2 * Author......: Jens Steube <jens.steube@gmail.com>
8 #include "include/constants.h"
9 #include "include/kernel_vendor.h"
16 #include "include/kernel_functions.c"
17 #include "types_ocl.c"
21 #define COMPARE_M "check_multi_vect1_comp4.c"
25 #define COMPARE_M "check_multi_vect2_comp4.c"
29 #define COMPARE_M "check_multi_vect4_comp4.c"
32 __constant u32 k_sha256[64] =
34 SHA256C00, SHA256C01, SHA256C02, SHA256C03,
35 SHA256C04, SHA256C05, SHA256C06, SHA256C07,
36 SHA256C08, SHA256C09, SHA256C0a, SHA256C0b,
37 SHA256C0c, SHA256C0d, SHA256C0e, SHA256C0f,
38 SHA256C10, SHA256C11, SHA256C12, SHA256C13,
39 SHA256C14, SHA256C15, SHA256C16, SHA256C17,
40 SHA256C18, SHA256C19, SHA256C1a, SHA256C1b,
41 SHA256C1c, SHA256C1d, SHA256C1e, SHA256C1f,
42 SHA256C20, SHA256C21, SHA256C22, SHA256C23,
43 SHA256C24, SHA256C25, SHA256C26, SHA256C27,
44 SHA256C28, SHA256C29, SHA256C2a, SHA256C2b,
45 SHA256C2c, SHA256C2d, SHA256C2e, SHA256C2f,
46 SHA256C30, SHA256C31, SHA256C32, SHA256C33,
47 SHA256C34, SHA256C35, SHA256C36, SHA256C37,
48 SHA256C38, SHA256C39, SHA256C3a, SHA256C3b,
49 SHA256C3c, SHA256C3d, SHA256C3e, SHA256C3f,
52 static void sha256_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[8])
80 #define ROUND_EXPAND() \
82 w0_t = SHA256_EXPAND (we_t, w9_t, w1_t, w0_t); \
83 w1_t = SHA256_EXPAND (wf_t, wa_t, w2_t, w1_t); \
84 w2_t = SHA256_EXPAND (w0_t, wb_t, w3_t, w2_t); \
85 w3_t = SHA256_EXPAND (w1_t, wc_t, w4_t, w3_t); \
86 w4_t = SHA256_EXPAND (w2_t, wd_t, w5_t, w4_t); \
87 w5_t = SHA256_EXPAND (w3_t, we_t, w6_t, w5_t); \
88 w6_t = SHA256_EXPAND (w4_t, wf_t, w7_t, w6_t); \
89 w7_t = SHA256_EXPAND (w5_t, w0_t, w8_t, w7_t); \
90 w8_t = SHA256_EXPAND (w6_t, w1_t, w9_t, w8_t); \
91 w9_t = SHA256_EXPAND (w7_t, w2_t, wa_t, w9_t); \
92 wa_t = SHA256_EXPAND (w8_t, w3_t, wb_t, wa_t); \
93 wb_t = SHA256_EXPAND (w9_t, w4_t, wc_t, wb_t); \
94 wc_t = SHA256_EXPAND (wa_t, w5_t, wd_t, wc_t); \
95 wd_t = SHA256_EXPAND (wb_t, w6_t, we_t, wd_t); \
96 we_t = SHA256_EXPAND (wc_t, w7_t, wf_t, we_t); \
97 wf_t = SHA256_EXPAND (wd_t, w8_t, w0_t, wf_t); \
100 #define ROUND_STEP(i) \
102 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w0_t, k_sha256[i + 0]); \
103 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w1_t, k_sha256[i + 1]); \
104 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, w2_t, k_sha256[i + 2]); \
105 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, w3_t, k_sha256[i + 3]); \
106 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, w4_t, k_sha256[i + 4]); \
107 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, w5_t, k_sha256[i + 5]); \
108 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, w6_t, k_sha256[i + 6]); \
