Skip to content

Commit

Permalink
m29600, terra crypto wallet
Browse files Browse the repository at this point in the history
  • Loading branch information
Tom S committed Jul 18, 2022
1 parent aa5becf commit b0d9992
Show file tree
Hide file tree
Showing 2 changed files with 578 additions and 0 deletions.
322 changes: 322 additions & 0 deletions OpenCL/m29600-pure.cl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,322 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
* DEBUG: ST PW = 0x70617373776f7264313233
*/

#define NEW_SIMD_CODE

#ifdef KERNEL_STATIC
#include M2S(INCLUDE_PATH/inc_vendor.h)
#include M2S(INCLUDE_PATH/inc_types.h)
#include M2S(INCLUDE_PATH/inc_platform.cl)
#include M2S(INCLUDE_PATH/inc_common.cl)
#include M2S(INCLUDE_PATH/inc_simd.cl)
#include M2S(INCLUDE_PATH/inc_hash_sha1.cl)
#include M2S(INCLUDE_PATH/inc_cipher_aes.cl)
#endif

#define COMPARE_S M2S(INCLUDE_PATH/inc_comp_single.cl)
#define COMPARE_M M2S(INCLUDE_PATH/inc_comp_multi.cl)

typedef struct pbkdf_sha1_tmp
{
u32 ipad[5];
u32 opad[5];

u32 dgst[32];
u32 out[32];
} pbkdf_sha1_tmp_t;

typedef struct terra
{
u32 salt_buf[8];
u32 ct_block_a[4];
} terra_t;

#define FIXED_SALT_SIZE 16


DECLSPEC void hmac_sha1_run_V (PRIVATE_AS u32x *w0, PRIVATE_AS u32x *w1, PRIVATE_AS u32x *w2, PRIVATE_AS u32x *w3, PRIVATE_AS u32x *ipad, PRIVATE_AS u32x *opad, PRIVATE_AS u32x *digest)
{

digest[0] = ipad[0];
digest[1] = ipad[1];
digest[2] = ipad[2];
digest[3] = ipad[3];
digest[4] = ipad[4];

sha1_transform_vector (w0, w1, w2, w3, digest);

w0[0] = digest[0];
w0[1] = digest[1];
w0[2] = digest[2];
w0[3] = digest[3];
w1[0] = digest[4];
w1[1] = 0x80000000;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = (64 + 20) * 8;

digest[0] = opad[0];
digest[1] = opad[1];
digest[2] = opad[2];
digest[3] = opad[3];
digest[4] = opad[4];

sha1_transform_vector (w0, w1, w2, w3, digest);
}

KERNEL_FQ void m90999_init (KERN_ATTR_TMPS_ESALT (pbkdf_sha1_tmp_t,terra_t))
{
const u64 gid = get_global_id (0);
if (gid >= GID_CNT) return;

// Salt needs to be copied into a big enough buffer to call hmac init
u32 s[16] = { 0 };


s[0] = hc_swap32_S(esalt_bufs[DIGESTS_OFFSET_HOST].salt_buf[0]);
s[1] = hc_swap32_S(esalt_bufs[DIGESTS_OFFSET_HOST].salt_buf[1]);
s[2] = hc_swap32_S(esalt_bufs[DIGESTS_OFFSET_HOST].salt_buf[2]);
s[3] = hc_swap32_S(esalt_bufs[DIGESTS_OFFSET_HOST].salt_buf[3]);


sha1_hmac_ctx_t sha1_hmac_ctx;
sha1_hmac_init_global_swap (&sha1_hmac_ctx, pws[gid].i, pws[gid].pw_len);


tmps[gid].ipad[0] = sha1_hmac_ctx.ipad.h[0];
tmps[gid].ipad[1] = sha1_hmac_ctx.ipad.h[1];
tmps[gid].ipad[2] = sha1_hmac_ctx.ipad.h[2];
tmps[gid].ipad[3] = sha1_hmac_ctx.ipad.h[3];
tmps[gid].ipad[4] = sha1_hmac_ctx.ipad.h[4];

tmps[gid].opad[0] = sha1_hmac_ctx.opad.h[0];
tmps[gid].opad[1] = sha1_hmac_ctx.opad.h[1];
tmps[gid].opad[2] = sha1_hmac_ctx.opad.h[2];
tmps[gid].opad[3] = sha1_hmac_ctx.opad.h[3];
tmps[gid].opad[4] = sha1_hmac_ctx.opad.h[4];


sha1_hmac_update (&sha1_hmac_ctx, s, FIXED_SALT_SIZE);


// First iteration
for (u32 i = 0, j = 1; i < 8; i += 5, j += 1)
{
sha1_hmac_ctx_t sha1_hmac_ctx2 = sha1_hmac_ctx;

u32 w0[4];
u32 w1[4];
u32 w2[4];
u32 w3[4];

w0[0] = j;
w0[1] = 0;
w0[2] = 0;
w0[3] = 0;
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;

sha1_hmac_update_64 (&sha1_hmac_ctx2, w0, w1, w2, w3, 4);
sha1_hmac_final (&sha1_hmac_ctx2);


tmps[gid].dgst[i + 0] = sha1_hmac_ctx2.opad.h[0];
tmps[gid].dgst[i + 1] = sha1_hmac_ctx2.opad.h[1];
tmps[gid].dgst[i + 2] = sha1_hmac_ctx2.opad.h[2];
tmps[gid].dgst[i + 3] = sha1_hmac_ctx2.opad.h[3];
tmps[gid].dgst[i + 4] = sha1_hmac_ctx2.opad.h[4];

tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0];
tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1];
tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2];
tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3];
tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4];
}
}

