2 * Author......: Jens Steube <jens.steube@gmail.com>
8 #include "include/constants.h"
9 #include "include/kernel_vendor.h"
16 #include "include/kernel_functions.c"
17 #include "OpenCL/types_ocl.c"
18 #include "OpenCL/common.c"
20 #define COMPARE_S "OpenCL/check_single_comp4.c"
21 #define COMPARE_M "OpenCL/check_multi_comp4.c"
23 __constant u32 k_sha256[64] =
25 SHA256C00, SHA256C01, SHA256C02, SHA256C03,
26 SHA256C04, SHA256C05, SHA256C06, SHA256C07,
27 SHA256C08, SHA256C09, SHA256C0a, SHA256C0b,
28 SHA256C0c, SHA256C0d, SHA256C0e, SHA256C0f,
29 SHA256C10, SHA256C11, SHA256C12, SHA256C13,
30 SHA256C14, SHA256C15, SHA256C16, SHA256C17,
31 SHA256C18, SHA256C19, SHA256C1a, SHA256C1b,
32 SHA256C1c, SHA256C1d, SHA256C1e, SHA256C1f,
33 SHA256C20, SHA256C21, SHA256C22, SHA256C23,
34 SHA256C24, SHA256C25, SHA256C26, SHA256C27,
35 SHA256C28, SHA256C29, SHA256C2a, SHA256C2b,
36 SHA256C2c, SHA256C2d, SHA256C2e, SHA256C2f,
37 SHA256C30, SHA256C31, SHA256C32, SHA256C33,
38 SHA256C34, SHA256C35, SHA256C36, SHA256C37,
39 SHA256C38, SHA256C39, SHA256C3a, SHA256C3b,
40 SHA256C3c, SHA256C3d, SHA256C3e, SHA256C3f,
43 void sha256_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[8])
71 #define ROUND_EXPAND() \
73 w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); \
74 w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); \
75 w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); \
76 w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); \
77 w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); \
78 w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); \
79 w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); \
80 w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); \
81 w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); \
82 w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); \
83 wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); \
84 wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); \
85 wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); \
86 wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); \
87 we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); \
88 wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); \
91 #define ROUND_STEP(i) \
93 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, k_sha256[i + 0]); \
94 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, k_sha256[i + 1]); \
95 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, k_sha256[i + 2]); \
96 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, k_sha256[i + 3]); \
97 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, k_sha256[i + 4]); \
98 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, k_sha256[i + 5]); \
99 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, k_sha256[i + 6]); \
100 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, k_sha256[i + 7]); \
101 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, k_sha256[i + 8]); \
102 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, k_sha256[i + 9]); \
103 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, k_sha256[i + 10]); \
104 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, k_sha256[i + 11]); \
105 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, k_sha256[i + 12]); \
