From 04266834db80b933101672797864435b3285581d Mon Sep 17 00:00:00 2001
From: jsteube <jens.steube@gmail.com>
Date: Tue, 11 Oct 2022 18:46:02 +0000
Subject: [PATCH] Improve some sanity checks in module for -m 29910

---
 OpenCL/m29910-pure.cl      | 24 +++++++++++++-----------
 src/modules/module_29910.c | 28 +++++++++++++++++-----------
 2 files changed, 30 insertions(+), 22 deletions(-)

diff --git a/OpenCL/m29910-pure.cl b/OpenCL/m29910-pure.cl
index 64961fce2..8ed6aaaeb 100644
--- a/OpenCL/m29910-pure.cl
+++ b/OpenCL/m29910-pure.cl
@@ -340,6 +340,19 @@ KERNEL_FQ void m29910_comp (KERN_ATTR_TMPS_ESALT (encdatavault_tmp_t, encdatavau
 
   if (gid >= GID_CNT) return;
 
+  // decrypt encrypted data using PBKDF2 key
+
+  u32 ukey[4];
+
+  ukey[0] = tmps[gid].out[0];
+  ukey[1] = tmps[gid].out[1];
+  ukey[2] = tmps[gid].out[2];
+  ukey[3] = tmps[gid].out[3];
+
+  u32 ks[44];
+
+  AES128_set_encrypt_key (ks, ukey, s_te0, s_te1, s_te2, s_te3);
+
   #define ENC_MAX_KEY_NUM 8
 
   u32 ivs[ENC_MAX_KEY_NUM][2];
@@ -353,17 +366,6 @@ KERNEL_FQ void m29910_comp (KERN_ATTR_TMPS_ESALT (encdatavault_tmp_t, encdatavau
     ivs[i][1] = esalt_bufs[DIGESTS_OFFSET_HOST].iv[1] ^ tmps[gid].out[j + 1];
   }
 
-  u32 ukey[4];
-
-  ukey[0] = tmps[gid].out[0];
-  ukey[1] = tmps[gid].out[1];
-  ukey[2] = tmps[gid].out[2];
-  ukey[3] = tmps[gid].out[3];
-
-  u32 ks[44];
-
-  AES128_set_encrypt_key (ks, ukey, s_te0, s_te1, s_te2, s_te3);
-
   #define CTR_LEN 16
   #define ENC_BLOCK_SIZE 16
 
diff --git a/src/modules/module_29910.c b/src/modules/module_29910.c
index 98a4c255e..b7c609a29 100644
--- a/src/modules/module_29910.c
+++ b/src/modules/module_29910.c
@@ -21,6 +21,7 @@ static const char *HASH_NAME      = "ENCsecurity Datavault (PBKDF2/no keychain)"
 static const u64   KERN_TYPE      = 29910;
 static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE;
 static const u64   OPTS_TYPE      = OPTS_TYPE_STOCK_MODULE
+                                  | OPTS_TYPE_SUGGEST_KG
                                   | OPTS_TYPE_PT_GENERATE_LE;
 static const u32   SALT_TYPE      = SALT_TYPE_EMBEDDED;
 static const char *ST_PASS        = "hashcat";
@@ -153,12 +154,17 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
 
   encdatavault->version = hc_strtoul ((const char *) version_pos, NULL, 10);
 
+  if (encdatavault->version != 1) return (PARSER_SALT_VALUE);
+
   // algo
 
   const u8 *algo_pos = token.buf[2];
 
   encdatavault->algo = hc_strtoul ((const char *) algo_pos, NULL, 10);
 
+  if (encdatavault->algo < 1) return (PARSER_SALT_VALUE);
+  if (encdatavault->algo > 4) return (PARSER_SALT_VALUE);
+
   #define ENC_KEY_SIZE 16
 
   encdatavault->nb_keys = 1u << (encdatavault->algo - 1);
@@ -225,17 +231,17 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
     SIGNATURE_ENCDATAVAULT,
     encdatavault->version,
     encdatavault->algo,
-     (encdatavault->iv[0]),
-     (encdatavault->iv[1]),
-     (encdatavault->ct),
-     (salt->salt_buf[0]),
-     (salt->salt_buf[1]),
-     (salt->salt_buf[2]),
-     (salt->salt_buf[3]),
-     (salt->salt_buf[4]),
-     (salt->salt_buf[5]),
-     (salt->salt_buf[6]),
-     (salt->salt_buf[7]),
+    encdatavault->iv[0],
+    encdatavault->iv[1],
+    encdatavault->ct,
+    salt->salt_buf[0],
+    salt->salt_buf[1],
+    salt->salt_buf[2],
+    salt->salt_buf[3],
+    salt->salt_buf[4],
+    salt->salt_buf[5],
+    salt->salt_buf[6],
+    salt->salt_buf[7],
     salt->salt_iter + 1);
 
   return line_len;