/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
//#define NEW_SIMD_CODE
#ifdef KERNEL_STATIC
#include M2S(INCLUDE_PATH/inc_vendor.h)
#include M2S(INCLUDE_PATH/inc_types.h)
#include M2S(INCLUDE_PATH/inc_platform.cl)
#include M2S(INCLUDE_PATH/inc_common.cl)
#include M2S(INCLUDE_PATH/inc_simd.cl)
#include M2S(INCLUDE_PATH/inc_hash_sha256.cl)
#endif
#define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl)
#define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl)
typedef struct aescrypt
{
u32 iv[4];
u32 key[8];
} aescrypt_t;
typedef struct aescrypt_tmp
{
u32 pass[80];
int len;
} aescrypt_tmp_t;
KERNEL_FQ void m22400_init (KERN_ATTR_TMPS_ESALT (aescrypt_tmp_t, aescrypt_t))
{
/**
* base
*/
const u64 gid = get_global_id (0);
if (gid >= GID_CNT) return;
// salt:
u32 s[16] = { 0 }; // 64-byte aligned
s[0] = salt_bufs[SALT_POS_HOST].salt_buf[0];
s[1] = salt_bufs[SALT_POS_HOST].salt_buf[1];
s[2] = salt_bufs[SALT_POS_HOST].salt_buf[2];
s[3] = salt_bufs[SALT_POS_HOST].salt_buf[3];
const int pw_len = pws[gid].pw_len;
if (pw_len == -1) return; // gpu_utf8_to_utf16() can result in -1
u32 w[80] = { 0 };
for (u32 i = 0, j = 0; i < pw_len; i += 4, j += 1)
{
w[j] = hc_swap32_S (pws[gid].i[j]);
}
// sha256:
sha256_ctx_t ctx;
sha256_init (&ctx);
sha256_update (&ctx, s, 32);
sha256_update (&ctx, w, pw_len);
sha256_final (&ctx);
// set tmps:
#ifdef _unroll
#pragma unroll
#endif
for (int i = 80 - 1; i >= 8; i--) // create some space for the first digest without extra buffer
{
w[i] = w[i - 8];
}
w[0] = ctx.h[0];
w[1] = ctx.h[1];
w[2] = ctx.h[2];
w[3] = ctx.h[3];
w[4] = ctx.h[4];
w[5] = ctx.h[5];
w[6] = ctx.h[6];
w[7] = ctx.h[7];
const u32 final_len = 32 + pw_len;
const u32 idx_floor = (final_len / 64) * 16;
const u32 idx_ceil = ((final_len & 63) >= 56) ? idx_floor + 16 : idx_floor;
append_0x80_4x4_S (&w[idx_floor + 0], &w[idx_floor + 4], &w[idx_floor + 8], &w[idx_floor + 12], (final_len & 63) ^ 3);
w[idx_ceil + 14] = 0;
w[idx_ceil + 15] = final_len * 8;
#ifdef _unroll
#pragma unroll
#endif
for (u32 i = 0; i < 80; i++)
{
tmps[gid].pass[i] = w[i];
}
tmps[gid].len = final_len;
}
KERNEL_FQ void m22400_loop (KERN_ATTR_TMPS_ESALT (aescrypt_tmp_t, aescrypt_t))
{
const u64 gid = get_global_id (0);
if (gid >= GID_CNT) return;
// init
u32 w[80];
#ifdef _unroll
#pragma unroll
#endif
for (u32 i = 0; i < 80; i++)
{
w[i] = tmps[gid].pass[i];
}
const int len = tmps[gid].len;
// main loop
for (u32 i = 0; i < LOOP_CNT; i++)
{
u32 h[8];
h[0] = SHA256M_A;
h[1] = SHA256M_B;
h[2] = SHA256M_C;
h[3] = SHA256M_D;
h[4] = SHA256M_E;