106 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, k_sha256[i + 13]); \
107 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, k_sha256[i + 14]); \
108 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, k_sha256[i + 15]); \
114 for (int i = 16; i < 64; i += 16)
116 ROUND_EXPAND (); ROUND_STEP (i);
129 void hmac_sha256_pad (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8])
131 w0[0] = w0[0] ^ 0x36363636;
132 w0[1] = w0[1] ^ 0x36363636;
133 w0[2] = w0[2] ^ 0x36363636;
134 w0[3] = w0[3] ^ 0x36363636;
135 w1[0] = w1[0] ^ 0x36363636;
136 w1[1] = w1[1] ^ 0x36363636;
137 w1[2] = w1[2] ^ 0x36363636;
138 w1[3] = w1[3] ^ 0x36363636;
139 w2[0] = w2[0] ^ 0x36363636;
140 w2[1] = w2[1] ^ 0x36363636;
141 w2[2] = w2[2] ^ 0x36363636;
142 w2[3] = w2[3] ^ 0x36363636;
143 w3[0] = w3[0] ^ 0x36363636;
144 w3[1] = w3[1] ^ 0x36363636;
145 w3[2] = w3[2] ^ 0x36363636;
146 w3[3] = w3[3] ^ 0x36363636;
157 sha256_transform (w0, w1, w2, w3, ipad);
159 w0[0] = w0[0] ^ 0x6a6a6a6a;
160 w0[1] = w0[1] ^ 0x6a6a6a6a;
161 w0[2] = w0[2] ^ 0x6a6a6a6a;
162 w0[3] = w0[3] ^ 0x6a6a6a6a;
163 w1[0] = w1[0] ^ 0x6a6a6a6a;
164 w1[1] = w1[1] ^ 0x6a6a6a6a;
165 w1[2] = w1[2] ^ 0x6a6a6a6a;
166 w1[3] = w1[3] ^ 0x6a6a6a6a;
167 w2[0] = w2[0] ^ 0x6a6a6a6a;
168 w2[1] = w2[1] ^ 0x6a6a6a6a;
169 w2[2] = w2[2] ^ 0x6a6a6a6a;
170 w2[3] = w2[3] ^ 0x6a6a6a6a;
171 w3[0] = w3[0] ^ 0x6a6a6a6a;
172 w3[1] = w3[1] ^ 0x6a6a6a6a;
173 w3[2] = w3[2] ^ 0x6a6a6a6a;
174 w3[3] = w3[3] ^ 0x6a6a6a6a;
185 sha256_transform (w0, w1, w2, w3, opad);
188 void hmac_sha256_run (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8], u32 digest[8])
199 sha256_transform (w0, w1, w2, w3, digest);
216 w3[3] = (64 + 32) * 8;
227 sha256_transform (w0, w1, w2, w3, digest);
230 void memcat8 (u32 block0[4], u32 block1[4], u32 block2[4], u32 block3[4], const u32 block_len, const u32 append[2])
235 block0[0] = append[0];
236 block0[1] = append[1];
240 block0[0] = block0[0] | append[0] << 8;
241 block0[1] = append[0] >> 24 | append[1] << 8;
242 block0[2] = append[1] >> 24;
246 block0[0] = block0[0] | append[0] << 16;
247 block0[1] = append[0] >> 16 | append[1] << 16;
248 block0[2] = append[1] >> 16;
252 block0[0] = block0[0] | append[0] << 24;
253 block0[1] = append[0] >> 8 | append[1] << 24;
254 block0[2] = append[1] >> 8;
258 block0[1] = append[0];
259 block0[2] = append[1];
263 block0[1] = block0[1] | append[0] << 8;
264 block0[2] = append[0] >> 24 | append[1] << 8;
265 block0[3] = append[1] >> 24;
269 block0[1] = block0[1] | append[0] << 16;
270 block0[2] = append[0] >> 16 | append[1] << 16;
271 block0[3] = append[1] >> 16;
275 block0[1] = block0[1] | append[0] << 24;
276 block0[2] = append[0] >> 8 | append[1] << 24;
277 block0[3] = append[1] >> 8;
281 block0[2] = append[0];
282 block0[3] = append[1];
286 block0[2] = block0[2] | append[0] << 8;
287 block0[3] = append[0] >> 24 | append[1] << 8;
288 block1[0] = append[1] >> 24;
292 block0[2] = block0[2] | append[0] << 16;
293 block0[3] = append[0] >> 16 | append[1] << 16;
294 block1[0] = append[1] >> 16;
298 block0[2] = block0[2] | append[0] << 24;
299 block0[3] = append[0] >> 8 | append[1] << 24;
300 block1[0] = append[1] >> 8;
304 block0[3] = append[0];
