From fb892e01a8f79c7daa8f8241ae919658ae5cf936 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Fri, 25 Apr 2025 18:02:18 +0200 Subject: [PATCH] add workaround for false positives on 22931 --- OpenCL/m22931_a0-pure.cl | 73 ++++++++++++++++++++++++++++++++++++++++ OpenCL/m22931_a1-pure.cl | 73 ++++++++++++++++++++++++++++++++++++++++ OpenCL/m22931_a3-pure.cl | 73 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 219 insertions(+) diff --git a/OpenCL/m22931_a0-pure.cl b/OpenCL/m22931_a0-pure.cl index 9bf8e31c5..f9a8e8e1d 100644 --- a/OpenCL/m22931_a0-pure.cl +++ b/OpenCL/m22931_a0-pure.cl @@ -26,6 +26,71 @@ typedef struct pem } pem_t; +DECLSPEC int asn1_check_int_tag (PRIVATE_AS const u32 *buf, const int len) +{ + const u8 *bytes = (const u8 *) buf; + + int seq_len_offset = 0; + + if (bytes[1] < 0x80) + { + seq_len_offset = 2; + } + else if (bytes[1] == 0x81) + { + seq_len_offset = 3; + } + else if (bytes[1] == 0x82) + { + seq_len_offset = 4; + } + else + { + return 0; + } + + int pos = seq_len_offset; + + if (pos >= len) return 0; + if (pos + 2 > len) return 0; + + u8 tag = bytes[pos]; + + if (tag != 0x02) return 0; + + u8 len_byte = bytes[pos + 1]; + + int val_len = 0; + int tmp_len = 1; + + if (len_byte < 0x80) + { + val_len = len_byte; + } + else if (len_byte == 0x81) + { + if (pos + 2 >= len) return 0; + val_len = bytes[pos + 2]; + tmp_len = 2; + } + else if (len_byte == 0x82) + { + if (pos + 3 >= len) return 0; + val_len = (bytes[pos + 2] << 8) | bytes[pos + 3]; + tmp_len = 3; + } + else + { + return 0; + } + + if (pos + 1 + tmp_len + val_len > len) return 0; + + if (val_len != 1) return 0; + + return 1; +} + KERNEL_FQ void m22931_mxx (KERN_ATTR_RULES_ESALT (pem_t)) { const u64 gid = get_global_id (0); @@ -224,6 +289,10 @@ KERNEL_FQ void m22931_mxx (KERN_ATTR_RULES_ESALT (pem_t)) if (asn1_ok == 0) continue; + const int asn1_tag_ok = asn1_check_int_tag (dec, real_len); + + if (asn1_tag_ok == 0) continue; + const u32 r0 = search[0]; const u32 r1 = search[1]; const u32 r2 = search[2]; @@ -431,6 +500,10 @@ KERNEL_FQ void m22931_sxx (KERN_ATTR_RULES_ESALT (pem_t)) if (asn1_ok == 0) continue; + const int asn1_tag_ok = asn1_check_int_tag (dec, real_len); + + if (asn1_tag_ok == 0) continue; + const u32 r0 = search[0]; const u32 r1 = search[1]; const u32 r2 = search[2]; diff --git a/OpenCL/m22931_a1-pure.cl b/OpenCL/m22931_a1-pure.cl index 045076665..ae9861a06 100644 --- a/OpenCL/m22931_a1-pure.cl +++ b/OpenCL/m22931_a1-pure.cl @@ -24,6 +24,71 @@ typedef struct pem } pem_t; +DECLSPEC int asn1_check_int_tag (PRIVATE_AS const u32 *buf, const int len) +{ + const u8 *bytes = (const u8 *) buf; + + int seq_len_offset = 0; + + if (bytes[1] < 0x80) + { + seq_len_offset = 2; + } + else if (bytes[1] == 0x81) + { + seq_len_offset = 3; + } + else if (bytes[1] == 0x82) + { + seq_len_offset = 4; + } + else + { + return 0; + } + + int pos = seq_len_offset; + + if (pos >= len) return 0; + if (pos + 2 > len) return 0; + + u8 tag = bytes[pos]; + + if (tag != 0x02) return 0; + + u8 