diff --git a/Makefile b/Makefile index ca5793a38..b4d973391 100644 --- a/Makefile +++ b/Makefile @@ -139,6 +139,7 @@ include libc/testlib/testlib.mk include tool/viz/lib/vizlib.mk include third_party/linenoise/linenoise.mk include third_party/lua/lua.mk +include third_party/argon2/argon2.mk include third_party/sqlite3/sqlite3.mk include third_party/mbedtls/test/test.mk include third_party/quickjs/quickjs.mk diff --git a/third_party/argon2/argon2.c b/third_party/argon2/argon2.c index 34da3d6b4..509e61827 100644 --- a/third_party/argon2/argon2.c +++ b/third_party/argon2/argon2.c @@ -15,13 +15,13 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include +#include +#include +#include -#include "argon2.h" -#include "encoding.h" -#include "core.h" +#include "third_party/argon2/argon2.h" +#include "third_party/argon2/encoding.h" +#include "third_party/argon2/core.h" const char *argon2_type2string(argon2_type type, int uppercase) { switch (type) { diff --git a/third_party/argon2/argon2.h b/third_party/argon2/argon2.h new file mode 100644 index 000000000..f17967f82 --- /dev/null +++ b/third_party/argon2/argon2.h @@ -0,0 +1,437 @@ +/* + * Argon2 reference source code package - reference C implementations + * + * Copyright 2015 + * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves + * + * You may use this work under the terms of a Creative Commons CC0 1.0 + * License/Waiver or the Apache Public License 2.0, at your option. The terms of + * these licenses can be found at: + * + * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 + * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 + * + * You should have received a copy of both of these licenses along with this + * software. If not, they may be obtained at the above URLs. + */ + +#ifndef ARGON2_H +#define ARGON2_H + +#include +#include +#include + +#if defined(__cplusplus) +extern "C" { +#endif + +/* Symbols visibility control */ +#ifdef A2_VISCTL +#define ARGON2_PUBLIC __attribute__((visibility("default"))) +#define ARGON2_LOCAL __attribute__ ((visibility ("hidden"))) +#elif defined(_MSC_VER) +#define ARGON2_PUBLIC __declspec(dllexport) +#define ARGON2_LOCAL +#else +#define ARGON2_PUBLIC +#define ARGON2_LOCAL +#endif + +/* + * Argon2 input parameter restrictions + */ + +/* Minimum and maximum number of lanes (degree of parallelism) */ +#define ARGON2_MIN_LANES UINT32_C(1) +#define ARGON2_MAX_LANES UINT32_C(0xFFFFFF) + +/* Minimum and maximum number of threads */ +#define ARGON2_MIN_THREADS UINT32_C(1) +#define ARGON2_MAX_THREADS UINT32_C(0xFFFFFF) + +/* Number of synchronization points between lanes per pass */ +#define ARGON2_SYNC_POINTS UINT32_C(4) + +/* Minimum and maximum digest size in bytes */ +#define ARGON2_MIN_OUTLEN UINT32_C(4) +#define ARGON2_MAX_OUTLEN UINT32_C(0xFFFFFFFF) + +/* Minimum and maximum number of memory blocks (each of BLOCK_SIZE bytes) */ +#define ARGON2_MIN_MEMORY (2 * ARGON2_SYNC_POINTS) /* 2 blocks per slice */ + +#define ARGON2_MIN(a, b) ((a) < (b) ? (a) : (b)) +/* Max memory size is addressing-space/2, topping at 2^32 blocks (4 TB) */ +#define ARGON2_MAX_MEMORY_BITS \ + ARGON2_MIN(UINT32_C(32), (sizeof(void *) * CHAR_BIT - 10 - 1)) +#define ARGON2_MAX_MEMORY \ + ARGON2_MIN(UINT32_C(0xFFFFFFFF), UINT64_C(1) << ARGON2_MAX_MEMORY_BITS) + +/* Minimum and maximum number of passes */ +#define ARGON2_MIN_TIME UINT32_C(1) +#define ARGON2_MAX_TIME UINT32_C(0xFFFFFFFF) + +/* Minimum and maximum password length in bytes */ +#define ARGON2_MIN_PWD_LENGTH UINT32_C(0) +#define ARGON2_MAX_PWD_LENGTH UINT32_C(0xFFFFFFFF) + +/* Minimum and maximum associated data length in bytes */ +#define ARGON2_MIN_AD_LENGTH UINT32_C(0) +#define ARGON2_MAX_AD_LENGTH UINT32_C(0xFFFFFFFF) + +/* Minimum and maximum salt length in bytes */ +#define ARGON2_MIN_SALT_LENGTH UINT32_C(8) +#define ARGON2_MAX_SALT_LENGTH UINT32_C(0xFFFFFFFF) + +/* Minimum and maximum key length in bytes */ +#define ARGON2_MIN_SECRET UINT32_C(0) +#define ARGON2_MAX_SECRET UINT32_C(0xFFFFFFFF) + +/* Flags to determine which fields are securely wiped (default = no wipe). */ +#define ARGON2_DEFAULT_FLAGS UINT32_C(0) +#define ARGON2_FLAG_CLEAR_PASSWORD (UINT32_C(1) << 0) +#define ARGON2_FLAG_CLEAR_SECRET (UINT32_C(1) << 1) + +/* Global flag to determine if we are wiping internal memory buffers. This flag + * is defined in core.c and defaults to 1 (wipe internal memory). */ +extern int FLAG_clear_internal_memory; + +/* Error codes */ +typedef enum Argon2_ErrorCodes { + ARGON2_OK = 0, + + ARGON2_OUTPUT_PTR_NULL = -1, + + ARGON2_OUTPUT_TOO_SHORT = -2, + ARGON2_OUTPUT_TOO_LONG = -3, + + ARGON2_PWD_TOO_SHORT = -4, + ARGON2_PWD_TOO_LONG = -5, + + ARGON2_SALT_TOO_SHORT = -6, + ARGON2_SALT_TOO_LONG = -7, + + ARGON2_AD_TOO_SHORT = -8, + ARGON2_AD_TOO_LONG = -9, + + ARGON2_SECRET_TOO_SHORT = -10, + ARGON2_SECRET_TOO_LONG = -11, + + ARGON2_TIME_TOO_SMALL = -12, + ARGON2_TIME_TOO_LARGE = -13, + + ARGON2_MEMORY_TOO_LITTLE = -14, + ARGON2_MEMORY_TOO_MUCH = -15, + + ARGON2_LANES_TOO_FEW = -16, + ARGON2_LANES_TOO_MANY = -17, + + ARGON2_PWD_PTR_MISMATCH = -18, /* NULL ptr with non-zero length */ + ARGON2_SALT_PTR_MISMATCH = -19, /* NULL ptr with non-zero length */ + ARGON2_SECRET_PTR_MISMATCH = -20, /* NULL ptr with non-zero length */ + ARGON2_AD_PTR_MISMATCH = -21, /* NULL ptr with non-zero length */ + + ARGON2_MEMORY_ALLOCATION_ERROR = -22, + + ARGON2_FREE_MEMORY_CBK_NULL = -23, + ARGON2_ALLOCATE_MEMORY_CBK_NULL = -24, + + ARGON2_INCORRECT_PARAMETER = -25, + ARGON2_INCORRECT_TYPE = -26, + + ARGON2_OUT_PTR_MISMATCH = -27, + + ARGON2_THREADS_TOO_FEW = -28, + ARGON2_THREADS_TOO_MANY = -29, + + ARGON2_MISSING_ARGS = -30, + + ARGON2_ENCODING_FAIL = -31, + + ARGON2_DECODING_FAIL = -32, + + ARGON2_THREAD_FAIL = -33, + + ARGON2_DECODING_LENGTH_FAIL = -34, + + ARGON2_VERIFY_MISMATCH = -35 +} argon2_error_codes; + +/* Memory allocator types --- for external allocation */ +typedef int (*allocate_fptr)(uint8_t **memory, size_t bytes_to_allocate); +typedef void (*deallocate_fptr)(uint8_t *memory, size_t bytes_to_allocate); + +/* Argon2 external data structures */ + +/* + ***** + * Context: structure to hold Argon2 inputs: + * output array and its length, + * password and its length, + * salt and its length, + * secret and its length, + * associated data and its length, + * number of passes, amount of used memory (in KBytes, can be rounded up a bit) + * number of parallel threads that will be run. + * All the parameters above affect the output hash value. + * Additionally, two function pointers can be provided to allocate and + * deallocate the memory (if NULL, memory will be allocated internally). + * Also, three flags indicate whether to erase password, secret as soon as they + * are pre-hashed (and thus not needed anymore), and the entire memory + ***** + * Simplest situation: you have output array out[8], password is stored in + * pwd[32], salt is stored in salt[16], you do not have keys nor associated + * data. You need to spend 1 GB of RAM and you run 5 passes of Argon2d with + * 4 parallel lanes. + * You want to erase the password, but you're OK with last pass not being + * erased. You want to use the default memory allocator. + * Then you initialize: + Argon2_Context(out,8,pwd,32,salt,16,NULL,0,NULL,0,5,1<<20,4,4,NULL,NULL,true,false,false,false) + */ +typedef struct Argon2_Context { + uint8_t *out; /* output array */ + uint32_t