passwordping 1.0.0

data/ext/phc-winner-argon2/README.md

@@ -0,0 +1,290 @@
+# Argon2
+
+[![Build Status](https://travis-ci.org/P-H-C/phc-winner-argon2.svg?branch=master)](https://travis-ci.org/P-H-C/phc-winner-argon2)
+[![Build status](https://ci.appveyor.com/api/projects/status/8nfwuwq55sgfkele?svg=true)](https://ci.appveyor.com/project/P-H-C/phc-winner-argon2)
+[![codecov.io](https://codecov.io/github/P-H-C/phc-winner-argon2/coverage.svg?branch=master)](https://codecov.io/github/P-H-C/phc-winner-argon2?branch=master)
+
+This is the reference C implementation of Argon2, the password-hashing
+function that won the [Password Hashing Competition
+(PHC)](https://password-hashing.net).
+
+Argon2 is a password-hashing function that summarizes the state of the
+art in the design of memory-hard functions and can be used to hash
+passwords for credential storage, key derivation, or other applications.
+
+It has a simple design aimed at the highest memory filling rate and
+effective use of multiple computing units, while still providing defense
+against tradeoff attacks (by exploiting the cache and memory organization
+of the recent processors).
+
+Argon2 has three variants: Argon2i, Argon2d, and Argon2id. Argon2d is faster
+and uses data-depending memory access, which makes it highly resistant
+against GPU cracking attacks and suitable for applications with no threats
+from side-channel timing attacks (eg. cryptocurrencies). Argon2i instead
+uses data-independent memory access, which is preferred for password
+hashing and password-based key derivation, but it is slower as it makes
+more passes over the memory to protect from tradeoff attacks. Argon2id is a
+hybrid of Argon2i and Argon2d, using a combination of data-depending and
+data-independent memory accesses, which gives some of Argon2i's resistance to
+side-channel cache timing attacks and much of Argon2d's resistance to GPU
+cracking attacks.
+
+Argon2i, Argon2d, and Argon2id are parametrized by:
+
+* A **time** cost, which defines the amount of computation realized and
+  therefore the execution time, given in number of iterations
+* A **memory** cost, which defines the memory usage, given in kibibytes
+* A **parallelism** degree, which defines the number of parallel threads
+
+The [Argon2 document](argon2-specs.pdf) gives detailed specs and design
+rationale.
+
+Please report bugs as issues on this repository.
+
+## Usage
+
+`make` builds the executable `argon2`, the static library `libargon2.a`,
+and the shared library `libargon2.so` (or `libargon2.dylib` on OSX).
+Make sure to run `make test` to verify that your build produces valid
+results. `make install PREFIX=/usr` installs it to your system.
+
+### Command-line utility
+
+`argon2` is a command-line utility to test specific Argon2 instances
+on your system. To show usage instructions, run
+`./argon2 -h` as
+```
+Usage:  ./argon2 [-h] salt [-i|-d|-id] [-t iterations] [-m memory] [-p parallelism] [-l hash length] [-e|-r] [-v (10|13)]
+        Password is read from stdin
+Parameters:
+        salt            The salt to use, at least 8 characters
+        -i              Use Argon2i (this is the default)
+        -d              Use Argon2d instead of Argon2i
+        -id             Use Argon2id instead of Argon2i
+        -t N            Sets the number of iterations to N (default = 3)
+        -m N            Sets the memory usage of 2^N KiB (default 12)
+        -p N            Sets parallelism to N threads (default 1)
+        -l N            Sets hash output length to N bytes (default 32)
+        -e              Output only encoded hash
+        -r              Output only the raw bytes of the hash
+        -v (10|13)      Argon2 version (defaults to the most recent version, currently 13)
+        -h              Print argon2 usage
+```
+For example, to hash "password" using "somesalt" as a salt and doing 2
+iterations, consuming 64 MiB, using four parallel threads and an output hash
+of 24 bytes
+```
+$ echo -n "password" | ./argon2 somesalt -t 2 -m 16 -p 4 -l 24
+Type:           Argon2i
+Iterations:     2
+Memory:         65536 KiB
+Parallelism:    4
+Hash:           45d7ac72e76f242b20b77b9bf9bf9d5915894e669a24e6c6
+Encoded:        $argon2i$v=19$m=65536,t=2,p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG
+0.188 seconds
+Verification ok
+```
+
+### Library
+
+`libargon2` provides an API to both low-level and high-level functions
+for using Argon2.