109 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, w7_t, k_sha256[i + 7]); \
110 SHA256_STEP (SHA256_F0o, SHA256_F1o, a, b, c, d, e, f, g, h, w8_t, k_sha256[i + 8]); \
111 SHA256_STEP (SHA256_F0o, SHA256_F1o, h, a, b, c, d, e, f, g, w9_t, k_sha256[i + 9]); \
112 SHA256_STEP (SHA256_F0o, SHA256_F1o, g, h, a, b, c, d, e, f, wa_t, k_sha256[i + 10]); \
113 SHA256_STEP (SHA256_F0o, SHA256_F1o, f, g, h, a, b, c, d, e, wb_t, k_sha256[i + 11]); \
114 SHA256_STEP (SHA256_F0o, SHA256_F1o, e, f, g, h, a, b, c, d, wc_t, k_sha256[i + 12]); \
115 SHA256_STEP (SHA256_F0o, SHA256_F1o, d, e, f, g, h, a, b, c, wd_t, k_sha256[i + 13]); \
116 SHA256_STEP (SHA256_F0o, SHA256_F1o, c, d, e, f, g, h, a, b, we_t, k_sha256[i + 14]); \
117 SHA256_STEP (SHA256_F0o, SHA256_F1o, b, c, d, e, f, g, h, a, wf_t, k_sha256[i + 15]); \
123 for (int i = 16; i < 64; i += 16)
125 ROUND_EXPAND (); ROUND_STEP (i);
138 static void hmac_sha256_pad (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8])
140 w0[0] = w0[0] ^ 0x36363636;
141 w0[1] = w0[1] ^ 0x36363636;
142 w0[2] = w0[2] ^ 0x36363636;
143 w0[3] = w0[3] ^ 0x36363636;
144 w1[0] = w1[0] ^ 0x36363636;
145 w1[1] = w1[1] ^ 0x36363636;
146 w1[2] = w1[2] ^ 0x36363636;
147 w1[3] = w1[3] ^ 0x36363636;
148 w2[0] = w2[0] ^ 0x36363636;
149 w2[1] = w2[1] ^ 0x36363636;
150 w2[2] = w2[2] ^ 0x36363636;
151 w2[3] = w2[3] ^ 0x36363636;
152 w3[0] = w3[0] ^ 0x36363636;
153 w3[1] = w3[1] ^ 0x36363636;
154 w3[2] = w3[2] ^ 0x36363636;
155 w3[3] = w3[3] ^ 0x36363636;
166 sha256_transform (w0, w1, w2, w3, ipad);
168 w0[0] = w0[0] ^ 0x6a6a6a6a;
169 w0[1] = w0[1] ^ 0x6a6a6a6a;
170 w0[2] = w0[2] ^ 0x6a6a6a6a;
171 w0[3] = w0[3] ^ 0x6a6a6a6a;
172 w1[0] = w1[0] ^ 0x6a6a6a6a;
173 w1[1] = w1[1] ^ 0x6a6a6a6a;
174 w1[2] = w1[2] ^ 0x6a6a6a6a;
175 w1[3] = w1[3] ^ 0x6a6a6a6a;
176 w2[0] = w2[0] ^ 0x6a6a6a6a;
177 w2[1] = w2[1] ^ 0x6a6a6a6a;
178 w2[2] = w2[2] ^ 0x6a6a6a6a;
179 w2[3] = w2[3] ^ 0x6a6a6a6a;
180 w3[0] = w3[0] ^ 0x6a6a6a6a;
181 w3[1] = w3[1] ^ 0x6a6a6a6a;
182 w3[2] = w3[2] ^ 0x6a6a6a6a;
183 w3[3] = w3[3] ^ 0x6a6a6a6a;
194 sha256_transform (w0, w1, w2, w3, opad);
197 static void hmac_sha256_run (u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], u32 ipad[8], u32 opad[8], u32 digest[8])
208 sha256_transform (w0, w1, w2, w3, digest);
225 w3[3] = (64 + 32) * 8;
236 sha256_transform (w0, w1, w2, w3, digest);
239 static void memcat8 (u32 block0[4], u32 block1[4], u32 block2[4], u32 block3[4], const u32 block_len, const u32 append[2])
244 block0[0] = append[0];
245 block0[1] = append[1];
249 block0[0] = block0[0] | append[0] << 8;
250 block0[1] = append[0] >> 24 | append[1] << 8;
251 block0[2] = append[1] >> 24;
