2 * Author......: Jens Steube <jens.steube@gmail.com>
8 #include "inc_hash_constants.h"
9 #include "inc_vendor.cl"
16 #include "inc_hash_functions.cl"
17 #include "inc_types.cl"
18 #include "inc_common.cl"
20 #define COMPARE_S "inc_comp_single.cl"
21 #define COMPARE_M "inc_comp_multi.cl"
23 __constant u32 k_sha256[64] =
25 SHA256C00, SHA256C01, SHA256C02, SHA256C03,
26 SHA256C04, SHA256C05, SHA256C06, SHA256C07,
27 SHA256C08, SHA256C09, SHA256C0a, SHA256C0b,
28 SHA256C0c, SHA256C0d, SHA256C0e, SHA256C0f,
29 SHA256C10, SHA256C11, SHA256C12, SHA256C13,
30 SHA256C14, SHA256C15, SHA256C16, SHA256C17,
31 SHA256C18, SHA256C19, SHA256C1a, SHA256C1b,
32 SHA256C1c, SHA256C1d, SHA256C1e, SHA256C1f,
33 SHA256C20, SHA256C21, SHA256C22, SHA256C23,
34 SHA256C24, SHA256C25, SHA256C26, SHA256C27,
35 SHA256C28, SHA256C29, SHA256C2a, SHA256C2b,
36 SHA256C2c, SHA256C2d, SHA256C2e, SHA256C2f,
37 SHA256C30, SHA256C31, SHA256C32, SHA256C33,
38 SHA256C34, SHA256C35, SHA256C36, SHA256C37,
39 SHA256C38, SHA256C39, SHA256C3a, SHA256C3b,
40 SHA256C3c, SHA256C3d, SHA256C3e, SHA256C3f,
43 void sha256_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[8])
71 #define ROUND_EXPAND() \
73 w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); \
74 w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); \
75 w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); \
76 w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); \
77 w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); \
78 w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); \
79 w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); \
80 w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); \
81 w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); \
82 w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); \
83 wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); \
84 wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); \
85 wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); \
86 wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); \
87 we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); \
88 wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); \
91 #define ROUND_STEP(i) \
93 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, k_sha256[i + 0]); \
94 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, k_sha256[i + 1]); \
95 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, k_sha256[i + 2]); \
96 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, k_sha256[i + 3]); \
97 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, k_sha256[i + 4]); \
98 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, k_sha256[i + 5]); \
99 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, k_sha256[i + 6]); \
100 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, k_sha256[i + 7]); \
101 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, k_sha256[i + 8]); \
102 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, k_sha256[i + 9]); \
103 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, k_sha256[i + 10]); \
104 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, k_sha256[i + 11]); \