+
+The example program below hashes the string "password" with Argon2i
+using the high-level API and then using the low-level API. While the
+high-level API takes the three cost parameters (time, memory, and
+parallelism), the password input buffer, the salt input buffer, and the
+output buffers, the low-level API takes in these and additional parameters
+, as defined in [`include/argon2.h`](include/argon2.h).
+
+There are many additional parameters, but we will highlight three of them here.
+
+1. The `secret` parameter, which is used for [keyed hashing](
+   https://en.wikipedia.org/wiki/Hash-based_message_authentication_code).
+   This allows a secret key to be input at hashing time (from some external
+   location) and be folded into the value of the hash. This means that even if
+   your salts and hashes are compromized, an attacker cannot brute-force to find
+   the password without the key.
+
+2. The `ad` parameter, which is used to fold any additional data into the hash
+   value. Functionally, this behaves almost exactly like the `secret` or `salt`
+   parameters; the `ad` parameter is folding into the value of the hash.
+   However, this parameter is used for different data. The `salt` should be a
+   random string stored alongside your password. The `secret` should be a random
+   key only usable at hashing time. The `ad` is for any other data.
+
+3. The `flags` parameter, which determines which memory should be securely
+   erased. This is useful if you want to securly delete the `pwd` or `secret`
+   fields right after they are used. To do this set `flags` to either
+   `ARGON2_FLAG_CLEAR_PASSWORD` or `ARGON2_FLAG_CLEAR_SECRET`. To change how
+   internal memory is cleared, change the global flag
+   `FLAG_clear_internal_memory` (defaults to clearing internal memory).
+
+Here the time cost `t_cost` is set to 2 iterations, the
+memory cost `m_cost` is set to 2<sup>16</sup> kibibytes (64 mebibytes),
+and parallelism is set to 1 (single-thread).
+
+Compile for example as `gcc test.c libargon2.a -Isrc -o test`, if the program
+below is named `test.c` and placed in the project's root directory.
+
+```c
+#include "argon2.h"
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#define HASHLEN 32
+#define SALTLEN 16
+#define PWD "password"
+
+int main(void)
+{
+    uint8_t hash1[HASHLEN];
+    uint8_t hash2[HASHLEN];
+
+    uint8_t salt[SALTLEN];
+    memset( salt, 0x00, SALTLEN );
+
+    uint8_t *pwd = (uint8_t *)strdup(PWD);
+    uint32_t pwdlen = strlen((char *)pwd);
+
+    uint32_t t_cost = 2;            // 1-pass computation
+    uint32_t m_cost = (1<<16);      // 64 mebibytes memory usage
+    uint32_t parallelism = 1;       // number of threads and lanes
+
+    // high-level API
+    argon2i_hash_raw(t_cost, m_cost, parallelism, pwd, pwdlen, salt, SALTLEN, hash1, HASHLEN);
+
+    // low-level API
+    argon2_context context = {
+        hash2,  /* output array, at least HASHLEN in size */
+        HASHLEN, /* digest length */
+        pwd, /* password array */
+        pwdlen, /* password length */
+        salt,  /* salt array */
+        SALTLEN, /* salt length */
+        NULL, 0, /* optional secret data */
+        NULL, 0, /* optional associated data */
+        t_cost, m_cost, parallelism, parallelism,
+        ARGON2_VERSION_13, /* algorithm version */
+        NULL, NULL, /* custom memory allocation / deallocation functions */
+        /* by default only internal memory is cleared (pwd is not wiped) */
+        ARGON2_DEFAULT_FLAGS
+    };
+
+    int rc = argon2i_ctx( &context );
+    if(ARGON2_OK != rc) {
+        printf("Error: %s\n", argon2_error_message(rc));
+        exit(1);
+    }
+    free(pwd);
+
+    for( int i=0; i<HASHLEN; ++i ) printf( "%02x", hash1[i] ); printf( "\n" );
+    if (memcmp(hash1, hash2, HASHLEN)) {
+        for( int i=0; i<HASHLEN; ++i ) {
+            printf( "%02x", hash2[i] );
+        }
+        printf("\nfail\n");
+    }
+    else printf("ok\n");
+    return 0;
+}
+```
+
+To use Argon2d instead of Argon2i call `argon2d_hash` instead of
+`argon2i_hash` using the high-level API, and `argon2d` instead of
+`argon2i` using the low-level API. Similarly for Argon2id, call `argond2id_hash`
+and `argon2id`.
