argon2 1.1.4 → 1.1.5

data/ext/phc-winner-argon2/src/blake2/blamka-round-ref.h

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *
@@ -21,7 +21,7 @@
 #include "blake2.h"
 #include "blake2-impl.h"
 
-/*designed by the Lyra PHC team */
+/* designed by the Lyra PHC team */
 static BLAKE2_INLINE uint64_t fBlaMka(uint64_t x, uint64_t y) {
     const uint64_t m = UINT64_C(0xFFFFFFFF);
     const uint64_t xy = (x & m) * (y & m);

data/ext/phc-winner-argon2/src/core.c

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *
@@ -25,7 +25,6 @@
 #endif
 #define VC_GE_2005(version) (version >= 1400)
 
-#include <inttypes.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>

data/ext/phc-winner-argon2/src/core.h

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *
@@ -20,14 +20,6 @@
 
 #include "argon2.h"
 
-#if defined(_MSC_VER)
-#define ALIGN(n) __declspec(align(16))
-#elif defined(__GNUC__) || defined(__clang)
-#define ALIGN(x) __attribute__((__aligned__(x)))
-#else
-#define ALIGN(x)
-#endif
-
 #define CONST_CAST(x) (x)(uintptr_t)
 
 /**********************Argon2 internal constants*******************************/
@@ -37,6 +29,8 @@ enum argon2_core_constants {
     ARGON2_BLOCK_SIZE = 1024,
     ARGON2_QWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 8,
     ARGON2_OWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 16,
+    ARGON2_HWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 32,
+    ARGON2_512BIT_WORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 64,
 
     /* Number of pseudo-random values generated by one call to Blake in Argon2i
        to

data/ext/phc-winner-argon2/src/encoding.c

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *

data/ext/phc-winner-argon2/src/encoding.h

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *

data/ext/phc-winner-argon2/src/genkat.c

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *
@@ -15,7 +15,6 @@
  * software. If not, they may be obtained at the above URLs.
  */
 
-#include <inttypes.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -116,8 +115,8 @@ void internal_kat(const argon2_instance_t *instance, uint32_t pass) {
                     : ARGON2_QWORDS_IN_BLOCK;
 
             for (j = 0; j < how_many_words; ++j)
-                printf("Block %.4u [%3u]: %016" PRIx64 "\n", i, j,
-                       instance->memory[i].v[j]);
+                printf("Block %.4u [%3u]: %016llx\n", i, j,
+                       (unsigned long long)instance->memory[i].v[j]);
         }
     }
 }