105 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, k_sha256[i + 12]); \
106 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, k_sha256[i + 13]); \
107 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, k_sha256[i + 14]); \
108 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, k_sha256[i + 15]); \
116 for (int i = 16; i < 64; i += 16)
118 ROUND_EXPAND (); ROUND_STEP (i);
131 void hmac_sha256_pad (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8])
133 w0[0] = w0[0] ^ 0x36363636;
134 w0[1] = w0[1] ^ 0x36363636;
135 w0[2] = w0[2] ^ 0x36363636;
136 w0[3] = w0[3] ^ 0x36363636;
137 w1[0] = w1[0] ^ 0x36363636;
138 w1[1] = w1[1] ^ 0x36363636;
139 w1[2] = w1[2] ^ 0x36363636;
140 w1[3] = w1[3] ^ 0x36363636;
141 w2[0] = w2[0] ^ 0x36363636;
142 w2[1] = w2[1] ^ 0x36363636;
143 w2[2] = w2[2] ^ 0x36363636;
144 w2[3] = w2[3] ^ 0x36363636;
145 w3[0] = w3[0] ^ 0x36363636;
146 w3[1] = w3[1] ^ 0x36363636;
147 w3[2] = w3[2] ^ 0x36363636;
148 w3[3] = w3[3] ^ 0x36363636;
159 sha256_transform (w0, w1, w2, w3, ipad);
161 w0[0] = w0[0] ^ 0x6a6a6a6a;
162 w0[1] = w0[1] ^ 0x6a6a6a6a;
163 w0[2] = w0[2] ^ 0x6a6a6a6a;
164 w0[3] = w0[3] ^ 0x6a6a6a6a;
165 w1[0] = w1[0] ^ 0x6a6a6a6a;
166 w1[1] = w1[1] ^ 0x6a6a6a6a;
167 w1[2] = w1[2] ^ 0x6a6a6a6a;
168 w1[3] = w1[3] ^ 0x6a6a6a6a;
169 w2[0] = w2[0] ^ 0x6a6a6a6a;
170 w2[1] = w2[1] ^ 0x6a6a6a6a;
171 w2[2] = w2[2] ^ 0x6a6a6a6a;
172 w2[3] = w2[3] ^ 0x6a6a6a6a;
173 w3[0] = w3[0] ^ 0x6a6a6a6a;
174 w3[1] = w3[1] ^ 0x6a6a6a6a;
175 w3[2] = w3[2] ^ 0x6a6a6a6a;
176 w3[3] = w3[3] ^ 0x6a6a6a6a;
187 sha256_transform (w0, w1, w2, w3, opad);
190 void hmac_sha256_run (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8], u32 digest[8])
201 sha256_transform (w0, w1, w2, w3, digest);
218 w3[3] = (64 + 32) * 8;
229 sha256_transform (w0, w1, w2, w3, digest);
232 void memcat8 (u32 block0[4], u32 block1[4], u32 block2[4], u32 block3[4], const u32 block_len, const u32 append[2])
237 block0[0] = append[0];
238 block0[1] = append[1];
242 block0[0] = block0[0] | append[0] << 8;
243 block0[1] = append[0] >> 24 | append[1] << 8;
244 block0[2] = append[1] >> 24;
248 block0[0] = block0[0] | append[0] << 16;
249 block0[1] = append[0] >> 16 | append[1] << 16;
250 block0[2] = append[1] >> 16;
254 block0[0] = block0[0] | append[0] << 24;
255 block0[1] = append[0] >> 8 | append[1] << 24;
256 block0[2] = append[1] >> 8;
260 block0[1] = append[0];
261 block0[2] = append[1];
265 block0[1] = block0[1] | append[0] << 8;
266 block0[2] = append[0] >> 24 | append[1] << 8;
267 block0[3] = append[1] >> 24;
271 block0[1] = block0[1] | append[0] << 16;
272 block0[2] = append[0] >> 16 | append[1] << 16;
273 block0[3] = append[1] >> 16;
277 block0[1] = block0[1] | append[0] << 24;
278 block0[2] = append[0] >> 8 | append[1] << 24;
279 block0[3] = append[1] >> 8;
283 block0[2] = append[0];
284 block0[3] = append[1];
288 block0[2] = block0[2] | append[0] << 8;
289 block0[3] = append[0] >> 24 | append[1] << 8;
290 block1[0] = append[1] >> 24;
294 block0[2] = block0[2] | append[0] << 16;
295 block0[3] = append[0] >> 16 | append[1] << 16;
296 block1[0] = append[1] >> 16;
300 block0[2] = block0[2] | append[0] << 24;
301 block0[3] = append[0] >> 8 | append[1] << 24;