255 block0[0] = block0[0] | append[0] << 16;
256 block0[1] = append[0] >> 16 | append[1] << 16;
257 block0[2] = append[1] >> 16;
261 block0[0] = block0[0] | append[0] << 24;
262 block0[1] = append[0] >> 8 | append[1] << 24;
263 block0[2] = append[1] >> 8;
267 block0[1] = append[0];
268 block0[2] = append[1];
272 block0[1] = block0[1] | append[0] << 8;
273 block0[2] = append[0] >> 24 | append[1] << 8;
274 block0[3] = append[1] >> 24;
278 block0[1] = block0[1] | append[0] << 16;
279 block0[2] = append[0] >> 16 | append[1] << 16;
280 block0[3] = append[1] >> 16;
284 block0[1] = block0[1] | append[0] << 24;
285 block0[2] = append[0] >> 8 | append[1] << 24;
286 block0[3] = append[1] >> 8;
290 block0[2] = append[0];
291 block0[3] = append[1];
295 block0[2] = block0[2] | append[0] << 8;
296 block0[3] = append[0] >> 24 | append[1] << 8;
297 block1[0] = append[1] >> 24;
301 block0[2] = block0[2] | append[0] << 16;
302 block0[3] = append[0] >> 16 | append[1] << 16;
303 block1[0] = append[1] >> 16;
307 block0[2] = block0[2] | append[0] << 24;
308 block0[3] = append[0] >> 8 | append[1] << 24;
309 block1[0] = append[1] >> 8;
313 block0[3] = append[0];
314 block1[0] = append[1];
318 block0[3] = block0[3] | append[0] << 8;
319 block1[0] = append[0] >> 24 | append[1] << 8;
320 block1[1] = append[1] >> 24;
324 block0[3] = block0[3] | append[0] << 16;
325 block1[0] = append[0] >> 16 | append[1] << 16;
326 block1[1] = append[1] >> 16;
330 block0[3] = block0[3] | append[0] << 24;
331 block1[0] = append[0] >> 8 | append[1] << 24;
332 block1[1] = append[1] >> 8;
336 block1[0] = append[0];
337 block1[1] = append[1];
341 block1[0] = block1[0] | append[0] << 8;
342 block1[1] = append[0] >> 24 | append[1] << 8;
343 block1[2] = append[1] >> 24;
347 block1[0] = block1[0] | append[0] << 16;
348 block1[1] = append[0] >> 16 | append[1] << 16;
349 block1[2] = append[1] >> 16;
353 block1[0] = block1[0] | append[0] << 24;
354 block1[1] = append[0] >> 8 | append[1] << 24;
355 block1[2] = append[1] >> 8;
359 block1[1] = append[0];
360 block1[2] = append[1];
364 block1[1] = block1[1] | append[0] << 8;
365 block1[2] = append[0] >> 24 | append[1] << 8;
366 block1[3] = append[1] >> 24;
370 block1[1] = block1[1] | append[0] << 16;
371 block1[2] = append[0] >> 16 | append[1] << 16;
372 block1[3] = append[1] >> 16;
376 block1[1] = block1[1] | append[0] << 24;
377 block1[2] = append[0] >> 8 | append[1] << 24;
378 block1[3] = append[1] >> 8;
382 block1[2] = append[0];
383 block1[3] = append[1];
387 block1[2] = block1[2] | append[0] << 8;
388 block1[3] = append[0] >> 24 | append[1] << 8;
389 block2[0] = append[1] >> 24;
393 block1[2] = block1[2] | append[0] << 16;