305 block1[0] = append[1];
309 block0[3] = block0[3] | append[0] << 8;
310 block1[0] = append[0] >> 24 | append[1] << 8;
311 block1[1] = append[1] >> 24;
315 block0[3] = block0[3] | append[0] << 16;
316 block1[0] = append[0] >> 16 | append[1] << 16;
317 block1[1] = append[1] >> 16;
321 block0[3] = block0[3] | append[0] << 24;
322 block1[0] = append[0] >> 8 | append[1] << 24;
323 block1[1] = append[1] >> 8;
327 block1[0] = append[0];
328 block1[1] = append[1];
332 block1[0] = block1[0] | append[0] << 8;
333 block1[1] = append[0] >> 24 | append[1] << 8;
334 block1[2] = append[1] >> 24;
338 block1[0] = block1[0] | append[0] << 16;
339 block1[1] = append[0] >> 16 | append[1] << 16;
340 block1[2] = append[1] >> 16;
344 block1[0] = block1[0] | append[0] << 24;
345 block1[1] = append[0] >> 8 | append[1] << 24;
346 block1[2] = append[1] >> 8;
350 block1[1] = append[0];
351 block1[2] = append[1];
355 block1[1] = block1[1] | append[0] << 8;
356 block1[2] = append[0] >> 24 | append[1] << 8;
357 block1[3] = append[1] >> 24;
361 block1[1] = block1[1] | append[0] << 16;
362 block1[2] = append[0] >> 16 | append[1] << 16;
363 block1[3] = append[1] >> 16;
367 block1[1] = block1[1] | append[0] << 24;
368 block1[2] = append[0] >> 8 | append[1] << 24;
369 block1[3] = append[1] >> 8;
373 block1[2] = append[0];
374 block1[3] = append[1];
378 block1[2] = block1[2] | append[0] << 8;
379 block1[3] = append[0] >> 24 | append[1] << 8;
380 block2[0] = append[1] >> 24;
384 block1[2] = block1[2] | append[0] << 16;
385 block1[3] = append[0] >> 16 | append[1] << 16;
386 block2[0] = append[1] >> 16;
390 block1[2] = block1[2] | append[0] << 24;
391 block1[3] = append[0] >> 8 | append[1] << 24;
392 block2[0] = append[1] >> 8;
396 block1[3] = append[0];
397 block2[0] = append[1];
401 block1[3] = block1[3] | append[0] << 8;
402 block2[0] = append[0] >> 24 | append[1] << 8;
403 block2[1] = append[1] >> 24;
407 block1[3] = block1[3] | append[0] << 16;
408 block2[0] = append[0] >> 16 | append[1] << 16;
409 block2[1] = append[1] >> 16;
413 block1[3] = block1[3] | append[0] << 24;
414 block2[0] = append[0] >> 8 | append[1] << 24;
415 block2[1] = append[1] >> 8;
419 block2[0] = append[0];
420 block2[1] = append[1];
424 block2[0] = block2[0] | append[0] << 8;
425 block2[1] = append[0] >> 24 | append[1] << 8;
426 block2[2] = append[1] >> 24;
430 block2[0] = block2[0] | append[0] << 16;
431 block2[1] = append[0] >> 16 | append[1] << 16;
432 block2[2] = append[1] >> 16;
436 block2[0] = block2[0] | append[0] << 24;
437 block2[1] = append[0] >> 8 | append[1] << 24;
438 block2[2] = append[1] >> 8;
442 block2[1] = append[0];
443 block2[2] = append[1];
447 block2[1] = block2[1] | append[0] << 8;
448 block2[2] = append[0] >> 24 | append[1] << 8;
449 block2[3] = append[1] >> 24;
453 block2[1] = block2[1] | append[0] << 16;
454 block2[2] = append[0] >> 16 | append[1] << 16;
455 block2[3] = append[1] >> 16;
459 block2[1] = block2[1] | append[0] << 24;
460 block2[2] = append[0] >> 8 | append[1] << 24;
461 block2[3] = append[1] >> 8;
465 block2[2] = append[0];
466 block2[3] = append[1];
470 block2[2] = block2[2] | append[0] << 8;
471 block2[3] = append[0] >> 24 | append[1] << 8;
472 block3[0] = append[1] >> 24;
476 block2[2] = block2[2] | append[0] << 16;
