argon2 1.0.0 → 1.1.0

data/ext/phc-winner-argon2/kats/argon2i_v16.shasum

@@ -0,0 +1 @@
+334f03e627afb67b946a530b90d2e11fb2e6abb44df992c0fb3198c7bacf5930  argon2i_v16

data/ext/phc-winner-argon2/kats/check-sums.ps1

@@ -0,0 +1,42 @@
+Set-Variable tempfile -option Constant -value "tempfile"
+
+function hash($path) {
+    $fullPath = Resolve-Path $path
+    $hash = new-object -TypeName System.Security.Cryptography.SHA256CryptoServiceProvider
+
+    $contents = [IO.File]::ReadAllText($fullPath) -replace "`r`n?", "`n"
+    # create UTF-8 encoding without signature
+    $utf8 = New-Object System.Text.UTF8Encoding $false
+    # write the text back
+    [IO.File]::WriteAllText($tempfile, $contents, $utf8)
+
+    $file = [System.IO.File]::Open($tempfile,[System.IO.Filemode]::Open, [System.IO.FileAccess]::Read)
+    $result = [System.BitConverter]::ToString($hash.ComputeHash($file))
+    $file.Dispose()
+
+    if (Test-Path $tempfile) {
+        Remove-Item $tempfile
+    }
+
+    return $result
+}
+
+function main() {
+    $files = $(Get-ChildItem * | Where-Object { $_.Name -match '^[a-z2]*(_v)?[0-9]*$' } | select -ExpandProperty name)
+
+    foreach ($file in $files) {
+        $new = $(hash $file).replace("-","")
+        $new = $new.ToLower()
+
+        $old=$(Get-Content $file".shasum")
+        $old = $old.Substring(0, $old.IndexOf(" "))
+
+        if ($new -eq $old) {
+            Write-Host $file "`tOK"
+        } else {
+            Write-Host $file "`tERROR"
+        }
+    }
+}
+
+main

data/ext/phc-winner-argon2/kats/check-sums.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-for file in `ls | grep '^[a-z2]*$' | xargs`
+for file in `ls | grep '^[a-z2]*\(_v\)\?[0-9]*$' | xargs`
 do
     new=`shasum -a 256 $file`
     old=`cat $file.shasum`

data/ext/phc-winner-argon2/kats/test.ps1

@@ -0,0 +1,50 @@
+$ErrorActionPreference = "Stop"
+
+Set-Variable tempfile -option Constant -value "tempfile"
+
+function CompareFiles($f1, $f2, $i) {
+    $f1_content = $(Get-Content $f1)
+    $f2_content = $(Get-Content $f2)
+
+    if (Compare-Object $f1_content $f2_content) {
+        Write-Host -NoNewline "ERROR"
+        exit $i
+    } else {
+        Write-Host -NoNewline "OK"
+    }
+}
+
+function main() {
+    $i = 0
+    foreach ($opt in @("Ref", "Opt")) {
+        Write-Output "$opt"
+
+        foreach ($version in @(16, 19)) {
+            foreach ($type in @("i", "d")) {
+                $i++
+
+                if ("Ref" -eq $opt) {
+                    vs2015\build\Argon2RefGenKAT.exe $type $version > $tempfile
+                } else {
+                    vs2015\build\Argon2OptGenKAT.exe $type $version > $tempfile
+                }
+
+                if (19 -eq $version) {
+                    $kats = "kats\argon2" + $type
+                } else {
+                    $kats = "kats\argon2" + $type + "_v" + $version
+                }
+
+                Write-Host -NoNewline "Argon2$type v=$version : "
+                CompareFiles $tempfile $kats $i
+                Write-Output ""
+            }
+        }
+    }
+
+    if (Test-Path $tempfile) {
+        Remove-Item $tempfile
+    }
+}
+
+main

