2 * Author......: Jens Steube <jens.steube@gmail.com>
8 #include "include/constants.h"
9 #include "include/kernel_vendor.h"
28 #include "include/kernel_functions.c"
29 #include "types_amd.c"
30 #include "common_amd.c"
33 #define VECT_COMPARE_M "check_multi_vect1_comp4.c"
37 #define VECT_COMPARE_M "check_multi_vect2_comp4.c"
41 #define VECT_COMPARE_M "check_multi_vect4_comp4.c"
44 static void md5_transform (const u32x w0[4], const u32x w1[4], const u32x w2[4], const u32x w3[4], u32x digest[4])
70 MD5_STEP (MD5_Fo, a, b, c, d, w0_t, MD5C00, MD5S00);
71 MD5_STEP (MD5_Fo, d, a, b, c, w1_t, MD5C01, MD5S01);
72 MD5_STEP (MD5_Fo, c, d, a, b, w2_t, MD5C02, MD5S02);
73 MD5_STEP (MD5_Fo, b, c, d, a, w3_t, MD5C03, MD5S03);
74 MD5_STEP (MD5_Fo, a, b, c, d, w4_t, MD5C04, MD5S00);
75 MD5_STEP (MD5_Fo, d, a, b, c, w5_t, MD5C05, MD5S01);
76 MD5_STEP (MD5_Fo, c, d, a, b, w6_t, MD5C06, MD5S02);
77 MD5_STEP (MD5_Fo, b, c, d, a, w7_t, MD5C07, MD5S03);
78 MD5_STEP (MD5_Fo, a, b, c, d, w8_t, MD5C08, MD5S00);
79 MD5_STEP (MD5_Fo, d, a, b, c, w9_t, MD5C09, MD5S01);
80 MD5_STEP (MD5_Fo, c, d, a, b, wa_t, MD5C0a, MD5S02);
81 MD5_STEP (MD5_Fo, b, c, d, a, wb_t, MD5C0b, MD5S03);
82 MD5_STEP (MD5_Fo, a, b, c, d, wc_t, MD5C0c, MD5S00);
83 MD5_STEP (MD5_Fo, d, a, b, c, wd_t, MD5C0d, MD5S01);
84 MD5_STEP (MD5_Fo, c, d, a, b, we_t, MD5C0e, MD5S02);
85 MD5_STEP (MD5_Fo, b, c, d, a, wf_t, MD5C0f, MD5S03);
87 MD5_STEP (MD5_Go, a, b, c, d, w1_t, MD5C10, MD5S10);
88 MD5_STEP (MD5_Go, d, a, b, c, w6_t, MD5C11, MD5S11);
89 MD5_STEP (MD5_Go, c, d, a, b, wb_t, MD5C12, MD5S12);
90 MD5_STEP (MD5_Go, b, c, d, a, w0_t, MD5C13, MD5S13);
91 MD5_STEP (MD5_Go, a, b, c, d, w5_t, MD5C14, MD5S10);
92 MD5_STEP (MD5_Go, d, a, b, c, wa_t, MD5C15, MD5S11);
93 MD5_STEP (MD5_Go, c, d, a, b, wf_t, MD5C16, MD5S12);
94 MD5_STEP (MD5_Go, b, c, d, a, w4_t, MD5C17, MD5S13);
95 MD5_STEP (MD5_Go, a, b, c, d, w9_t, MD5C18, MD5S10);
96 MD5_STEP (MD5_Go, d, a, b, c, we_t, MD5C19, MD5S11);
97 MD5_STEP (MD5_Go, c, d, a, b, w3_t, MD5C1a, MD5S12);
98 MD5_STEP (MD5_Go, b, c, d, a, w8_t, MD5C1b, MD5S13);
99 MD5_STEP (MD5_Go, a, b, c, d, wd_t, MD5C1c, MD5S10);
100 MD5_STEP (MD5_Go, d, a, b, c, w2_t, MD5C1d, MD5S11);
101 MD5_STEP (MD5_Go, c, d, a, b, w7_t, MD5C1e, MD5S12);
102 MD5_STEP (MD5_Go, b, c, d, a, wc_t, MD5C1f, MD5S13);
104 MD5_STEP (MD5_H1, a, b, c, d, w5_t, MD5C20, MD5S20);
105 MD5_STEP (MD5_H2, d, a, b, c, w8_t, MD5C21, MD5S21);
106 MD5_STEP (MD5_H1, c, d, a, b, wb_t, MD5C22, MD5S22);
107 MD5_STEP (MD5_H2, b, c, d, a, we_t, MD5C23, MD5S23);
108 MD5_STEP (MD5_H1, a, b, c, d, w1_t, MD5C24, MD5S20);
109 MD5_STEP (MD5_H2, d, a, b, c, w4_t, MD5C25, MD5S21);
110 MD5_STEP (MD5_H1, c, d, a, b, w7_t, MD5C26, MD5S22);
111 MD5_STEP (MD5_H2, b, c, d, a, wa_t, MD5C27, MD5S23);
112 MD5_STEP (MD5_H1, a, b, c, d, wd_t, MD5C28, MD5S20);
113 MD5_STEP (MD5_H2, d, a, b, c, w0_t, MD5C29, MD5S21);
114 MD5_STEP (MD5_H1, c, d, a, b, w3_t, MD5C2a, MD5S22);
115 MD5_STEP (MD5_H2, b, c, d, a, w6_t, MD5C2b, MD5S23);
116 MD5_STEP (MD5_H1, a, b, c, d, w9_t, MD5C2c, MD5S20);
117 MD5_STEP (MD5_H2, d, a, b, c, wc_t, MD5C2d, MD5S21);
