argon2 2.3.0 → 2.3.1

data/ext/phc-winner-argon2/src/encoding.h

@@ -1,57 +0,0 @@
-/*
- * Argon2 reference source code package - reference C implementations
- *
- * Copyright 2015
- * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
- *
- * You may use this work under the terms of a Creative Commons CC0 1.0
- * License/Waiver or the Apache Public License 2.0, at your option. The terms of
- * these licenses can be found at:
- *
- * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0
- * - Apache 2.0        : https://www.apache.org/licenses/LICENSE-2.0
- *
- * You should have received a copy of both of these licenses along with this
- * software. If not, they may be obtained at the above URLs.
- */
-
-#ifndef ENCODING_H
-#define ENCODING_H
-#include "argon2.h"
-
-#define ARGON2_MAX_DECODED_LANES UINT32_C(255)
-#define ARGON2_MIN_DECODED_SALT_LEN UINT32_C(8)
-#define ARGON2_MIN_DECODED_OUT_LEN UINT32_C(12)
-
-/*
-* encode an Argon2 hash string into the provided buffer. 'dst_len'
-* contains the size, in characters, of the 'dst' buffer; if 'dst_len'
-* is less than the number of required characters (including the
-* terminating 0), then this function returns ARGON2_ENCODING_ERROR.
-*
-* on success, ARGON2_OK is returned.
-*/
-int encode_string(char *dst, size_t dst_len, argon2_context *ctx,
-                  argon2_type type);
-
-/*
-* Decodes an Argon2 hash string into the provided structure 'ctx'.
-* The only fields that must be set prior to this call are ctx.saltlen and
-* ctx.outlen (which must be the maximal salt and out length values that are
-* allowed), ctx.salt and ctx.out (which must be buffers of the specified
-* length), and ctx.pwd and ctx.pwdlen which must hold a valid password.
-*
-* Invalid input string causes an error. On success, the ctx is valid and all
-* fields have been initialized.
-*
-* Returned value is ARGON2_OK on success, other ARGON2_ codes on error.
-*/
-int decode_string(argon2_context *ctx, const char *str, argon2_type type);
-
-/* Returns the length of the encoded byte stream with length len */
-size_t b64len(uint32_t len);
-
-/* Returns the length of the encoded number num */
-size_t numlen(uint32_t num);
-
-#endif

data/ext/phc-winner-argon2/src/genkat.c

@@ -1,213 +0,0 @@
-/*
- * Argon2 reference source code package - reference C implementations
- *
- * Copyright 2015
- * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
- *
- * You may use this work under the terms of a Creative Commons CC0 1.0
- * License/Waiver or the Apache Public License 2.0, at your option. The terms of
- * these licenses can be found at:
- *
- * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0
- * - Apache 2.0        : https://www.apache.org/licenses/LICENSE-2.0
- *
- * You should have received a copy of both of these licenses along with this
- * software. If not, they may be obtained at the above URLs.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "argon2.h"
-#include "core.h"
-#ifdef __MINGW32__
-#include <inttypes.h>
-#else
-/* Don't use <inttypes.h> (it's not C89) */
-#define PRIx64 "llx"
-#endif
-
-void initial_kat(const uint8_t *blockhash, const argon2_context *context,
-                 argon2_type type) {
-    unsigned i;
-
-    if (blockhash != NULL && context != NULL) {
-        printf("=======================================\n");
-
-        printf("%s version number %d\n", argon2_type2string(type, 1),
-               context->version);
-
-        printf("=======================================\n");
-
-
-        printf("Memory: %u KiB, Iterations: %u, Parallelism: %u lanes, Tag "
-               "length: %u bytes\n",
-               context->m_cost, context->t_cost, context->lanes,
-               context->outlen);
-
-        printf("Password[%u]: ", context->pwdlen);
-
-        if (context->flags & ARGON2_FLAG_CLEAR_PASSWORD) {
-            printf("CLEARED\n");
-        } else {
-            for (i = 0; i < context->pwdlen; ++i) {
-                printf("%2.2x ", ((unsigned char *)context->pwd)[i]);
-            }
-
-            printf("\n");
-        }
-
-        printf("Salt[%u]: ", context->saltlen);
-
-        for (i = 0; i < context->saltlen; ++i) {
-            printf("%2.2x ", ((unsigned char *)context->salt)[i]);
-        }
-
-        printf("\n");
-
-        printf("Secret[%u]: ", context->secretlen);
-
-        if (context->flags & ARGON2_FLAG_CLEAR_SECRET) {
-            printf("CLEARED\n");
-        } else {
-            for (i = 0; i < context->secretlen; ++i) {
