2 * Author......: Jens Steube <jens.steube@gmail.com>
8 #include "inc_vendor.cl"
9 #include "inc_hash_constants.h"
10 #include "inc_hash_functions.cl"
11 #include "inc_types.cl"
12 #include "inc_common.cl"
14 #define COMPARE_S "inc_comp_single.cl"
15 #define COMPARE_M "inc_comp_multi.cl"
17 __constant u32 k_sha256[64] =
19 SHA256C00, SHA256C01, SHA256C02, SHA256C03,
20 SHA256C04, SHA256C05, SHA256C06, SHA256C07,
21 SHA256C08, SHA256C09, SHA256C0a, SHA256C0b,
22 SHA256C0c, SHA256C0d, SHA256C0e, SHA256C0f,
23 SHA256C10, SHA256C11, SHA256C12, SHA256C13,
24 SHA256C14, SHA256C15, SHA256C16, SHA256C17,
25 SHA256C18, SHA256C19, SHA256C1a, SHA256C1b,
26 SHA256C1c, SHA256C1d, SHA256C1e, SHA256C1f,
27 SHA256C20, SHA256C21, SHA256C22, SHA256C23,
28 SHA256C24, SHA256C25, SHA256C26, SHA256C27,
29 SHA256C28, SHA256C29, SHA256C2a, SHA256C2b,
30 SHA256C2c, SHA256C2d, SHA256C2e, SHA256C2f,
31 SHA256C30, SHA256C31, SHA256C32, SHA256C33,
32 SHA256C34, SHA256C35, SHA256C36, SHA256C37,
33 SHA256C38, SHA256C39, SHA256C3a, SHA256C3b,
34 SHA256C3c, SHA256C3d, SHA256C3e, SHA256C3f,
37 void sha256_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[8])
65 #define ROUND_EXPAND() \
67 w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); \
68 w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); \
69 w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); \
70 w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); \
71 w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); \
72 w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); \
73 w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); \
74 w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); \
75 w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); \
76 w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); \
77 wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); \
78 wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); \
79 wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); \
80 wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); \
81 we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); \
82 wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); \
85 #define ROUND_STEP(i) \
87 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, k_sha256[i + 0]); \
88 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, k_sha256[i + 1]); \
89 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, k_sha256[i + 2]); \
90 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, k_sha256[i + 3]); \
91 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, k_sha256[i + 4]); \
92 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, k_sha256[i + 5]); \
93 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, k_sha256[i + 6]); \
94 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, k_sha256[i + 7]); \
