 (w0, 21u); + const u32x w0s22 = hc_rotl32 (w0, 22U); + + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_76s ^ w0s07 ^ w0s08___w0s12 ^ w0s16 ^ w0s21)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_77s)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_78s ^ w0s07 ^ w0s08 ^ w0s15 ^ w0s18 ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_79s ^ w0s08 ^ w0s22)); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +DECLSPEC void m23001s (SHM_TYPE u32a *s_te0, SHM_TYPE u32a *s_te1, SHM_TYPE u32a *s_te2, SHM_TYPE u32a *s_te3, SHM_TYPE u32a *s_te4, SHM_TYPE u32a *s_td0, SHM_TYPE u32a *s_td1, SHM_TYPE u32a *s_td2, SHM_TYPE u32a *s_td3, SHM_TYPE u32a *s_td4, u32 *w, const u32 pw_len, KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + + /** + * base + */ + + const u32 c_16s = hc_rotl32_S ((w[13] ^ w[ 8] ^ w[ 2] ), 1u); + const u32 c_17s = hc_rotl32_S ((w[14] ^ w[ 9] ^ w[ 3] ^ w[ 1]), 1u); + const u32 c_18s = hc_rotl32_S ((w[15] ^ w[10] ^ w[ 4] ^ w[ 2]), 1u); + const u32 c_19s = hc_rotl32_S ((c_16s ^ w[11] ^ w[ 5] ^ w[ 3]), 1u); + const u32 c_20s = hc_rotl32_S ((c_17s ^ w[12] ^ w[ 6] ^ w[ 4]), 1u); + const u32 c_21s = hc_rotl32_S ((c_18s ^ w[13] ^ w[ 7] ^ w[ 5]), 1u); + const u32 c_22s = hc_rotl32_S ((c_19s ^ w[14] ^ w[ 8] ^ w[ 6]), 1u); + const u32 c_23s = hc_rotl32_S ((c_20s ^ w[15] ^ w[ 9] ^ w[ 7]), 1u); + const u32 c_24s = hc_rotl32_S ((c_21s ^ c_16s ^ w[10] ^ w[ 8]), 1u); + const u32 c_25s = hc_rotl32_S ((c_22s ^ c_17s ^ w[11] ^ w[ 9]), 1u); + const u32 c_26s = hc_rotl32_S ((c_23s ^ c_18s ^ w[12] ^ w[10]), 1u); + const u32 c_27s = hc_rotl32_S ((c_24s ^ c_19s ^ w[13] ^ w[11]), 1u); + const u32 c_28s = hc_rotl32_S ((c_25s ^ c_20s ^ w[14] ^ w[12]), 1u); + const u32 c_29s = hc_rotl32_S ((c_26s ^ c_21s ^ w[15] ^ w[13]), 1u); + const u32 c_30s = hc_rotl32_S ((c_27s ^ c_22s ^ c_16s ^ w[14]), 1u); + const u32 c_31s = hc_rotl32_S ((c_28s ^ c_23s ^ c_17s ^ w[15]), 1u); + const u32 c_32s = hc_rotl32_S ((c_29s ^ c_24s ^ c_18s ^ c_16s), 1u); + const u32 c_33s = hc_rotl32_S ((c_30s ^ c_25s ^ c_19s ^ c_17s), 1u); + const u32 c_34s = hc_rotl32_S ((c_31s ^ c_26s ^ c_20s ^ c_18s), 1u); + const u32 c_35s = hc_rotl32_S ((c_32s ^ c_27s ^ c_21s ^ c_19s), 1u); + const u32 c_36s = hc_rotl32_S ((c_33s ^ c_28s ^ c_22s ^ c_20s), 1u); + const u32 c_37s = hc_rotl32_S ((c_34s ^ c_29s ^ c_23s ^ c_21s), 1u); + const u32 c_38s = hc_rotl32_S ((c_35s ^ c_30s ^ c_24s ^ c_22s), 1u); + const u32 c_39s = hc_rotl32_S ((c_36s ^ c_31s ^ c_25s ^ c_23s), 1u); + const u32 c_40s = hc_rotl32_S ((c_37s ^ c_32s ^ c_26s ^ c_24s), 1u); + const u32 c_41s = hc_rotl32_S ((c_38s ^ c_33s ^ c_27s ^ c_25s), 1u); + const u32 c_42s = hc_rotl32_S ((c_39s ^ c_34s ^ c_28s ^ c_26s), 1u); + const u32 c_43s = hc_rotl32_S ((c_40s ^ c_35s ^ c_29s ^ c_27s), 1u); + const u32 c_44s = hc_rotl32_S ((c_41s ^ c_36s ^ c_30s ^ c_28s), 1u); + const u32 c_45s = hc_rotl32_S ((c_42s ^ c_37s ^ c_31s ^ c_29s), 1u); + const u32 c_46s = hc_rotl32_S ((c_43s ^ c_38s ^ c_32s ^ c_30s), 1u); + const u32 c_47s = hc_rotl32_S ((c_44s ^ c_39s ^ c_33s ^ c_31s), 1u); + const u32 c_48s = hc_rotl32_S ((c_45s ^ c_40s ^ c_34s ^ c_32s), 1u); + const u32 c_49s = hc_rotl32_S ((c_46s ^ c_41s ^ c_35s ^ c_33s), 1u); + const u32 c_50s = hc_rotl32_S ((c_47s ^ c_42s ^ c_36s ^ c_34s), 1u); + const u32 c_51s = hc_rotl32_S ((c_48s ^ c_43s ^ c_37s ^ c_35s), 1u); + const u32 c_52s = hc_rotl32_S ((c_49s ^ c_44s ^ c_38s ^ c_36s), 1u); + const u32 c_53s = hc_rotl32_S ((c_50s ^ c_45s ^ c_39s ^ c_37s), 1u); + const u32 c_54s = hc_rotl32_S ((c_51s ^ c_46s ^ c_40s ^ c_38s), 1u); + const u32 c_55s = hc_rotl32_S ((c_52s ^ c_47s ^ c_41s ^ c_39s), 1u); + const u32 c_56s = hc_rotl32_S ((c_53s ^ c_48s ^ c_42s ^ c_40s), 1u); + const u32 c_57s = hc_rotl32_S ((c_54s ^ c_49s ^ c_43s ^ c_41s), 1u); + const u32 c_58s = hc_rotl32_S ((c_55s ^ c_50s ^ c_44s ^ c_42s), 1u); + const u32 c_59s = hc_rotl32_S ((c_56s ^ c_51s ^ c_45s ^ c_43s), 1u); + const u32 c_60s = hc_rotl32_S ((c_57s ^ c_52s ^ c_46s ^ c_44s), 1u); + const u32 c_61s = hc_rotl32_S ((c_58s ^ c_53s ^ c_47s ^ c_45s), 1u); + const u32 c_62s = hc_rotl32_S ((c_59s ^ c_54s ^ c_48s ^ c_46s), 1u); + const u32 c_63s = hc_rotl32_S ((c_60s ^ c_55s ^ c_49s ^ c_47s), 1u); + const u32 c_64s = hc_rotl32_S ((c_61s ^ c_56s ^ c_50s ^ c_48s), 1u); + const u32 c_65s = hc_rotl32_S ((c_62s ^ c_57s ^ c_51s ^ c_49s), 1u); + const u32 c_66s = hc_rotl32_S ((c_63s ^ c_58s ^ c_52s ^ c_50s), 1u); + const u32 c_67s = hc_rotl32_S ((c_64s ^ c_59s ^ c_53s ^ c_51s), 1u); + const u32 c_68s = hc_rotl32_S ((c_65s ^ c_60s ^ c_54s ^ c_52s), 1u); + const u32 c_69s = hc_rotl32_S ((c_66s ^ c_61s ^ c_55s ^ c_53s), 1u); + const u32 c_70s = hc_rotl32_S ((c_67s ^ c_62s ^ c_56s ^ c_54s), 1u); + const u32 c_71s = hc_rotl32_S ((c_68s ^ c_63s ^ c_57s ^ c_55s), 1u); + const u32 c_72s = hc_rotl32_S ((c_69s ^ c_64s ^ c_58s ^ c_56s), 1u); + const u32 c_73s = hc_rotl32_S ((c_70s ^ c_65s ^ c_59s ^ c_57s), 1u); + const u32 c_74s = hc_rotl32_S ((c_71s ^ c_66s ^ c_60s ^ c_58s), 1u); + const u32 c_75s = hc_rotl32_S ((c_72s ^ c_67s ^ c_61s ^ c_59s), 1u); + + const u32 c_17sK = c_17s + SHA1C00; + const u32 c_18sK = c_18s + SHA1C00; + const u32 c_20sK = c_20s + SHA1C01; + const u32 c_21sK = c_21s + SHA1C01; + const u32 c_23sK = c_23s + SHA1C01; + const u32 c_26sK = c_26s + SHA1C01; + const u32 c_27sK = c_27s + SHA1C01; + const u32 c_29sK = c_29s + SHA1C01; + const u32 c_33sK = c_33s + SHA1C01; + const u32 c_39sK = c_39s + SHA1C01; + const u32 c_41sK = c_41s + SHA1C02; + const u32 c_45sK = c_45s + SHA1C02; + const u32 c_53sK = c_53s + SHA1C02; + const u32 c_65sK = c_65s + SHA1C03; + const u32 c_69sK = c_69s + SHA1C03; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + const u32x w0s01 = hc_rotl32 (w0, 1u); + const u32x w0s02 = hc_rotl32 (w0, 2u); + const u32x w0s03 = hc_rotl32 (w0, 3u); + const u32x w0s04 = hc_rotl32 (w0, 4u); + const u32x w0s05 = hc_rotl32 (w0, 5u); + const u32x w0s06 = hc_rotl32 (w0, 6u); + const u32x w0s07 = hc_rotl32 (w0, 7u); + const u32x w0s08 = hc_rotl32 (w0, 8u); + const u32x w0s09 = hc_rotl32 (w0, 9u); + const u32x w0s10 = hc_rotl32 (w0, 10u); + const u32x w0s11 = hc_rotl32 (w0, 11u); + const u32x w0s12 = hc_rotl32 (w0, 12u); + const u32x w0s13 = hc_rotl32 (w0, 13u); + const u32x w0s14 = hc_rotl32 (w0, 14u); + const u32x w0s15 = hc_rotl32 (w0, 15u); + const u32x w0s16 = hc_rotl32 (w0, 16u); + const u32x w0s17 = hc_rotl32 (w0, 17u); + const u32x w0s18 = hc_rotl32 (w0, 18u); + const u32x w0s19 = hc_rotl32 (w0, 19u); + const u32x w0s20 = hc_rotl32 (w0, 20u); + + const u32x w0s04___w0s06 = w0s04 ^ w0s06; + const u32x w0s04___w0s08 = w0s04 ^ w0s08; + const u32x w0s08___w0s12 = w0s08 ^ w0s12; + const u32x w0s04___w0s06___w0s07 = w0s04___w0s06 ^ w0s07; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 1]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 2]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 3]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 4]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[ 5]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 6]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 7]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 8]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 9]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[10]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[11]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[12]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[13]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[14]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[15]); + + SHA1_STEP (SHA1_F0o, e, a, b, c, d, (c_16s ^ w0s01)); + SHA1_STEPX(SHA1_F0o, d, e, a, b, c, (c_17sK)); + SHA1_STEPX(SHA1_F0o, c, d, e, a, b, (c_18sK)); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, (c_19s ^ w0s02)); + + #undef K + #define K SHA1C01 + + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_20sK)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_21sK)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_22s ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_23sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_24s ^ w0s02)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_25s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_26sK)); + SHA1_STEPX(SHA1_F1 , d, e, a, b, c, (c_27sK)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_28s ^ w0s05)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_29sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_30s ^ w0s02 ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_31s ^ w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_32s ^ w0s02 ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_33sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_34s ^ w0s07)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_35s ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_36s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_37s ^ w0s08)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_38s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_39sK)); + + #undef K + #define K SHA1C02 + + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_40s ^ w0s04 ^ w0s09)); + SHA1_STEPX(SHA1_F2o, e, a, b, c, d, (c_41sK)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_42s ^ w0s06 ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_43s ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_44s ^ w0s03 ^ w0s06 ^ w0s07)); + SHA1_STEPX(SHA1_F2o, a, b, c, d, e, (c_45sK)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_46s ^ w0s04 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_47s ^ w0s04___w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_48s ^ w0s03 ^ w0s04___w0s08 ^ w0s05 ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_49s ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_50s ^ w0s08)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_51s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_52s ^ w0s04___w0s08 ^ w0s13)); + SHA1_STEPX(SHA1_F2o, c, d, e, a, b, (c_53sK)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_54s ^ w0s07 ^ w0s10 ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_55s ^ w0s14)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_56s ^ w0s04___w0s06___w0s07 ^ w0s10 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_57s ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_58s ^ w0s04___w0s08 ^ w0s15)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_59s ^ w0s08___w0s12)); + + #undef K + #define K SHA1C03 + + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_60s ^ w0s04 ^ w0s08___w0s12 ^ w0s07 ^ w0s14)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_61s ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_62s ^ w0s04___w0s06 ^ w0s08___w0s12)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_63s ^ w0s08)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_64s ^ w0s04___w0s06___w0s07 ^ w0s08___w0s12 ^ w0s17)); + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_65sK)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_66s ^ w0s14 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_67s ^ w0s08 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_68s ^ w0s11 ^ w0s14 ^ w0s15)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_69sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_70s ^ w0s12 ^ w0s19)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_71s ^ w0s12 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_72s ^ w0s05 ^ w0s11 ^ w0s12 ^ w0s13 ^ w0s16 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_73s ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_74s ^ w0s08 ^ w0s16)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_75s ^ w0s06 ^ w0s12 ^ w0s14)); + + const u32x c_76s = hc_rotl32 ((c_73s ^ c_68s ^ c_62s ^ c_60s), 1u); + const u32x c_77s = hc_rotl32 ((c_74s ^ c_69s ^ c_63s ^ c_61s), 1u); + const u32x c_78s = hc_rotl32 ((c_75s ^ c_70s ^ c_64s ^ c_62s), 1u); + const u32x c_79s = hc_rotl32 ((c_76s ^ c_71s ^ c_65s ^ c_63s), 1u); + + const u32x w0s21 = hc_rotl32 (w0, 21u); + const u32x w0s22 = hc_rotl32 (w0, 22U); + + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_76s ^ w0s07 ^ w0s08___w0s12 ^ w0s16 ^ w0s21)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_77s)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_78s ^ w0s07 ^ w0s08 ^ w0s15 ^ w0s18 ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_79s ^ w0s08 ^ w0s22)); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_m04 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23001m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23001_m08 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23001m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23001_m16 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23001m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23001_s04 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23001s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23001_s08 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23001s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23001_s16 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23001s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} diff --git a/OpenCL/m23001_a3-pure.cl b/OpenCL/m23001_a3-pure.cl new file mode 100644 index 000000000..9875bdf79 --- /dev/null +++ b/OpenCL/m23001_a3-pure.cl @@ -0,0 +1,431 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23001_mxx (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx; + + sha1_init_vector (&ctx); + + sha1_update_vector (&ctx, w, pw_len); + + sha1_final_vector (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23001_sxx (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx; + + sha1_init_vector (&ctx); + + sha1_update_vector (&ctx, w, pw_len); + + sha1_final_vector (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[4]; + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 44 + + u32 ks[KEYLEN]; + + AES128_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23002_a0-optimized.cl b/OpenCL/m23002_a0-optimized.cl new file mode 100644 index 000000000..8ef0e36a9 --- /dev/null +++ b/OpenCL/m23002_a0-optimized.cl @@ -0,0 +1,801 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp_optimized.h" +#include "inc_rp_optimized.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23002_m04 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_m08 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23002_m16 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23002_s04 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_s08 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23002_s16 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} diff --git a/OpenCL/m23002_a0-pure.cl b/OpenCL/m23002_a0-pure.cl new file mode 100644 index 000000000..309f07cfa --- /dev/null +++ b/OpenCL/m23002_a0-pure.cl @@ -0,0 +1,517 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp.h" +#include "inc_rp.cl" +#include "inc_scalar.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23002_mxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_swap (&ctx, tmp.i, tmp.pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_sxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_swap (&ctx, tmp.i, tmp.pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23002_a1-optimized.cl b/OpenCL/m23002_a1-optimized.cl new file mode 100644 index 000000000..bf8e90201 --- /dev/null +++ b/OpenCL/m23002_a1-optimized.cl @@ -0,0 +1,915 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23002_m04 (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (combs_mode == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_m08 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23002_m16 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23002_s04 (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (combs_mode == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_s08 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23002_s16 (KERN_ATTR_ESALT (securezip_t)) +{ +} diff --git a/OpenCL/m23002_a1-pure.cl b/OpenCL/m23002_a1-pure.cl new file mode 100644 index 000000000..6cad15fb1 --- /dev/null +++ b/OpenCL/m23002_a1-pure.cl @@ -0,0 +1,511 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_scalar.