+
+To produce the crypt-like encoding rather than the raw hash, call
+`argon2i_hash_encoded` for Argon2i, `argon2d_hash_encoded` for Argon2d, and
+`argon2id_hash_encoded` for Argon2id
+
+See [`include/argon2.h`](include/argon2.h) for API details.
+
+*Note: in this example the salt is set to the all-`0x00` string for the
+sake of simplicity, but in your application you should use a random salt.*
+
+
+### Benchmarks
+
+`make bench` creates the executable `bench`, which measures the execution
+time of various Argon2 instances:
+
+```
+$ ./bench
+Argon2d 1 iterations  1 MiB 1 threads:  5.91 cpb 5.91 Mcycles
+Argon2i 1 iterations  1 MiB 1 threads:  4.64 cpb 4.64 Mcycles
+0.0041 seconds
+
+Argon2d 1 iterations  1 MiB 2 threads:  2.76 cpb 2.76 Mcycles
+Argon2i 1 iterations  1 MiB 2 threads:  2.87 cpb 2.87 Mcycles
+0.0038 seconds
+
+Argon2d 1 iterations  1 MiB 4 threads:  3.25 cpb 3.25 Mcycles
+Argon2i 1 iterations  1 MiB 4 threads:  3.57 cpb 3.57 Mcycles
+0.0048 seconds
+
+(...)
+
+Argon2d 1 iterations  4096 MiB 2 threads:  2.15 cpb 8788.08 Mcycles
+Argon2i 1 iterations  4096 MiB 2 threads:  2.15 cpb 8821.59 Mcycles
+13.0112 seconds
+
+Argon2d 1 iterations  4096 MiB 4 threads:  1.79 cpb 7343.72 Mcycles
+Argon2i 1 iterations  4096 MiB 4 threads:  2.72 cpb 11124.86 Mcycles
+19.3974 seconds
+
+(...)
+```
+
+## Bindings
+
+Bindings are available for the following languages (make sure to read
+their documentation):
+
+* [Elixir](https://github.com/riverrun/argon2_elixir) by [@riverrun](https://github.com/riverrun)
+* [Go](https://github.com/tvdburgt/go-argon2) by [@tvdburgt](https://github.com/tvdburgt)
+* [Haskell](https://hackage.haskell.org/package/argon2-1.0.0/docs/Crypto-Argon2.html) by [@ocharles](https://github.com/ocharles)
+* [JavaScript (native)](https://github.com/ranisalt/node-argon2), by [@ranisalt](https://github.com/ranisalt)
+* [JavaScript (native)](https://github.com/jdconley/argon2themax), by [@jdconley](https://github.com/jdconley)
+* [JavaScript (ffi)](https://github.com/cjlarose/argon2-ffi), by [@cjlarose](https://github.com/cjlarose)
+* [JavaScript (browser)](https://github.com/antelle/argon2-browser), by [@antelle](https://github.com/antelle)
+* [JVM](https://github.com/phxql/argon2-jvm) by [@phXql](https://github.com/phxql)
+* [Lua (native)](https://github.com/thibaultCha/lua-argon2) by [@thibaultCha](https://github.com/thibaultCha)
+* [Lua (ffi)](https://github.com/thibaultCha/lua-argon2-ffi) by [@thibaultCha](https://github.com/thibaultCha)
+* [OCaml](https://github.com/Khady/ocaml-argon2) by [@Khady](https://github.com/Khady)
+* [Python (native)](https://pypi.python.org/pypi/argon2), by [@flamewow](https://github.com/flamewow)
+* [Python (ffi)](https://pypi.python.org/pypi/argon2_cffi), by [@hynek](https://github.com/hynek)
+* [Ruby](https://github.com/technion/ruby-argon2) by [@technion](https://github.com/technion)
+* [Rust](https://github.com/quininer/argon2-rs) by [@quininer](https://github.com/quininer)
+* [C#/.NET CoreCLR](https://github.com/kmaragon/Konscious.Security.Cryptography) by [@kmaragon](https://github.com/kmaragon)
+* [Perl](https://github.com/Leont/crypt-argon2) by [@leont](https://github.com/Leont)
+
+
+## Test suite
+
+There are two sets of test suites. One is a low level test for the hash
+function, the other tests the higher level API. Both of these are built and
+executed by running:
+
+`make test`
+
+## Intellectual property
+
+Except for the components listed below, the Argon2 code in this
+repository is copyright (c) 2015 Daniel Dinu, Dmitry Khovratovich (main
+authors), Jean-Philippe Aumasson and Samuel Neves, and dual licensed under the
+[CC0 License](https://creativecommons.org/about/cc0) and the
+[Apache 2.0 License](http://www.apache.org/licenses/LICENSE-2.0). For more info
+see the LICENSE file.
