mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-01-31 11:37:35 +00:00
957c61cbbf
This change upgrades to GCC 12.3 and GNU binutils 2.42. The GNU linker appears to have changed things so that only a single de-duplicated str table is present in the binary, and it gets placed wherever the linker wants, regardless of what the linker script says. To cope with that we need to stop using .ident to embed licenses. As such, this change does significant work to revamp how third party licenses are defined in the codebase, using `.section .notice,"aR",@progbits`. This new GCC 12.3 toolchain has support for GNU indirect functions. It lets us support __target_clones__ for the first time. This is used for optimizing the performance of libc string functions such as strlen and friends so far on x86, by ensuring AVX systems favor a second codepath that uses VEX encoding. It shaves some latency off certain operations. It's a useful feature to have for scientific computing for the reasons explained by the test/libcxx/openmp_test.cc example which compiles for fifteen different microarchitectures. Thanks to the upgrades, it's now also possible to use newer instruction sets, such as AVX512FP16, VNNI. Cosmo now uses the %gs register on x86 by default for TLS. Doing it is helpful for any program that links `cosmo_dlopen()`. Such programs had to recompile their binaries at startup to change the TLS instructions. That's not great, since it means every page in the executable needs to be faulted. The work of rewriting TLS-related x86 opcodes, is moved to fixupobj.com instead. This is great news for MacOS x86 users, since we previously needed to morph the binary every time for that platform but now that's no longer necessary. The only platforms where we need fixup of TLS x86 opcodes at runtime are now Windows, OpenBSD, and NetBSD. On Windows we morph TLS to point deeper into the TIB, based on a TlsAlloc assignment, and on OpenBSD/NetBSD we morph %gs back into %fs since the kernels do not allow us to specify a value for the %gs register. OpenBSD users are now required to use APE Loader to run Cosmo binaries and assimilation is no longer possible. OpenBSD kernel needs to change to allow programs to specify a value for the %gs register, or it needs to stop marking executable pages loaded by the kernel as mimmutable(). This release fixes __constructor__, .ctor, .init_array, and lastly the .preinit_array so they behave the exact same way as glibc. We no longer use hex constants to define math.h symbols like M_PI.
555 lines
20 KiB
C
555 lines
20 KiB
C
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:8;coding:utf-8 -*-│
|
|
│ vi: set et ft=c ts=4 sts=4 sw=4 fenc=utf-8 :vi │
|
|
╚──────────────────────────────────────────────────────────────────────────────╝
|
|
│ │
|
|
│ Argon2 reference source code package - reference C implementations │
|
|
│ │
|
|
│ Copyright 2015 │
|
|
│ Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves │
|
|
│ │
|
|
│ You may use this work under the terms of a Creative Commons CC0 1.0 │
|
|
│ License/Waiver or the Apache Public License 2.0, at your option. The │
|
|
│ terms of these licenses can be found at: │
|
|
│ │
|
|
│ - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 │
|
|
│ - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 │
|
|
│ │
|
|
╚─────────────────────────────────────────────────────────────────────────────*/
|
|
#include "libc/limits.h"
|
|
#include "libc/mem/mem.h"
|
|
#include "libc/str/str.h"
|
|
#include "third_party/argon2/argon2.h"
|
|
#include "third_party/argon2/core.h"
|
|
#include "third_party/argon2/encoding.h"
|
|
|
|
/**
|
|
* Function that gives the string representation of an argon2_type.
|
|
* @param type The argon2_type that we want the string for
|
|
* @param uppercase Whether the string should have the first letter uppercase
|
|
* @return NULL if invalid type, otherwise the string representation.