-                printf("%2.2x ", ((unsigned char *)context->secret)[i]);
-            }
-
-            printf("\n");
-        }
-
-        printf("Associated data[%u]: ", context->adlen);
-
-        for (i = 0; i < context->adlen; ++i) {
-            printf("%2.2x ", ((unsigned char *)context->ad)[i]);
-        }
-
-        printf("\n");
-
-        printf("Pre-hashing digest: ");
-
-        for (i = 0; i < ARGON2_PREHASH_DIGEST_LENGTH; ++i) {
-            printf("%2.2x ", ((unsigned char *)blockhash)[i]);
-        }
-
-        printf("\n");
-    }
-}
-
-void print_tag(const void *out, uint32_t outlen) {
-    unsigned i;
-    if (out != NULL) {
-        printf("Tag: ");
-
-        for (i = 0; i < outlen; ++i) {
-            printf("%2.2x ", ((uint8_t *)out)[i]);
-        }
-
-        printf("\n");
-    }
-}
-
-void internal_kat(const argon2_instance_t *instance, uint32_t pass) {
-
-    if (instance != NULL) {
-        uint32_t i, j;
-        printf("\n After pass %u:\n", pass);
-
-        for (i = 0; i < instance->memory_blocks; ++i) {
-            uint32_t how_many_words =
-                (instance->memory_blocks > ARGON2_QWORDS_IN_BLOCK)
-                    ? 1
-                    : ARGON2_QWORDS_IN_BLOCK;
-
-            for (j = 0; j < how_many_words; ++j)
-                printf("Block %.4u [%3u]: %016" PRIx64 "\n", i, j,
-                       (unsigned long long)instance->memory[i].v[j]);
-        }
-    }
-}
-
-static void fatal(const char *error) {
-    fprintf(stderr, "Error: %s\n", error);
-    exit(1);
-}
-
-static void generate_testvectors(argon2_type type, const uint32_t version) {
-#define TEST_OUTLEN 32
-#define TEST_PWDLEN 32
-#define TEST_SALTLEN 16
-#define TEST_SECRETLEN 8
-#define TEST_ADLEN 12
-    argon2_context context;
-
-    unsigned char out[TEST_OUTLEN];
-    unsigned char pwd[TEST_PWDLEN];
-    unsigned char salt[TEST_SALTLEN];
-    unsigned char secret[TEST_SECRETLEN];
-    unsigned char ad[TEST_ADLEN];
-    const allocate_fptr myown_allocator = NULL;
-    const deallocate_fptr myown_deallocator = NULL;
-
-    unsigned t_cost = 3;
-    unsigned m_cost = 32;
-    unsigned lanes = 4;
-
-    memset(pwd, 1, TEST_OUTLEN);
-    memset(salt, 2, TEST_SALTLEN);
-    memset(secret, 3, TEST_SECRETLEN);
-    memset(ad, 4, TEST_ADLEN);
-
-    context.out = out;
-    context.outlen = TEST_OUTLEN;
-    context.version = version;
-    context.pwd = pwd;
-    context.pwdlen = TEST_PWDLEN;
-    context.salt = salt;
-    context.saltlen = TEST_SALTLEN;
-    context.secret = secret;
-    context.secretlen = TEST_SECRETLEN;
-    context.ad = ad;
-    context.adlen = TEST_ADLEN;
-    context.t_cost = t_cost;
-    context.m_cost = m_cost;
-    context.lanes = lanes;
-    context.threads = lanes;
-    context.allocate_cbk = myown_allocator;
-    context.free_cbk = myown_deallocator;
-    context.flags = ARGON2_DEFAULT_FLAGS;
-
-#undef TEST_OUTLEN
-#undef TEST_PWDLEN
-#undef TEST_SALTLEN
-#undef TEST_SECRETLEN
-#undef TEST_ADLEN
-
-    argon2_ctx(&context, type);
-}
-
-int main(int argc, char *argv[]) {
-    /* Get and check Argon2 type */
-    const char *type_str = (argc > 1) ? argv[1] : "i";
-    argon2_type type = Argon2_i;
-    uint32_t version = ARGON2_VERSION_NUMBER;
-    if (!strcmp(type_str, "d")) {
-        type = Argon2_d;
-    } else if (!strcmp(type_str, "i")) {
-        type = Argon2_i;
-    } else if (!strcmp(type_str, "id")) {
-        type = Argon2_id;
-    } else {
-        fatal("wrong Argon2 type");
-    }
-
-    /* Get and check Argon2 version number */
-    if (argc > 2) {
-        version = strtoul(argv[2], NULL, 10);
-    }
-    if (ARGON2_VERSION_10 != version && ARGON2_VERSION_NUMBER != version) {
-        fatal("wrong Argon2 version number");
-    }
-
-    generate_testvectors(type, version);
-    return ARGON2_OK;
-}

data/ext/phc-winner-argon2/src/genkat.h

@@ -1,51 +0,0 @@
-/*
- * Argon2 reference source code package - reference C implementations
- *
- * Copyright 2015
- * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
- *
- * You may use this work under the terms of a Creative Commons CC0 1.0
- * License/Waiver or the Apache Public License 2.0, at your option. The terms of
- * these licenses can be found at:
- *
- * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0
- * - Apache 2.0        : https://www.apache.org/licenses/LICENSE-2.0
- *
- * You should have received a copy of both of these licenses along with this
- * software. If not, they may be obtained at the above URLs.
