int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 3;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_MYSQL_AUTH;
token.len[0] = 9;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.sep[1] = '*';
token.len_min[1] = 40;
token.len_max[1] = 40;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[2] = '*';
token.len_min[2] = 40;
token.len_max[2] = 40;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// hash
const u8 *hash_pos = token.buf[2];
digest[0] = hex_to_u32 (hash_pos + 0);
digest[1] = hex_to_u32 (hash_pos + 8);
digest[2] = hex_to_u32 (hash_pos + 16);
digest[3] = hex_to_u32 (hash_pos + 24);
digest[4] = hex_to_u32 (hash_pos + 32);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
/*
* store salt
*/
const u8 *salt_pos = token.buf[1];
const int salt_len = token.len[1];
const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len);
if (parse_rc == false) return (PARSER_SALT_LENGTH);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 3;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_CISCO9;
token.len[0] = 3;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.len_min[1] = 14;
token.len_max[1] = 14;
token.sep[1] = '$';
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
token.len[2] = 43;
token.attr[2] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_BASE64B;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// salt is not encoded
const u8 *salt_pos = token.buf[1];
const int salt_len = token.len[1];
u8 *salt_buf_ptr = (u8 *) salt->salt_buf;
memcpy (salt_buf_ptr, salt_pos, salt_len);
salt->salt_len = salt_len;
salt->salt_iter = 1;
salt->scrypt_N = 16384;
salt->scrypt_r = 1;
salt->scrypt_p = 1;
// base64 decode hash
const u8 *hash_pos = token.buf[2];
const int hash_len = token.len[2];
u8 tmp_buf[100] = { 0 };
const int tmp_len = base64_decode (itoa64_to_int, hash_pos, hash_len, tmp_buf);
if (tmp_len != 32) return (PARSER_HASH_LENGTH);
memcpy (digest, tmp_buf, 32);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u64 *digest = (u64 *) digest_buf;
token_t token;
token.token_cnt = 2;
token.sep[0] = hashconfig->separator;
token.len_min[0] = 128;
token.len_max[0] = 128;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[1] = SALT_MIN;
token.len_max[1] = SALT_MAX;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
if (hashconfig->opts_type & OPTS_TYPE_ST_HEX)
{
token.len_min[1] *= 2;
token.len_max[1] *= 2;
token.attr[1] |= TOKEN_ATTR_VERIFY_HEX;
}
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[0];
digest[0] = hex_to_u64 (hash_pos + 0);
digest[1] = hex_to_u64 (hash_pos + 16);
digest[2] = hex_to_u64 (hash_pos + 32);
digest[3] = hex_to_u64 (hash_pos + 48);
digest[4] = hex_to_u64 (hash_pos + 64);
digest[5] = hex_to_u64 (hash_pos + 80);
digest[6] = hex_to_u64 (hash_pos + 96);
digest[7] = hex_to_u64 (hash_pos + 112);
digest[0] = byte_swap_64 (digest[0]);
digest[1] = byte_swap_64 (digest[1]);
digest[2] = byte_swap_64 (digest[2]);
digest[3] = byte_swap_64 (digest[3]);
digest[4] = byte_swap_64 (digest[4]);
digest[5] = byte_swap_64 (digest[5]);
digest[6] = byte_swap_64 (digest[6]);
digest[7] = byte_swap_64 (digest[7]);
const u8 *salt_pos = token.buf[1];
const int salt_len = token.len[1];
const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len);
if (parse_rc == false) return (PARSER_SALT_LENGTH);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 2;
token.sep[0] = hashconfig->separator;
token.len_min[0] = 40;
token.len_max[0] = 40;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[1] = 20;
token.len_max[1] = 20;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[0];
digest[0] = hex_to_u32 (hash_pos + 0);
digest[1] = hex_to_u32 (hash_pos + 8);
digest[2] = hex_to_u32 (hash_pos + 16);
digest[3] = hex_to_u32 (hash_pos + 24);
digest[4] = hex_to_u32 (hash_pos + 32);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)
{
digest[0] -= SHA1M_A;
digest[1] -= SHA1M_B;
digest[2] -= SHA1M_C;
digest[3] -= SHA1M_D;
digest[4] -= SHA1M_E;
}
const u8 *salt_pos = token.buf[1];
const int salt_len = token.len[1];
const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len);
if (parse_rc == false) return (PARSER_SALT_LENGTH);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 1;
token.len_min[0] = 64;
token.len_max[0] = 64;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[0];
digest[0] = hex_to_u32 (hash_pos + 0);
digest[1] = hex_to_u32 (hash_pos + 8);
digest[2] = hex_to_u32 (hash_pos + 16);
digest[3] = hex_to_u32 (hash_pos + 24);
digest[4] = hex_to_u32 (hash_pos + 32);
digest[5] = hex_to_u32 (hash_pos + 40);
digest[6] = hex_to_u32 (hash_pos + 48);
digest[7] = hex_to_u32 (hash_pos + 56);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
digest[5] = byte_swap_32 (digest[5]);
digest[6] = byte_swap_32 (digest[6]);
digest[7] = byte_swap_32 (digest[7]);
if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)
{
digest[0] -= SHA256M_A;
digest[1] -= SHA256M_B;
digest[2] -= SHA256M_C;
digest[3] -= SHA256M_D;
digest[4] -= SHA256M_E;
digest[5] -= SHA256M_F;
digest[6] -= SHA256M_G;
digest[7] -= SHA256M_H;
}
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 2;
token.signatures_cnt = 1;
token.signatures_buf[0] = "{SHA}";
token.len[0] = 5;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.len_min[1] = 28;
token.len_max[1] = 28;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[1];
const int hash_len = token.len[1];
u8 tmp_buf[100] = { 0 };
base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf);
memcpy (digest, tmp_buf, 20);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)
{
digest[0] -= SHA1M_A;
digest[1] -= SHA1M_B;
digest[2] -= SHA1M_C;
digest[3] -= SHA1M_D;
digest[4] -= SHA1M_E;
}
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 1;
token.len[0] = 43;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_BASE64B;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[0];
const int hash_len = token.len[0];
u8 tmp_buf[100] = { 0 };
base64_decode (itoa64_to_int, (const u8 *) hash_pos, hash_len, tmp_buf);
