diff options
author | Alexey Dokuchaev <danfe@FreeBSD.org> | 2019-03-05 13:44:23 +0000 |
---|---|---|
committer | Alexey Dokuchaev <danfe@FreeBSD.org> | 2019-03-05 13:44:23 +0000 |
commit | b2d10add7831c445cc9b187ad8a63d535305efef (patch) | |
tree | 25a2e1a4bc48daf5b0f34fb930350a530efca086 /security/john | |
parent | 2ad5aeef271b5d55ccf72306104be653430f3f96 (diff) | |
download | ports-b2d10add7831c445cc9b187ad8a63d535305efef.tar.gz ports-b2d10add7831c445cc9b187ad8a63d535305efef.zip |
Drop OpenSSL EVP high-level crap in favor of their own AES implementation
in Bitcoin format converter.
Obtained from: https://github.com/magnumripper/JohnTheRipper/commit/0e2beec
Notes
Notes:
svn path=/head/; revision=494700
Diffstat (limited to 'security/john')
-rw-r--r-- | security/john/files/patch-bitcoin__fmt__plug.c | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/security/john/files/patch-bitcoin__fmt__plug.c b/security/john/files/patch-bitcoin__fmt__plug.c new file mode 100644 index 000000000000..93c2045aeb8b --- /dev/null +++ b/security/john/files/patch-bitcoin__fmt__plug.c @@ -0,0 +1,134 @@ +--- bitcoin_fmt_plug.c.orig 2014-12-18 07:59:02 UTC ++++ bitcoin_fmt_plug.c +@@ -15,33 +15,32 @@ + * Thanks to Solar for asking to add support for bitcoin wallet files. + */ + +-#include "arch.h" +-#include <openssl/opensslv.h> +-#if (AC_BUILT && HAVE_EVP_SHA512) || \ +- (!AC_BUILT && OPENSSL_VERSION_NUMBER >= 0x0090708f) +- + #if FMT_EXTERNS_H + extern struct fmt_main fmt_bitcoin; + #elif FMT_REGISTERS_H + john_register_one(&fmt_bitcoin); + #else + +-#include <openssl/evp.h> + #include <string.h> ++#ifdef _OPENMP ++#include <omp.h> ++#ifndef OMP_SCALE ++#define OMP_SCALE 1 ++#endif ++static int omp_t = 1; ++#endif ++ ++#include "arch.h" + #include "misc.h" + #include "common.h" + #include "formats.h" + #include "params.h" + #include "options.h" + #include "sha2.h" ++#include "aes/aes.h" + #include "stdint.h" + #include "johnswap.h" + #include "sse-intrinsics.h" +-#ifdef _OPENMP +-#include <omp.h> +-#define OMP_SCALE 1 +-static int omp_t = 1; +-#endif + #include "memdbg.h" + + #define FORMAT_LABEL "Bitcoin" +@@ -73,6 +72,7 @@ static int omp_t = 1; + #endif + + #define SZ 128 ++#define PADDING "\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10" + + static struct fmt_tests bitcoin_tests[] = { + /* bitcoin wallet hashes */ +@@ -265,10 +265,7 @@ static int crypt_all(int *pcount, struct db_salt *salt + #endif + { + unsigned char output[SZ]; +- int fOk; + SHA512_CTX sha_ctx; +- EVP_CIPHER_CTX ctx; +- int nPLen, nFLen; + int i; + + #ifdef MMX_COEF_SHA512 +@@ -316,6 +313,7 @@ static int crypt_all(int *pcount, struct db_salt *salt + alter_endianity_to_BE64(key_iv, 6 * MAX_KEYS_PER_CRYPT); + + for (index2 = 0; index2 < MAX_KEYS_PER_CRYPT; index2++) { ++ AES_KEY aes_key; + unsigned char key[32]; + unsigned char iv[16]; + +@@ -325,26 +323,21 @@ static int crypt_all(int *pcount, struct db_salt *salt + for (i = 0; i < sizeof(iv)/sizeof(ARCH_WORD_64); i++) // the derived iv + ((ARCH_WORD_64 *)iv)[i] = key_iv[MMX_COEF_SHA512*(sizeof(key)/sizeof(ARCH_WORD_64) + i) + index2]; + +- /* NOTE: write our code instead of using following high-level OpenSSL functions */ +- EVP_CIPHER_CTX_init(&ctx); +- fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, iv); +- if (fOk) +- fOk = EVP_DecryptUpdate(&ctx, output, &nPLen, cur_salt->cry_master, cur_salt->cry_master_length); +- if (fOk) +- fOk = EVP_DecryptFinal_ex(&ctx, output + nPLen, &nFLen); +- EVP_CIPHER_CTX_cleanup(&ctx); +- // a decrypted mkey is exactly 32 bytes in len; ossl has already checked the padding (16 0x0f's) for us +- if (fOk && nPLen + nFLen == 32) { ++ AES_set_decrypt_key(key, 256, &aes_key); ++ AES_cbc_encrypt(cur_salt->cry_master, output, cur_salt->cry_master_length, &aes_key, iv, AES_DECRYPT); ++ ++ if (!memcmp(output + 32, PADDING, 16)) { + cracked[index + index2] = 1; + #ifdef _OPENMP + #pragma omp atomic + #endif + any_cracked |= 1; + } +- + } + #else ++ AES_KEY aes_key; + unsigned char key_iv[SHA512_DIGEST_LENGTH]; // buffer for both the derived key and iv ++ + SHA512_Init(&sha_ctx); + SHA512_Update(&sha_ctx, saved_key[index], strlen(saved_key[index])); + SHA512_Update(&sha_ctx, cur_salt->cry_salt, cur_salt->cry_salt_length); +@@ -354,16 +347,11 @@ static int crypt_all(int *pcount, struct db_salt *salt + SHA512_Update(&sha_ctx, key_iv, SHA512_DIGEST_LENGTH); + SHA512_Final(key_iv, &sha_ctx); + } +- /* NOTE: write our code instead of using following high-level OpenSSL functions */ +- EVP_CIPHER_CTX_init(&ctx); +- fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key_iv, key_iv+32); +- if (fOk) +- fOk = EVP_DecryptUpdate(&ctx, output, &nPLen, cur_salt->cry_master, cur_salt->cry_master_length); +- if (fOk) +- fOk = EVP_DecryptFinal_ex(&ctx, output + nPLen, &nFLen); +- EVP_CIPHER_CTX_cleanup(&ctx); +- // a decrypted mkey is exactly 32 bytes in len; ossl has already checked the padding (16 0x0f's) for us +- if (fOk && nPLen + nFLen == 32) { ++ ++ AES_set_decrypt_key(key_iv, 256, &aes_key); ++ AES_cbc_encrypt(cur_salt->cry_master, output, cur_salt->cry_master_length, &aes_key, key_iv + 32, AES_DECRYPT); ++ ++ if (!memcmp(output + 32, PADDING, 16)) { + cracked[index] = 1; + #ifdef _OPENMP + #pragma omp atomic +@@ -471,5 +459,3 @@ struct fmt_main fmt_bitcoin = { + }; + + #endif /* plugin stanza */ +- +-#endif /* OpenSSL requirement */ |