118 MD5_STEP (MD5_H1, c, d, a, b, wf_t, MD5C2e, MD5S22);
119 MD5_STEP (MD5_H2, b, c, d, a, w2_t, MD5C2f, MD5S23);
121 MD5_STEP (MD5_I , a, b, c, d, w0_t, MD5C30, MD5S30);
122 MD5_STEP (MD5_I , d, a, b, c, w7_t, MD5C31, MD5S31);
123 MD5_STEP (MD5_I , c, d, a, b, we_t, MD5C32, MD5S32);
124 MD5_STEP (MD5_I , b, c, d, a, w5_t, MD5C33, MD5S33);
125 MD5_STEP (MD5_I , a, b, c, d, wc_t, MD5C34, MD5S30);
126 MD5_STEP (MD5_I , d, a, b, c, w3_t, MD5C35, MD5S31);
127 MD5_STEP (MD5_I , c, d, a, b, wa_t, MD5C36, MD5S32);
128 MD5_STEP (MD5_I , b, c, d, a, w1_t, MD5C37, MD5S33);
129 MD5_STEP (MD5_I , a, b, c, d, w8_t, MD5C38, MD5S30);
130 MD5_STEP (MD5_I , d, a, b, c, wf_t, MD5C39, MD5S31);
131 MD5_STEP (MD5_I , c, d, a, b, w6_t, MD5C3a, MD5S32);
132 MD5_STEP (MD5_I , b, c, d, a, wd_t, MD5C3b, MD5S33);
133 MD5_STEP (MD5_I , a, b, c, d, w4_t, MD5C3c, MD5S30);
134 MD5_STEP (MD5_I , d, a, b, c, wb_t, MD5C3d, MD5S31);
135 MD5_STEP (MD5_I , c, d, a, b, w2_t, MD5C3e, MD5S32);
136 MD5_STEP (MD5_I , b, c, d, a, w9_t, MD5C3f, MD5S33);
144 static void hmac_md5_pad (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[4], u32x opad[4])
146 w0[0] = w0[0] ^ 0x36363636;
147 w0[1] = w0[1] ^ 0x36363636;
148 w0[2] = w0[2] ^ 0x36363636;
149 w0[3] = w0[3] ^ 0x36363636;
150 w1[0] = w1[0] ^ 0x36363636;
151 w1[1] = w1[1] ^ 0x36363636;
152 w1[2] = w1[2] ^ 0x36363636;
153 w1[3] = w1[3] ^ 0x36363636;
154 w2[0] = w2[0] ^ 0x36363636;
155 w2[1] = w2[1] ^ 0x36363636;
156 w2[2] = w2[2] ^ 0x36363636;
157 w2[3] = w2[3] ^ 0x36363636;
158 w3[0] = w3[0] ^ 0x36363636;
159 w3[1] = w3[1] ^ 0x36363636;
160 w3[2] = w3[2] ^ 0x36363636;
161 w3[3] = w3[3] ^ 0x36363636;
168 md5_transform (w0, w1, w2, w3, ipad);
170 w0[0] = w0[0] ^ 0x6a6a6a6a;
171 w0[1] = w0[1] ^ 0x6a6a6a6a;
172 w0[2] = w0[2] ^ 0x6a6a6a6a;
173 w0[3] = w0[3] ^ 0x6a6a6a6a;
174 w1[0] = w1[0] ^ 0x6a6a6a6a;
175 w1[1] = w1[1] ^ 0x6a6a6a6a;
176 w1[2] = w1[2] ^ 0x6a6a6a6a;
177 w1[3] = w1[3] ^ 0x6a6a6a6a;
178 w2[0] = w2[0] ^ 0x6a6a6a6a;
179 w2[1] = w2[1] ^ 0x6a6a6a6a;
180 w2[2] = w2[2] ^ 0x6a6a6a6a;
181 w2[3] = w2[3] ^ 0x6a6a6a6a;
182 w3[0] = w3[0] ^ 0x6a6a6a6a;
183 w3[1] = w3[1] ^ 0x6a6a6a6a;
184 w3[2] = w3[2] ^ 0x6a6a6a6a;
185 w3[3] = w3[3] ^ 0x6a6a6a6a;
192 md5_transform (w0, w1, w2, w3, opad);
195 static void hmac_md5_run (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[4], u32x opad[4], u32x digest[4])
202 md5_transform (w0, w1, w2, w3, digest);
218 w3[2] = (64 + 16) * 8;
226 md5_transform (w0, w1, w2, w3, digest);
229 static void sha1_transform (const u32x w0[4], const u32x w1[4], const u32x w2[4], const u32x w3[4], u32x digest[5])
257 SHA1_STEP (SHA1_F0o, A, B, C, D, E, w0_t);
258 SHA1_STEP (SHA1_F0o, E, A, B, C, D, w1_t);
259 SHA1_STEP (SHA1_F0o, D, E, A, B, C, w2_t);
260 SHA1_STEP (SHA1_F0o, C, D, E, A, B, w3_t);
261 SHA1_STEP (SHA1_F0o, B, C, D, E, A, w4_t);
262 SHA1_STEP (SHA1_F0o, A, B, C, D, E, w5_t);
263 SHA1_STEP (SHA1_F0o, E, A, B, C, D, w6_t);
264 SHA1_STEP (SHA1_F0o, D, E, A, B, C, w7_t);
265 SHA1_STEP (SHA1_F0o, C, D, E, A, B, w8_t);
266 SHA1_STEP (SHA1_F0o, B, C, D, E, A, w9_t);
267 SHA1_STEP (SHA1_F0o, A, B, C, D, E, wa_t);