+
+The string encoding routines in [`src/encoding.c`](src/encoding.c) are
+copyright (c) 2015 Thomas Pornin, and under
+[CC0 License](https://creativecommons.org/about/cc0).
+
+The BLAKE2 code in [`src/blake2/`](src/blake2) is copyright (c) Samuel
+Neves, 2013-2015, and under
+[CC0 License](https://creativecommons.org/about/cc0).
+
+All licenses are therefore GPL-compatible.

data/ext/phc-winner-argon2/appveyor.yml

@@ -0,0 +1,25 @@
+os: Visual Studio 2015
+
+environment:
+  matrix:
+    - platform: x86
+      configuration: Debug
+    - platform: x86
+      configuration: Release
+    - platform: x64
+      configuration: Debug
+    - platform: x64
+      configuration: Release
+
+matrix:
+  fast_finish: false
+
+build:
+  parallel: true
+  project: Argon2.sln
+  verbosity: minimal
+
+test_script:
+  - ps: kats\test.ps1
+  - ps: if ("Release" -eq $env:configuration) { vs2015\build\Argon2OptTestCI.exe }
+  - ps: if ("Release" -eq $env:configuration) { vs2015\build\Argon2RefTestCI.exe }

data/ext/phc-winner-argon2/export.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+FILE=`date "+%Y%m%d"`
+BRANCH=master
+
+git archive --format zip --output $FILE.zip $BRANCH
+git archive --format tar.gz --output $FILE.tar.gz $BRANCH

data/ext/phc-winner-argon2/include/argon2.h

@@ -0,0 +1,435 @@
+/*
+ * Argon2 reference source code package - reference C implementations
+ *
+ * Copyright 2015
+ * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
+ *
+ * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * License/Waiver or the Apache Public License 2.0, at your option. The terms of
+ * these licenses can be found at:
+ *
+ * - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
+ * - Apache 2.0        : http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * You should have received a copy of both of these licenses along with this
+ * software. If not, they may be obtained at the above URLs.
