2 * Author......: Jens Steube <jens.steube@gmail.com>
8 #include "inc_hash_constants.h"
9 #include "inc_vendor.cl"
16 #include "inc_hash_functions.cl"
17 #include "inc_types.cl"
18 #include "inc_common.cl"
20 #define COMPARE_S "inc_comp_single.cl"
21 #define COMPARE_M "inc_comp_multi.cl"
23 __constant u32 k_sha256[64] =
25 SHA256C00, SHA256C01, SHA256C02, SHA256C03,
26 SHA256C04, SHA256C05, SHA256C06, SHA256C07,
27 SHA256C08, SHA256C09, SHA256C0a, SHA256C0b,
28 SHA256C0c, SHA256C0d, SHA256C0e, SHA256C0f,
29 SHA256C10, SHA256C11, SHA256C12, SHA256C13,
30 SHA256C14, SHA256C15, SHA256C16, SHA256C17,
31 SHA256C18, SHA256C19, SHA256C1a, SHA256C1b,
32 SHA256C1c, SHA256C1d, SHA256C1e, SHA256C1f,
33 SHA256C20, SHA256C21, SHA256C22, SHA256C23,
34 SHA256C24, SHA256C25, SHA256C26, SHA256C27,
35 SHA256C28, SHA256C29, SHA256C2a, SHA256C2b,
36 SHA256C2c, SHA256C2d, SHA256C2e, SHA256C2f,
37 SHA256C30, SHA256C31, SHA256C32, SHA256C33,
38 SHA256C34, SHA256C35, SHA256C36, SHA256C37,
39 SHA256C38, SHA256C39, SHA256C3a, SHA256C3b,
40 SHA256C3c, SHA256C3d, SHA256C3e, SHA256C3f,
43 void sha256_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[8])
71 #define ROUND_EXPAND() \
73 w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); \
74 w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); \
75 w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); \
76 w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); \
77 w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); \
78 w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); \
79 w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); \
80 w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); \
81 w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); \
82 w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); \
83 wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); \
84 wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); \
85 wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); \
86 wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); \
87 we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); \
88 wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); \
91 #define ROUND_STEP(i) \
93 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, k_sha256[i + 0]); \
94 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, k_sha256[i + 1]); \
95 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, k_sha256[i + 2]); \
96 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, k_sha256[i + 3]); \
97 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, k_sha256[i + 4]); \
98 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, k_sha256[i + 5]); \
99 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, k_sha256[i + 6]); \
100 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, k_sha256[i + 7]); \
101 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, k_sha256[i + 8]); \
102 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, k_sha256[i + 9]); \
103 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, k_sha256[i + 10]); \
104 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, k_sha256[i + 11]); \
105 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, k_sha256[i + 12]); \