outlen; /* digest length */ + + uint8_t *pwd; /* password array */ + uint32_t pwdlen; /* password length */ + + uint8_t *salt; /* salt array */ + uint32_t saltlen; /* salt length */ + + uint8_t *secret; /* key array */ + uint32_t secretlen; /* key length */ + + uint8_t *ad; /* associated data array */ + uint32_t adlen; /* associated data length */ + + uint32_t t_cost; /* number of passes */ + uint32_t m_cost; /* amount of memory requested (KB) */ + uint32_t lanes; /* number of lanes */ + uint32_t threads; /* maximum number of threads */ + + uint32_t version; /* version number */ + + allocate_fptr allocate_cbk; /* pointer to memory allocator */ + deallocate_fptr free_cbk; /* pointer to memory deallocator */ + + uint32_t flags; /* array of bool options */ +} argon2_context; + +/* Argon2 primitive type */ +typedef enum Argon2_type { + Argon2_d = 0, + Argon2_i = 1, + Argon2_id = 2 +} argon2_type; + +/* Version of the algorithm */ +typedef enum Argon2_version { + ARGON2_VERSION_10 = 0x10, + ARGON2_VERSION_13 = 0x13, + ARGON2_VERSION_NUMBER = ARGON2_VERSION_13 +} argon2_version; + +/* + * Function that gives the string representation of an argon2_type. + * @param type The argon2_type that we want the string for + * @param uppercase Whether the string should have the first letter uppercase + * @return NULL if invalid type, otherwise the string representation. + */ +ARGON2_PUBLIC const char *argon2_type2string(argon2_type type, int uppercase); + +/* + * Function that performs memory-hard hashing with certain degree of parallelism + * @param context Pointer to the Argon2 internal structure + * @return Error code if smth is wrong, ARGON2_OK otherwise + */ +ARGON2_PUBLIC int argon2_ctx(argon2_context *context, argon2_type type); + +/** + * Hashes a password with Argon2i, producing an encoded hash + * @param t_cost Number of iterations + * @param m_cost Sets memory usage to m_cost kibibytes + * @param parallelism Number of threads and compute lanes + * @param pwd Pointer to password + * @param pwdlen Password size in bytes + * @param salt Pointer to salt + * @param saltlen Salt size in bytes + * @param hashlen Desired length of the hash in bytes + * @param encoded Buffer where to write the encoded hash + * @param encodedlen Size of the buffer (thus max size of the encoded hash) + * @pre Different parallelism levels will give different results + * @pre Returns ARGON2_OK if successful + */ +ARGON2_PUBLIC int argon2i_hash_encoded(const uint32_t t_cost, + const uint32_t m_cost, + const uint32_t parallelism, + const void *pwd, const size_t pwdlen, + const void *salt, const size_t saltlen, + const size_t hashlen, char *encoded, + const size_t encodedlen); + +/** + * Hashes a password with Argon2i, producing a raw hash at @hash + * @param t_cost Number of iterations + * @param m_cost Sets memory usage to m_cost kibibytes + * @param parallelism Number of threads and compute lanes + * @param pwd Pointer to password + * @param pwdlen Password size in bytes + * @param salt Pointer to salt + * @param saltlen Salt size in bytes + * @param hash Buffer where to write the raw hash - updated by the function + * @param hashlen Desired length of the hash in bytes + * @pre Different parallelism levels will give different results + * @pre Returns ARGON2_OK if successful + */ +ARGON2_PUBLIC int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost, + const uint32_t parallelism, const void *pwd, + const size_t pwdlen, const void *salt, + const size_t saltlen, void *hash, + const size_t hashlen); + +ARGON2_PUBLIC int argon2d_hash_encoded(const uint32_t t_cost, + const uint32_t m_cost, + const uint32_t parallelism, + const void *pwd, const size_t pwdlen, + const void *salt, const size_t saltlen, + const size_t hashlen, char *encoded, + const size_t encodedlen); + +ARGON2_PUBLIC int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost, + const uint32_t parallelism, const void *pwd, + const size_t pwdlen, const void *salt, + const size_t saltlen, void *hash, + const size_t hashlen); + +ARGON2_PUBLIC int argon2id_hash_encoded(const uint32_t t_cost, + const uint32_t m_cost, + const uint32_t parallelism, + const void *pwd, const size_t pwdlen, + const void *salt, const size_t saltlen, + const size_t hashlen, char *encoded, + const size_t encodedlen); + +ARGON2_PUBLIC int argon2id_hash_raw(const uint32_t t_cost, + const uint32_t m_cost, + const uint32_t parallelism, const void *pwd, + const size_t pwdlen, const void *salt, + const size_t saltlen, void *hash, + const size_t hashlen); + +/* generic function underlying the above ones */ +ARGON2_PUBLIC int argon2_hash(const uint32_t t_cost, const uint32_t m_cost, + const uint32_t parallelism, const void *pwd, + const size_t pwdlen, const void *salt, + const size_t saltlen, void *hash, + const size_t hashlen, char *encoded, + const size_t encodedlen, argon2_type type, + const uint32_t version); + +/** + * Verifies a password against an encoded string + * Encoded string is restricted as in validate_inputs() + * @param encoded String encoding parameters, salt, hash + * @param pwd Pointer to password + * @pre Returns ARGON2_OK if successful + */ +ARGON2_PUBLIC int argon2i_verify(const char *encoded, const void *pwd, + const size_t pwdlen); + +ARGON2_PUBLIC int argon2d_verify(const char *encoded, const void *pwd, + const size_t pwdlen); + +ARGON2_PUBLIC int argon2id_verify(const char *encoded, const void *pwd, + const size_t pwdlen); + +/* generic function underlying the above ones */ +ARGON2_PUBLIC int argon2_verify(const char *encoded, const void *pwd, + const size_t pwdlen, argon2_type type); + +/** + * Argon2d: Version of Argon2 that picks memory blocks depending + * on the password and salt. Only for side-channel-free + * environment!! + ***** + * @param context Pointer to current Argon2 context + * @return Zero if successful, a non zero error code otherwise + */ +ARGON2_PUBLIC int argon2d_ctx(argon2_context *context); + +/** + * Argon2i: Version of Argon2 that picks memory blocks + * independent on the password and salt. Good for side-channels, + * but worse w.r.t. tradeoff attacks if only one pass is used. + ***** + * @param context Pointer to current Argon2 context + * @return Zero if successful, a non zero error code otherwise + */ +ARGON2_PUBLIC int argon2i_ctx(argon2_context *context); + +/** + * Argon2id: Version of Argon2 where the first half-pass over memory is + * password-independent, the rest are password-dependent (on the password and + * salt). OK against side channels (they reduce to 1/2-pass Argon2i), and + * better with w.r.t. tradeoff attacks (similar to Argon2d). + ***** + * @param context Pointer to current Argon2 context + * @return Zero if successful, a non zero error code otherwise + */ +ARGON2_PUBLIC int argon2id_ctx(argon2_context *context); + +/** + * Verify if a given password is correct for Argon2d hashing + * @param context Pointer to current Argon2 context + * @param hash The password hash to verify. The length of the hash is + * specified by the context outlen member + * @return Zero if successful, a non zero error code otherwise + */ +ARGON2_PUBLIC int argon2d_verify_ctx(argon2_context *context, const char *hash); + +/** + * Verify if a given password is correct for Argon2i hashing + * @param context Pointer to current Argon2 context + * @param hash The password hash to verify. The length of the hash is + * specified by the context outlen member + * @return Zero if successful, a non zero error code otherwise + */ +ARGON2_PUBLIC int argon2i_verify_ctx(argon2_context *context, const char *hash); + +/** + * Verify if a given password is correct for Argon2id hashing + * @param context Pointer to current Argon2 context + * @param hash The password hash to verify. The length of the hash is + * specified by the context outlen member + * @return Zero if successful, a non zero error code otherwise + */ +ARGON2_PUBLIC int argon2id_verify_ctx(argon2_context *context, + const char *hash); + +/* generic function underlying the above ones */ +ARGON2_PUBLIC int argon2_verify_ctx(argon2_context *context, const char *hash, + argon2_type type); + +/** + * Get the associated error message for given error code + * @return The error message associated with the given error code + */ +ARGON2_PUBLIC const char *argon2_error_message(int error_code); + +/** + * Returns the encoded hash length for the given input parameters + * @param t_cost Number of iterations + * @param m_cost Memory usage in kibibytes + * @param parallelism Number of threads; used to compute lanes + * @param saltlen Salt size in bytes + * @param hashlen Hash size in bytes + * @param type The argon2_type that we want the encoded length for + * @return The encoded hash length in bytes + */ +ARGON2_PUBLIC size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, + uint32_t parallelism, uint32_t saltlen, + uint32_t hashlen, argon2_type type); + +#if defined(__cplusplus) +} +#endif + +#endif diff --git a/third_party/argon2/bench.c b/third_party/argon2/bench.c deleted file mode 100644 index 63355192a..000000000 --- a/third_party/argon2/bench.c +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Argon2 reference source code package - reference C implementations - * - * Copyright 2015 - * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves - * - * You may use this work under the terms of a Creative Commons CC0 1.0 - * License/Waiver or the Apache Public License 2.0, at your option. The terms of - * these licenses can be found at: - * - * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 - * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 - * - * You should have received a copy of both of these licenses along with this - * software. If not, they may be obtained at the above URLs. - */ - -#include -#include -#include -#include -#include -#ifdef _WIN32 -#include -#endif - -#include "argon2.h" - -static uint64_t rdtsc(void) { -#ifdef _WIN32 - return __rdtsc(); -#else -#if defined(__amd64__) || defined(__x86_64__) - uint64_t rax, rdx; - __asm__ __volatile__("rdtsc" : "=a"(rax), "=d"(rdx) : :); - return (rdx << 32) | rax; -#elif defined(__i386__) || defined(__i386) || defined(__X86__) - uint64_t rax; - __asm__ __volatile__("rdtsc" : "=A"(rax) : :); - return rax; -#else -#error "Not implemented!" -#endif -#endif -} - -/* - * Benchmarks Argon2 with salt length 16, password length 16, t_cost 3, - and different m_cost and threads - */ -static void benchmark() { -#define BENCH_OUTLEN 16 -#define BENCH_INLEN 16 - const uint32_t inlen = BENCH_INLEN; - const unsigned outlen = BENCH_OUTLEN; - unsigned char out[BENCH_OUTLEN]; - unsigned char pwd_array[BENCH_INLEN]; - unsigned char salt_array[BENCH_INLEN]; -#undef BENCH_INLEN -#undef BENCH_OUTLEN - - uint32_t t_cost = 3; - uint32_t m_cost; - uint32_t thread_test[4] = {1, 2, 4, 8}; - argon2_type types[3] = {Argon2_i, Argon2_d, Argon2_id}; - - memset(pwd_array, 0, inlen); - memset(salt_array, 1, inlen); - - for (m_cost = (uint32_t)1 << 10; m_cost <= (uint32_t)1 << 22; m_cost *= 2) { - unsigned i; - for (i = 0; i < 4; ++i) { - double run_time = 0; - uint32_t thread_n = thread_test[i]; - - unsigned j; - for (j = 0; j < 3; ++j) { - clock_t start_time, stop_time; - uint64_t start_cycles, stop_cycles; - uint64_t delta; - double mcycles; - - argon2_type type = types[j]; - start_time = clock(); - start_cycles = rdtsc(); - - argon2_hash(t_cost, m_cost, thread_n, pwd_array, inlen, - salt_array, inlen, out, outlen, NULL, 0, type, - ARGON2_VERSION_NUMBER); - - stop_cycles = rdtsc(); - stop_time = clock(); - - delta = (stop_cycles - start_cycles) / (m_cost); - mcycles = (double)(stop_cycles - start_cycles) / (1UL << 20); - run_time += ((double)stop_time - start_time) / (CLOCKS_PER_SEC); - - printf("%s %d iterations %d MiB %d threads: %2.2f cpb %2.2f " - "Mcycles \n", argon2_type2string(type, 1), t_cost, - m_cost >> 10, thread_n, (float)delta / 1024, mcycles); - } - - printf("%2.4f seconds\n\n", run_time); - } - } -} - -int main() { - benchmark(); - return ARGON2_OK; -} diff --git a/third_party/argon2/blake2-impl.h b/third_party/argon2/blake2-impl.h index 86d0d5cfa..666cfc5bf 100644 --- a/third_party/argon2/blake2-impl.h +++ b/third_party/argon2/blake2-impl.h @@ -18,8 +18,8 @@ #ifndef PORTABLE_BLAKE2_IMPL_H #define PORTABLE_BLAKE2_IMPL_H -#include -#include +#include +#include #ifdef _WIN32 #define BLAKE2_INLINE __inline diff --git a/third_party/argon2/blake2.h b/third_party/argon2/blake2.h index 501c6a318..4284547a8 100644 --- a/third_party/argon2/blake2.h +++ b/third_party/argon2/blake2.h @@ -18,7 +18,7 @@ #ifndef PORTABLE_BLAKE2_H #define PORTABLE_BLAKE2_H -#include +#include #if defined(__cplusplus) extern "C" { diff --git a/third_party/argon2/blake2b.c b/third_party/argon2/blake2b.c index 3b519ddb4..b2f0768d2 100644 --- a/third_party/argon2/blake2b.c +++ b/third_party/argon2/blake2b.c @@ -15,12 +15,12 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include +#include +#include +#include -#include "blake2.h" -#include "blake2-impl.h" +#include "third_party/argon2/blake2.h" +#include "third_party/argon2/blake2-impl.h" static const uint64_t blake2b_IV[8] = { UINT64_C(0x6a09e667f3bcc908), UINT64_C(0xbb67ae8584caa73b), diff --git a/third_party/argon2/blamka-round-opt.h b/third_party/argon2/blamka-round-opt.h index 3127f2a37..9c01e5625 100644 --- a/third_party/argon2/blamka-round-opt.h +++ b/third_party/argon2/blamka-round-opt.h @@ -18,15 +18,11 @@ #ifndef BLAKE_ROUND_MKA_OPT_H #define BLAKE_ROUND_MKA_OPT_H -#include "blake2-impl.h" +#include "third_party/argon2/blake2-impl.h" -#include +#include #if defined(__SSSE3__) -#include /* for _mm_shuffle_epi8 and _mm_alignr_epi8 */ -#endif - -#if defined(__XOP__) && (defined(__GNUC__) || defined(__clang__)) -#include +#include /* for _mm_shuffle_epi8 and _mm_alignr_epi8 */ #endif #if !defined(__AVX512F__) @@ -180,7 +176,7 @@ static BLAKE2_INLINE __m128i fBlaMka(__m128i x, __m128i y) { } while ((void)0, 0) #else /* __AVX2__ */ -#include +#include #define rotr32(x) _mm256_shuffle_epi32(x, _MM_SHUFFLE(2, 3, 0, 1)) #define rotr24(x) _mm256_shuffle_epi8(x, _mm256_setr_epi8(3, 4, 5, 6, 7, 0, 1, 2, 11, 12, 13, 14, 15, 8, 9, 10, 3, 4, 5, 6, 7, 0, 1, 2, 11, 12, 13, 14, 15, 8, 9, 10)) @@ -329,7 +325,7 @@ static BLAKE2_INLINE __m128i fBlaMka(__m128i x, __m128i y) { #else /* __AVX512F__ */ -#include +#error __AVX512F__ Not supported #define ror64(x, n) _mm512_ror_epi64((x), (n)) diff --git a/third_party/argon2/blamka-round-ref.h b/third_party/argon2/blamka-round-ref.h index 16cfc1c74..7f3f44459 100644 --- a/third_party/argon2/blamka-round-ref.h +++ b/third_party/argon2/blamka-round-ref.h @@ -18,8 +18,8 @@ #ifndef BLAKE_ROUND_MKA_H #define BLAKE_ROUND_MKA_H -#include "blake2.h" -#include "blake2-impl.h" +#include "third_party/argon2/blake2.h" +#include "third_party/argon2/blake2-impl.h" /* designed by the Lyra PHC team */ static BLAKE2_INLINE uint64_t fBlaMka(uint64_t x, uint64_t y) { diff --git a/third_party/argon2/core.c b/third_party/argon2/core.c index e697882eb..3658855ea 100644 --- a/third_party/argon2/core.c +++ b/third_party/argon2/core.c @@ -15,11 +15,6 @@ * software. If not, they may be obtained at the above URLs. */ -/*For memory wiping*/ -#ifdef _WIN32 -#include -#include /* For SecureZeroMemory */ -#endif #if defined __STDC_LIB_EXT1__ #define __STDC_WANT_LIB_EXT1__ 1 #endif @@ -28,18 +23,13 @@ /* for explicit_bzero() on glibc */ #define _DEFAULT_SOURCE -#include -#include -#include +#include +#include +#include -#include "core.h" -#include "thread.h" -#include "blake2/blake2.h" -#include "blake2/blake2-impl.h" - -#ifdef GENKAT -#include "genkat.h" -#endif +#include "third_party/argon2/core.h" +#include "third_party/argon2/blake2.h" +#include "third_party/argon2/blake2-impl.h" #if defined(__clang__) #if __has_attribute(optnone) @@ -177,10 +167,6 @@ void finalize(const argon2_context *context, argon2_instance_t *instance) { clear_internal_memory(blockhash_bytes, ARGON2_BLOCK_SIZE); } -#ifdef GENKAT - print_tag(context->out, context->outlen); -#endif - free_memory(context, (uint8_t *)instance->memory, instance->memory_blocks, sizeof(block)); } @@ -267,9 +253,6 @@ static int fill_memory_blocks_st(argon2_instance_t *instance) { fill_segment(instance, position); } } -#ifdef GENKAT - internal_kat(instance, r); /* Print all memory blocks */ -#endif } return ARGON2_OK; } @@ -355,10 +338,6 @@ static int fill_memory_blocks_mt(argon2_instance_t *instance) { } } } - -#ifdef GENKAT - internal_kat(instance, r); /* Print all memory blocks */ -#endif } fail: @@ -634,10 +613,6 @@ int initialize(argon2_instance_t *instance, argon2_context *context) { ARGON2_PREHASH_SEED_LENGTH - ARGON2_PREHASH_DIGEST_LENGTH); -#ifdef GENKAT - initial_kat(blockhash, context, instance->type); -#endif - /* 3. Creating first blocks, we always have at least two blocks in a slice */ fill_first_blocks(blockhash, instance); diff --git a/third_party/argon2/core.h b/third_party/argon2/core.h index 59e25646c..4a966f9dd 100644 --- a/third_party/argon2/core.h +++ b/third_party/argon2/core.h @@ -18,7 +18,7 @@ #ifndef ARGON2_CORE_H #define ARGON2_CORE_H -#include "argon2.h" +#include "third_party/argon2/argon2.h" #define CONST_CAST(x) (x)(uintptr_t) diff --git a/third_party/argon2/encoding.c b/third_party/argon2/encoding.c index 771a4409d..b7c098ad4 100644 --- a/third_party/argon2/encoding.c +++ b/third_party/argon2/encoding.c @@ -15,12 +15,12 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include -#include -#include "encoding.h" -#include "core.h" +#include +#include +#include +#include +#include "third_party/argon2/encoding.h" +#include "third_party/argon2/core.h" /* * Example code for a decoder and encoder of "hash strings", with Argon2 diff --git a/third_party/argon2/encoding.h b/third_party/argon2/encoding.h index 5b8b2ddb4..5cc75e61b 100644 --- a/third_party/argon2/encoding.h +++ b/third_party/argon2/encoding.h @@ -17,7 +17,7 @@ #ifndef ENCODING_H #define ENCODING_H -#include "argon2.h" +#include "third_party/argon2/argon2.h" #define ARGON2_MAX_DECODED_LANES UINT32_C(255) #define ARGON2_MIN_DECODED_SALT_LEN UINT32_C(8) diff --git a/third_party/argon2/genkat.c b/third_party/argon2/genkat.c deleted file mode 100644 index dbbc07296..000000000 --- a/third_party/argon2/genkat.c +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Argon2 reference source code package - reference C implementations - * - * Copyright 2015 - * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves - * - * You may use this work under the terms of a Creative Commons CC0 1.0 - * License/Waiver or the Apache Public License 2.0, at your option. The terms of - * these licenses can be found at: - * - * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 - * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 - * - * You should have received a copy of both of these licenses along with this - * software. If not, they may be obtained at the above URLs. - */ - -#include -#include -#include -#include "argon2.h" -#include "core.h" -#ifdef __MINGW32__ -#include -#else -/* Don't use (it's not C89) */ -#define PRIx64 "llx" -#endif - -void initial_kat(const uint8_t *blockhash, const argon2_context *context, - argon2_type type) { - unsigned i; - - if (blockhash != NULL && context != NULL) { - printf("=======================================\n"); - - printf("%s version number %d\n", argon2_type2string(type, 1), - context->version); - - printf("=======================================\n"); - - - printf("Memory: %u KiB, Iterations: %u, Parallelism: %u lanes, Tag " - "length: %u bytes\n", - context->m_cost, context->t_cost, context->lanes, - context->outlen); - - printf("Password[%u]: ", context->pwdlen); - - if (context->flags & ARGON2_FLAG_CLEAR_PASSWORD) { - printf("CLEARED\n"); - } else { - for (i = 0; i < context->pwdlen; ++i) { - printf("%2.2x ", ((unsigned char *)context->pwd)[i]); - } - - printf("\n"); - } - - printf("Salt[%u]: ", context->saltlen); - - for (i = 0; i < context->saltlen; ++i) { - printf("%2.2x ", ((unsigned char *)context->salt)[i]); - } - - printf("\n"); - - printf("Secret[%u]: ", context->secretlen); - - if (context->flags & ARGON2_FLAG_CLEAR_SECRET) { - printf("CLEARED\n"); - } else { - for (i = 0; i < context->secretlen; ++i) { - printf("%2.2x ", ((unsigned char *)context->secret)[i]); - } - - printf("\n"); - } - - printf("Associated data[%u]: ", context->adlen); - - for (i = 0; i < context->adlen; ++i) { - printf("%2.2x ", ((unsigned char *)context->ad)[i]); - } - - printf("\n"); - - printf("Pre-hashing digest: "); - - for (i = 0; i < ARGON2_PREHASH_DIGEST_LENGTH; ++i) { - printf("%2.2x ", ((unsigned char *)blockhash)[i]); - } - - printf("\n"); - } -} - -void print_tag(const void *out, uint32_t outlen) { - unsigned i; - if (out != NULL) { - printf("Tag: "); - - for (i = 0; i < outlen; ++i) { - printf("%2.2x ", ((uint8_t *)out)[i]); - } - - printf("\n"); - } -} - -void internal_kat(const argon2_instance_t *instance, uint32_t pass) { - - if (instance != NULL) { - uint32_t i, j; - printf("\n After pass %u:\n", pass); - - for (i = 0; i < instance->memory_blocks; ++i) { - uint32_t how_many_words = - (instance->memory_blocks > ARGON2_QWORDS_IN_BLOCK) - ? 