+ */
+
+#ifndef ARGON2_H
+#define ARGON2_H
+
+#include <stdint.h>
+#include <stddef.h>
+#include <limits.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+/* Symbols visibility control */
+#ifdef A2_VISCTL
+#define ARGON2_PUBLIC __attribute__((visibility("default")))
+#elif _MSC_VER
+#define ARGON2_PUBLIC __declspec(dllexport)
+#else
+#define ARGON2_PUBLIC
+#endif
+
+/*
+ * Argon2 input parameter restrictions
+ */
+
+/* Minimum and maximum number of lanes (degree of parallelism) */
+#define ARGON2_MIN_LANES UINT32_C(1)
+#define ARGON2_MAX_LANES UINT32_C(0xFFFFFF)
+
+/* Minimum and maximum number of threads */
+#define ARGON2_MIN_THREADS UINT32_C(1)
+#define ARGON2_MAX_THREADS UINT32_C(0xFFFFFF)
+
+/* Number of synchronization points between lanes per pass */
+#define ARGON2_SYNC_POINTS UINT32_C(4)
+
+/* Minimum and maximum digest size in bytes */
+#define ARGON2_MIN_OUTLEN UINT32_C(4)
+#define ARGON2_MAX_OUTLEN UINT32_C(0xFFFFFFFF)
+
+/* Minimum and maximum number of memory blocks (each of BLOCK_SIZE bytes) */
+#define ARGON2_MIN_MEMORY (2 * ARGON2_SYNC_POINTS) /* 2 blocks per slice */
+
+#define ARGON2_MIN(a, b) ((a) < (b) ? (a) : (b))
+/* Max memory size is addressing-space/2, topping at 2^32 blocks (4 TB) */
+#define ARGON2_MAX_MEMORY_BITS                                                 \
+    ARGON2_MIN(UINT32_C(32), (sizeof(void *) * CHAR_BIT - 10 - 1))
+#define ARGON2_MAX_MEMORY                                                      \
+    ARGON2_MIN(UINT32_C(0xFFFFFFFF), UINT64_C(1) << ARGON2_MAX_MEMORY_BITS)
+
+/* Minimum and maximum number of passes */
+#define ARGON2_MIN_TIME UINT32_C(1)
+#define ARGON2_MAX_TIME UINT32_C(0xFFFFFFFF)
+
+/* Minimum and maximum password length in bytes */
+#define ARGON2_MIN_PWD_LENGTH UINT32_C(0)
+#define ARGON2_MAX_PWD_LENGTH UINT32_C(0xFFFFFFFF)
+
+/* Minimum and maximum associated data length in bytes */
+#define ARGON2_MIN_AD_LENGTH UINT32_C(0)
+#define ARGON2_MAX_AD_LENGTH UINT32_C(0xFFFFFFFF)
+
+/* Minimum and maximum salt length in bytes */
+#define ARGON2_MIN_SALT_LENGTH UINT32_C(8)
+#define ARGON2_MAX_SALT_LENGTH UINT32_C(0xFFFFFFFF)
+
+/* Minimum and maximum key length in bytes */
+#define ARGON2_MIN_SECRET UINT32_C(0)
+#define ARGON2_MAX_SECRET UINT32_C(0xFFFFFFFF)
+
+/* Flags to determine which fields are securely wiped (default = no wipe). */
+#define ARGON2_DEFAULT_FLAGS UINT32_C(0)
+#define ARGON2_FLAG_CLEAR_PASSWORD (UINT32_C(1) << 0)
+#define ARGON2_FLAG_CLEAR_SECRET (UINT32_C(1) << 1)
+
+/* Global flag to determine if we are wiping internal memory buffers. This flag
+ * is defined in core.c and deafults to 1 (wipe internal memory). */
+extern int FLAG_clear_internal_memory;
+
+/* Error codes */
+typedef enum Argon2_ErrorCodes {
+    ARGON2_OK = 0,
+
+    ARGON2_OUTPUT_PTR_NULL = -1,
+
+    ARGON2_OUTPUT_TOO_SHORT = -2,
+    ARGON2_OUTPUT_TOO_LONG = -3,
+
+    ARGON2_PWD_TOO_SHORT = -4,
+    ARGON2_PWD_TOO_LONG = -5,
+
+    ARGON2_SALT_TOO_SHORT = -6,
+    ARGON2_SALT_TOO_LONG = -7,
+
+    ARGON2_AD_TOO_SHORT = -8,
+    ARGON2_AD_TOO_LONG = -9,
+
+    ARGON2_SECRET_TOO_SHORT = -10,
+    ARGON2_SECRET_TOO_LONG = -11,
+
+    ARGON2_TIME_TOO_SMALL = -12,
+    ARGON2_TIME_TOO_LARGE = -13,
+
+    ARGON2_MEMORY_TOO_LITTLE = -14,
+    ARGON2_MEMORY_TOO_MUCH = -15,
+
+    ARGON2_LANES_TOO_FEW = -16,
+    ARGON2_LANES_TOO_MANY = -17,
+
+    ARGON2_PWD_PTR_MISMATCH = -18,    /* NULL ptr with non-zero length */
+    ARGON2_SALT_PTR_MISMATCH = -19,   /* NULL ptr with non-zero length */
+    ARGON2_SECRET_PTR_MISMATCH = -20, /* NULL ptr with non-zero length */
+    ARGON2_AD_PTR_MISMATCH = -21,     /* NULL ptr with non-zero length */