data/ext/phc-winner-argon2/src/genkat.h

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *

data/ext/phc-winner-argon2/src/opt.c

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *
@@ -34,6 +34,79 @@
  * @param with_xor Whether to XOR into the new block (1) or just overwrite (0)
  * @pre all block pointers must be valid
  */
+#if defined(__AVX512F__)
+static void fill_block(__m512i *state, const block *ref_block,
+                       block *next_block, int with_xor) {
+    __m512i block_XY[ARGON2_512BIT_WORDS_IN_BLOCK];
+    unsigned int i;
+
+    if (with_xor) {
+        for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
+            state[i] = _mm512_xor_si512(
+                state[i], _mm512_loadu_si512((const __m512i *)ref_block->v + i));
+            block_XY[i] = _mm512_xor_si512(
+                state[i], _mm512_loadu_si512((const __m512i *)next_block->v + i));
+        }
+    } else {
+        for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
+            block_XY[i] = state[i] = _mm512_xor_si512(
+                state[i], _mm512_loadu_si512((const __m512i *)ref_block->v + i));
+        }
+    }
+
+    for (i = 0; i < 2; ++i) {
+        BLAKE2_ROUND_1(
+            state[8 * i + 0], state[8 * i + 1], state[8 * i + 2], state[8 * i + 3],
+            state[8 * i + 4], state[8 * i + 5], state[8 * i + 6], state[8 * i + 7]);
+    }
+
+    for (i = 0; i < 2; ++i) {
+        BLAKE2_ROUND_2(
+            state[2 * 0 + i], state[2 * 1 + i], state[2 * 2 + i], state[2 * 3 + i],
+            state[2 * 4 + i], state[2 * 5 + i], state[2 * 6 + i], state[2 * 7 + i]);
+    }
+
+    for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
+        state[i] = _mm512_xor_si512(state[i], block_XY[i]);
+        _mm512_storeu_si512((__m512i *)next_block->v + i, state[i]);
+    }
+}
+#elif defined(__AVX2__)
+static void fill_block(__m256i *state, const block *ref_block,
+                       block *next_block, int with_xor) {
+    __m256i block_XY[ARGON2_HWORDS_IN_BLOCK];
+    unsigned int i;
+
+    if (with_xor) {
+        for (i = 0; i < ARGON2_HWORDS_IN_BLOCK; i++) {
+            state[i] = _mm256_xor_si256(
+                state[i], _mm256_loadu_si256((const __m256i *)ref_block->v + i));
+            block_XY[i] = _mm256_xor_si256(
+                state[i], _mm256_loadu_si256((const __m256i *)next_block->v + i));
+        }
+    } else {
+        for (i = 0; i < ARGON2_HWORDS_IN_BLOCK; i++) {
+            block_XY[i] = state[i] = _mm256_xor_si256(
+                state[i], _mm256_loadu_si256((const __m256i *)ref_block->v + i));
+        }
+    }
+
+    for (i = 0; i < 4; ++i) {
+        BLAKE2_ROUND_1(state[8 * i + 0], state[8 * i + 4], state[8 * i + 1], state[8 * i + 5],
+                       state[8 * i + 2], state[8 * i + 6], state[8 * i + 3], state[8 * i + 7]);
+    }
+
+    for (i = 0; i < 4; ++i) {
+        BLAKE2_ROUND_2(state[ 0 + i], state[ 4 + i], state[ 8 + i], state[12 + i],
+                       state[16 + i], state[20 + i], state[24 + i], state[28 + i]);
+    }
+
+    for (i = 0; i < ARGON2_HWORDS_IN_BLOCK; i++) {
+        state[i] = _mm256_xor_si256(state[i], block_XY[i]);
+        _mm256_storeu_si256((__m256i *)next_block->v + i, state[i]);
+    }
+}
+#else
 static void fill_block(__m128i *state, const block *ref_block,
                        block *next_block, int with_xor) {
     __m128i block_XY[ARGON2_OWORDS_IN_BLOCK];
@@ -70,11 +143,20 @@ static void fill_block(__m128i *state, const block *ref_block,
         _mm_storeu_si128((__m128i *)next_block->v + i, state[i]);
     }
 }
+#endif
 
 static void next_addresses(block *address_block, block *input_block) {
     /*Temporary zero-initialized blocks*/
+#if defined(__AVX512F__)
+    __m512i zero_block[ARGON2_512BIT_WORDS_IN_BLOCK];
+    __m512i zero2_block[ARGON2_512BIT_WORDS_IN_BLOCK];
+#elif defined(__AVX2__)
+    __m256i zero_block[ARGON2_HWORDS_IN_BLOCK];
+    __m256i zero2_block[ARGON2_HWORDS_IN_BLOCK];
+#else
     __m128i zero_block[ARGON2_OWORDS_IN_BLOCK];
     __m128i zero2_block[ARGON2_OWORDS_IN_BLOCK];
+#endif
 
     memset(zero_block, 0, sizeof(zero_block));
     memset(zero2_block, 0, sizeof(zero2_block));
@@ -96,7 +178,13 @@ void fill_segment(const argon2_instance_t *instance,
     uint64_t pseudo_rand, ref_index, ref_lane;
     uint32_t prev_offset, curr_offset;
     uint32_t starting_index, i;
-    __m128i state[64];
+#if defined(__AVX512F__)
+    __m512i state[ARGON2_512BIT_WORDS_IN_BLOCK];
+#elif defined(__AVX2__)
+    __m256i state[ARGON2_HWORDS_IN_BLOCK];
+#else
+    __m128i state[ARGON2_OWORDS_IN_BLOCK];
+#endif
     int data_independent_addressing;
 
     if (instance == NULL) {

data/ext/phc-winner-argon2/src/ref.c

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *

data/ext/phc-winner-argon2/src/run.c

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *
@@ -17,7 +17,6 @@
 
 #define _GNU_SOURCE 1
 
-#include <inttypes.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -37,8 +36,9 @@
 #define UNUSED_PARAMETER(x) (void)(x)
 