106 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, k_sha256[i + 13]); \
107 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, k_sha256[i + 14]); \
108 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, k_sha256[i + 15]); \
116 for (int i = 16; i < 64; i += 16)
118 ROUND_EXPAND (); ROUND_STEP (i);
131 void hmac_sha256_pad (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8])
133 w0[0] = w0[0] ^ 0x36363636;
134 w0[1] = w0[1] ^ 0x36363636;
135 w0[2] = w0[2] ^ 0x36363636;
136 w0[3] = w0[3] ^ 0x36363636;
137 w1[0] = w1[0] ^ 0x36363636;
138 w1[1] = w1[1] ^ 0x36363636;
139 w1[2] = w1[2] ^ 0x36363636;
140 w1[3] = w1[3] ^ 0x36363636;
141 w2[0] = w2[0] ^ 0x36363636;
142 w2[1] = w2[1] ^ 0x36363636;
143 w2[2] = w2[2] ^ 0x36363636;
144 w2[3] = w2[3] ^ 0x36363636;
145 w3[0] = w3[0] ^ 0x36363636;
146 w3[1] = w3[1] ^ 0x36363636;
147 w3[2] = w3[2] ^ 0x36363636;
148 w3[3] = w3[3] ^ 0x36363636;
159 sha256_transform (w0, w1, w2, w3, ipad);
161 w0[0] = w0[0] ^ 0x6a6a6a6a;
162 w0[1] = w0[1] ^ 0x6a6a6a6a;
163 w0[2] = w0[2] ^ 0x6a6a6a6a;
164 w0[3] = w0[3] ^ 0x6a6a6a6a;
165 w1[0] = w1[0] ^ 0x6a6a6a6a;
166 w1[1] = w1[1] ^ 0x6a6a6a6a;
167 w1[2] = w1[2] ^ 0x6a6a6a6a;
168 w1[3] = w1[3] ^ 0x6a6a6a6a;
169 w2[0] = w2[0] ^ 0x6a6a6a6a;
170 w2[1] = w2[1] ^ 0x6a6a6a6a;
171 w2[2] = w2[2] ^ 0x6a6a6a6a;
172 w2[3] = w2[3] ^ 0x6a6a6a6a;
173 w3[0] = w3[0] ^ 0x6a6a6a6a;
174 w3[1] = w3[1] ^ 0x6a6a6a6a;
175 w3[2] = w3[2] ^ 0x6a6a6a6a;
176 w3[3] = w3[3] ^ 0x6a6a6a6a;
187 sha256_transform (w0, w1, w2, w3, opad);
190 void hmac_sha256_run (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8], u32 digest[8])
201 sha256_transform (w0, w1, w2, w3, digest);
218 w3[3] = (64 + 32) * 8;
229 sha256_transform (w0, w1, w2, w3, digest);
232 void memcat8 (u32 block0[4], u32 block1[4], u32 block2[4], u32 block3[4], const u32 block_len, const u32 append[2])
237 block0[0] = append[0];
238 block0[1] = append[1];
242 block0[0] = block0[0] | append[0] << 8;
243 block0[1] = append[0] >> 24 | append[1] << 8;
244 block0[2] = append[1] >> 24;
248 block0[0] = block0[0] | append[0] << 16;
249 block0[1] = append[0] >> 16 | append[1] << 16;
250 block0[2] = append[1] >> 16;
254 block0[0] = block0[0] | append[0] << 24;
255 block0[1] = append[0] >> 8 | append[1] << 24;
256 block0[2] = append[1] >> 8;
260 block0[1] = append[0];
261 block0[2] = append[1];
265 block0[1] = block0[1] | append[0] << 8;
266 block0[2] = append[0] >> 24 | append[1] << 8;
267 block0[3] = append[1] >> 24;
271 block0[1] = block0[1] | append[0] << 16;
272 block0[2] = append[0] >> 16 | append[1] << 16;
273 block0[3] = append[1] >> 16;
277 block0[1] = block0[1] | append[0] << 24;
278 block0[2] = append[0] >> 8 | append[1] << 24;
279 block0[3] = append[1] >> 8;
283 block0[2] = append[0];
284 block0[3] = append[1];
288 block0[2] = block0[2] | append[0] << 8;
289 block0[3] = append[0] >> 24 | append[1] << 8;
290 block1[0] = append[1] >> 24;
294 block0[2] = block0[2] | append[0] << 16;
295 block0[3] = append[0] >> 16 | append[1] << 16;
296 block1[0] = append[1] >> 16;
300 block0[2] = block0[2] | append[0] << 24;
301 block0[3] = append[0] >> 8 | append[1] << 24;
302 block1[0] = append[1] >> 8;
306 block0[3] = append[0];
307 block1[0] = append[1];