394 block1[3] = append[0] >> 16 | append[1] << 16;
395 block2[0] = append[1] >> 16;
399 block1[2] = block1[2] | append[0] << 24;
400 block1[3] = append[0] >> 8 | append[1] << 24;
401 block2[0] = append[1] >> 8;
405 block1[3] = append[0];
406 block2[0] = append[1];
410 block1[3] = block1[3] | append[0] << 8;
411 block2[0] = append[0] >> 24 | append[1] << 8;
412 block2[1] = append[1] >> 24;
416 block1[3] = block1[3] | append[0] << 16;
417 block2[0] = append[0] >> 16 | append[1] << 16;
418 block2[1] = append[1] >> 16;
422 block1[3] = block1[3] | append[0] << 24;
423 block2[0] = append[0] >> 8 | append[1] << 24;
424 block2[1] = append[1] >> 8;
428 block2[0] = append[0];
429 block2[1] = append[1];
433 block2[0] = block2[0] | append[0] << 8;
434 block2[1] = append[0] >> 24 | append[1] << 8;
435 block2[2] = append[1] >> 24;
439 block2[0] = block2[0] | append[0] << 16;
440 block2[1] = append[0] >> 16 | append[1] << 16;
441 block2[2] = append[1] >> 16;
445 block2[0] = block2[0] | append[0] << 24;
446 block2[1] = append[0] >> 8 | append[1] << 24;
447 block2[2] = append[1] >> 8;
451 block2[1] = append[0];
452 block2[2] = append[1];
456 block2[1] = block2[1] | append[0] << 8;
457 block2[2] = append[0] >> 24 | append[1] << 8;
458 block2[3] = append[1] >> 24;
462 block2[1] = block2[1] | append[0] << 16;
463 block2[2] = append[0] >> 16 | append[1] << 16;
464 block2[3] = append[1] >> 16;
468 block2[1] = block2[1] | append[0] << 24;
469 block2[2] = append[0] >> 8 | append[1] << 24;
470 block2[3] = append[1] >> 8;
474 block2[2] = append[0];
475 block2[3] = append[1];
479 block2[2] = block2[2] | append[0] << 8;
480 block2[3] = append[0] >> 24 | append[1] << 8;
481 block3[0] = append[1] >> 24;
485 block2[2] = block2[2] | append[0] << 16;
486 block2[3] = append[0] >> 16 | append[1] << 16;
487 block3[0] = append[1] >> 16;
491 block2[2] = block2[2] | append[0] << 24;
492 block2[3] = append[0] >> 8 | append[1] << 24;
493 block3[0] = append[1] >> 8;
497 block2[3] = append[0];
498 block3[0] = append[1];
502 block2[3] = block2[3] | append[0] << 8;
503 block3[0] = append[0] >> 24 | append[1] << 8;
504 block3[1] = append[1] >> 24;
508 block2[3] = block2[3] | append[0] << 16;
509 block3[0] = append[0] >> 16 | append[1] << 16;
510 block3[1] = append[1] >> 16;
514 block2[3] = block2[3] | append[0] << 24;
515 block3[0] = append[0] >> 8 | append[1] << 24;
516 block3[1] = append[1] >> 8;
520 block3[0] = append[0];
521 block3[1] = append[1];
525 block3[0] = block3[0] | append[0] << 8;
526 block3[1] = append[0] >> 24 | append[1] << 8;
527 block3[2] = append[1] >> 24;
531 block3[0] = block3[0] | append[0] << 16;