 static void usage(const char *cmd) {
-    printf("Usage:  %s [-h] salt [-i|-d|-id] [-t iterations] [-m memory] "
-           "[-p parallelism] [-l hash length] [-e|-r] [-v (10|13)]\n",
+    printf("Usage:  %s [-h] salt [-i|-d|-id] [-t iterations] "
+           "[-m log2(memory in KiB) | -k memory in KiB] [-p parallelism] "
+           "[-l hash length] [-e|-r] [-v (10|13)]\n",
            cmd);
     printf("\tPassword is read from stdin\n");
     printf("Parameters:\n");
@@ -50,6 +50,8 @@ static void usage(const char *cmd) {
            T_COST_DEF);
     printf("\t-m N\t\tSets the memory usage of 2^N KiB (default %d)\n",
            LOG_M_COST_DEF);
+    printf("\t-k N\t\tSets the memory usage of N KiB (default %d)\n",
+           1 << LOG_M_COST_DEF);
     printf("\t-p N\t\tSets parallelism to N threads (default %d)\n",
            THREADS_DEF);
     printf("\t-l N\t\tSets hash output length to N bytes (default %d)\n",
@@ -89,11 +91,11 @@ Base64-encoded hash string
 @raw_only display only the hexadecimal of the hash
 @version Argon2 version
 */
-static void run(uint32_t outlen, char *pwd, char *salt, uint32_t t_cost,
+static void run(uint32_t outlen, char *pwd, size_t pwdlen, char *salt, uint32_t t_cost,
                 uint32_t m_cost, uint32_t lanes, uint32_t threads,
                 argon2_type type, int encoded_only, int raw_only, uint32_t version) {
     clock_t start_time, stop_time;
-    size_t pwdlen, saltlen, encodedlen;
+    size_t saltlen, encodedlen;
     int result;
     unsigned char * out = NULL;
     char * encoded = NULL;
@@ -105,11 +107,10 @@ static void run(uint32_t outlen, char *pwd, char *salt, uint32_t t_cost,
     }
 
     if (!salt) {
-        clear_internal_memory(pwd, strlen(pwd));
+        clear_internal_memory(pwd, pwdlen);
         fatal("salt missing");
     }
 
-    pwdlen = strlen(pwd);
     saltlen = strlen(salt);
     if(UINT32_MAX < saltlen) {
         fatal("salt is too long");
@@ -119,14 +120,14 @@ static void run(uint32_t outlen, char *pwd, char *salt, uint32_t t_cost,
 
     out = malloc(outlen + 1);
     if (!out) {
-        clear_internal_memory(pwd, strlen(pwd));
+        clear_internal_memory(pwd, pwdlen);
         fatal("could not allocate memory for output");
     }
 
     encodedlen = argon2_encodedlen(t_cost, m_cost, lanes, (uint32_t)saltlen, outlen, type);
     encoded = malloc(encodedlen + 1);
     if (!encoded) {
-        clear_internal_memory(pwd, strlen(pwd));
+        clear_internal_memory(pwd, pwdlen);
         fatal("could not allocate memory for hash");
     }
 
@@ -174,11 +175,12 @@ int main(int argc, char *argv[]) {
     uint32_t threads = THREADS_DEF;
     argon2_type type = Argon2_i; /* Argon2i is the default type */
     int types_specified = 0;
+    int m_cost_specified = 0;
     int encoded_only = 0;
     int raw_only = 0;
     uint32_t version = ARGON2_VERSION_NUMBER;
     int i;
-    size_t n;
+    size_t pwdlen;
     char pwd[MAX_PASS_LEN], *salt;
 
     if (argc < 2) {
@@ -190,19 +192,14 @@ int main(int argc, char *argv[]) {
     }
 
     /* get password from stdin */
-    n = fread(pwd, 1, sizeof pwd - 1, stdin);
-    if(n < 1) {
+    pwdlen = fread(pwd, 1, sizeof pwd, stdin);
+    if(pwdlen < 1) {
         fatal("no password read");
     }
-    if(n == MAX_PASS_LEN-1) {
+    if(pwdlen == MAX_PASS_LEN) {
         fatal("Provided password longer than supported in command line utility");
     }
 
-    pwd[n] = '\0';
-    if (pwd[n - 1] == '\n') {
-        pwd[n - 1] = '\0';
-    }
-
     salt = argv[1];
 