311 block0[3] = block0[3] | append[0] << 8;
312 block1[0] = append[0] >> 24 | append[1] << 8;
313 block1[1] = append[1] >> 24;
317 block0[3] = block0[3] | append[0] << 16;
318 block1[0] = append[0] >> 16 | append[1] << 16;
319 block1[1] = append[1] >> 16;
323 block0[3] = block0[3] | append[0] << 24;
324 block1[0] = append[0] >> 8 | append[1] << 24;
325 block1[1] = append[1] >> 8;
329 block1[0] = append[0];
330 block1[1] = append[1];
334 block1[0] = block1[0] | append[0] << 8;
335 block1[1] = append[0] >> 24 | append[1] << 8;
336 block1[2] = append[1] >> 24;
340 block1[0] = block1[0] | append[0] << 16;
341 block1[1] = append[0] >> 16 | append[1] << 16;
342 block1[2] = append[1] >> 16;
346 block1[0] = block1[0] | append[0] << 24;
347 block1[1] = append[0] >> 8 | append[1] << 24;
348 block1[2] = append[1] >> 8;
352 block1[1] = append[0];
353 block1[2] = append[1];
357 block1[1] = block1[1] | append[0] << 8;
358 block1[2] = append[0] >> 24 | append[1] << 8;
359 block1[3] = append[1] >> 24;
363 block1[1] = block1[1] | append[0] << 16;
364 block1[2] = append[0] >> 16 | append[1] << 16;
365 block1[3] = append[1] >> 16;
369 block1[1] = block1[1] | append[0] << 24;
370 block1[2] = append[0] >> 8 | append[1] << 24;
371 block1[3] = append[1] >> 8;
375 block1[2] = append[0];
376 block1[3] = append[1];
380 block1[2] = block1[2] | append[0] << 8;
381 block1[3] = append[0] >> 24 | append[1] << 8;
382 block2[0] = append[1] >> 24;
386 block1[2] = block1[2] | append[0] << 16;
387 block1[3] = append[0] >> 16 | append[1] << 16;
388 block2[0] = append[1] >> 16;
392 block1[2] = block1[2] | append[0] << 24;
393 block1[3] = append[0] >> 8 | append[1] << 24;
394 block2[0] = append[1] >> 8;
398 block1[3] = append[0];
399 block2[0] = append[1];
403 block1[3] = block1[3] | append[0] << 8;
404 block2[0] = append[0] >> 24 | append[1] << 8;
405 block2[1] = append[1] >> 24;
409 block1[3] = block1[3] | append[0] << 16;
410 block2[0] = append[0] >> 16 | append[1] << 16;
411 block2[1] = append[1] >> 16;
415 block1[3] = block1[3] | append[0] << 24;
416 block2[0] = append[0] >> 8 | append[1] << 24;
417 block2[1] = append[1] >> 8;
421 block2[0] = append[0];
422 block2[1] = append[1];
426 block2[0] = block2[0] | append[0] << 8;
427 block2[1] = append[0] >> 24 | append[1] << 8;
428 block2[2] = append[1] >> 24;
432 block2[0] = block2[0] | append[0] << 16;
433 block2[1] = append[0] >> 16 | append[1] << 16;
434 block2[2] = append[1] >> 16;
438 block2[0] = block2[0] | append[0] << 24;
439 block2[1] = append[0] >> 8 | append[1] << 24;
440 block2[2] = append[1] >> 8;
444 block2[1] = append[0];
445 block2[2] = append[1];
449 block2[1] = block2[1] | append[0] << 8;
450 block2[2] = append[0] >> 24 | append[1] << 8;
451 block2[3] = append[1] >> 24;
455 block2[1] = block2[1] | append[0] << 16;
456 block2[2] = append[0] >> 16 | append[1] << 16;
457 block2[3] = append[1] >> 16;
461 block2[1] = block2[1] | append[0] << 24;
462 block2[2] = append[0] >> 8 | append[1] << 24;
463 block2[3] = append[1] >> 8;
467 block2[2] = append[0];
468 block2[3] = append[1];
472 block2[2] = block2[2] | append[0] << 8;
473 block2[3] = append[0] >> 24 | append[1] << 8;
474 block3[0] = append[1] >> 24;
478 block2[2] = block2[2] | append[0] << 16;