532 block3[1] = append[0] >> 16 | append[1] << 16;
533 block3[2] = append[1] >> 16;
537 block3[0] = block3[0] | append[0] << 24;
538 block3[1] = append[0] >> 8 | append[1] << 24;
539 block3[2] = append[1] >> 8;
543 block3[1] = append[0];
544 block3[2] = append[1];
548 block3[1] = block3[1] | append[0] << 8;
549 block3[2] = append[0] >> 24 | append[1] << 8;
550 block3[3] = append[1] >> 24;
554 block3[1] = block3[1] | append[0] << 16;
555 block3[2] = append[0] >> 16 | append[1] << 16;
556 block3[3] = append[1] >> 16;
560 block3[1] = block3[1] | append[0] << 24;
561 block3[2] = append[0] >> 8 | append[1] << 24;
562 block3[3] = append[1] >> 8;
566 block3[2] = append[0];
567 block3[3] = append[1];
572 static uint4 swap_workaround (uint4 v)
574 return (rotate ((v & 0x00FF00FF), 24u) | rotate ((v & 0xFF00FF00), 8u));
577 #define GET_SCRYPT_CNT(r,p) (2 * (r) * 16 * (p))
578 #define GET_SMIX_CNT(r,N) (2 * (r) * 16 * (N))
579 #define GET_STATE_CNT(r) (2 * (r) * 16)
581 #define ADD_ROTATE_XOR(r,i1,i2,s) (r) ^= rotate ((i1) + (i2), (s));
583 #define SALSA20_2R() \
585 ADD_ROTATE_XOR (X1, X0, X3, 7); \
586 ADD_ROTATE_XOR (X2, X1, X0, 9); \
587 ADD_ROTATE_XOR (X3, X2, X1, 13); \
588 ADD_ROTATE_XOR (X0, X3, X2, 18); \
594 ADD_ROTATE_XOR (X3, X0, X1, 7); \
595 ADD_ROTATE_XOR (X2, X3, X0, 9); \
596 ADD_ROTATE_XOR (X1, X2, X3, 13); \
597 ADD_ROTATE_XOR (X0, X1, X2, 18); \
604 #define SALSA20_8_XOR() \
627 static void salsa_r (uint4 *T, const u32 r)
629 const u32 state_cnt = GET_STATE_CNT (r);
631 const u32 state_cnt4 = state_cnt / 4;
633 uint4 R0 = T[state_cnt4 - 4];
634 uint4 R1 = T[state_cnt4 - 3];
635 uint4 R2 = T[state_cnt4 - 2];
636 uint4 R3 = T[state_cnt4 - 1];
638 for (u32 i = 0; i < state_cnt4; i += 8)
670 #define exchg(x,y) { const uint4 t = T[(x)]; T[(x)] = T[(y)]; T[(y)] = t; }
672 #define exchg4(x,y) \
674 const u32 x4 = (x) * 4; \
675 const u32 y4 = (y) * 4; \
677 exchg (x4 + 0, y4 + 0); \
678 exchg (x4 + 1, y4 + 1); \
679 exchg (x4 + 2, y4 + 2); \
680 exchg (x4 + 3, y4 + 3); \
683 for (u32 i = 1; i < r / 1; i++)
691 for (u32 i = 1; i < r / 2; i++)
696 const u32 xr1 = (r * 2) - 1 - x;
697 const u32 yr1 = (r * 2) - 1 - y;
703 static void scrypt_smix (uint4 *X, uint4 *T, const u32 N, const u32 r, const u32 tmto, const u32 phy, __global uint4 *V)
705 const u32 state_cnt = GET_STATE_CNT (r);
707 const u32 state_cnt4 = state_cnt / 4;
709 #define Coord(x,y,z) (((x) * zSIZE) + ((y) * zSIZE * xSIZE) + (z))
710 #define CO Coord(x,y,z)
712 const u32 xSIZE = phy;
713 const u32 ySIZE = N / tmto;
714 const u32 zSIZE = state_cnt4;
716 const u32 gid = get_global_id (0);
718 const u32 x = gid % xSIZE;
721 for (u32 i = 0; i < state_cnt4; i += 4)