302 block1[0] = append[1] >> 8;
306 block0[3] = append[0];
307 block1[0] = append[1];
311 block0[3] = block0[3] | append[0] << 8;
312 block1[0] = append[0] >> 24 | append[1] << 8;
313 block1[1] = append[1] >> 24;
317 block0[3] = block0[3] | append[0] << 16;
318 block1[0] = append[0] >> 16 | append[1] << 16;
319 block1[1] = append[1] >> 16;
323 block0[3] = block0[3] | append[0] << 24;
324 block1[0] = append[0] >> 8 | append[1] << 24;
325 block1[1] = append[1] >> 8;
329 block1[0] = append[0];
330 block1[1] = append[1];
334 block1[0] = block1[0] | append[0] << 8;
335 block1[1] = append[0] >> 24 | append[1] << 8;
336 block1[2] = append[1] >> 24;
340 block1[0] = block1[0] | append[0] << 16;
341 block1[1] = append[0] >> 16 | append[1] << 16;
342 block1[2] = append[1] >> 16;
346 block1[0] = block1[0] | append[0] << 24;
347 block1[1] = append[0] >> 8 | append[1] << 24;
348 block1[2] = append[1] >> 8;
352 block1[1] = append[0];
353 block1[2] = append[1];
357 block1[1] = block1[1] | append[0] << 8;
358 block1[2] = append[0] >> 24 | append[1] << 8;
359 block1[3] = append[1] >> 24;
363 block1[1] = block1[1] | append[0] << 16;
364 block1[2] = append[0] >> 16 | append[1] << 16;
365 block1[3] = append[1] >> 16;
369 block1[1] = block1[1] | append[0] << 24;
370 block1[2] = append[0] >> 8 | append[1] << 24;
371 block1[3] = append[1] >> 8;
375 block1[2] = append[0];
376 block1[3] = append[1];
380 block1[2] = block1[2] | append[0] << 8;
381 block1[3] = append[0] >> 24 | append[1] << 8;
382 block2[0] = append[1] >> 24;
386 block1[2] = block1[2] | append[0] << 16;
387 block1[3] = append[0] >> 16 | append[1] << 16;
388 block2[0] = append[1] >> 16;
392 block1[2] = block1[2] | append[0] << 24;
393 block1[3] = append[0] >> 8 | append[1] << 24;
394 block2[0] = append[1] >> 8;
398 block1[3] = append[0];
399 block2[0] = append[1];
403 block1[3] = block1[3] | append[0] << 8;
404 block2[0] = append[0] >> 24 | append[1] << 8;
405 block2[1] = append[1] >> 24;
409 block1[3] = block1[3] | append[0] << 16;
410 block2[0] = append[0] >> 16 | append[1] << 16;
411 block2[1] = append[1] >> 16;
415 block1[3] = block1[3] | append[0] << 24;
416 block2[0] = append[0] >> 8 | append[1] << 24;
417 block2[1] = append[1] >> 8;
421 block2[0] = append[0];
422 block2[1] = append[1];
426 block2[0] = block2[0] | append[0] << 8;
427 block2[1] = append[0] >> 24 | append[1] << 8;
428 block2[2] = append[1] >> 24;
432 block2[0] = block2[0] | append[0] << 16;
433 block2[1] = append[0] >> 16 | append[1] << 16;
434 block2[2] = append[1] >> 16;
438 block2[0] = block2[0] | append[0] << 24;
439 block2[1] = append[0] >> 8 | append[1] << 24;
440 block2[2] = append[1] >> 8;
444 block2[1] = append[0];
445 block2[2] = append[1];
449 block2[1] = block2[1] | append[0] << 8;
450 block2[2] = append[0] >> 24 | append[1] << 8;
451 block2[3] = append[1] >> 24;
455 block2[1] = block2[1] | append[0] << 16;
456 block2[2] = append[0] >> 16 | append[1] << 16;
457 block2[3] = append[1] >> 16;
461 block2[1] = block2[1] | append[0] << 24;
462 block2[2] = append[0] >> 8 | append[1] << 24;
463 block2[3] = append[1] >> 8;
467 block2[2] = append[0];
468 block2[3] = append[1];