479 block2[3] = append[0] >> 16 | append[1] << 16;
480 block3[0] = append[1] >> 16;
484 block2[2] = block2[2] | append[0] << 24;
485 block2[3] = append[0] >> 8 | append[1] << 24;
486 block3[0] = append[1] >> 8;
490 block2[3] = append[0];
491 block3[0] = append[1];
495 block2[3] = block2[3] | append[0] << 8;
496 block3[0] = append[0] >> 24 | append[1] << 8;
497 block3[1] = append[1] >> 24;
501 block2[3] = block2[3] | append[0] << 16;
502 block3[0] = append[0] >> 16 | append[1] << 16;
503 block3[1] = append[1] >> 16;
507 block2[3] = block2[3] | append[0] << 24;
508 block3[0] = append[0] >> 8 | append[1] << 24;
509 block3[1] = append[1] >> 8;
513 block3[0] = append[0];
514 block3[1] = append[1];
518 block3[0] = block3[0] | append[0] << 8;
519 block3[1] = append[0] >> 24 | append[1] << 8;
520 block3[2] = append[1] >> 24;
524 block3[0] = block3[0] | append[0] << 16;
525 block3[1] = append[0] >> 16 | append[1] << 16;
526 block3[2] = append[1] >> 16;
530 block3[0] = block3[0] | append[0] << 24;
531 block3[1] = append[0] >> 8 | append[1] << 24;
532 block3[2] = append[1] >> 8;
536 block3[1] = append[0];
537 block3[2] = append[1];
541 block3[1] = block3[1] | append[0] << 8;
542 block3[2] = append[0] >> 24 | append[1] << 8;
543 block3[3] = append[1] >> 24;
547 block3[1] = block3[1] | append[0] << 16;
548 block3[2] = append[0] >> 16 | append[1] << 16;
549 block3[3] = append[1] >> 16;
553 block3[1] = block3[1] | append[0] << 24;
554 block3[2] = append[0] >> 8 | append[1] << 24;
555 block3[3] = append[1] >> 8;
559 block3[2] = append[0];
560 block3[3] = append[1];
565 uint4 swap32_4 (uint4 v)
567 return (rotate ((v & 0x00FF00FF), 24u) | rotate ((v & 0xFF00FF00), 8u));
570 #define GET_SCRYPT_CNT(r,p) (2 * (r) * 16 * (p))
571 #define GET_SMIX_CNT(r,N) (2 * (r) * 16 * (N))
572 #define GET_STATE_CNT(r) (2 * (r) * 16)
574 #define SCRYPT_CNT GET_SCRYPT_CNT (SCRYPT_R, SCRYPT_P)
575 #define SCRYPT_CNT4 (SCRYPT_CNT / 4)
576 #define STATE_CNT GET_STATE_CNT (SCRYPT_R)
577 #define STATE_CNT4 (STATE_CNT / 4)
579 #define ADD_ROTATE_XOR(r,i1,i2,s) (r) ^= rotate ((i1) + (i2), (s));
581 #define SALSA20_2R() \
583 ADD_ROTATE_XOR (X1, X0, X3, 7); \
584 ADD_ROTATE_XOR (X2, X1, X0, 9); \
585 ADD_ROTATE_XOR (X3, X2, X1, 13); \
586 ADD_ROTATE_XOR (X0, X3, X2, 18); \
592 ADD_ROTATE_XOR (X3, X0, X1, 7); \
593 ADD_ROTATE_XOR (X2, X3, X0, 9); \
594 ADD_ROTATE_XOR (X1, X2, X3, 13); \
595 ADD_ROTATE_XOR (X0, X1, X2, 18); \
602 #define SALSA20_8_XOR() \
625 void salsa_r (uint4 *T)
627 uint4 R0 = T[STATE_CNT4 - 4];
628 uint4 R1 = T[STATE_CNT4 - 3];
629 uint4 R2 = T[STATE_CNT4 - 2];
630 uint4 R3 = T[STATE_CNT4 - 1];
632 for (u32 i = 0; i < STATE_CNT4; i += 8)
664 #define exchg(x,y) { const uint4 t = T[(x)]; T[(x)] = T[(y)]; T[(y)] = t; }
666 #define exchg4(x,y) \
668 const u32 x4 = (x) * 4; \
669 const u32 y4 = (y) * 4; \
671 exchg (x4 + 0, y4 + 0); \
672 exchg (x4 + 1, y4 + 1); \
673 exchg (x4 + 2, y4 + 2); \
674 exchg (x4 + 3, y4 + 3); \
677 for (u32 i = 1; i < SCRYPT_R / 1; i++)
685 for (u32 i = 1; i < SCRYPT_R / 2; i++)
690 const u32 xr1 = (SCRYPT_R * 2) - 1 - x;
691 const u32 yr1 = (SCRYPT_R * 2) - 1 - y;
697 void scrypt_smix (uint4 *X, uint4 *T, const u32 phy, __global uint4 *V)
699 #define Coord(x,y,z) (((x) * zSIZE) + ((y) * zSIZE * xSIZE) + (z))
