Merge pull request hashcat#3379 from ventaquil/code-cleanup-pkcs8

24410/24420 modules cleanup

OpenCL/m24410-pure.cl

@@ -19,6 +19,20 @@
 #define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl)
 #define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl)
 
+typedef enum pkcs_cipher {
+  PKCS_CIPHER_3DES        = 1,
+  PKCS_CIPHER_AES_128_CBC = 2,
+  PKCS_CIPHER_AES_192_CBC = 3,
+  PKCS_CIPHER_AES_256_CBC = 4,
+} pkcs_cipher_t;
+
+typedef enum pkcs_cipher_key_size {
+  PKCS_CIPHER_KEY_SIZE_3DES        = 192,
+  PKCS_CIPHER_KEY_SIZE_AES_128_CBC = 128,
+  PKCS_CIPHER_KEY_SIZE_AES_192_CBC = 192,
+  PKCS_CIPHER_KEY_SIZE_AES_256_CBC = 256,
+} pkcs_cipher_key_size_t;
+
 typedef struct pkcs_sha1_tmp
 {
   u32  ipad[5];
@@ -31,7 +45,7 @@ typedef struct pkcs_sha1_tmp
 
 typedef struct pkcs
 {
-  int cipher;
+  int cipher; // pkcs_cipher_t
 
   u32 data_buf[16384];
   int data_len;
@@ -106,10 +120,10 @@ KERNEL_FQ void m24410_init (KERN_ATTR_TMPS_ESALT (pkcs_sha1_tmp_t, pkcs_t))
 
   u32 key_elem = 0;
 
-       if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 1) { key_elem = (192 / 8) / 4; }
-  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 2) { key_elem = (128 / 8) / 4; }
-  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 3) { key_elem = (192 / 8) / 4; }
-  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 4) { key_elem = (256 / 8) / 4; }
+       if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_3DES)        { key_elem = (PKCS_CIPHER_KEY_SIZE_3DES        / 8) / 4; }
+  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_AES_128_CBC) { key_elem = (PKCS_CIPHER_KEY_SIZE_AES_128_CBC / 8) / 4; }
+  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_AES_192_CBC) { key_elem = (PKCS_CIPHER_KEY_SIZE_AES_192_CBC / 8) / 4; }
+  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_AES_256_CBC) { key_elem = (PKCS_CIPHER_KEY_SIZE_AES_256_CBC / 8) / 4; }
 
   for (u32 i = 0, j = 1; i < key_elem; i += 5, j += 1)
   {
@@ -178,10 +192,10 @@ KERNEL_FQ void m24410_loop (KERN_ATTR_TMPS_ESALT (pkcs_sha1_tmp_t, pkcs_t))
 
   u32 key_elem = 0;
 
-       if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 1) { key_elem = (192 / 8) / 4; }
-  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 2) { key_elem = (128 / 8) / 4; }
-  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 3) { key_elem = (192 / 8) / 4; }
-  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == 4) { key_elem = (256 / 8) / 4; }
+       if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_3DES)        { key_elem = (PKCS_CIPHER_KEY_SIZE_3DES        / 8) / 4; }
+  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_AES_128_CBC) { key_elem = (PKCS_CIPHER_KEY_SIZE_AES_128_CBC / 8) / 4; }
+  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_AES_192_CBC) { key_elem = (PKCS_CIPHER_KEY_SIZE_AES_192_CBC / 8) / 4; }
+  else if (esalt_bufs[DIGESTS_OFFSET_HOST].cipher == PKCS_CIPHER_AES_256_CBC) { key_elem = (PKCS_CIPHER_KEY_SIZE_AES_256_CBC / 8) / 4; }
 
   for (u32 i = 0; i < key_elem; i += 5)
   {
@@ -357,7 +371,7 @@ KERNEL_FQ void m24410_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha1_tmp_t, pkcs_t))
   u32 enc[4];
   u32 dec[4];
 
-  if (cipher == 1)
+  if (cipher == PKCS_CIPHER_3DES)
   {
     ukey[0] = hc_swap32_S (ukey[0]);
     ukey[1] = hc_swap32_S (ukey[1]);
@@ -420,7 +434,7 @@ KERNEL_FQ void m24410_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha1_tmp_t, pkcs_t))
 
     if (asn1_ok == 0) return;
   }
-  else if (cipher == 2)
+  else if (cipher == PKCS_CIPHER_AES_128_CBC)
   {
     u32 ks[44];
 
@@ -474,7 +488,7 @@ KERNEL_FQ void m24410_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha1_tmp_t, pkcs_t))
 
     if (asn1_ok == 0) return;
   }
-  else if (cipher == 3)
+  else if (cipher == PKCS_CIPHER_AES_192_CBC)
   {
     u32 ks[52];
 