268 SHA1_STEP (SHA1_F0o, E, A, B, C, D, wb_t);
269 SHA1_STEP (SHA1_F0o, D, E, A, B, C, wc_t);
270 SHA1_STEP (SHA1_F0o, C, D, E, A, B, wd_t);
271 SHA1_STEP (SHA1_F0o, B, C, D, E, A, we_t);
272 SHA1_STEP (SHA1_F0o, A, B, C, D, E, wf_t);
273 w0_t = rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F0o, E, A, B, C, D, w0_t);
274 w1_t = rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F0o, D, E, A, B, C, w1_t);
275 w2_t = rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F0o, C, D, E, A, B, w2_t);
276 w3_t = rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F0o, B, C, D, E, A, w3_t);
281 w4_t = rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, w4_t);
282 w5_t = rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, w5_t);
283 w6_t = rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, w6_t);
284 w7_t = rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, w7_t);
285 w8_t = rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, w8_t);
286 w9_t = rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, w9_t);
287 wa_t = rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, wa_t);
288 wb_t = rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, wb_t);
289 wc_t = rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, wc_t);
290 wd_t = rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, wd_t);
291 we_t = rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, we_t);
292 wf_t = rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, wf_t);
293 w0_t = rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, w0_t);
294 w1_t = rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, w1_t);
295 w2_t = rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, w2_t);
296 w3_t = rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, w3_t);
297 w4_t = rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, w4_t);
298 w5_t = rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, w5_t);
299 w6_t = rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, w6_t);
300 w7_t = rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, w7_t);
305 w8_t = rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, A, B, C, D, E, w8_t);
306 w9_t = rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, E, A, B, C, D, w9_t);
307 wa_t = rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, D, E, A, B, C, wa_t);
308 wb_t = rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, C, D, E, A, B, wb_t);
309 wc_t = rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F2o, B, C, D, E, A, wc_t);
310 wd_t = rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F2o, A, B, C, D, E, wd_t);
311 we_t = rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F2o, E, A, B, C, D, we_t);
312 wf_t = rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F2o, D, E, A, B, C, wf_t);
313 w0_t = rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F2o, C, D, E, A, B, w0_t);
314 w1_t = rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F2o, B, C, D, E, A, w1_t);
315 w2_t = rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F2o, A, B, C, D, E, w2_t);
