From cccdb62b0aa36bf72f07712826009071f3a72e75 Mon Sep 17 00:00:00 2001 From: David Llewellyn-Jones Date: Tue, 9 Aug 2016 23:05:13 +0100 Subject: [PATCH] Changes to hashcat --- OpenCL/m00060_a0.cl | 491 ++++++++++++++++++++++++++++++++++++++++ OpenCL/mangle.cl | 537 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 1028 insertions(+) create mode 100644 OpenCL/m00060_a0.cl create mode 100644 OpenCL/mangle.cl diff --git a/OpenCL/m00060_a0.cl b/OpenCL/m00060_a0.cl new file mode 100644 index 0000000..ff47ed1 --- /dev/null +++ b/OpenCL/m00060_a0.cl @@ -0,0 +1,491 @@ +/** + * Author......: Jens Steube + * License.....: MIT + */ + +#define _MD5_ + +#define NEW_SIMD_CODE + +#include "inc_vendor.cl" +#include "inc_hash_constants.h" +#include "inc_hash_functions.cl" +#include "inc_types.cl" +#include "inc_common.cl" +#include "inc_rp.h" +#include "inc_rp.cl" +#include "inc_simd.cl" +#include "mangle.cl" + +void md5_transform (const u32x w0[4], const u32x w1[4], const u32x w2[4], const u32x w3[4], u32x digest[4]) +{ + u32x a = digest[0]; + u32x b = digest[1]; + u32x c = digest[2]; + u32x d = digest[3]; + + u32x w0_t = w0[0]; + u32x w1_t = w0[1]; + u32x w2_t = w0[2]; + u32x w3_t = w0[3]; + u32x w4_t = w1[0]; + u32x w5_t = w1[1]; + u32x w6_t = w1[2]; + u32x w7_t = w1[3]; + u32x w8_t = w2[0]; + u32x w9_t = w2[1]; + u32x wa_t = w2[2]; + u32x wb_t = w2[3]; + u32x wc_t = w3[0]; + u32x wd_t = w3[1]; + u32x we_t = w3[2]; + u32x wf_t = w3[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, w0_t, MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1_t, MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2_t, MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3_t, MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w4_t, MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w5_t, MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w6_t, MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w7_t, MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w8_t, MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w9_t, MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, wa_t, MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, wb_t, MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, wc_t, MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, wd_t, MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, we_t, MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, wf_t, MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w1_t, MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w6_t, MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, wb_t, MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0_t, MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w5_t, MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, wa_t, MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, wf_t, MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w4_t, MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w9_t, MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, we_t, MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3_t, MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w8_t, MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, wd_t, MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2_t, MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w7_t, MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, wc_t, MD5C1f, MD5S13); + + MD5_STEP (MD5_H , a, b, c, d, w5_t, MD5C20, MD5S20); + MD5_STEP (MD5_H , d, a, b, c, w8_t, MD5C21, MD5S21); + MD5_STEP (MD5_H , c, d, a, b, wb_t, MD5C22, MD5S22); + MD5_STEP (MD5_H , b, c, d, a, we_t, MD5C23, MD5S23); + MD5_STEP (MD5_H , a, b, c, d, w1_t, MD5C24, MD5S20); + MD5_STEP (MD5_H , d, a, b, c, w4_t, MD5C25, MD5S21); + MD5_STEP (MD5_H , c, d, a, b, w7_t, MD5C26, MD5S22); + MD5_STEP (MD5_H , b, c, d, a, wa_t, MD5C27, MD5S23); + MD5_STEP (MD5_H , a, b, c, d, wd_t, MD5C28, MD5S20); + MD5_STEP (MD5_H , d, a, b, c, w0_t, MD5C29, MD5S21); + MD5_STEP (MD5_H , c, d, a, b, w3_t, MD5C2a, MD5S22); + MD5_STEP (MD5_H , b, c, d, a, w6_t, MD5C2b, MD5S23); + MD5_STEP (MD5_H , a, b, c, d, w9_t, MD5C2c, MD5S20); + MD5_STEP (MD5_H , d, a, b, c, wc_t, MD5C2d, MD5S21); + MD5_STEP (MD5_H , c, d, a, b, wf_t, MD5C2e, MD5S22); + MD5_STEP (MD5_H , b, c, d, a, w2_t, MD5C2f, MD5S23); + + MD5_STEP (MD5_I , a, b, c, d, w0_t, MD5C30, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w7_t, MD5C31, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, we_t, MD5C32, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w5_t, MD5C33, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, wc_t, MD5C34, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, w3_t, MD5C35, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, wa_t, MD5C36, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w1_t, MD5C37, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w8_t, MD5C38, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, wf_t, MD5C39, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w6_t, MD5C3a, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, wd_t, MD5C3b, MD5S33); + MD5_STEP (MD5_I , a, b, c, d, w4_t, MD5C3c, MD5S30); + MD5_STEP (MD5_I , d, a, b, c, wb_t, MD5C3d, MD5S31); + MD5_STEP (MD5_I , c, d, a, b, w2_t, MD5C3e, MD5S32); + MD5_STEP (MD5_I , b, c, d, a, w9_t, MD5C3f, MD5S33); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; +} + +void hmac_md5_pad (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[4], u32x opad[4]) +{ + w0[0] = w0[0] ^ 0x36363636; + w0[1] = w0[1] ^ 0x36363636; + w0[2] = w0[2] ^ 0x36363636; + w0[3] = w0[3] ^ 0x36363636; + w1[0] = w1[0] ^ 0x36363636; + w1[1] = w1[1] ^ 0x36363636; + w1[2] = w1[2] ^ 0x36363636; + w1[3] = w1[3] ^ 0x36363636; + w2[0] = w2[0] ^ 0x36363636; + w2[1] = w2[1] ^ 0x36363636; + w2[2] = w2[2] ^ 0x36363636; + w2[3] = w2[3] ^ 0x36363636; + w3[0] = w3[0] ^ 0x36363636; + w3[1] = w3[1] ^ 0x36363636; + w3[2] = w3[2] ^ 0x36363636; + w3[3] = w3[3] ^ 0x36363636; + + ipad[0] = MD5M_A; + ipad[1] = MD5M_B; + ipad[2] = MD5M_C; + ipad[3] = MD5M_D; + + md5_transform (w0, w1, w2, w3, ipad); + + w0[0] = w0[0] ^ 0x6a6a6a6a; + w0[1] = w0[1] ^ 0x6a6a6a6a; + w0[2] = w0[2] ^ 0x6a6a6a6a; + w0[3] = w0[3] ^ 0x6a6a6a6a; + w1[0] = w1[0] ^ 0x6a6a6a6a; + w1[1] = w1[1] ^ 0x6a6a6a6a; + w1[2] = w1[2] ^ 0x6a6a6a6a; + w1[3] = w1[3] ^ 0x6a6a6a6a; + w2[0] = w2[0] ^ 0x6a6a6a6a; + w2[1] = w2[1] ^ 0x6a6a6a6a; + w2[2] = w2[2] ^ 0x6a6a6a6a; + w2[3] = w2[3] ^ 0x6a6a6a6a; + w3[0] = w3[0] ^ 0x6a6a6a6a; + w3[1] = w3[1] ^ 0x6a6a6a6a; + w3[2] = w3[2] ^ 0x6a6a6a6a; + w3[3] = w3[3] ^ 0x6a6a6a6a; + + opad[0] = MD5M_A; + opad[1] = MD5M_B; + opad[2] = MD5M_C; + opad[3] = MD5M_D; + + md5_transform (w0, w1, w2, w3, opad); +} + +void hmac_md5_run (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[4], u32x opad[4], u32x digest[4]) +{ + digest[0] = ipad[0]; + digest[1] = ipad[1]; + digest[2] = ipad[2]; + digest[3] = ipad[3]; + + md5_transform (w0, w1, w2, w3, digest); + + w0[0] = digest[0]; + w0[1] = digest[1]; + w0[2] = digest[2]; + w0[3] = digest[3]; + w1[0] = 0x80; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = (64 + 16) * 8; + w3[3] = 0; + + digest[0] = opad[0]; + digest[1] = opad[1]; + digest[2] = opad[2]; + digest[3] = opad[3]; + + md5_transform (w0, w1, w2, w3, digest); +} + +__kernel void m00060_m04 (__global pw_t *pws, __global kernel_rule_t * rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max) +{ + /** + * modifier + */ + + const u32 lid = get_local_id (0); + + /** + * base + */ + + const u32 gid = get_global_id (0); + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len; + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = salt_bufs[salt_pos].salt_buf[ 0]; + salt_buf0[1] = salt_bufs[salt_pos].salt_buf[ 1]; + salt_buf0[2] = salt_bufs[salt_pos].salt_buf[ 2]; + salt_buf0[3] = salt_bufs[salt_pos].salt_buf[ 3]; + salt_buf1[0] = salt_bufs[salt_pos].salt_buf[ 4]; + salt_buf1[1] = salt_bufs[salt_pos].salt_buf[ 5]; + salt_buf1[2] = salt_bufs[salt_pos].salt_buf[ 6]; + salt_buf1[3] = salt_bufs[salt_pos].salt_buf[ 7]; + salt_buf2[0] = salt_bufs[salt_pos].salt_buf[ 8]; + salt_buf2[1] = salt_bufs[salt_pos].salt_buf[ 9]; + salt_buf2[2] = salt_bufs[salt_pos].salt_buf[10]; + salt_buf2[3] = salt_bufs[salt_pos].salt_buf[11]; + salt_buf3[0] = salt_bufs[salt_pos].salt_buf[12]; + salt_buf3[1] = salt_bufs[salt_pos].salt_buf[13]; + salt_buf3[2] = salt_bufs[salt_pos].salt_buf[14]; + salt_buf3[3] = salt_bufs[salt_pos].salt_buf[15]; + + const u32 salt_len = salt_bufs[salt_pos].salt_len; + + /** + * pads + */ + + u32x w0_t[4]; + u32x w1_t[4]; + u32x w2_t[4]; + u32x w3_t[4]; + + w0_t[0] = salt_buf0[0]; + w0_t[1] = salt_buf0[1]; + w0_t[2] = salt_buf0[2]; + w0_t[3] = salt_buf0[3]; + w1_t[0] = salt_buf1[0]; + w1_t[1] = salt_buf1[1]; + w1_t[2] = salt_buf1[2]; + w1_t[3] = salt_buf1[3]; + w2_t[0] = salt_buf2[0]; + w2_t[1] = salt_buf2[1]; + w2_t[2] = salt_buf2[2]; + w2_t[3] = salt_buf2[3]; + w3_t[0] = salt_buf3[0]; + w3_t[1] = salt_buf3[1]; + w3_t[2] = salt_buf3[2]; + w3_t[3] = salt_buf3[3]; + + u32x ipad[4]; + u32x opad[4]; + + hmac_md5_pad (w0_t, w1_t, w2_t, w3_t, ipad, opad); + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + u32x out_len = apply_rules_vect (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + out_len = mangle(w0, w1, out_len); + + append_0x80_2x4_VV (w0, w1, out_len); + + w0_t[0] = w0[0]; + w0_t[1] = w0[1]; + w0_t[2] = w0[2]; + w0_t[3] = w0[3]; + w1_t[0] = w1[0]; + w1_t[1] = w1[1]; + w1_t[2] = w1[2]; + w1_t[3] = w1[3]; + w2_t[0] = 0; + w2_t[1] = 0; + w2_t[2] = 0; + w2_t[3] = 0; + w3_t[0] = 0; + w3_t[1] = 0; + w3_t[2] = (64 + out_len) * 8; + w3_t[3] = 0; + + u32x digest[4]; + + hmac_md5_run (w0_t, w1_t, w2_t, w3_t, ipad, opad, digest); + + COMPARE_M_SIMD (digest[0], digest[3], digest[2], digest[1]); + } +} + +__kernel void m00060_m08 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max) +{ +} + +__kernel void m00060_m16 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max) +{ +} + +__kernel void m00060_s04 (__global pw_t *pws, __global kernel_rule_t * rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max) +{ + /** + * modifier + */ + + const u32 lid = get_local_id (0); + + /** + * base + */ + + const u32 gid = get_global_id (0); + + if (gid >= gid_max) return; + + u32 pw_buf0[4]; + u32 pw_buf1[4]; + + pw_buf0[0] = pws[gid].i[0]; + pw_buf0[1] = pws[gid].i[1]; + pw_buf0[2] = pws[gid].i[2]; + pw_buf0[3] = pws[gid].i[3]; + pw_buf1[0] = pws[gid].i[4]; + pw_buf1[1] = pws[gid].i[5]; + pw_buf1[2] = pws[gid].i[6]; + pw_buf1[3] = pws[gid].i[7]; + + const u32 pw_len = pws[gid].pw_len; + + /** + * salt + */ + + u32 salt_buf0[4]; + u32 salt_buf1[4]; + u32 salt_buf2[4]; + u32 salt_buf3[4]; + + salt_buf0[0] = salt_bufs[salt_pos].salt_buf[ 0]; + salt_buf0[1] = salt_bufs[salt_pos].salt_buf[ 1]; + salt_buf0[2] = salt_bufs[salt_pos].salt_buf[ 2]; + salt_buf0[3] = salt_bufs[salt_pos].salt_buf[ 3]; + salt_buf1[0] = salt_bufs[salt_pos].salt_buf[ 4]; + salt_buf1[1] = salt_bufs[salt_pos].salt_buf[ 5]; + salt_buf1[2] = salt_bufs[salt_pos].salt_buf[ 6]; + salt_buf1[3] = salt_bufs[salt_pos].salt_buf[ 