1 - : ARGON2_QWORDS_IN_BLOCK; - - for (j = 0; j < how_many_words; ++j) - printf("Block %.4u [%3u]: %016" PRIx64 "\n", i, j, - (unsigned long long)instance->memory[i].v[j]); - } - } -} - -static void fatal(const char *error) { - fprintf(stderr, "Error: %s\n", error); - exit(1); -} - -static void generate_testvectors(argon2_type type, const uint32_t version) { -#define TEST_OUTLEN 32 -#define TEST_PWDLEN 32 -#define TEST_SALTLEN 16 -#define TEST_SECRETLEN 8 -#define TEST_ADLEN 12 - argon2_context context; - - unsigned char out[TEST_OUTLEN]; - unsigned char pwd[TEST_PWDLEN]; - unsigned char salt[TEST_SALTLEN]; - unsigned char secret[TEST_SECRETLEN]; - unsigned char ad[TEST_ADLEN]; - const allocate_fptr myown_allocator = NULL; - const deallocate_fptr myown_deallocator = NULL; - - unsigned t_cost = 3; - unsigned m_cost = 32; - unsigned lanes = 4; - - memset(pwd, 1, TEST_OUTLEN); - memset(salt, 2, TEST_SALTLEN); - memset(secret, 3, TEST_SECRETLEN); - memset(ad, 4, TEST_ADLEN); - - context.out = out; - context.outlen = TEST_OUTLEN; - context.version = version; - context.pwd = pwd; - context.pwdlen = TEST_PWDLEN; - context.salt = salt; - context.saltlen = TEST_SALTLEN; - context.secret = secret; - context.secretlen = TEST_SECRETLEN; - context.ad = ad; - context.adlen = TEST_ADLEN; - context.t_cost = t_cost; - context.m_cost = m_cost; - context.lanes = lanes; - context.threads = lanes; - context.allocate_cbk = myown_allocator; - context.free_cbk = myown_deallocator; - context.flags = ARGON2_DEFAULT_FLAGS; - -#undef TEST_OUTLEN -#undef TEST_PWDLEN -#undef TEST_SALTLEN -#undef TEST_SECRETLEN -#undef TEST_ADLEN - - argon2_ctx(&context, type); -} - -int main(int argc, char *argv[]) { - /* Get and check Argon2 type */ - const char *type_str = (argc > 1) ? argv[1] : "i"; - argon2_type type = Argon2_i; - uint32_t version = ARGON2_VERSION_NUMBER; - if (!strcmp(type_str, "d")) { - type = Argon2_d; - } else if (!strcmp(type_str, "i")) { - type = Argon2_i; - } else if (!strcmp(type_str, "id")) { - type = Argon2_id; - } else { - fatal("wrong Argon2 type"); - } - - /* Get and check Argon2 version number */ - if (argc > 2) { - version = strtoul(argv[2], NULL, 10); - } - if (ARGON2_VERSION_10 != version && ARGON2_VERSION_NUMBER != version) { - fatal("wrong Argon2 version number"); - } - - generate_testvectors(type, version); - return ARGON2_OK; -} diff --git a/third_party/argon2/genkat.h b/third_party/argon2/genkat.h deleted file mode 100644 index 3a7162a6b..000000000 --- a/third_party/argon2/genkat.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Argon2 reference source code package - reference C implementations - * - * Copyright 2015 - * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves - * - * You may use this work under the terms of a Creative Commons CC0 1.0 - * License/Waiver or the Apache Public License 2.0, at your option. The terms of - * these licenses can be found at: - * - * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 - * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 - * - * You should have received a copy of both of these licenses along with this - * software. If not, they may be obtained at the above URLs. - */ - -#ifndef ARGON2_KAT_H -#define ARGON2_KAT_H - -#include "core.h" - -/* - * Initial KAT function that prints the inputs to the file - * @param blockhash Array that contains pre-hashing digest - * @param context Holds inputs - * @param type Argon2 type - * @pre blockhash must point to INPUT_INITIAL_HASH_LENGTH bytes - * @pre context member pointers must point to allocated memory of size according - * to the length values - */ -void initial_kat(const uint8_t *blockhash, const argon2_context *context, - argon2_type type); - -/* - * Function that prints the output tag - * @param out output array pointer - * @param outlen digest length - * @pre out must point to @a outlen bytes - **/ -void print_tag(const void *out, uint32_t outlen); - -/* - * Function that prints the internal state at given moment - * @param instance pointer to the current instance - * @param pass current pass number - * @pre instance must have necessary memory allocated - **/ -void internal_kat(const argon2_instance_t *instance, uint32_t pass); - -#endif diff --git a/third_party/argon2/opt.c b/third_party/argon2/opt.c index 6c5e403fc..a069e55f2 100644 --- a/third_party/argon2/opt.c +++ b/third_party/argon2/opt.c @@ -15,15 +15,15 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include +#include +#include +#include -#include "argon2.h" -#include "core.h" +#include "third_party/argon2/argon2.h" +#include "third_party/argon2/core.h" -#include "blake2/blake2.h" -#include "blake2/blamka-round-opt.h" +#include "third_party/argon2/blake2.h" +#include "third_party/argon2/blamka-round-opt.h" /* * Function fills a new memory block and optionally XORs the old block over the new one. diff --git a/third_party/argon2/ref.c b/third_party/argon2/ref.c index 10e45eba6..5556682b1 100644 --- a/third_party/argon2/ref.c +++ b/third_party/argon2/ref.c @@ -15,16 +15,16 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include +#include +#include +#include #include "argon2.h" #include "core.h" -#include "blake2/blamka-round-ref.h" -#include "blake2/blake2-impl.h" -#include "blake2/blake2.h" +#include "blamka-round-ref.h" +#include "blake2-impl.h" +#include "blake2.h" /* diff --git a/third_party/argon2/run.c b/third_party/argon2/run.c deleted file mode 100644 index 702b618e3..000000000 --- a/third_party/argon2/run.c +++ /dev/null @@ -1,337 +0,0 @@ -/* - * Argon2 reference source code package - reference C implementations - * - * Copyright 2015 - * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves - * - * You may use this work under the terms of a Creative Commons CC0 1.0 - * License/Waiver or the Apache Public License 2.0, at your option. The terms of - * these licenses can be found at: - * - * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 - * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 - * - * You should have received a copy of both of these licenses along with this - * software. If not, they may be obtained at the above URLs. - */ - -#define _GNU_SOURCE 1 - -#include -#include -#include -#include -#include - -#include "argon2.h" -#include "core.h" - -#define T_COST_DEF 3 -#define LOG_M_COST_DEF 12 /* 2^12 = 4 MiB */ -#define LANES_DEF 1 -#define THREADS_DEF 1 -#define OUTLEN_DEF 32 -#define MAX_PASS_LEN 128 - -#define UNUSED_PARAMETER(x) (void)(x) - -static void usage(const char *cmd) { - printf("Usage: %s [-h] salt [-i|-d|-id] [-t iterations] " - "[-m log2(memory in KiB) | -k memory in KiB] [-p parallelism] " - "[-l hash length] [-e|-r] [-v (10|13)]\n", - cmd); - printf("\tPassword is read from stdin\n"); - printf("Parameters:\n"); - printf("\tsalt\t\tThe salt to use, at least 8 characters\n"); - printf("\t-i\t\tUse Argon2i (this is the default)\n"); - printf("\t-d\t\tUse Argon2d instead of Argon2i\n"); - printf("\t-id\t\tUse Argon2id instead of Argon2i\n"); - printf("\t-t N\t\tSets the number of iterations to N (default = %d)\n", - T_COST_DEF); - printf("\t-m N\t\tSets the memory usage of 2^N KiB (default %d)\n", - LOG_M_COST_DEF); - printf("\t-k N\t\tSets the memory usage of N KiB (default %d)\n", - 1 << LOG_M_COST_DEF); - printf("\t-p N\t\tSets parallelism to N threads (default %d)\n", - THREADS_DEF); - printf("\t-l N\t\tSets hash output length to N bytes (default %d)\n", - OUTLEN_DEF); - printf("\t-e\t\tOutput only encoded hash\n"); - printf("\t-r\t\tOutput only the raw bytes of the hash\n"); - printf("\t-v (10|13)\tArgon2 version (defaults to the most recent version, currently %x)\n", - ARGON2_VERSION_NUMBER); - printf("\t-h\t\tPrint %s usage\n", cmd); -} - -static void fatal(const char *error) { - fprintf(stderr, "Error: %s\n", error); - exit(1); -} - -static void print_hex(uint8_t *bytes, size_t bytes_len) { - size_t i; - for (i = 0; i < bytes_len; ++i) { - printf("%02x", bytes[i]); - } - printf("\n"); -} - -/* -Runs Argon2 with certain inputs and parameters, inputs not cleared. Prints the -Base64-encoded hash string -@out output array with at least 32 bytes allocated -@pwd NULL-terminated string, presumably from argv[] -@salt salt array -@t_cost number of iterations -@m_cost amount of requested memory in KB -@lanes amount of requested parallelism -@threads actual parallelism -@type Argon2 type we want