316 w3_t = rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F2o, E, A, B, C, D, w3_t);
317 w4_t = rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F2o, D, E, A, B, C, w4_t);
318 w5_t = rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F2o, C, D, E, A, B, w5_t);
319 w6_t = rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F2o, B, C, D, E, A, w6_t);
320 w7_t = rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F2o, A, B, C, D, E, w7_t);
321 w8_t = rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F2o, E, A, B, C, D, w8_t);
322 w9_t = rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F2o, D, E, A, B, C, w9_t);
323 wa_t = rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F2o, C, D, E, A, B, wa_t);
324 wb_t = rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F2o, B, C, D, E, A, wb_t);
329 wc_t = rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, wc_t);
330 wd_t = rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, wd_t);
331 we_t = rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, we_t);
332 wf_t = rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, wf_t);
333 w0_t = rotl32 ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, w0_t);
334 w1_t = rotl32 ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, w1_t);
335 w2_t = rotl32 ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, w2_t);
336 w3_t = rotl32 ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, w3_t);
337 w4_t = rotl32 ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, w4_t);
338 w5_t = rotl32 ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, w5_t);
339 w6_t = rotl32 ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, w6_t);
340 w7_t = rotl32 ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, w7_t);
341 w8_t = rotl32 ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, w8_t);
342 w9_t = rotl32 ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, w9_t);
343 wa_t = rotl32 ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, wa_t);
344 wb_t = rotl32 ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP (SHA1_F1, A, B, C, D, E, wb_t);
345 wc_t = rotl32 ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP (SHA1_F1, E, A, B, C, D, wc_t);
346 wd_t = rotl32 ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP (SHA1_F1, D, E, A, B, C, wd_t);
347 we_t = rotl32 ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP (SHA1_F1, C, D, E, A, B, we_t);
348 wf_t = rotl32 ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP (SHA1_F1, B, C, D, E, A, wf_t);
357 static void hmac_sha1_pad (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[5], u32x opad[5])
359 w0[0] = w0[0] ^ 0x36363636;
360 w0[1] = w0[1] ^ 0x36363636;
361 w0[2] = w0[2] ^ 0x36363636;
362 w0[3] = w0[3] ^ 0x36363636;
363 w1[0] = w1[0] ^ 0x36363636;
364 w1[1] = w1[1] ^ 0x36363636;
365 w1[2] = w1[2] ^ 0x36363636;
366 w1[3] = w1[3] ^ 0x36363636;
367 w2[0] = w2[0] ^ 0x36363636;
368 w2[1] = w2[1] ^ 0x36363636;
369 w2[2] = w2[2] ^ 0x36363636;
370 w2[3] = w2[3] ^ 0x36363636;
371 w3[0] = w3[0] ^ 0x36363636;
372 w3[1] = w3[1] ^ 0x36363636;