477 block2[3] = append[0] >> 16 | append[1] << 16;
478 block3[0] = append[1] >> 16;
482 block2[2] = block2[2] | append[0] << 24;
483 block2[3] = append[0] >> 8 | append[1] << 24;
484 block3[0] = append[1] >> 8;
488 block2[3] = append[0];
489 block3[0] = append[1];
493 block2[3] = block2[3] | append[0] << 8;
494 block3[0] = append[0] >> 24 | append[1] << 8;
495 block3[1] = append[1] >> 24;
499 block2[3] = block2[3] | append[0] << 16;
500 block3[0] = append[0] >> 16 | append[1] << 16;
501 block3[1] = append[1] >> 16;
505 block2[3] = block2[3] | append[0] << 24;
506 block3[0] = append[0] >> 8 | append[1] << 24;
507 block3[1] = append[1] >> 8;
511 block3[0] = append[0];
512 block3[1] = append[1];
516 block3[0] = block3[0] | append[0] << 8;
517 block3[1] = append[0] >> 24 | append[1] << 8;
518 block3[2] = append[1] >> 24;
522 block3[0] = block3[0] | append[0] << 16;
523 block3[1] = append[0] >> 16 | append[1] << 16;
524 block3[2] = append[1] >> 16;
528 block3[0] = block3[0] | append[0] << 24;
529 block3[1] = append[0] >> 8 | append[1] << 24;
530 block3[2] = append[1] >> 8;
534 block3[1] = append[0];
535 block3[2] = append[1];
539 block3[1] = block3[1] | append[0] << 8;
540 block3[2] = append[0] >> 24 | append[1] << 8;
541 block3[3] = append[1] >> 24;
545 block3[1] = block3[1] | append[0] << 16;
546 block3[2] = append[0] >> 16 | append[1] << 16;
547 block3[3] = append[1] >> 16;
551 block3[1] = block3[1] | append[0] << 24;
552 block3[2] = append[0] >> 8 | append[1] << 24;
553 block3[3] = append[1] >> 8;
557 block3[2] = append[0];
558 block3[3] = append[1];
563 uint4 swap32_4 (uint4 v)
565 return (rotate ((v & 0x00FF00FF), 24u) | rotate ((v & 0xFF00FF00), 8u));
568 #define GET_SCRYPT_CNT(r,p) (2 * (r) * 16 * (p))
569 #define GET_SMIX_CNT(r,N) (2 * (r) * 16 * (N))
570 #define GET_STATE_CNT(r) (2 * (r) * 16)
572 #define SCRYPT_CNT GET_SCRYPT_CNT (SCRYPT_R, SCRYPT_P)
573 #define SCRYPT_CNT4 (SCRYPT_CNT / 4)
574 #define STATE_CNT GET_STATE_CNT (SCRYPT_R)
575 #define STATE_CNT4 (STATE_CNT / 4)
577 #define ADD_ROTATE_XOR(r,i1,i2,s) (r) ^= rotate ((i1) + (i2), (s));
579 #define SALSA20_2R() \
581 ADD_ROTATE_XOR (X1, X0, X3, 7); \
582 ADD_ROTATE_XOR (X2, X1, X0, 9); \
583 ADD_ROTATE_XOR (X3, X2, X1, 13); \
584 ADD_ROTATE_XOR (X0, X3, X2, 18); \
590 ADD_ROTATE_XOR (X3, X0, X1, 7); \
591 ADD_ROTATE_XOR (X2, X3, X0, 9); \
592 ADD_ROTATE_XOR (X1, X2, X3, 13); \
593 ADD_ROTATE_XOR (X0, X1, X2, 18); \
600 #define SALSA20_8_XOR() \
623 void salsa_r (uint4 *T)
625 uint4 R0 = T[STATE_CNT4 - 4];
626 uint4 R1 = T[STATE_CNT4 - 3];
627 uint4 R2 = T[STATE_CNT4 - 2];
628 uint4 R3 = T[STATE_CNT4 - 1];
630 for (u32 i = 0; i < STATE_CNT4; i += 8)
662 #define exchg(x,y) { const uint4 t = T[(x)]; T[(x)] = T[(y)]; T[(y)] = t; }
664 #define exchg4(x,y) \
666 const u32 x4 = (x) * 4; \
667 const u32 y4 = (y) * 4; \
669 exchg (x4 + 0, y4 + 0); \
670 exchg (x4 + 1, y4 + 1); \
671 exchg (x4 + 2, y4 + 2); \
672 exchg (x4 + 3, y4 + 3); \
675 for (u32 i = 1; i < SCRYPT_R / 1; i++)
683 for (u32 i = 1; i < SCRYPT_R / 2; i++)
688 const u32 xr1 = (SCRYPT_R * 2) - 1 - x;
689 const u32 yr1 = (SCRYPT_R * 2) - 1 - y;
695 void scrypt_smix (uint4 *X, uint4 *T, const u32 phy, __global uint4 *V)