@@ -528,7 +542,7 @@ KERNEL_FQ void m24410_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha1_tmp_t, pkcs_t))
 
     if (asn1_ok == 0) return;
   }
-  else if (cipher == 4)
+  else if (cipher == PKCS_CIPHER_AES_256_CBC)
   {
     u32 ks[60];
 

OpenCL/m24420-pure.cl

@@ -19,6 +19,13 @@
 #define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl)
 #define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl)
 
+typedef enum pkcs_cipher {
+  PKCS_CIPHER_3DES        = 1,
+  PKCS_CIPHER_AES_128_CBC = 2,
+  PKCS_CIPHER_AES_192_CBC = 3,
+  PKCS_CIPHER_AES_256_CBC = 4,
+} pkcs_cipher_t;
+
 typedef struct pkcs_sha256_tmp
 {
   u32  ipad[8];
@@ -31,7 +38,7 @@ typedef struct pkcs_sha256_tmp
 
 typedef struct pkcs
 {
-  int cipher;
+  int cipher; // pkcs_cipher_t
 
   u32 data_buf[16384];
   int data_len;
@@ -382,7 +389,7 @@ KERNEL_FQ void m24420_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
   u32 enc[4];
   u32 dec[4];
 
-  if (cipher == 1)
+  if (cipher == PKCS_CIPHER_3DES)
   {
     ukey[0] = hc_swap32_S (ukey[0]);
     ukey[1] = hc_swap32_S (ukey[1]);
@@ -445,7 +452,7 @@ KERNEL_FQ void m24420_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
 
     if (asn1_ok == 0) return;
   }
-  else if (cipher == 2)
+  else if (cipher == PKCS_CIPHER_AES_128_CBC)
   {
     u32 ks[44];
 
@@ -499,7 +506,7 @@ KERNEL_FQ void m24420_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
 
     if (asn1_ok == 0) return;
   }
-  else if (cipher == 3)
+  else if (cipher == PKCS_CIPHER_AES_192_CBC)
   {
     u32 ks[52];
 
@@ -553,7 +560,7 @@ KERNEL_FQ void m24420_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
 
     if (asn1_ok == 0) return;
   }
-  else if (cipher == 4)
+  else if (cipher == PKCS_CIPHER_AES_256_CBC)
   {
     u32 ks[60];
 

src/modules/module_24410.c

@@ -53,6 +53,20 @@ const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig,
 #define PKCS_MIN_IV_HEX_LEN (PKCS_MIN_IV_LEN * 2)
 #define PKCS_MAX_IV_HEX_LEN (PKCS_MAX_IV_LEN * 2)
 
+typedef enum pkcs_cipher {
+  PKCS_CIPHER_3DES        = 1,
+  PKCS_CIPHER_AES_128_CBC = 2,
+  PKCS_CIPHER_AES_192_CBC = 3,
+  PKCS_CIPHER_AES_256_CBC = 4,
+} pkcs_cipher_t;
+
+typedef enum pkcs_cipher_block_size {
+  PKCS_CIPHER_BLOCK_SIZE_3DES        =  8,
+  PKCS_CIPHER_BLOCK_SIZE_AES_128_CBC = 16,
+  PKCS_CIPHER_BLOCK_SIZE_AES_192_CBC = 16,
+  PKCS_CIPHER_BLOCK_SIZE_AES_256_CBC = 16,
+} pkcs_cipher_block_size_t;
+
 typedef struct pkcs_sha1_tmp
 {
   u32  ipad[5];
@@ -65,7 +79,7 @@ typedef struct pkcs_sha1_tmp
 
 typedef struct pkcs
 {
-  int cipher;
+  int cipher; // pkcs_cipher_t
 
   u32 data_buf[16384];
   int data_len;
@@ -175,10 +189,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
 
   int cipher = hc_strtoul ((const char *) cipher_pos, NULL, 10);
 
-  if ((cipher != 1)
-   && (cipher != 2)
-   && (cipher != 3)
-   && (cipher != 4)) return (PARSER_CIPHER);
+  if ((cipher != PKCS_CIPHER_3DES)
+   && (cipher != PKCS_CIPHER_AES_128_CBC)
+   && (cipher != PKCS_CIPHER_AES_192_CBC)
+   && (cipher != PKCS_CIPHER_AES_256_CBC)) return (PARSER_CIPHER);
 
   pkcs->cipher = cipher;
 
@@ -201,18 +215,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
   const u8 *iv_pos = token.buf[5];
   const int iv_len = token.len[5];
 