373 w3[2] = w3[2] ^ 0x36363636;
374 w3[3] = w3[3] ^ 0x36363636;
382 sha1_transform (w0, w1, w2, w3, ipad);
384 w0[0] = w0[0] ^ 0x6a6a6a6a;
385 w0[1] = w0[1] ^ 0x6a6a6a6a;
386 w0[2] = w0[2] ^ 0x6a6a6a6a;
387 w0[3] = w0[3] ^ 0x6a6a6a6a;
388 w1[0] = w1[0] ^ 0x6a6a6a6a;
389 w1[1] = w1[1] ^ 0x6a6a6a6a;
390 w1[2] = w1[2] ^ 0x6a6a6a6a;
391 w1[3] = w1[3] ^ 0x6a6a6a6a;
392 w2[0] = w2[0] ^ 0x6a6a6a6a;
393 w2[1] = w2[1] ^ 0x6a6a6a6a;
394 w2[2] = w2[2] ^ 0x6a6a6a6a;
395 w2[3] = w2[3] ^ 0x6a6a6a6a;
396 w3[0] = w3[0] ^ 0x6a6a6a6a;
397 w3[1] = w3[1] ^ 0x6a6a6a6a;
398 w3[2] = w3[2] ^ 0x6a6a6a6a;
399 w3[3] = w3[3] ^ 0x6a6a6a6a;
407 sha1_transform (w0, w1, w2, w3, opad);
410 static void hmac_sha1_run (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[5], u32x opad[5], u32x digest[5])
418 sha1_transform (w0, w1, w2, w3, digest);
435 w3[3] = (64 + 20) * 8;
443 sha1_transform (w0, w1, w2, w3, digest);
446 __kernel void __attribute__((reqd_work_group_size (64, 1, 1))) m02500_init (__global pw_t *pws, __global gpu_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global wpa_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global wpa_t *wpa_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 rules_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
452 const u32 gid = get_global_id (0);
454 if (gid >= gid_max) return;
458 w0[0] = pws[gid].i[ 0];
459 w0[1] = pws[gid].i[ 1];
460 w0[2] = pws[gid].i[ 2];
461 w0[3] = pws[gid].i[ 3];
465 w1[0] = pws[gid].i[ 4];
466 w1[1] = pws[gid].i[ 5];
467 w1[2] = pws[gid].i[ 6];
468 w1[3] = pws[gid].i[ 7];
472 w2[0] = pws[gid].i[ 8];
473 w2[1] = pws[gid].i[ 9];
474 w2[2] = pws[gid].i[10];
475 w2[3] = pws[gid].i[11];
479 w3[0] = pws[gid].i[12];
480 w3[1] = pws[gid].i[13];
481 w3[2] = pws[gid].i[14];
482 w3[3] = pws[gid].i[15];
488 u32 salt_len = salt_bufs[salt_pos].salt_len;
493 salt_buf0[0] = salt_bufs[salt_pos].salt_buf[0];
494 salt_buf0[1] = salt_bufs[salt_pos].salt_buf[1];
495 salt_buf0[2] = salt_bufs[salt_pos].salt_buf[2];
496 salt_buf0[3] = salt_bufs[salt_pos].salt_buf[3];
497 salt_buf1[0] = salt_bufs[salt_pos].salt_buf[4];
498 salt_buf1[1] = salt_bufs[salt_pos].salt_buf[5];
499 salt_buf1[2] = salt_bufs[salt_pos].salt_buf[6];
500 salt_buf1[3] = salt_bufs[salt_pos].salt_buf[7];
506 w0[0] = swap_workaround (w0[0]);
507 w0[1] = swap_workaround (w0[1]);
508 w0[2] = swap_workaround (w0[2]);
509 w0[3] = swap_workaround (w0[3]);
510 w1[0] = swap_workaround (w1[0]);
511 w1[1] = swap_workaround (w1[1]);
512 w1[2] = swap_workaround (w1[2]);
513 w1[3] = swap_workaround (w1[3]);
514 w2[0] = swap_workaround (w2[0]);
515 w2[1] = swap_workaround (w2[1]);
516 w2[2] = swap_workaround (w2[2]);
517 w2[3] = swap_workaround (w2[3]);
518 w3[0] = swap_workaround (w3[0]);
519 w3[1] = swap_workaround (w3[1]);
520 w3[2] = swap_workaround (w3[2]);
521 w3[3] = swap_workaround (w3[3]);
526 hmac_sha1_pad (w0, w1, w2, w3, ipad, opad);
528 tmps[gid].ipad[0] = ipad[0];
529 tmps[gid].ipad[1] = ipad[1];
530 tmps[gid].ipad[2] = ipad[2];
531 tmps[gid].ipad[3] = ipad[3];
532 tmps[gid].ipad[4] = ipad[4];
534 tmps[gid].opad[0] = opad[0];