h[5] = SHA256M_F;
h[6] = SHA256M_G;
h[7] = SHA256M_H;
u32 w0[4];
u32 w1[4];
u32 w2[4];
u32 w3[4];
int left;
int idx;
for (left = len, idx = 0; left >= 56; left -= 64, idx += 16)
{
w0[0] = w[idx + 0];
w0[1] = w[idx + 1];
w0[2] = w[idx + 2];
w0[3] = w[idx + 3];
w1[0] = w[idx + 4];
w1[1] = w[idx + 5];
w1[2] = w[idx + 6];
w1[3] = w[idx + 7];
w2[0] = w[idx + 8];
w2[1] = w[idx + 9];
w2[2] = w[idx + 10];
w2[3] = w[idx + 11];
w3[0] = w[idx + 12];
w3[1] = w[idx + 13];
w3[2] = w[idx + 14];
w3[3] = w[idx + 15];
sha256_transform (w0, w1, w2, w3, h);
}
w0[0] = w[idx + 0];
w0[1] = w[idx + 1];
w0[2] = w[idx + 2];
w0[3] = w[idx + 3];
w1[0] = w[idx + 4];
w1[1] = w[idx + 5];
w1[2] = w[idx + 6];
w1[3] = w[idx + 7];
w2[0] = w[idx + 8];
w2[1] = w[idx + 9];
w2[2] = w[idx + 10];
w2[3] = w[idx + 11];
w3[0] = w[idx + 12];
w3[1] = w[idx + 13];
w3[2] = w[idx + 14];
w3[3] = w[idx + 15];
sha256_transform (w0, w1, w2, w3, h);
w[0] = h[0];
w[1] = h[1];
w[2] = h[2];
w[3] = h[3];
w[4] = h[4];
w[5] = h[5];
w[6] = h[6];
w[7] = h[7];
}
tmps[gid].pass[0] = w[0];
tmps[gid].pass[1] = w[1];
tmps[gid].pass[2] = w[2];
tmps[gid].pass[3] = w[3];
tmps[gid].pass[4] = w[4];
tmps[gid].pass[5] = w[5];
tmps[gid].pass[6] = w[6];
tmps[gid].pass[7] = w[7];
}
KERNEL_FQ void m22400_comp (KERN_ATTR_TMPS_ESALT (aescrypt_tmp_t, aescrypt_t))
{
const u64 gid = get_global_id (0);
if (gid >= GID_CNT) return;
// digest
u32 dgst[16] = { 0 };
dgst[0] = tmps[gid].pass[0];
dgst[1] = tmps[gid].pass[1];
dgst[2] = tmps[gid].pass[2];
dgst[3] = tmps[gid].pass[3];
dgst[4] = tmps[gid].pass[4];
dgst[5] = tmps[gid].pass[5];
dgst[6] = tmps[gid].pass[6];
dgst[7] = tmps[gid].pass[7];
// IV
u32 data[16] = { 0 };
data[ 0] = esalt_bufs[DIGESTS_OFFSET_HOST].iv[0];
data[ 1] = esalt_bufs[DIGESTS_OFFSET_HOST].iv[1];
data[ 2] = esalt_bufs[DIGESTS_OFFSET_HOST].iv[2];
data[ 3] = esalt_bufs[DIGESTS_OFFSET_HOST].iv[3];
// key
data[ 4] = esalt_bufs[DIGESTS_OFFSET_HOST].key[0];
data[ 5] = esalt_bufs[DIGESTS_OFFSET_HOST].key[1];
data[ 6] = esalt_bufs[DIGESTS_OFFSET_HOST].key[2];
data[ 7] = esalt_bufs[DIGESTS_OFFSET_HOST].key[3];
data[ 8] = esalt_bufs[DIGESTS_OFFSET_HOST].key[4];
data[ 9] = esalt_bufs[DIGESTS_OFFSET_HOST].key[5];
data[10] = esalt_bufs[DIGESTS_OFFSET_HOST].key[6];
data[11] = esalt_bufs[DIGESTS_OFFSET_HOST].key[7];
/*
* HMAC-SHA256:
*/
sha256_hmac_ctx_t ctx;
sha256_hmac_init (&ctx, dgst, 32);
sha256_hmac_update (&ctx, data, 48);
sha256_hmac_final (&ctx);
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
#define il_pos 0
#ifdef KERNEL_STATIC
#include COMPARE_M
#endif
}