data/ext/phc-winner-argon2/kats/test.sh

@@ -1,47 +1,49 @@
 #!/bin/sh
 
-make genkat > /dev/null
-if [ $? -ne 0 ]
-then
-  exit $?
-fi
-
-printf "argon2i "
-./genkat i > tmp
-if diff tmp kats/argon2i
-then printf "OK"
-else printf "ERROR"
-fi
-printf "\n"
-
-printf "argon2d "
-./genkat d > tmp
-if diff tmp kats/argon2d
-then printf "OK"
-else printf "ERROR"
-fi
-printf "\n"
-
-make genkat OPT=TRUE > /dev/null
-if [ $? -ne 0 ]
-then
-  exit $?
-fi
-
-printf "argon2i "
-./genkat i > tmp
-if diff tmp kats/argon2i
-then printf "OK"
-else printf "ERROR"
-fi
-printf "\n"
-
-printf "argon2d "
-./genkat d > tmp
-if diff tmp kats/argon2d
-then printf "OK"
-else printf "ERROR"
-fi
-printf "\n"
+for opttest in "" "OPTTEST=1"
+do
+  if [ "" = "$opttest" ]
+  then
+    printf "Default build\n"
+  else
+    printf "Force OPTTEST=1\n"
+  fi
+
+  make genkat $opttest > /dev/null
+  if [ $? -ne 0 ]
+  then
+    exit $?
+  fi
+
+  i=0
+  for version in 16 19
+  do
+    for type in i d
+    do
+      i=$(($i+1))
+
+      printf "argon2$type v=$version: "
+
+      if [ 19 -eq $version ]
+      then
+        kats="kats/argon2"$type
+      else
+        kats="kats/argon2"$type"_v"$version
+      fi
+
+      ./genkat $type $version > tmp
+      if diff tmp $kats
+      then
+        printf "OK"
+      else
+        printf "ERROR"
+        exit $i
+      fi
+      printf "\n"
+    done
+  done
+done
 
 rm -f tmp
+
+exit 0

data/ext/phc-winner-argon2/man/argon2.1

@@ -0,0 +1,47 @@
+.TH ARGON2 "1" "April 2016" "argon2 " "User Commands"
+
+.SH NAME
+argon2 \- generate argon2 hashes
+
+.SH SYNOPSIS
+.B argon2 salt
+.RB [ OPTIONS ]
+
+.SH DESCRIPTION
+Generate Argon2 hashes from the command line.
+
+The supplied salt (the first argument to the command) must be at least
+8 octets in length, and the password is supplied on standard input.
+
+By default, this uses Argon2i variant (where memory access is
+independent of secret data) which is the preferred one for password
+hashing and password-based key derivation.
+
+.SH OPTIONS
+.TP
+.B \-d
+Use Argon2d instead of Argon2i (Argon2i is the default)
+.TP
+.BI \-t " N"
+Sets the number of iterations to N (default = 3)
+.TP
+.BI \-m " N"
+Sets the memory usage of 2^N KiB (default = 12)
+.TP
+.BI \-p " N"
+Sets parallelism to N threads (default = 1)
+.TP
+.BI \-h " N"
+Sets hash output length to N bytes (default = 32)
+.TP
+.B \-e
+Output only encoded hash
+.TP
+.B \-r
+Output only the raw bytes of the hash
+
+.SH COPYRIGHT
+This manpage was written by \fBDaniel Kahn Gillmor\fR for the Debian
+distribution (but may be used by others).  It is released, like the
+rest of this Argon2 implementation, under the terms of Creative
+Commons 0 (CC0)

data/ext/phc-winner-argon2/src/argon2.c

@@ -46,6 +46,7 @@ int argon2_ctx(argon2_context *context, argon2_type type) {
     /* Ensure that all segments have equal length */
     memory_blocks = segment_length * (context->lanes * ARGON2_SYNC_POINTS);
 
+    instance.version = context->version;
     instance.memory = NULL;
     instance.passes = context->t_cost;
     instance.memory_blocks = memory_blocks;
@@ -80,24 +81,19 @@ int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
                 const uint32_t parallelism, const void *pwd,
                 const size_t pwdlen, const void *salt, const size_t saltlen,
                 void *hash, const size_t hashlen, char *encoded,
-                const size_t encodedlen, argon2_type type) {
+                const size_t encodedlen, argon2_type type, 
+                const uint32_t version){
 
     argon2_context context;
     int result;
     uint8_t *out;
 