535 tmps[gid].opad[1] = opad[1];
536 tmps[gid].opad[2] = opad[2];
537 tmps[gid].opad[3] = opad[3];
538 tmps[gid].opad[4] = opad[4];
540 for (u32 i = 0, j = 1; i < 8; i += 5, j += 1)
542 w0[0] = salt_buf0[0];
543 w0[1] = salt_buf0[1];
544 w0[2] = salt_buf0[2];
545 w0[3] = salt_buf0[3];
546 w1[0] = salt_buf1[0];
547 w1[1] = salt_buf1[1];
548 w1[2] = salt_buf1[2];
549 w1[3] = salt_buf1[3];
560 append_0x01_3 (w0, w1, w2, salt_len + 3);
562 append_0x02_3 (w0, w1, w2, salt_len + 3);
564 append_0x80_3 (w0, w1, w2, salt_len + 4);
566 w0[0] = swap_workaround (w0[0]);
567 w0[1] = swap_workaround (w0[1]);
568 w0[2] = swap_workaround (w0[2]);
569 w0[3] = swap_workaround (w0[3]);
570 w1[0] = swap_workaround (w1[0]);
571 w1[1] = swap_workaround (w1[1]);
572 w1[2] = swap_workaround (w1[2]);
573 w1[3] = swap_workaround (w1[3]);
574 w2[0] = swap_workaround (w2[0]);
575 w2[1] = swap_workaround (w2[1]);
581 w3[3] = (64 + salt_len + 4) * 8;
585 hmac_sha1_run (w0, w1, w2, w3, ipad, opad, dgst);
587 tmps[gid].dgst[i + 0] = dgst[0];
588 tmps[gid].dgst[i + 1] = dgst[1];
589 tmps[gid].dgst[i + 2] = dgst[2];
590 tmps[gid].dgst[i + 3] = dgst[3];
591 tmps[gid].dgst[i + 4] = dgst[4];
593 tmps[gid].out[i + 0] = dgst[0];
594 tmps[gid].out[i + 1] = dgst[1];
595 tmps[gid].out[i + 2] = dgst[2];
596 tmps[gid].out[i + 3] = dgst[3];
597 tmps[gid].out[i + 4] = dgst[4];
601 __kernel void __attribute__((reqd_work_group_size (64, 1, 1))) m02500_loop (__global pw_t *pws, __global gpu_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global wpa_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global wpa_t *wpa_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 rules_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
603 const u32 gid = get_global_id (0);
605 if (gid >= gid_max) return;
610 ipad[0] = tmps[gid].ipad[0];
611 ipad[1] = tmps[gid].ipad[1];
612 ipad[2] = tmps[gid].ipad[2];
613 ipad[3] = tmps[gid].ipad[3];
614 ipad[4] = tmps[gid].ipad[4];
616 opad[0] = tmps[gid].opad[0];
617 opad[1] = tmps[gid].opad[1];
618 opad[2] = tmps[gid].opad[2];
619 opad[3] = tmps[gid].opad[3];
620 opad[4] = tmps[gid].opad[4];
622 for (u32 i = 0; i < 8; i += 5)
627 dgst[0] = tmps[gid].dgst[i + 0];
628 dgst[1] = tmps[gid].dgst[i + 1];
629 dgst[2] = tmps[gid].dgst[i + 2];
630 dgst[3] = tmps[gid].dgst[i + 3];
631 dgst[4] = tmps[gid].dgst[i + 4];
633 out[0] = tmps[gid].out[i + 0];
634 out[1] = tmps[gid].out[i + 1];
635 out[2] = tmps[gid].out[i + 2];
636 out[3] = tmps[gid].out[i + 3];
637 out[4] = tmps[gid].out[i + 4];
639 for (u32 j = 0; j < loop_cnt; j++)
661 w3[3] = (64 + 20) * 8;
663 hmac_sha1_run (w0, w1, w2, w3, ipad, opad, dgst);
672 tmps[gid].dgst[i + 0] = dgst[0];
673 tmps[gid].dgst[i + 1] = dgst[1];
674 tmps[gid].dgst[i + 2] = dgst[2];
675 tmps[gid].dgst[i + 3] = dgst[3];
676 tmps[gid].dgst[i + 4] = dgst[4];
678 tmps[gid].out[i + 0] = out[0];
679 tmps[gid].out[i + 1] = out[1];
680 tmps[gid].out[i + 2] = out[2];
681 tmps[gid].out[i + 3] = out[3];
682 tmps[gid].out[i + 4] = out[4];