700 #define CO Coord(x,y,z)
702 const u32 xSIZE = phy;
703 const u32 ySIZE = SCRYPT_N / SCRYPT_TMTO;
704 const u32 zSIZE = STATE_CNT4;
706 const u32 gid = get_global_id (0);
708 const u32 x = gid % xSIZE;
713 for (u32 i = 0; i < STATE_CNT4; i += 4)
715 T[0] = (uint4) (X[i + 0].x, X[i + 1].y, X[i + 2].z, X[i + 3].w);
716 T[1] = (uint4) (X[i + 1].x, X[i + 2].y, X[i + 3].z, X[i + 0].w);
717 T[2] = (uint4) (X[i + 2].x, X[i + 3].y, X[i + 0].z, X[i + 1].w);
718 T[3] = (uint4) (X[i + 3].x, X[i + 0].y, X[i + 1].z, X[i + 2].w);
726 for (u32 y = 0; y < ySIZE; y++)
728 for (u32 z = 0; z < zSIZE; z++) V[CO] = X[z];
730 for (u32 i = 0; i < SCRYPT_TMTO; i++) salsa_r (X);
733 for (u32 i = 0; i < SCRYPT_N; i++)
735 const u32 k = X[zSIZE - 4].x & (SCRYPT_N - 1);
737 const u32 y = k / SCRYPT_TMTO;
739 const u32 km = k - (y * SCRYPT_TMTO);
741 for (u32 z = 0; z < zSIZE; z++) T[z] = V[CO];
743 for (u32 i = 0; i < km; i++) salsa_r (T);
745 for (u32 z = 0; z < zSIZE; z++) X[z] ^= T[z];
753 for (u32 i = 0; i < STATE_CNT4; i += 4)
755 T[0] = (uint4) (X[i + 0].x, X[i + 3].y, X[i + 2].z, X[i + 1].w);
756 T[1] = (uint4) (X[i + 1].x, X[i + 0].y, X[i + 3].z, X[i + 2].w);
757 T[2] = (uint4) (X[i + 2].x, X[i + 1].y, X[i + 0].z, X[i + 3].w);
758 T[3] = (uint4) (X[i + 3].x, X[i + 2].y, X[i + 1].z, X[i + 0].w);
767 __kernel void m08900_init (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
773 const u32 gid = get_global_id (0);
775 if (gid >= gid_max) return;
779 w0[0] = pws[gid].i[ 0];
780 w0[1] = pws[gid].i[ 1];
781 w0[2] = pws[gid].i[ 2];
782 w0[3] = pws[gid].i[ 3];
786 w1[0] = pws[gid].i[ 4];
787 w1[1] = pws[gid].i[ 5];
788 w1[2] = pws[gid].i[ 6];
789 w1[3] = pws[gid].i[ 7];
793 w2[0] = pws[gid].i[ 8];
794 w2[1] = pws[gid].i[ 9];
795 w2[2] = pws[gid].i[10];
796 w2[3] = pws[gid].i[11];
800 w3[0] = pws[gid].i[12];
801 w3[1] = pws[gid].i[13];
802 w3[2] = pws[gid].i[14];
803 w3[3] = pws[gid].i[15];
811 salt_buf0[0] = salt_bufs[salt_pos].salt_buf[0];
812 salt_buf0[1] = salt_bufs[salt_pos].salt_buf[1];
813 salt_buf0[2] = salt_bufs[salt_pos].salt_buf[2];
814 salt_buf0[3] = salt_bufs[salt_pos].salt_buf[3];
818 salt_buf1[0] = salt_bufs[salt_pos].salt_buf[4];
819 salt_buf1[1] = salt_bufs[salt_pos].salt_buf[5];
820 salt_buf1[2] = salt_bufs[salt_pos].salt_buf[6];
821 salt_buf1[3] = salt_bufs[salt_pos].salt_buf[7];
823 const u32 salt_len = salt_bufs[salt_pos].salt_len;
826 * 1st pbkdf2, creates B
829 w0[0] = swap32 (w0[0]);
830 w0[1] = swap32 (w0[1]);
831 w0[2] = swap32 (w0[2]);
832 w0[3] = swap32 (w0[3]);
833 w1[0] = swap32 (w1[0]);
834 w1[1] = swap32 (w1[1]);
835 w1[2] = swap32 (w1[2]);
836 w1[3] = swap32 (w1[3]);
837 w2[0] = swap32 (w2[0]);
838 w2[1] = swap32 (w2[1]);
839 w2[2] = swap32 (w2[2]);
840 w2[3] = swap32 (w2[3]);
841 w3[0] = swap32 (w3[0]);
842 w3[1] = swap32 (w3[1]);
843 w3[2] = swap32 (w3[2]);
844 w3[3] = swap32 (w3[3]);
849 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
851 for (u32 i = 0, j = 0, k = 0; i < SCRYPT_CNT; i += 8, j += 1, k += 2)
853 w0[0] = salt_buf0[0];
854 w0[1] = salt_buf0[1];
855 w0[2] = salt_buf0[2];
856 w0[3] = salt_buf0[3];
857 w1[0] = salt_buf1[0];
858 w1[1] = salt_buf1[1];
859 w1[2] = salt_buf1[2];
860 w1[3] = salt_buf1[3];
