/work/workdir/UnpackedTarball/argon2/src/argon2.c

Source (jump to first uncovered line)
/*
 * Argon2 reference source code package - reference C implementations
 *
 * Copyright 2015
 * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
 *
 * You may use this work under the terms of a Creative Commons CC0 1.0
 * License/Waiver or the Apache Public License 2.0, at your option. The terms of
 * these licenses can be found at:
 *
 * - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
 * - Apache 2.0        : http://www.apache.org/licenses/LICENSE-2.0
 *
 * You should have received a copy of both of these licenses along with this
 * software. If not, they may be obtained at the above URLs.
 */

#include <string.h>
#include <stdlib.h>
#include <stdio.h>

#include "argon2.h"
#include "encoding.h"
#include "core.h"

const char *argon2_type2string(argon2_type type, int uppercase) {
    switch (type) {
        case Argon2_d:
            return uppercase ? "Argon2d" : "argon2d";
        case Argon2_i:
            return uppercase ? "Argon2i" : "argon2i";
        case Argon2_id:
            return uppercase ? "Argon2id" : "argon2id";
    }

    return NULL;
}

int argon2_ctx(argon2_context *context, argon2_type type) {
    /* 1. Validate all inputs */
    int result = validate_inputs(context);
    uint32_t memory_blocks, segment_length;
    argon2_instance_t instance;

    if (ARGON2_OK != result) {
        return result;
    }

    if (Argon2_d != type && Argon2_i != type && Argon2_id != type) {
        return ARGON2_INCORRECT_TYPE;
    }

    /* 2. Align memory size */
    /* Minimum memory_blocks = 8L blocks, where L is the number of lanes */
    memory_blocks = context->m_cost;

    if (memory_blocks < 2 * ARGON2_SYNC_POINTS * context->lanes) {
        memory_blocks = 2 * ARGON2_SYNC_POINTS * context->lanes;
    }

    segment_length = memory_blocks / (context->lanes * ARGON2_SYNC_POINTS);
    /* Ensure that all segments have equal length */
    memory_blocks = segment_length * (context->lanes * ARGON2_SYNC_POINTS);

    instance.version = context->version;
    instance.memory = NULL;
    instance.passes = context->t_cost;
    instance.memory_blocks = memory_blocks;
    instance.segment_length = segment_length;
    instance.lane_length = segment_length * ARGON2_SYNC_POINTS;
    instance.lanes = context->lanes;
    instance.threads = context->threads;
    instance.type = type;

    if (instance.threads > instance.lanes) {
        instance.threads = instance.lanes;
    }

    /* 3. Initialization: Hashing inputs, allocating memory, filling first
     * blocks
     */
    result = initialize(&instance, context);

    if (ARGON2_OK != result) {
        return result;
    }

    /* 4. Filling memory */
    result = fill_memory_blocks(&instance);

    if (ARGON2_OK != result) {
        return result;
    }
    /* 5. Finalization */
    finalize(context, &instance);

    return ARGON2_OK;
}

int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
                const uint32_t parallelism, const void *pwd,
                const size_t pwdlen, const void *salt, const size_t saltlen,
                void *hash, const size_t hashlen, char *encoded,
                const size_t encodedlen, argon2_type type,
                const uint32_t version){

    argon2_context context;
    int result;
    uint8_t *out;

    if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
        return ARGON2_PWD_TOO_LONG;
    }

    if (saltlen > ARGON2_MAX_SALT_LENGTH) {
        return ARGON2_SALT_TOO_LONG;
    }

    if (hashlen > ARGON2_MAX_OUTLEN) {
        return ARGON2_OUTPUT_TOO_LONG;
    }

    if (hashlen < ARGON2_MIN_OUTLEN) {
        return ARGON2_OUTPUT_TOO_SHORT;
    }

    out = malloc(hashlen);
    if (!out) {
        return ARGON2_MEMORY_ALLOCATION_ERROR;
    }

    context.out = (uint8_t *)out;
    context.outlen = (uint32_t)hashlen;
    context.pwd = CONST_CAST(uint8_t *)pwd;
    context.pwdlen = (uint32_t)pwdlen;
    context.salt = CONST_CAST(uint8_t *)salt;
    context.saltlen = (uint32_t)saltlen;
    context.secret = NULL;
    context.secretlen = 0;
    context.ad = NULL;
    context.adlen = 0;
    context.t_cost = t_cost;
    context.m_cost = m_cost;
    context.lanes = parallelism;
    context.threads = parallelism;
    context.allocate_cbk = NULL;
    context.free_cbk = NULL;
    context.flags = ARGON2_DEFAULT_FLAGS;
    context.version = version;

    result = argon2_ctx(&context, type);

    if (result != ARGON2_OK) {
        clear_internal_memory(out, hashlen);
        free(out);
        return result;
    }