-    /* Detect and reject overflowing sizes */
-    /* TODO: This should probably be fixed in the function signature */
-    if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
-        return ARGON2_PWD_TOO_LONG;
-    }
-
     if (hashlen > ARGON2_MAX_OUTLEN) {
         return ARGON2_OUTPUT_TOO_LONG;
     }
 
-    if (saltlen > ARGON2_MAX_SALT_LENGTH) {
-        return ARGON2_SALT_TOO_LONG;
+    if (hashlen < ARGON2_MIN_OUTLEN) {
+        return ARGON2_OUTPUT_TOO_SHORT;
     }
 
     out = malloc(hashlen);
@@ -122,6 +118,7 @@ int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
     context.allocate_cbk = NULL;
     context.free_cbk = NULL;
     context.flags = ARGON2_DEFAULT_FLAGS;
+    context.version = version;
 
     result = argon2_ctx(&context, type);
 
@@ -158,7 +155,8 @@ int argon2i_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
                          char *encoded, const size_t encodedlen) {
 
     return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
-                       NULL, hashlen, encoded, encodedlen, Argon2_i);
+                       NULL, hashlen, encoded, encodedlen, Argon2_i,
+                       ARGON2_VERSION_NUMBER);
 }
 
 int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
@@ -167,7 +165,7 @@ int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
                      const size_t saltlen, void *hash, const size_t hashlen) {
 
     return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
-                       hash, hashlen, NULL, 0, Argon2_i);
+                       hash, hashlen, NULL, 0, Argon2_i, ARGON2_VERSION_NUMBER);
 }
 
 int argon2d_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
@@ -177,7 +175,8 @@ int argon2d_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
                          char *encoded, const size_t encodedlen) {
 
     return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
-                       NULL, hashlen, encoded, encodedlen, Argon2_d);
+                       NULL, hashlen, encoded, encodedlen, Argon2_d,
+                       ARGON2_VERSION_NUMBER);
 }
 
 int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
@@ -186,7 +185,7 @@ int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
                      const size_t saltlen, void *hash, const size_t hashlen) {
 
     return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
-                       hash, hashlen, NULL, 0, Argon2_d);
+                       hash, hashlen, NULL, 0, Argon2_d, ARGON2_VERSION_NUMBER);
 }
 
 static int argon2_compare(const uint8_t *b1, const uint8_t *b2, size_t len) {
@@ -206,9 +205,14 @@ int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
     uint8_t *out;
     int ret;
     int decode_result;
+    uint32_t encoded_len;
+
+    if(encoded == NULL) {
+        return ARGON2_DECODING_FAIL;
+    }
 
     /* max values, to be updated in decode_string */
-    uint32_t encoded_len = strlen(encoded);
+    encoded_len = strlen(encoded);
     ctx.adlen = encoded_len;
     ctx.saltlen = encoded_len;
     ctx.outlen = encoded_len;
@@ -216,6 +220,8 @@ int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
     ctx.free_cbk = NULL;
     ctx.secret = NULL;
     ctx.secretlen = 0;
+    ctx.pwdlen = 0;
+    ctx.pwd = NULL;
     ctx.ad = malloc(ctx.adlen);
     ctx.salt = malloc(ctx.saltlen);
     ctx.out = malloc(ctx.outlen);
@@ -242,7 +248,8 @@ int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
     }
 
     ret = argon2_hash(ctx.t_cost, ctx.m_cost, ctx.threads, pwd, pwdlen,
-                      ctx.salt, ctx.saltlen, out, ctx.outlen, NULL, 0, type);
+                      ctx.salt, ctx.saltlen, out, ctx.outlen, NULL, 0, type,
+                      ctx.version);
 