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23002_mxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + sha1_ctx_t ctx0; + + sha1_init (&ctx0); + + sha1_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + sha1_ctx_t ctx = ctx0; + + sha1_update_global_swap (&ctx, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_sxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + sha1_ctx_t ctx0; + + sha1_init (&ctx0); + + sha1_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + sha1_ctx_t ctx = ctx0; + + sha1_update_global_swap (&ctx, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23002_a3-optimized.cl b/OpenCL/m23002_a3-optimized.cl new file mode 100644 index 000000000..e81f891a9 --- /dev/null +++ b/OpenCL/m23002_a3-optimized.cl @@ -0,0 +1,1385 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +DECLSPEC void m23002m (SHM_TYPE u32a *s_te0, SHM_TYPE u32a *s_te1, SHM_TYPE u32a *s_te2, SHM_TYPE u32a *s_te3, SHM_TYPE u32a *s_te4, SHM_TYPE u32a *s_td0, SHM_TYPE u32a *s_td1, SHM_TYPE u32a *s_td2, SHM_TYPE u32a *s_td3, SHM_TYPE u32a *s_td4, u32 *w, const u32 pw_len, KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + + /** + * base + */ + + const u32 c_16s = hc_rotl32_S ((w[13] ^ w[ 8] ^ w[ 2] ), 1u); + const u32 c_17s = hc_rotl32_S ((w[14] ^ w[ 9] ^ w[ 3] ^ w[ 1]), 1u); + const u32 c_18s = hc_rotl32_S ((w[15] ^ w[10] ^ w[ 4] ^ w[ 2]), 1u); + const u32 c_19s = hc_rotl32_S ((c_16s ^ w[11] ^ w[ 5] ^ w[ 3]), 1u); + const u32 c_20s = hc_rotl32_S ((c_17s ^ w[12] ^ w[ 6] ^ w[ 4]), 1u); + const u32 c_21s = hc_rotl32_S ((c_18s ^ w[13] ^ w[ 7] ^ w[ 5]), 1u); + const u32 c_22s = hc_rotl32_S ((c_19s ^ w[14] ^ w[ 8] ^ w[ 6]), 1u); + const u32 c_23s = hc_rotl32_S ((c_20s ^ w[15] ^ w[ 9] ^ w[ 7]), 1u); + const u32 c_24s = hc_rotl32_S ((c_21s ^ c_16s ^ w[10] ^ w[ 8]), 1u); + const u32 c_25s = hc_rotl32_S ((c_22s ^ c_17s ^ w[11] ^ w[ 9]), 1u); + const u32 c_26s = hc_rotl32_S ((c_23s ^ c_18s ^ w[12] ^ w[10]), 1u); + const u32 c_27s = hc_rotl32_S ((c_24s ^ c_19s ^ w[13] ^ w[11]), 1u); + const u32 c_28s = hc_rotl32_S ((c_25s ^ c_20s ^ w[14] ^ w[12]), 1u); + const u32 c_29s = hc_rotl32_S ((c_26s ^ c_21s ^ w[15] ^ w[13]), 1u); + const u32 c_30s = hc_rotl32_S ((c_27s ^ c_22s ^ c_16s ^ w[14]), 1u); + const u32 c_31s = hc_rotl32_S ((c_28s ^ c_23s ^ c_17s ^ w[15]), 1u); + const u32 c_32s = hc_rotl32_S ((c_29s ^ c_24s ^ c_18s ^ c_16s), 1u); + const u32 c_33s = hc_rotl32_S ((c_30s ^ c_25s ^ c_19s ^ c_17s), 1u); + const u32 c_34s = hc_rotl32_S ((c_31s ^ c_26s ^ c_20s ^ c_18s), 1u); + const u32 c_35s = hc_rotl32_S ((c_32s ^ c_27s ^ c_21s ^ c_19s), 1u); + const u32 c_36s = hc_rotl32_S ((c_33s ^ c_28s ^ c_22s ^ c_20s), 1u); + const u32 c_37s = hc_rotl32_S ((c_34s ^ c_29s ^ c_23s ^ c_21s), 1u); + const u32 c_38s = hc_rotl32_S ((c_35s ^ c_30s ^ c_24s ^ c_22s), 1u); + const u32 c_39s = hc_rotl32_S ((c_36s ^ c_31s ^ c_25s ^ c_23s), 1u); + const u32 c_40s = hc_rotl32_S ((c_37s ^ c_32s ^ c_26s ^ c_24s), 1u); + const u32 c_41s = hc_rotl32_S ((c_38s ^ c_33s ^ c_27s ^ c_25s), 1u); + const u32 c_42s = hc_rotl32_S ((c_39s ^ c_34s ^ c_28s ^ c_26s), 1u); + const u32 c_43s = hc_rotl32_S ((c_40s ^ c_35s ^ c_29s ^ c_27s), 1u); + const u32 c_44s = hc_rotl32_S ((c_41s ^ c_36s ^ c_30s ^ c_28s), 1u); + const u32 c_45s = hc_rotl32_S ((c_42s ^ c_37s ^ c_31s ^ c_29s), 1u); + const u32 c_46s = hc_rotl32_S ((c_43s ^ c_38s ^ c_32s ^ c_30s), 1u); + const u32 c_47s = hc_rotl32_S ((c_44s ^ c_39s ^ c_33s ^ c_31s), 1u); + const u32 c_48s = hc_rotl32_S ((c_45s ^ c_40s ^ c_34s ^ c_32s), 1u); + const u32 c_49s = hc_rotl32_S ((c_46s ^ c_41s ^ c_35s ^ c_33s), 1u); + const u32 c_50s = hc_rotl32_S ((c_47s ^ c_42s ^ c_36s ^ c_34s), 1u); + const u32 c_51s = hc_rotl32_S ((c_48s ^ c_43s ^ c_37s ^ c_35s), 1u); + const u32 c_52s = hc_rotl32_S ((c_49s ^ c_44s ^ c_38s ^ c_36s), 1u); + const u32 c_53s = hc_rotl32_S ((c_50s ^ c_45s ^ c_39s ^ c_37s), 1u); + const u32 c_54s = hc_rotl32_S ((c_51s ^ c_46s ^ c_40s ^ c_38s), 1u); + const u32 c_55s = hc_rotl32_S ((c_52s ^ c_47s ^ c_41s ^ c_39s), 1u); + const u32 c_56s = hc_rotl32_S ((c_53s ^ c_48s ^ c_42s ^ c_40s), 1u); + const u32 c_57s = hc_rotl32_S ((c_54s ^ c_49s ^ c_43s ^ c_41s), 1u); + const u32 c_58s = hc_rotl32_S ((c_55s ^ c_50s ^ c_44s ^ c_42s), 1u); + const u32 c_59s = hc_rotl32_S ((c_56s ^ c_51s ^ c_45s ^ c_43s), 1u); + const u32 c_60s = hc_rotl32_S ((c_57s ^ c_52s ^ c_46s ^ c_44s), 1u); + const u32 c_61s = hc_rotl32_S ((c_58s ^ c_53s ^ c_47s ^ c_45s), 1u); + const u32 c_62s = hc_rotl32_S ((c_59s ^ c_54s ^ c_48s ^ c_46s), 1u); + const u32 c_63s = hc_rotl32_S ((c_60s ^ c_55s ^ c_49s ^ c_47s), 1u); + const u32 c_64s = hc_rotl32_S ((c_61s ^ c_56s ^ c_50s ^ c_48s), 1u); + const u32 c_65s = hc_rotl32_S ((c_62s ^ c_57s ^ c_51s ^ c_49s), 1u); + const u32 c_66s = hc_rotl32_S ((c_63s ^ c_58s ^ c_52s ^ c_50s), 1u); + const u32 c_67s = hc_rotl32_S ((c_64s ^ c_59s ^ c_53s ^ c_51s), 1u); + const u32 c_68s = hc_rotl32_S ((c_65s ^ c_60s ^ c_54s ^ c_52s), 1u); + const u32 c_69s = hc_rotl32_S ((c_66s ^ c_61s ^ c_55s ^ c_53s), 1u); + const u32 c_70s = hc_rotl32_S ((c_67s ^ c_62s ^ c_56s ^ c_54s), 1u); + const u32 c_71s = hc_rotl32_S ((c_68s ^ c_63s ^ c_57s ^ c_55s), 1u); + const u32 c_72s = hc_rotl32_S ((c_69s ^ c_64s ^ c_58s ^ c_56s), 1u); + const u32 c_73s = hc_rotl32_S ((c_70s ^ c_65s ^ c_59s ^ c_57s), 1u); + const u32 c_74s = hc_rotl32_S ((c_71s ^ c_66s ^ c_60s ^ c_58s), 1u); + const u32 c_75s = hc_rotl32_S ((c_72s ^ c_67s ^ c_61s ^ c_59s), 1u); + + const u32 c_17sK = c_17s + SHA1C00; + const u32 c_18sK = c_18s + SHA1C00; + const u32 c_20sK = c_20s + SHA1C01; + const u32 c_21sK = c_21s + SHA1C01; + const u32 c_23sK = c_23s + SHA1C01; + const u32 c_26sK = c_26s + SHA1C01; + const u32 c_27sK = c_27s + SHA1C01; + const u32 c_29sK = c_29s + SHA1C01; + const u32 c_33sK = c_33s + SHA1C01; + const u32 c_39sK = c_39s + SHA1C01; + const u32 c_41sK = c_41s + SHA1C02; + const u32 c_45sK = c_45s + SHA1C02; + const u32 c_53sK = c_53s + SHA1C02; + const u32 c_65sK = c_65s + SHA1C03; + const u32 c_69sK = c_69s + SHA1C03; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + const u32x w0s01 = hc_rotl32 (w0, 1u); + const u32x w0s02 = hc_rotl32 (w0, 2u); + const u32x w0s03 = hc_rotl32 (w0, 3u); + const u32x w0s04 = hc_rotl32 (w0, 4u); + const u32x w0s05 = hc_rotl32 (w0, 5u); + const u32x w0s06 = hc_rotl32 (w0, 6u); + const u32x w0s07 = hc_rotl32 (w0, 7u); + const u32x w0s08 = hc_rotl32 (w0, 8u); + const u32x w0s09 = hc_rotl32 (w0, 9u); + const u32x w0s10 = hc_rotl32 (w0, 10u); + const u32x w0s11 = hc_rotl32 (w0, 11u); + const u32x w0s12 = hc_rotl32 (w0, 12u); + const u32x w0s13 = hc_rotl32 (w0, 13u); + const u32x w0s14 = hc_rotl32 (w0, 14u); + const u32x w0s15 = hc_rotl32 (w0, 15u); + const u32x w0s16 = hc_rotl32 (w0, 16u); + const u32x w0s17 = hc_rotl32 (w0, 17u); + const u32x w0s18 = hc_rotl32 (w0, 18u); + const u32x w0s19 = hc_rotl32 (w0, 19u); + const u32x w0s20 = hc_rotl32 (w0, 20u); + + const u32x w0s04___w0s06 = w0s04 ^ w0s06; + const u32x w0s04___w0s08 = w0s04 ^ w0s08; + const u32x w0s08___w0s12 = w0s08 ^ w0s12; + const u32x w0s04___w0s06___w0s07 = w0s04___w0s06 ^ w0s07; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 1]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 2]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 3]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 4]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[ 5]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 6]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 7]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 8]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 9]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[10]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[11]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[12]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[13]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[14]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[15]); + + SHA1_STEP (SHA1_F0o, e, a, b, c, d, (c_16s ^ w0s01)); + SHA1_STEPX(SHA1_F0o, d, e, a, b, c, (c_17sK)); + SHA1_STEPX(SHA1_F0o, c, d, e, a, b, (c_18sK)); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, (c_19s ^ w0s02)); + + #undef K + #define K SHA1C01 + + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_20sK)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_21sK)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_22s ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_23sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_24s ^ w0s02)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_25s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_26sK)); + SHA1_STEPX(SHA1_F1 , d, e, a, b, c, (c_27sK)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_28s ^ w0s05)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_29sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_30s ^ w0s02 ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_31s ^ w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_32s ^ w0s02 ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_33sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_34s ^ w0s07)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_35s ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_36s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_37s ^ w0s08)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_38s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_39sK)); + + #undef K + #define K SHA1C02 + + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_40s ^ w0s04 ^ w0s09)); + SHA1_STEPX(SHA1_F2o, e, a, b, c, d, (c_41sK)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_42s ^ w0s06 ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_43s ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_44s ^ w0s03 ^ w0s06 ^ w0s07)); + SHA1_STEPX(SHA1_F2o, a, b, c, d, e, (c_45sK)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_46s ^ w0s04 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_47s ^ w0s04___w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_48s ^ w0s03 ^ w0s04___w0s08 ^ w0s05 ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_49s ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_50s ^ w0s08)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_51s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_52s ^ w0s04___w0s08 ^ w0s13)); + SHA1_STEPX(SHA1_F2o, c, d, e, a, b, (c_53sK)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_54s ^ w0s07 ^ w0s10 ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_55s ^ w0s14)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_56s ^ w0s04___w0s06___w0s07 ^ w0s10 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_57s ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_58s ^ w0s04___w0s08 ^ w0s15)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_59s ^ w0s08___w0s12)); + + #undef K + #define K SHA1C03 + + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_60s ^ w0s04 ^ w0s08___w0s12 ^ w0s07 ^ w0s14)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_61s ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_62s ^ w0s04___w0s06 ^ w0s08___w0s12)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_63s ^ w0s08)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_64s ^ w0s04___w0s06___w0s07 ^ w0s08___w0s12 ^ w0s17)); + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_65sK)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_66s ^ w0s14 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_67s ^ w0s08 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_68s ^ w0s11 ^ w0s14 ^ w0s15)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_69sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_70s ^ w0s12 ^ w0s19)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_71s ^ w0s12 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_72s ^ w0s05 ^ w0s11 ^ w0s12 ^ w0s13 ^ w0s16 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_73s ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_74s ^ w0s08 ^ w0s16)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_75s ^ w0s06 ^ w0s12 ^ w0s14)); + + const u32x c_76s = hc_rotl32 ((c_73s ^ c_68s ^ c_62s ^ c_60s), 1u); + const u32x c_77s = hc_rotl32 ((c_74s ^ c_69s ^ c_63s ^ c_61s), 1u); + const u32x c_78s = hc_rotl32 ((c_75s ^ c_70s ^ c_64s ^ c_62s), 1u); + const u32x c_79s = hc_rotl32 ((c_76s ^ c_71s ^ c_65s ^ c_63s), 1u); + + const u32x w0s21 = hc_rotl32 (w0, 21u); + const u32x w0s22 = hc_rotl32 (w0, 22U); + + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_76s ^ w0s07 ^ w0s08___w0s12 ^ w0s16 ^ w0s21)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_77s)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_78s ^ w0s07 ^ w0s08 ^ w0s15 ^ w0s18 ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_79s ^ w0s08 ^ w0s22)); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +DECLSPEC void m23002s (SHM_TYPE u32a *s_te0, SHM_TYPE u32a *s_te1, SHM_TYPE u32a *s_te2, SHM_TYPE u32a *s_te3, SHM_TYPE u32a *s_te4, SHM_TYPE u32a *s_td0, SHM_TYPE u32a *s_td1, SHM_TYPE u32a *s_td2, SHM_TYPE u32a *s_td3, SHM_TYPE u32a *s_td4, u32 *w, const u32 pw_len, KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + + /** + * base + */ + + const u32 c_16s = hc_rotl32_S ((w[13] ^ w[ 8] ^ w[ 2] ), 1u); + const u32 c_17s = hc_rotl32_S ((w[14] ^ w[ 9] ^ w[ 3] ^ w[ 1]), 1u); + const u32 c_18s = hc_rotl32_S ((w[15] ^ w[10] ^ w[ 4] ^ w[ 2]), 1u); + const u32 c_19s = hc_rotl32_S ((c_16s ^ w[11] ^ w[ 5] ^ w[ 3]), 1u); + const u32 c_20s = hc_rotl32_S ((c_17s ^ w[12] ^ w[ 6] ^ w[ 4]), 1u); + const u32 c_21s = hc_rotl32_S ((c_18s ^ w[13] ^ w[ 7] ^ w[ 5]), 1u); + const u32 c_22s = hc_rotl32_S ((c_19s ^ w[14] ^ w[ 8] ^ w[ 6]), 1u); + const u32 c_23s = hc_rotl32_S ((c_20s ^ w[15] ^ w[ 9] ^ w[ 7]), 1u); + const u32 c_24s = hc_rotl32_S ((c_21s ^ c_16s ^ w[10] ^ w[ 8]), 1u); + const u32 c_25s = hc_rotl32_S ((c_22s ^ c_17s ^ w[11] ^ w[ 9]), 1u); + const u32 c_26s = hc_rotl32_S ((c_23s ^ c_18s ^ w[12] ^ w[10]), 1u); + const u32 c_27s = hc_rotl32_S ((c_24s ^ c_19s ^ w[13] ^ w[11]), 1u); + const u32 c_28s = hc_rotl32_S ((c_25s ^ c_20s ^ w[14] ^ w[12]), 1u); + const u32 c_29s = hc_rotl32_S ((c_26s ^ c_21s ^ w[15] ^ w[13]), 1u); + const u32 c_30s = hc_rotl32_S ((c_27s ^ c_22s ^ c_16s ^ w[14]), 1u); + const u32 c_31s = hc_rotl32_S ((c_28s ^ c_23s ^ c_17s ^ w[15]), 1u); + const u32 c_32s = hc_rotl32_S ((c_29s ^ c_24s ^ c_18s ^ c_16s), 1u); + const u32 c_33s = hc_rotl32_S ((c_30s ^ c_25s ^ c_19s ^ c_17s), 1u); + const u32 c_34s = hc_rotl32_S ((c_31s ^ c_26s ^ c_20s ^ c_18s), 1u); + const u32 c_35s = hc_rotl32_S ((c_32s ^ c_27s ^ c_21s ^ c_19s), 1u); + const u32 c_36s = hc_rotl32_S ((c_33s ^ c_28s ^ c_22s ^ c_20s), 1u); + const u32 c_37s = hc_rotl32_S ((c_34s ^ c_29s ^ c_23s ^ c_21s), 1u); + const u32 c_38s = hc_rotl32_S ((c_35s ^ c_30s ^ c_24s ^ c_22s), 1u); + const u32 c_39s = hc_rotl32_S ((c_36s ^ c_31s ^ c_25s ^ c_23s), 1u); + const u32 c_40s = hc_rotl32_S ((c_37s ^ c_32s ^ c_26s ^ c_24s), 1u); + const u32 c_41s = hc_rotl32_S ((c_38s ^ c_33s ^ c_27s ^ c_25s), 1u); + const u32 c_42s = hc_rotl32_S ((c_39s ^ c_34s ^ c_28s ^ c_26s), 1u); + const u32 c_43s = hc_rotl32_S ((c_40s ^ c_35s ^ c_29s ^ c_27s), 1u); + const u32 c_44s = hc_rotl32_S ((c_41s ^ c_36s ^ c_30s ^ c_28s), 1u); + const u32 c_45s = hc_rotl32_S ((c_42s ^ c_37s ^ c_31s ^ c_29s), 1u); + const u32 c_46s = hc_rotl32_S ((c_43s ^ c_38s ^ c_32s ^ c_30s), 1u); + const u32 c_47s = hc_rotl32_S ((c_44s ^ c_39s ^ c_33s ^ c_31s), 1u); + const u32 c_48s = hc_rotl32_S ((c_45s ^ c_40s ^ c_34s ^ c_32s), 1u); + const u32 c_49s = hc_rotl32_S ((c_46s ^ c_41s ^ c_35s ^ c_33s), 1u); + const u32 c_50s = hc_rotl32_S ((c_47s ^ c_42s ^ c_36s ^ c_34s), 1u); + const u32 c_51s = hc_rotl32_S ((c_48s ^ c_43s ^ c_37s ^ c_35s), 1u); + const u32 c_52s = hc_rotl32_S ((c_49s ^ c_44s ^ c_38s ^ c_36s), 1u); + const u32 c_53s = hc_rotl32_S ((c_50s ^ c_45s ^ c_39s ^ c_37s), 1u); + const u32 c_54s = hc_rotl32_S ((c_51s ^ c_46s ^ c_40s ^ c_38s), 1u); + const u32 c_55s = hc_rotl32_S ((c_52s ^ c_47s ^ c_41s ^ c_39s), 1u); + const u32 c_56s = hc_rotl32_S ((c_53s ^ c_48s ^ c_42s ^ c_40s), 1u); + const u32 c_57s = hc_rotl32_S ((c_54s ^ c_49s ^ c_43s ^ c_41s), 1u); + const u32 c_58s = hc_rotl32_S ((c_55s ^ c_50s ^ c_44s ^ c_42s), 1u); + const u32 c_59s = hc_rotl32_S ((c_56s ^ c_51s ^ c_45s ^ c_43s), 1u); + const u32 c_60s = hc_rotl32_S ((c_57s ^ c_52s ^ c_46s ^ c_44s), 1u); + const u32 c_61s = hc_rotl32_S ((c_58s ^ c_53s ^ c_47s ^ c_45s), 1u); + const u32 c_62s = hc_rotl32_S ((c_59s ^ c_54s ^ c_48s ^ c_46s), 1u); + const u32 c_63s = hc_rotl32_S ((c_60s ^ c_55s ^ c_49s ^ c_47s), 1u); + const u32 c_64s = hc_rotl32_S ((c_61s ^ c_56s ^ c_50s ^ c_48s), 1u); + const u32 c_65s = hc_rotl32_S ((c_62s ^ c_57s ^ c_51s ^ c_49s), 1u); + const u32 c_66s = hc_rotl32_S ((c_63s ^ c_58s ^ c_52s ^ c_50s), 1u); + const u32 c_67s = hc_rotl32_S ((c_64s ^ c_59s ^ c_53s ^ c_51s), 1u); + const u32 c_68s = hc_rotl32_S ((c_65s ^ c_60s ^ c_54s ^ c_52s), 1u); + const u32 c_69s = hc_rotl32_S ((c_66s ^ c_61s ^ c_55s ^ c_53s), 1u); + const u32 c_70s = hc_rotl32_S ((c_67s ^ c_62s ^ c_56s ^ c_54s), 1u); + const u32 c_71s = hc_rotl32_S ((c_68s ^ c_63s ^ c_57s ^ c_55s), 1u); + const u32 c_72s = hc_rotl32_S ((c_69s ^ c_64s ^ c_58s ^ c_56s), 1u); + const u32 c_73s = hc_rotl32_S ((c_70s ^ c_65s ^ c_59s ^ c_57s), 1u); + const u32 c_74s = hc_rotl32_S ((c_71s ^ c_66s ^ c_60s ^ c_58s), 1u); + const u32 c_75s = hc_rotl32_S ((c_72s ^ c_67s ^ c_61s ^ c_59s), 1u); + + const u32 c_17sK = c_17s + SHA1C00; + const u32 c_18sK = c_18s + SHA1C00; + const u32 c_20sK = c_20s + SHA1C01; + const u32 c_21sK = c_21s + SHA1C01; + const u32 c_23sK = c_23s + SHA1C01; + const u32 c_26sK = c_26s + SHA1C01; + const u32 c_27sK = c_27s + SHA1C01; + const u32 c_29sK = c_29s + SHA1C01; + const u32 c_33sK = c_33s + SHA1C01; + const u32 c_39sK = c_39s + SHA1C01; + const u32 c_41sK = c_41s + SHA1C02; + const u32 c_45sK = c_45s + SHA1C02; + const u32 c_53sK = c_53s + SHA1C02; + const u32 c_65sK = c_65s + SHA1C03; + const u32 c_69sK = c_69s + SHA1C03; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + const u32x w0s01 = hc_rotl32 (w0, 1u); + const u32x w0s02 = hc_rotl32 (w0, 2u); + const u32x w0s03 = hc_rotl32 (w0, 3u); + const u32x w0s04 = hc_rotl32 (w0, 4u); + const u32x w0s05 = hc_rotl32 (w0, 5u); + const u32x w0s06 = hc_rotl32 (w0, 6u); + const u32x w0s07 = hc_rotl32 (w0, 7u); + const u32x w0s08 = hc_rotl32 (w0, 8u); + const u32x w0s09 = hc_rotl32 (w0, 9u); + const u32x w0s10 = hc_rotl32 (w0, 10u); + const u32x w0s11 = hc_rotl32 (w0, 11u); + const u32x w0s12 = hc_rotl32 (w0, 12u); + const u32x w0s13 = hc_rotl32 (w0, 13u); + const u32x w0s14 = hc_rotl32 (w0, 14u); + const u32x w0s15 = hc_rotl32 (w0, 15u); + const u32x w0s16 = hc_rotl32 (w0, 16u); + const u32x w0s17 = hc_rotl32 (w0, 17u); + const u32x w0s18 = hc_rotl32 (w0, 18u); + const u32x w0s19 = hc_rotl32 (w0, 19u); + const u32x w0s20 = hc_rotl32 (w0, 20u); + + const u32x w0s04___w0s06 = w0s04 ^ w0s06; + const u32x w0s04___w0s08 = w0s04 ^ w0s08; + const u32x w0s08___w0s12 = w0s08 ^ w0s12; + const u32x w0s04___w0s06___w0s07 = w0s04___w0s06 ^ w0s07; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 1]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 2]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 3]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 4]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[ 5]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 6]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 7]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 8]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 9]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[10]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[11]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[12]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[13]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[14]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[15]); + + SHA1_STEP (SHA1_F0o, e, a, b, c, d, (c_16s ^ w0s01)); + SHA1_STEPX(SHA1_F0o, d, e, a, b, c, (c_17sK)); + SHA1_STEPX(SHA1_F0o, c, d, e, a, b, (c_18sK)); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, (c_19s ^ w0s02)); + + #undef K + #define K SHA1C01 + + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_20sK)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_21sK)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_22s ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_23sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_24s ^ w0s02)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_25s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_26sK)); + SHA1_STEPX(SHA1_F1 , d, e, a, b, c, (c_27sK)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_28s ^ w0s05)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_29sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_30s ^ w0s02 ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_31s ^ w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_32s ^ w0s02 ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_33sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_34s ^ w0s07)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_35s ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_36s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_37s ^ w0s08)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_38s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_39sK)); + + #undef K + #define K SHA1C02 + + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_40s ^ w0s04 ^ w0s09)); + SHA1_STEPX(SHA1_F2o, e, a, b, c, d, (c_41sK)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_42s ^ w0s06 ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_43s ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_44s ^ w0s03 ^ w0s06 ^ w0s07)); + SHA1_STEPX(SHA1_F2o, a, b, c, d, e, (c_45sK)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_46s ^ w0s04 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_47s ^ w0s04___w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_48s ^ w0s03 ^ w0s04___w0s08 ^ w0s05 ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_49s ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_50s ^ w0s08)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_51s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_52s ^ w0s04___w0s08 ^ w0s13)); + SHA1_STEPX(SHA1_F2o, c, d, e, a, b, (c_53sK)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_54s ^ w0s07 ^ w0s10 ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_55s ^ w0s14)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_56s ^ w0s04___w0s06___w0s07 ^ w0s10 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_57s ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_58s ^ w0s04___w0s08 ^ w0s15)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_59s ^ w0s08___w0s12)); + + #undef K + #define K SHA1C03 + + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_60s ^ w0s04 ^ w0s08___w0s12 ^ w0s07 ^ w0s14)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_61s ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_62s ^ w0s04___w0s06 ^ w0s08___w0s12)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_63s ^ w0s08)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_64s ^ w0s04___w0s06___w0s07 ^ w0s08___w0s12 ^ w0s17)); + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_65sK)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_66s ^ w0s14 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_67s ^ w0s08 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_68s ^ w0s11 ^ w0s14 ^ w0s15)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_69sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_70s ^ w0s12 ^ w0s19)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_71s ^ w0s12 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_72s ^ w0s05 ^ w0s11 ^ w0s12 ^ w0s13 ^ w0s16 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_73s ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_74s ^ w0s08 ^ w0s16)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_75s ^ w0s06 ^ w0s12 ^ w0s14)); + + const u32x c_76s = hc_rotl32 ((c_73s ^ c_68s ^ c_62s ^ c_60s), 1u); + const u32x c_77s = hc_rotl32 ((c_74s ^ c_69s ^ c_63s ^ c_61s), 1u); + const u32x c_78s = hc_rotl32 ((c_75s ^ c_70s ^ c_64s ^ c_62s), 1u); + const u32x c_79s = hc_rotl32 ((c_76s ^ c_71s ^ c_65s ^ c_63s), 1u); + + const u32x w0s21 = hc_rotl32 (w0, 21u); + const u32x w0s22 = hc_rotl32 (w0, 22U); + + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_76s ^ w0s07 ^ w0s08___w0s12 ^ w0s16 ^ w0s21)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_77s)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_78s ^ w0s07 ^ w0s08 ^ w0s15 ^ w0s18 ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_79s ^ w0s08 ^ w0s22)); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_m04 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23002m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23002_m08 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23002m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23002_m16 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23002m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23002_s04 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23002s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23002_s08 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23002s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23002_s16 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23002s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} diff --git a/OpenCL/m23002_a3-pure.cl b/OpenCL/m23002_a3-pure.cl new file mode 100644 index 000000000..0dd5cf00b --- /dev/null +++ b/OpenCL/m23002_a3-pure.cl @@ -0,0 +1,537 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23002_mxx (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx; + + sha1_init_vector (&ctx); + + sha1_update_vector (&ctx, w, pw_len); + + sha1_final_vector (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23002_sxx (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx; + + sha1_init_vector (&ctx); + + sha1_update_vector (&ctx, w, pw_len); + + sha1_final_vector (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[6]; // 5 + 1 = 6 (20 bytes + 4 bytes = 24 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 52 + + u32 ks[KEYLEN]; + + AES192_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes192_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23003_a0-optimized.cl b/OpenCL/m23003_a0-optimized.cl new file mode 100644 index 000000000..b83e45769 --- /dev/null +++ b/OpenCL/m23003_a0-optimized.cl @@ -0,0 +1,805 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp_optimized.h" +#include "inc_rp_optimized.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23003_m04 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_m08 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23003_m16 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23003_s04 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + append_0x80_2x4_VV (w0, w1, out_len); + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = out_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_s08 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23003_s16 (KERN_ATTR_RULES_ESALT (securezip_t)) +{ +} diff --git a/OpenCL/m23003_a0-pure.cl b/OpenCL/m23003_a0-pure.cl new file mode 100644 index 000000000..62c15e642 --- /dev/null +++ b/OpenCL/m23003_a0-pure.cl @@ -0,0 +1,521 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_rp.h" +#include "inc_rp.cl" +#include "inc_scalar.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23003_mxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_swap (&ctx, tmp.i, tmp.pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_sxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + COPY_PW (pws[gid]); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + pw_t tmp = PASTE_PW; + + tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len); + + sha1_ctx_t ctx; + + sha1_init (&ctx); + + sha1_update_swap (&ctx, tmp.i, tmp.pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23003_a1-optimized.cl b/OpenCL/m23003_a1-optimized.cl new file mode 100644 index 000000000..1e38939b1 --- /dev/null +++ b/OpenCL/m23003_a1-optimized.cl @@ -0,0 +1,919 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23003_m04 (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (combs_mode == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_m08 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23003_m16 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23003_s04 (KERN_ATTR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_l_len = pws[gid].pw_len & 63; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63; + + const u32x pw_len = (pw_l_len + pw_r_len) & 63; + + /** + * concat password candidate + */ + + u32x wordl0[4] = { 0 }; + u32x wordl1[4] = { 0 }; + u32x wordl2[4] = { 0 }; + u32x wordl3[4] = { 0 }; + + wordl0[0] = pw_buf0[0]; + wordl0[1] = pw_buf0[1]; + wordl0[2] = pw_buf0[2]; + wordl0[3] = pw_buf0[3]; + wordl1[0] = pw_buf1[0]; + wordl1[1] = pw_buf1[1]; + wordl1[2] = pw_buf1[2]; + wordl1[3] = pw_buf1[3]; + + u32x wordr0[4] = { 0 }; + u32x wordr1[4] = { 0 }; + u32x wordr2[4] = { 0 }; + u32x wordr3[4] = { 0 }; + + wordr0[0] = ix_create_combt (combs_buf, il_pos, 0); + wordr0[1] = ix_create_combt (combs_buf, il_pos, 1); + wordr0[2] = ix_create_combt (combs_buf, il_pos, 2); + wordr0[3] = ix_create_combt (combs_buf, il_pos, 3); + wordr1[0] = ix_create_combt (combs_buf, il_pos, 4); + wordr1[1] = ix_create_combt (combs_buf, il_pos, 5); + wordr1[2] = ix_create_combt (combs_buf, il_pos, 6); + wordr1[3] = ix_create_combt (combs_buf, il_pos, 7); + + if (combs_mode == COMBINATOR_MODE_BASE_LEFT) + { + switch_buffer_by_offset_le_VV (wordr0, wordr1, wordr2, wordr3, pw_l_len); + } + else + { + switch_buffer_by_offset_le_VV (wordl0, wordl1, wordl2, wordl3, pw_r_len); + } + + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = wordl0[0] | wordr0[0]; + w0[1] = wordl0[1] | wordr0[1]; + w0[2] = wordl0[2] | wordr0[2]; + w0[3] = wordl0[3] | wordr0[3]; + w1[0] = wordl1[0] | wordr1[0]; + w1[1] = wordl1[1] | wordr1[1]; + w1[2] = wordl1[2] | wordr1[2]; + w1[3] = wordl1[3] | wordr1[3]; + w2[0] = wordl2[0] | wordr2[0]; + w2[1] = wordl2[1] | wordr2[1]; + w2[2] = wordl2[2] | wordr2[2]; + w2[3] = wordl2[3] | wordr2[3]; + w3[0] = wordl3[0] | wordr3[0]; + w3[1] = wordl3[1] | wordr3[1]; + w3[2] = wordl3[2] | wordr3[2]; + w3[3] = wordl3[3] | wordr3[3]; + + /** + * sha1 + */ + + u32x w0_t = hc_swap32 (w0[0]); + u32x w1_t = hc_swap32 (w0[1]); + u32x w2_t = hc_swap32 (w0[2]); + u32x w3_t = hc_swap32 (w0[3]); + u32x w4_t = hc_swap32 (w1[0]); + u32x w5_t = hc_swap32 (w1[1]); + u32x w6_t = hc_swap32 (w1[2]); + u32x w7_t = hc_swap32 (w1[3]); + u32x w8_t = hc_swap32 (w2[0]); + u32x w9_t = hc_swap32 (w2[1]); + u32x wa_t = hc_swap32 (w2[2]); + u32x wb_t = hc_swap32 (w2[3]); + u32x wc_t = hc_swap32 (w3[0]); + u32x wd_t = hc_swap32 (w3[1]); + u32x we_t = 0; + u32x wf_t = pw_len * 8; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w1_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w2_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w3_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w4_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w5_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w6_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w7_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w8_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w9_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wa_t); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, wb_t); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, wc_t); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, wd_t); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, we_t); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, e, a, b, c, d, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, d, e, a, b, c, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, c, d, e, a, b, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, b, c, d, e, a, w3_t); + + #undef K + #define K SHA1C01 + + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w7_t); + + #undef K + #define K SHA1C02 + + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, a, b, c, d, e, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, e, a, b, c, d, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, d, e, a, b, c, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, c, d, e, a, b, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, b, c, d, e, a, wb_t); + + #undef K + #define K SHA1C03 + + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, wf_t); + w0_t = hc_rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w0_t); + w1_t = hc_rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w1_t); + w2_t = hc_rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w2_t); + w3_t = hc_rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w3_t); + w4_t = hc_rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w4_t); + w5_t = hc_rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, w5_t); + w6_t = hc_rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, w6_t); + w7_t = hc_rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, w7_t); + w8_t = hc_rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, w8_t); + w9_t = hc_rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, w9_t); + wa_t = hc_rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wa_t); + wb_t = hc_rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, a, b, c, d, e, wb_t); + wc_t = hc_rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, e, a, b, c, d, wc_t); + wd_t = hc_rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, d, e, a, b, c, wd_t); + we_t = hc_rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, c, d, e, a, b, we_t); + wf_t = hc_rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, b, c, d, e, a, wf_t); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_s08 (KERN_ATTR_ESALT (securezip_t)) +{ +} + +KERNEL_FQ void m23003_s16 (KERN_ATTR_ESALT (securezip_t)) +{ +} diff --git a/OpenCL/m23003_a1-pure.cl b/OpenCL/m23003_a1-pure.cl new file mode 100644 index 000000000..30b4afd8f --- /dev/null +++ b/OpenCL/m23003_a1-pure.cl @@ -0,0 +1,515 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_scalar.