723 T[0] = (uint4) (X[i + 0].x, X[i + 1].y, X[i + 2].z, X[i + 3].w);
724 T[1] = (uint4) (X[i + 1].x, X[i + 2].y, X[i + 3].z, X[i + 0].w);
725 T[2] = (uint4) (X[i + 2].x, X[i + 3].y, X[i + 0].z, X[i + 1].w);
726 T[3] = (uint4) (X[i + 3].x, X[i + 0].y, X[i + 1].z, X[i + 2].w);
734 for (u32 y = 0; y < ySIZE; y++)
736 for (u32 z = 0; z < zSIZE; z++) V[CO] = X[z];
738 for (u32 i = 0; i < tmto; i++) salsa_r (X, r);
741 for (u32 i = 0; i < N; i++)
743 const u32 k = X[zSIZE - 4].x & (N - 1);
745 const u32 y = k / tmto;
747 const u32 km = k - (y * tmto);
749 for (u32 z = 0; z < zSIZE; z++) T[z] = V[CO];
751 for (u32 i = 0; i < km; i++) salsa_r (T, r);
753 for (u32 z = 0; z < zSIZE; z++) X[z] ^= T[z];
759 for (u32 i = 0; i < state_cnt4; i += 4)
761 T[0] = (uint4) (X[i + 0].x, X[i + 3].y, X[i + 2].z, X[i + 1].w);
762 T[1] = (uint4) (X[i + 1].x, X[i + 0].y, X[i + 3].z, X[i + 2].w);
763 T[2] = (uint4) (X[i + 2].x, X[i + 1].y, X[i + 0].z, X[i + 3].w);
764 T[3] = (uint4) (X[i + 3].x, X[i + 2].y, X[i + 1].z, X[i + 0].w);
773 __kernel void __attribute__((reqd_work_group_size (64, 1, 1))) m08900_init (__global pw_t *pws, __global gpu_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 rules_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
779 const u32 gid = get_global_id (0);
781 if (gid >= gid_max) return;
785 w0[0] = pws[gid].i[ 0];
786 w0[1] = pws[gid].i[ 1];
787 w0[2] = pws[gid].i[ 2];
788 w0[3] = pws[gid].i[ 3];
792 w1[0] = pws[gid].i[ 4];
793 w1[1] = pws[gid].i[ 5];
794 w1[2] = pws[gid].i[ 6];
795 w1[3] = pws[gid].i[ 7];
799 w2[0] = pws[gid].i[ 8];
800 w2[1] = pws[gid].i[ 9];
801 w2[2] = pws[gid].i[10];
802 w2[3] = pws[gid].i[11];
806 w3[0] = pws[gid].i[12];
807 w3[1] = pws[gid].i[13];
808 w3[2] = pws[gid].i[14];
809 w3[3] = pws[gid].i[15];
817 salt_buf0[0] = salt_bufs[salt_pos].salt_buf[0];
818 salt_buf0[1] = salt_bufs[salt_pos].salt_buf[1];
819 salt_buf0[2] = salt_bufs[salt_pos].salt_buf[2];
820 salt_buf0[3] = salt_bufs[salt_pos].salt_buf[3];
824 salt_buf1[0] = salt_bufs[salt_pos].salt_buf[4];
825 salt_buf1[1] = salt_bufs[salt_pos].salt_buf[5];
826 salt_buf1[2] = salt_bufs[salt_pos].salt_buf[6];
827 salt_buf1[3] = salt_bufs[salt_pos].salt_buf[7];
829 const u32 salt_len = salt_bufs[salt_pos].salt_len;
835 const u32 scrypt_r = SCRYPT_R;
836 const u32 scrypt_p = SCRYPT_P;
837 //const u32 scrypt_N = SCRYPT_N;
839 //const u32 state_cnt = GET_STATE_CNT (scrypt_r);
840 const u32 scrypt_cnt = GET_SCRYPT_CNT (scrypt_r, scrypt_p);
841 //const u32 smix_cnt = GET_SMIX_CNT (scrypt_r, scrypt_N);
844 * 1st pbkdf2, creates B
847 w0[0] = swap_workaround (w0[0]);
848 w0[1] = swap_workaround (w0[1]);
849 w0[2] = swap_workaround (w0[2]);