|
|
*/
|
|
const char *argon2_type2string(argon2_type type, int uppercase) {
|
|
switch (type) {
|
|
case Argon2_d:
|
|
return uppercase ? "Argon2d" : "argon2d";
|
|
case Argon2_i:
|
|
return uppercase ? "Argon2i" : "argon2i";
|
|
case Argon2_id:
|
|
return uppercase ? "Argon2id" : "argon2id";
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
/**
|
|
* Function that performs memory-hard hashing with certain degree of parallelism
|
|
* @param context Pointer to the Argon2 internal structure
|
|
* @return Error code if smth is wrong, ARGON2_OK otherwise
|
|
*/
|
|
int argon2_ctx(argon2_context *context, argon2_type type) {
|
|
/* 1. Validate all inputs */
|
|
int result = validate_inputs(context);
|
|
uint32_t memory_blocks, segment_length;
|
|
argon2_instance_t instance;
|
|
|
|
if (ARGON2_OK != result) {
|
|
return result;
|
|
}
|
|
|
|
if (Argon2_d != type && Argon2_i != type && Argon2_id != type) {
|
|
return ARGON2_INCORRECT_TYPE;
|
|
}
|
|
|
|
/* 2. Align memory size */
|
|
/* Minimum memory_blocks = 8L blocks, where L is the number of lanes */
|
|
memory_blocks = context->m_cost;
|
|
|
|
if (memory_blocks < 2 * ARGON2_SYNC_POINTS * context->lanes) {
|
|
memory_blocks = 2 * ARGON2_SYNC_POINTS * context->lanes;
|
|
}
|
|
|
|
segment_length = memory_blocks / (context->lanes * ARGON2_SYNC_POINTS);
|
|
/* Ensure that all segments have equal length */
|
|
memory_blocks = segment_length * (context->lanes * ARGON2_SYNC_POINTS);
|
|
|
|
instance.version = context->version;
|
|
instance.memory = NULL;
|
|
instance.passes = context->t_cost;
|
|
instance.memory_blocks = memory_blocks;
|
|
instance.segment_length = segment_length;
|
|
instance.lane_length = segment_length * ARGON2_SYNC_POINTS;
|
|
instance.lanes = context->lanes;
|
|
instance.threads = context->threads;
|
|
instance.type = type;
|
|
|
|
if (instance.threads > instance.lanes) {
|
|
instance.threads = instance.lanes;
|
|
}
|
|
|
|
/* 3. Initialization: Hashing inputs, allocating memory, filling first
|
|
* blocks
|
|
*/
|
|
result = initialize(&instance, context);
|
|
|
|
if (ARGON2_OK != result) {
|
|
return result;
|
|
}
|
|
|
|
/* 4. Filling memory */
|
|
result = fill_memory_blocks(&instance);
|
|
|
|
if (ARGON2_OK != result) {
|
|
return result;
|
|
}
|
|
/* 5. Finalization */
|
|
finalize(context, &instance);
|
|
|
|
return ARGON2_OK;
|
|
}
|
|
|
|
int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt, const size_t saltlen,
|
|
void *hash, const size_t hashlen, char *encoded,
|
|
const size_t encodedlen, argon2_type type,
|
|
const uint32_t version){
|
|
|
|
argon2_context context;
|
|
int result;
|
|
uint8_t *out;
|
|
|
|
if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
|
|
return ARGON2_PWD_TOO_LONG;
|
|
}
|
|
|
|
if (saltlen > ARGON2_MAX_SALT_LENGTH) {
|
|
return ARGON2_SALT_TOO_LONG;
|
|
}
|
|
|
|
if (hashlen > ARGON2_MAX_OUTLEN) {
|
|
return ARGON2_OUTPUT_TOO_LONG;
|
|
}
|
|
|
|
if (hashlen < ARGON2_MIN_OUTLEN) {
|
|
return ARGON2_OUTPUT_TOO_SHORT;
|
|
}
|
|
|
|
out = malloc(hashlen);
|
|
if (!out) {
|
|
return ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
}
|
|
|
|
context.out = (uint8_t *)out;
|
|
context.outlen = (uint32_t)hashlen;
|
|
context.pwd = (uint8_t *)(uintptr_t)pwd;
|
|
context.pwdlen = (uint32_t)pwdlen;
|
|