-  if (cipher == 1)
-  {
-    if (iv_len != PKCS_MIN_IV_HEX_LEN) return (PARSER_SALT_LENGTH);
-
-    hex_decode (iv_pos, iv_len, (u8 *) pkcs->iv_buf);
-  }
-  else
-  {
-    if (iv_len != PKCS_MAX_IV_HEX_LEN) return (PARSER_SALT_LENGTH);
+  if ((cipher == PKCS_CIPHER_3DES) && (iv_len != PKCS_MIN_IV_HEX_LEN)) return (PARSER_SALT_LENGTH);
+  if ((cipher != PKCS_CIPHER_3DES) && (iv_len != PKCS_MAX_IV_HEX_LEN)) return (PARSER_SALT_LENGTH);
 
-    hex_decode (iv_pos, iv_len, (u8 *) pkcs->iv_buf);
-  }
+  hex_decode (iv_pos, iv_len, (u8 *) pkcs->iv_buf);
 
   // data length
 
@@ -233,10 +239,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
 
   int cipher_bs = 0;
 
-       if (cipher == 1) { cipher_bs =  8; }
-  else if (cipher == 2) { cipher_bs = 16; }
-  else if (cipher == 3) { cipher_bs = 16; }
-  else if (cipher == 4) { cipher_bs = 16; }
+       if (cipher == PKCS_CIPHER_3DES)        { cipher_bs = PKCS_CIPHER_BLOCK_SIZE_3DES; }
+  else if (cipher == PKCS_CIPHER_AES_128_CBC) { cipher_bs = PKCS_CIPHER_BLOCK_SIZE_AES_128_CBC; }
+  else if (cipher == PKCS_CIPHER_AES_192_CBC) { cipher_bs = PKCS_CIPHER_BLOCK_SIZE_AES_192_CBC; }
+  else if (cipher == PKCS_CIPHER_AES_256_CBC) { cipher_bs = PKCS_CIPHER_BLOCK_SIZE_AES_256_CBC; }
 
   if (pkcs->data_len % cipher_bs) return (PARSER_HASH_LENGTH);
 
@@ -254,41 +260,41 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
 {
   pkcs_t *pkcs = (pkcs_t *) esalt_buf;
 
+  // salt
+
   char salt_buf[PKCS_MAX_SALT_HEX_LEN + 1] = { 0 };
 
   hex_encode ((const u8 *) salt->salt_buf, salt->salt_len, (u8 *) salt_buf);
 
-  u8 *out_buf = (u8 *) line_buf;
+  // iv
+
+  char iv[PKCS_MAX_IV_HEX_LEN + 1] = { 0 };
 
-  int out_len;
+  int iv_len = 0;
 
-  if (pkcs->cipher == 1)
+  if (pkcs->cipher == PKCS_CIPHER_3DES)
   {
-    char iv[PKCS_MIN_IV_HEX_LEN + 1] = { 0 };
-    hex_encode((const u8 *) pkcs->iv_buf, PKCS_MIN_IV_LEN, (u8 *) iv);
-
-    out_len = snprintf ((char *) out_buf, line_size, "%s1$%d$%s$%d$%s$%d$",
-      SIGNATURE_PEM,
-      pkcs->cipher,
-      salt_buf,
-      salt->salt_iter + 1,
-      iv,
-      pkcs->data_len);
+    iv_len = PKCS_MIN_IV_LEN;
   }
   else
   {
-    char iv[PKCS_MAX_IV_HEX_LEN + 1] = { 0 };
-    hex_encode((const u8 *) pkcs->iv_buf, PKCS_MAX_IV_LEN, (u8 *) iv);
-
-    out_len = snprintf ((char *) out_buf, line_size, "%s1$%d$%s$%d$%s$%d$",
-      SIGNATURE_PEM,
-      pkcs->cipher,
-      salt_buf,
-      salt->salt_iter + 1,
-      iv,
-      pkcs->data_len);
+    iv_len = PKCS_MAX_IV_LEN;
   }
 
+  hex_encode((const u8 *) pkcs->iv_buf, iv_len, (u8 *) iv);
+
+  // output
+
+  u8 *out_buf = (u8 *) line_buf;
+
+  int out_len = snprintf ((char *) out_buf, line_size, "%s1$%d$%s$%d$%s$%d$",
+    SIGNATURE_PEM,
+    pkcs->cipher,
+    salt_buf,
+    salt->salt_iter + 1,
+    iv,
+    pkcs->data_len);
+
   out_len += hex_encode ((const u8 *) pkcs->data_buf, pkcs->data_len, (u8 *) out_buf + out_len);
 
   return out_len;