850 w0[3] = swap_workaround (w0[3]);
851 w1[0] = swap_workaround (w1[0]);
852 w1[1] = swap_workaround (w1[1]);
853 w1[2] = swap_workaround (w1[2]);
854 w1[3] = swap_workaround (w1[3]);
855 w2[0] = swap_workaround (w2[0]);
856 w2[1] = swap_workaround (w2[1]);
857 w2[2] = swap_workaround (w2[2]);
858 w2[3] = swap_workaround (w2[3]);
859 w3[0] = swap_workaround (w3[0]);
860 w3[1] = swap_workaround (w3[1]);
861 w3[2] = swap_workaround (w3[2]);
862 w3[3] = swap_workaround (w3[3]);
867 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
869 for (u32 i = 0, j = 0, k = 0; i < scrypt_cnt; i += 8, j += 1, k += 2)
871 w0[0] = salt_buf0[0];
872 w0[1] = salt_buf0[1];
873 w0[2] = salt_buf0[2];
874 w0[3] = salt_buf0[3];
875 w1[0] = salt_buf1[0];
876 w1[1] = salt_buf1[1];
877 w1[2] = salt_buf1[2];
878 w1[3] = salt_buf1[3];
890 append[0] = swap_workaround (j + 1);
893 memcat8 (w0, w1, w2, w3, salt_len, append);
895 w0[0] = swap_workaround (w0[0]);
896 w0[1] = swap_workaround (w0[1]);
897 w0[2] = swap_workaround (w0[2]);
898 w0[3] = swap_workaround (w0[3]);
899 w1[0] = swap_workaround (w1[0]);
900 w1[1] = swap_workaround (w1[1]);
901 w1[2] = swap_workaround (w1[2]);
902 w1[3] = swap_workaround (w1[3]);
903 w2[0] = swap_workaround (w2[0]);
904 w2[1] = swap_workaround (w2[1]);
905 w2[2] = swap_workaround (w2[2]);
906 w2[3] = swap_workaround (w2[3]);
907 w3[0] = swap_workaround (w3[0]);
908 w3[1] = swap_workaround (w3[1]);
910 w3[3] = (64 + salt_len + 4) * 8;
914 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
916 const uint4 tmp0 = (uint4) (digest[0], digest[1], digest[2], digest[3]);
917 const uint4 tmp1 = (uint4) (digest[4], digest[5], digest[6], digest[7]);
919 barrier (CLK_GLOBAL_MEM_FENCE);
921 tmps[gid].P[k + 0] = tmp0;
922 tmps[gid].P[k + 1] = tmp1;
926 __kernel void __attribute__((reqd_work_group_size (64, 1, 1))) m08900_loop (__global pw_t *pws, __global gpu_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 rules_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
928 const u32 gid = get_global_id (0);
930 if (gid >= gid_max) return;
932 const u32 scrypt_phy = salt_bufs[salt_pos].scrypt_phy;
934 const u32 state_cnt = GET_STATE_CNT (SCRYPT_R);
935 const u32 scrypt_cnt = GET_SCRYPT_CNT (SCRYPT_R, SCRYPT_P);
937 const u32 state_cnt4 = state_cnt / 4;
938 const u32 scrypt_cnt4 = scrypt_cnt / 4;
944 for (int z = 0; z < state_cnt4; z++) X[z] = swap_workaround (tmps[gid].P[z]);
946 scrypt_smix (X, T, SCRYPT_N, SCRYPT_R, SCRYPT_TMTO, scrypt_phy, d_scryptV_buf);
949 for (int z = 0; z < state_cnt4; z++) tmps[gid].P[z] = swap_workaround (X[z]);
952 for (int i = state_cnt4; i < scrypt_cnt4; i += state_cnt4)