     /* parse options */
@@ -213,6 +210,10 @@ int main(int argc, char *argv[]) {
             usage(argv[0]);
             return 1;
         } else if (!strcmp(a, "-m")) {
+            if (m_cost_specified) {
+                fatal("-m or -k can only be used once");
+            }
+            m_cost_specified = 1;
             if (i < argc - 1) {
                 i++;
                 input = strtoul(argv[i], NULL, 10);
@@ -228,6 +229,25 @@ int main(int argc, char *argv[]) {
             } else {
                 fatal("missing -m argument");
             }
+        } else if (!strcmp(a, "-k")) {
+            if (m_cost_specified) {
+                fatal("-m or -k can only be used once");
+            }
+            m_cost_specified = 1;
+            if (i < argc - 1) {
+                i++;
+                input = strtoul(argv[i], NULL, 10);
+                if (input == 0 || input == ULONG_MAX) {
+                    fatal("bad numeric input for -k");
+                }
+                m_cost = ARGON2_MIN(input, UINT32_C(0xFFFFFFFF));
+                if (m_cost > ARGON2_MAX_MEMORY) {
+                    fatal("m_cost overflow");
+                }
+                continue;
+            } else {
+                fatal("missing -k argument");
+            }
         } else if (!strcmp(a, "-t")) {
             if (i < argc - 1) {
                 i++;
@@ -304,12 +324,12 @@ int main(int argc, char *argv[]) {
 
     if(!encoded_only && !raw_only) {
         printf("Type:\t\t%s\n", argon2_type2string(type, 1));
-        printf("Iterations:\t%" PRIu32 " \n", t_cost);
-        printf("Memory:\t\t%" PRIu32 " KiB\n", m_cost);
-        printf("Parallelism:\t%" PRIu32 " \n", lanes);
+        printf("Iterations:\t%u\n", t_cost);
+        printf("Memory:\t\t%u KiB\n", m_cost);
+        printf("Parallelism:\t%u\n", lanes);
     }
 
-    run(outlen, pwd, salt, t_cost, m_cost, lanes, threads, type,
+    run(outlen, pwd, pwdlen, salt, t_cost, m_cost, lanes, threads, type,
        encoded_only, raw_only, version);
 
     return ARGON2_OK;

data/ext/phc-winner-argon2/src/test.c

@@ -4,7 +4,7 @@
  * Copyright 2015
  * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
  *
- * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * You may use this work under the terms of a Creative Commons CC0 1.0
  * License/Waiver or the Apache Public License 2.0, at your option. The terms of
  * these licenses can be found at:
  *
@@ -17,7 +17,6 @@
 
 #include <stdio.h>
 #include <stdint.h>
-#include <inttypes.h>
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
@@ -81,7 +80,7 @@ int main() {
              "$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
              "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ");
 #ifdef TEST_LARGE_RAM
-    hashtest(version, 2, 20, 1, "password", "somesalt",  
+    hashtest(version, 2, 20, 1, "password", "somesalt",
             "9690ec55d28d3ed32562f2e73ea62b02b018757643a2ae6e79528459de8106e9",
             "$argon2i$m=1048576,t=2,p=1$c29tZXNhbHQ"
             "$lpDsVdKNPtMlYvLnPqYrArAYdXZDoq5ueVKEWd6BBuk");
@@ -160,10 +159,10 @@ int main() {
              "$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
              "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA");
 #ifdef TEST_LARGE_RAM
-    hashtest(version, 2, 20, 1, "password", "somesalt",  
+    hashtest(version, 2, 20, 1, "password", "somesalt",
              "d1587aca0922c3b5d6a83edab31bee3c4ebaef342ed6127a55d19b2351ad1f41",
-             "$argon2i$v=19$m=1048576,t=2,p=1$c29tZXNhbHQ"  
-             "$0Vh6ygkiw7XWqD7asxvuPE667zQu1hJ6VdGbI1GtH0E");  
+             "$argon2i$v=19$m=1048576,t=2,p=1$c29tZXNhbHQ"
+             "$0Vh6ygkiw7XWqD7asxvuPE667zQu1hJ6VdGbI1GtH0E");
 #endif
     hashtest(version, 2, 18, 1, "password", "somesalt",
              "296dbae80b807cdceaad44ae741b506f14db0959267b183b118f9b24229bc7cb",