Skip to content

Commit d66acea

Browse files
magnumrippermagnumripper
committed
Replace our AES code with the one from MbedTLS 3.6.2
This one supports AES-NI (Intel) and AES-CE (ARM, including Apple Silicon) and does not depend on yasm as it's primarily written in C with intrinsics. Unlike the old code that was only used for o5logon, this code kicks in for any format using AES. Great boosts seen with AES-heavy formats. The AES-CBC function was modifed so it accepts sizes not a multiple of block size, and does what OpenSSL and others do: Treat the last block as a full one, possibly writing past end of output buffer. Closes #4314
1 parent 905b1cc commit d66acea

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

52 files changed

+337
-7114
lines changed

.gitignore

+1-1
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ run/wpapcap2john
7373
run/zip2john
7474

7575
src/.gdbinit
76-
src/aes/aes.a
76+
src/mbedtls/aes.a
7777
src/arch.h
7878
src/all_tests.lst
7979
src/autoconfig-stamp-h

doc/NEWS

+6
Original file line numberDiff line numberDiff line change
@@ -354,6 +354,12 @@ Major changes from 1.9.0-jumbo-1 (May 2019) in this bleeding-edge version:
354354
character classes got (very minor) changes - this can affect resuming old
355355
jobs [magnum; 2024]
356356

357+
- Dropped our old AES-NI code in favor of the AES code from mbedTLS, which
358+
supports AES-NI (Intel) as well as AES-CE (Arm). The new code kicks in for
359+
any format using AES. Boosts of up to 13x seen on Intel and 7x on MacBook
360+
M1 (those are for the KeePass format with AES-KDF, which is extreme because
361+
all the heavy lifting is AES). [magnum; 2024]
362+
357363

358364
Major changes from 1.8.0-jumbo-1 (December 2014) to 1.9.0-jumbo-1 (May 2019):
359365

src/Makefile.in

+13-28
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ PEFLAGS = peflags --dynamicbase=true --nxcompat=true
3939
SHELL = /bin/sh
4040
VPATH = @srcdir@
4141

42-
subdirs = aes secp256k1 ed25519-donna poly1305-donna @ZTEX_SUBDIRS@
42+
subdirs = mbedtls secp256k1 ed25519-donna poly1305-donna @ZTEX_SUBDIRS@
4343
top_srcdir = @top_srcdir@
4444
srcdir = @srcdir@
4545
prefix = @prefix@
@@ -71,20 +71,6 @@ LDFLAGS = -g @LDFLAGS@ $(LIBS) @HAVE_MPI@
7171
OPT_NORMAL = @OPT_NORMAL_FLAGS@
7272
OPT_INLINE = @OPT_INLINE_FLAGS@
7373
#
74-
AES_OK := $(shell expr `$(CC) -dumpversion | cut -d '.' -f 1` \>= 4)
75-
YASM = @YASM@
76-
USE_AESNI = @AESNI_OS@
77-
AESNI_ARCH=@AESNI_ARCH@
78-
79-
ifeq "$(AES_OK)" "1"
80-
ifneq "$(YASM)" ""
81-
ifdef USE_AESNI
82-
ifdef AESNI_ARCH
83-
AESNI_DEC = -DAESNI_IN_USE
84-
endif
85-
endif
86-
endif
87-
endif
8874

8975
PLUGFORMATS_OBJS = @PLUGFORMATS_OBJS@
9076

@@ -206,8 +192,7 @@ endif
206192
default:
207193
$(MAKE) find_version
208194
@$(MAKE) $(PROJ) \
209-
JOHN_OBJS="$(JOHN_OBJS) @CC_ASM_OBJS@" \
210-
AESNI_ARCH=@AESNI_ARCH@
195+
JOHN_OBJS="$(JOHN_OBJS) @CC_ASM_OBJS@"
211196

212197
@if [ "$(OS)" = "Windows_NT" ]; then \
213198
$(MAKE) peflags; \
@@ -525,15 +510,15 @@ unicode.o: unicode.c common.h arch.h memory.h byteorder.h unicode.h options.h au
525510

526511
unique.o: unique.c autoconfig.h arch.h misc.h jumbo.h params.h memory.h os.h os-autoconf.h
527512

528-
unrar.o: unrar.c arch.h unrar.h aes.h autoconfig.h aes/aes_func.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h os.h os-autoconf.h
513+
unrar.o: unrar.c arch.h unrar.h aes.h autoconfig.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h os.h os-autoconf.h
529514

530-
unrarcmd.o: unrarcmd.c aes.h autoconfig.h aes/aes_func.h unrar.h arch.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h os.h os-autoconf.h
515+
unrarcmd.o: unrarcmd.c aes.h autoconfig.h unrar.h arch.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h os.h os-autoconf.h
531516

532-
unrarfilter.o: unrarfilter.c arch.h aes.h autoconfig.h aes/aes_func.h unrar.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h os.h os-autoconf.h
517+
unrarfilter.o: unrarfilter.c arch.h aes.h autoconfig.h unrar.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h os.h os-autoconf.h
533518

534519
unrarhlp.o: unrarhlp.c jumbo.h arch.h unrarhlp.h memory.h os.h os-autoconf.h autoconfig.h
535520