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23003_mxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + sha1_ctx_t ctx0; + + sha1_init (&ctx0); + + sha1_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + sha1_ctx_t ctx = ctx0; + + sha1_update_global_swap (&ctx, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_sxx (KERN_ATTR_RULES_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + sha1_ctx_t ctx0; + + sha1_init (&ctx0); + + sha1_update_global_swap (&ctx0, pws[gid].i, pws[gid].pw_len); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) + { + sha1_ctx_t ctx = ctx0; + + sha1_update_global_swap (&ctx, combs_buf[il_pos].i, combs_buf[il_pos].pw_len); + + sha1_final (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/OpenCL/m23003_a3-optimized.cl b/OpenCL/m23003_a3-optimized.cl new file mode 100644 index 000000000..7f6656935 --- /dev/null +++ b/OpenCL/m23003_a3-optimized.cl @@ -0,0 +1,1389 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +DECLSPEC void m23003m (SHM_TYPE u32a *s_te0, SHM_TYPE u32a *s_te1, SHM_TYPE u32a *s_te2, SHM_TYPE u32a *s_te3, SHM_TYPE u32a *s_te4, SHM_TYPE u32a *s_td0, SHM_TYPE u32a *s_td1, SHM_TYPE u32a *s_td2, SHM_TYPE u32a *s_td3, SHM_TYPE u32a *s_td4, u32 *w, const u32 pw_len, KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + + /** + * base + */ + + const u32 c_16s = hc_rotl32_S ((w[13] ^ w[ 8] ^ w[ 2] ), 1u); + const u32 c_17s = hc_rotl32_S ((w[14] ^ w[ 9] ^ w[ 3] ^ w[ 1]), 1u); + const u32 c_18s = hc_rotl32_S ((w[15] ^ w[10] ^ w[ 4] ^ w[ 2]), 1u); + const u32 c_19s = hc_rotl32_S ((c_16s ^ w[11] ^ w[ 5] ^ w[ 3]), 1u); + const u32 c_20s = hc_rotl32_S ((c_17s ^ w[12] ^ w[ 6] ^ w[ 4]), 1u); + const u32 c_21s = hc_rotl32_S ((c_18s ^ w[13] ^ w[ 7] ^ w[ 5]), 1u); + const u32 c_22s = hc_rotl32_S ((c_19s ^ w[14] ^ w[ 8] ^ w[ 6]), 1u); + const u32 c_23s = hc_rotl32_S ((c_20s ^ w[15] ^ w[ 9] ^ w[ 7]), 1u); + const u32 c_24s = hc_rotl32_S ((c_21s ^ c_16s ^ w[10] ^ w[ 8]), 1u); + const u32 c_25s = hc_rotl32_S ((c_22s ^ c_17s ^ w[11] ^ w[ 9]), 1u); + const u32 c_26s = hc_rotl32_S ((c_23s ^ c_18s ^ w[12] ^ w[10]), 1u); + const u32 c_27s = hc_rotl32_S ((c_24s ^ c_19s ^ w[13] ^ w[11]), 1u); + const u32 c_28s = hc_rotl32_S ((c_25s ^ c_20s ^ w[14] ^ w[12]), 1u); + const u32 c_29s = hc_rotl32_S ((c_26s ^ c_21s ^ w[15] ^ w[13]), 1u); + const u32 c_30s = hc_rotl32_S ((c_27s ^ c_22s ^ c_16s ^ w[14]), 1u); + const u32 c_31s = hc_rotl32_S ((c_28s ^ c_23s ^ c_17s ^ w[15]), 1u); + const u32 c_32s = hc_rotl32_S ((c_29s ^ c_24s ^ c_18s ^ c_16s), 1u); + const u32 c_33s = hc_rotl32_S ((c_30s ^ c_25s ^ c_19s ^ c_17s), 1u); + const u32 c_34s = hc_rotl32_S ((c_31s ^ c_26s ^ c_20s ^ c_18s), 1u); + const u32 c_35s = hc_rotl32_S ((c_32s ^ c_27s ^ c_21s ^ c_19s), 1u); + const u32 c_36s = hc_rotl32_S ((c_33s ^ c_28s ^ c_22s ^ c_20s), 1u); + const u32 c_37s = hc_rotl32_S ((c_34s ^ c_29s ^ c_23s ^ c_21s), 1u); + const u32 c_38s = hc_rotl32_S ((c_35s ^ c_30s ^ c_24s ^ c_22s), 1u); + const u32 c_39s = hc_rotl32_S ((c_36s ^ c_31s ^ c_25s ^ c_23s), 1u); + const u32 c_40s = hc_rotl32_S ((c_37s ^ c_32s ^ c_26s ^ c_24s), 1u); + const u32 c_41s = hc_rotl32_S ((c_38s ^ c_33s ^ c_27s ^ c_25s), 1u); + const u32 c_42s = hc_rotl32_S ((c_39s ^ c_34s ^ c_28s ^ c_26s), 1u); + const u32 c_43s = hc_rotl32_S ((c_40s ^ c_35s ^ c_29s ^ c_27s), 1u); + const u32 c_44s = hc_rotl32_S ((c_41s ^ c_36s ^ c_30s ^ c_28s), 1u); + const u32 c_45s = hc_rotl32_S ((c_42s ^ c_37s ^ c_31s ^ c_29s), 1u); + const u32 c_46s = hc_rotl32_S ((c_43s ^ c_38s ^ c_32s ^ c_30s), 1u); + const u32 c_47s = hc_rotl32_S ((c_44s ^ c_39s ^ c_33s ^ c_31s), 1u); + const u32 c_48s = hc_rotl32_S ((c_45s ^ c_40s ^ c_34s ^ c_32s), 1u); + const u32 c_49s = hc_rotl32_S ((c_46s ^ c_41s ^ c_35s ^ c_33s), 1u); + const u32 c_50s = hc_rotl32_S ((c_47s ^ c_42s ^ c_36s ^ c_34s), 1u); + const u32 c_51s = hc_rotl32_S ((c_48s ^ c_43s ^ c_37s ^ c_35s), 1u); + const u32 c_52s = hc_rotl32_S ((c_49s ^ c_44s ^ c_38s ^ c_36s), 1u); + const u32 c_53s = hc_rotl32_S ((c_50s ^ c_45s ^ c_39s ^ c_37s), 1u); + const u32 c_54s = hc_rotl32_S ((c_51s ^ c_46s ^ c_40s ^ c_38s), 1u); + const u32 c_55s = hc_rotl32_S ((c_52s ^ c_47s ^ c_41s ^ c_39s), 1u); + const u32 c_56s = hc_rotl32_S ((c_53s ^ c_48s ^ c_42s ^ c_40s), 1u); + const u32 c_57s = hc_rotl32_S ((c_54s ^ c_49s ^ c_43s ^ c_41s), 1u); + const u32 c_58s = hc_rotl32_S ((c_55s ^ c_50s ^ c_44s ^ c_42s), 1u); + const u32 c_59s = hc_rotl32_S ((c_56s ^ c_51s ^ c_45s ^ c_43s), 1u); + const u32 c_60s = hc_rotl32_S ((c_57s ^ c_52s ^ c_46s ^ c_44s), 1u); + const u32 c_61s = hc_rotl32_S ((c_58s ^ c_53s ^ c_47s ^ c_45s), 1u); + const u32 c_62s = hc_rotl32_S ((c_59s ^ c_54s ^ c_48s ^ c_46s), 1u); + const u32 c_63s = hc_rotl32_S ((c_60s ^ c_55s ^ c_49s ^ c_47s), 1u); + const u32 c_64s = hc_rotl32_S ((c_61s ^ c_56s ^ c_50s ^ c_48s), 1u); + const u32 c_65s = hc_rotl32_S ((c_62s ^ c_57s ^ c_51s ^ c_49s), 1u); + const u32 c_66s = hc_rotl32_S ((c_63s ^ c_58s ^ c_52s ^ c_50s), 1u); + const u32 c_67s = hc_rotl32_S ((c_64s ^ c_59s ^ c_53s ^ c_51s), 1u); + const u32 c_68s = hc_rotl32_S ((c_65s ^ c_60s ^ c_54s ^ c_52s), 1u); + const u32 c_69s = hc_rotl32_S ((c_66s ^ c_61s ^ c_55s ^ c_53s), 1u); + const u32 c_70s = hc_rotl32_S ((c_67s ^ c_62s ^ c_56s ^ c_54s), 1u); + const u32 c_71s = hc_rotl32_S ((c_68s ^ c_63s ^ c_57s ^ c_55s), 1u); + const u32 c_72s = hc_rotl32_S ((c_69s ^ c_64s ^ c_58s ^ c_56s), 1u); + const u32 c_73s = hc_rotl32_S ((c_70s ^ c_65s ^ c_59s ^ c_57s), 1u); + const u32 c_74s = hc_rotl32_S ((c_71s ^ c_66s ^ c_60s ^ c_58s), 1u); + const u32 c_75s = hc_rotl32_S ((c_72s ^ c_67s ^ c_61s ^ c_59s), 1u); + + const u32 c_17sK = c_17s + SHA1C00; + const u32 c_18sK = c_18s + SHA1C00; + const u32 c_20sK = c_20s + SHA1C01; + const u32 c_21sK = c_21s + SHA1C01; + const u32 c_23sK = c_23s + SHA1C01; + const u32 c_26sK = c_26s + SHA1C01; + const u32 c_27sK = c_27s + SHA1C01; + const u32 c_29sK = c_29s + SHA1C01; + const u32 c_33sK = c_33s + SHA1C01; + const u32 c_39sK = c_39s + SHA1C01; + const u32 c_41sK = c_41s + SHA1C02; + const u32 c_45sK = c_45s + SHA1C02; + const u32 c_53sK = c_53s + SHA1C02; + const u32 c_65sK = c_65s + SHA1C03; + const u32 c_69sK = c_69s + SHA1C03; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + const u32x w0s01 = hc_rotl32 (w0, 1u); + const u32x w0s02 = hc_rotl32 (w0, 2u); + const u32x w0s03 = hc_rotl32 (w0, 3u); + const u32x w0s04 = hc_rotl32 (w0, 4u); + const u32x w0s05 = hc_rotl32 (w0, 5u); + const u32x w0s06 = hc_rotl32 (w0, 6u); + const u32x w0s07 = hc_rotl32 (w0, 7u); + const u32x w0s08 = hc_rotl32 (w0, 8u); + const u32x w0s09 = hc_rotl32 (w0, 9u); + const u32x w0s10 = hc_rotl32 (w0, 10u); + const u32x w0s11 = hc_rotl32 (w0, 11u); + const u32x w0s12 = hc_rotl32 (w0, 12u); + const u32x w0s13 = hc_rotl32 (w0, 13u); + const u32x w0s14 = hc_rotl32 (w0, 14u); + const u32x w0s15 = hc_rotl32 (w0, 15u); + const u32x w0s16 = hc_rotl32 (w0, 16u); + const u32x w0s17 = hc_rotl32 (w0, 17u); + const u32x w0s18 = hc_rotl32 (w0, 18u); + const u32x w0s19 = hc_rotl32 (w0, 19u); + const u32x w0s20 = hc_rotl32 (w0, 20u); + + const u32x w0s04___w0s06 = w0s04 ^ w0s06; + const u32x w0s04___w0s08 = w0s04 ^ w0s08; + const u32x w0s08___w0s12 = w0s08 ^ w0s12; + const u32x w0s04___w0s06___w0s07 = w0s04___w0s06 ^ w0s07; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 1]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 2]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 3]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 4]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[ 5]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 6]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 7]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 8]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 9]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[10]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[11]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[12]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[13]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[14]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[15]); + + SHA1_STEP (SHA1_F0o, e, a, b, c, d, (c_16s ^ w0s01)); + SHA1_STEPX(SHA1_F0o, d, e, a, b, c, (c_17sK)); + SHA1_STEPX(SHA1_F0o, c, d, e, a, b, (c_18sK)); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, (c_19s ^ w0s02)); + + #undef K + #define K SHA1C01 + + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_20sK)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_21sK)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_22s ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_23sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_24s ^ w0s02)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_25s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_26sK)); + SHA1_STEPX(SHA1_F1 , d, e, a, b, c, (c_27sK)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_28s ^ w0s05)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_29sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_30s ^ w0s02 ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_31s ^ w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_32s ^ w0s02 ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_33sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_34s ^ w0s07)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_35s ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_36s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_37s ^ w0s08)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_38s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_39sK)); + + #undef K + #define K SHA1C02 + + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_40s ^ w0s04 ^ w0s09)); + SHA1_STEPX(SHA1_F2o, e, a, b, c, d, (c_41sK)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_42s ^ w0s06 ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_43s ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_44s ^ w0s03 ^ w0s06 ^ w0s07)); + SHA1_STEPX(SHA1_F2o, a, b, c, d, e, (c_45sK)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_46s ^ w0s04 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_47s ^ w0s04___w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_48s ^ w0s03 ^ w0s04___w0s08 ^ w0s05 ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_49s ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_50s ^ w0s08)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_51s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_52s ^ w0s04___w0s08 ^ w0s13)); + SHA1_STEPX(SHA1_F2o, c, d, e, a, b, (c_53sK)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_54s ^ w0s07 ^ w0s10 ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_55s ^ w0s14)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_56s ^ w0s04___w0s06___w0s07 ^ w0s10 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_57s ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_58s ^ w0s04___w0s08 ^ w0s15)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_59s ^ w0s08___w0s12)); + + #undef K + #define K SHA1C03 + + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_60s ^ w0s04 ^ w0s08___w0s12 ^ w0s07 ^ w0s14)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_61s ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_62s ^ w0s04___w0s06 ^ w0s08___w0s12)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_63s ^ w0s08)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_64s ^ w0s04___w0s06___w0s07 ^ w0s08___w0s12 ^ w0s17)); + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_65sK)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_66s ^ w0s14 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_67s ^ w0s08 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_68s ^ w0s11 ^ w0s14 ^ w0s15)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_69sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_70s ^ w0s12 ^ w0s19)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_71s ^ w0s12 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_72s ^ w0s05 ^ w0s11 ^ w0s12 ^ w0s13 ^ w0s16 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_73s ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_74s ^ w0s08 ^ w0s16)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_75s ^ w0s06 ^ w0s12 ^ w0s14)); + + const u32x c_76s = hc_rotl32 ((c_73s ^ c_68s ^ c_62s ^ c_60s), 1u); + const u32x c_77s = hc_rotl32 ((c_74s ^ c_69s ^ c_63s ^ c_61s), 1u); + const u32x c_78s = hc_rotl32 ((c_75s ^ c_70s ^ c_64s ^ c_62s), 1u); + const u32x c_79s = hc_rotl32 ((c_76s ^ c_71s ^ c_65s ^ c_63s), 1u); + + const u32x w0s21 = hc_rotl32 (w0, 21u); + const u32x w0s22 = hc_rotl32 (w0, 22U); + + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_76s ^ w0s07 ^ w0s08___w0s12 ^ w0s16 ^ w0s21)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_77s)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_78s ^ w0s07 ^ w0s08 ^ w0s15 ^ w0s18 ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_79s ^ w0s08 ^ w0s22)); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +DECLSPEC void m23003s (SHM_TYPE u32a *s_te0, SHM_TYPE u32a *s_te1, SHM_TYPE u32a *s_te2, SHM_TYPE u32a *s_te3, SHM_TYPE u32a *s_te4, SHM_TYPE u32a *s_td0, SHM_TYPE u32a *s_td1, SHM_TYPE u32a *s_td2, SHM_TYPE u32a *s_td3, SHM_TYPE u32a *s_td4, u32 *w, const u32 pw_len, KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * modifier + */ + + const u64 gid = get_global_id (0); + + /** + * base + */ + + const u32 c_16s = hc_rotl32_S ((w[13] ^ w[ 8] ^ w[ 2] ), 1u); + const u32 c_17s = hc_rotl32_S ((w[14] ^ w[ 9] ^ w[ 3] ^ w[ 1]), 1u); + const u32 c_18s = hc_rotl32_S ((w[15] ^ w[10] ^ w[ 4] ^ w[ 2]), 1u); + const u32 c_19s = hc_rotl32_S ((c_16s ^ w[11] ^ w[ 5] ^ w[ 3]), 1u); + const u32 c_20s = hc_rotl32_S ((c_17s ^ w[12] ^ w[ 6] ^ w[ 4]), 1u); + const u32 c_21s = hc_rotl32_S ((c_18s ^ w[13] ^ w[ 7] ^ w[ 5]), 1u); + const u32 c_22s = hc_rotl32_S ((c_19s ^ w[14] ^ w[ 8] ^ w[ 6]), 1u); + const u32 c_23s = hc_rotl32_S ((c_20s ^ w[15] ^ w[ 9] ^ w[ 7]), 1u); + const u32 c_24s = hc_rotl32_S ((c_21s ^ c_16s ^ w[10] ^ w[ 8]), 1u); + const u32 c_25s = hc_rotl32_S ((c_22s ^ c_17s ^ w[11] ^ w[ 9]), 1u); + const u32 c_26s = hc_rotl32_S ((c_23s ^ c_18s ^ w[12] ^ w[10]), 1u); + const u32 c_27s = hc_rotl32_S ((c_24s ^ c_19s ^ w[13] ^ w[11]), 1u); + const u32 c_28s = hc_rotl32_S ((c_25s ^ c_20s ^ w[14] ^ w[12]), 1u); + const u32 c_29s = hc_rotl32_S ((c_26s ^ c_21s ^ w[15] ^ w[13]), 1u); + const u32 c_30s = hc_rotl32_S ((c_27s ^ c_22s ^ c_16s ^ w[14]), 1u); + const u32 c_31s = hc_rotl32_S ((c_28s ^ c_23s ^ c_17s ^ w[15]), 1u); + const u32 c_32s = hc_rotl32_S ((c_29s ^ c_24s ^ c_18s ^ c_16s), 1u); + const u32 c_33s = hc_rotl32_S ((c_30s ^ c_25s ^ c_19s ^ c_17s), 1u); + const u32 c_34s = hc_rotl32_S ((c_31s ^ c_26s ^ c_20s ^ c_18s), 1u); + const u32 c_35s = hc_rotl32_S ((c_32s ^ c_27s ^ c_21s ^ c_19s), 1u); + const u32 c_36s = hc_rotl32_S ((c_33s ^ c_28s ^ c_22s ^ c_20s), 1u); + const u32 c_37s = hc_rotl32_S ((c_34s ^ c_29s ^ c_23s ^ c_21s), 1u); + const u32 c_38s = hc_rotl32_S ((c_35s ^ c_30s ^ c_24s ^ c_22s), 1u); + const u32 c_39s = hc_rotl32_S ((c_36s ^ c_31s ^ c_25s ^ c_23s), 1u); + const u32 c_40s = hc_rotl32_S ((c_37s ^ c_32s ^ c_26s ^ c_24s), 1u); + const u32 c_41s = hc_rotl32_S ((c_38s ^ c_33s ^ c_27s ^ c_25s), 1u); + const u32 c_42s = hc_rotl32_S ((c_39s ^ c_34s ^ c_28s ^ c_26s), 1u); + const u32 c_43s = hc_rotl32_S ((c_40s ^ c_35s ^ c_29s ^ c_27s), 1u); + const u32 c_44s = hc_rotl32_S ((c_41s ^ c_36s ^ c_30s ^ c_28s), 1u); + const u32 c_45s = hc_rotl32_S ((c_42s ^ c_37s ^ c_31s ^ c_29s), 1u); + const u32 c_46s = hc_rotl32_S ((c_43s ^ c_38s ^ c_32s ^ c_30s), 1u); + const u32 c_47s = hc_rotl32_S ((c_44s ^ c_39s ^ c_33s ^ c_31s), 1u); + const u32 c_48s = hc_rotl32_S ((c_45s ^ c_40s ^ c_34s ^ c_32s), 1u); + const u32 c_49s = hc_rotl32_S ((c_46s ^ c_41s ^ c_35s ^ c_33s), 1u); + const u32 c_50s = hc_rotl32_S ((c_47s ^ c_42s ^ c_36s ^ c_34s), 1u); + const u32 c_51s = hc_rotl32_S ((c_48s ^ c_43s ^ c_37s ^ c_35s), 1u); + const u32 c_52s = hc_rotl32_S ((c_49s ^ c_44s ^ c_38s ^ c_36s), 1u); + const u32 c_53s = hc_rotl32_S ((c_50s ^ c_45s ^ c_39s ^ c_37s), 1u); + const u32 c_54s = hc_rotl32_S ((c_51s ^ c_46s ^ c_40s ^ c_38s), 1u); + const u32 c_55s = hc_rotl32_S ((c_52s ^ c_47s ^ c_41s ^ c_39s), 1u); + const u32 c_56s = hc_rotl32_S ((c_53s ^ c_48s ^ c_42s ^ c_40s), 1u); + const u32 c_57s = hc_rotl32_S ((c_54s ^ c_49s ^ c_43s ^ c_41s), 1u); + const u32 c_58s = hc_rotl32_S ((c_55s ^ c_50s ^ c_44s ^ c_42s), 1u); + const u32 c_59s = hc_rotl32_S ((c_56s ^ c_51s ^ c_45s ^ c_43s), 1u); + const u32 c_60s = hc_rotl32_S ((c_57s ^ c_52s ^ c_46s ^ c_44s), 1u); + const u32 c_61s = hc_rotl32_S ((c_58s ^ c_53s ^ c_47s ^ c_45s), 1u); + const u32 c_62s = hc_rotl32_S ((c_59s ^ c_54s ^ c_48s ^ c_46s), 1u); + const u32 c_63s = hc_rotl32_S ((c_60s ^ c_55s ^ c_49s ^ c_47s), 1u); + const u32 c_64s = hc_rotl32_S ((c_61s ^ c_56s ^ c_50s ^ c_48s), 1u); + const u32 c_65s = hc_rotl32_S ((c_62s ^ c_57s ^ c_51s ^ c_49s), 1u); + const u32 c_66s = hc_rotl32_S ((c_63s ^ c_58s ^ c_52s ^ c_50s), 1u); + const u32 c_67s = hc_rotl32_S ((c_64s ^ c_59s ^ c_53s ^ c_51s), 1u); + const u32 c_68s = hc_rotl32_S ((c_65s ^ c_60s ^ c_54s ^ c_52s), 1u); + const u32 c_69s = hc_rotl32_S ((c_66s ^ c_61s ^ c_55s ^ c_53s), 1u); + const u32 c_70s = hc_rotl32_S ((c_67s ^ c_62s ^ c_56s ^ c_54s), 1u); + const u32 c_71s = hc_rotl32_S ((c_68s ^ c_63s ^ c_57s ^ c_55s), 1u); + const u32 c_72s = hc_rotl32_S ((c_69s ^ c_64s ^ c_58s ^ c_56s), 1u); + const u32 c_73s = hc_rotl32_S ((c_70s ^ c_65s ^ c_59s ^ c_57s), 1u); + const u32 c_74s = hc_rotl32_S ((c_71s ^ c_66s ^ c_60s ^ c_58s), 1u); + const u32 c_75s = hc_rotl32_S ((c_72s ^ c_67s ^ c_61s ^ c_59s), 1u); + + const u32 c_17sK = c_17s + SHA1C00; + const u32 c_18sK = c_18s + SHA1C00; + const u32 c_20sK = c_20s + SHA1C01; + const u32 c_21sK = c_21s + SHA1C01; + const u32 c_23sK = c_23s + SHA1C01; + const u32 c_26sK = c_26s + SHA1C01; + const