len_byte = bytes[pos + 1]; + + int val_len = 0; + int tmp_len = 1; + + if (len_byte < 0x80) + { + val_len = len_byte; + } + else if (len_byte == 0x81) + { + if (pos + 2 >= len) return 0; + val_len = bytes[pos + 2]; + tmp_len = 2; + } + else if (len_byte == 0x82) + { + if (pos + 3 >= len) return 0; + val_len = (bytes[pos + 2] << 8) | bytes[pos + 3]; + tmp_len = 3; + } + else + { + return 0; + } + + if (pos + 1 + tmp_len + val_len > len) return 0; + + if (val_len != 1) return 0; + + return 1; +} + KERNEL_FQ void m22931_mxx (KERN_ATTR_ESALT (pem_t)) { const u64 gid = get_global_id (0); @@ -218,6 +283,10 @@ KERNEL_FQ void m22931_mxx (KERN_ATTR_ESALT (pem_t)) if (asn1_ok == 0) continue; + const int asn1_tag_ok = asn1_check_int_tag (dec, real_len); + + if (asn1_tag_ok == 0) continue; + const u32 r0 = search[0]; const u32 r1 = search[1]; const u32 r2 = search[2]; @@ -421,6 +490,10 @@ KERNEL_FQ void m22931_sxx (KERN_ATTR_ESALT (pem_t)) if (asn1_ok == 0) continue; + const int asn1_tag_ok = asn1_check_int_tag (dec, real_len); + + if (asn1_tag_ok == 0) continue; + const u32 r0 = search[0]; const u32 r1 = search[1]; const u32 r2 = search[2]; diff --git a/OpenCL/m22931_a3-pure.cl b/OpenCL/m22931_a3-pure.cl index b32e9c726..f8c3313cd 100644 --- a/OpenCL/m22931_a3-pure.cl +++ b/OpenCL/m22931_a3-pure.cl @@ -24,6 +24,71 @@ typedef struct pem } pem_t; +DECLSPEC int asn1_check_int_tag (PRIVATE_AS const u32 *buf, const int len) +{ + const u8 *bytes = (const u8 *) buf; + + int seq_len_offset = 0; + + if (bytes[1] < 0x80) + { + seq_len_offset = 2; + } + else if (bytes[1] == 0x81) + { + seq_len_offset = 3; + } + else if (bytes[1] == 0x82) + { + seq_len_offset = 4; + } + else + { + return 0; + } + + int pos = seq_len_offset; + + if (pos >= len) return 0; + if (pos + 2 > len) return 0; + + u8 tag = bytes[pos]; + + if (tag != 0x02) return 0; + + u8 len_byte = bytes[pos + 1]; + + int val_len = 0; + int tmp_len = 1; + + if (len_byte < 0x80) + { + val_len = len_byte; + } + else if (len_byte == 0x81) + { + if (pos + 2 >= len) return 0; + val_len = bytes[pos + 2]; + tmp_len = 2; + } + else if (len_byte == 0x82) + { + if (pos + 3 >= len) return 0; + val_len = (bytes[pos + 2] << 8) | bytes[pos + 3]; + tmp_len = 3; + } + else + { + return 0; + } + + if (pos + 1 + tmp_len + val_len > len) return 0; + + if (val_len != 1) return 0; + + return 1; +} + KERNEL_FQ void m22931_mxx (KERN_ATTR_VECTOR_ESALT (pem_t)) { const u64 gid = get_global_id (0); @@ -237,6 +302,10 @@ KERNEL_FQ void m22931_mxx (KERN_ATTR_VECTOR_ESALT (pem_t)) if (asn1_ok == 0) continue; + const int asn1_tag_ok = asn1_check_int_tag (dec, real_len); + + if (asn1_tag_ok == 0) continue; + const u32 r0 = search[0]; const u32 r1 = search[1]; const u32 r2 = search[2]; @@ -459,6 +528,10 @@ KERNEL_FQ void m22931_sxx (KERN_ATTR_VECTOR_ESALT (pem_t)) if (asn1_ok == 0) continue; + const int asn1_tag_ok = asn1_check_int_tag (dec, real_len); + + if (asn1_tag_ok == 0) continue; + const u32 r0 = search[0]; const u32 r1 = search[1]; const u32 r2 = search[2];