686 __kernel void __attribute__((reqd_work_group_size (64, 1, 1))) m02500_comp (__global pw_t *pws, __global gpu_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global wpa_tmp_t *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global wpa_t *wpa_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 rules_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
688 const u32 gid = get_global_id (0);
690 if (gid >= gid_max) return;
692 const u32 lid = get_local_id (0);
699 w0[0] = tmps[gid].out[0];
700 w0[1] = tmps[gid].out[1];
701 w0[2] = tmps[gid].out[2];
702 w0[3] = tmps[gid].out[3];
703 w1[0] = tmps[gid].out[4];
704 w1[1] = tmps[gid].out[5];
705 w1[2] = tmps[gid].out[6];
706 w1[3] = tmps[gid].out[7];
719 hmac_sha1_pad (w0, w1, w2, w3, ipad, opad);
721 w0[0] = wpa_bufs[salt_pos].pke[ 0];
722 w0[1] = wpa_bufs[salt_pos].pke[ 1];
723 w0[2] = wpa_bufs[salt_pos].pke[ 2];
724 w0[3] = wpa_bufs[salt_pos].pke[ 3];
725 w1[0] = wpa_bufs[salt_pos].pke[ 4];
726 w1[1] = wpa_bufs[salt_pos].pke[ 5];
727 w1[2] = wpa_bufs[salt_pos].pke[ 6];
728 w1[3] = wpa_bufs[salt_pos].pke[ 7];
729 w2[0] = wpa_bufs[salt_pos].pke[ 8];
730 w2[1] = wpa_bufs[salt_pos].pke[ 9];
731 w2[2] = wpa_bufs[salt_pos].pke[10];
732 w2[3] = wpa_bufs[salt_pos].pke[11];
733 w3[0] = wpa_bufs[salt_pos].pke[12];
734 w3[1] = wpa_bufs[salt_pos].pke[13];
735 w3[2] = wpa_bufs[salt_pos].pke[14];
736 w3[3] = wpa_bufs[salt_pos].pke[15];
738 sha1_transform (w0, w1, w2, w3, ipad);
740 w0[0] = wpa_bufs[salt_pos].pke[16];
741 w0[1] = wpa_bufs[salt_pos].pke[17];
742 w0[2] = wpa_bufs[salt_pos].pke[18];
743 w0[3] = wpa_bufs[salt_pos].pke[19];
744 w1[0] = wpa_bufs[salt_pos].pke[20];
745 w1[1] = wpa_bufs[salt_pos].pke[21];
746 w1[2] = wpa_bufs[salt_pos].pke[22];
747 w1[3] = wpa_bufs[salt_pos].pke[23];
748 w2[0] = wpa_bufs[salt_pos].pke[24];
755 w3[3] = (64 + 100) * 8;
759 hmac_sha1_run (w0, w1, w2, w3, ipad, opad, digest);
762 w0[0] = swap_workaround (digest[0]);
763 w0[1] = swap_workaround (digest[1]);
764 w0[2] = swap_workaround (digest[2]);
765 w0[3] = swap_workaround (digest[3]);
779 hmac_md5_pad (w0, w1, w2, w3, ipad, opad);
781 int eapol_size = wpa_bufs[salt_pos].eapol_size;
786 for (eapol_left = eapol_size, eapol_off = 0; eapol_left >= 56; eapol_left -= 64, eapol_off += 16)
788 w0[0] = wpa_bufs[salt_pos].eapol[eapol_off + 0];
789 w0[1] = wpa_bufs[salt_pos].eapol[eapol_off + 1];
790 w0[2] = wpa_bufs[salt_pos].eapol[eapol_off + 2];
791 w0[3] = wpa_bufs[salt_pos].eapol[eapol_off + 3];
792 w1[0] = wpa_bufs[salt_pos].eapol[eapol_off + 4];
793 w1[1] = wpa_bufs[salt_pos].eapol[eapol_off + 5];
794 w1[2] = wpa_bufs[salt_pos].eapol[eapol_off + 6];
795 w1[3] = wpa_bufs[salt_pos].eapol[eapol_off + 7];
796 w2[0] = wpa_bufs[salt_pos].eapol[eapol_off + 8];
797 w2[1] = wpa_bufs[salt_pos].eapol[eapol_off + 9];
798 w2[2] = wpa_bufs[salt_pos].eapol[eapol_off + 10];
799 w2[3] = wpa_bufs[salt_pos].eapol[eapol_off + 11];
800 w3[0] = wpa_bufs[salt_pos].eapol[eapol_off + 12];
801 w3[1] = wpa_bufs[salt_pos].eapol[eapol_off + 13];
802 w3[2] = wpa_bufs[salt_pos].eapol[eapol_off + 14];
803 w3[3] = wpa_bufs[salt_pos].eapol[eapol_off + 15];
805 md5_transform (w0, w1, w2, w3, ipad);
808 w0[0] = wpa_bufs[salt_pos].eapol[eapol_off + 0];