954 for (int z = 0; z < state_cnt4; z++) X[z] = swap_workaround (tmps[gid].P[i + z]);
956 scrypt_smix (X, T, SCRYPT_N, SCRYPT_R, SCRYPT_TMTO, scrypt_phy, d_scryptV_buf);
958 for (int z = 0; z < state_cnt4; z++) tmps[gid].P[i + z] = swap_workaround (X[z]);
963 __kernel void __attribute__((reqd_work_group_size (64, 1, 1))) m08900_comp (__global pw_t *pws, __global gpu_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global scrypt_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global uint4 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 rules_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
969 const u32 gid = get_global_id (0);
970 const u32 lid = get_local_id (0);
972 if (gid >= gid_max) return;
976 w0[0] = pws[gid].i[ 0];
977 w0[1] = pws[gid].i[ 1];
978 w0[2] = pws[gid].i[ 2];
979 w0[3] = pws[gid].i[ 3];
983 w1[0] = pws[gid].i[ 4];
984 w1[1] = pws[gid].i[ 5];
985 w1[2] = pws[gid].i[ 6];
986 w1[3] = pws[gid].i[ 7];
990 w2[0] = pws[gid].i[ 8];
991 w2[1] = pws[gid].i[ 9];
992 w2[2] = pws[gid].i[10];
993 w2[3] = pws[gid].i[11];
997 w3[0] = pws[gid].i[12];
998 w3[1] = pws[gid].i[13];
999 w3[2] = pws[gid].i[14];
1000 w3[3] = pws[gid].i[15];
1006 const u32 scrypt_r = SCRYPT_R;
1007 const u32 scrypt_p = SCRYPT_P;
1008 //const u32 scrypt_N = SCRYPT_N;
1010 const u32 scrypt_cnt = GET_SCRYPT_CNT (scrypt_r, scrypt_p);
1012 const u32 scrypt_cnt4 = scrypt_cnt / 4;
1015 * 2nd pbkdf2, creates B
1018 w0[0] = swap_workaround (w0[0]);
1019 w0[1] = swap_workaround (w0[1]);
1020 w0[2] = swap_workaround (w0[2]);
1021 w0[3] = swap_workaround (w0[3]);
1022 w1[0] = swap_workaround (w1[0]);
1023 w1[1] = swap_workaround (w1[1]);
1024 w1[2] = swap_workaround (w1[2]);
1025 w1[3] = swap_workaround (w1[3]);
1026 w2[0] = swap_workaround (w2[0]);
1027 w2[1] = swap_workaround (w2[1]);
1028 w2[2] = swap_workaround (w2[2]);
1029 w2[3] = swap_workaround (w2[3]);
1030 w3[0] = swap_workaround (w3[0]);
1031 w3[1] = swap_workaround (w3[1]);
1032 w3[2] = swap_workaround (w3[2]);
1033 w3[3] = swap_workaround (w3[3]);
1038 hmac_sha256_pad (w0, w1, w2, w3, ipad, opad);
1040 for (u32 l = 0; l < scrypt_cnt4; l += 4)
1042 barrier (CLK_GLOBAL_MEM_FENCE);
1046 tmp = tmps[gid].P[l + 0];
1053 tmp = tmps[gid].P[l + 1];
1060 tmp = tmps[gid].P[l + 2];
1067 tmp = tmps[gid].P[l + 3];
1074 sha256_transform (w0, w1, w2, w3, ipad);
1092 w3[3] = (64 + (scrypt_cnt * 4) + 4) * 8;
1096 hmac_sha256_run (w0, w1, w2, w3, ipad, opad, digest);
1098 const u32 r0 = swap_workaround (digest[DGST_R0]);
1099 const u32 r1 = swap_workaround (digest[DGST_R1]);
1100 const u32 r2 = swap_workaround (digest[DGST_R2]);
1101 const u32 r3 = swap_workaround (digest[DGST_R3]);
projects / hashcat.git / blob