KERNEL_FQ void m90999_loop (KERN_ATTR_TMPS_ESALT (pbkdf_sha1_tmp_t,terra_t))
{
const u64 gid = get_global_id (0);

if ((gid * VECT_SIZE) >= GID_CNT) return;

u32x ipad[5];
u32x opad[5];

ipad[0] = packv (tmps, ipad, gid, 0);
ipad[1] = packv (tmps, ipad, gid, 1);
ipad[2] = packv (tmps, ipad, gid, 2);
ipad[3] = packv (tmps, ipad, gid, 3);
ipad[4] = packv (tmps, ipad, gid, 4);

opad[0] = packv (tmps, opad, gid, 0);
opad[1] = packv (tmps, opad, gid, 1);
opad[2] = packv (tmps, opad, gid, 2);
opad[3] = packv (tmps, opad, gid, 3);
opad[4] = packv (tmps, opad, gid, 4);

for (u32 i = 0; i < 8; i += 5)
{
u32x dgst[5];
u32x out[5];

dgst[0] = packv (tmps, dgst, gid, i + 0);
dgst[1] = packv (tmps, dgst, gid, i + 1);
dgst[2] = packv (tmps, dgst, gid, i + 2);
dgst[3] = packv (tmps, dgst, gid, i + 3);
dgst[4] = packv (tmps, dgst, gid, i + 4);

out[0] = packv (tmps, out, gid, i + 0);
out[1] = packv (tmps, out, gid, i + 1);
out[2] = packv (tmps, out, gid, i + 2);
out[3] = packv (tmps, out, gid, i + 3);
out[4] = packv (tmps, out, gid, i + 4);

for (u32 j = 0; j < LOOP_CNT; j++)
{
u32x w0[4];
u32x w1[4];
u32x w2[4];
u32x w3[4];

w0[0] = dgst[0];
w0[1] = dgst[1];
w0[2] = dgst[2];
w0[3] = dgst[3];
w1[0] = dgst[4];
w1[1] = 0x80000000;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = (64 + 20) * 8;

hmac_sha1_run_V (w0, w1, w2, w3, ipad, opad, dgst);


out[0] ^= dgst[0];
out[1] ^= dgst[1];
out[2] ^= dgst[2];
out[3] ^= dgst[3];
out[4] ^= dgst[4];
}

unpackv (tmps, dgst, gid, i + 0, dgst[0]);
unpackv (tmps, dgst, gid, i + 1, dgst[1]);
unpackv (tmps, dgst, gid, i + 2, dgst[2]);
unpackv (tmps, dgst, gid, i + 3, dgst[3]);
unpackv (tmps, dgst, gid, i + 4, dgst[4]);

unpackv (tmps, out, gid, i + 0, out[0]);
unpackv (tmps, out, gid, i + 1, out[1]);
unpackv (tmps, out, gid, i + 2, out[2]);
unpackv (tmps, out, gid, i + 3, out[3]);
unpackv (tmps, out, gid, i + 4, out[4]);
}
}

KERNEL_FQ void m90999_comp (KERN_ATTR_TMPS_ESALT (pbkdf_sha1_tmp_t,terra_t))
{
/**
* base
*/

const u64 gid = get_global_id (0);
const u64 lid = get_local_id(0);
const u64 lsz = get_local_size(0);

/**
* aes shared
*/

#ifdef REAL_SHM

LOCAL_VK u32 s_te0[256];
LOCAL_VK u32 s_te1[256];
LOCAL_VK u32 s_te2[256];
LOCAL_VK u32 s_te3[256];
LOCAL_VK u32 s_te4[256];

for (u32 i = lid; i < 256; i += lsz)
{
s_te0[i] = te0[i];
s_te1[i] = te1[i];
s_te2[i] = te2[i];
s_te3[i] = te3[i];
s_te4[i] = te4[i];
}

SYNC_THREADS();

#else

CONSTANT_AS u32a* s_te0 = te0;
CONSTANT_AS u32a* s_te1 = te1;
CONSTANT_AS u32a* s_te2 = te2;
CONSTANT_AS u32a* s_te3 = te3;
CONSTANT_AS u32a* s_te4 = te4;

#endif

if (gid >= GID_CNT) return;

u32 ukey[8];

ukey[0] = tmps[gid].out[0];
ukey[1] = tmps[gid].out[1];
ukey[2] = tmps[gid].out[2];
ukey[3] = tmps[gid].out[3];
ukey[4] = tmps[gid].out[4];
ukey[5] = tmps[gid].out[5];
ukey[6] = tmps[gid].out[6];
ukey[7] = tmps[gid].out[7];


u32 ks[60];
u32 d[4];
d[0] = esalt_bufs[DIGESTS_OFFSET_HOST].ct_block_a[0];
d[1] = esalt_bufs[DIGESTS_OFFSET_HOST].ct_block_a[1];
d[2] = esalt_bufs[DIGESTS_OFFSET_HOST].ct_block_a[2];
d[3] = esalt_bufs[DIGESTS_OFFSET_HOST].ct_block_a[3];
u32 CT[4] = { 0 };
AES256_set_encrypt_key (ks, ukey, s_te0, s_te1, s_te2, s_te3);
AES256_encrypt(ks, d, CT, s_te0, s_te1, s_te2, s_te3, s_te4);
// check


const u32 r0 = CT[0];
const u32 r1 = CT[1];
const u32 r2 = CT[2];
const u32 r3 = CT[3];

#define il_pos 0

#ifdef KERNEL_STATIC
#include COMPARE_M
#endif
}
Loading

0 comments on commit b0d9992

Please sign in to comment.