memcpy (digest, tmp_buf, 32);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
digest[5] = byte_swap_32 (digest[5]);
digest[6] = byte_swap_32 (digest[6]);
digest[7] = byte_swap_32 (digest[7]);
if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)
{
digest[0] -= SHA256M_A;
digest[1] -= SHA256M_B;
digest[2] -= SHA256M_C;
digest[3] -= SHA256M_D;
digest[4] -= SHA256M_E;
digest[5] -= SHA256M_F;
digest[6] -= SHA256M_G;
digest[7] -= SHA256M_H;
}
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 2;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_FORTIGATE;
token.len[0] = 3;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.len[1] = 44;
token.attr[1] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
/**
* verify data
*/
const u8 *hash_pos = token.buf[1];
const int hash_len = token.len[1];
// decode salt + SHA1 hash (12 + 20 = 32)
u8 tmp_buf[100] = { 0 };
const int decoded_len = base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf);
if (decoded_len != 32) return (PARSER_HASH_LENGTH);
/**
* store data
*/
// salt
u32 salt_len = 12;
memcpy (salt->salt_buf, tmp_buf, salt_len);
salt->salt_len = salt_len;
// digest
memcpy (digest, tmp_buf + salt_len, 20);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)
{
digest[0] -= SHA1M_A;
digest[1] -= SHA1M_B;
digest[2] -= SHA1M_C;
digest[3] -= SHA1M_D;
digest[4] -= SHA1M_E;
}
return (PARSER_OK);
}
/* ****************************************************
Scan the input file line by line getting specifications
The input has be in the order expected here
**************************************************** */
int get_input_specification(char * input_file)
{
extern int ACTUAL_LOG_CREATION;
static FILE * fp_input = NULL;
extern char PARENT_PATH[1024];
char line[1024], input[64], param[64], value[64], unit[64];
int num_flags=0, num_prints=0;
char char_params[MAX_PARAMS][10];
char * pch;
int j=0;
fp_input = fopen(input_file, "r");
if (!fp_input) {
fprintf(stderr, "Error: unable to open the input file %s\n", input_file);
return -1;
}
/*
if (!feof(fp_input)) {
fscanf(fp_input, "ParamsOfInterest: %s\n", input);
IMP_input->ParamsOfInterest = atoi(input);
}
*/
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "Parent_Path:") == 0) {
strcpy(IMP_input->Parent_Path, value);
if(atoi(unit) == 1)
strcpy(PARENT_PATH, IMP_input->Parent_Path);
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "Actuallogfile:") == 0) {
strcpy(IMP_input->Actuallogfile, value);
if(atoi(unit) == 1) {
ACTUAL_LOG_CREATION = 1;
}
}
fgets(line, 1024, fp_input);
sscanf(line, "%s %s %s", param, value, unit);
if (strcmp(param, "Randseeds:") == 0) {
if(strcmp(value, "Direct") == 0) {
IMP_input->num_randseeds = atoi(unit);
input_tokenizer_int(line, IMP_input->Randseeds);
}
else {
printf("Error getting Randseeds\n");
IMP_input->num_randseeds = 0; //default to gettimeofday
//return -1;
}
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "FScapacity:") == 0) {
IMP_input->FScapacity = atol(value);
IMP_input->FScapacity *= ScaleByUnit(unit);
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "FSused:") == 0) {
if(strcmp(value, "NO") == 0)
IMP_input->FSused = -1;
else {
IMP_input->FSused = atol(value);
IMP_input->FSused *= ScaleByUnit(unit);
}
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "Numfiles:") == 0) {
if(strcmp(value, "NO") == 0)
IMP_input->Numfiles = -1;
else {
IMP_input->Numfiles = atol(value);
IMP_input->Numfiles *= ScaleByUnit(unit);
}
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "Numdirs:") == 0) {
if(strcmp(value, "NO") == 0)
IMP_input->Numdirs = -1;
else {
IMP_input->Numdirs = atol(value);
IMP_input->Numdirs *= ScaleByUnit(unit);
}
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "Filesperdir:") == 0) {
if(strcmp(value, "NO") == 0)
IMP_input->mean_files_per_dir = -1;
else {
IMP_input->mean_files_per_dir = atof(value);
IMP_input->mean_files_per_dir *= ScaleByUnit(unit);
}
}
fgets(line, 256, fp_input);
sscanf(line, "%s %s %s", param, value, unit);
if (strcmp(param, "FilesizeDistr:") == 0) {
if(strcmp(value, "NO") == 0)
strcpy(IMP_input->FilesizeDistr,"");
else {
if(strcmp(value, "Indir") == 0) {
// Filename containing Distr (either X,Y or some
// encoding of the distribution
strcpy(IMP_input->FilesizeDistr, unit);
}
else if(strcmp(value, "Direct") == 0) {
IMP_input->num_filesizeparams = atoi(unit);
input_tokenizer(line, IMP_input->filesizeparams);
}
else {
printf("Error getting FilesizeDistr\n");
return -1;
}
}
}
fgets(line, 256, fp_input);
sscanf(line, "%s %s %s\n", param, value, unit);
if (strcmp(param, "FilecountDistr:") == 0) {
if(strcmp(value, "NO") == 0)
strcpy(IMP_input->FilecountDistr,"");
else {
if(strcmp(value, "Indir") == 0) {
strcpy(IMP_input->FilecountDistr, unit);
}
else if(strcmp(value, "Direct") == 0) {
IMP_input->num_filecountparams = atoi(unit);
input_tokenizer(line, IMP_input->filecountparams);
}
else {
printf("Error getting FilecountDistr\n");
return -1;
}
}
}
fgets(line, 256, fp_input);
sscanf(line, "%s %s %s", param, value, unit);
if (strcmp(param, "Dircountfiles:") == 0) {
if(strcmp(value, "NO") == 0)
strcpy(IMP_input->Dircountfiles ,"");
else {
if(strcmp(value, "Indir") == 0) {
strcpy(IMP_input->Dircountfiles, unit);
}
else if(strcmp(value, "Direct") == 0) {
IMP_input->num_dircountfilesparams = atoi(unit);
input_tokenizer(line, IMP_input->dircountfilesparams);
}
else {
printf("Error getting Dircountfiles\n");
return -1;
}
}
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "DirsizesubdirDistr:") == 0) {
if(strcmp(value, "NO") == 0)
strcpy(IMP_input->DirsizesubdirDistr,"");
else {
if(strcmp(value, "Indir") == 0) {
strcpy(IMP_input->DirsizesubdirDistr, unit);
}
else {
printf("Error getting DirsizesubdirDistr\n");
return -1;
}
}
}
fscanf(fp_input, "%s %s %s\n", param, value, unit);
if (strcmp(param, "Fileswithdepth:") == 0) {
if(strcmp(value, "NO") == 0)
strcpy(IMP_input->Fileswithdepth, "");
else {
if(strcmp(value, "Indir") == 0) {