809 w0[1] = wpa_bufs[salt_pos].eapol[eapol_off + 1];
810 w0[2] = wpa_bufs[salt_pos].eapol[eapol_off + 2];
811 w0[3] = wpa_bufs[salt_pos].eapol[eapol_off + 3];
812 w1[0] = wpa_bufs[salt_pos].eapol[eapol_off + 4];
813 w1[1] = wpa_bufs[salt_pos].eapol[eapol_off + 5];
814 w1[2] = wpa_bufs[salt_pos].eapol[eapol_off + 6];
815 w1[3] = wpa_bufs[salt_pos].eapol[eapol_off + 7];
816 w2[0] = wpa_bufs[salt_pos].eapol[eapol_off + 8];
817 w2[1] = wpa_bufs[salt_pos].eapol[eapol_off + 9];
818 w2[2] = wpa_bufs[salt_pos].eapol[eapol_off + 10];
819 w2[3] = wpa_bufs[salt_pos].eapol[eapol_off + 11];
820 w3[0] = wpa_bufs[salt_pos].eapol[eapol_off + 12];
821 w3[1] = wpa_bufs[salt_pos].eapol[eapol_off + 13];
822 w3[2] = (64 + eapol_size) * 8;
827 hmac_md5_run (w0, w1, w2, w3, ipad, opad, digest1);
835 const u32x r0 = digest1[DGST_R0];
836 const u32x r1 = digest1[DGST_R1];
837 const u32x r2 = digest1[DGST_R2];
838 const u32x r3 = digest1[DGST_R3];
840 #include VECT_COMPARE_M
861 hmac_sha1_pad (w0, w1, w2, w3, ipad, opad);
863 int eapol_size = wpa_bufs[salt_pos].eapol_size;
868 for (eapol_left = eapol_size, eapol_off = 0; eapol_left >= 56; eapol_left -= 64, eapol_off += 16)
870 w0[0] = wpa_bufs[salt_pos].eapol[eapol_off + 0];
871 w0[1] = wpa_bufs[salt_pos].eapol[eapol_off + 1];
872 w0[2] = wpa_bufs[salt_pos].eapol[eapol_off + 2];
873 w0[3] = wpa_bufs[salt_pos].eapol[eapol_off + 3];
874 w1[0] = wpa_bufs[salt_pos].eapol[eapol_off + 4];
875 w1[1] = wpa_bufs[salt_pos].eapol[eapol_off + 5];
876 w1[2] = wpa_bufs[salt_pos].eapol[eapol_off + 6];
877 w1[3] = wpa_bufs[salt_pos].eapol[eapol_off + 7];
878 w2[0] = wpa_bufs[salt_pos].eapol[eapol_off + 8];
879 w2[1] = wpa_bufs[salt_pos].eapol[eapol_off + 9];
880 w2[2] = wpa_bufs[salt_pos].eapol[eapol_off + 10];
881 w2[3] = wpa_bufs[salt_pos].eapol[eapol_off + 11];
882 w3[0] = wpa_bufs[salt_pos].eapol[eapol_off + 12];
883 w3[1] = wpa_bufs[salt_pos].eapol[eapol_off + 13];
884 w3[2] = wpa_bufs[salt_pos].eapol[eapol_off + 14];
885 w3[3] = wpa_bufs[salt_pos].eapol[eapol_off + 15];
887 sha1_transform (w0, w1, w2, w3, ipad);
890 w0[0] = wpa_bufs[salt_pos].eapol[eapol_off + 0];
891 w0[1] = wpa_bufs[salt_pos].eapol[eapol_off + 1];
892 w0[2] = wpa_bufs[salt_pos].eapol[eapol_off + 2];
893 w0[3] = wpa_bufs[salt_pos].eapol[eapol_off + 3];
894 w1[0] = wpa_bufs[salt_pos].eapol[eapol_off + 4];
895 w1[1] = wpa_bufs[salt_pos].eapol[eapol_off + 5];
896 w1[2] = wpa_bufs[salt_pos].eapol[eapol_off + 6];
897 w1[3] = wpa_bufs[salt_pos].eapol[eapol_off + 7];
898 w2[0] = wpa_bufs[salt_pos].eapol[eapol_off + 8];
899 w2[1] = wpa_bufs[salt_pos].eapol[eapol_off + 9];
900 w2[2] = wpa_bufs[salt_pos].eapol[eapol_off + 10];
901 w2[3] = wpa_bufs[salt_pos].eapol[eapol_off + 11];
902 w3[0] = wpa_bufs[salt_pos].eapol[eapol_off + 12];
903 w3[1] = wpa_bufs[salt_pos].eapol[eapol_off + 13];
905 w3[3] = (64 + eapol_size) * 8;
909 hmac_sha1_run (w0, w1, w2, w3, ipad, opad, digest2);
917 const u32x r0 = digest2[DGST_R0];
918 const u32x r1 = digest2[DGST_R1];
919 const u32x r2 = digest2[DGST_R2];
920 const u32x r3 = digest2[DGST_R3];
922 #include VECT_COMPARE_M