Contains a kernel for the latest ODF 1.2 encryption implemented in
LibreOffice. The algorithm uses a SHA-256 checksum, a PBKDF2-HMAC-SHA1
key derivation with 100000 iterations and key stretching and AES-CBC
encryption.
Valid hashes can be extracted with the libreoffice2john.py script,
available from the John the Ripper Jumbo repository at
https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/libreoffice2john.py
You have to remove the filename suffix at the end of the hash before
passing it to hashcat. Also see 'hashcat -m18400 --example-hashes'.
You can leave the filename prefix if you use the --username option to
process those hashes.
- Add hash-mode 18400 (Open Document Format (ODF) 1.2 (SHA-256, AES))
- Tests: add hash-mode 18400 (Open Document Format (ODF) 1.2 (SHA-256, AES))
Remove unnecessary constant variables by hardcoring values instead of
looking up. Precalculate swaps that are known at compile time. Hardcode
hashes_shown offset as zero for all TC / VC kernels.
Adds suport for the Japanese cipher Camellia with 256-bit keys as used
by VeraCrypt.
- Add Camellia header decryption checks to all VeraCrypt kernels
- Add test containers for remaining cipher combinations
Adds support for the Russian cipher specified in GOST R 34.12-2015, also
known as Kuznyechik (Grasshopper).
- Add Kuznyechik header decryption checks to all VeraCrypt kernels
- Add test containers for available Kuznyechik cipher combinations
The 7zip, scrypt and stdout kernels differ from the others in their
function declarations somewhat. Unify them and substitute with macros.
Also remove a few superfluous (bogus) consts which were introduced in
the previous PR.
Substitute long parameter lists in ~2900 kernel function declarations
with macros. This cleans up the code, reduces probability of copy-paste
errors and highlights the differences between kernel functions. Also
reduces the size of the OpenCL folder by ~3 MB.
Most of the kernel functions use nearly identical parameter lists.
Essentially, there are four parameters that vary, except for a dozen odd
kernel functions (e.g. stdout, zip, scrypt). This means that the function
declarations can be hidden behind a few simple macros with up to two
parameters.
In preparation for the abstraction of long repetitive kernel function
declarations, rename the salt buffer pointers to *esalt_bufs. Also
declare them const where they are not.
Implement HMAC based on GOST 34.11-2012 Streebog-512 as well as a test
case for it. Both the PyGOST + hmac python module and the VeraCrypt HMAC
for Streebog-512 were used as references. The kernels expect the digests
to be in big-endian order according to the RFC examples for Streebog.
Fix two bugs from commit 224315dd62.
- Add hash-mode 11850: HMAC-Streebog-512 (key = $pass), big-endian
- Add test case for hash-mode 11850
- Bugfix for a3-pure Streebog kernels (modes 11700 and 11800)
- Rename a few Streebog constants in interface.h
Complete Streebog support with pure kernels that allow for passwords
longer than 64 characters. Provide generic inc_hash_streebog files
for future Streebog-based hash modes (HMAC, PBKDF2, VeraCrypt).
Include streebog support in the test suite. For this, python module
PyGOST is needed. Also add clarification to hash mode description
stating that Streebog hashes are expected in big-endian byte order.
There are several implementations, including PyGOST, which default
to little-endian byte order, while the RFC examples are big-endian.
- Add pure kernels for hash-mode 11700 (Streebog-256)
- Add pure kernels for hash-mode 11800 (Streebog-512)
- Tests: Add hash-modes 11700 (Streebog-256) and 11800 (Streebog-512)