872 append[0] = swap32 (j + 1);
875 memcat8 (w0, w1, w2, w3, salt_len, append);
877 w0[0] = swap32 (w0[0]);
878 w0[1] = swap32 (w0[1]);
879 w0[2] = swap32 (w0[2]);
880 w0[3] = swap32 (w0[3]);
881 w1[0] = swap32 (w1[0]);
882 w1[1] = swap32 (w1[1]);
883 w1[2] = swap32 (w1[2]);
884 w1[3] = swap32 (w1[3]);
885 w2[0] = swap32 (w2[0]);
886 w2[1] = swap32 (w2[1]);
887 w2[2] = swap32 (w2[2]);
888 w2[3] = swap32 (w2[3]);
889 w3[0] = swap32 (w3[0]);
890 w3[1] = swap32 (w3[1]);
892 w3[3] = (64 + salt_len + 4) * 8;
896 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
898 const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]);
899 const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]);
901 barrier (CLK_GLOBAL_MEM_FENCE);
903 tmps[gid].P[k + 0] = tmp0;
904 tmps[gid].P[k + 1] = tmp1;
908 __kernel void m08900_loop (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
910 const u32 gid = get_global_id (0);
912 if (gid >= gid_max) return;
914 const u32 scrypt_phy = salt_bufs[salt_pos].scrypt_phy;
922 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[z]);
924 scrypt_smix (X, T, scrypt_phy, d_scryptV_buf);
929 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[z] = swap32_4 (X[z]);
932 for (int i = STATE_CNT4; i < SCRYPT_CNT4; i += STATE_CNT4)
934 for (int z = 0; z < STATE_CNT4; z++) X[z] = swap32_4 (tmps[gid].P[i + z]);
936 scrypt_smix (X, T, scrypt_phy, d_scryptV_buf);
938 for (int z = 0; z < STATE_CNT4; z++) tmps[gid].P[i + z] = swap32_4 (X[z]);
943 __kernel void m08900_comp (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
949 const u32 gid = get_global_id (0);
950 const u32 lid = get_local_id (0);
952 if (gid >= gid_max) return;
956 w0[0] = pws[gid].i[ 0];
957 w0[1] = pws[gid].i[ 1];
958 w0[2] = pws[gid].i[ 2];
959 w0[3] = pws[gid].i[ 3];
963 w1[0] = pws[gid].i[ 4];
964 w1[1] = pws[gid].i[ 5];
965 w1[2] = pws[gid].i[ 6];
966 w1[3] = pws[gid].i[ 7];
970 w2[0] = pws[gid].i[ 8];
971 w2[1] = pws[gid].i[ 9];
972 w2[2] = pws[gid].i[10];
973 w2[3] = pws[gid].i[11];
977 w3[0] = pws[gid].i[12];
978 w3[1] = pws[gid].i[13];
979 w3[2] = pws[gid].i[14];
980 w3[3] = pws[gid].i[15];
983 * 2nd pbkdf2, creates B
986 w0[0] = swap32 (w0[0]);
987 w0[1] = swap32 (w0[1]);
988 w0[2] = swap32 (w0[2]);
989 w0[3] = swap32 (w0[3]);
990 w1[0] = swap32 (w1[0]);
991 w1[1] = swap32 (w1[1]);
992 w1[2] = swap32 (w1[2]);
993 w1[3] = swap32 (w1[3]);
994 w2[0] = swap32 (w2[0]);
995 w2[1] = swap32 (w2[1]);
996 w2[2] = swap32 (w2[2]);
997 w2[3] = swap32 (w2[3]);
998 w3[0] = swap32 (w3[0]);
999 w3[1] = swap32 (w3[1]);
1000 w3[2] = swap32 (w3[2]);
1001 w3[3] = swap32 (w3[3]);
1006 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
1008 for (u32 l = 0; l < SCRYPT_CNT4; l += 4)
1010 barrier (CLK_GLOBAL_MEM_FENCE);
1014 tmp = tmps[gid].P[l + 0];
1021 tmp = tmps[gid].P[l + 1];
1028 tmp = tmps[gid].P[l + 2];
1035 tmp = tmps[gid].P[l + 3];
1042 sha256_transform (w0, w1, w2, w3, ipad);
1060 w3[3] = (64 + (SCRYPT_CNT * 4) + 4) * 8;
1064 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
1066 const u32 r0 = swap32 (digest[DGST_R0]);
1067 const u32 r1 = swap32 (digest[DGST_R1]);
1068 const u32 r2 = swap32 (digest[DGST_R2]);
1069 const u32 r3 = swap32 (digest[DGST_R3]);
projects / hashcat.git / blob