strcpy(IMP_input->Fileswithdepth, unit);
}
else if(strcmp(value, "Direct") == 0) {
IMP_input->fileswithdepth_poisson = atof(unit);
}
else {
printf("Error getting Fileswithdepth\n");
return -1;
}
}
}
fscanf(fp_input, "%s %s\n", param, value);
if (strcmp(param, "Layoutscore:") == 0) {
IMP_input->Layoutscore = atof(value);
}
fscanf(fp_input, "%s %s\n", param, value);
if (strcmp(param, "Actualfilecreation:") == 0) {
IMP_input->Actualfilecreation = atoi(value);
}
fscanf(fp_input, "%s %s\n", param, value);
if (strcmp(param, "SpecialFlags:") == 0) {
num_flags=atoi(value);
for(int i =0; i< num_flags; i++) {
fscanf(fp_input, "%s %s\n", value, unit);
if(strcmp(value, "Flat") == 0) {
IMP_input->Flag[sf_flat] = atoi(unit);
}
else if(strcmp(value, "Deep") == 0) {
if(IMP_input->Flag[sf_flat]==1) {
printf("Cannot have deep and flat tree at the same time ..\n \
going with Flat ..\n");
}
else IMP_input->Flag[sf_deep]=atoi(unit);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 2;
token.len[0] = 128;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len[1] = 32;
token.attr[1] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[0];
digest[ 0] = hex_to_u32 (hash_pos + 0);
digest[ 1] = hex_to_u32 (hash_pos + 8);
digest[ 2] = hex_to_u32 (hash_pos + 16);
digest[ 3] = hex_to_u32 (hash_pos + 24);
digest[ 4] = hex_to_u32 (hash_pos + 32);
digest[ 5] = hex_to_u32 (hash_pos + 40);
digest[ 6] = hex_to_u32 (hash_pos + 48);
digest[ 7] = hex_to_u32 (hash_pos + 56);
digest[ 8] = hex_to_u32 (hash_pos + 64);
digest[ 9] = hex_to_u32 (hash_pos + 72);
digest[10] = hex_to_u32 (hash_pos + 80);
digest[11] = hex_to_u32 (hash_pos + 88);
digest[12] = hex_to_u32 (hash_pos + 96);
digest[13] = hex_to_u32 (hash_pos + 104);
digest[14] = hex_to_u32 (hash_pos + 112);
digest[15] = hex_to_u32 (hash_pos + 120);
digest[ 0] = byte_swap_32 (digest[ 0]);
digest[ 1] = byte_swap_32 (digest[ 1]);
digest[ 2] = byte_swap_32 (digest[ 2]);
digest[ 3] = byte_swap_32 (digest[ 3]);
digest[ 4] = byte_swap_32 (digest[ 4]);
digest[ 5] = byte_swap_32 (digest[ 5]);
digest[ 6] = byte_swap_32 (digest[ 6]);
digest[ 7] = byte_swap_32 (digest[ 7]);
digest[ 8] = byte_swap_32 (digest[ 8]);
digest[ 9] = byte_swap_32 (digest[ 9]);
digest[10] = byte_swap_32 (digest[10]);
digest[11] = byte_swap_32 (digest[11]);
digest[12] = byte_swap_32 (digest[12]);
digest[13] = byte_swap_32 (digest[13]);
digest[14] = byte_swap_32 (digest[14]);
digest[15] = byte_swap_32 (digest[15]);
const u8 *salt_pos = token.buf[1];
salt->salt_buf[0] = hex_to_u32 (salt_pos + 0);
salt->salt_buf[1] = hex_to_u32 (salt_pos + 8);
salt->salt_buf[2] = hex_to_u32 (salt_pos + 16);
salt->salt_buf[3] = hex_to_u32 (salt_pos + 24);
salt->salt_buf[0] = byte_swap_32 (salt->salt_buf[0]);
salt->salt_buf[1] = byte_swap_32 (salt->salt_buf[1]);
salt->salt_buf[2] = byte_swap_32 (salt->salt_buf[2]);
salt->salt_buf[3] = byte_swap_32 (salt->salt_buf[3]);
salt->salt_iter = ROUNDS_ORACLET - 1;
salt->salt_len = 16;
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 3;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_NETSCALER;
token.len[0] = 1;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.len[1] = 8;
token.attr[1] = TOKEN_ATTR_FIXED_LENGTH;
token.len[2] = 40;
token.attr[2] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// salt
const u8 *salt_pos = token.buf[1];
const int salt_len = token.len[1];
memcpy (salt->salt_buf, salt_pos, salt_len);
salt->salt_buf[0] = byte_swap_32 (salt->salt_buf[0]);
salt->salt_buf[1] = byte_swap_32 (salt->salt_buf[1]);
salt->salt_len = salt_len;
// hash
const u8 *hash_pos = token.buf[2];
digest[0] = hex_to_u32 (hash_pos + 0);
digest[1] = hex_to_u32 (hash_pos + 8);
digest[2] = hex_to_u32 (hash_pos + 16);
digest[3] = hex_to_u32 (hash_pos + 24);
digest[4] = hex_to_u32 (hash_pos + 32);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)
{
digest[0] -= SHA1M_A;
digest[1] -= SHA1M_B;
digest[2] -= SHA1M_C;
digest[3] -= SHA1M_D;
digest[4] -= SHA1M_E;
}
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
ikepsk_t *ikepsk = (ikepsk_t *) esalt_buf;
token_t token;
token.token_cnt = 9;
token.sep[0] = ':';
token.len_min[0] = 0;
token.len_max[0] = 1024;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[1] = ':';
token.len_min[1] = 0;
token.len_max[1] = 1024;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[2] = ':';
token.len_min[2] = 0;
token.len_max[2] = 1024;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[3] = ':';
token.len_min[3] = 0;
token.len_max[3] = 1024;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[4] = ':';
token.len_min[4] = 0;
token.len_max[4] = 1024;
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[5] = ':';
token.len_min[5] = 0;
token.len_max[5] = 1024;
token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[6] = ':';
token.len_min[6] = 0;
token.len_max[6] = 128;
token.attr[6] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[7] = ':';
token.len_min[7] = 0;
token.len_max[7] = 128;
token.attr[7] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[8] = ':';
token.len_min[8] = 32;
token.len_max[8] = 32;
token.attr[8] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
ikepsk->msg_len[0] = token.len[0] / 2;
ikepsk->msg_len[1] = ikepsk->msg_len[0] + token.len[1] / 2;
ikepsk->msg_len[2] = ikepsk->msg_len[1] + token.len[2] / 2;
ikepsk->msg_len[3] = ikepsk->msg_len[2] + token.len[3] / 2;
ikepsk->msg_len[4] = ikepsk->msg_len[3] + token.len[4] / 2;
ikepsk->msg_len[5] = ikepsk->msg_len[4] + token.len[5] / 2;
ikepsk->nr_len = (token.len[6] + token.len[7]) / 2;
if (ikepsk->msg_len[5] > 512) return (PARSER_SALT_LENGTH);
if (ikepsk->nr_len > 64) return (PARSER_SALT_LENGTH);
u8 *ptr1 = (u8 *) ikepsk->msg_buf;
u8 *ptr2 = (u8 *) ikepsk->nr_buf;
for (int i = 0; i < token.len[0]; i += 2) *ptr1++ = hex_to_u8 (token.buf[0] + i);
for (int i = 0; i < token.len[1]; i += 2) *ptr1++ = hex_to_u8 (token.buf[1] + i);
for (int i = 0; i < token.len[2]; i += 2) *ptr1++ = hex_to_u8 (token.buf[2] + i);
