0x1b000000, 0x36000000,
};
-static void AES256_ExpandKey (u32 *userkey, u32 *rek, __local u32 *s_te0, __local u32 *s_te1, __local u32 *s_te2, __local u32 *s_te3, __local u32 *s_te4)
+void AES256_ExpandKey (u32 *userkey, u32 *rek, __local u32 *s_te0, __local u32 *s_te1, __local u32 *s_te2, __local u32 *s_te3, __local u32 *s_te4)
{
rek[0] = userkey[0];
rek[1] = userkey[1];
}
}
-static void AES256_InvertKey (u32 *rdk, __local u32 *s_td0, __local u32 *s_td1, __local u32 *s_td2, __local u32 *s_td3, __local u32 *s_td4, __local u32 *s_te0, __local u32 *s_te1, __local u32 *s_te2, __local u32 *s_te3, __local u32 *s_te4)
+void AES256_InvertKey (u32 *rdk, __local u32 *s_td0, __local u32 *s_td1, __local u32 *s_td2, __local u32 *s_td3, __local u32 *s_td4, __local u32 *s_te0, __local u32 *s_te1, __local u32 *s_te2, __local u32 *s_te3, __local u32 *s_te4)
{
for (u32 i = 0, j = 56; i < j; i += 4, j -= 4)
{
}
}
-static void AES256_decrypt (const u32 *in, u32 *out, const u32 *rdk, __local u32 *s_td0, __local u32 *s_td1, __local u32 *s_td2, __local u32 *s_td3, __local u32 *s_td4)
+void AES256_decrypt (const u32 *in, u32 *out, const u32 *rdk, __local u32 *s_td0, __local u32 *s_td1, __local u32 *s_td2, __local u32 *s_td3, __local u32 *s_td4)
{
u32 s0 = in[0] ^ rdk[0];
u32 s1 = in[1] ^ rdk[1];
^ rdk[59];
}
-static void AES256_encrypt (const u32 *in, u32 *out, const u32 *rek, __local u32 *s_te0, __local u32 *s_te1, __local u32 *s_te2, __local u32 *s_te3, __local u32 *s_te4)
+void AES256_encrypt (const u32 *in, u32 *out, const u32 *rek, __local u32 *s_te0, __local u32 *s_te1, __local u32 *s_te2, __local u32 *s_te3, __local u32 *s_te4)
{
u32 s0 = in[0] ^ rek[0];
u32 s1 = in[1] ^ rek[1];
SHA256C3c, SHA256C3d, SHA256C3e, SHA256C3f,
};
-static void sha256_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[8])
+void sha256_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[8])
{
u32 a = digest[0];
u32 b = digest[1];
sha256_transform (w0, w1, w2, w3, digest);
- if (esalt_bufs[salt_pos].version == 2)
+ if (esalt_bufs[salt_pos].version == 2 && esalt_bufs[salt_pos].keyfile_len == 0)
{
w0[0] = digest[0];
w0[1] = digest[1];
sha256_transform (w0, w1, w2, w3, digest);
}
+ if (esalt_bufs[salt_pos].keyfile_len != 0)
+ {
+ w0[0] = digest[0];
+ w0[1] = digest[1];
+ w0[2] = digest[2];
+ w0[3] = digest[3];
+
+ w1[0] = digest[4];
+ w1[1] = digest[5];
+ w1[2] = digest[6];
+ w1[3] = digest[7];
+
+ w2[0] = esalt_bufs[salt_pos].keyfile[0];
+ w2[1] = esalt_bufs[salt_pos].keyfile[1];
+ w2[2] = esalt_bufs[salt_pos].keyfile[2];
+ w2[3] = esalt_bufs[salt_pos].keyfile[3];
+
+ w3[0] = esalt_bufs[salt_pos].keyfile[4];
+ w3[1] = esalt_bufs[salt_pos].keyfile[5];
+ w3[3] = esalt_bufs[salt_pos].keyfile[7];
+ w3[2] = esalt_bufs[salt_pos].keyfile[6];
+
+ digest[0] = SHA256M_A;
+ digest[1] = SHA256M_B;
+ digest[2] = SHA256M_C;
+ digest[3] = SHA256M_D;
+ digest[4] = SHA256M_E;
+ digest[5] = SHA256M_F;
+ digest[6] = SHA256M_G;
+ digest[7] = SHA256M_H;
+
+ sha256_transform (w0, w1, w2, w3, digest);
+
+ w0[0] = 0x80000000;
+ w0[1] = 0;
+ w0[2] = 0;
+ w0[3] = 0;
+
+ w1[0] = 0;
+ w1[1] = 0;
+ w1[2] = 0;
+ w1[3] = 0;
+
+ w2[0] = 0;
+ w2[1] = 0;
+ w2[2] = 0;
+ w2[3] = 0;
+
+ w3[0] = 0;
+ w3[1] = 0;
+ w3[2] = 0;
+ w3[3] = 64 * 8;
+
+ sha256_transform (w0, w1, w2, w3, digest);
+ }
+
tmps[gid].tmp_digest[0] = digest[0];
tmps[gid].tmp_digest[1] = digest[1];
tmps[gid].tmp_digest[2] = digest[2];
*/
/* Final AES part */
- __local u32 s_td0_final[256];
- __local u32 s_td1_final[256];
- __local u32 s_td2_final[256];
- __local u32 s_td3_final[256];
- __local u32 s_td4_final[256];
-
- __local u32 s_te0_final[256];
- __local u32 s_te1_final[256];
- __local u32 s_te2_final[256];
- __local u32 s_te3_final[256];
- __local u32 s_te4_final[256];
+ __local u32 s_td0[256];
+ __local u32 s_td1[256];