+
+    ARGON2_MEMORY_ALLOCATION_ERROR = -22,
+
+    ARGON2_FREE_MEMORY_CBK_NULL = -23,
+    ARGON2_ALLOCATE_MEMORY_CBK_NULL = -24,
+
+    ARGON2_INCORRECT_PARAMETER = -25,
+    ARGON2_INCORRECT_TYPE = -26,
+
+    ARGON2_OUT_PTR_MISMATCH = -27,
+
+    ARGON2_THREADS_TOO_FEW = -28,
+    ARGON2_THREADS_TOO_MANY = -29,
+
+    ARGON2_MISSING_ARGS = -30,
+
+    ARGON2_ENCODING_FAIL = -31,
+
+    ARGON2_DECODING_FAIL = -32,
+
+    ARGON2_THREAD_FAIL = -33,
+
+    ARGON2_DECODING_LENGTH_FAIL = -34,
+
+    ARGON2_VERIFY_MISMATCH = -35
+} argon2_error_codes;
+
+/* Memory allocator types --- for external allocation */
+typedef int (*allocate_fptr)(uint8_t **memory, size_t bytes_to_allocate);
+typedef void (*deallocate_fptr)(uint8_t *memory, size_t bytes_to_allocate);
+
+/* Argon2 external data structures */
+
+/*
+ *****
+ * Context: structure to hold Argon2 inputs:
+ *  output array and its length,
+ *  password and its length,
+ *  salt and its length,
+ *  secret and its length,
+ *  associated data and its length,
+ *  number of passes, amount of used memory (in KBytes, can be rounded up a bit)
+ *  number of parallel threads that will be run.
+ * All the parameters above affect the output hash value.
+ * Additionally, two function pointers can be provided to allocate and
+ * deallocate the memory (if NULL, memory will be allocated internally).
+ * Also, three flags indicate whether to erase password, secret as soon as they
+ * are pre-hashed (and thus not needed anymore), and the entire memory
+ *****
+ * Simplest situation: you have output array out[8], password is stored in
+ * pwd[32], salt is stored in salt[16], you do not have keys nor associated
+ * data. You need to spend 1 GB of RAM and you run 5 passes of Argon2d with
+ * 4 parallel lanes.
+ * You want to erase the password, but you're OK with last pass not being
+ * erased. You want to use the default memory allocator.
+ * Then you initialize:
+ Argon2_Context(out,8,pwd,32,salt,16,NULL,0,NULL,0,5,1<<20,4,4,NULL,NULL,true,false,false,false)
+ */
+typedef struct Argon2_Context {
+    uint8_t *out;    /* output array */
+    uint32_t outlen; /* digest length */
+
+    uint8_t *pwd;    /* password array */
+    uint32_t pwdlen; /* password length */
+
+    uint8_t *salt;    /* salt array */
+    uint32_t saltlen; /* salt length */
+
+    uint8_t *secret;    /* key array */
+    uint32_t secretlen; /* key length */
+
+    uint8_t *ad;    /* associated data array */
+    uint32_t adlen; /* associated data length */
+
+    uint32_t t_cost;  /* number of passes */
+    uint32_t m_cost;  /* amount of memory requested (KB) */
+    uint32_t lanes;   /* number of lanes */
+    uint32_t threads; /* maximum number of threads */
+
+    uint32_t version; /* version number */
+
+    allocate_fptr allocate_cbk; /* pointer to memory allocator */
+    deallocate_fptr free_cbk;   /* pointer to memory deallocator */
+
+    uint32_t flags; /* array of bool options */
+} argon2_context;
+
+/* Argon2 primitive type */
+typedef enum Argon2_type {
+  Argon2_d = 0,
+  Argon2_i = 1,
+  Argon2_id = 2
+} argon2_type;
+
+/* Version of the algorithm */
+typedef enum Argon2_version {
+    ARGON2_VERSION_10 = 0x10,
+    ARGON2_VERSION_13 = 0x13,
+    ARGON2_VERSION_NUMBER = ARGON2_VERSION_13
+} argon2_version;
+
+/*
+ * Function that gives the string representation of an argon2_type.
+ * @param type The argon2_type that we want the string for
+ * @param uppercase Whether the string should have the first letter uppercase
+ * @return NULL if invalid type, otherwise the string representation.