context.salt = (uint8_t *)(uintptr_t)salt;
|
|
context.saltlen = (uint32_t)saltlen;
|
|
context.secret = NULL;
|
|
context.secretlen = 0;
|
|
context.ad = NULL;
|
|
context.adlen = 0;
|
|
context.t_cost = t_cost;
|
|
context.m_cost = m_cost;
|
|
context.lanes = parallelism;
|
|
context.threads = parallelism;
|
|
context.allocate_cbk = NULL;
|
|
context.free_cbk = NULL;
|
|
context.flags = ARGON2_DEFAULT_FLAGS;
|
|
context.version = version;
|
|
|
|
result = argon2_ctx(&context, type);
|
|
|
|
if (result != ARGON2_OK) {
|
|
clear_internal_memory(out, hashlen);
|
|
free(out);
|
|
return result;
|
|
}
|
|
|
|
/* if raw hash requested, write it */
|
|
if (hash) {
|
|
memcpy(hash, out, hashlen);
|
|
}
|
|
|
|
/* if encoding requested, write it */
|
|
if (encoded && encodedlen) {
|
|
if (encode_string(encoded, encodedlen, &context, type) != ARGON2_OK) {
|
|
clear_internal_memory(out, hashlen); /* wipe buffers if error */
|
|
clear_internal_memory(encoded, encodedlen);
|
|
free(out);
|
|
return ARGON2_ENCODING_FAIL;
|
|
}
|
|
}
|
|
clear_internal_memory(out, hashlen);
|
|
free(out);
|
|
|
|
return ARGON2_OK;
|
|
}
|
|
|
|
/**
|
|
* Hashes a password with Argon2i, producing an encoded hash
|
|
* @param t_cost Number of iterations
|
|
* @param m_cost Sets memory usage to m_cost kibibytes
|
|
* @param parallelism Number of threads and compute lanes
|
|
* @param pwd Pointer to password
|
|
* @param pwdlen Password size in bytes
|
|
* @param salt Pointer to salt
|
|
* @param saltlen Salt size in bytes
|
|
* @param hashlen Desired length of the hash in bytes
|
|
* @param encoded Buffer where to write the encoded hash
|
|
* @param encodedlen Size of the buffer (thus max size of the encoded hash)
|
|
* @pre Different parallelism levels will give different results
|
|
* @pre Returns ARGON2_OK if successful
|
|
*/
|
|
int argon2i_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, const size_t hashlen,
|
|
char *encoded, const size_t encodedlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
NULL, hashlen, encoded, encodedlen, Argon2_i,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
/**
|
|
* Hashes a password with Argon2i, producing a raw hash at @hash
|
|
* @param t_cost Number of iterations
|
|
* @param m_cost Sets memory usage to m_cost kibibytes
|
|
* @param parallelism Number of threads and compute lanes
|
|
* @param pwd Pointer to password
|
|
* @param pwdlen Password size in bytes
|
|
* @param salt Pointer to salt
|
|
* @param saltlen Salt size in bytes
|
|
* @param hash Buffer where to write the raw hash - updated by the function
|
|
* @param hashlen Desired length of the hash in bytes
|
|
* @pre Different parallelism levels will give different results
|
|
* @pre Returns ARGON2_OK if successful
|
|
*/
|
|
int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, void *hash, const size_t hashlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
hash, hashlen, NULL, 0, Argon2_i, ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2d_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, const size_t hashlen,
|
|
char *encoded, const size_t encodedlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
NULL, hashlen, encoded, encodedlen, Argon2_d,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, void *hash, const size_t hashlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