472 block2[2] = block2[2] | append[0] << 8;
473 block2[3] = append[0] >> 24 | append[1] << 8;
474 block3[0] = append[1] >> 24;
478 block2[2] = block2[2] | append[0] << 16;
479 block2[3] = append[0] >> 16 | append[1] << 16;
480 block3[0] = append[1] >> 16;
484 block2[2] = block2[2] | append[0] << 24;
485 block2[3] = append[0] >> 8 | append[1] << 24;
486 block3[0] = append[1] >> 8;
490 block2[3] = append[0];
491 block3[0] = append[1];
495 block2[3] = block2[3] | append[0] << 8;
496 block3[0] = append[0] >> 24 | append[1] << 8;
497 block3[1] = append[1] >> 24;
501 block2[3] = block2[3] | append[0] << 16;
502 block3[0] = append[0] >> 16 | append[1] << 16;
503 block3[1] = append[1] >> 16;
507 block2[3] = block2[3] | append[0] << 24;
508 block3[0] = append[0] >> 8 | append[1] << 24;
509 block3[1] = append[1] >> 8;
513 block3[0] = append[0];
514 block3[1] = append[1];
518 block3[0] = block3[0] | append[0] << 8;
519 block3[1] = append[0] >> 24 | append[1] << 8;
520 block3[2] = append[1] >> 24;
524 block3[0] = block3[0] | append[0] << 16;
525 block3[1] = append[0] >> 16 | append[1] << 16;
526 block3[2] = append[1] >> 16;
530 block3[0] = block3[0] | append[0] << 24;
531 block3[1] = append[0] >> 8 | append[1] << 24;
532 block3[2] = append[1] >> 8;
536 block3[1] = append[0];
537 block3[2] = append[1];
541 block3[1] = block3[1] | append[0] << 8;
542 block3[2] = append[0] >> 24 | append[1] << 8;
543 block3[3] = append[1] >> 24;
547 block3[1] = block3[1] | append[0] << 16;
548 block3[2] = append[0] >> 16 | append[1] << 16;
549 block3[3] = append[1] >> 16;
553 block3[1] = block3[1] | append[0] << 24;
554 block3[2] = append[0] >> 8 | append[1] << 24;
555 block3[3] = append[1] >> 8;
559 block3[2] = append[0];
560 block3[3] = append[1];
565 uint4 swap32_4 (uint4 v)
567 return (rotate ((v & 0x00FF00FF), 24u) | rotate ((v & 0xFF00FF00), 8u));
570 #define GET_SCRYPT_CNT(r,p) (2 * (r) * 16 * (p))
571 #define GET_SMIX_CNT(r,N) (2 * (r) * 16 * (N))
572 #define GET_STATE_CNT(r) (2 * (r) * 16)
574 #define SCRYPT_CNT GET_SCRYPT_CNT (SCRYPT_R, SCRYPT_P)
575 #define SCRYPT_CNT4 (SCRYPT_CNT / 4)
576 #define STATE_CNT GET_STATE_CNT (SCRYPT_R)
577 #define STATE_CNT4 (STATE_CNT / 4)
579 #define ADD_ROTATE_XOR(r,i1,i2,s) (r) ^= rotate ((i1) + (i2), (s));
581 #define SALSA20_2R() \
583 ADD_ROTATE_XOR (X1, X0, X3, 7); \
584 ADD_ROTATE_XOR (X2, X1, X0, 9); \
585 ADD_ROTATE_XOR (X3, X2, X1, 13); \
586 ADD_ROTATE_XOR (X0, X3, X2, 18); \
592 ADD_ROTATE_XOR (X3, X0, X1, 7); \
593 ADD_ROTATE_XOR (X2, X3, X0, 9); \
594 ADD_ROTATE_XOR (X1, X2, X3, 13); \
595 ADD_ROTATE_XOR (X0, X1, X2, 18); \
602 #define SALSA20_8_XOR() \
625 void salsa_r (uint4 *TI)
627 uint4 R0 = TI[STATE_CNT4 - 4];
628 uint4 R1 = TI[STATE_CNT4 - 3];
629 uint4 R2 = TI[STATE_CNT4 - 2];
630 uint4 R3 = TI[STATE_CNT4 - 1];
632 uint4 TO[STATE_CNT4];
636 int idx_r2 = SCRYPT_R * 4;
638 for (int i = 0; i < SCRYPT_R; i++)
671 for (int i = 0; i < STATE_CNT4; i++)
677 void scrypt_smix (uint4 *X, uint4 *T, const u32 phy, __global uint4 *V)
679 #define Coord(x,y,z) (((x) * zSIZE) + ((y) * zSIZE * xSIZE) + (z))
680 #define CO Coord(x,y,z)
682 const u32 xSIZE = phy;
683 const u32 ySIZE = SCRYPT_N / SCRYPT_TMTO;