+ */
+ARGON2_PUBLIC const char *argon2_type2string(argon2_type type, int uppercase);
+
+/*
+ * Function that performs memory-hard hashing with certain degree of parallelism
+ * @param  context  Pointer to the Argon2 internal structure
+ * @return Error code if smth is wrong, ARGON2_OK otherwise
+ */
+ARGON2_PUBLIC int argon2_ctx(argon2_context *context, argon2_type type);
+
+/**
+ * Hashes a password with Argon2i, producing an encoded hash
+ * @param t_cost Number of iterations
+ * @param m_cost Sets memory usage to m_cost kibibytes
+ * @param parallelism Number of threads and compute lanes
+ * @param pwd Pointer to password
+ * @param pwdlen Password size in bytes
+ * @param salt Pointer to salt
+ * @param saltlen Salt size in bytes
+ * @param hashlen Desired length of the hash in bytes
+ * @param encoded Buffer where to write the encoded hash
+ * @param encodedlen Size of the buffer (thus max size of the encoded hash)
+ * @pre   Different parallelism levels will give different results
+ * @pre   Returns ARGON2_OK if successful
+ */
+ARGON2_PUBLIC int argon2i_hash_encoded(const uint32_t t_cost,
+                                       const uint32_t m_cost,
+                                       const uint32_t parallelism,
+                                       const void *pwd, const size_t pwdlen,
+                                       const void *salt, const size_t saltlen,
+                                       const size_t hashlen, char *encoded,
+                                       const size_t encodedlen);
+
+/**
+ * Hashes a password with Argon2i, producing a raw hash by allocating memory at
+ * @hash
+ * @param t_cost Number of iterations
+ * @param m_cost Sets memory usage to m_cost kibibytes
+ * @param parallelism Number of threads and compute lanes
+ * @param pwd Pointer to password
+ * @param pwdlen Password size in bytes
+ * @param salt Pointer to salt
+ * @param saltlen Salt size in bytes
+ * @param hash Buffer where to write the raw hash - updated by the function
+ * @param hashlen Desired length of the hash in bytes
+ * @pre   Different parallelism levels will give different results
+ * @pre   Returns ARGON2_OK if successful
+ */
+ARGON2_PUBLIC int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
+                                   const uint32_t parallelism, const void *pwd,
+                                   const size_t pwdlen, const void *salt,
+                                   const size_t saltlen, void *hash,
+                                   const size_t hashlen);
+
+ARGON2_PUBLIC int argon2d_hash_encoded(const uint32_t t_cost,
+                                       const uint32_t m_cost,
+                                       const uint32_t parallelism,
+                                       const void *pwd, const size_t pwdlen,
+                                       const void *salt, const size_t saltlen,
+                                       const size_t hashlen, char *encoded,
+                                       const size_t encodedlen);
+
+ARGON2_PUBLIC int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
+                                   const uint32_t parallelism, const void *pwd,
+                                   const size_t pwdlen, const void *salt,
+                                   const size_t saltlen, void *hash,
+                                   const size_t hashlen);
+
+ARGON2_PUBLIC int argon2id_hash_encoded(const uint32_t t_cost,
+                                        const uint32_t m_cost,
+                                        const uint32_t parallelism,
+                                        const void *pwd, const size_t pwdlen,
+                                        const void *salt, const size_t saltlen,
+                                        const size_t hashlen, char *encoded,
+                                        const size_t encodedlen);
+
+ARGON2_PUBLIC int argon2id_hash_raw(const uint32_t t_cost,
+                                    const uint32_t m_cost,
+                                    const uint32_t parallelism, const void *pwd,
+                                    const size_t pwdlen, const void *salt,
+                                    const size_t saltlen, void *hash,
+                                    const size_t hashlen);
+
+/* generic function underlying the above ones */
+ARGON2_PUBLIC int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
+                              const uint32_t parallelism, const void *pwd,
+                              const size_t pwdlen, const void *salt,
+                              const size_t saltlen, void *hash,
+                              const size_t hashlen, char *encoded,
+                              const size_t encodedlen, argon2_type type,
+                              const uint32_t version);
+
+/**
+ * Verifies a password against an encoded string
+ * Encoded string is restricted as in validate_inputs()
+ * @param encoded String encoding parameters, salt, hash
+ * @param pwd Pointer to password
+ * @pre   Returns ARGON2_OK if successful
+ */
+ARGON2_PUBLIC int argon2i_verify(const char *encoded, const void *pwd,
+                                 const size_t pwdlen);
+
+ARGON2_PUBLIC int argon2d_verify(const char *encoded, const void *pwd,
+                                 const size_t pwdlen);
+
+ARGON2_PUBLIC int argon2id_verify(const char *encoded, const void *pwd,
+                                  const size_t pwdlen);
+
+/* generic function underlying the above ones */
+ARGON2_PUBLIC int argon2_verify(const char *encoded, const void *pwd,
+                                const size_t pwdlen, argon2_type type);
+
+/**
+ * Argon2d: Version of Argon2 that picks memory blocks depending
+ * on the password and salt. Only for side-channel-free
+ * environment!!