hash, hashlen, NULL, 0, Argon2_d, ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2id_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, const size_t hashlen,
|
|
char *encoded, const size_t encodedlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
NULL, hashlen, encoded, encodedlen, Argon2_id,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2id_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, void *hash, const size_t hashlen) {
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
hash, hashlen, NULL, 0, Argon2_id,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
static int argon2_compare(const uint8_t *b1, const uint8_t *b2, size_t len) {
|
|
size_t i;
|
|
uint8_t d = 0U;
|
|
|
|
for (i = 0U; i < len; i++) {
|
|
d |= b1[i] ^ b2[i];
|
|
}
|
|
return (int)((1 & ((d - 1) >> 8)) - 1);
|
|
}
|
|
|
|
int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
|
|
argon2_type type) {
|
|
|
|
argon2_context ctx;
|
|
uint8_t *desired_result = NULL;
|
|
int ret = ARGON2_OK;
|
|
size_t encoded_len;
|
|
uint32_t max_field_len;
|
|
|
|
if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
|
|
return ARGON2_PWD_TOO_LONG;
|
|
}
|
|
|
|
if (encoded == NULL) {
|
|
return ARGON2_DECODING_FAIL;
|
|
}
|
|
|
|
encoded_len = strlen(encoded);
|
|
if (encoded_len > UINT32_MAX) {
|
|
return ARGON2_DECODING_FAIL;
|
|
}
|
|
|
|
/* No field can be longer than the encoded length */
|
|
max_field_len = (uint32_t)encoded_len;
|
|
|
|
ctx.saltlen = max_field_len;
|
|
ctx.outlen = max_field_len;
|
|
|
|
ctx.salt = malloc(ctx.saltlen);
|
|
ctx.out = malloc(ctx.outlen);
|
|
if (!ctx.salt || !ctx.out) {
|
|
ret = ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
goto fail;
|
|
}
|
|
|
|
ctx.pwd = (uint8_t *)pwd;
|
|
ctx.pwdlen = (uint32_t)pwdlen;
|
|
|
|
ret = decode_string(&ctx, encoded, type);
|
|
if (ret != ARGON2_OK) {
|
|
goto fail;
|
|
}
|
|
|
|
/* Set aside the desired result, and get a new buffer. */
|
|
desired_result = ctx.out;
|
|
ctx.out = malloc(ctx.outlen);
|
|
if (!ctx.out) {
|
|
ret = ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
goto fail;
|
|
}
|
|
|
|
ret = argon2_verify_ctx(&ctx, (char *)desired_result, type);
|
|
if (ret != ARGON2_OK) {
|
|
goto fail;
|
|
}
|
|
|
|
fail:
|
|
free(ctx.salt);
|
|
free(ctx.out);
|
|
free(desired_result);
|
|
|
|
return ret;
|
|
}
|
|
|
|
/**
|
|
* Verifies a password against an encoded string
|
|
* Encoded string is restricted as in validate_inputs()
|
|
* @param encoded String encoding parameters, salt, hash
|
|
* @param pwd Pointer to password
|
|
* @pre Returns ARGON2_OK if successful
|
|
*/
|
|
int argon2i_verify(const char *encoded, const void *pwd, const size_t pwdlen) {
|
|
|
|
return argon2_verify(encoded, pwd, pwdlen, Argon2_i);
|
|
}
|
|
|
|
int argon2d_verify(const char *encoded, const void *pwd, const size_t pwdlen) {
|
|
|
|
return argon2_verify(encoded, pwd, pwdlen, Argon2_d);
|
|
}
|
|
|
|
int argon2id_verify(const char *encoded, const void *pwd, const size_t pwdlen) {
|
|
|
|
return argon2_verify(encoded, pwd, pwdlen, Argon2_id);
|
|
}
|
|
|
|
/**
|
|
* Argon2d: Version of Argon2 that picks memory blocks depending
|
|
* on the password and salt. Only for side-channel-free
|
|
* environment!!