684 const u32 zSIZE = STATE_CNT4;
686 const u32 gid = get_global_id (0);
688 const u32 x = gid % xSIZE;
693 for (u32 i = 0; i < STATE_CNT4; i += 4)
695 T[0] = (uint4) (X[i + 0].x, X[i + 1].y, X[i + 2].z, X[i + 3].w);
696 T[1] = (uint4) (X[i + 1].x, X[i + 2].y, X[i + 3].z, X[i + 0].w);
697 T[2] = (uint4) (X[i + 2].x, X[i + 3].y, X[i + 0].z, X[i + 1].w);
698 T[3] = (uint4) (X[i + 3].x, X[i + 0].y, X[i + 1].z, X[i + 2].w);
706 for (u32 y = 0; y < ySIZE; y++)
708 for (u32 z = 0; z < zSIZE; z++) V[CO] = X[z];
710 for (u32 i = 0; i < SCRYPT_TMTO; i++) salsa_r (X);
713 for (u32 i = 0; i < SCRYPT_N; i++)
715 const u32 k = X[zSIZE - 4].x & (SCRYPT_N - 1);
717 const u32 y = k / SCRYPT_TMTO;
719 const u32 km = k - (y * SCRYPT_TMTO);
721 for (u32 z = 0; z < zSIZE; z++) T[z] = V[CO];
723 for (u32 i = 0; i < km; i++) salsa_r (T);
725 for (u32 z = 0; z < zSIZE; z++) X[z] ^= T[z];
733 for (u32 i = 0; i < STATE_CNT4; i += 4)
735 T[0] = (uint4) (X[i + 0].x, X[i + 3].y, X[i + 2].z, X[i + 1].w);
736 T[1] = (uint4) (X[i + 1].x, X[i + 0].y, X[i + 3].z, X[i + 2].w);
737 T[2] = (uint4) (X[i + 2].x, X[i + 1].y, X[i + 0].z, X[i + 3].w);
738 T[3] = (uint4) (X[i + 3].x, X[i + 2].y, X[i + 1].z, X[i + 0].w);
747 __kernel void m08900_init (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
753 const u32 gid = get_global_id (0);
755 if (gid >= gid_max) return;
759 w0[0] = pws[gid].i[ 0];
760 w0[1] = pws[gid].i[ 1];
761 w0[2] = pws[gid].i[ 2];
762 w0[3] = pws[gid].i[ 3];
766 w1[0] = pws[gid].i[ 4];
767 w1[1] = pws[gid].i[ 5];
768 w1[2] = pws[gid].i[ 6];
769 w1[3] = pws[gid].i[ 7];
773 w2[0] = pws[gid].i[ 8];
774 w2[1] = pws[gid].i[ 9];
775 w2[2] = pws[gid].i[10];
776 w2[3] = pws[gid].i[11];
780 w3[0] = pws[gid].i[12];
781 w3[1] = pws[gid].i[13];
782 w3[2] = pws[gid].i[14];
783 w3[3] = pws[gid].i[15];
791 salt_buf0[0] = salt_bufs[salt_pos].salt_buf[0];
792 salt_buf0[1] = salt_bufs[salt_pos].salt_buf[1];
793 salt_buf0[2] = salt_bufs[salt_pos].salt_buf[2];
794 salt_buf0[3] = salt_bufs[salt_pos].salt_buf[3];
798 salt_buf1[0] = salt_bufs[salt_pos].salt_buf[4];
799 salt_buf1[1] = salt_bufs[salt_pos].salt_buf[5];
800 salt_buf1[2] = salt_bufs[salt_pos].salt_buf[6];
801 salt_buf1[3] = salt_bufs[salt_pos].salt_buf[7];
803 const u32 salt_len = salt_bufs[salt_pos].salt_len;
806 * 1st pbkdf2, creates B
809 w0[0] = swap32 (w0[0]);
810 w0[1] = swap32 (w0[1]);
811 w0[2] = swap32 (w0[2]);
812 w0[3] = swap32 (w0[3]);
813 w1[0] = swap32 (w1[0]);
814 w1[1] = swap32 (w1[1]);
815 w1[2] = swap32 (w1[2]);
816 w1[3] = swap32 (w1[3]);
817 w2[0] = swap32 (w2[0]);
818 w2[1] = swap32 (w2[1]);
819 w2[2] = swap32 (w2[2]);
820 w2[3] = swap32 (w2[3]);
821 w3[0] = swap32 (w3[0]);
822 w3[1] = swap32 (w3[1]);
823 w3[2] = swap32 (w3[2]);
824 w3[3] = swap32 (w3[3]);
829 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
831 for (u32 i = 0, j = 0, k = 0; i < SCRYPT_CNT; i += 8, j += 1, k += 2)
833 w0[0] = salt_buf0[0];
834 w0[1] = salt_buf0[1];
835 w0[2] = salt_buf0[2];
836 w0[3] = salt_buf0[3];
837 w1[0] = salt_buf1[0];
838 w1[1] = salt_buf1[1];
839 w1[2] = salt_buf1[2];
840 w1[3] = salt_buf1[3];
852 append[0] = swap32 (j + 1);