697 #define Coord(x,y,z) (((x) * zSIZE) + ((y) * zSIZE * xSIZE) + (z))
698 #define CO Coord(x,y,z)
700 const u32 xSIZE = phy;
701 const u32 ySIZE = SCRYPT_N / SCRYPT_TMTO;
702 const u32 zSIZE = STATE_CNT4;
704 const u32 gid = get_global_id (0);
706 const u32 x = gid % xSIZE;
709 for (u32 i = 0; i < STATE_CNT4; i += 4)
711 T[0] = (uint4) (X[i + 0].x, X[i + 1].y, X[i + 2].z, X[i + 3].w);
712 T[1] = (uint4) (X[i + 1].x, X[i + 2].y, X[i + 3].z, X[i + 0].w);
713 T[2] = (uint4) (X[i + 2].x, X[i + 3].y, X[i + 0].z, X[i + 1].w);
714 T[3] = (uint4) (X[i + 3].x, X[i + 0].y, X[i + 1].z, X[i + 2].w);
722 for (u32 y = 0; y < ySIZE; y++)
724 for (u32 z = 0; z < zSIZE; z++) V[CO] = X[z];
726 for (u32 i = 0; i < SCRYPT_TMTO; i++) salsa_r (X);
729 for (u32 i = 0; i < SCRYPT_N; i++)
731 const u32 k = X[zSIZE - 4].x & (SCRYPT_N - 1);
733 const u32 y = k / SCRYPT_TMTO;
735 const u32 km = k - (y * SCRYPT_TMTO);
737 for (u32 z = 0; z < zSIZE; z++) T[z] = V[CO];
739 for (u32 i = 0; i < km; i++) salsa_r (T);
741 for (u32 z = 0; z < zSIZE; z++) X[z] ^= T[z];
747 for (u32 i = 0; i < STATE_CNT4; i += 4)
749 T[0] = (uint4) (X[i + 0].x, X[i + 3].y, X[i + 2].z, X[i + 1].w);
750 T[1] = (uint4) (X[i + 1].x, X[i + 0].y, X[i + 3].z, X[i + 2].w);
751 T[2] = (uint4) (X[i + 2].x, X[i + 1].y, X[i + 0].z, X[i + 3].w);
752 T[3] = (uint4) (X[i + 3].x, X[i + 2].y, X[i + 1].z, X[i + 0].w);
761 __kernel void m08900_init (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
767 const u32 gid = get_global_id (0);
769 if (gid >= gid_max) return;
773 w0[0] = pws[gid].i[ 0];
774 w0[1] = pws[gid].i[ 1];
775 w0[2] = pws[gid].i[ 2];
776 w0[3] = pws[gid].i[ 3];
780 w1[0] = pws[gid].i[ 4];
781 w1[1] = pws[gid].i[ 5];
782 w1[2] = pws[gid].i[ 6];
783 w1[3] = pws[gid].i[ 7];
787 w2[0] = pws[gid].i[ 8];
788 w2[1] = pws[gid].i[ 9];
789 w2[2] = pws[gid].i[10];
790 w2[3] = pws[gid].i[11];
794 w3[0] = pws[gid].i[12];
795 w3[1] = pws[gid].i[13];
796 w3[2] = pws[gid].i[14];
797 w3[3] = pws[gid].i[15];
805 salt_buf0[0] = salt_bufs[salt_pos].salt_buf[0];
806 salt_buf0[1] = salt_bufs[salt_pos].salt_buf[1];
807 salt_buf0[2] = salt_bufs[salt_pos].salt_buf[2];
808 salt_buf0[3] = salt_bufs[salt_pos].salt_buf[3];
812 salt_buf1[0] = salt_bufs[salt_pos].salt_buf[4];
813 salt_buf1[1] = salt_bufs[salt_pos].salt_buf[5];
814 salt_buf1[2] = salt_bufs[salt_pos].salt_buf[6];
815 salt_buf1[3] = salt_bufs[salt_pos].salt_buf[7];
817 const u32 salt_len = salt_bufs[salt_pos].salt_len;
820 * 1st pbkdf2, creates B
823 w0[0] = swap32 (w0[0]);
824 w0[1] = swap32 (w0[1]);
825 w0[2] = swap32 (w0[2]);
826 w0[3] = swap32 (w0[3]);
827 w1[0] = swap32 (w1[0]);
828 w1[1] = swap32 (w1[1]);
829 w1[2] = swap32 (w1[2]);
830 w1[3] = swap32 (w1[3]);
831 w2[0] = swap32 (w2[0]);
832 w2[1] = swap32 (w2[1]);
833 w2[2] = swap32 (w2[2]);
834 w2[3] = swap32 (w2[3]);
835 w3[0] = swap32 (w3[0]);
836 w3[1] = swap32 (w3[1]);
837 w3[2] = swap32 (w3[2]);
838 w3[3] = swap32 (w3[3]);
843 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
845 for (u32 i = 0, j = 0, k = 0; i < SCRYPT_CNT; i += 8, j += 1, k += 2)
847 w0[0] = salt_buf0[0];
848 w0[1] = salt_buf0[1];
849 w0[2] = salt_buf0[2];
850 w0[3] = salt_buf0[3];
851 w1[0] = salt_buf1[0];
852 w1[1] = salt_buf1[1];
853 w1[2] = salt_buf1[2];