|
|
*****
|
|
* @param context Pointer to current Argon2 context
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2d_ctx(argon2_context *context) {
|
|
return argon2_ctx(context, Argon2_d);
|
|
}
|
|
|
|
/**
|
|
* Argon2i: Version of Argon2 that picks memory blocks
|
|
* independent on the password and salt. Good for side-channels,
|
|
* but worse w.r.t. tradeoff attacks if only one pass is used.
|
|
*****
|
|
* @param context Pointer to current Argon2 context
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2i_ctx(argon2_context *context) {
|
|
return argon2_ctx(context, Argon2_i);
|
|
}
|
|
|
|
/**
|
|
* Argon2id: Version of Argon2 where the first half-pass over memory is
|
|
* password-independent, the rest are password-dependent (on the password and
|
|
* salt). OK against side channels (they reduce to 1/2-pass Argon2i), and
|
|
* better with w.r.t. tradeoff attacks (similar to Argon2d).
|
|
*****
|
|
* @param context Pointer to current Argon2 context
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2id_ctx(argon2_context *context) {
|
|
return argon2_ctx(context, Argon2_id);
|
|
}
|
|
|
|
int argon2_verify_ctx(argon2_context *context, const char *hash,
|
|
argon2_type type) {
|
|
int ret = argon2_ctx(context, type);
|
|
if (ret != ARGON2_OK) {
|
|
return ret;
|
|
}
|
|
|
|
if (argon2_compare((uint8_t *)hash, context->out, context->outlen)) {
|
|
return ARGON2_VERIFY_MISMATCH;
|
|
}
|
|
|
|
return ARGON2_OK;
|
|
}
|
|
|
|
/**
|
|
* Verify if a given password is correct for Argon2d hashing
|
|
* @param context Pointer to current Argon2 context
|
|
* @param hash The password hash to verify. The length of the hash is
|
|
* specified by the context outlen member
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2d_verify_ctx(argon2_context *context, const char *hash) {
|
|
return argon2_verify_ctx(context, hash, Argon2_d);
|
|
}
|
|
|
|
/**
|
|
* Verify if a given password is correct for Argon2i hashing
|
|
* @param context Pointer to current Argon2 context
|
|
* @param hash The password hash to verify. The length of the hash is
|
|
* specified by the context outlen member
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2i_verify_ctx(argon2_context *context, const char *hash) {
|
|
return argon2_verify_ctx(context, hash, Argon2_i);
|
|
}
|
|
|
|
/**
|
|
* Verify if a given password is correct for Argon2id hashing
|
|
* @param context Pointer to current Argon2 context
|
|
* @param hash The password hash to verify. The length of the hash is
|
|
* specified by the context outlen member
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2id_verify_ctx(argon2_context *context, const char *hash) {
|
|
return argon2_verify_ctx(context, hash, Argon2_id);
|
|
}
|
|
|
|
/**
|
|
* Get the associated error message for given error code
|
|
* @return The error message associated with the given error code
|
|
*/
|
|
const char *argon2_error_message(int error_code) {
|
|
switch (error_code) {
|
|
case ARGON2_OK:
|
|
return "OK";
|
|
case ARGON2_OUTPUT_PTR_NULL:
|
|
return "Output pointer is NULL";
|
|
case ARGON2_OUTPUT_TOO_SHORT:
|
|
return "Output is too short";
|
|
case ARGON2_OUTPUT_TOO_LONG:
|
|
return "Output is too long";
|
|
case ARGON2_PWD_TOO_SHORT:
|
|