    /* if raw hash requested, write it */
    if (hash) {
        memcpy(hash, out, hashlen);
    }

    /* if encoding requested, write it */
    if (encoded && encodedlen) {
        if (encode_string(encoded, encodedlen, &context, type) != ARGON2_OK) {
            clear_internal_memory(out, hashlen); /* wipe buffers if error */
            clear_internal_memory(encoded, encodedlen);
            free(out);
            return ARGON2_ENCODING_FAIL;
        }
    }
    clear_internal_memory(out, hashlen);
    free(out);

    return ARGON2_OK;
}

int argon2i_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
                         const uint32_t parallelism, const void *pwd,
                         const size_t pwdlen, const void *salt,
                         const size_t saltlen, const size_t hashlen,
                         char *encoded, const size_t encodedlen) {

    return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
                       NULL, hashlen, encoded, encodedlen, Argon2_i,
                       ARGON2_VERSION_NUMBER);
}

int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
                     const uint32_t parallelism, const void *pwd,
                     const size_t pwdlen, const void *salt,
                     const size_t saltlen, void *hash, const size_t hashlen) {

    return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
                       hash, hashlen, NULL, 0, Argon2_i, ARGON2_VERSION_NUMBER);
}

int argon2d_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
                         const uint32_t parallelism, const void *pwd,
                         const size_t pwdlen, const void *salt,
                         const size_t saltlen, const size_t hashlen,
                         char *encoded, const size_t encodedlen) {

    return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
                       NULL, hashlen, encoded, encodedlen, Argon2_d,
                       ARGON2_VERSION_NUMBER);
}

int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
                     const uint32_t parallelism, const void *pwd,
                     const size_t pwdlen, const void *salt,
                     const size_t saltlen, void *hash, const size_t hashlen) {

    return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
                       hash, hashlen, NULL, 0, Argon2_d, ARGON2_VERSION_NUMBER);
}

int argon2id_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
                          const uint32_t parallelism, const void *pwd,
                          const size_t pwdlen, const void *salt,
                          const size_t saltlen, const size_t hashlen,
                          char *encoded, const size_t encodedlen) {

    return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
                       NULL, hashlen, encoded, encodedlen, Argon2_id,
                       ARGON2_VERSION_NUMBER);
}

int argon2id_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
                      const uint32_t parallelism, const void *pwd,
                      const size_t pwdlen, const void *salt,
                      const size_t saltlen, void *hash, const size_t hashlen) {
    return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
                       hash, hashlen, NULL, 0, Argon2_id,
                       ARGON2_VERSION_NUMBER);
}

static int argon2_compare(const uint8_t *b1, const uint8_t *b2, size_t len) {
    size_t i;
    uint8_t d = 0U;

    for (i = 0U; i < len; i++) {
        d |= b1[i] ^ b2[i];
    }
    return (int)((1 & ((d - 1) >> 8)) - 1);
}

int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
                  argon2_type type) {

    argon2_context ctx;
    uint8_t *desired_result = NULL;

    int ret = ARGON2_OK;

    size_t encoded_len;
    uint32_t max_field_len;

    if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
        return ARGON2_PWD_TOO_LONG;
    }

    if (encoded == NULL) {
        return ARGON2_DECODING_FAIL;
    }

    encoded_len = strlen(encoded);
    if (encoded_len > UINT32_MAX) {
        return ARGON2_DECODING_FAIL;
    }

    /* No field can be longer than the encoded length */
    max_field_len = (uint32_t)encoded_len;

    ctx.saltlen = max_field_len;
    ctx.outlen = max_field_len;

    ctx.salt = malloc(ctx.saltlen);
    ctx.out = malloc(ctx.outlen);
    if (!ctx.salt || !ctx.out) {
        ret = ARGON2_MEMORY_ALLOCATION_ERROR;
        goto fail;
    }

    ctx.pwd = (uint8_t *)pwd;
    ctx.pwdlen = (uint32_t)pwdlen;

    ret = decode_string(&ctx, encoded, type);
    if (ret != ARGON2_OK) {
        goto fail;
    }