to run -@encoded_only display only the encoded hash -@raw_only display only the hexadecimal of the hash -@version Argon2 version -*/ -static void run(uint32_t outlen, char *pwd, size_t pwdlen, char *salt, uint32_t t_cost, - uint32_t m_cost, uint32_t lanes, uint32_t threads, - argon2_type type, int encoded_only, int raw_only, uint32_t version) { - clock_t start_time, stop_time; - size_t saltlen, encodedlen; - int result; - unsigned char * out = NULL; - char * encoded = NULL; - - start_time = clock(); - - if (!pwd) { - fatal("password missing"); - } - - if (!salt) { - clear_internal_memory(pwd, pwdlen); - fatal("salt missing"); - } - - saltlen = strlen(salt); - if(UINT32_MAX < saltlen) { - fatal("salt is too long"); - } - - UNUSED_PARAMETER(lanes); - - out = malloc(outlen + 1); - if (!out) { - clear_internal_memory(pwd, pwdlen); - fatal("could not allocate memory for output"); - } - - encodedlen = argon2_encodedlen(t_cost, m_cost, lanes, (uint32_t)saltlen, outlen, type); - encoded = malloc(encodedlen + 1); - if (!encoded) { - clear_internal_memory(pwd, pwdlen); - fatal("could not allocate memory for hash"); - } - - result = argon2_hash(t_cost, m_cost, threads, pwd, pwdlen, salt, saltlen, - out, outlen, encoded, encodedlen, type, - version); - if (result != ARGON2_OK) - fatal(argon2_error_message(result)); - - stop_time = clock(); - - if (encoded_only) - puts(encoded); - - if (raw_only) - print_hex(out, outlen); - - if (encoded_only || raw_only) { - free(out); - free(encoded); - return; - } - - printf("Hash:\t\t"); - print_hex(out, outlen); - free(out); - - printf("Encoded:\t%s\n", encoded); - - printf("%2.3f seconds\n", - ((double)stop_time - start_time) / (CLOCKS_PER_SEC)); - - result = argon2_verify(encoded, pwd, pwdlen, type); - if (result != ARGON2_OK) - fatal(argon2_error_message(result)); - printf("Verification ok\n"); - free(encoded); -} - -int main(int argc, char *argv[]) { - uint32_t outlen = OUTLEN_DEF; - uint32_t m_cost = 1 << LOG_M_COST_DEF; - uint32_t t_cost = T_COST_DEF; - uint32_t lanes = LANES_DEF; - uint32_t threads = THREADS_DEF; - argon2_type type = Argon2_i; /* Argon2i is the default type */ - int types_specified = 0; - int m_cost_specified = 0; - int encoded_only = 0; - int raw_only = 0; - uint32_t version = ARGON2_VERSION_NUMBER; - int i; - size_t pwdlen; - char pwd[MAX_PASS_LEN], *salt; - - if (argc < 2) { - usage(argv[0]); - return ARGON2_MISSING_ARGS; - } else if (argc >= 2 && strcmp(argv[1], "-h") == 0) { - usage(argv[0]); - return 1; - } - - /* get password from stdin */ - pwdlen = fread(pwd, 1, sizeof pwd, stdin); - if(pwdlen < 1) { - fatal("no password read"); - } - if(pwdlen == MAX_PASS_LEN) { - fatal("Provided password longer than supported in command line utility"); - } - - salt = argv[1]; - - /* parse options */ - for (i = 2; i < argc; i++) { - const char *a = argv[i]; - unsigned long input = 0; - if (!strcmp(a, "-h")) { - usage(argv[0]); - return 1; - } else if (!strcmp(a, "-m")) { - if (m_cost_specified) { - fatal("-m or -k can only be used once"); - } - m_cost_specified = 1; - if (i < argc - 1) { - i++; - input = strtoul(argv[i], NULL, 10); - if (input == 0 || input == ULONG_MAX || - input > ARGON2_MAX_MEMORY_BITS) { - fatal("bad numeric input for -m"); - } - m_cost = ARGON2_MIN(UINT64_C(1) << input, UINT32_C(0xFFFFFFFF)); - if (m_cost > ARGON2_MAX_MEMORY) { - fatal("m_cost overflow"); - } - continue; - } else { - fatal("missing -m argument"); - } - } else if (!strcmp(a, "-k")) { - if (m_cost_specified) { - fatal("-m or -k can only be used once"); - } - m_cost_specified = 1; - if (i < argc - 1) { - i++; - input = strtoul(argv[i], NULL, 10); - if (input == 0 || input == ULONG_MAX) { - fatal("bad numeric input for -k"); - } - m_cost = ARGON2_MIN(input, UINT32_C(0xFFFFFFFF)); - if (m_cost > ARGON2_MAX_MEMORY) { - fatal("m_cost overflow"); - } - continue; - } else { - fatal("missing -k argument"); - } - } else if (!strcmp(a, "-t")) { - if (i < argc - 1) { - i++; - input = strtoul(argv[i], NULL, 10); - if (input == 0 || input == ULONG_MAX || - input > ARGON2_MAX_TIME) { - fatal("bad numeric input for -t"); - } - t_cost = input; - continue; - } else { - fatal("missing -t argument"); - } - } else if (!strcmp(a, "-p")) { - if (i < argc - 1) { - i++; - input = strtoul(argv[i], NULL, 10); - if (input == 0 || input == ULONG_MAX || - input > ARGON2_MAX_THREADS || input > ARGON2_MAX_LANES) { - fatal("bad numeric input for -p"); - } - threads = input; - lanes = threads; - continue; - } else { - fatal("missing -p argument"); - } - } else if (!strcmp(a, "-l")) { - if (i < argc - 1) { - i++; - input = strtoul(argv[i], NULL, 10); - outlen = input; - continue; - } else { - fatal("missing -l argument"); - } - } else if (!strcmp(a, "-i")) { - type = Argon2_i; - ++types_specified; - } else if (!strcmp(a, "-d")) { - type = Argon2_d; - ++types_specified; - } else if (!strcmp(a, "-id")) { - type = Argon2_id; - ++types_specified; - } else if (!strcmp(a, "-e")) { - encoded_only = 1; - } else if (!strcmp(a, "-r")) { - raw_only = 1; - } else if (!strcmp(a, "-v")) { - if (i < argc - 1) { - i++; - if (!strcmp(argv[i], "10")) { - version = ARGON2_VERSION_10; - } else if (!strcmp(argv[i], "13")) { - version = ARGON2_VERSION_13; - } else { - fatal("invalid Argon2 version"); - } - } else { - fatal("missing -v argument"); - } - } else { - fatal("unknown argument"); - } - } - - if (types_specified > 1) { - fatal("cannot specify multiple Argon2 types"); - } - - if(encoded_only && raw_only) - fatal("cannot provide both -e and -r"); - - if(!encoded_only && !raw_only) { - printf("Type:\t\t%s\n", argon2_type2string(type, 1)); - printf("Iterations:\t%u\n", t_cost); - printf("Memory:\t\t%u KiB\n", m_cost); - printf("Parallelism:\t%u\n", lanes); - } - - run(outlen, pwd, pwdlen, salt, t_cost, m_cost, lanes, threads, type, - encoded_only, raw_only, version); - - return ARGON2_OK; -} - diff --git a/third_party/argon2/test.c b/third_party/argon2/test.c deleted file mode 100644 index 055c19a36..000000000 --- a/third_party/argon2/test.c +++ /dev/null @@ -1,289 +0,0 @@ -/* - * Argon2 reference source code package - reference C implementations - * - * Copyright 2015 - * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves - * - * You may use this work under the terms of a Creative Commons CC0 1.0 - * License/Waiver or the Apache Public License 2.0, at your option. The terms of - * these licenses can be found at: - * - * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 - * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 - * - * You should have received a copy of both of these licenses along with this - * software. If not, they may be obtained at the above URLs. - */ - -#include -#include -#include -#include -#include -#include - -#include "argon2.h" - -#define OUT_LEN 32 -#define ENCODED_LEN 108 - -/* Test harness will assert: - * argon2_hash() returns ARGON2_OK - * HEX output matches expected - * encoded output matches expected - * argon2_verify() correctly verifies value - */ - -void hashtest(uint32_t version, uint32_t t, uint32_t m, uint32_t p, char *pwd, - char *salt, char *hexref, char *mcfref, argon2_type type) { - unsigned char out[OUT_LEN]; - unsigned char hex_out[OUT_LEN * 2 + 4]; - char encoded[ENCODED_LEN]; - int ret, i; - - printf("Hash test: $v=%d t=%d, m=%d, p=%d, pass=%s, salt=%s: ", version, - t, m, p, pwd, salt); - - ret = argon2_hash(t, 