95 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, k_sha256[i + 8]); \
96 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, k_sha256[i + 9]); \
97 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, k_sha256[i + 10]); \
98 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, k_sha256[i + 11]); \
99 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, k_sha256[i + 12]); \
100 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, k_sha256[i + 13]); \
101 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, k_sha256[i + 14]); \
102 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, k_sha256[i + 15]); \
110 for (int i = 16; i < 64; i += 16)
112 ROUND_EXPAND (); ROUND_STEP (i);
125 void hmac_sha256_pad (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8])
127 w0[0] = w0[0] ^ 0x36363636;
128 w0[1] = w0[1] ^ 0x36363636;
129 w0[2] = w0[2] ^ 0x36363636;
130 w0[3] = w0[3] ^ 0x36363636;
131 w1[0] = w1[0] ^ 0x36363636;
132 w1[1] = w1[1] ^ 0x36363636;
133 w1[2] = w1[2] ^ 0x36363636;
134 w1[3] = w1[3] ^ 0x36363636;
135 w2[0] = w2[0] ^ 0x36363636;
136 w2[1] = w2[1] ^ 0x36363636;
137 w2[2] = w2[2] ^ 0x36363636;
138 w2[3] = w2[3] ^ 0x36363636;
139 w3[0] = w3[0] ^ 0x36363636;
140 w3[1] = w3[1] ^ 0x36363636;
141 w3[2] = w3[2] ^ 0x36363636;
142 w3[3] = w3[3] ^ 0x36363636;
153 sha256_transform (w0, w1, w2, w3, ipad);
155 w0[0] = w0[0] ^ 0x6a6a6a6a;
156 w0[1] = w0[1] ^ 0x6a6a6a6a;
157 w0[2] = w0[2] ^ 0x6a6a6a6a;
158 w0[3] = w0[3] ^ 0x6a6a6a6a;
159 w1[0] = w1[0] ^ 0x6a6a6a6a;
160 w1[1] = w1[1] ^ 0x6a6a6a6a;
161 w1[2] = w1[2] ^ 0x6a6a6a6a;
162 w1[3] = w1[3] ^ 0x6a6a6a6a;
163 w2[0] = w2[0] ^ 0x6a6a6a6a;
164 w2[1] = w2[1] ^ 0x6a6a6a6a;
165 w2[2] = w2[2] ^ 0x6a6a6a6a;
166 w2[3] = w2[3] ^ 0x6a6a6a6a;
167 w3[0] = w3[0] ^ 0x6a6a6a6a;
168 w3[1] = w3[1] ^ 0x6a6a6a6a;
169 w3[2] = w3[2] ^ 0x6a6a6a6a;
170 w3[3] = w3[3] ^ 0x6a6a6a6a;
181 sha256_transform (w0, w1, w2, w3, opad);
184 void hmac_sha256_run (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8], u32 digest[8])
195 sha256_transform (w0, w1, w2, w3, digest);
212 w3[3] = (64 + 32) * 8;
223 sha256_transform (w0, w1, w2, w3, digest);
226 void memcat8 (u32 block0[4], u32 block1[4], u32 block2[4], u32 block3[4], const u32 block_len, const u32 append[2])
231 block0[0] = append[0];
232 block0[1] = append[1];
236 block0[0] = block0[0] | append[0] << 8;
237 block0[1] = append[0] >> 24 | append[1] << 8;
238 block0[2] = append[1] >> 24;
242 block0[0] = block0[0] | append[0] << 16;
243 block0[1] = append[0] >> 16 | append[1] << 16;
244 block0[2] = append[1] >> 16;
248 block0[0] = block0[0] | append[0] << 24;
249 block0[1] = append[0] >> 8 | append[1] << 24;
250 block0[2] = append[1] >> 8;
254 block0[1] = append[0];
255 block0[2] = append[1];
259 block0[1] = block0[1] | append[0] << 8;
260 block0[2] = append[0] >> 24 | append[1] << 8;
261 block0[3] = append[1] >> 24;