     free(ctx.ad);
     free(ctx.salt);
@@ -376,3 +383,10 @@ const char *argon2_error_message(int error_code) {
         return "Unknown error code";
     }
 }
+
+size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, uint32_t parallelism,
+                         uint32_t saltlen, uint32_t hashlen) {
+    return strlen("$argon2x$v=$m=,t=,p=$$") + numlen(t_cost) + numlen(m_cost)
+        + numlen(parallelism) + b64len(saltlen) + b64len(hashlen)
+        + numlen(ARGON2_VERSION_NUMBER);
+}

data/ext/phc-winner-argon2/src/bench.c

@@ -52,7 +52,6 @@ static void benchmark() {
     for (m_cost = (uint32_t)1 << 10; m_cost <= (uint32_t)1 << 22; m_cost *= 2) {
         unsigned i;
         for (i = 0; i < 4; ++i) {
-            argon2_context context;
             uint32_t thread_n = thread_test[i];
             uint64_t stop_cycles, stop_cycles_i;
             clock_t stop_time;
@@ -61,28 +60,12 @@ static void benchmark() {
 
             clock_t start_time = clock();
             uint64_t start_cycles = rdtsc();
-
-            context.out = out;
-            context.outlen = outlen;
-            context.pwd = pwd_array;
-            context.pwdlen = inlen;
-            context.salt = salt_array;
-            context.saltlen = inlen;
-            context.secret = NULL;
-            context.secretlen = 0;
-            context.ad = NULL;
-            context.adlen = 0;
-            context.t_cost = t_cost;
-            context.m_cost = m_cost;
-            context.lanes = thread_n;
-            context.threads = thread_n;
-            context.allocate_cbk = NULL;
-            context.free_cbk = NULL;
-            context.flags = 0;
-
-            argon2d_ctx(&context);
+            
+            argon2d_hash_raw(t_cost, m_cost, thread_n, pwd_array, inlen,
+                             salt_array, inlen, out, outlen);
             stop_cycles = rdtsc();
-            argon2i_ctx(&context);
+            argon2i_hash_raw(t_cost, m_cost, thread_n, pwd_array, inlen,
+                             salt_array, inlen, out, outlen);
             stop_cycles_i = rdtsc();
             stop_time = clock();
 

data/ext/phc-winner-argon2/src/core.c

@@ -88,7 +88,7 @@ int allocate_memory(block **memory, uint32_t m_cost) {
             return ARGON2_MEMORY_ALLOCATION_ERROR;
         }
 
-        *memory = (block *)calloc(memory_size, 1); /*2. Try to allocate*/
+        *memory = (block *)malloc(memory_size); /*2. Try to allocate*/
 
         if (!*memory) {
             return ARGON2_MEMORY_ALLOCATION_ERROR;
@@ -103,7 +103,7 @@ void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) {
 #if defined(_MSC_VER) && VC_GE_2005(_MSC_VER)
     SecureZeroMemory(v, n);
 #elif defined memset_s
-    memset_s(v, n);
+    memset_s(v, n, 0, n);
 #elif defined(__OpenBSD__)
     explicit_bzero(v, n);
 #else
@@ -508,7 +508,7 @@ void initial_hash(uint8_t *blockhash, argon2_context *context,
     store32(&value, context->t_cost);
     blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
 
-    store32(&value, ARGON2_VERSION_NUMBER);
+    store32(&value, context->version);
     blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
 
     store32(&value, (uint32_t)type);

data/ext/phc-winner-argon2/src/core.h

@@ -30,9 +30,6 @@
  * constants**************************************************/
 
 enum argon2_core_constants {
-    /* Version of the algorithm */
-    ARGON2_VERSION_NUMBER = 0x13,
-
     /* Memory block size in bytes */
     ARGON2_BLOCK_SIZE = 1024,
     ARGON2_QWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 8,
@@ -77,6 +74,7 @@ void xor_block(block *dst, const block *src);
  */
 typedef struct Argon2_instance_t {
     block *memory;          /* Memory pointer */
+    uint32_t version;
     uint32_t passes;        /* Number of passes */
     uint32_t memory_blocks; /* Number of blocks in memory */
     uint32_t segment_length;