return "Password is too short";
|
|
case ARGON2_PWD_TOO_LONG:
|
|
return "Password is too long";
|
|
case ARGON2_SALT_TOO_SHORT:
|
|
return "Salt is too short";
|
|
case ARGON2_SALT_TOO_LONG:
|
|
return "Salt is too long";
|
|
case ARGON2_AD_TOO_SHORT:
|
|
return "Associated data is too short";
|
|
case ARGON2_AD_TOO_LONG:
|
|
return "Associated data is too long";
|
|
case ARGON2_SECRET_TOO_SHORT:
|
|
return "Secret is too short";
|
|
case ARGON2_SECRET_TOO_LONG:
|
|
return "Secret is too long";
|
|
case ARGON2_TIME_TOO_SMALL:
|
|
return "Time cost is too small";
|
|
case ARGON2_TIME_TOO_LARGE:
|
|
return "Time cost is too large";
|
|
case ARGON2_MEMORY_TOO_LITTLE:
|
|
return "Memory cost is too small";
|
|
case ARGON2_MEMORY_TOO_MUCH:
|
|
return "Memory cost is too large";
|
|
case ARGON2_LANES_TOO_FEW:
|
|
return "Too few lanes";
|
|
case ARGON2_LANES_TOO_MANY:
|
|
return "Too many lanes";
|
|
case ARGON2_PWD_PTR_MISMATCH:
|
|
return "Password pointer is NULL, but password length is not 0";
|
|
case ARGON2_SALT_PTR_MISMATCH:
|
|
return "Salt pointer is NULL, but salt length is not 0";
|
|
case ARGON2_SECRET_PTR_MISMATCH:
|
|
return "Secret pointer is NULL, but secret length is not 0";
|
|
case ARGON2_AD_PTR_MISMATCH:
|
|
return "Associated data pointer is NULL, but ad length is not 0";
|
|
case ARGON2_MEMORY_ALLOCATION_ERROR:
|
|
return "Memory allocation error";
|
|
case ARGON2_FREE_MEMORY_CBK_NULL:
|
|
return "The free memory callback is NULL";
|
|
case ARGON2_ALLOCATE_MEMORY_CBK_NULL:
|
|
return "The allocate memory callback is NULL";
|
|
case ARGON2_INCORRECT_PARAMETER:
|
|
return "Argon2_Context context is NULL";
|
|
case ARGON2_INCORRECT_TYPE:
|
|
return "There is no such version of Argon2";
|
|
case ARGON2_OUT_PTR_MISMATCH:
|
|
return "Output pointer mismatch";
|
|
case ARGON2_THREADS_TOO_FEW:
|
|
return "Not enough threads";
|
|
case ARGON2_THREADS_TOO_MANY:
|
|
return "Too many threads";
|
|
case ARGON2_MISSING_ARGS:
|
|
return "Missing arguments";
|
|
case ARGON2_ENCODING_FAIL:
|
|
return "Encoding failed";
|
|
case ARGON2_DECODING_FAIL:
|
|
return "Decoding failed";
|
|
case ARGON2_THREAD_FAIL:
|
|
return "Threading failure";
|
|
case ARGON2_DECODING_LENGTH_FAIL:
|
|
return "Some of encoded parameters are too long or too short";
|
|
case ARGON2_VERIFY_MISMATCH:
|
|
return "The password does not match the supplied hash";
|
|
default:
|
|
return "Unknown error code";
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Returns the encoded hash length for the given input parameters
|
|
* @param t_cost Number of iterations
|
|
* @param m_cost Memory usage in kibibytes
|
|
* @param parallelism Number of threads; used to compute lanes
|
|
* @param saltlen Salt size in bytes
|
|
* @param hashlen Hash size in bytes
|
|
* @param type The argon2_type that we want the encoded length for
|
|
* @return The encoded hash length in bytes
|
|
*/
|
|
size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, uint32_t parallelism,
|
|
uint32_t saltlen, uint32_t hashlen, argon2_type type) {
|
|
return strlen("$$v=$m=,t=,p=$$") + strlen(argon2_type2string(type, 0)) +
|
|
numlen(t_cost) + numlen(m_cost) + numlen(parallelism) +
|
|
b64len(saltlen) + b64len(hashlen) + numlen(ARGON2_VERSION_NUMBER) + 1;
|
|
}
|