    /* Set aside the desired result, and get a new buffer. */
    desired_result = ctx.out;
    ctx.out = malloc(ctx.outlen);
    if (!ctx.out) {
        ret = ARGON2_MEMORY_ALLOCATION_ERROR;
        goto fail;
    }

    ret = argon2_verify_ctx(&ctx, (char *)desired_result, type);
    if (ret != ARGON2_OK) {
        goto fail;
    }

fail:
    free(ctx.salt);
    free(ctx.out);
    free(desired_result);

    return ret;
}

int argon2i_verify(const char *encoded, const void *pwd, const size_t pwdlen) {

    return argon2_verify(encoded, pwd, pwdlen, Argon2_i);
}

int argon2d_verify(const char *encoded, const void *pwd, const size_t pwdlen) {

    return argon2_verify(encoded, pwd, pwdlen, Argon2_d);
}

int argon2id_verify(const char *encoded, const void *pwd, const size_t pwdlen) {

    return argon2_verify(encoded, pwd, pwdlen, Argon2_id);
}

int argon2d_ctx(argon2_context *context) {
    return argon2_ctx(context, Argon2_d);
}

int argon2i_ctx(argon2_context *context) {
    return argon2_ctx(context, Argon2_i);
}

int argon2id_ctx(argon2_context *context) {
    return argon2_ctx(context, Argon2_id);
}

int argon2_verify_ctx(argon2_context *context, const char *hash,
                      argon2_type type) {
    int ret = argon2_ctx(context, type);
    if (ret != ARGON2_OK) {
        return ret;
    }

    if (argon2_compare((uint8_t *)hash, context->out, context->outlen)) {
        return ARGON2_VERIFY_MISMATCH;
    }

    return ARGON2_OK;
}

int argon2d_verify_ctx(argon2_context *context, const char *hash) {
    return argon2_verify_ctx(context, hash, Argon2_d);
}

int argon2i_verify_ctx(argon2_context *context, const char *hash) {
    return argon2_verify_ctx(context, hash, Argon2_i);
}

int argon2id_verify_ctx(argon2_context *context, const char *hash) {
    return argon2_verify_ctx(context, hash, Argon2_id);
}

const char *argon2_error_message(int error_code) {
    switch (error_code) {
    case ARGON2_OK:
        return "OK";
    case ARGON2_OUTPUT_PTR_NULL:
        return "Output pointer is NULL";
    case ARGON2_OUTPUT_TOO_SHORT:
        return "Output is too short";
    case ARGON2_OUTPUT_TOO_LONG:
        return "Output is too long";
    case ARGON2_PWD_TOO_SHORT:
        return "Password is too short";
    case ARGON2_PWD_TOO_LONG:
        return "Password is too long";
    case ARGON2_SALT_TOO_SHORT:
        return "Salt is too short";
    case ARGON2_SALT_TOO_LONG:
        return "Salt is too long";
    case ARGON2_AD_TOO_SHORT:
        return "Associated data is too short";
    case ARGON2_AD_TOO_LONG:
        return "Associated data is too long";
    case ARGON2_SECRET_TOO_SHORT:
        return "Secret is too short";
    case ARGON2_SECRET_TOO_LONG:
        return "Secret is too long";
    case ARGON2_TIME_TOO_SMALL:
        return "Time cost is too small";
    case ARGON2_TIME_TOO_LARGE:
        return "Time cost is too large";
    case ARGON2_MEMORY_TOO_LITTLE:
        return "Memory cost is too small";
    case ARGON2_MEMORY_TOO_MUCH:
        return "Memory cost is too large";
    case ARGON2_LANES_TOO_FEW:
        return "Too few lanes";
    case ARGON2_LANES_TOO_MANY:
        return "Too many lanes";
    case ARGON2_PWD_PTR_MISMATCH:
        return "Password pointer is NULL, but password length is not 0";
    case ARGON2_SALT_PTR_MISMATCH:
        return "Salt pointer is NULL, but salt length is not 0";
    case ARGON2_SECRET_PTR_MISMATCH:
        return "Secret pointer is NULL, but secret length is not 0";
    case ARGON2_AD_PTR_MISMATCH:
        return "Associated data pointer is NULL, but ad length is not 0";
    case ARGON2_MEMORY_ALLOCATION_ERROR:
        return "Memory allocation error";
    case ARGON2_FREE_MEMORY_CBK_NULL:
        return "The free memory callback is NULL";
    case ARGON2_ALLOCATE_MEMORY_CBK_NULL:
        return "The allocate memory callback is NULL";
    case ARGON2_INCORRECT_PARAMETER:
        return "Argon2_Context context is NULL";
    case ARGON2_INCORRECT_TYPE:
        return "There is no such version of Argon2";
    case ARGON2_OUT_PTR_MISMATCH:
        return "Output pointer mismatch";
    case ARGON2_THREADS_TOO_FEW:
        return "Not enough threads";
    case ARGON2_THREADS_TOO_MANY:
        return "Too many threads";
    case ARGON2_MISSING_ARGS:
        return "Missing arguments";
    case ARGON2_ENCODING_FAIL:
        return "Encoding failed";
    case ARGON2_DECODING_FAIL:
        return "Decoding failed";
    case ARGON2_THREAD_FAIL:
        return "Threading failure";
    case ARGON2_DECODING_LENGTH_FAIL:
        return "Some of encoded parameters are too long or too short";
    case ARGON2_VERIFY_MISMATCH:
        return "The password does not match the supplied hash";
    default:
        return "Unknown error code";
    }
}