855 memcat8 (w0, w1, w2, w3, salt_len, append);
857 w0[0] = swap32 (w0[0]);
858 w0[1] = swap32 (w0[1]);
859 w0[2] = swap32 (w0[2]);
860 w0[3] = swap32 (w0[3]);
861 w1[0] = swap32 (w1[0]);
862 w1[1] = swap32 (w1[1]);
863 w1[2] = swap32 (w1[2]);
864 w1[3] = swap32 (w1[3]);
865 w2[0] = swap32 (w2[0]);
866 w2[1] = swap32 (w2[1]);
867 w2[2] = swap32 (w2[2]);
868 w2[3] = swap32 (w2[3]);
869 w3[0] = swap32 (w3[0]);
870 w3[1] = swap32 (w3[1]);
872 w3[3] = (64 + salt_len + 4) * 8;
876 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
878 const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]);
879 const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]);
881 barrier (CLK_GLOBAL_MEM_FENCE);
883 tmps[gid].P[k + 0] = tmp0;
884 tmps[gid].P[k + 1] = tmp1;
888 __kernel void m08900_loop (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
890 const u32 gid = get_global_id (0);
892 if (gid >= gid_max) return;
894 const u32 scrypt_phy = salt_bufs[salt_pos].scrypt_phy;
902 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[z]);
904 scrypt_smix (X, T, scrypt_phy, d_scryptV_buf);
909 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[z] = swap32_4 (X[z]);
912 for (int i = STATE_CNT4; i < SCRYPT_CNT4; i += STATE_CNT4)
914 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[i + z]);
916 scrypt_smix (X, T, scrypt_phy, d_scryptV_buf);
918 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[i + z] = swap32_4 (X[z]);
923 __kernel void m08900_comp (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
929 const u32 gid = get_global_id (0);
930 const u32 lid = get_local_id (0);
932 if (gid >= gid_max) return;
936 w0[0] = pws[gid].i[ 0];
937 w0[1] = pws[gid].i[ 1];
938 w0[2] = pws[gid].i[ 2];
939 w0[3] = pws[gid].i[ 3];
943 w1[0] = pws[gid].i[ 4];
944 w1[1] = pws[gid].i[ 5];
945 w1[2] = pws[gid].i[ 6];
946 w1[3] = pws[gid].i[ 7];
950 w2[0] = pws[gid].i[ 8];
951 w2[1] = pws[gid].i[ 9];
952 w2[2] = pws[gid].i[10];
953 w2[3] = pws[gid].i[11];
957 w3[0] = pws[gid].i[12];
958 w3[1] = pws[gid].i[13];
959 w3[2] = pws[gid].i[14];
960 w3[3] = pws[gid].i[15];
963 * 2nd pbkdf2, creates B
966 w0[0] = swap32 (w0[0]);
967 w0[1] = swap32 (w0[1]);
968 w0[2] = swap32 (w0[2]);
969 w0[3] = swap32 (w0[3]);
970 w1[0] = swap32 (w1[0]);
971 w1[1] = swap32 (w1[1]);
972 w1[2] = swap32 (w1[2]);
973 w1[3] = swap32 (w1[3]);
974 w2[0] = swap32 (w2[0]);
975 w2[1] = swap32 (w2[1]);
976 w2[2] = swap32 (w2[2]);
977 w2[3] = swap32 (w2[3]);
978 w3[0] = swap32 (w3[0]);
979 w3[1] = swap32 (w3[1]);
980 w3[2] = swap32 (w3[2]);
981 w3[3] = swap32 (w3[3]);
986 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
988 for (u32 l = 0; l < SCRYPT_CNT4; l += 4)
990 barrier (CLK_GLOBAL_MEM_FENCE);
994 tmp = tmps[gid].P[l + 0];
1001 tmp = tmps[gid].P[l + 1];
1008 tmp = tmps[gid].P[l + 2];
1015 tmp = tmps[gid].P[l + 3];
1022 sha256_transform (w0, w1, w2, w3, ipad);
1040 w3[3] = (64 + (SCRYPT_CNT * 4) + 4) * 8;
1044 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
1046 const u32 r0 = swap32 (digest[DGST_R0]);
1047 const u32 r1 = swap32 (digest[DGST_R1]);
1048 const u32 r2 = swap32 (digest[DGST_R2]);
1049 const u32 r3 = swap32 (digest[DGST_R3]);
projects / hashcat.git / blob