536-
unrarvm.o: unrarvm.c arch.h aes.h autoconfig.h aes/aes_func.h unrar.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h common.h os.h os-autoconf.h
521+
unrarvm.o: unrarvm.c arch.h aes.h autoconfig.h unrar.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h common.h os.h os-autoconf.h
537522

538523
unshadow.o: unshadow.c misc.h jumbo.h arch.h autoconfig.h params.h memory.h os.h os-autoconf.h
539524

@@ -574,7 +559,7 @@ find_version:
574559
echo "#define JTR_GIT_VERSION $(JTR_GIT_VERSION)" > version.h.new
575560
diff >/dev/null 2>/dev/null version.h.new version.h && $(RM) version.h.new || $(MV) version.h.new version.h
576561

577-
SUBDIRS = aes secp256k1 ed25519-donna poly1305-donna @ZTEX_SUBDIRS@
562+
SUBDIRS = mbedtls secp256k1 ed25519-donna poly1305-donna @ZTEX_SUBDIRS@
578563

579564
.PHONY: subdirs $(SUBDIRS) find_version
580565

@@ -590,8 +575,8 @@ DES_bs_b.o: DES_bs_b.c arch.h common.h memory.h DES_bs.h loader.h params.h list.
590575
miscnl.o: misc.c
591576
$(CC) $(CFLAGS) $(OPT_NORMAL) -D_JOHN_MISC_NO_LOG misc.c -o miscnl.o
592577

593-
aes/aes.a:
594-
$(MAKE) -C aes all
578+
mbedtls/aes.a:
579+
$(MAKE) -C mbedtls all
595580

596581
secp256k1/secp256k1.a:
597582
$(MAKE) -C secp256k1 all
@@ -614,8 +599,8 @@ poly1305-donna/poly1305-donna.a:
614599

615600
# PTHREAD_CFLAGS and OPENMP_CFLAGS may actually contain linker options,
616601
# like -fopenmp
617-
../run/john@EXE_EXT@: $(JOHN_OBJS) aes/aes.a secp256k1/secp256k1.a ed25519-donna/ed25519-donna.a poly1305-donna/poly1305-donna.a @ZTEX_SUBDIRS@
618-
$(LD) $(JOHN_OBJS) $(LDFLAGS) @OPENSSL_LIBS@ @OPENMP_CFLAGS@ @GMP_LIBS@ @SKEY_LIBS@ @REXGEN_LIBS@ @CL_LIBS@ @PTHREAD_CFLAGS@ @PTHREAD_LIBS@ @M_LIBS@ @RT_LIBS@ @Z_LIBS@ @DL_LIBS@ @CRYPT_LIBS@ @BZ2_LIBS@ @ZTEX_LIBS@ aes/aes.a secp256k1/secp256k1.a ed25519-donna/ed25519-donna.a poly1305-donna/poly1305-donna.a -o $@
602+
../run/john@EXE_EXT@: $(JOHN_OBJS) mbedtls/aes.a secp256k1/secp256k1.a ed25519-donna/ed25519-donna.a poly1305-donna/poly1305-donna.a @ZTEX_SUBDIRS@
603+
$(LD) $(JOHN_OBJS) $(LDFLAGS) @OPENSSL_LIBS@ @OPENMP_CFLAGS@ @GMP_LIBS@ @SKEY_LIBS@ @REXGEN_LIBS@ @CL_LIBS@ @PTHREAD_CFLAGS@ @PTHREAD_LIBS@ @M_LIBS@ @RT_LIBS@ @Z_LIBS@ @DL_LIBS@ @CRYPT_LIBS@ @BZ2_LIBS@ @ZTEX_LIBS@ mbedtls/aes.a secp256k1/secp256k1.a ed25519-donna/ed25519-donna.a poly1305-donna/poly1305-donna.a -o $@
619604

620605
../run/unshadow: ../run/john
621606
$(RM) ../run/unshadow
@@ -756,11 +741,11 @@ path.o: path.c path.h autoconfig.h arch.h params.h misc.h memory.h
756741
$(CC) $(CFLAGS_MAIN) $(OPT_NORMAL) -O1 $*.c
757742

758743
# Workaround for gcc 3.4.6 (seen on Sparc32) (do not use -funroll-loops)
759-
unrarppm.o: unrarppm.c arch.h aes.h autoconfig.h aes/aes_func.h unrar.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h common.h os.h os-autoconf.h
744+
unrarppm.o: unrarppm.c arch.h aes.h autoconfig.h unrar.h unrarhlp.h memory.h jumbo.h unrarppm.h unrarvm.h unrarcmd.h unrarfilter.h common.h os.h os-autoconf.h
760745
$(CC) -DAC_BUILT $(CFLAGS) $< -o $@
761746

762747
.c.o:
763-
$(CC) $(CFLAGS) $(OPT_NORMAL) $(AESNI_DEC) $< -o $@
748+
$(CC) $(CFLAGS) $(OPT_NORMAL) $< -o $@
764749

765750
.S.o:
766751
$(AS) $(ASFLAGS) $*.S

0 commit comments

Comments
 (0)