size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, uint32_t parallelism,
                         uint32_t saltlen, uint32_t hashlen, argon2_type type) {
  return strlen("$$v=$m=,t=,p=$$") + strlen(argon2_type2string(type, 0)) +
         numlen(t_cost) + numlen(m_cost) + numlen(parallelism) +
         b64len(saltlen) + b64len(hashlen) + numlen(ARGON2_VERSION_NUMBER) + 1;
}

Coverage Report

Created: 2025-07-07 10:01

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Argon2 reference source code package - reference C implementations
3		*
4		* Copyright 2015
5		* Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
6		*
7		* You may use this work under the terms of a Creative Commons CC0 1.0
8		* License/Waiver or the Apache Public License 2.0, at your option. The terms of
9		* these licenses can be found at:
10		*
11		* - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
12		* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
13		*
14		* You should have received a copy of both of these licenses along with this
15		* software. If not, they may be obtained at the above URLs.
16		*/
17
18		#include <string.h>
19		#include <stdlib.h>
20		#include <stdio.h>
21
22		#include "argon2.h"
23		#include "encoding.h"
24		#include "core.h"
25
26	0	const char *argon2_type2string(argon2_type type, int uppercase) {
27	0	switch (type) {
28	0	case Argon2_d:
29	0	return uppercase ? "Argon2d" : "argon2d";
30	0	case Argon2_i:
31	0	return uppercase ? "Argon2i" : "argon2i";
32	0	case Argon2_id:
33	0	return uppercase ? "Argon2id" : "argon2id";
34	0	}
35
36	0	return NULL;
37	0	}
38
39	0	int argon2_ctx(argon2_context *context, argon2_type type) {
40		/* 1. Validate all inputs */
41	0	int result = validate_inputs(context);
42	0	uint32_t memory_blocks, segment_length;
43	0	argon2_instance_t instance;
44
45	0	if (ARGON2_OK != result) {
46	0	return result;
47	0	}
48
49	0	if (Argon2_d != type && Argon2_i != type && Argon2_id != type) {
50	0	return ARGON2_INCORRECT_TYPE;
51	0	}
52
53		/* 2. Align memory size */
54		/* Minimum memory_blocks = 8L blocks, where L is the number of lanes */
55	0	memory_blocks = context->m_cost;
56
57	0	if (memory_blocks < 2 * ARGON2_SYNC_POINTS * context->lanes) {
58	0	memory_blocks = 2 * ARGON2_SYNC_POINTS * context->lanes;
59	0	}
60
61	0	segment_length = memory_blocks / (context->lanes * ARGON2_SYNC_POINTS);
62		/* Ensure that all segments have equal length */
63	0	memory_blocks = segment_length * (context->lanes * ARGON2_SYNC_POINTS);
64
65	0	instance.version = context->version;
66	0	instance.memory = NULL;
67	0	instance.passes = context->t_cost;
68	0	instance.memory_blocks = memory_blocks;
69	0	instance.segment_length = segment_length;
70	0	instance.lane_length = segment_length * ARGON2_SYNC_POINTS;
71	0	instance.lanes = context->lanes;
72	0	instance.threads = context->threads;
73	0	instance.type = type;
74
75	0	if (instance.threads > instance.lanes) {
76	0	instance.threads = instance.lanes;
77	0	}
78
79		/* 3. Initialization: Hashing inputs, allocating memory, filling first
80		* blocks
81		*/
82	0	result = initialize(&instance, context);
83
84	0	if (ARGON2_OK != result) {
85	0	return result;
86	0	}
87
88		/* 4. Filling memory */
89	0	result = fill_memory_blocks(&instance);
90
91	0	if (ARGON2_OK != result) {
92	0	return result;
93	0	}
94		/* 5. Finalization */
95	0	finalize(context, &instance);
96
97	0	return ARGON2_OK;
98	0	}
99
100		int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
101		const uint32_t parallelism, const void *pwd,
102		const size_t pwdlen, const void *salt, const size_t saltlen,