+ __local u32 s_td2[256];
+ __local u32 s_td3[256];
+ __local u32 s_td4[256];
+
+ __local u32 s_te0[256];
+ __local u32 s_te1[256];
+ __local u32 s_te2[256];
+ __local u32 s_te3[256];
+ __local u32 s_te4[256];
for (u32 i = lid; i < 256; i += lsz)
{
- s_td0_final[i] = td0[i];
- s_td1_final[i] = td1[i];
- s_td2_final[i] = td2[i];
- s_td3_final[i] = td3[i];
- s_td4_final[i] = td4[i];
-
- s_te0_final[i] = te0[i];
- s_te1_final[i] = te1[i];
- s_te2_final[i] = te2[i];
- s_te3_final[i] = te3[i];
- s_te4_final[i] = te4[i];
+ s_td0[i] = td0[i];
+ s_td1[i] = td1[i];
+ s_td2[i] = td2[i];
+ s_td3[i] = td3[i];
+ s_td4[i] = td4[i];
+
+ s_te0[i] = te0[i];
+ s_te1[i] = te1[i];
+ s_te2[i] = te2[i];
+ s_te3[i] = te3[i];
+ s_te4[i] = te4[i];
}
barrier (CLK_LOCAL_MEM_FENCE);
w0[1] = final_random_seed[1];
w0[2] = final_random_seed[2];
w0[3] = final_random_seed[3];
-
w1[0] = digest[0];
w1[1] = digest[1];
w1[2] = digest[2];
w1[3] = digest[3];
-
w2[0] = digest[4];
w2[1] = digest[5];
w2[2] = digest[6];
w2[3] = digest[7];
-
w3[0] = 0x80000000;
w3[1] = 0;
w3[2] = 0;
}
else
{
- /* merkle-demgard implementation */
+ /* merkle-damgard implementation */
u32 final_random_seed[8];
final_random_seed[0] = esalt_bufs[salt_pos].final_random_seed[0];
w0[1] = final_random_seed[1];
w0[2] = final_random_seed[2];
w0[3] = final_random_seed[3];
-
w1[0] = final_random_seed[4];
w1[1] = final_random_seed[5];
w1[2] = final_random_seed[6];
w1[3] = final_random_seed[7];
-
w2[0] = digest[0];
w2[1] = digest[1];
w2[2] = digest[2];
w2[3] = digest[3];
-
w3[0] = digest[4];
w3[1] = digest[5];
w3[2] = digest[6];
w0[1] = 0;
w0[2] = 0;
w0[3] = 0;
-
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
-
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
-
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
u32 final_rk[KEYLEN];
- AES256_ExpandKey (digest, final_rk, s_te0_final, s_te1_final, s_te2_final, s_te3_final, s_te4_final);
+ AES256_ExpandKey (digest, final_rk, s_te0, s_te1, s_te2, s_te3, s_te4);
- AES256_InvertKey (final_rk, s_td0_final, s_td1_final, s_td2_final, s_td3_final, s_td4_final, s_te0_final, s_te1_final, s_te2_final, s_te3_final, s_te4_final);
+ AES256_InvertKey (final_rk, s_td0, s_td1, s_td2, s_td3, s_td4, s_te0, s_te1, s_te2, s_te3, s_te4);
u32 wx[16];
u32 out[4];
- AES256_decrypt (data, out, final_rk, s_td0_final, s_td1_final, s_td2_final, s_td3_final, s_td4_final);
+ AES256_decrypt (data, out, final_rk, s_td0, s_td1, s_td2, s_td3, s_td4);
out[0] ^= iv[0];
out[1] ^= iv[1];
u32 out[4];
- AES256_decrypt (data, out, final_rk, s_td0_final, s_td1_final, s_td2_final, s_td3_final, s_td4_final);
+ AES256_decrypt (data, out, final_rk, s_td0, s_td1, s_td2, s_td3, s_td4);
out[0] ^= iv[0];
out[1] ^= iv[1];
u32 out[4];
- AES256_decrypt (data, out, final_rk, s_td0_final, s_td1_final, s_td2_final, s_td3_final, s_td4_final);
+ AES256_decrypt (data, out, final_rk, s_td0, s_td1, s_td2, s_td3, s_td4);
out[0] ^= iv[0];
out[1] ^= iv[1];
u32 final_rk[KEYLEN];
- AES256_ExpandKey (digest, final_rk, s_te0_final, s_te1_final, s_te2_final, s_te3_final, s_te4_final);
+ AES256_ExpandKey (digest, final_rk, s_te0, s_te1, s_te2, s_te3, s_te4);
- AES256_InvertKey (final_rk, s_td0_final, s_td1_final, s_td2_final, s_td3_final, s_td4_final, s_te0_final, s_te1_final, s_te2_final, s_te3_final, s_te4_final);
+ AES256_InvertKey (final_rk, s_td0, s_td1, s_td2, s_td3, s_td4, s_te0, s_te1, s_te2, s_te3, s_te4);
u32 contents_hash[4];
contents_hash[2] = esalt_bufs[salt_pos].contents_hash[2];
contents_hash[3] = esalt_bufs[salt_pos].contents_hash[3];
- AES256_decrypt (contents_hash, out, final_rk, s_td0_final, s_td1_final, s_td2_final, s_td3_final, s_td4_final);
+ AES256_decrypt (contents_hash, out, final_rk, s_td0, s_td1, s_td2, s_td3, s_td4);
out[0] ^= iv[0];
out[1] ^= iv[1];