u32 c_27sK = c_27s + SHA1C01; + const u32 c_29sK = c_29s + SHA1C01; + const u32 c_33sK = c_33s + SHA1C01; + const u32 c_39sK = c_39s + SHA1C01; + const u32 c_41sK = c_41s + SHA1C02; + const u32 c_45sK = c_45s + SHA1C02; + const u32 c_53sK = c_53s + SHA1C02; + const u32 c_65sK = c_65s + SHA1C03; + const u32 c_69sK = c_69s + SHA1C03; + + /** + * loop + */ + + u32 w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + const u32x w0s01 = hc_rotl32 (w0, 1u); + const u32x w0s02 = hc_rotl32 (w0, 2u); + const u32x w0s03 = hc_rotl32 (w0, 3u); + const u32x w0s04 = hc_rotl32 (w0, 4u); + const u32x w0s05 = hc_rotl32 (w0, 5u); + const u32x w0s06 = hc_rotl32 (w0, 6u); + const u32x w0s07 = hc_rotl32 (w0, 7u); + const u32x w0s08 = hc_rotl32 (w0, 8u); + const u32x w0s09 = hc_rotl32 (w0, 9u); + const u32x w0s10 = hc_rotl32 (w0, 10u); + const u32x w0s11 = hc_rotl32 (w0, 11u); + const u32x w0s12 = hc_rotl32 (w0, 12u); + const u32x w0s13 = hc_rotl32 (w0, 13u); + const u32x w0s14 = hc_rotl32 (w0, 14u); + const u32x w0s15 = hc_rotl32 (w0, 15u); + const u32x w0s16 = hc_rotl32 (w0, 16u); + const u32x w0s17 = hc_rotl32 (w0, 17u); + const u32x w0s18 = hc_rotl32 (w0, 18u); + const u32x w0s19 = hc_rotl32 (w0, 19u); + const u32x w0s20 = hc_rotl32 (w0, 20u); + + const u32x w0s04___w0s06 = w0s04 ^ w0s06; + const u32x w0s04___w0s08 = w0s04 ^ w0s08; + const u32x w0s08___w0s12 = w0s08 ^ w0s12; + const u32x w0s04___w0s06___w0s07 = w0s04___w0s06 ^ w0s07; + + u32x a = SHA1M_A; + u32x b = SHA1M_B; + u32x c = SHA1M_C; + u32x d = SHA1M_D; + u32x e = SHA1M_E; + + #undef K + #define K SHA1C00 + + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w0); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 1]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 2]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 3]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 4]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[ 5]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[ 6]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[ 7]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[ 8]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[ 9]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[10]); + SHA1_STEP (SHA1_F0o, e, a, b, c, d, w[11]); + SHA1_STEP (SHA1_F0o, d, e, a, b, c, w[12]); + SHA1_STEP (SHA1_F0o, c, d, e, a, b, w[13]); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, w[14]); + SHA1_STEP (SHA1_F0o, a, b, c, d, e, w[15]); + + SHA1_STEP (SHA1_F0o, e, a, b, c, d, (c_16s ^ w0s01)); + SHA1_STEPX(SHA1_F0o, d, e, a, b, c, (c_17sK)); + SHA1_STEPX(SHA1_F0o, c, d, e, a, b, (c_18sK)); + SHA1_STEP (SHA1_F0o, b, c, d, e, a, (c_19s ^ w0s02)); + + #undef K + #define K SHA1C01 + + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_20sK)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_21sK)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_22s ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_23sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_24s ^ w0s02)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_25s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , e, a, b, c, d, (c_26sK)); + SHA1_STEPX(SHA1_F1 , d, e, a, b, c, (c_27sK)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_28s ^ w0s05)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_29sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_30s ^ w0s02 ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_31s ^ w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_32s ^ w0s02 ^ w0s03)); + SHA1_STEPX(SHA1_F1 , c, d, e, a, b, (c_33sK)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_34s ^ w0s07)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_35s ^ w0s04)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_36s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_37s ^ w0s08)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_38s ^ w0s04)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_39sK)); + + #undef K + #define K SHA1C02 + + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_40s ^ w0s04 ^ w0s09)); + SHA1_STEPX(SHA1_F2o, e, a, b, c, d, (c_41sK)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_42s ^ w0s06 ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_43s ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_44s ^ w0s03 ^ w0s06 ^ w0s07)); + SHA1_STEPX(SHA1_F2o, a, b, c, d, e, (c_45sK)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_46s ^ w0s04 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_47s ^ w0s04___w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_48s ^ w0s03 ^ w0s04___w0s08 ^ w0s05 ^ w0s10)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_49s ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_50s ^ w0s08)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_51s ^ w0s04___w0s06)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_52s ^ w0s04___w0s08 ^ w0s13)); + SHA1_STEPX(SHA1_F2o, c, d, e, a, b, (c_53sK)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_54s ^ w0s07 ^ w0s10 ^ w0s12)); + SHA1_STEP (SHA1_F2o, a, b, c, d, e, (c_55s ^ w0s14)); + SHA1_STEP (SHA1_F2o, e, a, b, c, d, (c_56s ^ w0s04___w0s06___w0s07 ^ w0s10 ^ w0s11)); + SHA1_STEP (SHA1_F2o, d, e, a, b, c, (c_57s ^ w0s08)); + SHA1_STEP (SHA1_F2o, c, d, e, a, b, (c_58s ^ w0s04___w0s08 ^ w0s15)); + SHA1_STEP (SHA1_F2o, b, c, d, e, a, (c_59s ^ w0s08___w0s12)); + + #undef K + #define K SHA1C03 + + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_60s ^ w0s04 ^ w0s08___w0s12 ^ w0s07 ^ w0s14)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_61s ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_62s ^ w0s04___w0s06 ^ w0s08___w0s12)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_63s ^ w0s08)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_64s ^ w0s04___w0s06___w0s07 ^ w0s08___w0s12 ^ w0s17)); + SHA1_STEPX(SHA1_F1 , a, b, c, d, e, (c_65sK)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_66s ^ w0s14 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_67s ^ w0s08 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_68s ^ w0s11 ^ w0s14 ^ w0s15)); + SHA1_STEPX(SHA1_F1 , b, c, d, e, a, (c_69sK)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_70s ^ w0s12 ^ w0s19)); + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_71s ^ w0s12 ^ w0s16)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_72s ^ w0s05 ^ w0s11 ^ w0s12 ^ w0s13 ^ w0s16 ^ w0s18)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_73s ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_74s ^ w0s08 ^ w0s16)); + SHA1_STEP (SHA1_F1 , a, b, c, d, e, (c_75s ^ w0s06 ^ w0s12 ^ w0s14)); + + const u32x c_76s = hc_rotl32 ((c_73s ^ c_68s ^ c_62s ^ c_60s), 1u); + const u32x c_77s = hc_rotl32 ((c_74s ^ c_69s ^ c_63s ^ c_61s), 1u); + const u32x c_78s = hc_rotl32 ((c_75s ^ c_70s ^ c_64s ^ c_62s), 1u); + const u32x c_79s = hc_rotl32 ((c_76s ^ c_71s ^ c_65s ^ c_63s), 1u); + + const u32x w0s21 = hc_rotl32 (w0, 21u); + const u32x w0s22 = hc_rotl32 (w0, 22U); + + SHA1_STEP (SHA1_F1 , e, a, b, c, d, (c_76s ^ w0s07 ^ w0s08___w0s12 ^ w0s16 ^ w0s21)); + SHA1_STEP (SHA1_F1 , d, e, a, b, c, (c_77s)); + SHA1_STEP (SHA1_F1 , c, d, e, a, b, (c_78s ^ w0s07 ^ w0s08 ^ w0s15 ^ w0s18 ^ w0s20)); + SHA1_STEP (SHA1_F1 , b, c, d, e, a, (c_79s ^ w0s08 ^ w0s22)); + + a += SHA1M_A; + b += SHA1M_B; + c += SHA1M_C; + d += SHA1M_D; + e += SHA1M_E; + + u32 t0[4]; + + t0[0] = 0x36363636 ^ a; + t0[1] = 0x36363636 ^ b; + t0[2] = 0x36363636 ^ c; + t0[3] = 0x36363636 ^ d; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ e; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ a; + t0[1] = 0x5c5c5c5c ^ b; + t0[2] = 0x5c5c5c5c ^ c; + t0[3] = 0x5c5c5c5c ^ d; + + t1[0] = 0x5c5c5c5c ^ e; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_m04 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23003m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23003_m08 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23003m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23003_m16 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23003m (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23003_s04 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = 0; + w[ 5] = 0; + w[ 6] = 0; + w[ 7] = 0; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23003s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23003_s08 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = 0; + w[ 9] = 0; + w[10] = 0; + w[11] = 0; + w[12] = 0; + w[13] = 0; + w[14] = 0; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23003s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} + +KERNEL_FQ void m23003_s16 (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + u32 w[16]; + + w[ 0] = pws[gid].i[ 0]; + w[ 1] = pws[gid].i[ 1]; + w[ 2] = pws[gid].i[ 2]; + w[ 3] = pws[gid].i[ 3]; + w[ 4] = pws[gid].i[ 4]; + w[ 5] = pws[gid].i[ 5]; + w[ 6] = pws[gid].i[ 6]; + w[ 7] = pws[gid].i[ 7]; + w[ 8] = pws[gid].i[ 8]; + w[ 9] = pws[gid].i[ 9]; + w[10] = pws[gid].i[10]; + w[11] = pws[gid].i[11]; + w[12] = pws[gid].i[12]; + w[13] = pws[gid].i[13]; + w[14] = pws[gid].i[14]; + w[15] = pws[gid].i[15]; + + const u32 pw_len = pws[gid].pw_len & 63; + + /** + * main + */ + + m23003s (s_te0, s_te1, s_te2, s_te3, s_te4, s_td0, s_td1, s_td2, s_td3, s_td4, w, pw_len, pws, rules_buf, combs_buf, words_buf_r, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, esalt_bufs, d_return_buf, d_extra0_buf, d_extra1_buf, d_extra2_buf, d_extra3_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset, combs_mode, gid_max); +} diff --git a/OpenCL/m23003_a3-pure.cl b/OpenCL/m23003_a3-pure.cl new file mode 100644 index 000000000..d1522701c --- /dev/null +++ b/OpenCL/m23003_a3-pure.cl @@ -0,0 +1,541 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +//#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_cipher_aes.cl" +#endif + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +KERNEL_FQ void m23003_mxx (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx; + + sha1_init_vector (&ctx); + + sha1_update_vector (&ctx, w, pw_len); + + sha1_final_vector (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} + +KERNEL_FQ void m23003_sxx (KERN_ATTR_VECTOR_ESALT (securezip_t)) +{ + const u64 gid = get_global_id (0); + const u64 lid = get_local_id (0); + const u64 lsz = get_local_size (0); + + /** + * aes shared + */ + + #ifdef REAL_SHM + + LOCAL_VK u32 s_td0[256]; + LOCAL_VK u32 s_td1[256]; + LOCAL_VK u32 s_td2[256]; + LOCAL_VK u32 s_td3[256]; + LOCAL_VK u32 s_td4[256]; + + LOCAL_VK u32 s_te0[256]; + LOCAL_VK u32 s_te1[256]; + LOCAL_VK u32 s_te2[256]; + LOCAL_VK u32 s_te3[256]; + LOCAL_VK u32 s_te4[256]; + + for (u32 i = lid; i < 256; i += lsz) + { + s_td0[i] = td0[i]; + s_td1[i] = td1[i]; + s_td2[i] = td2[i]; + s_td3[i] = td3[i]; + s_td4[i] = td4[i]; + + s_te0[i] = te0[i]; + s_te1[i] = te1[i]; + s_te2[i] = te2[i]; + s_te3[i] = te3[i]; + s_te4[i] = te4[i]; + } + + SYNC_THREADS (); + + #else + + CONSTANT_AS u32a *s_td0 = td0; + CONSTANT_AS u32a *s_td1 = td1; + CONSTANT_AS u32a *s_td2 = td2; + CONSTANT_AS u32a *s_td3 = td3; + CONSTANT_AS u32a *s_td4 = td4; + + CONSTANT_AS u32a *s_te0 = te0; + CONSTANT_AS u32a *s_te1 = te1; + CONSTANT_AS u32a *s_te2 = te2; + CONSTANT_AS u32a *s_te3 = te3; + CONSTANT_AS u32a *s_te4 = te4; + + #endif + + if (gid >= gid_max) return; + + /** + * base + */ + + const u32 pw_len = pws[gid].pw_len; + + u32x w[64] = { 0 }; + + for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1) + { + w[idx] = pws[gid].i[idx]; + } + + /** + * loop + */ + + u32x w0l = w[0]; + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + const u32x w0r = words_buf_r[il_pos / VECT_SIZE]; + + const u32x w0 = w0l | w0r; + + w[0] = w0; + + sha1_ctx_vector_t ctx; + + sha1_init_vector (&ctx); + + sha1_update_vector (&ctx, w, pw_len); + + sha1_final_vector (&ctx); + + u32 t0[4]; + + t0[0] = 0x36363636 ^ ctx.h[0]; + t0[1] = 0x36363636 ^ ctx.h[1]; + t0[2] = 0x36363636 ^ ctx.h[2]; + t0[3] = 0x36363636 ^ ctx.h[3]; + + u32 t1[4]; + + t1[0] = 0x36363636 ^ ctx.h[4]; + t1[1] = 0x36363636; + t1[2] = 0x36363636; + t1[3] = 0x36363636; + + u32 t2[4]; + + t2[0] = 0x36363636; + t2[1] = 0x36363636; + t2[2] = 0x36363636; + t2[3] = 0x36363636; + + u32 t3[4]; + + t3[0] = 0x36363636; + t3[1] = 0x36363636; + t3[2] = 0x36363636; + t3[3] = 0x36363636; + + u32 digest[5]; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + u32 key[8]; // 5 + 3 = 8 (20 bytes + 12 bytes = 32 bytes for the key) + + key[0] = digest[0]; + key[1] = digest[1]; + key[2] = digest[2]; + key[3] = digest[3]; + key[4] = digest[4]; + + t0[0] = 0x5c5c5c5c ^ ctx.h[0]; + t0[1] = 0x5c5c5c5c ^ ctx.h[1]; + t0[2] = 0x5c5c5c5c ^ ctx.h[2]; + t0[3] = 0x5c5c5c5c ^ ctx.h[3]; + + t1[0] = 0x5c5c5c5c ^ ctx.h[4]; + t1[1] = 0x5c5c5c5c; + t1[2] = 0x5c5c5c5c; + t1[3] = 0x5c5c5c5c; + + t2[0] = 0x5c5c5c5c; + t2[1] = 0x5c5c5c5c; + t2[2] = 0x5c5c5c5c; + t2[3] = 0x5c5c5c5c; + + t3[0] = 0x5c5c5c5c; + t3[1] = 0x5c5c5c5c; + t3[2] = 0x5c5c5c5c; + t3[3] = 0x5c5c5c5c; + + digest[0] = SHA1M_A; + digest[1] = SHA1M_B; + digest[2] = SHA1M_C; + digest[3] = SHA1M_D; + digest[4] = SHA1M_E; + + sha1_transform (t0, t1, t2, t3, digest); + + t0[0] = 0x80000000; + t0[1] = 0; + t0[2] = 0; + t0[3] = 0; + + t1[0] = 0; + t1[1] = 0; + t1[2] = 0; + t1[3] = 0; + + t2[0] = 0; + t2[1] = 0; + t2[2] = 0; + t2[3] = 0; + + t3[0] = 0; + t3[1] = 0; + t3[2] = 0; + t3[3] = 64 * 8; + + sha1_transform (t0, t1, t2, t3, digest); + + key[5] = digest[0]; + key[6] = digest[1]; + key[7] = digest[2]; + + u32 iv[4]; + + iv[0] = esalt_bufs[digests_offset].data[28]; + iv[1] = esalt_bufs[digests_offset].data[29]; + iv[2] = esalt_bufs[digests_offset].data[30]; + iv[3] = esalt_bufs[digests_offset].data[31]; + + u32 data[4]; + + data[0] = esalt_bufs[digests_offset].data[32]; + data[1] = esalt_bufs[digests_offset].data[33]; + data[2] = esalt_bufs[digests_offset].data[34]; + data[3] = esalt_bufs[digests_offset].data[35]; + + #define KEYLEN 60 + + u32 ks[KEYLEN]; + + AES256_set_decrypt_key (ks, key, s_te0, s_te1, s_te2, s_te3, s_td0, s_td1, s_td2, s_td3); + + u32 out[4]; + + aes256_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4); + + out[0] ^= iv[0]; + out[1] ^= iv[1]; + out[2] ^= iv[2]; + out[3] ^= iv[3]; + + if ((out[0] == 0x10101010) && + (out[1] == 0x10101010) && + (out[2] == 0x10101010) && + (out[3] == 0x10101010)) + { + if (atomic_inc (&hashes_shown[digests_offset]) == 0) + { + mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, 0, digests_offset + 0, gid, il_pos, 0, 0); + } + } + } +} diff --git a/docs/changes.txt b/docs/changes.txt index afdd8b716..67ade4eb7 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -64,6 +64,9 @@ - Added hash-mode: sha256($salt.$pass.$salt) - Added hash-mode: sha256(sha256_bin($pass)) - Added hash-mode: sha256(sha256($pass).