for (int i = 0; i < token.len[3]; i += 2) *ptr1++ = hex_to_u8 (token.buf[3] + i);
for (int i = 0; i < token.len[4]; i += 2) *ptr1++ = hex_to_u8 (token.buf[4] + i);
for (int i = 0; i < token.len[5]; i += 2) *ptr1++ = hex_to_u8 (token.buf[5] + i);
for (int i = 0; i < token.len[6]; i += 2) *ptr2++ = hex_to_u8 (token.buf[6] + i);
for (int i = 0; i < token.len[7]; i += 2) *ptr2++ = hex_to_u8 (token.buf[7] + i);
*ptr1++ = 0x80;
*ptr2++ = 0x80;
/**
* Store to database
*/
const u8 *hash_pos = token.buf[8];
digest[0] = hex_to_u32 (hash_pos + 0);
digest[1] = hex_to_u32 (hash_pos + 8);
digest[2] = hex_to_u32 (hash_pos + 16);
digest[3] = hex_to_u32 (hash_pos + 24);
salt->salt_len = 32;
salt->salt_buf[0] = ikepsk->nr_buf[0];
salt->salt_buf[1] = ikepsk->nr_buf[1];
salt->salt_buf[2] = ikepsk->nr_buf[2];
salt->salt_buf[3] = ikepsk->nr_buf[3];
salt->salt_buf[4] = ikepsk->nr_buf[4];
salt->salt_buf[5] = ikepsk->nr_buf[5];
salt->salt_buf[6] = ikepsk->nr_buf[6];
salt->salt_buf[7] = ikepsk->nr_buf[7];
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
agilekey_t *agilekey = (agilekey_t *) esalt_buf;
token_t token;
token.token_cnt = 3;
token.len_min[0] = 1;
token.len_max[0] = 6;
token.sep[0] = ':';
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH;
token.len_min[1] = 16;
token.len_max[1] = 16;
token.sep[1] = ':';
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[2] = 2080;
token.len_max[2] = 2080;
token.sep[2] = ':';
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
/**
* pbkdf2 iterations
*/
const u8 *iter_pos = token.buf[0];
salt->salt_iter = hc_strtoul ((const char *) iter_pos, NULL, 10) - 1;
/**
* handle salt encoding
*/
const u8 *salt_pos = token.buf[1];
const int salt_len = token.len[1];
u8 *saltbuf_ptr = (u8 *) salt->salt_buf;
for (int i = 0; i < salt_len; i += 2)
{
const u8 p0 = salt_pos[i + 0];
const u8 p1 = salt_pos[i + 1];
*saltbuf_ptr++ = hex_convert (p1) << 0
| hex_convert (p0) << 4;
}
salt->salt_len = salt_len / 2;
/**
* handle cipher encoding
*/
const u8 *cipher_pos = token.buf[2];
const int cipher_len = token.len[2];
u32 tmp[32] = { 0 };
u8 *cipherbuf_ptr = (u8 *) tmp;
for (int i = 2016; i < cipher_len; i += 2)
{
const u8 p0 = cipher_pos[i + 0];
const u8 p1 = cipher_pos[i + 1];
*cipherbuf_ptr++ = hex_convert (p1) << 0
| hex_convert (p0) << 4;
}
// iv is stored at salt_buf 4 (length 16)
// data is stored at salt_buf 8 (length 16)
salt->salt_buf[ 4] = byte_swap_32 (tmp[0]);
salt->salt_buf[ 5] = byte_swap_32 (tmp[1]);
salt->salt_buf[ 6] = byte_swap_32 (tmp[2]);
salt->salt_buf[ 7] = byte_swap_32 (tmp[3]);
salt->salt_buf[ 8] = byte_swap_32 (tmp[4]);
salt->salt_buf[ 9] = byte_swap_32 (tmp[5]);
salt->salt_buf[10] = byte_swap_32 (tmp[6]);
salt->salt_buf[11] = byte_swap_32 (tmp[7]);
for (int i = 0, j = 0; i < 1040; i += 1, j += 2)
{
const u8 p0 = cipher_pos[j + 0];
const u8 p1 = cipher_pos[j + 1];
agilekey->cipher[i] = hex_convert (p1) << 0
| hex_convert (p0) << 4;
}
/**
* digest buf
*/
digest[0] = 0x10101010;
digest[1] = 0x10101010;
digest[2] = 0x10101010;
digest[3] = 0x10101010;
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
jks_sha1_t *jks_sha1 = (jks_sha1_t *) esalt_buf;
token_t token;
token.token_cnt = 7;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_JKS_SHA1;
token.sep[0] = '*';
token.len_min[0] = 10;
token.len_max[0] = 10;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.sep[1] = '*';
token.len_min[1] = 40;
token.len_max[1] = 40;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[2] = '*';
token.len_min[2] = 40;
token.len_max[2] = 40;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[3] = '*';
token.len_min[3] = 2;
token.len_max[3] = 16384;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[4] = '*';
token.len_min[4] = 2;
token.len_max[4] = 2;
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[5] = '*';
token.len_min[5] = 28;
token.len_max[5] = 28;
token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[6] = '*';
token.len_min[6] = 0;
token.len_max[6] = 64;
token.attr[6] = TOKEN_ATTR_VERIFY_LENGTH;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// checksum
const u8 *checksum_pos = token.buf[1];
jks_sha1->checksum[0] = hex_to_u32 ((const u8 *) &checksum_pos[ 0]);
jks_sha1->checksum[1] = hex_to_u32 ((const u8 *) &checksum_pos[ 8]);
jks_sha1->checksum[2] = hex_to_u32 ((const u8 *) &checksum_pos[16]);
jks_sha1->checksum[3] = hex_to_u32 ((const u8 *) &checksum_pos[24]);
jks_sha1->checksum[4] = hex_to_u32 ((const u8 *) &checksum_pos[32]);
// iv
const u8 *iv_pos = token.buf[2];
jks_sha1->iv[0] = hex_to_u32 ((const u8 *) &iv_pos[ 0]);
jks_sha1->iv[1] = hex_to_u32 ((const u8 *) &iv_pos[ 8]);
jks_sha1->iv[2] = hex_to_u32 ((const u8 *) &iv_pos[16]);
jks_sha1->iv[3] = hex_to_u32 ((const u8 *) &iv_pos[24]);
jks_sha1->iv[4] = hex_to_u32 ((const u8 *) &iv_pos[32]);
// enc_key
const u8 *enc_key_pos = token.buf[3];
const int enc_key_len = token.len[3];
u8 *enc_key_buf = (u8 *) jks_sha1->enc_key_buf;
for (int i = 0, j = 0; j < enc_key_len; i += 1, j += 2)
{
enc_key_buf[i] = hex_to_u8 ((const u8 *) &enc_key_pos[j]);
jks_sha1->enc_key_len++;
}
// der1
const u8 *der1_pos = token.buf[4];
u8 *der = (u8 *) jks_sha1->der;
der[0] = hex_to_u8 ((const u8 *) &der1_pos[0]);
// der2
const u8 *der2_pos = token.buf[5];
for (int i = 6, j = 0; j < 28; i += 1, j += 2)
{
der[i] = hex_to_u8 ((const u8 *) &der2_pos[j]);
}
der[1] = 0;
der[2] = 0;
der[3] = 0;
der[4] = 0;
der[5] = 0;
// alias
const u8 *alias_pos = token.buf[6];
strncpy ((char *) jks_sha1->alias, (const char *) alias_pos, 64);
// fake salt
salt->salt_buf[0] = jks_sha1->iv[0];
salt->salt_buf[1] = jks_sha1->iv[1];
salt->salt_buf[2] = jks_sha1->iv[2];
salt->salt_buf[3] = jks_sha1->iv[3];
salt->salt_buf[4] = jks_sha1->iv[4];
salt->salt_len = 20;
// fake digest
digest[0] = byte_swap_32 (jks_sha1->der[0]);
digest[1] = byte_swap_32 (jks_sha1->der[1]);
digest[2] = byte_swap_32 (jks_sha1->der[2]);
digest[3] = byte_swap_32 (jks_sha1->der[3]);
digest[4] = byte_swap_32 (jks_sha1->der[4]);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 4;
token.len[0] = 1;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH;
token.len[1] = 1;
token.attr[1] = TOKEN_ATTR_FIXED_LENGTH;
token.len[2] = 48;
token.attr[2] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;
token.len[3] = 1;
token.attr[3] = TOKEN_ATTR_FIXED_LENGTH;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
if (token.buf[0][0] != '(') return (PARSER_SIGNATURE_UNMATCHED);
if (token.buf[1][0] != 'H') return (PARSER_SIGNATURE_UNMATCHED);
if (token.buf[3][0] != ')') return (PARSER_SIGNATURE_UNMATCHED);
// decode
const u8 *hash_pos = token.buf[2];
const int hash_len = token.len[2];
u8 tmp_buf[120] = { 0 };
base64_decode (lotus64_to_int, hash_pos, hash_len, tmp_buf);
tmp_buf[3] += -4; // dont ask!
// salt
memcpy (salt->salt_buf, tmp_buf, 16);
salt->salt_len = 16; // Attention: in theory we have 2 salt_len, one for the -m 8700 part (len: 8), 2nd for the 9100 part (len: 16)
// iteration
char tmp_iter_buf[11] = { 0 };
memcpy (tmp_iter_buf, tmp_buf + 16, 10);
tmp_iter_buf[10] = 0;
salt->salt_iter = hc_strtoul ((const char *) tmp_iter_buf, NULL, 10);
if (salt->salt_iter < 1) // well, the limit hopefully is much higher
{
return (PARSER_SALT_ITERATION);
}
salt->salt_iter--; // first round in init
// 2 additional bytes for display only
salt->salt_buf_pc[0] = tmp_buf[26];
salt->salt_buf_pc[1] = tmp_buf[27];
// digest
memcpy (digest, tmp_buf + 28, 8);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = 0;
digest[3] = 0;
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
apple_secure_notes_t *apple_secure_notes = (apple_secure_notes_t *) esalt_buf;
token_t token;
token.token_cnt = 6;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_FILEVAULT2;
token.len[0] = 6;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.sep[1] = '$';
token.len_min[1] = 1;
token.len_max[1] = 10;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[2] = '$';
token.len_min[2] = 1;
token.len_max[2] = 6;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[3] = '$';
token.len_min[3] = 32;
token.len_max[3] = 32;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[4] = '$';
token.len_min[4] = 1;
token.len_max[4] = 6;
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[5] = '$';
token.len_min[5] = 48;
token.len_max[5] = 48;
token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// Z_PK
const u8 *Z_PK_pos = token.buf[1];
const u32 Z_PK = hc_strtoul ((const char *) Z_PK_pos, NULL, 10);
if (Z_PK != 1) return (PARSER_SIGNATURE_UNMATCHED);
apple_secure_notes->Z_PK = Z_PK;
// ZCRYPTOSALT
const u8 *ZCRYPTOSALT_pos = token.buf[3];
apple_secure_notes->ZCRYPTOSALT[ 0] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[ 0]);
apple_secure_notes->ZCRYPTOSALT[ 1] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[ 8]);
apple_secure_notes->ZCRYPTOSALT[ 2] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[16]);
apple_secure_notes->ZCRYPTOSALT[ 3] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[24]);
apple_secure_notes->ZCRYPTOSALT[ 4] = 0;
apple_secure_notes->ZCRYPTOSALT[ 5] = 0;
apple_secure_notes->ZCRYPTOSALT[ 6] = 0;
apple_secure_notes->ZCRYPTOSALT[ 7] = 0;
apple_secure_notes->ZCRYPTOSALT[ 8] = 0;
apple_secure_notes->ZCRYPTOSALT[ 9] = 0;
apple_secure_notes->ZCRYPTOSALT[10] = 0;
apple_secure_notes->ZCRYPTOSALT[11] = 0;
apple_secure_notes->ZCRYPTOSALT[12] = 0;
apple_secure_notes->ZCRYPTOSALT[13] = 0;
apple_secure_notes->ZCRYPTOSALT[14] = 0;
apple_secure_notes->ZCRYPTOSALT[15] = 0;
// ZCRYPTOITERATIONCOUNT
const u8 *ZCRYPTOITERATIONCOUNT_pos = token.buf[4];
const u32 ZCRYPTOITERATIONCOUNT = hc_strtoul ((const char *) ZCRYPTOITERATIONCOUNT_pos, NULL, 10);
apple_secure_notes->ZCRYPTOITERATIONCOUNT = ZCRYPTOITERATIONCOUNT;
// ZCRYPTOWRAPPEDKEY
const u8 *ZCRYPTOWRAPPEDKEY_pos = token.buf[5];
apple_secure_notes->ZCRYPTOWRAPPEDKEY[0] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[ 0]);
apple_secure_notes->ZCRYPTOWRAPPEDKEY[1] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[ 8]);
apple_secure_notes->ZCRYPTOWRAPPEDKEY[2] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[16]);
apple_secure_notes->ZCRYPTOWRAPPEDKEY[3] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[24]);
apple_secure_notes->ZCRYPTOWRAPPEDKEY[4] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[32]);
apple_secure_notes->ZCRYPTOWRAPPEDKEY[5] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[40]);
// fake salt
salt->salt_buf[0] = apple_secure_notes->ZCRYPTOSALT[0];
salt->salt_buf[1] = apple_secure_notes->ZCRYPTOSALT[1];
salt->salt_buf[2] = apple_secure_notes->ZCRYPTOSALT[2];
salt->salt_buf[3] = apple_secure_notes->ZCRYPTOSALT[3];
salt->salt_buf[4] = apple_secure_notes->Z_PK;
salt->salt_iter = apple_secure_notes->ZCRYPTOITERATIONCOUNT - 1;
salt->salt_len = 20;
// fake hash
digest[0] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[0];
digest[1] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[1];
digest[2] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[2];
digest[3] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[3];
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 4;
token.sep[0] = ':';
token.len_min[0] = 32;
token.len_max[0] = 32;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[1] = ':';
token.len_min[1] = 1;
token.len_max[1] = 32;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[2] = ':';
token.len_min[2] = 1;
token.len_max[2] = 32;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[3] = ':';
token.len_min[3] = 1;
token.len_max[3] = 6;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// ok, the plan for this algorithm is the following:
// we have 2 salts here, the domain-name and a random salt
// while both are used in the initial transformation,
// only the random salt is used in the following iterations
// so we create two buffer, one that includes domain-name (stored into salt_buf_pc[])
// and one that includes only the real salt (stored into salt_buf[]).
// the domain-name length is put into array position 7 of salt_buf_pc[] since there is not salt_pc_len
const u8 *hash_pos = token.buf[0];
const int hash_len = token.len[0];
u8 tmp_buf[100] = { 0 };
base32_decode (itoa32_to_int, hash_pos, hash_len, tmp_buf);
memcpy (digest, tmp_buf, 20);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
// domain
const u8 *domain_pos = token.buf[1];
const int domain_len = token.len[1];
u8 *salt_buf_pc_ptr = (u8 *) salt->salt_buf_pc;
memcpy (salt_buf_pc_ptr, domain_pos, domain_len);
if (salt_buf_pc_ptr[0] != '.') return (PARSER_SALT_VALUE);
u8 *len_ptr = salt_buf_pc_ptr;
*len_ptr = 0;
for (int i = 1; i < domain_len; i++)
{
if (salt_buf_pc_ptr[i] == '.')
{
len_ptr = salt_buf_pc_ptr + i;
*len_ptr = 0;
}
else
{
*len_ptr += 1;
}
}
salt->salt_len_pc = domain_len;
// "real" salt
const u8 *salt_pos = token.buf[2];
const int salt_len = token.len[2];
const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len);
if (parse_rc == false) return (PARSER_SALT_LENGTH);
// iteration
const u8 *iter_pos = token.buf[3];
salt->salt_iter = hc_strtoul ((const char *) iter_pos, NULL, 10);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
odf12_t *odf12 = (odf12_t *) esalt_buf;
token_t token;
token.token_cnt = 12;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_ODF;
token.len_min[0] = 5;
token.len_max[0] = 5;
token.sep[0] = '*';
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.len_min[1] = 1;
token.len_max[1] = 1;
token.sep[1] = '*';
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len_min[2] = 1;
token.len_max[2] = 1;
token.sep[2] = '*';
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len_min[3] = 4;
token.len_max[3] = 6;
token.sep[3] = '*';
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len_min[4] = 2;
token.len_max[4] = 2;
token.sep[4] = '*';
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len_min[5] = 64;
token.len_max[5] = 64;
token.sep[5] = '*';
token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[6] = 2;
token.len_max[6] = 2;
token.sep[6] = '*';
token.attr[6] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len_min[7] = 32;
token.len_max[7] = 32;
token.sep[7] = '*';
token.attr[7] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[8] = 2;
token.len_max[8] = 2;
token.sep[8] = '*';
token.attr[8] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len_min[9] = 32;
token.len_max[9] = 32;
token.sep[9] = '*';
token.attr[9] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[10] = 1;
token.len_max[10] = 1;
token.sep[10] = '*';
token.attr[10] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len[11] = 2048;
token.attr[11] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *checksum = token.buf[5];
const u8 *iv = token.buf[7];
const u8 *salt_buf = token.buf[9];
const u8 *encrypted_data = token.buf[11];
const u32 cipher_type = strtol ((const char *) token.buf[1], NULL, 10);
const u32 checksum_type = strtol ((const char *) token.buf[2], NULL, 10);
const u32 iterations = strtol ((const char *) token.buf[3], NULL, 10);
const u32 key_size = strtol ((const char *) token.buf[4], NULL, 10);
const u32 iv_len = strtol ((const char *) token.buf[6], NULL, 10);
const u32 salt_len = strtol ((const char *) token.buf[8], NULL, 10);
const u32 unused = strtol ((const char *) token.buf[10], NULL, 10);
if (cipher_type != 1) return (PARSER_SALT_VALUE);
if (checksum_type != 1) return (PARSER_SALT_VALUE);
if (key_size != 32) return (PARSER_SALT_VALUE);
if (iv_len != 16) return (PARSER_SALT_VALUE);
if (salt_len != 16) return (PARSER_SALT_VALUE);
if (unused != 0) return (PARSER_SALT_VALUE);
// esalt
odf12->iterations = iterations;
odf12->checksum[0] = hex_to_u32 (&checksum[ 0]);
odf12->checksum[1] = hex_to_u32 (&checksum[ 8]);
odf12->checksum[2] = hex_to_u32 (&checksum[16]);
odf12->checksum[3] = hex_to_u32 (&checksum[24]);
odf12->checksum[4] = hex_to_u32 (&checksum[32]);
odf12->checksum[5] = hex_to_u32 (&checksum[40]);
odf12->checksum[6] = hex_to_u32 (&checksum[48]);
odf12->checksum[7] = hex_to_u32 (&checksum[56]);
odf12->iv[0] = hex_to_u32 (&iv[0]);
odf12->iv[1] = hex_to_u32 (&iv[8]);
odf12->iv[2] = hex_to_u32 (&iv[16]);
odf12->iv[3] = hex_to_u32 (&iv[24]);
for (int i = 0, j = 0; i < 256; i += 1, j += 8)
{
odf12->encrypted_data[i] = hex_to_u32 (&encrypted_data[j]);
}
// salt
salt->salt_len = salt_len;
salt->salt_iter = iterations - 1;
salt->salt_buf[0] = hex_to_u32 (&salt_buf[ 0]);
salt->salt_buf[1] = hex_to_u32 (&salt_buf[ 8]);
salt->salt_buf[2] = hex_to_u32 (&salt_buf[16]);
salt->salt_buf[3] = hex_to_u32 (&salt_buf[24]);
/**
* digest
*/
digest[0] = odf12->checksum[0];
digest[1] = odf12->checksum[1];
digest[2] = odf12->checksum[2];
digest[3] = odf12->checksum[3];
digest[4] = odf12->checksum[4];
digest[5] = odf12->checksum[5];
digest[6] = odf12->checksum[6];
digest[7] = odf12->checksum[7];
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
pbkdf2_sha256_t *pbkdf2_sha256 = (pbkdf2_sha256_t *) esalt_buf;
token_t token;
token.token_cnt = 3;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_CISCO8;
token.len[0] = 3;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.len_min[1] = 14;
token.len_max[1] = 14;
token.sep[1] = '$';
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
token.len[2] = 43;
token.attr[2] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_BASE64B;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// salt is not encoded
const u8 *salt_pos = token.buf[1];
const int salt_len = token.len[1];
u8 *salt_buf_ptr = (u8 *) pbkdf2_sha256->salt_buf;
memcpy (salt_buf_ptr, salt_pos, salt_len);
salt_buf_ptr[17] = 0x01;
salt_buf_ptr[18] = 0x80;
// add some stuff to normal salt to make sorted happy
salt->salt_buf[0] = pbkdf2_sha256->salt_buf[0];
salt->salt_buf[1] = pbkdf2_sha256->salt_buf[1];
salt->salt_buf[2] = pbkdf2_sha256->salt_buf[2];
salt->salt_buf[3] = pbkdf2_sha256->salt_buf[3];
salt->salt_len = salt_len;
salt->salt_iter = ROUNDS_CISCO8 - 1;
// base64 decode hash
const u8 *hash_pos = token.buf[2];
const int hash_len = token.len[2];
u8 tmp_buf[100] = { 0 };
const int tmp_len = base64_decode (itoa64_to_int, hash_pos, hash_len, tmp_buf);
if (tmp_len != 32) return (PARSER_HASH_LENGTH);
memcpy (digest, tmp_buf, 32);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
digest[5] = byte_swap_32 (digest[5]);
digest[6] = byte_swap_32 (digest[6]);
digest[7] = byte_swap_32 (digest[7]);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
dpapimk_t *dpapimk = (dpapimk_t *) esalt_buf;
token_t token;
token.token_cnt = 10;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_DPAPIMK;
// signature
token.len[0] = 9;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
// version
token.len_min[1] = 1;
token.len_max[1] = 1;
token.sep[1] = '*';
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
// context
token.len_min[2] = 1;
token.len_max[2] = 1;
token.sep[2] = '*';
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
// sid
token.len_min[3] = 10;
token.len_max[3] = 60;
token.sep[3] = '*';
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH;
// cipher
token.len_min[4] = 4;
token.len_max[4] = 6;
token.sep[4] = '*';
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH;
// hash
token.len_min[5] = 4;
token.len_max[5] = 6;
token.sep[5] = '*';
token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH;
// iterations
token.len_min[6] = 1;
token.len_max[6] = 6;
token.sep[6] = '*';
token.attr[6] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
// iv
token.len_min[7] = 32;
token.len_max[7] = 32;
token.sep[7] = '*';
token.attr[7] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
// content len
token.len_min[8] = 1;
token.len_max[8] = 6;
token.sep[8] = '*';
token.attr[8] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
// content
token.len_min[9] = 0;
token.len_max[9] = 1024;
token.attr[9] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *version_pos = token.buf[1];
const u8 *context_pos = token.buf[2];
const u8 *SID_pos = token.buf[3];
const u8 *rounds_pos = token.buf[6];
const u8 *iv_pos = token.buf[7];
const u8 *contents_len_pos = token.buf[8];
const u8 *contents_pos = token.buf[9];
/**
* content verification
*/
const int version = hc_strtoul ((const char *) version_pos, NULL, 10);
const int contents_len = hc_strtoul ((const char *) contents_len_pos, NULL, 10);
if (version == 1)
{
if (contents_len != 208) return (PARSER_SALT_LENGTH);
}
else if (version == 2)
{
if (contents_len != 288) return (PARSER_SALT_LENGTH);
}
else
{
return (PARSER_SALT_VALUE);
}
if (contents_len != token.len[9]) return (PARSER_SALT_LENGTH);
dpapimk->contents_len = contents_len;
dpapimk->context = hc_strtoul ((const char *) context_pos, NULL, 10);
// division by 4 should be fine because contents_len is either 208 or 288
for (u32 i = 0; i < dpapimk->contents_len / 4; i++)
{
dpapimk->contents[i] = hex_to_u32 ((const u8 *) &contents_pos[i * 8]);
dpapimk->contents[i] = byte_swap_32 (dpapimk->contents[i]);
}
// SID
const int SID_len = token.len[3];
u8 SID_utf16le[128] = { 0 };
for (int i = 0; i < SID_len; i++)
{
SID_utf16le[i * 2] = SID_pos[i];
}
/* Specific to DPAPI: needs trailing '\0' while computing hash */
dpapimk->SID_len = (SID_len + 1) * 2;
SID_utf16le[dpapimk->SID_len] = 0x80;
memcpy ((u8 *) dpapimk->SID, SID_utf16le, sizeof (SID_utf16le));
for (u32 i = 0; i < 32; i++)
{
dpapimk->SID[i] = byte_swap_32 (dpapimk->SID[i]);
}
// iv
dpapimk->iv[0] = hex_to_u32 ((const u8 *) &iv_pos[ 0]);
dpapimk->iv[1] = hex_to_u32 ((const u8 *) &iv_pos[ 8]);
dpapimk->iv[2] = hex_to_u32 ((const u8 *) &iv_pos[16]);
dpapimk->iv[3] = hex_to_u32 ((const u8 *) &iv_pos[24]);
dpapimk->iv[0] = byte_swap_32 (dpapimk->iv[0]);
dpapimk->iv[1] = byte_swap_32 (dpapimk->iv[1]);
dpapimk->iv[2] = byte_swap_32 (dpapimk->iv[2]);
dpapimk->iv[3] = byte_swap_32 (dpapimk->iv[3]);
digest[0] = dpapimk->iv[0];
digest[1] = dpapimk->iv[1];
digest[2] = dpapimk->iv[2];
digest[3] = dpapimk->iv[3];
salt->salt_buf[0] = dpapimk->iv[0];
salt->salt_buf[1] = dpapimk->iv[1];
salt->salt_buf[2] = dpapimk->iv[2];
salt->salt_buf[3] = dpapimk->iv[3];
salt->salt_len = 16;
// iter
salt->salt_iter = hc_strtoul ((const char *) rounds_pos, NULL, 10) - 1;
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
wpa_pmkid_t *wpa_pmkid = (wpa_pmkid_t *) esalt_buf;
token_t token;
// real 16801 pmkid hash-lines
token.token_cnt = 3;
token.sep[0] = ':';
token.len_min[0] = 32;
token.len_max[0] = 32;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[1] = ':';
token.len_min[1] = 12;
token.len_max[1] = 12;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[2] = ':';
token.len_min[2] = 12;
token.len_max[2] = 12;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK)
{
// we'll accept normal 16800 pmkid hash-lines, too
token.token_cnt = 4;
token.sep[0] = ':';
token.len_min[0] = 32;
token.len_max[0] = 32;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[1] = ':';
token.len_min[1] = 12;
token.len_max[1] = 12;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[2] = ':';
token.len_min[2] = 12;
token.len_max[2] = 12;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[3] = ':';
token.len_min[3] = 0;
token.len_max[3] = 64;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer2 = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer2 != PARSER_OK) return (rc_tokenizer);
// essid
const u8 *essid_buf = token.buf[3];
const int essid_len = token.len[3];
if (essid_len & 1) return (PARSER_SALT_VALUE);
wpa_pmkid->essid_len = hex_decode (essid_buf, essid_len, (u8 *) wpa_pmkid->essid_buf);
}
// pmkid
const u8 *pmkid_buf = token.buf[0];
wpa_pmkid->pmkid[0] = hex_to_u32 (pmkid_buf + 0);
wpa_pmkid->pmkid[1] = hex_to_u32 (pmkid_buf + 8);
wpa_pmkid->pmkid[2] = hex_to_u32 (pmkid_buf + 16);
wpa_pmkid->pmkid[3] = hex_to_u32 (pmkid_buf + 24);
// mac_ap
const u8 *macap_buf = token.buf[1];
wpa_pmkid->orig_mac_ap[0] = hex_to_u8 (macap_buf + 0);
wpa_pmkid->orig_mac_ap[1] = hex_to_u8 (macap_buf + 2);
wpa_pmkid->orig_mac_ap[2] = hex_to_u8 (macap_buf + 4);
wpa_pmkid->orig_mac_ap[3] = hex_to_u8 (macap_buf + 6);
wpa_pmkid->orig_mac_ap[4] = hex_to_u8 (macap_buf + 8);
wpa_pmkid->orig_mac_ap[5] = hex_to_u8 (macap_buf + 10);
// mac_sta
const u8 *macsta_buf = token.buf[2];
wpa_pmkid->orig_mac_sta[0] = hex_to_u8 (macsta_buf + 0);
wpa_pmkid->orig_mac_sta[1] = hex_to_u8 (macsta_buf + 2);
wpa_pmkid->orig_mac_sta[2] = hex_to_u8 (macsta_buf + 4);
wpa_pmkid->orig_mac_sta[3] = hex_to_u8 (macsta_buf + 6);
wpa_pmkid->orig_mac_sta[4] = hex_to_u8 (macsta_buf + 8);
wpa_pmkid->orig_mac_sta[5] = hex_to_u8 (macsta_buf + 10);
// pmkid_data
wpa_pmkid->pmkid_data[0] = 0x204b4d50; // "PMK "
wpa_pmkid->pmkid_data[1] = 0x656d614e; // "Name"
wpa_pmkid->pmkid_data[2] = (wpa_pmkid->orig_mac_ap[0] << 0)
| (wpa_pmkid->orig_mac_ap[1] << 8)
| (wpa_pmkid->orig_mac_ap[2] << 16)
| (wpa_pmkid->orig_mac_ap[3] << 24);
wpa_pmkid->pmkid_data[3] = (wpa_pmkid->orig_mac_ap[4] << 0)
| (wpa_pmkid->orig_mac_ap[5] << 8)
| (wpa_pmkid->orig_mac_sta[0] << 16)
| (wpa_pmkid->orig_mac_sta[1] << 24);
wpa_pmkid->pmkid_data[4] = (wpa_pmkid->orig_mac_sta[2] << 0)
| (wpa_pmkid->orig_mac_sta[3] << 8)
| (wpa_pmkid->orig_mac_sta[4] << 16)
| (wpa_pmkid->orig_mac_sta[5] << 24);
// salt
salt->salt_buf[0] = wpa_pmkid->pmkid_data[0];
salt->salt_buf[1] = wpa_pmkid->pmkid_data[1];
salt->salt_buf[2] = wpa_pmkid->pmkid_data[2];
salt->salt_buf[3] = wpa_pmkid->pmkid_data[3];
salt->salt_buf[4] = wpa_pmkid->pmkid_data[4];
salt->salt_buf[5] = wpa_pmkid->pmkid_data[5];
salt->salt_buf[6] = wpa_pmkid->pmkid_data[6];
salt->salt_buf[7] = wpa_pmkid->pmkid_data[7];
salt->salt_len = 32;
salt->salt_iter = ROUNDS_WPA_PMK - 1;
// hash
digest[0] = wpa_pmkid->pmkid[0];
digest[1] = wpa_pmkid->pmkid[1];
digest[2] = wpa_pmkid->pmkid[2];
digest[3] = wpa_pmkid->pmkid[3];
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
return (PARSER_OK);
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 4;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_EPISERVER;
token.len_min[0] = 11;
token.len_max[0] = 11;
token.sep[0] = '*';
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.len_min[1] = 1;
token.len_max[1] = 6;
token.sep[1] = '*';
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.len_min[2] = ((SALT_MIN * 8) / 6) + 0;
token.len_max[2] = ((SALT_MAX * 8) / 6) + 3;
token.sep[2] = '*';
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;
token.len_min[3] = 27;
token.len_max[3] = 27;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *hash_pos = token.buf[3];
const int hash_len = token.len[3];
u8 tmp_buf[100] = { 0 };
base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf);
memcpy (digest, tmp_buf, 20);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
if (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)
{
digest[0] -= SHA1M_A;
digest[1] -= SHA1M_B;
digest[2] -= SHA1M_C;
digest[3] -= SHA1M_D;
digest[4] -= SHA1M_E;
}
const u8 *salt_pos = token.buf[2];
const int salt_len = token.len[2];
const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len);
if (parse_rc == false) return (PARSER_SALT_LENGTH);
return (PARSER_OK);
}