854 w1[3] = salt_buf1[3];
866 append[0] = swap32 (j + 1);
869 memcat8 (w0, w1, w2, w3, salt_len, append);
871 w0[0] = swap32 (w0[0]);
872 w0[1] = swap32 (w0[1]);
873 w0[2] = swap32 (w0[2]);
874 w0[3] = swap32 (w0[3]);
875 w1[0] = swap32 (w1[0]);
876 w1[1] = swap32 (w1[1]);
877 w1[2] = swap32 (w1[2]);
878 w1[3] = swap32 (w1[3]);
879 w2[0] = swap32 (w2[0]);
880 w2[1] = swap32 (w2[1]);
881 w2[2] = swap32 (w2[2]);
882 w2[3] = swap32 (w2[3]);
883 w3[0] = swap32 (w3[0]);
884 w3[1] = swap32 (w3[1]);
886 w3[3] = (64 + salt_len + 4) * 8;
890 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
892 const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]);
893 const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]);
895 barrier (CLK_GLOBAL_MEM_FENCE);
897 tmps[gid].P[k + 0] = tmp0;
898 tmps[gid].P[k + 1] = tmp1;
902 __kernel void m08900_loop (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
904 const u32 gid = get_global_id (0);
906 if (gid >= gid_max) return;
908 const u32 scrypt_phy = salt_bufs[salt_pos].scrypt_phy;
914 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[z]);
916 scrypt_smix (X, T, scrypt_phy, d_scryptV_buf);
919 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[z] = swap32_4 (X[z]);
922 for (int i = STATE_CNT4; i < SCRYPT_CNT4; i += STATE_CNT4)
924 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[i + z]);
926 scrypt_smix (X, T, scrypt_phy, d_scryptV_buf);
928 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[i + z] = swap32_4 (X[z]);
933 __kernel void m08900_comp (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
939 const u32 gid = get_global_id (0);
940 const u32 lid = get_local_id (0);
942 if (gid >= gid_max) return;
946 w0[0] = pws[gid].i[ 0];
947 w0[1] = pws[gid].i[ 1];
948 w0[2] = pws[gid].i[ 2];
949 w0[3] = pws[gid].i[ 3];
953 w1[0] = pws[gid].i[ 4];
954 w1[1] = pws[gid].i[ 5];
955 w1[2] = pws[gid].i[ 6];
956 w1[3] = pws[gid].i[ 7];
960 w2[0] = pws[gid].i[ 8];
961 w2[1] = pws[gid].i[ 9];
962 w2[2] = pws[gid].i[10];
963 w2[3] = pws[gid].i[11];
967 w3[0] = pws[gid].i[12];
968 w3[1] = pws[gid].i[13];
969 w3[2] = pws[gid].i[14];
970 w3[3] = pws[gid].i[15];
973 * 2nd pbkdf2, creates B
976 w0[0] = swap32 (w0[0]);
977 w0[1] = swap32 (w0[1]);
978 w0[2] = swap32 (w0[2]);
979 w0[3] = swap32 (w0[3]);
980 w1[0] = swap32 (w1[0]);
981 w1[1] = swap32 (w1[1]);
982 w1[2] = swap32 (w1[2]);
983 w1[3] = swap32 (w1[3]);
984 w2[0] = swap32 (w2[0]);
985 w2[1] = swap32 (w2[1]);
986 w2[2] = swap32 (w2[2]);
987 w2[3] = swap32 (w2[3]);
988 w3[0] = swap32 (w3[0]);
989 w3[1] = swap32 (w3[1]);
990 w3[2] = swap32 (w3[2]);
991 w3[3] = swap32 (w3[3]);
996 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
998 for (u32 l = 0; l < SCRYPT_CNT4; l += 4)
1000 barrier (CLK_GLOBAL_MEM_FENCE);
1004 tmp = tmps[gid].P[l + 0];
1011 tmp = tmps[gid].P[l + 1];
1018 tmp = tmps[gid].P[l + 2];
1025 tmp = tmps[gid].P[l + 3];
1032 sha256_transform (w0, w1, w2, w3, ipad);
1050 w3[3] = (64 + (SCRYPT_CNT * 4) + 4) * 8;
1054 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
1056 const u32 r0 = swap32 (digest[DGST_R0]);
1057 const u32 r1 = swap32 (digest[DGST_R1]);
1058 const u32 r2 = swap32 (digest[DGST_R2]);
1059 const u32 r3 = swap32 (digest[DGST_R3]);
projects / hashcat.git / blob