$salt) +- Added hash-mode: SecureZIP AES-128 +- Added hash-mode: SecureZIP AES-192 +- Added hash-mode: SecureZIP AES-256 - Added hash-mode: SolarWinds Orion - Added hash-mode: Telegram Desktop App Passcode (PBKDF2-HMAC-SHA1) - Added hash-mode: Telegram Mobile App Passcode (SHA256) diff --git a/docs/readme.txt b/docs/readme.txt index 9f545eb3a..5b81c4d7d 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -297,6 +297,9 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - PKZIP (Uncompressed) - PKZIP Master Key - PKZIP Master Key (6 byte optimization) +- SecureZIP AES-128 +- SecureZIP AES-192 +- SecureZIP AES-256 - iTunes backup < 10.0 - iTunes backup >= 10.0 - WinZip diff --git a/src/modules/module_23001.c b/src/modules/module_23001.c new file mode 100644 index 000000000..750d80c81 --- /dev/null +++ b/src/modules/module_23001.c @@ -0,0 +1,338 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_ARCHIVE; +static const char *HASH_NAME = "SecureZIP AES-128"; +static const u64 KERN_TYPE = 23001; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_PRECOMPUTE_INIT + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_NOT_SALTED; +static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_BE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$zip3$*0*1*128*0*b4630625c92b6e7848f6fd86*df2f62611b3d02d2c7e05a48dad57c7d93b0bac1362261ab533807afb69db856676aa6e350320130b5cbf27c55a48c0f75739654ac312f1cf5c37149557fc88a92c7e3dde8d23edd2b839036e88092a708b7e818bf1b6de92f0efb5cce184cceb11db6b3ca0527d0bdf1f1137ee6660d9890928cd80542ac1f439515519147c14d965b5ba107c6227f971e3e115170bf*0*0*0*file.txt"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +static const char *SIGNATURE_SECUREZIP = "$zip3$"; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (securezip_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + securezip_t *securezip = (securezip_t *) esalt_buf; + + token_t token; + + token.token_cnt = 11; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_SECUREZIP; + + token.len_min[0] = 6; + token.len_max[0] = 6; + token.sep[0] = '*'; + token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.len_min[1] = 1; + token.len_max[1] = 1; + token.sep[1] = '*'; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[2] = 1; + token.len_max[2] = 1; + token.sep[2] = '*'; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[3] = 3; + token.len_max[3] = 3; + token.sep[3] = '*'; + token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[4] = 1; + token.len_max[4] = 1; + token.sep[4] = '*'; + token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[5] = 0; + token.len_max[5] = 32; + token.sep[5] = '*'; + token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[6] = 288; + token.len_max[6] = 288; + token.sep[6] = '*'; + token.attr[6] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[7] = 1; + token.len_max[7] = 1; + token.sep[7] = '*'; + token.attr[7] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[8] = 1; + token.len_max[8] = 1; + token.sep[8] = '*'; + token.attr[8] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[9] = 1; + token.len_max[9] = 1; + token.sep[9] = '*'; + token.attr[9] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[10] = 0; + token.len_max[10] = 64; + token.sep[10] = '*'; + token.attr[10] = TOKEN_ATTR_VERIFY_LENGTH; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *version_pos = token.buf[ 1]; + const u8 *type_pos = token.buf[ 2]; + const u8 *bit_len_pos = token.buf[ 3]; + const u8 *unused1_pos = token.buf[ 4]; + const u8 *iv_pos = token.buf[ 5]; + const u8 *data_pos = token.buf[ 6]; + const u8 *unused2_pos = token.buf[ 7]; + const u8 *unused3_pos = token.buf[ 8]; + const u8 *unused4_pos = token.buf[ 9]; + const u8 *file_pos = token.buf[10]; + + if (version_pos[0] != '0') return (PARSER_HASH_ENCODING); // version 0 + if (type_pos[0] != '1') return (PARSER_HASH_ENCODING); // AES + + const u32 bit_len = hc_strtoul ((const char *) bit_len_pos, NULL, 10); + + if (bit_len != 128) return (PARSER_HASH_ENCODING); + + if (unused1_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused2_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused3_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused4_pos[0] != '0') return (PARSER_HASH_ENCODING); + + // IV: + + u8 *iv = (u8 *) securezip->iv; + + memset (iv, 0, 16); + + for (int i = 0, j = 0; i < token.len[5]; i += 2, j += 1) + { + iv[j] = hex_to_u8 (iv_pos + i); + } + + securezip->iv_len = (u32) (token.len[5] / 2); + + // data: + + u32 *data = securezip->data; + + for (int i = 0, j = 0; i < token.len[6]; i += 8, j += 1) + { + data[j] = hex_to_u32 (data_pos + i); + } + + // file: + + u8 *file = (u8 *) securezip->file; + + memset (file, 0, 64); + + for (int i = 0; i < token.len[10]; i++) + { + file[i] = file_pos[i]; // or just memcpy () + } + + file[63] = 0; + + // fake salt: + + salt->salt_buf[0] = iv[0]; + salt->salt_buf[1] = iv[1]; + salt->salt_buf[2] = iv[2]; + salt->salt_buf[3] = iv[3]; + + salt->salt_len = 16; + + // fake digest: + + digest[0] = data[0]; + digest[1] = data[1]; + digest[2] = data[2]; + digest[3] = data[3]; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const securezip_t *securezip = (const securezip_t *) esalt_buf; + + // IV: + + const u8 *iv_ptr = (const u8 *) securezip->iv; + + char iv[33] = { 0 }; + + for (u32 i = 0, j = 0; i < securezip->iv_len; i += 1, j += 2) + { + snprintf (iv + j, 33 - j, "%02x", iv_ptr[i]); + } + + // data: + + char data[289] = { 0 }; + + for (u32 i = 0, j = 0; i < 36; i += 1, j += 8) + { + snprintf (data + j, 289 - j, "%08x", byte_swap_32 (securezip->data[i])); + } + + // file: + + const u8 *file_ptr = (const u8 *) securezip->file; + + u8 file[65] = { 0 }; + + memcpy (file, file_ptr, 64); + + int out_len = snprintf (line_buf, line_size, "%s*0*1*128*0*%s*%s*0*0*0*%s", + SIGNATURE_SECUREZIP, + iv, + data, + file + ); + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_23002.c b/src/modules/module_23002.c new file mode 100644 index 000000000..3efb2cfb1 --- /dev/null +++ b/src/modules/module_23002.c @@ -0,0 +1,338 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_ARCHIVE; +static const char *HASH_NAME = "SecureZIP AES-192"; +static const u64 KERN_TYPE = 23002; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_PRECOMPUTE_INIT + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_NOT_SALTED; +static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_BE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$zip3$*0*1*192*0*53ff2de8c280778e1e0ab997*603eb37dbab9ea109e2c405e37d8cae1ec89e1e0d0b9ce5bf55d1b571c343b6a3df35fe381c30249cb0738a9b956ba8e52dfc5552894296300446a771032776c811ff8a71d9bb3c4d6c37016c027e41fea2d157d5b0ce17804b1d7c1606b7c1121d37851bd705e001f2cd755bbf305966d129a17c1d48ff8e87cfa41f479090cd456527db7d1d43f9020ad8e73f851a5*0*0*0*file.txt"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +static const char *SIGNATURE_SECUREZIP = "$zip3$"; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (securezip_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + securezip_t *securezip = (securezip_t *) esalt_buf; + + token_t token; + + token.token_cnt = 11; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_SECUREZIP; + + token.len_min[0] = 6; + token.len_max[0] = 6; + token.sep[0] = '*'; + token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.len_min[1] = 1; + token.len_max[1] = 1; + token.sep[1] = '*'; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[2] = 1; + token.len_max[2] = 1; + token.sep[2] = '*'; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[3] = 3; + token.len_max[3] = 3; + token.sep[3] = '*'; + token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[4] = 1; + token.len_max[4] = 1; + token.sep[4] = '*'; + token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[5] = 0; + token.len_max[5] = 32; + token.sep[5] = '*'; + token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[6] = 288; + token.len_max[6] = 288; + token.sep[6] = '*'; + token.attr[6] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[7] = 1; + token.len_max[7] = 1; + token.sep[7] = '*'; + token.attr[7] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[8] = 1; + token.len_max[8] = 1; + token.sep[8] = '*'; + token.attr[8] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[9] = 1; + token.len_max[9] = 1; + token.sep[9] = '*'; + token.attr[9] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[10] = 0; + token.len_max[10] = 64; + token.sep[10] = '*'; + token.attr[10] = TOKEN_ATTR_VERIFY_LENGTH; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *version_pos = token.buf[ 1]; + const u8 *type_pos = token.buf[ 2]; + const u8 *bit_len_pos = token.buf[ 3]; + const u8 *unused1_pos = token.buf[ 4]; + const u8 *iv_pos = token.buf[ 5]; + const u8 *data_pos = token.buf[ 6]; + const u8 *unused2_pos = token.buf[ 7]; + const u8 *unused3_pos = token.buf[ 8]; + const u8 *unused4_pos = token.buf[ 9]; + const u8 *file_pos = token.buf[10]; + + if (version_pos[0] != '0') return (PARSER_HASH_ENCODING); // version 0 + if (type_pos[0] != '1') return (PARSER_HASH_ENCODING); // AES + + const u32 bit_len = hc_strtoul ((const char *) bit_len_pos, NULL, 10); + + if (bit_len != 192) return (PARSER_HASH_ENCODING); + + if (unused1_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused2_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused3_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused4_pos[0] != '0') return (PARSER_HASH_ENCODING); + + // IV: + + u8 *iv = (u8 *) securezip->iv; + + memset (iv, 0, 16); + + for (int i = 0, j = 0; i < token.len[5]; i += 2, j += 1) + { + iv[j] = hex_to_u8 (iv_pos + i); + } + + securezip->iv_len = (u32) (token.len[5] / 2); + + // data: + + u32 *data = securezip->data; + + for (int i = 0, j = 0; i < token.len[6]; i += 8, j += 1) + { + data[j] = hex_to_u32 (data_pos + i); + } + + // file: + + u8 *file = (u8 *) securezip->file; + + memset (file, 0, 64); + + for (int i = 0; i < token.len[10]; i++) + { + file[i] = file_pos[i]; // or just memcpy () + } + + file[63] = 0; + + // fake salt: + + salt->salt_buf[0] = iv[0]; + salt->salt_buf[1] = iv[1]; + salt->salt_buf[2] = iv[2]; + salt->salt_buf[3] = iv[3]; + + salt->salt_len = 16; + + // fake digest: + + digest[0] = data[0]; + digest[1] = data[1]; + digest[2] = data[2]; + digest[3] = data[3]; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const securezip_t *securezip = (const securezip_t *) esalt_buf; + + // IV: + + const u8 *iv_ptr = (const u8 *) securezip->iv; + + char iv[33] = { 0 }; + + for (u32 i = 0, j = 0; i < securezip->iv_len; i += 1, j += 2) + { + snprintf (iv + j, 33 - j, "%02x", iv_ptr[i]); + } + + // data: + + char data[289] = { 0 }; + + for (u32 i = 0, j = 0; i < 36; i += 1, j += 8) + { + snprintf (data + j, 289 - j, "%08x", byte_swap_32 (securezip->data[i])); + } + + // file: + + const u8 *file_ptr = (const u8 *) securezip->file; + + u8 file[65] = { 0 }; + + memcpy (file, file_ptr, 64); + + int out_len = snprintf (line_buf, line_size, "%s*0*1*192*0*%s*%s*0*0*0*%s", + SIGNATURE_SECUREZIP, + iv, + data, + file + ); + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/modules/module_23003.c b/src/modules/module_23003.c new file mode 100644 index 000000000..88a5fd7bc --- /dev/null +++ b/src/modules/module_23003.c @@ -0,0 +1,338 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_ARCHIVE; +static const char *HASH_NAME = "SecureZIP AES-256"; +static const u64 KERN_TYPE = 23003; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_PRECOMPUTE_INIT + | OPTI_TYPE_NOT_ITERATED + | OPTI_TYPE_NOT_SALTED; +static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_BE + | OPTS_TYPE_PT_ADD80 + | OPTS_TYPE_PT_ADDBITS15; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$zip3$*0*1*256*0*39bff47df6152a0214d7a967*65ff418ffb3b1198cccdef0327c03750f328d6dd5287e00e4c467f33b92a6ef40a74bb11b5afad61a6c3c9b279d8bd7961e96af7b470c36fc186fd3cfe059107021c9dea0cf206692f727eeca71f18f5b0b6ee1f702b648bba01aa21c7b7f3f0f7d547838aad46868155a04214f22feef7b31d7a15e1abe6dba5e569c62ee640783bb4a54054c2c69e93ece9f1a2af9d*0*0*0*file.txt"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct securezip +{ + u32 data[36]; + u32 file[16]; + u32 iv[4]; + u32 iv_len; + +} securezip_t; + +static const char *SIGNATURE_SECUREZIP = "$zip3$"; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (securezip_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + securezip_t *securezip = (securezip_t *) esalt_buf; + + token_t token; + + token.token_cnt = 11; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_SECUREZIP; + + token.len_min[0] = 6; + token.len_max[0] = 6; + token.sep[0] = '*'; + token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.len_min[1] = 1; + token.len_max[1] = 1; + token.sep[1] = '*'; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[2] = 1; + token.len_max[2] = 1; + token.sep[2] = '*'; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[3] = 3; + token.len_max[3] = 3; + token.sep[3] = '*'; + token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[4] = 1; + token.len_max[4] = 1; + token.sep[4] = '*'; + token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[5] = 0; + token.len_max[5] = 32; + token.sep[5] = '*'; + token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[6] = 288; + token.len_max[6] = 288; + token.sep[6] = '*'; + token.attr[6] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.len_min[7] = 1; + token.len_max[7] = 1; + token.sep[7] = '*'; + token.attr[7] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[8] = 1; + token.len_max[8] = 1; + token.sep[8] = '*'; + token.attr[8] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[9] = 1; + token.len_max[9] = 1; + token.sep[9] = '*'; + token.attr[9] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len_min[10] = 0; + token.len_max[10] = 64; + token.sep[10] = '*'; + token.attr[10] = TOKEN_ATTR_VERIFY_LENGTH; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *version_pos = token.buf[ 1]; + const u8 *type_pos = token.buf[ 2]; + const u8 *bit_len_pos = token.buf[ 3]; + const u8 *unused1_pos = token.buf[ 4]; + const u8 *iv_pos = token.buf[ 5]; + const u8 *data_pos = token.buf[ 6]; + const u8 *unused2_pos = token.buf[ 7]; + const u8 *unused3_pos = token.buf[ 8]; + const u8 *unused4_pos = token.buf[ 9]; + const u8 *file_pos = token.buf[10]; + + if (version_pos[0] != '0') return (PARSER_HASH_ENCODING); // version 0 + if (type_pos[0] != '1') return (PARSER_HASH_ENCODING); // AES + + const u32 bit_len = hc_strtoul ((const char *) bit_len_pos, NULL, 10); + + if (bit_len != 256) return (PARSER_HASH_ENCODING); + + if (unused1_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused2_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused3_pos[0] != '0') return (PARSER_HASH_ENCODING); + if (unused4_pos[0] != '0') return (PARSER_HASH_ENCODING); + + // IV: + + u8 *iv = (u8 *) securezip->iv; + + memset (iv, 0, 16); + + for (int i = 0, j = 0; i < token.len[5]; i += 2, j += 1) + { + iv[j] = hex_to_u8 (iv_pos + i); + } + + securezip->iv_len = (u32) (token.len[5] / 2); + + // data: + + u32 *data = securezip->data; + + for (int i = 0, j = 0; i < token.len[6]; i += 8, j += 1) + { + data[j] = hex_to_u32 (data_pos + i); + } + + // file: + + u8 *file = (u8 *) securezip->file; + + memset (file, 0, 64); + + for (int i = 0; i < token.len[10]; i++) + { + file[i] = file_pos[i]; // or just memcpy () + } + + file[63] = 0; + + // fake salt: + + salt->salt_buf[0] = iv[0]; + salt->salt_buf[1] = iv[1]; + salt->salt_buf[2] = iv[2]; + salt->salt_buf[3] = iv[3]; + + salt->salt_len = 16; + + // fake digest: + + digest[0] = data[0]; + digest[1] = data[1]; + digest[2] = data[2]; + digest[3] = data[3]; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const securezip_t *securezip = (const securezip_t *) esalt_buf; + + // IV: + + const u8 *iv_ptr = (const u8 *) securezip->iv; + + char iv[33] = { 0 }; + + for (u32 i = 0, j = 0; i < securezip->iv_len; i += 1, j += 2) + { + snprintf (iv + j, 33 - j, "%02x", iv_ptr[i]); + } + + // data: + + char data[289] = { 0 }; + + for (u32 i = 0, j = 0; i < 36; i += 1, j += 8) + { + snprintf (data + j, 289 - j, "%08x", byte_swap_32 (securezip->data[i])); + } + + // file: + + const u8 *file_ptr = (const u8 *) securezip->file; + + u8 file[65] = { 0 }; + + memcpy (file, file_ptr, 64); + + int out_len = snprintf (line_buf, line_size, "%s*0*1*256*0*%s*%s*0*0*0*%s", + SIGNATURE_SECUREZIP, + iv, + data, + file + ); + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m23001.pm b/tools/test_modules/m23001.pm new file mode 100644 index 000000000..836eaa33e --- /dev/null +++ b/tools/test_modules/m23001.pm @@ -0,0 +1,193 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA qw (sha1); +use Crypt::CBC; + +sub module_constraints { [[0, 256], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; # unused since unsalted algo + my $iv = shift; + my $data = shift; + my $file = shift; + + my $bit_len = 128; + my $key_len = $bit_len / 8; + + my $is_decrypt = defined ($data); + + my $padding = "none"; # for decryption we need this to "keep" the padding bytes + + if ($is_decrypt == 0) + { + $padding = "standard"; + + # generate some additional random hash data: + + my $iv_len = random_number (1, 16); + + $iv = random_bytes ($iv_len); + + $data = random_bytes (128); + + $file = random_lowercase_string (random_number (1, 16)); + + $file .= ".txt"; + } + + my $iv_mod = $iv; + + $iv_mod .= "\x00" x (16 - length ($iv_mod)); + + + # start of main algo: + + my $digest = sha1 ($word); + + my $buf = ""; + + for (my $i = 0; $i < 20; $i++) + { + $buf .= chr (ord (substr ($digest, $i, 1)) ^ ord ("\x36")); # or just ^ 0x36 + } + + $buf .= "\x36" x 44; + + my $key = sha1 ($buf); + + + $buf = ""; + + for (my $i = 0; $i < 20; $i++) + { + $buf .= chr (ord (substr ($digest, $i, 1)) ^ ord ("\x5c")); # or just ^ 0x36 + } + + $buf .= "\x5c" x 44; + + # final key: + + $key = $key . sha1 ($buf); + + $key = substr ($key, 0, $key_len); + + my $aes = Crypt::CBC->new ({ + cipher => "Crypt::Rijndael", + key => $key, + iv => $iv_mod, + keysize => $key_len, + literal_key => 1, + header => "none", + padding => $padding, + }); + + if ($is_decrypt == 0) + { + $data = $aes->encrypt ($data); + } + else + { + my $data_decrypted = $aes->decrypt ($data); + + # the password is wrong if the decrypted data does not have the expected padding bytes: + + if (substr ($data_decrypted, -16) ne "\x10" x 16) + { + $data = "fake"; # fake data + } + } + + my $iv_padded = $iv; + + if (length ($iv_padded) < 12) + { + $iv_padded .= "\x00" x (12 - length ($iv_padded)); + } + + my $hash = sprintf ("\$zip3\$*0*1*%i*0*%s*%s*0*0*0*%s", $bit_len, unpack ("H*", $iv_padded), unpack ("H*", $data), $file); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + return unless (substr ($line, 0, 11) eq "\$zip3\$*0*1*"); + + my $idx1 = index ($line, ":"); + + return unless ($idx1 >= 11); + + my $hash = substr ($line, 0, $idx1); + my $word = substr ($line, $idx1 + 1); + + # bit_len: + + $idx1 = index ($hash, "*", 11); + + return unless ($idx1 > 0); + + my $bit_len = substr ($hash, 11, $idx1 - 11); + + $bit_len = int ($bit_len); + + return unless ($bit_len == 128); + + # unused: + + return unless (substr ($hash, $idx1 + 1, 2) eq "0*"); + + # iv: + + my $idx2 = index ($hash, "*", $idx1 + 3); + + return unless ($idx2 > 0); + + my $iv = substr ($hash, $idx1 + 3, $idx2 - $idx1 - 3); + + return unless ($iv =~ m/^[0-9a-fA-F]+$/); + return unless ((length ($iv) % 2) == 0); + + # data: + + $idx1 = index ($hash, "*", $idx2 + 1); + + return unless ($idx1 > 0); + + my $data = substr ($hash, $idx2 + 1, $idx1 - $idx2 - 1); + + return unless ($data =~ m/^[0-9a-fA-F]+$/); + return unless ((length ($data) % 2) == 0); + + # unused: + + return unless (substr ($hash, $idx1 + 1, 6) eq "0*0*0*"); + + # file: + + my $file = substr ($hash, $idx1 + 7); + + # convert to hex: + + $iv = pack ("H*", $iv); + $data = pack ("H*", $data); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, "", $iv, $data, $file); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m23002.pm b/tools/test_modules/m23002.pm new file mode 100644 index 000000000..882bdc3ea --- /dev/null +++ b/tools/test_modules/m23002.pm @@ -0,0 +1,193 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA qw (sha1); +use Crypt::CBC; + +sub module_constraints { [[0, 256], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; # unused since unsalted algo + my $iv = shift; + my $data = shift; + my $file = shift; + + my $bit_len = 192; + my $key_len = $bit_len / 8; + + my $is_decrypt = defined ($data); + + my $padding = "none"; # for decryption we need this to "keep" the padding bytes + + if ($is_decrypt == 0) + { + $padding = "standard"; + + # generate some additional random hash data: + + my $iv_len = random_number (1, 16); + + $iv = random_bytes ($iv_len); + + $data = random_bytes (128); + + $file = random_lowercase_string (random_number (1, 16)); + + $file .= ".txt"; + } + + my $iv_mod = $iv; + + $iv_mod .= "\x00" x (16 - length ($iv_mod)); + + + # start of main algo: + + my $digest = sha1 ($word); + + my $buf = ""; + + for (my $i = 0; $i < 20; $i++) + { + $buf .= chr (ord (substr ($digest, $i, 1)) ^ ord ("\x36")); # or just ^ 0x36 + } + + $buf .= "\x36" x 44; + + my $key = sha1 ($buf); + + + $buf = ""; + + for (my $i = 0; $i < 20; $i++) + { + $buf .= chr (ord (substr ($digest, $i, 1)) ^ ord ("\x5c")); # or just ^ 0x36 + } + + $buf .= "\x5c" x 44; + + # final key: + + $key = $key . sha1 ($buf); + + $key = substr ($key, 0, $key_len); + + my $aes = Crypt::CBC->new ({ + cipher => "Crypt::Rijndael", + key => $key, + iv => $iv_mod, + keysize => $key_len, + literal_key => 1, + header => "none", + padding => $padding, + }); + + if ($is_decrypt == 0) + { + $data = $aes->encrypt ($data); + } + else + { + my $data_decrypted = $aes->decrypt ($data); + + # the password is wrong if the decrypted data does not have the expected padding bytes: + + if (substr ($data_decrypted, -16) ne "\x10" x 16) + { + $data = "fake"; # fake data + } + } + + my $iv_padded = $iv; + + if (length ($iv_padded) < 12) + { + $iv_padded .= "\x00" x (12 - length ($iv_padded)); + } + + my $hash = sprintf ("\$zip3\$*0*1*%i*0*%s*%s*0*0*0*%s", $bit_len, unpack ("H*", $iv_padded), unpack ("H*", $data), $file); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + return unless (substr ($line, 0, 11) eq "\$zip3\$*0*1*"); + + my $idx1 = index ($line, ":"); + + return unless ($idx1 >= 11); + + my $hash = substr ($line, 0, $idx1); + my $word = substr ($line, $idx1 + 1); + + # bit_len: + + $idx1 = index ($hash, "*", 11); + + return unless ($idx1 > 0); + + my $bit_len = substr ($hash, 11, $idx1 - 11); + + $bit_len = int ($bit_len); + + return unless ($bit_len == 192); + + # unused: + + return unless (substr ($hash, $idx1 + 1, 2) eq "0*"); + + # iv: + + my $idx2 = index ($hash, "*", $idx1 + 3); + + return unless ($idx2 > 0); + + my $iv = substr ($hash, $idx1 + 3, $idx2 - $idx1 - 3); + + return unless ($iv =~ m/^[0-9a-fA-F]+$/); + return unless ((length ($iv) % 2) == 0); + + # data: + + $idx1 = index ($hash, "*", $idx2 + 1); + + return unless ($idx1 > 0); + + my $data = substr ($hash, $idx2 + 1, $idx1 - $idx2 - 1); + + return unless ($data =~ m/^[0-9a-fA-F]+$/); + return unless ((length ($data) % 2) == 0); + + # unused: + + return unless (substr ($hash, $idx1 + 1, 6) eq "0*0*0*"); + + # file: + + my $file = substr ($hash, $idx1 + 7); + + # convert to hex: + + $iv = pack ("H*", $iv); + $data = pack ("H*", $data); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, "", $iv, $data, $file); + + return ($new_hash, $word); +} + +1; diff --git a/tools/test_modules/m23003.pm b/tools/test_modules/m23003.pm new file mode 100644 index 000000000..1155b1483 --- /dev/null +++ b/tools/test_modules/m23003.pm @@ -0,0 +1,193 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Digest::SHA qw (sha1); +use Crypt::CBC; + +sub module_constraints { [[0, 256], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; # unused since unsalted algo + my $iv = shift; + my $data = shift; + my $file = shift; + + my $bit_len = 256; + my $key_len = $bit_len / 8; + + my $is_decrypt = defined ($data); + + my $padding = "none"; # for decryption we need this to "keep" the padding bytes + + if ($is_decrypt == 0) + { + $padding = "standard"; + + # generate some additional random hash data: + + my $iv_len = random_number (1, 16); + + $iv = random_bytes ($iv_len); + + $data = random_bytes (128); + + $file = random_lowercase_string (random_number (1, 16)); + + $file .= ".txt"; + } + + my $iv_mod = $iv; + + $iv_mod .= "\x00" x (16 - length ($iv_mod)); + + + # start of main algo: + + my $digest = sha1 ($word); + + my $buf = ""; + + for (my $i = 0; $i < 20; $i++) + { + $buf .= chr (ord (substr ($digest, $i, 1)) ^ ord ("\x36")); # or just ^ 0x36 + } + + $buf .= "\x36" x 44; + + my $key = sha1 ($buf); + + + $buf = ""; + + for (my $i = 0; $i < 20; $i++) + { + $buf .= chr (ord (substr ($digest, $i, 1)) ^ ord ("\x5c")); # or just ^ 0x36 + } + + $buf .= "\x5c" x 44; + + # final key: + + $key = $key . sha1 ($buf); + + $key = substr ($key, 0, $key_len); + + my $aes = Crypt::CBC->new ({ + cipher => "Crypt::Rijndael", + key => $key, + iv => $iv_mod, + keysize => $key_len, + literal_key => 1, + header => "none", + padding => $padding, + }); + + if ($is_decrypt == 0) + { + $data = $aes->encrypt ($data); + } + else + { + my $data_decrypted = $aes->decrypt ($data); + + # the password is wrong if the decrypted data does not have the expected padding bytes: + + if (substr ($data_decrypted, -16) ne "\x10" x 16) + { + $data = "fake"; # fake data + } + } + + my $iv_padded = $iv; + + if (length ($iv_padded) < 12) + { + $iv_padded .= "\x00" x (12 - length ($iv_padded)); + } + + my $hash = sprintf ("\$zip3\$*0*1*%i*0*%s*%s*0*0*0*%s", $bit_len, unpack ("H*", $iv_padded), unpack ("H*", $data), $file); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + return unless (substr ($line, 0, 11) eq "\$zip3\$*0*1*"); + + my $idx1 = index ($line, ":"); + + return unless ($idx1 >= 11); + + my $hash = substr ($line, 0, $idx1); + my $word = substr ($line, $idx1 + 1); + + # bit_len: + + $idx1 = index ($hash, "*", 11); + + return unless ($idx1 > 0); + + my $bit_len = substr ($hash, 11, $idx1 - 11); + + $bit_len = int ($bit_len); + + return unless ($bit_len == 256); + + # unused: + + return unless (substr ($hash, $idx1 + 1, 2) eq "0*"); + + # iv: + + my $idx2 = index ($hash, "*", $idx1 + 3); + + return unless ($idx2 > 0); + + my $iv = substr ($hash, $idx1 + 3, $idx2 - $idx1 - 3); + + return unless ($iv =~ m/^[0-9a-fA-F]+$/); + return unless ((length ($iv) % 2) == 0); + + # data: + + $idx1 = index ($hash, "*", $idx2 + 1); + + return unless ($idx1 > 0); + + my $data = substr ($hash, $idx2 + 1, $idx1 - $idx2 - 1); + + return unless ($data =~ m/^[0-9a-fA-F]+$/); + return unless ((length ($data) % 2) == 0); + + # unused: + + return unless (substr ($hash, $idx1 + 1, 6) eq "0*0*0*"); + + # file: + + my $file = substr ($hash, $idx1 + 7); + + # convert to hex: + + $iv = pack ("H*", $iv); + $data = pack ("H*", $data); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, "", $iv, $data, $file); + + return ($new_hash, $word); +} + +1; From e151a72717cbc0110836b0212e82bb8dc17c9c36 Mon Sep 17 00:00:00 2001 From: philsmd Date: Tue, 2 Jun 2020 09:52:10 +0200 Subject: [PATCH 11/19] huge fwrite/fread problem on windows fixed --- src/filehandling.c | 82 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 81 insertions(+), 1 deletion(-) diff --git a/src/filehandling.c b/src/filehandling.c index 22a9e2aa6..86a448f11 100644 --- a/src/filehandling.c +++ b/src/filehandling.c @@ -72,7 +72,7 @@ bool hc_fopen (HCFILE *fp, const char *path, char *mode) { lseek (fd_tmp, 0, SEEK_SET); - if (read (fd_tmp, check, sizeof(check)) > 0) + if (read (fd_tmp, check, sizeof (check)) > 0) { if (check[0] == 0x1f && check[1] == 0x8b && check[2] == 0x08 && check[3] == 0x08) fp->is_gzip = true; if (check[0] == 0x50 && check[1] == 0x4b && check[2] == 0x03 && check[3] == 0x04) fp->is_zip = true; @@ -131,7 +131,47 @@ size_t hc_fread (void *ptr, size_t size, size_t nmemb, HCFILE *fp) } else { + #if defined (_WIN) + + // 4 GB fread () limit for windows systems ? + // see: https://social.msdn.microsoft.com/Forums/vstudio/en-US/7c913001-227e-439b-bf07-54369ba07994/fwrite-issues-with-large-data-write + + #define GIGABYTE (1024u * 1024u * 1024u) + + if (((size * nmemb) / GIGABYTE) < 4) + { + n = fread (ptr, size, nmemb, fp->pfp); + } + else + { + if ((size / GIGABYTE) > 3) return -1; + + size_t elements_max = (3u * GIGABYTE) / size; + size_t elements_left = nmemb; + + size_t off = 0; + + n = 0; + + while (elements_left > 0) + { + size_t elements_cur = elements_max; + + if (elements_left < elements_max) elements_cur = elements_left; + + size_t ret = fread (ptr + off, size, elements_cur, fp->pfp); + + if (ret != elements_cur) return -1; + + n += ret; + off += ret * size; + + elements_left -= ret; + } + } + #else n = fread (ptr, size, nmemb, fp->pfp); + #endif } return n; @@ -152,7 +192,47 @@ size_t hc_fwrite (const void *ptr, size_t size, size_t nmemb, HCFILE *fp) } else { + #if defined (_WIN) + + // 4 GB fwrite () limit for windows systems ? + // see: https://social.msdn.microsoft.com/Forums/vstudio/en-US/7c913001-227e-439b-bf07-54369ba07994/fwrite-issues-with-large-data-write + + #define GIGABYTE (1024u * 1024u * 1024u) + + if (((size * nmemb) / GIGABYTE) < 4) + { + n = fwrite (ptr, size, nmemb, fp->pfp); + } + else + { + if ((size / GIGABYTE) > 3) return -1; + + size_t elements_max = (3u * GIGABYTE) / size; + size_t elements_left = nmemb; + + size_t off = 0; + + n = 0; + + while (elements_left > 0) + { + size_t elements_cur = elements_max; + + if (elements_left < elements_max) elements_cur = elements_left; + + size_t ret = fwrite (ptr + off, size, elements_cur, fp->pfp); + + if (ret != elements_cur) return -1; + + n += ret; + off += ret * size; + + elements_left -= ret; + } + } + #else n = fwrite (ptr, size, nmemb, fp->pfp); + #endif } if (n != nmemb) return -1; From 416bdd8e470db64052efae8ac881b8db73346bc1 Mon Sep 17 00:00:00 2001 From: philsmd Date: Tue, 2 Jun 2020 11:21:25 +0200 Subject: [PATCH 12/19] SecureZIP: use hex_encode () / hex_decode () --- src/modules/module_23001.c | 37 +++++++------------------------------ src/modules/module_23002.c | 37 +++++++------------------------------ src/modules/module_23003.c | 37 +++++++------------------------------ 3 files changed, 21 insertions(+), 90 deletions(-) diff --git a/src/modules/module_23001.c b/src/modules/module_23001.c index 750d80c81..0b85f1538 100644 --- a/src/modules/module_23001.c +++ b/src/modules/module_23001.c @@ -172,34 +172,19 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE u8 *iv = (u8 *) securezip->iv; - memset (iv, 0, 16); - - for (int i = 0, j = 0; i < token.len[5]; i += 2, j += 1) - { - iv[j] = hex_to_u8 (iv_pos + i); - } - - securezip->iv_len = (u32) (token.len[5] / 2); + securezip->iv_len = hex_decode (iv_pos, token.len[5], iv); // data: u32 *data = securezip->data; - for (int i = 0, j = 0; i < token.len[6]; i += 8, j += 1) - { - data[j] = hex_to_u32 (data_pos + i); - } + hex_decode (data_pos, token.len[6], (u8 *) data); // file: u8 *file = (u8 *) securezip->file; - memset (file, 0, 64); - - for (int i = 0; i < token.len[10]; i++) - { - file[i] = file_pos[i]; // or just memcpy () - } + memcpy (file, file_pos, token.len[10]); file[63] = 0; @@ -228,23 +213,15 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // IV: - const u8 *iv_ptr = (const u8 *) securezip->iv; - - char iv[33] = { 0 }; + u8 iv[33] = { 0 }; - for (u32 i = 0, j = 0; i < securezip->iv_len; i += 1, j += 2) - { - snprintf (iv + j, 33 - j, "%02x", iv_ptr[i]); - } + hex_encode ((u8 *) securezip->iv, securezip->iv_len, iv); // data: - char data[289] = { 0 }; + u8 data[289] = { 0 }; - for (u32 i = 0, j = 0; i < 36; i += 1, j += 8) - { - snprintf (data + j, 289 - j, "%08x", byte_swap_32 (securezip->data[i])); - } + hex_encode ((u8 *) securezip->data, 144, data); // file: diff --git a/src/modules/module_23002.c b/src/modules/module_23002.c index 3efb2cfb1..e25208ec5 100644 --- a/src/modules/module_23002.c +++ b/src/modules/module_23002.c @@ -172,34 +172,19 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE u8 *iv = (u8 *) securezip->iv; - memset (iv, 0, 16); - - for (int i = 0, j = 0; i < token.len[5]; i += 2, j += 1) - { - iv[j] = hex_to_u8 (iv_pos + i); - } - - securezip->iv_len = (u32) (token.len[5] / 2); + securezip->iv_len = hex_decode (iv_pos, token.len[5], iv); // data: u32 *data = securezip->data; - for (int i = 0, j = 0; i < token.len[6]; i += 8, j += 1) - { - data[j] = hex_to_u32 (data_pos + i); - } + hex_decode (data_pos, token.len[6], (u8 *) data); // file: u8 *file = (u8 *) securezip->file; - memset (file, 0, 64); - - for (int i = 0; i < token.len[10]; i++) - { - file[i] = file_pos[i]; // or just memcpy () - } + memcpy (file, file_pos, token.len[10]); file[63] = 0; @@ -228,23 +213,15 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // IV: - const u8 *iv_ptr = (const u8 *) securezip->iv; - - char iv[33] = { 0 }; + u8 iv[33] = { 0 }; - for (u32 i = 0, j = 0; i < securezip->iv_len; i += 1, j += 2) - { - snprintf (iv + j, 33 - j, "%02x", iv_ptr[i]); - } + hex_encode ((u8 *) securezip->iv, securezip->iv_len, iv); // data: - char data[289] = { 0 }; + u8 data[289] = { 0 }; - for (u32 i = 0, j = 0; i < 36; i += 1, j += 8) - { - snprintf (data + j, 289 - j, "%08x", byte_swap_32 (securezip->data[i])); - } + hex_encode ((u8 *) securezip->data, 144, data); // file: diff --git a/src/modules/module_23003.c b/src/modules/module_23003.c index 88a5fd7bc..f09a242bd 100644 --- a/src/modules/module_23003.c +++ b/src/modules/module_23003.c @@ -172,34 +172,19 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE u8 *iv = (u8 *) securezip->iv; - memset (iv, 0, 16); - - for (int i = 0, j = 0; i < token.len[5]; i += 2, j += 1) - { - iv[j] = hex_to_u8 (iv_pos + i); - } - - securezip->iv_len = (u32) (token.len[5] / 2); + securezip->iv_len = hex_decode (iv_pos, token.len[5], iv); // data: u32 *data = securezip->data; - for (int i = 0, j = 0; i < token.len[6]; i += 8, j += 1) - { - data[j] = hex_to_u32 (data_pos + i); - } + hex_decode (data_pos, token.len[6], (u8 *) data); // file: u8 *file = (u8 *) securezip->file; - memset (file, 0, 64); - - for (int i = 0; i < token.len[10]; i++) - { - file[i] = file_pos[i]; // or just memcpy () - } + memcpy (file, file_pos, token.len[10]); file[63] = 0; @@ -228,23 +213,15 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // IV: - const u8 *iv_ptr = (const u8 *) securezip->iv; - - char iv[33] = { 0 }; + u8 iv[33] = { 0 }; - for (u32 i = 0, j = 0; i < securezip->iv_len; i += 1, j += 2) - { - snprintf (iv + j, 33 - j, "%02x", iv_ptr[i]); - } + hex_encode ((u8 *) securezip->iv, securezip->iv_len, iv); // data: - char data[289] = { 0 }; + u8 data[289] = { 0 }; - for (u32 i = 0, j = 0; i < 36; i += 1, j += 8) - { - snprintf (data + j, 289 - j, "%08x", byte_swap_32 (securezip->data[i])); - } + hex_encode ((u8 *) securezip->data, 144, data); // file: From 34f71aaea3550d146b4a3f2a7b55e140e9bd3da5 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 3 Jun 2020 09:29:20 +0200 Subject: [PATCH 13/19] Re-enable POCL is version detected is >= 1.5 and LLVM is >= 9.x and also remove performance warning. Still prefers native OpenCL runtime in alias detection, but this default can be overriden using -d parameter. --- docs/changes.txt | 2 +- docs/readme.txt | 1 + src/backend.c | 125 +++++++++++++++++++++++++++++++++-------------- 3 files changed, 91 insertions(+), 37 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 67ade4eb7..907a3aed1 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -121,7 +121,7 @@ - File handling: Print a truncation warning when an oversized line is detected - My Wallet: Added additional plaintext pattern used in newer versions - Office cracking: Support hash format with second block data for 40-bit oldoffice files (eliminates false positives) -- OpenCL Runtime: Added a warning if OpenCL runtime NEO, Beignet, POCL or MESA is detected and skip associated devices (override with --force) +- OpenCL Runtime: Added a warning if OpenCL runtime NEO, Beignet, POCL (v1.4 or older) or MESA is detected and skip associated devices (override with --force) - OpenCL Runtime: Disable OpenCL kernel cache on Apple for Intel CPU (throws CL_BUILD_PROGRAM_FAILURE for no reason) - OpenCL Runtime: Do not run shared- and constant-memory size checks if their memory type is of type global memory (typically