265 block0[1] = block0[1] | append[0] << 16;
266 block0[2] = append[0] >> 16 | append[1] << 16;
267 block0[3] = append[1] >> 16;
271 block0[1] = block0[1] | append[0] << 24;
272 block0[2] = append[0] >> 8 | append[1] << 24;
273 block0[3] = append[1] >> 8;
277 block0[2] = append[0];
278 block0[3] = append[1];
282 block0[2] = block0[2] | append[0] << 8;
283 block0[3] = append[0] >> 24 | append[1] << 8;
284 block1[0] = append[1] >> 24;
288 block0[2] = block0[2] | append[0] << 16;
289 block0[3] = append[0] >> 16 | append[1] << 16;
290 block1[0] = append[1] >> 16;
294 block0[2] = block0[2] | append[0] << 24;
295 block0[3] = append[0] >> 8 | append[1] << 24;
296 block1[0] = append[1] >> 8;
300 block0[3] = append[0];
301 block1[0] = append[1];
305 block0[3] = block0[3] | append[0] << 8;
306 block1[0] = append[0] >> 24 | append[1] << 8;
307 block1[1] = append[1] >> 24;
311 block0[3] = block0[3] | append[0] << 16;
312 block1[0] = append[0] >> 16 | append[1] << 16;
313 block1[1] = append[1] >> 16;
317 block0[3] = block0[3] | append[0] << 24;
318 block1[0] = append[0] >> 8 | append[1] << 24;
319 block1[1] = append[1] >> 8;
323 block1[0] = append[0];
324 block1[1] = append[1];
328 block1[0] = block1[0] | append[0] << 8;
329 block1[1] = append[0] >> 24 | append[1] << 8;
330 block1[2] = append[1] >> 24;
334 block1[0] = block1[0] | append[0] << 16;
335 block1[1] = append[0] >> 16 | append[1] << 16;
336 block1[2] = append[1] >> 16;
340 block1[0] = block1[0] | append[0] << 24;
341 block1[1] = append[0] >> 8 | append[1] << 24;
342 block1[2] = append[1] >> 8;
346 block1[1] = append[0];
347 block1[2] = append[1];
351 block1[1] = block1[1] | append[0] << 8;
352 block1[2] = append[0] >> 24 | append[1] << 8;
353 block1[3] = append[1] >> 24;
357 block1[1] = block1[1] | append[0] << 16;
358 block1[2] = append[0] >> 16 | append[1] << 16;
359 block1[3] = append[1] >> 16;
363 block1[1] = block1[1] | append[0] << 24;
364 block1[2] = append[0] >> 8 | append[1] << 24;
365 block1[3] = append[1] >> 8;
369 block1[2] = append[0];
370 block1[3] = append[1];
374 block1[2] = block1[2] | append[0] << 8;
375 block1[3] = append[0] >> 24 | append[1] << 8;
376 block2[0] = append[1] >> 24;
380 block1[2] = block1[2] | append[0] << 16;
381 block1[3] = append[0] >> 16 | append[1] << 16;
382 block2[0] = append[1] >> 16;
386 block1[2] = block1[2] | append[0] << 24;
387 block1[3] = append[0] >> 8 | append[1] << 24;
388 block2[0] = append[1] >> 8;
392 block1[3] = append[0];
393 block2[0] = append[1];
397 block1[3] = block1[3] | append[0] << 8;
398 block2[0] = append[0] >> 24 | append[1] << 8;
399 block2[1] = append[1] >> 24;
403 block1[3] = block1[3] | append[0] << 16;
404 block2[0] = append[0] >> 16 | append[1] << 16;
405 block2[1] = append[1] >> 16;
409 block1[3] = block1[3] | append[0] << 24;
410 block2[0] = append[0] >> 8 | append[1] << 24;