1 << m, p, pwd, strlen(pwd), salt, strlen(salt), out, - OUT_LEN, encoded, ENCODED_LEN, type, version); - assert(ret == ARGON2_OK); - - for (i = 0; i < OUT_LEN; ++i) - sprintf((char *)(hex_out + i * 2), "%02x", out[i]); - assert(memcmp(hex_out, hexref, OUT_LEN * 2) == 0); - - if (ARGON2_VERSION_NUMBER == version) { - assert(memcmp(encoded, mcfref, strlen(mcfref)) == 0); - } - - ret = argon2_verify(encoded, pwd, strlen(pwd), type); - assert(ret == ARGON2_OK); - ret = argon2_verify(mcfref, pwd, strlen(pwd), type); - assert(ret == ARGON2_OK); - - printf("PASS\n"); -} - -int main() { - int ret; - unsigned char out[OUT_LEN]; - char const *msg; - int version; - - version = ARGON2_VERSION_10; - printf("Test Argon2i version number: %02x\n", version); - - /* Multiple test cases for various input values */ - hashtest(version, 2, 16, 1, "password", "somesalt", - "f6c4db4a54e2a370627aff3db6176b94a2a209a62c8e36152711802f7b30c694", - "$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ" - "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", Argon2_i); -#ifdef TEST_LARGE_RAM - hashtest(version, 2, 20, 1, "password", "somesalt", - "9690ec55d28d3ed32562f2e73ea62b02b018757643a2ae6e79528459de8106e9", - "$argon2i$m=1048576,t=2,p=1$c29tZXNhbHQ" - "$lpDsVdKNPtMlYvLnPqYrArAYdXZDoq5ueVKEWd6BBuk", Argon2_i); -#endif - hashtest(version, 2, 18, 1, "password", "somesalt", - "3e689aaa3d28a77cf2bc72a51ac53166761751182f1ee292e3f677a7da4c2467", - "$argon2i$m=262144,t=2,p=1$c29tZXNhbHQ" - "$Pmiaqj0op3zyvHKlGsUxZnYXURgvHuKS4/Z3p9pMJGc", Argon2_i); - hashtest(version, 2, 8, 1, "password", "somesalt", - "fd4dd83d762c49bdeaf57c47bdcd0c2f1babf863fdeb490df63ede9975fccf06", - "$argon2i$m=256,t=2,p=1$c29tZXNhbHQ" - "$/U3YPXYsSb3q9XxHvc0MLxur+GP960kN9j7emXX8zwY", Argon2_i); - hashtest(version, 2, 8, 2, "password", "somesalt", - "b6c11560a6a9d61eac706b79a2f97d68b4463aa3ad87e00c07e2b01e90c564fb", - "$argon2i$m=256,t=2,p=2$c29tZXNhbHQ" - "$tsEVYKap1h6scGt5ovl9aLRGOqOth+AMB+KwHpDFZPs", Argon2_i); - hashtest(version, 1, 16, 1, "password", "somesalt", - "81630552b8f3b1f48cdb1992c4c678643d490b2b5eb4ff6c4b3438b5621724b2", - "$argon2i$m=65536,t=1,p=1$c29tZXNhbHQ" - "$gWMFUrjzsfSM2xmSxMZ4ZD1JCytetP9sSzQ4tWIXJLI", Argon2_i); - hashtest(version, 4, 16, 1, "password", "somesalt", - "f212f01615e6eb5d74734dc3ef40ade2d51d052468d8c69440a3a1f2c1c2847b", - "$argon2i$m=65536,t=4,p=1$c29tZXNhbHQ" - "$8hLwFhXm6110c03D70Ct4tUdBSRo2MaUQKOh8sHChHs", Argon2_i); - hashtest(version, 2, 16, 1, "differentpassword", "somesalt", - "e9c902074b6754531a3a0be519e5baf404b30ce69b3f01ac3bf21229960109a3", - "$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ" - "$6ckCB0tnVFMaOgvlGeW69ASzDOabPwGsO/ISKZYBCaM", Argon2_i); - hashtest(version, 2, 16, 1, "password", "diffsalt", - "79a103b90fe8aef8570cb31fc8b22259778916f8336b7bdac3892569d4f1c497", - "$argon2i$m=65536,t=2,p=1$ZGlmZnNhbHQ" - "$eaEDuQ/orvhXDLMfyLIiWXeJFvgza3vaw4kladTxxJc", Argon2_i); - - /* Error state tests */ - - /* Handle an invalid encoding correctly (it is missing a $) */ - ret = argon2_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ" - "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_DECODING_FAIL); - printf("Recognise an invalid encoding: PASS\n"); - - /* Handle an invalid encoding correctly (it is missing a $) */ - ret = argon2_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ" - "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_DECODING_FAIL); - printf("Recognise an invalid encoding: PASS\n"); - - /* Handle an invalid encoding correctly (salt is too short) */ - ret = argon2_verify("$argon2i$m=65536,t=2,p=1$" - "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_SALT_TOO_SHORT); - printf("Recognise an invalid salt in encoding: PASS\n"); - - /* Handle an mismatching hash (the encoded password is "passwore") */ - ret = argon2_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ" - "$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_VERIFY_MISMATCH); - printf("Verify with mismatched password: PASS\n"); - - msg = argon2_error_message(ARGON2_DECODING_FAIL); - assert(strcmp(msg, "Decoding failed") == 0); - printf("Decode an error message: PASS\n"); - - printf("\n"); - - version = ARGON2_VERSION_NUMBER; - printf("Test Argon2i version number: %02x\n", version); - - /* Multiple test cases for various input values */ - hashtest(version, 2, 16, 1, "password", "somesalt", - "c1628832147d9720c5bd1cfd61367078729f6dfb6f8fea9ff98158e0d7816ed0", - "$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" - "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA", Argon2_i); -#ifdef TEST_LARGE_RAM - hashtest(version, 2, 20, 1, "password", "somesalt", - "d1587aca0922c3b5d6a83edab31bee3c4ebaef342ed6127a55d19b2351ad1f41", - "$argon2i$v=19$m=1048576,t=2,p=1$c29tZXNhbHQ" - "$0Vh6ygkiw7XWqD7asxvuPE667zQu1hJ6VdGbI1GtH0E", Argon2_i); -#endif - hashtest(version, 2, 18, 1, "password", "somesalt", - "296dbae80b807cdceaad44ae741b506f14db0959267b183b118f9b24229bc7cb", - "$argon2i$v=19$m=262144,t=2,p=1$c29tZXNhbHQ" - "$KW266AuAfNzqrUSudBtQbxTbCVkmexg7EY+bJCKbx8s", Argon2_i); - hashtest(version, 2, 8, 1, "password", "somesalt", - "89e9029f4637b295beb027056a7336c414fadd43f6b208645281cb214a56452f", - "$argon2i$v=19$m=256,t=2,p=1$c29tZXNhbHQ" - "$iekCn0Y3spW+sCcFanM2xBT63UP2sghkUoHLIUpWRS8", Argon2_i); - hashtest(version, 2, 8, 2, "password", "somesalt", - "4ff5ce2769a1d7f4c8a491df09d41a9fbe90e5eb02155a13e4c01e20cd4eab61", - "$argon2i$v=19$m=256,t=2,p=2$c29tZXNhbHQ" - "$T/XOJ2mh1/TIpJHfCdQan76Q5esCFVoT5MAeIM1Oq2E", Argon2_i); - hashtest(version, 1, 16, 1, "password", "somesalt", - "d168075c4d985e13ebeae560cf8b94c3b5d8a16c51916b6f4ac2da3ac11bbecf", - "$argon2i$v=19$m=65536,t=1,p=1$c29tZXNhbHQ" - "$0WgHXE2YXhPr6uVgz4uUw7XYoWxRkWtvSsLaOsEbvs8", Argon2_i); - hashtest(version, 4, 16, 1, "password", "somesalt", - "aaa953d58af3706ce3df1aefd4a64a84e31d7f54175231f1285259f88174ce5b", - "$argon2i$v=19$m=65536,t=4,p=1$c29tZXNhbHQ" - "$qqlT1YrzcGzj3xrv1KZKhOMdf1QXUjHxKFJZ+IF0zls", Argon2_i); - hashtest(version, 2, 16, 1, "differentpassword", "somesalt", - "14ae8da01afea8700c2358dcef7c5358d9021282bd88663a4562f59fb74d22ee", - "$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" - "$FK6NoBr+qHAMI1jc73xTWNkCEoK9iGY6RWL1n7dNIu4", Argon2_i); - hashtest(version, 2, 16, 1, "password", "diffsalt", - "b0357cccfbef91f3860b0dba447b2348cbefecadaf990abfe9cc40726c521271", - "$argon2i$v=19$m=65536,t=2,p=1$ZGlmZnNhbHQ" - "$sDV8zPvvkfOGCw26RHsjSMvv7K2vmQq/6cxAcmxSEnE", Argon2_i); - - - /* Error state tests */ - - /* Handle an invalid encoding correctly (it is missing a $) */ - ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1c29tZXNhbHQ" - "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_DECODING_FAIL); - printf("Recognise an invalid encoding: PASS\n"); - - /* Handle an invalid encoding correctly (it is missing a $) */ - ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" - "wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_DECODING_FAIL); - printf("Recognise an invalid encoding: PASS\n"); - - /* Handle an invalid encoding correctly (salt is too short) */ - ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$" - "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_SALT_TOO_SHORT); - printf("Recognise an invalid salt in encoding: PASS\n"); - - /* Handle an mismatching hash (the encoded password is "passwore") */ - ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" - "$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM", - "password", strlen("password"), Argon2_i); - assert(ret == ARGON2_VERIFY_MISMATCH); - printf("Verify with mismatched password: PASS\n"); - - msg = argon2_error_message(ARGON2_DECODING_FAIL); - assert(strcmp(msg, "Decoding failed") == 0); - printf("Decode an error message: PASS\n\n"); - - printf("Test Argon2id version number: %02x\n", version); - - /* Multiple test cases for various input values */ - hashtest(version, 2, 16, 1, "password", "somesalt", - "09316115d5cf24ed5a15a31a3ba326e5cf32edc24702987c02b6566f61913cf7", - "$argon2id$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" - "$CTFhFdXPJO1aFaMaO6Mm5c8y7cJHAph8ArZWb2GRPPc", Argon2_id); - hashtest(version, 2, 18, 1, "password", "somesalt", - "78fe1ec91fb3aa5657d72e710854e4c3d9b9198c742f9616c2f085bed95b2e8c", - "$argon2id$v=19$m=262144,t=2,p=1$c29tZXNhbHQ" - "$eP4eyR+zqlZX1y5xCFTkw9m5GYx0L5YWwvCFvtlbLow", Argon2_id); - hashtest(version, 2, 8, 1, "password", "somesalt", - "9dfeb910e80bad0311fee20f9c0e2b12c17987b4cac90c2ef54d5b3021c68bfe", - "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ" - "$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", Argon2_id); - hashtest(version, 2, 8, 2, "password", "somesalt", - "6d093c501fd5999645e0ea3bf620d7b8be7fd2db59c20d9fff9539da2bf57037", - "$argon2id$v=19$m=256,t=2,p=2$c29tZXNhbHQ" - "$bQk8UB/VmZZF4Oo79iDXuL5/0ttZwg2f/5U52iv1cDc", Argon2_id); - hashtest(version, 1, 16, 1, "password", "somesalt", - "f6a5adc1ba723dddef9b5ac1d464e180fcd9dffc9d1cbf76cca2fed795d9ca98", - "$argon2id$v=19$m=65536,t=1,p=1$c29tZXNhbHQ" - "$9qWtwbpyPd3vm1rB1GThgPzZ3/ydHL92zKL+15XZypg", Argon2_id); - hashtest(version, 4, 16, 1, "password", "somesalt", - "9025d48e68ef7395cca9079da4c4ec3affb3c8911fe4f86d1a2520856f63172c", - "$argon2id$v=19$m=65536,t=4,p=1$c29tZXNhbHQ" - "$kCXUjmjvc5XMqQedpMTsOv+zyJEf5PhtGiUghW9jFyw", Argon2_id); - hashtest(version, 2, 16, 1, "differentpassword", "somesalt", - "0b84d652cf6b0c4beaef0dfe278ba6a80df6696281d7e0d2891b817d8c458fde", - "$argon2id$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" - "$C4TWUs9rDEvq7w3+J4umqA32aWKB1+DSiRuBfYxFj94", Argon2_id); - hashtest(version, 2, 16, 1, "password", "diffsalt", - "bdf32b05ccc42eb15d58fd19b1f856b113da1e9a5874fdcc544308565aa8141c", - "$argon2id$v=19$m=65536,t=2,p=1$ZGlmZnNhbHQ" - "$vfMrBczELrFdWP0ZsfhWsRPaHppYdP3MVEMIVlqoFBw", Argon2_id); - - /* Common error state tests */ - - printf("\n"); - printf("Common error state tests\n"); - - ret = argon2_hash(2, 1, 1, "password", strlen("password"), - "diffsalt", strlen("diffsalt"), - out, OUT_LEN, NULL, 0, Argon2_id, version); - assert(ret == ARGON2_MEMORY_TOO_LITTLE); - printf("Fail on invalid memory: PASS\n"); - - ret = argon2_hash(2, 1 << 12, 1, NULL, strlen("password"), - "diffsalt", strlen("diffsalt"), - out, OUT_LEN, NULL, 0, Argon2_id, version); - assert(ret == ARGON2_PWD_PTR_MISMATCH); - printf("Fail on invalid null pointer: PASS\n"); - - ret = argon2_hash(2, 1 << 12, 1, "password", strlen("password"), "s", 1, - out, OUT_LEN, NULL, 0, Argon2_id, version); - assert(ret == ARGON2_SALT_TOO_SHORT); - printf("Fail on salt too short: PASS\n"); - - return 0; -} diff --git a/third_party/argon2/thread.c b/third_party/argon2/thread.c deleted file mode 100644 index 3ae2fb233..000000000 --- a/third_party/argon2/thread.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Argon2 reference source code package - reference C implementations - * - * Copyright 2015 - * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves - * - * You may use this work under the terms of a Creative Commons CC0 1.0 - * License/Waiver or the Apache Public License 2.0, at your option. The terms of - * these licenses can be found at: - * - * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 - * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 - * - * You should have received a copy of both of these licenses along with this - * software. If not, they may be obtained at the above URLs. - */ - -#if !defined(ARGON2_NO_THREADS) - -#include "thread.h" -#if defined(_WIN32) -#include -#endif - -int argon2_thread_create(argon2_thread_handle_t *handle, - argon2_thread_func_t func, void *args) { - if (NULL == handle || func == NULL) { - return -1; - } -#if defined(_WIN32) - *handle = _beginthreadex(NULL, 0, func, args, 0, NULL); - return *handle != 0 ? 0 : -1; -#else - return pthread_create(handle, NULL, func, args); -#endif -} - -int argon2_thread_join(argon2_thread_handle_t handle) { -#if defined(_WIN32) - if (WaitForSingleObject((HANDLE)handle, INFINITE) == WAIT_OBJECT_0) { - return CloseHandle((HANDLE)handle) != 0 ? 0 : -1; - } - return -1; -#else - return pthread_join(handle, NULL); -#endif -} - -void argon2_thread_exit(void) { -#if defined(_WIN32) - _endthreadex(0); -#else - pthread_exit(NULL); -#endif -} - -#endif /* ARGON2_NO_THREADS */ diff --git a/third_party/argon2/thread.h b/third_party/argon2/thread.h deleted file mode 100644 index d4ca10c15..000000000 --- a/third_party/argon2/thread.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Argon2 reference source code package - reference C implementations - * - * Copyright 2015 - * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves - * - * You may use this work under the terms of a Creative Commons CC0 1.0 - * License/Waiver or the Apache Public License 2.0, at your option. The terms of - * these licenses can be found at: - * - * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 - * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 - * - * You should have received a copy of both of these licenses along with this - * software. If not, they may be obtained at the above URLs. - */ - -#ifndef ARGON2_THREAD_H -#define ARGON2_THREAD_H - -#if !defined(ARGON2_NO_THREADS) - -/* - Here we implement an abstraction layer for the simpĺe requirements - of the Argon2 code. We only require 3 primitives---thread creation, - joining, and termination---so full emulation of the pthreads API - is unwarranted. Currently we wrap pthreads and Win32 threads. - - The API defines 2 types: the function pointer type, - argon2_thread_func_t, - and the type of the thread handle---argon2_thread_handle_t. -*/ -#if defined(_WIN32) -#include -typedef unsigned(__stdcall *argon2_thread_func_t)(void *); -typedef uintptr_t argon2_thread_handle_t; -#else -#include -typedef void *(*argon2_thread_func_t)(void *); -typedef pthread_t argon2_thread_handle_t; -#endif - -/* Creates a thread - * @param handle pointer to a thread handle, which is the output of this - * function. Must not be NULL. - * @param func A function pointer for the thread's entry point. Must not be - * NULL. - * @param args Pointer that is passed as an argument to @func. May be NULL. - * @return 0 if @handle and @func are valid pointers and a thread is successfully - * created. - */ -int argon2_thread_create(argon2_thread_handle_t *handle, - argon2_thread_func_t func, void *args); - -/* Waits for a thread to terminate - * @param handle Handle to a thread created with argon2_thread_create. - * @return 0 if @handle is a valid handle, and joining completed successfully. -*/ -int argon2_thread_join(argon2_thread_handle_t handle); - -/* Terminate the current thread. Must be run inside a thread created by - * argon2_thread_create. -*/ -void argon2_thread_exit(void); - -#endif /* ARGON2_NO_THREADS */ -#endif