CPU) - OpenCL Runtime: Improve ROCm detection and make sure to not confuse with recent AMDGPU drivers diff --git a/docs/readme.txt b/docs/readme.txt index 5b81c4d7d..c04fa8da3 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -346,6 +346,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or - Apple - Intel - NVidia +- POCL ## ## Supported OpenCL device types diff --git a/src/backend.c b/src/backend.c index 8feaa2b4e..be81bc8ad 100644 --- a/src/backend.c +++ b/src/backend.c @@ -54,22 +54,16 @@ static int backend_ctx_find_alias_devices (hashcat_ctx_t *hashcat_ctx) { backend_ctx_t *backend_ctx = hashcat_ctx->backend_ctx; + // first identify all aliases + for (int backend_devices_cnt_src = 0; backend_devices_cnt_src < backend_ctx->backend_devices_cnt; backend_devices_cnt_src++) { hc_device_param_t *device_param_src = &backend_ctx->devices_param[backend_devices_cnt_src]; - if (device_param_src->skipped == true) continue; - - if (device_param_src->skipped_warning == true) continue; - for (int backend_devices_cnt_dst = backend_devices_cnt_src + 1; backend_devices_cnt_dst < backend_ctx->backend_devices_cnt; backend_devices_cnt_dst++) { hc_device_param_t *device_param_dst = &backend_ctx->devices_param[backend_devices_cnt_dst]; - if (device_param_dst->skipped == true) continue; - - if (device_param_dst->skipped_warning == true) continue; - if (is_same_device (device_param_src, device_param_dst) == false) continue; device_param_src->device_id_alias_buf[device_param_src->device_id_alias_cnt] = device_param_dst->device_id; @@ -77,18 +71,42 @@ static int backend_ctx_find_alias_devices (hashcat_ctx_t *hashcat_ctx) device_param_dst->device_id_alias_buf[device_param_dst->device_id_alias_cnt] = device_param_src->device_id; device_param_dst->device_id_alias_cnt++; + } + } - if (device_param_dst->is_opencl == true) - { - if (device_param_dst->skipped == false) - { - device_param_dst->skipped = true; + // find the alias to skip + + for (int backend_devices_pos = 0; backend_devices_pos < backend_ctx->backend_devices_cnt; backend_devices_pos++) + { + hc_device_param_t *backend_device = &backend_ctx->devices_param[backend_devices_pos]; - backend_ctx->opencl_devices_active--; + if (backend_device->skipped == true) continue; - backend_ctx->backend_devices_active--; - } - } + if (backend_device->skipped_warning == true) continue; + + for (int device_id_alias_pos = 0; device_id_alias_pos < backend_device->device_id_alias_cnt; device_id_alias_pos++) + { + const int alias_pos = backend_device->device_id_alias_buf[device_id_alias_pos]; + + hc_device_param_t *alias_device = &backend_ctx->devices_param[alias_pos]; + + if (alias_device->skipped == true) continue; + + if (alias_device->skipped_warning == true) continue; + + // this lets CUDA devices survive over OpenCL + + if (alias_device->is_cuda == true) continue; + + // this lets native OpenCL runtime survive over generic OpenCL runtime + + if (alias_device->opencl_platform_vendor_id == alias_device->opencl_device_vendor_id) continue; + + alias_device->skipped = true; + + backend_ctx->opencl_devices_active--; + + backend_ctx->backend_devices_active--; } } @@ -5972,23 +5990,61 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) device_param->device_local_mem_size = device_local_mem_size; - // If there's both an Intel CPU and an AMD OpenCL runtime it's a tricky situation - // Both platforms support CPU device types and therefore both will try to use 100% of the physical resources - // This results in both utilizing it for 50% - // However, Intel has much better SIMD control over their own hardware - // It makes sense to give them full control over their own hardware + // older POCL version and older LLVM versions are known to fail compiling kernels + // we need to inform the user to update + // https://github.com/hashcat/hashcat/issues/2344 - if (opencl_device_type & CL_DEVICE_TYPE_CPU) + if (opencl_platform_vendor_id == VENDOR_ID_POCL) { - if (device_param->opencl_device_vendor_id == VENDOR_ID_AMD_USE_INTEL) + char *pocl_version_ptr = strstr (opencl_platform_version, "pocl "); + char *llvm_version_ptr = strstr (opencl_platform_version, "LLVM "); + + if ((pocl_version_ptr != NULL) && (llvm_version_ptr != NULL)) { - if (user_options->force == false) + bool pocl_skip = false; + + int pocl_maj = 0; + int pocl_min = 0; + + const int res1 = sscanf (pocl_version_ptr, "pocl %d.%d", &pocl_maj, &pocl_min); + + if (res1 == 2) { - if (user_options->quiet == false) event_log_warning (hashcat_ctx, "* Device #%u: Not a native Intel OpenCL runtime. Expect massive speed loss.", device_id + 1); - if (user_options->quiet == false) event_log_warning (hashcat_ctx, " You can use --force to override, but do not report related errors."); - if (user_options->quiet == false) event_log_warning (hashcat_ctx, NULL); + const int pocl_version = (pocl_maj * 100) + pocl_min; - device_param->skipped = true; + if (pocl_version < 105) + { + pocl_skip = true; + } + } + + int llvm_maj = 0; + int llvm_min = 0; + + const int res2 = sscanf (llvm_version_ptr, "LLVM %d.%d", &llvm_maj, &llvm_min); + + if (res2 == 2) + { + const int llvm_version = (llvm_maj * 100) + llvm_min; + + if (llvm_version < 900) + { + pocl_skip = true; + } + } + + if (pocl_skip == true) + { + if (user_options->force == false) + { + event_log_error (hashcat_ctx, "* Device #%u: Outdated POCL OpenCL driver detected!", device_id + 1); + + if (user_options->quiet == false) event_log_warning (hashcat_ctx, "This OpenCL driver has been marked as likely to fail kernel compilation or to produce false negatives."); + if (user_options->quiet == false) event_log_warning (hashcat_ctx, "You can use --force to override this, but do not report related errors."); + if (user_options->quiet == false) event_log_warning (hashcat_ctx, NULL); + + device_param->skipped = true; + } } } } @@ -6001,14 +6057,11 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) || (strstr (opencl_device_version_lower, " neo")) || (strstr (opencl_device_version_lower, "beignet ")) || (strstr (opencl_device_version_lower, " beignet")) - || (strstr (opencl_device_version_lower, "pocl ")) - || (strstr (opencl_device_version_lower, " pocl")) || (strstr (opencl_device_version_lower, "mesa ")) || (strstr (opencl_device_version_lower, " mesa"))) { // NEO: https://github.com/hashcat/hashcat/issues/2342 // BEIGNET: https://github.com/hashcat/hashcat/issues/2243 - // POCL: https://github.com/hashcat/hashcat/issues/2344 // MESA: https://github.com/hashcat/hashcat/issues/2269 if (user_options->force == false) @@ -6541,10 +6594,10 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) backend_ctx->backend_devices_cnt = cuda_devices_cnt + opencl_devices_cnt; backend_ctx->backend_devices_active = cuda_devices_active + opencl_devices_active; - // find duplicate devices (typically CUDA and OpenCL) + // find duplicate devices - if ((cuda_devices_cnt > 0) && (opencl_devices_cnt > 0)) - { + //if ((cuda_devices_cnt > 0) && (opencl_devices_cnt > 0)) + //{ // using force here enables both devices, which is the worst possible outcome // many users force by default, so this is not a good idea @@ -6552,7 +6605,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) //{ backend_ctx_find_alias_devices (hashcat_ctx); //{ - } + //} if (backend_ctx->backend_devices_active == 0) { From 891b59fb2fb9ae746ef454110f07a1c3040aaddb Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 3 Jun 2020 10:05:29 +0200 Subject: [PATCH 14/19] Remove some old code no longed needed --- src/filehandling.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/filehandling.c b/src/filehandling.c index 86a448f11..598881077 100644 --- a/src/filehandling.c +++ b/src/filehandling.c @@ -235,8 +235,6 @@ size_t hc_fwrite (const void *ptr, size_t size, size_t nmemb, HCFILE *fp) #endif } - if (n != nmemb) return -1; - return n; } From dc9f4e993a64da8a98574f1ec85490a6bfbe6b39 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 3 Jun 2020 11:10:31 +0200 Subject: [PATCH 15/19] Fix for #2387, but need some testing first --- src/brain.c | 4 ++++ src/folder.c | 3 +++ src/user_options.c | 12 ++++++++++-- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/src/brain.c b/src/brain.c index b39c4f16d..ed0fad804 100644 --- a/src/brain.c +++ b/src/brain.c @@ -1486,12 +1486,14 @@ bool brain_server_read_hash_dumps (brain_server_dbs_t *brain_server_dbs, const c { brain_server_dbs->hash_cnt = 0; + /* temporary disabled due to https://github.com/hashcat/hashcat/issues/2379 if (chdir (path) == -1) { brain_logging (stderr, 0, "%s: %s\n", path, strerror (errno)); return false; } + */ DIR *dirp = opendir (path); @@ -1683,12 +1685,14 @@ bool brain_server_read_attack_dumps (brain_server_dbs_t *brain_server_dbs, const { brain_server_dbs->attack_cnt = 0; + /* temporary disabled due to https://github.com/hashcat/hashcat/issues/2379 if (chdir (path) == -1) { brain_logging (stderr, 0, "%s: %s\n", path, strerror (errno)); return false; } + */ DIR *dirp = opendir (path); diff --git a/src/folder.c b/src/folder.c index 9f1130f05..84fad8ef6 100644 --- a/src/folder.c +++ b/src/folder.c @@ -258,6 +258,7 @@ int folder_config_init (hashcat_ctx_t *hashcat_ctx, MAYBE_UNUSED const char *ins * A workaround is to chdir() to the OpenCL folder, * then compile the kernels, * then chdir() back to where we came from so we need to save it first + * - temporary disabled due to https://github.com/hashcat/hashcat/issues/2379 */ char *cwd = (char *) hcmalloc (HCBUFSIZ_TINY); @@ -450,6 +451,7 @@ int folder_config_init (hashcat_ctx_t *hashcat_ctx, MAYBE_UNUSED const char *ins hcfree (cpath); //if (getenv ("TMP") == NULL) + /* temporary disabled due to https://github.com/hashcat/hashcat/issues/2379 if (true) { char *tmp; @@ -458,6 +460,7 @@ int folder_config_init (hashcat_ctx_t *hashcat_ctx, MAYBE_UNUSED const char *ins putenv (tmp); } + */ #if defined (_WIN) diff --git a/src/user_options.c b/src/user_options.c index ec19a0354..544abfc0c 100644 --- a/src/user_options.c +++ b/src/user_options.c @@ -2760,12 +2760,14 @@ int user_options_check_files (hashcat_ctx_t *hashcat_ctx) * default building options */ + /* temporary disabled due to https://github.com/hashcat/hashcat/issues/2379 if (chdir (folder_config->cpath_real) == -1) { event_log_error (hashcat_ctx, "%s: %s", folder_config->cpath_real, strerror (errno)); return -1; } + */ // include check // this test needs to be done manually because of macOS opencl runtime @@ -2792,9 +2794,13 @@ int user_options_check_files (hashcat_ctx_t *hashcat_ctx) for (int i = 0; files_names[i] != NULL; i++) { - if (hc_path_read (files_names[i]) == false) + char *temp_filename = NULL; + + hc_asprintf (&temp_filename, "%s/%s", folder_config->cpath_real, files_names[i]); + + if (hc_path_read (temp_filename) == false) { - event_log_error (hashcat_ctx, "%s: %s", files_names[i], strerror (errno)); + event_log_error (hashcat_ctx, "%s: %s", temp_filename, strerror (errno)); return -1; } @@ -2802,6 +2808,7 @@ int user_options_check_files (hashcat_ctx_t *hashcat_ctx) // return back to the folder we came from initially (workaround) + /* temporary disabled due to https://github.com/hashcat/hashcat/issues/2379 #if defined (_WIN) if (chdir ("..") == -1) { @@ -2817,6 +2824,7 @@ int user_options_check_files (hashcat_ctx_t *hashcat_ctx) return -1; } #endif + */ return 0; } From 1e469a96a46920ab542dbd5545c583367086d58c Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 3 Jun 2020 12:31:17 +0200 Subject: [PATCH 16/19] Add missing branch in automatic alias device selection --- src/backend.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/backend.c b/src/backend.c index be81bc8ad..11635a265 100644 --- a/src/backend.c +++ b/src/backend.c @@ -98,9 +98,12 @@ static int backend_ctx_find_alias_devices (hashcat_ctx_t *hashcat_ctx) if (alias_device->is_cuda == true) continue; - // this lets native OpenCL runtime survive over generic OpenCL runtime + // this lets native OpenCL runtime survive over generic OpenCL runtime - if (alias_device->opencl_platform_vendor_id == alias_device->opencl_device_vendor_id) continue; + if (alias_device->opencl_device_type & CL_DEVICE_TYPE_CPU) + { + if (alias_device->opencl_platform_vendor_id == alias_device->opencl_device_vendor_id) continue; + } alias_device->skipped = true; From 09b2bb0ad72d4a7b29576232c57a1e87338f9cbd Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 3 Jun 2020 12:51:38 +0200 Subject: [PATCH 17/19] Fixed a buffer overflow in module_hash_decode() of -m 15500 --- src/modules/module_15500.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/modules/module_15500.c b/src/modules/module_15500.c index 6e714bce3..f61e3b289 100644 --- a/src/modules/module_15500.c +++ b/src/modules/module_15500.c @@ -197,9 +197,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // alias - const u8 *alias_pos = token.buf[6]; - - strncpy ((char *) jks_sha1->alias, (const char *) alias_pos, 64); + memcpy ((char *) jks_sha1->alias, (const char *) token.buf[6], token.len[6]); // fake salt @@ -237,6 +235,10 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE u8 *der = (u8 *) jks_sha1->der; + char alias[65] = { 0 }; + + memcpy (alias, (char *) jks_sha1->alias, 64); + const int line_len = snprintf (line_buf, line_size, "%s*%08X%08X%08X%08X%08X*%08X%08X%08X%08X%08X*%s*%02X*%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X*%s", SIGNATURE_JKS_SHA1, byte_swap_32 (jks_sha1->checksum[0]), @@ -265,7 +267,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE der[17], der[18], der[19], - (char *) jks_sha1->alias + alias ); return line_len; From a6a6bb200a956bce4ca1bf3a5133f1accaa847d0 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 3 Jun 2020 14:38:04 +0200 Subject: [PATCH 18/19] Mark NV 441.x as fixed --- src/backend.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/backend.c b/src/backend.c index 11635a265..94f2df4ef 100644 --- a/src/backend.c +++ b/src/backend.c @@ -6318,7 +6318,9 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (r == 2) { - if (version_maj >= 440) + // nvidia 441.x looks ok + + if (version_maj == 440) { if (version_min >= 64) { From ca35d8113fcb13ad6899d630bae21bafa3e510b1 Mon Sep 17 00:00:00 2001 From: philsmd Date: Fri, 5 Jun 2020 08:50:16 +0200 Subject: [PATCH 19/19] fixes #2430: documentation of rules z/Z was incorrect Signed-off-by: philsmd --- docs/rules.txt | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/rules.txt b/docs/rules.txt index 52fba68ca..b2621bba4 100644 --- a/docs/rules.txt +++ b/docs/rules.txt @@ -23,8 +23,8 @@ #define RULE_OP_MANGLE_TRUNCATE_AT '\''// cut the word at pos N #define RULE_OP_MANGLE_REPLACE 's' // replace all chars X with char Y #define RULE_OP_MANGLE_PURGECHAR '@' // purge all instances of char X -#define RULE_OP_MANGLE_DUPECHAR_FIRST 'z' // prepend first char of word to itself. ex: hello -> hhello -#define RULE_OP_MANGLE_DUPECHAR_LAST 'Z' // append last char of word to itself. ex: hello -> helloo +#define RULE_OP_MANGLE_DUPECHAR_FIRST 'z' // prepend first char of word to itself N times. ex: hello -> hhhello +#define RULE_OP_MANGLE_DUPECHAR_LAST 'Z' // append last char of word to itself N times. ex: hello -> hellooo #define RULE_OP_MANGLE_DUPECHAR_ALL 'q' // duplicate all chars. ex: hello -> hheelllloo #define RULE_OP_MANGLE_SWITCH_FIRST 'k' // switches the first 2 chars. ex: hello -> ehllo #define RULE_OP_MANGLE_SWITCH_LAST 'K' // switches the last 2 chars. ex: hello -> helol @@ -33,10 +33,10 @@ #define RULE_OP_MANGLE_CHR_SHIFTR 'R' // bitwise shift right char at pos N. ex: hello` -> hello0 #define RULE_OP_MANGLE_CHR_INCR '+' // bytewise increase at pos N. ex: hello0 -> hello1 #define RULE_OP_MANGLE_CHR_DECR '-' // bytewise decreate at pos N. ex: hello1 -> hello0 -#define RULE_OP_MANGLE_REPLACE_NP1 '.' // replaces character @ n with value at @ n plus 1 -#define RULE_OP_MANGLE_REPLACE_NM1 ',' // replaces character @ n with value at @ n minus 1 -#define RULE_OP_MANGLE_DUPEBLOCK_FIRST 'y' // duplicates first n characters -#define RULE_OP_MANGLE_DUPEBLOCK_LAST 'Y' // duplicates last n characters +#define RULE_OP_MANGLE_REPLACE_NP1 '.' // replaces char @ n with value at @ n plus 1 +#define RULE_OP_MANGLE_REPLACE_NM1 ',' // replaces char @ n with value at @ n minus 1 +#define RULE_OP_MANGLE_DUPEBLOCK_FIRST 'y' // duplicates first N chars +#define RULE_OP_MANGLE_DUPEBLOCK_LAST 'Y' // duplicates last N chars #define RULE_OP_MANGLE_TITLE 'E' // lowercase everything then upper case the first letter and every letter after a space #define RULE_OP_MANGLE_TITLE_SEP 'e' // lowercase everything then upper case the first letter and every letter after char X @@ -57,4 +57,4 @@ #define RULE_OP_REJECT_EQUAL_AT '=' // reject plains that do not contain char X at pos N #define RULE_OP_REJECT_CONTAINS '%' // reject plains that contain char X less than N times #define RULE_OP_REJECT_MEMORY 'Q' // reject plains that match the plain saved (see M), i.e. if unchanged -#define RULE_LAST_REJECTED_SAVED_POS 'p' // pos of the character last found with '/' or '%' +#define RULE_LAST_REJECTED_SAVED_POS 'p' // pos of the char last found with '/' or '%'