411 block2[1] = append[1] >> 8;
415 block2[0] = append[0];
416 block2[1] = append[1];
420 block2[0] = block2[0] | append[0] << 8;
421 block2[1] = append[0] >> 24 | append[1] << 8;
422 block2[2] = append[1] >> 24;
426 block2[0] = block2[0] | append[0] << 16;
427 block2[1] = append[0] >> 16 | append[1] << 16;
428 block2[2] = append[1] >> 16;
432 block2[0] = block2[0] | append[0] << 24;
433 block2[1] = append[0] >> 8 | append[1] << 24;
434 block2[2] = append[1] >> 8;
438 block2[1] = append[0];
439 block2[2] = append[1];
443 block2[1] = block2[1] | append[0] << 8;
444 block2[2] = append[0] >> 24 | append[1] << 8;
445 block2[3] = append[1] >> 24;
449 block2[1] = block2[1] | append[0] << 16;
450 block2[2] = append[0] >> 16 | append[1] << 16;
451 block2[3] = append[1] >> 16;
455 block2[1] = block2[1] | append[0] << 24;
456 block2[2] = append[0] >> 8 | append[1] << 24;
457 block2[3] = append[1] >> 8;
461 block2[2] = append[0];
462 block2[3] = append[1];
466 block2[2] = block2[2] | append[0] << 8;
467 block2[3] = append[0] >> 24 | append[1] << 8;
468 block3[0] = append[1] >> 24;
472 block2[2] = block2[2] | append[0] << 16;
473 block2[3] = append[0] >> 16 | append[1] << 16;
474 block3[0] = append[1] >> 16;
478 block2[2] = block2[2] | append[0] << 24;
479 block2[3] = append[0] >> 8 | append[1] << 24;
480 block3[0] = append[1] >> 8;
484 block2[3] = append[0];
485 block3[0] = append[1];
489 block2[3] = block2[3] | append[0] << 8;
490 block3[0] = append[0] >> 24 | append[1] << 8;
491 block3[1] = append[1] >> 24;
495 block2[3] = block2[3] | append[0] << 16;
496 block3[0] = append[0] >> 16 | append[1] << 16;
497 block3[1] = append[1] >> 16;
501 block2[3] = block2[3] | append[0] << 24;
502 block3[0] = append[0] >> 8 | append[1] << 24;
503 block3[1] = append[1] >> 8;
507 block3[0] = append[0];
508 block3[1] = append[1];
512 block3[0] = block3[0] | append[0] << 8;
513 block3[1] = append[0] >> 24 | append[1] << 8;
514 block3[2] = append[1] >> 24;
518 block3[0] = block3[0] | append[0] << 16;
519 block3[1] = append[0] >> 16 | append[1] << 16;
520 block3[2] = append[1] >> 16;
524 block3[0] = block3[0] | append[0] << 24;
525 block3[1] = append[0] >> 8 | append[1] << 24;
526 block3[2] = append[1] >> 8;
530 block3[1] = append[0];
531 block3[2] = append[1];
535 block3[1] = block3[1] | append[0] << 8;
536 block3[2] = append[0] >> 24 | append[1] << 8;
537 block3[3] = append[1] >> 24;
541 block3[1] = block3[1] | append[0] << 16;
542 block3[2] = append[0] >> 16 | append[1] << 16;
543 block3[3] = append[1] >> 16;
547 block3[1] = block3[1] | append[0] << 24;
548 block3[2] = append[0] >> 8 | append[1] << 24;
549 block3[3] = append[1] >> 8;
553 block3[2] = append[0];
554 block3[3] = append[1];
559 uint4 swap32_4 (uint4 v)
561 return (rotate ((v & 0x00FF00FF), 24u) | rotate ((v & 0xFF00FF00), 8u));
564 #define GET_SCRYPT_CNT(r,p) (2 * (r) * 16 * (p))
565 #define GET_SMIX_CNT(r,N) (2 * (r) * 16 * (N))
566 #define GET_STATE_CNT(r) (2 * (r) * 16)
568 #define SCRYPT_CNT GET_SCRYPT_CNT (SCRYPT_R, SCRYPT_P)
569 #define SCRYPT_CNT4 (SCRYPT_CNT / 4)
570 #define STATE_CNT GET_STATE_CNT (SCRYPT_R)
571 #define STATE_CNT4 (STATE_CNT / 4)
573 #define ADD_ROTATE_XOR(r,i1,i2,s) (r) ^= rotate ((i1) + (i2), (s));
575 #define SALSA20_2R() \
577 ADD_ROTATE_XOR (X1, X0, X3, 7); \
578 ADD_ROTATE_XOR (X2, X1, X0, 9); \
579 ADD_ROTATE_XOR (X3, X2, X1, 13); \
580 ADD_ROTATE_XOR (X0, X3, X2, 18); \
586 ADD_ROTATE_XOR (X3, X0, X1, 7); \
587 ADD_ROTATE_XOR (X2, X3, X0, 9); \
588 ADD_ROTATE_XOR (X1, X2, X3, 13); \
589 ADD_ROTATE_XOR (X0, X1, X2, 18); \
596 #define SALSA20_8_XOR() \
619 void salsa_r (uint4 *TI)
621 uint4 R0 = TI[STATE_CNT4 - 4];
622 uint4 R1 = TI[STATE_CNT4 - 3];
623 uint4 R2 = TI[STATE_CNT4 - 2];
624 uint4 R3 = TI[STATE_CNT4 - 1];
626 uint4 TO[STATE_CNT4];
630 int idx_r2 = SCRYPT_R * 4;
632 for (int i = 0; i < SCRYPT_R; i++)
665 for (int i = 0; i < STATE_CNT4; i++)
671 void scrypt_smix (uint4 *X, uint4 *T, __global uint4 *V0, __global uint4 *V1, __global uint4 *V2, __global uint4 *V3)
673 #define Coord(xd4,y,z) (((xd4) * ySIZE * zSIZE) + ((y) * zSIZE) + (z))
674 #define CO Coord(xd4,y,z)
676 const u32 ySIZE = SCRYPT_N / SCRYPT_TMTO;
677 const u32 zSIZE = STATE_CNT4;
679 const u32 x = get_global_id (0);
681 const u32 xd4 = x / 4;
682 const u32 xm4 = x & 3;
687 for (u32 i = 0; i < STATE_CNT4; i += 4)
689 T[0] = (uint4) (X[i + 0].x, X[i + 1].y, X[i + 2].z, X[i + 3].w);
690 T[1] = (uint4) (X[i + 1].x, X[i + 2].y, X[i + 3].z, X[i + 0].w);
691 T[2] = (uint4) (X[i + 2].x, X[i + 3].y, X[i + 0].z, X[i + 1].w);
692 T[3] = (uint4) (X[i + 3].x, X[i + 0].y, X[i + 1].z, X[i + 2].w);
700 for (u32 y = 0; y < ySIZE; y++)
704 case 0: for (u32 z = 0; z < zSIZE; z++) V0[CO] = X[z]; break;
705 case 1: for (u32 z = 0; z < zSIZE; z++) V1[CO] = X[z]; break;
706 case 2: for (u32 z = 0; z < zSIZE; z++) V2[CO] = X[z]; break;
707 case 3: for (u32 z = 0; z < zSIZE; z++) V3[CO] = X[z]; break;
710 for (u32 i = 0; i < SCRYPT_TMTO; i++) salsa_r (X);
713 for (u32 i = 0; i < SCRYPT_N; i++)
715 const u32 k = X[zSIZE - 4].x & (SCRYPT_N - 1);
717 const u32 y = k / SCRYPT_TMTO;
719 const u32 km = k - (y * SCRYPT_TMTO);
723 case 0: for (u32 z = 0; z < zSIZE; z++) T[z] = V0[CO]; break;
724 case 1: for (u32 z = 0; z < zSIZE; z++) T[z] = V1[CO]; break;
725 case 2: for (u32 z = 0; z < zSIZE; z++) T[z] = V2[CO]; break;
726 case 3: for (u32 z = 0; z < zSIZE; z++) T[z] = V3[CO]; break;
729 for (u32 i = 0; i < km; i++) salsa_r (T);
731 for (u32 z = 0; z < zSIZE; z++) X[z] ^= T[z];
739 for (u32 i = 0; i < STATE_CNT4; i += 4)
741 T[0] = (uint4) (X[i + 0].x, X[i + 3].y, X[i + 2].z, X[i + 1].w);
742 T[1] = (uint4) (X[i + 1].x, X[i + 0].y, X[i + 3].z, X[i + 2].w);
743 T[2] = (uint4) (X[i + 2].x, X[i + 1].y, X[i + 0].z, X[i + 3].w);
744 T[3] = (uint4) (X[i + 3].x, X[i + 2].y, X[i + 1].z, X[i + 0].w);
753 __kernel void m08900_init (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV0_buf, __global uint4 *d_scryptV1_buf, __global uint4 *d_scryptV2_buf, __global uint4 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
759 const u32 gid = get_global_id (0);
761 if (gid >= gid_max) return;
765 w0[0] = pws[gid].i[ 0];
766 w0[1] = pws[gid].i[ 1];
767 w0[2] = pws[gid].i[ 2];
768 w0[3] = pws[gid].i[ 3];
772 w1[0] = pws[gid].i[ 4];
773 w1[1] = pws[gid].i[ 5];
774 w1[2] = pws[gid].i[ 6];
775 w1[3] = pws[gid].i[ 7];
779 w2[0] = pws[gid].i[ 8];
780 w2[1] = pws[gid].i[ 9];
781 w2[2] = pws[gid].i[10];
782 w2[3] = pws[gid].i[11];
786 w3[0] = pws[gid].i[12];
787 w3[1] = pws[gid].i[13];
788 w3[2] = pws[gid].i[14];
789 w3[3] = pws[gid].i[15];
797 salt_buf0[0] = salt_bufs[salt_pos].salt_buf[0];
798 salt_buf0[1] = salt_bufs[salt_pos].salt_buf[1];
799 salt_buf0[2] = salt_bufs[salt_pos].salt_buf[2];
800 salt_buf0[3] = salt_bufs[salt_pos].salt_buf[3];
804 salt_buf1[0] = salt_bufs[salt_pos].salt_buf[4];
805 salt_buf1[1] = salt_bufs[salt_pos].salt_buf[5];
806 salt_buf1[2] = salt_bufs[salt_pos].salt_buf[6];
807 salt_buf1[3] = salt_bufs[salt_pos].salt_buf[7];
809 const u32 salt_len = salt_bufs[salt_pos].salt_len;
812 * 1st pbkdf2, creates B
815 w0[0] = swap32 (w0[0]);
816 w0[1] = swap32 (w0[1]);
817 w0[2] = swap32 (w0[2]);
818 w0[3] = swap32 (w0[3]);
819 w1[0] = swap32 (w1[0]);
820 w1[1] = swap32 (w1[1]);
821 w1[2] = swap32 (w1[2]);
822 w1[3] = swap32 (w1[3]);
823 w2[0] = swap32 (w2[0]);
824 w2[1] = swap32 (w2[1]);
825 w2[2] = swap32 (w2[2]);
826 w2[3] = swap32 (w2[3]);
827 w3[0] = swap32 (w3[0]);
828 w3[1] = swap32 (w3[1]);
829 w3[2] = swap32 (w3[2]);
830 w3[3] = swap32 (w3[3]);
835 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
837 for (u32 i = 0, j = 0, k = 0; i < SCRYPT_CNT; i += 8, j += 1, k += 2)
839 w0[0] = salt_buf0[0];
840 w0[1] = salt_buf0[1];
841 w0[2] = salt_buf0[2];
842 w0[3] = salt_buf0[3];
843 w1[0] = salt_buf1[0];
844 w1[1] = salt_buf1[1];
845 w1[2] = salt_buf1[2];
846 w1[3] = salt_buf1[3];
858 append[0] = swap32 (j + 1);
861 memcat8 (w0, w1, w2, w3, salt_len, append);
863 w0[0] = swap32 (w0[0]);
864 w0[1] = swap32 (w0[1]);
865 w0[2] = swap32 (w0[2]);
866 w0[3] = swap32 (w0[3]);
867 w1[0] = swap32 (w1[0]);
868 w1[1] = swap32 (w1[1]);
869 w1[2] = swap32 (w1[2]);
870 w1[3] = swap32 (w1[3]);
871 w2[0] = swap32 (w2[0]);
872 w2[1] = swap32 (w2[1]);
873 w2[2] = swap32 (w2[2]);
874 w2[3] = swap32 (w2[3]);
875 w3[0] = swap32 (w3[0]);
876 w3[1] = swap32 (w3[1]);
878 w3[3] = (64 + salt_len + 4) * 8;
882 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
884 const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]);
