2 * rcracki_mt is a multithreaded implementation and fork of the original
6 * Copyright 2009, 2010 Daniƫl Niggebrugge <niggebrugge@fox-it.com>
7 * Copyright 2009, 2010 James Nobis <frt@quelrod.net>
9 * This file is part of rcracki_mt.
11 * rcracki_mt is free software: you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation, either version 2 of the License, or
14 * (at your option) any later version.
16 * rcracki_mt is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with rcracki_mt. If not, see <http://www.gnu.org/licenses/>.
24 * This code implements the MD4 message-digest algorithm.
25 * "Just the reference implementation, single stage. Hardly "optimized." Though a good bit faster than libssl's MD4, as it isn't doing nearly the same amount of work." - Bitweasil
27 * little bit optimized (or at least attempted) for NTLM (unicode) by neinbrucke
35 /* MD4 Defines as per RFC reference implementation */
36 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
37 #define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
38 #define H(x, y, z) ((x) ^ (y) ^ (z))
39 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
40 #define FF(a, b, c, d, x, s) { \
41 (a) += F ((b), (c), (d)) + (x); \
42 (a) = ROTATE_LEFT ((a), (s)); \
44 #define GG(a, b, c, d, x, s) { \
45 (a) += G ((b), (c), (d)) + (x) + (UINT4)0x5a827999; \
46 (a) = ROTATE_LEFT ((a), (s)); \
48 #define HH(a, b, c, d, x, s) { \
49 (a) += H ((b), (c), (d)) + (x) + (UINT4)0x6ed9eba1; \
50 (a) = ROTATE_LEFT ((a), (s)); \
66 void MD4_NEW( unsigned char * pData, int length, unsigned char * pDigest)
68 // access data as 4-byte word
69 #define uData ((UINT4 *)pData)
70 #define uDigest ((UINT4 *)pDigest)
72 // pad word and append bit at appropriate location
73 #define MD4_pad_w0() (0x00000080)
74 #define MD4_pad_w1(data) (((data) & 0x000000FF) | 0x00008000)
75 #define MD4_pad_w2(data) (((data) & 0x0000FFFF) | 0x00800000)
76 #define MD4_pad_w3(data) (((data) & 0x00FFFFFF) | 0x80000000)
78 // For the hash working space
79 //__attribute__((aligned(16))) UINT4 data[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
80 //__declspec(align(16)) UINT4 data[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
81 UINT4 data[MD4_DIGEST_LENGTH] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
83 // For the output result
90 data[ 0] = MD4_pad_w0();
97 data[ 0] = MD4_pad_w1(uData[0]);
104 data[ 0] = MD4_pad_w2(uData[0]);
111 data[ 0] = MD4_pad_w3(uData[0]);
119 data[ 1] = MD4_pad_w0();
127 data[ 1] = MD4_pad_w1(uData[1]);
135 data[ 1] = MD4_pad_w2(uData[1]);
143 data[ 1] = MD4_pad_w3(uData[1]);
152 data[ 2] = MD4_pad_w0();
161 data[ 2] = MD4_pad_w1(uData[2]);
170 data[ 2] = MD4_pad_w2(uData[2]);
179 data[ 2] = MD4_pad_w3(uData[2]);
189 data[ 3] = MD4_pad_w0();
199 data[ 3] = MD4_pad_w1(uData[3]);
209 data[ 3] = MD4_pad_w2(uData[3]);
219 data[ 3] = MD4_pad_w3(uData[3]);
227 length = length % 32; // lenght >= 32 not suported
229 int word = length >> 2;
237 switch (length & 0x3) {
240 data[word] = MD4_pad_w0();
245 data[word] = MD4_pad_w1(uData[word]);
250 data[word] = MD4_pad_w2(uData[word]);
255 data[word] = MD4_pad_w3(uData[word]);
260 data[14] = length << 3;
271 FF (a, b, c, d, data[ 0], S11); /* 1 */
272 FF (d, a, b, c, data[ 1], S12); /* 2 */
273 FF (c, d, a, b, data[ 2], S13); /* 3 */
274 FF (b, c, d, a, data[ 3], S14); /* 4 */
275 FF (a, b, c, d, data[ 4], S11); /* 5 */
276 FF (d, a, b, c, data[ 5], S12); /* 6 */
277 FF (c, d, a, b, data[ 6], S13); /* 7 */
278 FF (b, c, d, a, data[ 7], S14); /* 8 */
279 FF (a, b, c, d, 0, S11); /* 9 */
280 FF (d, a, b, c, 0, S12); /* 10 */
281 FF (c, d, a, b, 0, S13); /* 11 */
282 FF (b, c, d, a, 0, S14); /* 12 */
283 FF (a, b, c, d, 0, S11); /* 13 */
284 FF (d, a, b, c, 0, S12); /* 14 */
285 FF (c, d, a, b, data[14], S13); /* 15 */
286 FF (b, c, d, a, 0, S14); /* 16 */
289 GG (a, b, c, d, data[ 0], S21); /* 17 */
290 GG (d, a, b, c, data[ 4], S22); /* 18 */
291 GG (c, d, a, b, 0, S23); /* 19 */
292 GG (b, c, d, a, 0, S24); /* 20 */
293 GG (a, b, c, d, data[ 1], S21); /* 21 */
294 GG (d, a, b, c, data[ 5], S22); /* 22 */
295 GG (c, d, a, b, 0, S23); /* 23 */
296 GG (b, c, d, a, 0, S24); /* 24 */
297 GG (a, b, c, d, data[ 2], S21); /* 25 */
298 GG (d, a, b, c, data[ 6], S22); /* 26 */
299 GG (c, d, a, b, 0, S23); /* 27 */
300 GG (b, c, d, a, data[14], S24); /* 28 */
301 GG (a, b, c, d, data[ 3], S21); /* 29 */
302 GG (d, a, b, c, data[ 7], S22); /* 30 */
303 GG (c, d, a, b, 0, S23); /* 31 */
304 GG (b, c, d, a, 0, S24); /* 32 */
307 HH (a, b, c, d, data[ 0], S31); /* 33 */
308 HH (d, a, b, c, 0, S32); /* 34 */
309 HH (c, d, a, b, data[ 4], S33); /* 35 */
310 HH (b, c, d, a, 0, S34); /* 36 */
311 HH (a, b, c, d, data[ 2], S31); /* 37 */
312 HH (d, a, b, c, 0, S32); /* 38 */
313 HH (c, d, a, b, data[ 6], S33); /* 39 */
314 HH (b, c, d, a, data[14], S34); /* 40 */
315 HH (a, b, c, d, data[ 1], S31); /* 41 */
316 HH (d, a, b, c, 0, S32); /* 42 */
317 HH (c, d, a, b, data[ 5], S33); /* 43 */
318 HH (b, c, d, a, 0, S34); /* 44 */
319 HH (a, b, c, d, data[ 3], S31); /* 45 */
320 HH (d, a, b, c, 0, S32); /* 46 */
321 HH (c, d, a, b, data[ 7], S33); /* 47 */
322 HH (b, c, d, a, 0, S34); /* 48 */
324 // Finally, add initial values, as this is the only pass we make.