- */
-
-#ifndef ARGON2_KAT_H
-#define ARGON2_KAT_H
-
-#include "core.h"
-
-/*
- * Initial KAT function that prints the inputs to the file
- * @param  blockhash  Array that contains pre-hashing digest
- * @param  context Holds inputs
- * @param  type Argon2 type
- * @pre blockhash must point to INPUT_INITIAL_HASH_LENGTH bytes
- * @pre context member pointers must point to allocated memory of size according
- * to the length values
- */
-void initial_kat(const uint8_t *blockhash, const argon2_context *context,
-                 argon2_type type);
-
-/*
- * Function that prints the output tag
- * @param  out  output array pointer
- * @param  outlen digest length
- * @pre out must point to @a outlen bytes
- **/
-void print_tag(const void *out, uint32_t outlen);
-
-/*
- * Function that prints the internal state at given moment
- * @param  instance pointer to the current instance
- * @param  pass current pass number
- * @pre instance must have necessary memory allocated
- **/
-void internal_kat(const argon2_instance_t *instance, uint32_t pass);
-
-#endif

data/ext/phc-winner-argon2/src/opt.c

@@ -1,283 +0,0 @@
-/*
- * Argon2 reference source code package - reference C implementations
- *
- * Copyright 2015
- * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
- *
- * You may use this work under the terms of a Creative Commons CC0 1.0
- * License/Waiver or the Apache Public License 2.0, at your option. The terms of
- * these licenses can be found at:
- *
- * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0
- * - Apache 2.0        : https://www.apache.org/licenses/LICENSE-2.0
- *
- * You should have received a copy of both of these licenses along with this
- * software. If not, they may be obtained at the above URLs.
- */
-
-#include <stdint.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "argon2.h"
-#include "core.h"
-
-#include "blake2/blake2.h"
-#include "blake2/blamka-round-opt.h"
-
-/*
- * Function fills a new memory block and optionally XORs the old block over the new one.
- * Memory must be initialized.
- * @param state Pointer to the just produced block. Content will be updated(!)
- * @param ref_block Pointer to the reference block
- * @param next_block Pointer to the block to be XORed over. May coincide with @ref_block
- * @param with_xor Whether to XOR into the new block (1) or just overwrite (0)
- * @pre all block pointers must be valid
- */
-#if defined(__AVX512F__)
-static void fill_block(__m512i *state, const block *ref_block,
-                       block *next_block, int with_xor) {
-    __m512i block_XY[ARGON2_512BIT_WORDS_IN_BLOCK];
-    unsigned int i;
-
-    if (with_xor) {
-        for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
-            state[i] = _mm512_xor_si512(
-                state[i], _mm512_loadu_si512((const __m512i *)ref_block->v + i));
-            block_XY[i] = _mm512_xor_si512(
-                state[i], _mm512_loadu_si512((const __m512i *)next_block->v + i));
-        }
-    } else {
-        for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
-            block_XY[i] = state[i] = _mm512_xor_si512(
-                state[i], _mm512_loadu_si512((const __m512i *)ref_block->v + i));
-        }
-    }
-
-    for (i = 0; i < 2; ++i) {
-        BLAKE2_ROUND_1(
-            state[8 * i + 0], state[8 * i + 1], state[8 * i + 2], state[8 * i + 3],
-            state[8 * i + 4], state[8 * i + 5], state[8 * i + 6], state[8 * i + 7]);
-    }
-
-    for (i = 0; i < 2; ++i) {
-        BLAKE2_ROUND_2(
-            state[2 * 0 + i], state[2 * 1 + i], state[2 * 2 + i], state[2 * 3 + i],
-            state[2 * 4 + i], state[2 * 5 + i], state[2 * 6 + i], state[2 * 7 + i]);
-    }
-
-    for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
-        state[i] = _mm512_xor_si512(state[i], block_XY[i]);
-        _mm512_storeu_si512((__m512i *)next_block->v + i, state[i]);
-    }
-}
-#elif defined(__AVX2__)
-static void fill_block(__m256i *state, const block *ref_block,
-                       block *next_block, int with_xor) {
-    __m256i block_XY[ARGON2_HWORDS_IN_BLOCK];
-    unsigned int i;
-
-    if (with_xor) {
-        for (i = 0; i < ARGON2_HWORDS_IN_BLOCK; i++) {
-            state[i] = _mm256_xor_si256(
-                state[i], _mm256_loadu_si256((const __m256i *)ref_block->v + i));
-            block_XY[i] = _mm256_xor_si256(
-                state[i], _mm256_loadu_si256((const __m256i *)next_block->v + i));
-        }
-    } else {
-        for (i = 0; i < ARGON2_HWORDS_IN_BLOCK; i++) {
-            block_XY[i] = state[i] = _mm256_xor_si256(
-                state[i], _mm256_loadu_si256((const __m256i *)ref_block->v + i));
-        }
-    }
-
-    for (i = 0; i < 4; ++i) {
-        BLAKE2_ROUND_1(state[8 * i + 0], state[8 * i + 4], state[8 * i + 1], state[8 * i + 5],
-                       state[8 * i + 2], state[8 * i + 6], state[8 * i + 3], state[8 * i + 7]);
-    }
-
-    for (i = 0; i < 4; ++i) {
-        BLAKE2_ROUND_2(state[ 0 + i], state[ 4 + i], state[ 8 + i], state[12 + i],
-                       state[16 + i], state[20 + i], state[24 + i], state[28 + i]);
-    }
-
-    for (i = 0; i < ARGON2_HWORDS_IN_BLOCK; i++) {
-        state[i] = _mm256_xor_si256(state[i], block_XY[i]);
-        _mm256_storeu_si256((__m256i *)next_block->v + i, state[i]);
-    }
-}
-#else
-static void fill_block(__m128i *state, const block *ref_block,
-                       block *next_block, int with_xor) {
-    __m128i block_XY[ARGON2_OWORDS_IN_BLOCK];
-    unsigned int i;
-
-    if (with_xor) {
-        for (i = 0; i < ARGON2_OWORDS_IN_BLOCK; i++) {
-            state[i] = _mm_xor_si128(
-                state[i], _mm_loadu_si128((const __m128i *)ref_block->v + i));
-            block_XY[i] = _mm_xor_si128(
-                state[i], _mm_loadu_si128((const __m128i *)next_block->v + i));
-        }
-    } else {
-        for (i = 0; i < ARGON2_OWORDS_IN_BLOCK; i++) {
-            block_XY[i] = state[i] = _mm_xor_si128(
-                state[i], _mm_loadu_si128((const __m128i *)ref_block->v + i));
-        }
-    }
-
-    for (i = 0; i < 8; ++i) {
-        BLAKE2_ROUND(state[8 * i + 0], state[8 * i + 1], state[8 * i + 2],
-            state[8 * i + 3], state[8 * i + 4], state[8 * i + 5],
-            state[8 * i + 6], state[8 * i + 7]);
-    }
-
-    for (i = 0; i < 8; ++i) {
-        BLAKE2_ROUND(state[8 * 0 + i], state[8 * 1 + i], state[8 * 2 + i],
-            state[8 * 3 + i], state[8 * 4 + i], state[8 * 5 + i],
-            state[8 * 6 + i], state[8 * 7 + i]);
-    }
-
-    for (i = 0; i < ARGON2_OWORDS_IN_BLOCK; i++) {
-        state[i] = _mm_xor_si128(state[i], block_XY[i]);
-        _mm_storeu_si128((__m128i *)next_block->v + i, state[i]);
-    }
-}
-#endif
-
-static void next_addresses(block *address_block, block *input_block) {
-    /*Temporary zero-initialized blocks*/
-#if defined(__AVX512F__)
-    __m512i zero_block[ARGON2_512BIT_WORDS_IN_BLOCK];
-    __m512i zero2_block[ARGON2_512BIT_WORDS_IN_BLOCK];
-#elif defined(__AVX2__)
-    __m256i zero_block[ARGON2_HWORDS_IN_BLOCK];
-    __m256i zero2_block[ARGON2_HWORDS_IN_BLOCK];
-#else
-    __m128i zero_block[ARGON2_OWORDS_IN_BLOCK];
-    __m128i zero2_block[ARGON2_OWORDS_IN_BLOCK];
-#endif
-
-    memset(zero_block, 0, sizeof(zero_block));
-    memset(zero2_block, 0, sizeof(zero2_block));
-
-    /*Increasing index counter*/
-    input_block->v[6]++;
-
-    /*First iteration of G*/
-    fill_block(zero_block, input_block, address_block, 0);
-
-    /*Second iteration of G*/
-    fill_block(zero2_block, address_block, address_block, 0);
-}
-
-void fill_segment(const argon2_instance_t *instance,
-                  argon2_position_t position) {
-    block *ref_block = NULL, *curr_block = NULL;
-    block address_block, input_block;
-    uint64_t pseudo_rand, ref_index, ref_lane;
-    uint32_t prev_offset, curr_offset;
-    uint32_t starting_index, i;
-#if defined(__AVX512F__)
-    __m512i state[ARGON2_512BIT_WORDS_IN_BLOCK];
-#elif defined(__AVX2__)
-    __m256i state[ARGON2_HWORDS_IN_BLOCK];
-#else
-    __m128i state[ARGON2_OWORDS_IN_BLOCK];
-#endif
-    int data_independent_addressing;
-
-    if (instance == NULL) {
-        return;
-    }
-
-    data_independent_addressing =
-        (instance->type == Argon2_i) ||
-        (instance->type == Argon2_id && (position.pass == 0) &&
-         (position.slice < ARGON2_SYNC_POINTS / 2));
-
-    if (data_independent_addressing) {
-        init_block_value(&input_block, 0);
-
-        input_block.v[0] = position.pass;
-        input_block.v[1] = position.lane;
-        input_block.v[2] = position.slice;
-        input_block.v[3] = instance->memory_blocks;
-        input_block.v[4] = instance->passes;
-        input_block.v[5] = instance->type;
-    }
-
-    starting_index = 0;
-
-    if ((0 == position.pass) && (0 == position.slice)) {
-        starting_index = 2; /* we have already generated the first two blocks */
-
-        /* Don't forget to generate the first block of addresses: */
-        if (data_independent_addressing) {
-            next_addresses(&address_block, &input_block);
-        }
-    }
-
-    /* Offset of the current block */
-    curr_offset = position.lane * instance->lane_length +
-                  position.slice * instance->segment_length + starting_index;
-
-    if (0 == curr_offset % instance->lane_length) {
-        /* Last block in this lane */
-        prev_offset = curr_offset + instance->lane_length - 1;
-    } else {
-        /* Previous block */
-        prev_offset = curr_offset - 1;
-    }
-
-    memcpy(state, ((instance->memory + prev_offset)->v), ARGON2_BLOCK_SIZE);
-
-    for (i = starting_index; i < instance->segment_length;
-         ++i, ++curr_offset, ++prev_offset) {
-        /*1.1 Rotating prev_offset if needed */
-        if (curr_offset % instance->lane_length == 1) {
-            prev_offset = curr_offset - 1;
-        }
-
-        /* 1.2 Computing the index of the reference block */
-        /* 1.2.1 Taking pseudo-random value from the previous block */
-        if (data_independent_addressing) {
-            if (i % ARGON2_ADDRESSES_IN_BLOCK == 0) {
-                next_addresses(&address_block, &input_block);
-            }
-            pseudo_rand = address_block.v[i % ARGON2_ADDRESSES_IN_BLOCK];
-        } else {
-            pseudo_rand = instance->memory[prev_offset].v[0];
-        }
-
-        /* 1.2.2 Computing the lane of the reference block */
-        ref_lane = ((pseudo_rand >> 32)) % instance->lanes;
-
-        if ((position.pass == 0) && (position.slice == 0)) {
-            /* Can not reference other lanes yet */
-            ref_lane = position.lane;
-        }
-
-        /* 1.2.3 Computing the number of possible reference block within the
-         * lane.
-         */
-        position.index = i;
-        ref_index = index_alpha(instance, &position, pseudo_rand & 0xFFFFFFFF,
-                                ref_lane == position.lane);
-
-        /* 2 Creating a new block */
-        ref_block =
-            instance->memory + instance->lane_length * ref_lane + ref_index;
-        curr_block = instance->memory + curr_offset;
-        if (ARGON2_VERSION_10 == instance->version) {
-            /* version 1.2.1 and earlier: overwrite, not XOR */
-            fill_block(state, ref_block, curr_block, 0);
-        } else {
-            if(0 == position.pass) {
-                fill_block(state, ref_block, curr_block, 0);
-            } else {
-                fill_block(state, ref_block, curr_block, 1);
-            }
-        }
-    }
-}