7]; + salt_buf2[0] = salt_bufs[salt_pos].salt_buf[ 8]; + salt_buf2[1] = salt_bufs[salt_pos].salt_buf[ 9]; + salt_buf2[2] = salt_bufs[salt_pos].salt_buf[10]; + salt_buf2[3] = salt_bufs[salt_pos].salt_buf[11]; + salt_buf3[0] = salt_bufs[salt_pos].salt_buf[12]; + salt_buf3[1] = salt_bufs[salt_pos].salt_buf[13]; + salt_buf3[2] = salt_bufs[salt_pos].salt_buf[14]; + salt_buf3[3] = salt_bufs[salt_pos].salt_buf[15]; + + const u32 salt_len = salt_bufs[salt_pos].salt_len; + + /** + * pads + */ + + u32x w0_t[4]; + u32x w1_t[4]; + u32x w2_t[4]; + u32x w3_t[4]; + + w0_t[0] = salt_buf0[0]; + w0_t[1] = salt_buf0[1]; + w0_t[2] = salt_buf0[2]; + w0_t[3] = salt_buf0[3]; + w1_t[0] = salt_buf1[0]; + w1_t[1] = salt_buf1[1]; + w1_t[2] = salt_buf1[2]; + w1_t[3] = salt_buf1[3]; + w2_t[0] = salt_buf2[0]; + w2_t[1] = salt_buf2[1]; + w2_t[2] = salt_buf2[2]; + w2_t[3] = salt_buf2[3]; + w3_t[0] = salt_buf3[0]; + w3_t[1] = salt_buf3[1]; + w3_t[2] = salt_buf3[2]; + w3_t[3] = salt_buf3[3]; + + u32x ipad[4]; + u32x opad[4]; + + hmac_md5_pad (w0_t, w1_t, w2_t, w3_t, ipad, opad); + + /** + * digest + */ + + const u32 search[4] = + { + digests_buf[digests_offset].digest_buf[DGST_R0], + digests_buf[digests_offset].digest_buf[DGST_R1], + digests_buf[digests_offset].digest_buf[DGST_R2], + digests_buf[digests_offset].digest_buf[DGST_R3] + }; + + /** + * loop + */ + + for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE) + { + u32x w0[4] = { 0 }; + u32x w1[4] = { 0 }; + u32x w2[4] = { 0 }; + u32x w3[4] = { 0 }; + + u32x out_len = apply_rules_vect (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1); + + out_len = mangle(w0, w1, out_len); + + append_0x80_2x4_VV (w0, w1, out_len); + + w0_t[0] = w0[0]; + w0_t[1] = w0[1]; + w0_t[2] = w0[2]; + w0_t[3] = w0[3]; + w1_t[0] = w1[0]; + w1_t[1] = w1[1]; + w1_t[2] = w1[2]; + w1_t[3] = w1[3]; + w2_t[0] = 0; + w2_t[1] = 0; + w2_t[2] = 0; + w2_t[3] = 0; + w3_t[0] = 0; + w3_t[1] = 0; + w3_t[2] = (64 + out_len) * 8; + w3_t[3] = 0; + + u32x digest[4]; + + hmac_md5_run (w0_t, w1_t, w2_t, w3_t, ipad, opad, digest); + + COMPARE_S_SIMD (digest[0], digest[3], digest[2], digest[1]); + } +} + +__kernel void m00060_s08 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max) +{ +} + +__kernel void m00060_s16 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max) +{ +} diff --git a/OpenCL/mangle.cl b/OpenCL/mangle.cl new file mode 100644 index 0000000..f672e69 --- /dev/null +++ b/OpenCL/mangle.cl @@ -0,0 +1,537 @@ +// Domain to use for mangling +__constant u8 domain[] = "flypig.co.uk"; +__constant u32x domain_len = 12; + +// Characters used for base64 encoding +__constant char b64_table[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + +// Perform an MD5 transform step +// Should be called through hmac_md5_pad_mangle and hmac_md5_run_mangle +void md5_transform_mangle (const u32x w0[4], const u32x w1[4], const u32x w2[4], const u32x w3[4], u32x digest[4]) +{ + u32x a = digest[0]; + u32x b = digest[1]; + u32x c = digest[2]; + u32x d = digest[3]; + + u32x w0_t = w0[0]; + u32x w1_t = w0[1]; + u32x w2_t = w0[2]; + u32x w3_t = w0[3]; + u32x w4_t = w1[0]; + u32x w5_t = w1[1]; + u32x w6_t = w1[2]; + u32x w7_t = w1[3]; + u32x w8_t = w2[0]; + u32x w9_t = w2[1]; + u32x wa_t = w2[2]; + u32x wb_t = w2[3]; + u32x wc_t = w3[0]; + u32x wd_t = w3[1]; + u32x we_t = w3[2]; + u32x wf_t = w3[3]; + + MD5_STEP (MD5_Fo, a, b, c, d, w0_t, MD5C00, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w1_t, MD5C01, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w2_t, MD5C02, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w3_t, MD5C03, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w4_t, MD5C04, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w5_t, MD5C05, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, w6_t, MD5C06, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, w7_t, MD5C07, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, w8_t, MD5C08, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, w9_t, MD5C09, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, wa_t, MD5C0a, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, wb_t, MD5C0b, MD5S03); + MD5_STEP (MD5_Fo, a, b, c, d, wc_t, MD5C0c, MD5S00); + MD5_STEP (MD5_Fo, d, a, b, c, wd_t, MD5C0d, MD5S01); + MD5_STEP (MD5_Fo, c, d, a, b, we_t, MD5C0e, MD5S02); + MD5_STEP (MD5_Fo, b, c, d, a, wf_t, MD5C0f, MD5S03); + + MD5_STEP (MD5_Go, a, b, c, d, w1_t, MD5C10, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w6_t, MD5C11, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, wb_t, MD5C12, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w0_t, MD5C13, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w5_t, MD5C14, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, wa_t, MD5C15, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, wf_t, MD5C16, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w4_t, MD5C17, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, w9_t, MD5C18, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, we_t, MD5C19, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w3_t, MD5C1a, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, w8_t, MD5C1b, MD5S13); + MD5_STEP (MD5_Go, a, b, c, d, wd_t, MD5C1c, MD5S10); + MD5_STEP (MD5_Go, d, a, b, c, w2_t, MD5C1d, MD5S11); + MD5_STEP (MD5_Go, c, d, a, b, w7_t, MD5C1e, MD5S12); + MD5_STEP (MD5_Go, b, c, d, a, wc_t, MD5C1f, MD5S13); + + MD5_STEP (MD5_H, a, b, c, d, w5_t, MD5C20, MD5S20); + MD5_STEP (MD5_H, d, a, b, c, w8_t, MD5C21, MD5S21); + MD5_STEP (MD5_H, c, d, a, b, wb_t, MD5C22, MD5S22); + MD5_STEP (MD5_H, b, c, d, a, we_t, MD5C23, MD5S23); + MD5_STEP (MD5_H, a, b, c, d, w1_t, MD5C24, MD5S20); + MD5_STEP (MD5_H, d, a, b, c, w4_t, MD5C25, MD5S21); + MD5_STEP (MD5_H, c, d, a, b, w7_t, MD5C26, MD5S22); + MD5_STEP (MD5_H, b, c, d, a, wa_t, MD5C27, MD5S23); + MD5_STEP (MD5_H, a, b, c, d, wd_t, MD5C28, MD5S20); + MD5_STEP (MD5_H, d, a, b, c, w0_t, MD5C29, MD5S21); + MD5_STEP (MD5_H, c, d, a, b, w3_t, MD5C2a, MD5S22); + MD5_STEP (MD5_H, b, c, d, a, w6_t, MD5C2b, MD5S23); + MD5_STEP (MD5_H, a, b, c, d, w9_t, MD5C2c, MD5S20); + MD5_STEP (MD5_H, d, a, b, c, wc_t, MD5C2d, MD5S21); + MD5_STEP (MD5_H, c, d, a, b, wf_t, MD5C2e, MD5S22); + MD5_STEP (MD5_H, b, c, d, a, w2_t, MD5C2f, MD5S23); + + MD5_STEP (MD5_I, a, b, c, d, w0_t, MD5C30, MD5S30); + MD5_STEP (MD5_I, d, a, b, c, w7_t, MD5C31, MD5S31); + MD5_STEP (MD5_I, c, d, a, b, we_t, MD5C32, MD5S32); + MD5_STEP (MD5_I, b, c, d, a, w5_t, MD5C33, MD5S33); + MD5_STEP (MD5_I, a, b, c, d, wc_t, MD5C34, MD5S30); + MD5_STEP (MD5_I, d, a, b, c, w3_t, MD5C35, MD5S31); + MD5_STEP (MD5_I, c, d, a, b, wa_t, MD5C36, MD5S32); + MD5_STEP (MD5_I, b, c, d, a, w1_t, MD5C37, MD5S33); + MD5_STEP (MD5_I, a, b, c, d, w8_t, MD5C38, MD5S30); + MD5_STEP (MD5_I, d, a, b, c, wf_t, MD5C39, MD5S31); + MD5_STEP (MD5_I, c, d, a, b, w6_t, MD5C3a, MD5S32); + MD5_STEP (MD5_I, b, c, d, a, wd_t, MD5C3b, MD5S33); + MD5_STEP (MD5_I, a, b, c, d, w4_t, MD5C3c, MD5S30); + MD5_STEP (MD5_I, d, a, b, c, wb_t, MD5C3d, MD5S31); + MD5_STEP (MD5_I, c, d, a, b, w2_t, MD5C3e, MD5S32); + MD5_STEP (MD5_I, b, c, d, a, w9_t, MD5C3f, MD5S33); + + digest[0] += a; + digest[1] += b; + digest[2] += c; + digest[3] += d; +} + +// Set up the HMAC-MD5 process +// The ipad and opad arrays can be retained to run multiple HMAC-MD5 processes +// without having to recalculate +// w0, w1, w2, w3 - contain up to 64 bytes of the HMAC key +// ipad, opad - contain the returned data to pass into the next call +void hmac_md5_pad_mangle (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[4], u32x opad[4]) +{ + w0[0] = w0[0] ^ 0x36363636; + w0[1] = w0[1] ^ 0x36363636; + w0[2] = w0[2] ^ 0x36363636; + w0[3] = w0[3] ^ 0x36363636; + w1[0] = w1[0] ^ 0x36363636; + w1[1] = w1[1] ^ 0x36363636; + w1[2] = w1[2] ^ 0x36363636; + w1[3] = w1[3] ^ 0x36363636; + w2[0] = w2[0] ^ 0x36363636; + w2[1] = w2[1] ^ 0x36363636; + w2[2] = w2[2] ^ 0x36363636; + w2[3] = w2[3] ^ 0x36363636; + w3[0] = w3[0] ^ 0x36363636; + w3[1] = w3[1] ^ 0x36363636; + w3[2] = w3[2] ^ 0x36363636; + w3[3] = w3[3] ^ 0x36363636; + + ipad[0] = MD5M_A; + ipad[1] = MD5M_B; + ipad[2] = MD5M_C; + ipad[3] = MD5M_D; + + md5_transform_mangle (w0, w1, w2, w3, ipad); + + w0[0] = w0[0] ^ 0x6a6a6a6a; + w0[1] = w0[1] ^ 0x6a6a6a6a; + w0[2] = w0[2] ^ 0x6a6a6a6a; + w0[3] = w0[3] ^ 0x6a6a6a6a; + w1[0] = w1[0] ^ 0x6a6a6a6a; + w1[1] = w1[1] ^ 0x6a6a6a6a; + w1[2] = w1[2] ^ 0x6a6a6a6a; + w1[3] = w1[3] ^ 0x6a6a6a6a; + w2[0] = w2[0] ^ 0x6a6a6a6a; + w2[1] = w2[1] ^ 0x6a6a6a6a; + w2[2] = w2[2] ^ 0x6a6a6a6a; + w2[3] = w2[3] ^ 0x6a6a6a6a; + w3[0] = w3[0] ^ 0x6a6a6a6a; + w3[1] = w3[1] ^ 0x6a6a6a6a; + w3[2] = w3[2] ^ 0x6a6a6a6a; + w3[3] = w3[3] ^ 0x6a6a6a6a; + + opad[0] = MD5M_A; + opad[1] = MD5M_B; + opad[2] = MD5M_C; + opad[3] = MD5M_D; + + md5_transform_mangle (w0, w1, w2, w3, opad); +} + +// Continue the HMAC-MD5 process +// It's up to the caller to add the final length and padding terminators +// hmac_md5_pad_mangle call, which can be used across multiple HMACs +// w0, w1, w2, w3 - contain up to 64 bytes of data to HMAC +// ipad, opad - should contain the output from the +// digest - the 16-byte result of the HMAC +void hmac_md5_run_mangle (u32x w0[4], u32x w1[4], u32x w2[4], u32x w3[4], u32x ipad[4], u32x opad[4], u32x digest[4]) +{ + digest[0] = ipad[0]; + digest[1] = ipad[1]; + digest[2] = ipad[2]; + digest[3] = ipad[3]; + + md5_transform_mangle (w0, w1, w2, w3, digest); + + w0[0] = digest[0]; + w0[1] = digest[1]; + w0[2] = digest[2]; + w0[3] = digest[3]; + w1[0] = 0x80; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = (64 + 16) * 8; + w3[3] = 0; + + digest[0] = opad[0]; + digest[1] = opad[1]; + digest[2] = opad[2]; + digest[3] = opad[3]; + + md5_transform_mangle (w0, w1, w2, w3, digest); +} + +// Perfrom an HMAC-MD5 with the given key and using the domain constant as the +// data to HMAC +// in_key - the key to use (the user's password) +// key-len - the length of the key in bytes +// out_digest - returns the 16 byte result +void md5hmac_domain_mangle (u8 const *const in_key, const u32x key_len, u8 out_digest[16]) +{ + u32 pos; + + // Data + u32x data_buf[16]; + + for (pos = 0; pos < domain_len; pos++) + { + ((u8 *) data_buf)[pos] = domain[pos]; + } + for (pos = domain_len; pos < 64; pos++) + { + ((u8 *) data_buf)[pos] = 0; + } + + // Key + u32x key_buf[16]; + + for (pos = 0; pos < key_len; pos++) + { + ((u8 *) key_buf)[pos] = in_key[pos]; + } + for (pos = key_len; pos < 64; pos++) + { + ((u8 *) key_buf)[pos] = 0; + } + + // Pads + u32x ipad[4]; + u32x opad[4]; + + hmac_md5_pad_mangle (key_buf, key_buf + 4, key_buf + 8, key_buf + 12, ipad, opad); + + // Loop (except this time we don't actually loop) + append_0x80_2x4_VV (data_buf, data_buf + 4, domain_len); + + data_buf[14] = (64 + domain_len) * 8; + + hmac_md5_run_mangle (data_buf, data_buf + 4, data_buf + 8, data_buf + 12, ipad, opad, (u32x *) out_digest); +} + +// Base64 encode a string +// base64_hash - the returned hahs +// len - the length of the input string +// base64_plain - the string to encode +// returns the length of the final encoding +u32 b64_encode_mangle (u8 * base64_hash, const u32 len, const u8 * base64_plain) +{ + u8 *out_ptr = (u8 *) base64_hash; + u8 *in_ptr = (u8 *) base64_plain; + u32 out_len; + + u32 i; + + // Encode the easy iniitial characters + out_len = 0; + for (i = 0; i < (len - 2); i += 3) + { + char out_val0 = b64_table[((in_ptr[0] >> 2) & 0x3f)]; + char out_val1 = b64_table[((in_ptr[0] << 4) & 0x30) | ((in_ptr[1] >> 4) & 0x0f)]; + char out_val2 = b64_table[((in_ptr[1] << 2) & 0x3c) | ((in_ptr[2] >> 6) & 0x03)]; + char out_val3 = b64_table[((in_ptr[2] >> 0) & 0x3f)]; + + out_ptr[0] = out_val0 & 0x7f; + out_ptr[1] = out_val1 & 0x7f; + out_ptr[2] = out_val2 & 0x7f; + out_ptr[3] = out_val3 & 0x7f; + + in_ptr += 3; + out_ptr += 4; + out_len += 4; + } + // Deal with the awkward terminating characters if there are any + if (i == (len - 1)) + { + // Input string has one hanging character + char out_val0 = b64_table[((in_ptr[0] >> 2) & 0x3f)]; + char out_val1 = b64_table[((in_ptr[0] << 4) & 0x30)]; + + out_ptr[0] = out_val0 & 0x7f; + out_ptr[1] = out_val1 & 0x7f; + out_ptr[2] = '='; + out_ptr[3] = '='; + + in_ptr += 3; + out_ptr += 4; + out_len += 4; + } + if (i == (len - 2)) + { + // Input string has two hanging characters + char out_val0 = b64_table[((in_ptr[0] >> 2) & 0x3f)]; + char out_val1 = b64_table[((in_ptr[0] << 4) & 0x30) | ((in_ptr[1] >> 4) & 0x0f)]; + char out_val2 = b64_table[((in_ptr[1] << 2) & 0x3c)]; + + out_ptr[0] = out_val0 & 0x7f; + out_ptr[1] = out_val1 & 0x7f; + out_ptr[2] = out_val2 & 0x7f; + out_ptr[3] = '='; + + in_ptr += 3; + out_ptr += 4; + out_len += 4; + } + + return out_len; +} + +// Determine whether a given string contains non-alphanumeric values +// A non-alphanumeric is anything except a-z, A-Z, 0-9 +// data - the string to check +// length - the length of the string +// returns true if there's a non-alphanumeric value, false o/w +bool containsnonalphanumeric_mangle (u8 * data, u32 length) +{ + bool nonalphanumeric; + u32 pos; + char check; + u32 startingSize; + + nonalphanumeric = false; + // Check each character individually + for (pos = 0; (pos < length) && !nonalphanumeric; pos++) + { + check = data[pos]; + if (!((check >= 'a') && (check <= 'z')) && !((check >= 'A') && (check <= 'Z')) && !((check >= '0') && (check <= '9')) && !(check == '_')) + { + nonalphanumeric = true; + } + } + + return nonalphanumeric; +} + +// Determine whether a string contains any value between a given range +// password - the string to check +// length - the length of the string to check +// start - the inclusive lower bound of the range to check between +// end - the inclusive upper bound of the range to check between +// returns true if the string contains a value that falls in the range +// returns false o/w +bool contains_mangle (u8 const *password, u32 length, u8 start, u8 end) +{ + bool doescontain = false; + u32 pos; + + // Check each character individually + for (pos = 0; (pos < length) && (doescontain == false); pos++) + { + if ((password[pos] >= start) && (password[pos] <= end)) + { + doescontain = true; + } + } + + return doescontain; +} + +// Rotate the characters in a string to the left by the given number of +// characters +// torotate - the string to rotate +// length - the length of the string to rotate +// steps - the number of steps to rotate to the left by +void rotate_string_mangle (u8 * torotate, u32 length, u32 steps) +{ + u8 scratch[64]; + u32 pos; + + // Create a rotated copy in a temporary buffer + for (pos = 0; pos < length; pos++) + { + scratch[pos] = torotate[(pos + steps) % length]; + } + + // Copy the result back into the original buffer + for (pos = 0; pos < length; pos++) + { + torotate[pos] = scratch[pos]; + } +} + +// Perform the mangle operation on the string to be hashed +// w0, w1 - the string to be mangled +// in_len - the length of the string to be mangled +u32x mangle (u32x w0[4], u32x w1[4], const u32x in_len) +{ + u32x out_len = in_len; + + u32 digest[4]; + u32 data[8]; + u32 hash[8]; + u32 i; + u32 size; + u32 extrasize; + u32 startingsize; + bool nonalphanumeric; + u32 extrapos; + u8 next; + + hash[0] = w0[0]; + hash[1] = w0[1]; + hash[2] = w0[2]; + hash[3] = w0[3]; + hash[4] = w1[0]; + hash[5] = w1[1]; + hash[6] = w1[2]; + hash[7] = w1[3]; + + // HMAC-MD5 the domain name using the password as the key + md5hmac_domain_mangle ((u8 *) hash, in_len, (u8 *) digest); + + // Check whether the original password contains non-alphanumeric values + nonalphanumeric = containsnonalphanumeric_mangle ((u8 *) hash, in_len); + + w0[0] = digest[0]; + w0[1] = digest[1]; + w0[2] = digest[2]; + w0[3] = digest[3]; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + + // Base64 encode the HMAC; this will be what we use to generate the password + out_len = b64_encode_mangle ((u8 *) hash, 16, (u8 *) w0); + + out_len = 22; // b64 encoding will produce 24 bytes output, but last two will be "==" + extrasize = 22; + size = in_len + 2; + + // for (i = out_len; i < 32; i++) { + // ((u8 *)hash)[i] = 0; + // } + + startingsize = size - 4; + startingsize = (startingsize < extrasize) ? startingsize : extrasize; + + // Transfer the intial portion for output + for (i = 0; i < startingsize; i++) + { + ((u8 *) data)[i] = ((u8 *) hash)[i]; + } + for (i = startingsize; i < 32; i++) + { + ((u8 *) data)[i] = 0; + } + + extrapos = startingsize; + + // Add the extras + // Capital letter + next = (extrapos < extrasize) ? ((u8 *) hash)[extrapos] : 0; + extrapos++; + if (!contains_mangle ((u8 *) data, startingsize, 'A', 'Z')) + { + next = 'A' + (next % ('Z' - 'A' + 1)); + } + ((u8 *) data)[startingsize] = next; + startingsize++; + + // Lower case letter + next = (extrapos < extrasize) ? ((u8 *) hash)[extrapos] : 0; + extrapos++; + if (!contains_mangle ((u8 *) data, startingsize, 'a', 'z')) + { + next = 'a' + (next % ('z' - 'a' + 1)); + } + ((u8 *) data)[startingsize] = next; + startingsize++; + + // Number + next = (extrapos < extrasize) ? ((u8 *) hash)[extrapos] : 0; + extrapos++; + if (!contains_mangle ((u8 *) data, startingsize, '0', '9')) + { + next = '0' + (next % ('9' - '0' + 1)); + } + ((u8 *) data)[startingsize] = next; + startingsize++; + + // Non alphanumeric + if (containsnonalphanumeric_mangle ((u8 *) data, startingsize) && nonalphanumeric) + { + next = (extrapos < extrasize) ? ((u8 *) hash)[extrapos] : 0; + extrapos++; + } + else + { + next = '+'; + } + ((u8 *) data)[startingsize] = next; + startingsize++; + + // If there's no alphanumeric values in the original password + // remove them from the result + if (!nonalphanumeric) + { + for (i = 0; i < startingsize; i++) + { + if (containsnonalphanumeric_mangle (((u8 *) data) + i, 1)) + { + next = (extrapos < extrasize) ? ((u8 *) hash)[extrapos] : 0; + extrapos++; + next = 'A' + (next % ('Z' - 'A' + 1)); + ((u8 *) data)[i] = next; + } + } + } + + // Rotate the result to ranomise where the non-alphanumerics are + next = (extrapos < extrasize) ? ((u8 *) hash)[extrapos] : 0; + rotate_string_mangle ((u8 *) data, startingsize, next); + ((u8 *) data)[startingsize] = 0; + + out_len = startingsize; + + // Copy th result into the output buffer + w0[0] = data[0]; + w0[1] = data[1]; + w0[2] = data[2]; + w0[3] = data[3]; + w1[0] = data[4]; + w1[1] = data[5]; + w1[2] = data[6]; + w1[3] = data[7]; + + return (out_len); +} -- 2.25.1