+ *****
+ * @param  context  Pointer to current Argon2 context
+ * @return  Zero if successful, a non zero error code otherwise
+ */
+ARGON2_PUBLIC int argon2d_ctx(argon2_context *context);
+
+/**
+ * Argon2i: Version of Argon2 that picks memory blocks
+ * independent on the password and salt. Good for side-channels,
+ * but worse w.r.t. tradeoff attacks if only one pass is used.
+ *****
+ * @param  context  Pointer to current Argon2 context
+ * @return  Zero if successful, a non zero error code otherwise
+ */
+ARGON2_PUBLIC int argon2i_ctx(argon2_context *context);
+
+/**
+ * Argon2id: Version of Argon2 where the first half-pass over memory is
+ * password-independent, the rest are password-dependent (on the password and
+ * salt). OK against side channels (they reduce to 1/2-pass Argon2i), and
+ * better with w.r.t. tradeoff attacks (similar to Argon2d).
+ *****
+ * @param  context  Pointer to current Argon2 context
+ * @return  Zero if successful, a non zero error code otherwise
+ */
+ARGON2_PUBLIC int argon2id_ctx(argon2_context *context);
+
+/**
+ * Verify if a given password is correct for Argon2d hashing
+ * @param  context  Pointer to current Argon2 context
+ * @param  hash  The password hash to verify. The length of the hash is
+ * specified by the context outlen member
+ * @return  Zero if successful, a non zero error code otherwise
+ */
+ARGON2_PUBLIC int argon2d_verify_ctx(argon2_context *context, const char *hash);
+
+/**
+ * Verify if a given password is correct for Argon2i hashing
+ * @param  context  Pointer to current Argon2 context
+ * @param  hash  The password hash to verify. The length of the hash is
+ * specified by the context outlen member
+ * @return  Zero if successful, a non zero error code otherwise
+ */
+ARGON2_PUBLIC int argon2i_verify_ctx(argon2_context *context, const char *hash);
+
+/**
+ * Verify if a given password is correct for Argon2id hashing
+ * @param  context  Pointer to current Argon2 context
+ * @param  hash  The password hash to verify. The length of the hash is
+ * specified by the context outlen member
+ * @return  Zero if successful, a non zero error code otherwise
+ */
+ARGON2_PUBLIC int argon2id_verify_ctx(argon2_context *context,
+                                      const char *hash);
+
+/* generic function underlying the above ones */
+ARGON2_PUBLIC int argon2_verify_ctx(argon2_context *context, const char *hash,
+                                    argon2_type type);
+
+/**
+ * Get the associated error message for given error code
+ * @return  The error message associated with the given error code
+ */
+ARGON2_PUBLIC const char *argon2_error_message(int error_code);
+
+/**
+ * Returns the encoded hash length for the given input parameters
+ * @param t_cost  Number of iterations
+ * @param m_cost  Memory usage in kibibytes
+ * @param parallelism  Number of threads; used to compute lanes
+ * @param saltlen  Salt size in bytes
+ * @param hashlen  Hash size in bytes
+ * @param type The argon2_type that we want the encoded length for
+ * @return  The encoded hash length in bytes
+ */
+ARGON2_PUBLIC size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost,
+                                       uint32_t parallelism, uint32_t saltlen,
+                                       uint32_t hashlen, argon2_type type);
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif