argon2 2.3.0 → 2.3.1

data/ext/phc-winner-argon2/src/ref.c

@@ -1,194 +0,0 @@
-/*
- * Argon2 reference source code package - reference C implementations
- *
- * Copyright 2015
- * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
- *
- * You may use this work under the terms of a Creative Commons CC0 1.0
- * License/Waiver or the Apache Public License 2.0, at your option. The terms of
- * these licenses can be found at:
- *
- * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0
- * - Apache 2.0        : https://www.apache.org/licenses/LICENSE-2.0
- *
- * You should have received a copy of both of these licenses along with this
- * software. If not, they may be obtained at the above URLs.
- */
-
-#include <stdint.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "argon2.h"
-#include "core.h"
-
-#include "blake2/blamka-round-ref.h"
-#include "blake2/blake2-impl.h"
-#include "blake2/blake2.h"
-
-
-/*
- * Function fills a new memory block and optionally XORs the old block over the new one.
- * @next_block must be initialized.
- * @param prev_block Pointer to the previous block
- * @param ref_block Pointer to the reference block
- * @param next_block Pointer to the block to be constructed
- * @param with_xor Whether to XOR into the new block (1) or just overwrite (0)
- * @pre all block pointers must be valid
- */
-static void fill_block(const block *prev_block, const block *ref_block,
-                       block *next_block, int with_xor) {
-    block blockR, block_tmp;
-    unsigned i;
-
-    copy_block(&blockR, ref_block);
-    xor_block(&blockR, prev_block);
-    copy_block(&block_tmp, &blockR);
-    /* Now blockR = ref_block + prev_block and block_tmp = ref_block + prev_block */
-    if (with_xor) {
-        /* Saving the next block contents for XOR over: */
-        xor_block(&block_tmp, next_block);
-        /* Now blockR = ref_block + prev_block and
-           block_tmp = ref_block + prev_block + next_block */
-    }
-
-    /* Apply Blake2 on columns of 64-bit words: (0,1,...,15) , then
-       (16,17,..31)... finally (112,113,...127) */
-    for (i = 0; i < 8; ++i) {
-        BLAKE2_ROUND_NOMSG(
-            blockR.v[16 * i], blockR.v[16 * i + 1], blockR.v[16 * i + 2],
-            blockR.v[16 * i + 3], blockR.v[16 * i + 4], blockR.v[16 * i + 5],
-            blockR.v[16 * i + 6], blockR.v[16 * i + 7], blockR.v[16 * i + 8],
-            blockR.v[16 * i + 9], blockR.v[16 * i + 10], blockR.v[16 * i + 11],
-            blockR.v[16 * i + 12], blockR.v[16 * i + 13], blockR.v[16 * i + 14],
-            blockR.v[16 * i + 15]);
-    }
-
-    /* Apply Blake2 on rows of 64-bit words: (0,1,16,17,...112,113), then
-       (2,3,18,19,...,114,115).. finally (14,15,30,31,...,126,127) */
-    for (i = 0; i < 8; i++) {
-        BLAKE2_ROUND_NOMSG(
-            blockR.v[2 * i], blockR.v[2 * i + 1], blockR.v[2 * i + 16],
-            blockR.v[2 * i + 17], blockR.v[2 * i + 32], blockR.v[2 * i + 33],
-            blockR.v[2 * i + 48], blockR.v[2 * i + 49], blockR.v[2 * i + 64],
-            blockR.v[2 * i + 65], blockR.v[2 * i + 80], blockR.v[2 * i + 81],
-            blockR.v[2 * i + 96], blockR.v[2 * i + 97], blockR.v[2 * i + 112],
-            blockR.v[2 * i + 113]);
-    }
-
-    copy_block(next_block, &block_tmp);
-    xor_block(next_block, &blockR);
-}
-
-static void next_addresses(block *address_block, block *input_block,
-                           const block *zero_block) {
-    input_block->v[6]++;
-    fill_block(zero_block, input_block, address_block, 0);
-    fill_block(zero_block, address_block, address_block, 0);
-}
-
-void fill_segment(const argon2_instance_t *instance,
-                  argon2_position_t position) {
-    block *ref_block = NULL, *curr_block = NULL;
-    block address_block, input_block, zero_block;
-    uint64_t pseudo_rand, ref_index, ref_lane;
-    uint32_t prev_offset, curr_offset;
-    uint32_t starting_index;
-    uint32_t i;
-    int data_independent_addressing;
-
-    if (instance == NULL) {
-        return;
-    }
-
-    data_independent_addressing =
-        (instance->type == Argon2_i) ||
-        (instance->type == Argon2_id && (position.pass == 0) &&
-         (position.slice < ARGON2_SYNC_POINTS / 2));
-
-    if (data_independent_addressing) {
-        init_block_value(&zero_block, 0);
-        init_block_value(&input_block, 0);
-
-        input_block.v[0] = position.pass;
-        input_block.v[1] = position.lane;
-        input_block.v[2] = position.slice;
-        input_block.v[3] = instance->memory_blocks;
-        input_block.v[4] = instance->passes;
-        input_block.v[5] = instance->type;
-    }
-
-    starting_index = 0;
-
-    if ((0 == position.pass) && (0 == position.slice)) {
-        starting_index = 2; /* we have already generated the first two blocks */
-
-        /* Don't forget to generate the first block of addresses: */
-        if (data_independent_addressing) {
-            next_addresses(&address_block, &input_block, &zero_block);
-        }
-    }
-
-    /* Offset of the current block */
-    curr_offset = position.lane * instance->lane_length +
-                  position.slice * instance->segment_length + starting_index;
-
-    if (0 == curr_offset % instance->lane_length) {
-        /* Last block in this lane */
-        prev_offset = curr_offset + instance->lane_length - 1;
-    } else {
-        /* Previous block */
-        prev_offset = curr_offset - 1;
-    }
-
-    for (i = starting_index; i < instance->segment_length;
-         ++i, ++curr_offset, ++prev_offset) {
-        /*1.1 Rotating prev_offset if needed */
-        if (curr_offset % instance->lane_length == 1) {
-            prev_offset = curr_offset - 1;
-        }
-
-        /* 1.2 Computing the index of the reference block */
-        /* 1.2.1 Taking pseudo-random value from the previous block */
-        if (data_independent_addressing) {
-            if (i % ARGON2_ADDRESSES_IN_BLOCK == 0) {
-                next_addresses(&address_block, &input_block, &zero_block);
-            }
-            pseudo_rand = address_block.v[i % ARGON2_ADDRESSES_IN_BLOCK];
-        } else {
-            pseudo_rand = instance->memory[prev_offset].v[0];
-        }
-
-        /* 1.2.2 Computing the lane of the reference block */
-        ref_lane = ((pseudo_rand >> 32)) % instance->lanes;
-
-        if ((position.pass == 0) && (position.slice == 0)) {
-            /* Can not reference other lanes yet */
-            ref_lane = position.lane;
-        }
-
-        /* 1.2.3 Computing the number of possible reference block within the
-         * lane.
-         */
-        position.index = i;
-        ref_index = index_alpha(instance, &position, pseudo_rand & 0xFFFFFFFF,
-                                ref_lane == position.lane);
-
-        /* 2 Creating a new block */
-        ref_block =
-            instance->memory + instance->lane_length * ref_lane + ref_index;
-        curr_block = instance->memory + curr_offset;
-        if (ARGON2_VERSION_10 == instance->version) {
-            /* version 1.2.1 and earlier: overwrite, not XOR */
-            fill_block(instance->memory + prev_offset, ref_block, curr_block, 0);
-        } else {
-            if(0 == position.pass) {
-                fill_block(instance->memory + prev_offset, ref_block,
-                           curr_block, 0);
-            } else {
-                fill_block(instance->memory + prev_offset, ref_block,
-                           curr_block, 1);
-            }
-        }
-    }
-}

data/ext/phc-winner-argon2/src/run.c

@@ -1,337 +0,0 @@
-/*
- * Argon2 reference source code package - reference C implementations
- *
- * Copyright 2015
- * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
- *
- * You may use this work under the terms of a Creative Commons CC0 1.0
- * License/Waiver or the Apache Public License 2.0, at your option. The terms of
- * these licenses can be found at:
- *
- * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0
- * - Apache 2.0        : https://www.apache.org/licenses/LICENSE-2.0
- *
- * You should have received a copy of both of these licenses along with this
- * software. If not, they may be obtained at the above URLs.
- */
-
-#define _GNU_SOURCE 1
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-
-#include "argon2.h"
-#include "core.h"
-
-#define T_COST_DEF 3
-#define LOG_M_COST_DEF 12 /* 2^12 = 4 MiB */
-#define LANES_DEF 1
-#define THREADS_DEF 1
-#define OUTLEN_DEF 32
-#define MAX_PASS_LEN 128
-
-#define UNUSED_PARAMETER(x) (void)(x)
-
-static void usage(const char *cmd) {
-    printf("Usage:  %s [-h] salt [-i|-d|-id] [-t iterations] "
-           "[-m log2(memory in KiB) | -k memory in KiB] [-p parallelism] "
-           "[-l hash length] [-e|-r] [-v (10|13)]\n",
-           cmd);
-    printf("\tPassword is read from stdin\n");
-    printf("Parameters:\n");
-    printf("\tsalt\t\tThe salt to use, at least 8 characters\n");
-    printf("\t-i\t\tUse Argon2i (this is the default)\n");
-    printf("\t-d\t\tUse Argon2d instead of Argon2i\n");
-    printf("\t-id\t\tUse Argon2id instead of Argon2i\n");
-    printf("\t-t N\t\tSets the number of iterations to N (default = %d)\n",
-           T_COST_DEF);
-    printf("\t-m N\t\tSets the memory usage of 2^N KiB (default %d)\n",
-           LOG_M_COST_DEF);
-    printf("\t-k N\t\tSets the memory usage of N KiB (default %d)\n",
-           1 << LOG_M_COST_DEF);
-    printf("\t-p N\t\tSets parallelism to N threads (default %d)\n",
-           THREADS_DEF);
-    printf("\t-l N\t\tSets hash output length to N bytes (default %d)\n",
-           OUTLEN_DEF);
-    printf("\t-e\t\tOutput only encoded hash\n");
-    printf("\t-r\t\tOutput only the raw bytes of the hash\n");
-    printf("\t-v (10|13)\tArgon2 version (defaults to the most recent version, currently %x)\n",
-            ARGON2_VERSION_NUMBER);
-    printf("\t-h\t\tPrint %s usage\n", cmd);
-}
-
-static void fatal(const char *error) {
-    fprintf(stderr, "Error: %s\n", error);
-    exit(1);
-}
-
-static void print_hex(uint8_t *bytes, size_t bytes_len) {
-    size_t i;
-    for (i = 0; i < bytes_len; ++i) {
-        printf("%02x", bytes[i]);
-    }
-    printf("\n");
-}
-
-/*
-Runs Argon2 with certain inputs and parameters, inputs not cleared. Prints the
-Base64-encoded hash string
-@out output array with at least 32 bytes allocated
-@pwd NULL-terminated string, presumably from argv[]
-@salt salt array
-@t_cost number of iterations
-@m_cost amount of requested memory in KB
-@lanes amount of requested parallelism
-@threads actual parallelism
-@type Argon2 type we want to run
-@encoded_only display only the encoded hash
-@raw_only display only the hexadecimal of the hash
-@version Argon2 version
-*/
-static void run(uint32_t outlen, char *pwd, size_t pwdlen, char *salt, uint32_t t_cost,
-                uint32_t m_cost, uint32_t lanes, uint32_t threads,
-                argon2_type type, int encoded_only, int raw_only, uint32_t version) {
-    clock_t start_time, stop_time;
-    size_t saltlen, encodedlen;
-    int result;
-    unsigned char * out = NULL;
-    char * encoded = NULL;
-
-    start_time = clock();
-
-    if (!pwd) {
-        fatal("password missing");
-    }
-
-    if (!salt) {
-        clear_internal_memory(pwd, pwdlen);
-        fatal("salt missing");
-    }
-
-    saltlen = strlen(salt);
-    if(UINT32_MAX < saltlen) {
-        fatal("salt is too long");
-    }
-
-    UNUSED_PARAMETER(lanes);
-
-    out = malloc(outlen + 1);
-    if (!out) {
-        clear_internal_memory(pwd, pwdlen);
-        fatal("could not allocate memory for output");
-    }
-
-    encodedlen = argon2_encodedlen(t_cost, m_cost, lanes, (uint32_t)saltlen, outlen, type);
-    encoded = malloc(encodedlen + 1);
-    if (!encoded) {
-        clear_internal_memory(pwd, pwdlen);
-        fatal("could not allocate memory for hash");
-    }
-
-    result = argon2_hash(t_cost, m_cost, threads, pwd, pwdlen, salt, saltlen,
-                         out, outlen, encoded, encodedlen, type,
-                         version);
-    if (result != ARGON2_OK)
-        fatal(argon2_error_message(result));
-
-    stop_time = clock();
-
-    if (encoded_only)
-        puts(encoded);
-
-    if (raw_only)
-        print_hex(out, outlen);
-
-    if (encoded_only || raw_only) {
-        free(out);
-        free(encoded);
-        return;
-    }
-
-    printf("Hash:\t\t");
-    print_hex(out, outlen);
-    free(out);
-
-    printf("Encoded:\t%s\n", encoded);
-
-    printf("%2.3f seconds\n",
-           ((double)stop_time - start_time) / (CLOCKS_PER_SEC));
-
-    result = argon2_verify(encoded, pwd, pwdlen, type);
-    if (result != ARGON2_OK)
-        fatal(argon2_error_message(result));
-    printf("Verification ok\n");
-    free(encoded);
-}
-
-int main(int argc, char *argv[]) {
-    uint32_t outlen = OUTLEN_DEF;
-    uint32_t m_cost = 1 << LOG_M_COST_DEF;
-    uint32_t t_cost = T_COST_DEF;
-    uint32_t lanes = LANES_DEF;
-    uint32_t threads = THREADS_DEF;
-    argon2_type type = Argon2_i; /* Argon2i is the default type */
-    int types_specified = 0;
-    int m_cost_specified = 0;
-    int encoded_only = 0;
-    int raw_only = 0;
-    uint32_t version = ARGON2_VERSION_NUMBER;
-    int i;
-    size_t pwdlen;
-    char pwd[MAX_PASS_LEN], *salt;
-
-    if (argc < 2) {
-        usage(argv[0]);
-        return ARGON2_MISSING_ARGS;
-    } else if (argc >= 2 && strcmp(argv[1], "-h") == 0) {
-        usage(argv[0]);
-        return 1;
-    }
-
-    /* get password from stdin */
-    pwdlen = fread(pwd, 1, sizeof pwd, stdin);
-    if(pwdlen < 1) {
-        fatal("no password read");
-    }
-    if(pwdlen == MAX_PASS_LEN) {
-        fatal("Provided password longer than supported in command line utility");
-    }
-
-    salt = argv[1];
-
-    /* parse options */
-    for (i = 2; i < argc; i++) {
-        const char *a = argv[i];
-        unsigned long input = 0;
-        if (!strcmp(a, "-h")) {
-            usage(argv[0]);
-            return 1;
-        } else if (!strcmp(a, "-m")) {
-            if (m_cost_specified) {
-                fatal("-m or -k can only be used once");
-            }
-            m_cost_specified = 1;
-            if (i < argc - 1) {
-                i++;
-                input = strtoul(argv[i], NULL, 10);
-                if (input == 0 || input == ULONG_MAX ||
-                    input > ARGON2_MAX_MEMORY_BITS) {
-                    fatal("bad numeric input for -m");
-                }
-                m_cost = ARGON2_MIN(UINT64_C(1) << input, UINT32_C(0xFFFFFFFF));
-                if (m_cost > ARGON2_MAX_MEMORY) {
-                    fatal("m_cost overflow");
-                }
-                continue;
-            } else {
-                fatal("missing -m argument");
-            }
-        } else if (!strcmp(a, "-k")) {
-            if (m_cost_specified) {
-                fatal("-m or -k can only be used once");
-            }
-            m_cost_specified = 1;
-            if (i < argc - 1) {
-                i++;
-                input = strtoul(argv[i], NULL, 10);
-                if (input == 0 || input == ULONG_MAX) {
-                    fatal("bad numeric input for -k");
-                }
-                m_cost = ARGON2_MIN(input, UINT32_C(0xFFFFFFFF));
-                if (m_cost > ARGON2_MAX_MEMORY) {
-                    fatal("m_cost overflow");
-                }
-                continue;
-            } else {
-                fatal("missing -k argument");
-            }
-        } else if (!strcmp(a, "-t")) {
-            if (i < argc - 1) {
-                i++;
-                input = strtoul(argv[i], NULL, 10);
-                if (input == 0 || input == ULONG_MAX ||
-                    input > ARGON2_MAX_TIME) {
-                    fatal("bad numeric input for -t");
-                }
-                t_cost = input;
-                continue;
-            } else {
-                fatal("missing -t argument");
-            }
-        } else if (!strcmp(a, "-p")) {
-            if (i < argc - 1) {
-                i++;
-                input = strtoul(argv[i], NULL, 10);
-                if (input == 0 || input == ULONG_MAX ||
-                    input > ARGON2_MAX_THREADS || input > ARGON2_MAX_LANES) {
-                    fatal("bad numeric input for -p");
-                }
-                threads = input;
-                lanes = threads;
-                continue;
-            } else {
-                fatal("missing -p argument");
-            }
-        } else if (!strcmp(a, "-l")) {
-            if (i < argc - 1) {
-                i++;
-                input = strtoul(argv[i], NULL, 10);
-                outlen = input;
-                continue;
-            } else {
-                fatal("missing -l argument");
-            }
-        } else if (!strcmp(a, "-i")) {
-            type = Argon2_i;
-            ++types_specified;
-        } else if (!strcmp(a, "-d")) {
-            type = Argon2_d;
-            ++types_specified;
-        } else if (!strcmp(a, "-id")) {
-            type = Argon2_id;
-            ++types_specified;
-        } else if (!strcmp(a, "-e")) {
-            encoded_only = 1;
-        } else if (!strcmp(a, "-r")) {
-            raw_only = 1;
-        } else if (!strcmp(a, "-v")) {
-            if (i < argc - 1) {
-                i++;
-                if (!strcmp(argv[i], "10")) {
-                    version = ARGON2_VERSION_10;
-                } else if (!strcmp(argv[i], "13")) {
-                    version = ARGON2_VERSION_13;
-                } else {
-                    fatal("invalid Argon2 version");
-                }
-            } else {
-                fatal("missing -v argument");
-            }
-        } else {
-            fatal("unknown argument");
-        }
-    }
-
-    if (types_specified > 1) {
-        fatal("cannot specify multiple Argon2 types");
-    }
-
-    if(encoded_only && raw_only)
-        fatal("cannot provide both -e and -r");
-
-    if(!encoded_only && !raw_only) {
-        printf("Type:\t\t%s\n", argon2_type2string(type, 1));
-        printf("Iterations:\t%u\n", t_cost);
-        printf("Memory:\t\t%u KiB\n", m_cost);
-        printf("Parallelism:\t%u\n", lanes);
-    }
-
-    run(outlen, pwd, pwdlen, salt, t_cost, m_cost, lanes, threads, type,
-       encoded_only, raw_only, version);
-
-    return ARGON2_OK;
-}
-