885 const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]);
887 barrier (CLK_GLOBAL_MEM_FENCE);
889 tmps[gid].P[k + 0] = tmp0;
890 tmps[gid].P[k + 1] = tmp1;
894 __kernel void m08900_loop (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV0_buf, __global uint4 *d_scryptV1_buf, __global uint4 *d_scryptV2_buf, __global uint4 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
896 const u32 gid = get_global_id (0);
898 if (gid >= gid_max) return;
906 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[z]);
908 scrypt_smix (X, T, d_scryptV0_buf, d_scryptV1_buf, d_scryptV2_buf, d_scryptV3_buf);
913 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[z] = swap32_4 (X[z]);
916 for (int i = STATE_CNT4; i < SCRYPT_CNT4; i += STATE_CNT4)
918 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[i + z]);
920 scrypt_smix (X, T, d_scryptV0_buf, d_scryptV1_buf, d_scryptV2_buf, d_scryptV3_buf);
922 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[i + z] = swap32_4 (X[z]);
927 __kernel void m08900_comp (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV0_buf, __global uint4 *d_scryptV1_buf, __global uint4 *d_scryptV2_buf, __global uint4 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
933 const u32 gid = get_global_id (0);
934 const u32 lid = get_local_id (0);
936 if (gid >= gid_max) return;
940 w0[0] = pws[gid].i[ 0];
941 w0[1] = pws[gid].i[ 1];
942 w0[2] = pws[gid].i[ 2];
943 w0[3] = pws[gid].i[ 3];
947 w1[0] = pws[gid].i[ 4];
948 w1[1] = pws[gid].i[ 5];
949 w1[2] = pws[gid].i[ 6];
950 w1[3] = pws[gid].i[ 7];
954 w2[0] = pws[gid].i[ 8];
955 w2[1] = pws[gid].i[ 9];
956 w2[2] = pws[gid].i[10];
957 w2[3] = pws[gid].i[11];
961 w3[0] = pws[gid].i[12];
962 w3[1] = pws[gid].i[13];
963 w3[2] = pws[gid].i[14];
964 w3[3] = pws[gid].i[15];
967 * 2nd pbkdf2, creates B
970 w0[0] = swap32 (w0[0]);
971 w0[1] = swap32 (w0[1]);
972 w0[2] = swap32 (w0[2]);
973 w0[3] = swap32 (w0[3]);
974 w1[0] = swap32 (w1[0]);
975 w1[1] = swap32 (w1[1]);
976 w1[2] = swap32 (w1[2]);
977 w1[3] = swap32 (w1[3]);
978 w2[0] = swap32 (w2[0]);
979 w2[1] = swap32 (w2[1]);
980 w2[2] = swap32 (w2[2]);
981 w2[3] = swap32 (w2[3]);
982 w3[0] = swap32 (w3[0]);
983 w3[1] = swap32 (w3[1]);
984 w3[2] = swap32 (w3[2]);
985 w3[3] = swap32 (w3[3]);
990 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
992 for (u32 l = 0; l < SCRYPT_CNT4; l += 4)
994 barrier (CLK_GLOBAL_MEM_FENCE);
998 tmp = tmps[gid].P[l + 0];
1005 tmp = tmps[gid].P[l + 1];
1012 tmp = tmps[gid].P[l + 2];
1019 tmp = tmps[gid].P[l + 3];
1026 sha256_transform (w0, w1, w2, w3, ipad);
1044 w3[3] = (64 + (SCRYPT_CNT * 4) + 4) * 8;
1048 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
1050 const u32 r0 = swap32 (digest[DGST_R0]);
1051 const u32 r1 = swap32 (digest[DGST_R1]);
1052 const u32 r2 = swap32 (digest[DGST_R2]);
1053 const u32 r3 = swap32 (digest[DGST_R3]);