103		void hash, const size_t hashlen, char encoded,
104		const size_t encodedlen, argon2_type type,
105	0	const uint32_t version){
106
107	0	argon2_context context;
108	0	int result;
109	0	uint8_t *out;
110
111	0	if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
112	0	return ARGON2_PWD_TOO_LONG;
113	0	}
114
115	0	if (saltlen > ARGON2_MAX_SALT_LENGTH) {
116	0	return ARGON2_SALT_TOO_LONG;
117	0	}
118
119	0	if (hashlen > ARGON2_MAX_OUTLEN) {
120	0	return ARGON2_OUTPUT_TOO_LONG;
121	0	}
122
123	0	if (hashlen < ARGON2_MIN_OUTLEN) {
124	0	return ARGON2_OUTPUT_TOO_SHORT;
125	0	}
126
127	0	out = malloc(hashlen);
128	0	if (!out) {
129	0	return ARGON2_MEMORY_ALLOCATION_ERROR;
130	0	}
131
132	0	context.out = (uint8_t *)out;
133	0	context.outlen = (uint32_t)hashlen;
134	0	context.pwd = CONST_CAST(uint8_t *)pwd;
135	0	context.pwdlen = (uint32_t)pwdlen;
136	0	context.salt = CONST_CAST(uint8_t *)salt;
137	0	context.saltlen = (uint32_t)saltlen;
138	0	context.secret = NULL;
139	0	context.secretlen = 0;
140	0	context.ad = NULL;
141	0	context.adlen = 0;
142	0	context.t_cost = t_cost;
143	0	context.m_cost = m_cost;
144	0	context.lanes = parallelism;
145	0	context.threads = parallelism;
146	0	context.allocate_cbk = NULL;
147	0	context.free_cbk = NULL;
148	0	context.flags = ARGON2_DEFAULT_FLAGS;
149	0	context.version = version;
150
151	0	result = argon2_ctx(&context, type);
152
153	0	if (result != ARGON2_OK) {
154	0	clear_internal_memory(out, hashlen);
155	0	free(out);
156	0	return result;
157	0	}
158
159		/* if raw hash requested, write it */
160	0	if (hash) {
161	0	memcpy(hash, out, hashlen);
162	0	}
163
164		/* if encoding requested, write it */
165	0	if (encoded && encodedlen) {
166	0	if (encode_string(encoded, encodedlen, &context, type) != ARGON2_OK) {
167	0	clear_internal_memory(out, hashlen); /* wipe buffers if error */
168	0	clear_internal_memory(encoded, encodedlen);
169	0	free(out);
170	0	return ARGON2_ENCODING_FAIL;
171	0	}
172	0	}
173	0	clear_internal_memory(out, hashlen);
174	0	free(out);
175
176	0	return ARGON2_OK;
177	0	}
178
179		int argon2i_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
180		const uint32_t parallelism, const void *pwd,
181		const size_t pwdlen, const void *salt,
182		const size_t saltlen, const size_t hashlen,
183	0	char *encoded, const size_t encodedlen) {
184
185	0	return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
186	0	NULL, hashlen, encoded, encodedlen, Argon2_i,
187	0	ARGON2_VERSION_NUMBER);
188	0	}
189
190		int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
191		const uint32_t parallelism, const void *pwd,
192		const size_t pwdlen, const void *salt,
193	0	const size_t saltlen, void *hash, const size_t hashlen) {
194
195	0	return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
196	0	hash, hashlen, NULL, 0, Argon2_i, ARGON2_VERSION_NUMBER);
197	0	}
198
199		int argon2d_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
200		const uint32_t parallelism, const void *pwd,
201		const size_t pwdlen, const void *salt,
202		const size_t saltlen, const size_t hashlen,
203	0	char *encoded, const size_t encodedlen) {
204
205	0	return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
206	0	NULL, hashlen, encoded, encodedlen, Argon2_d,
207	0	ARGON2_VERSION_NUMBER);
208	0	}
209
210		int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
211		const uint32_t parallelism, const void *pwd,
212		const size_t pwdlen, const void *salt,
213	0	const size_t saltlen, void *hash, const size_t hashlen) {
214
215	0	return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
216	0	hash, hashlen, NULL, 0, Argon2_d, ARGON2_VERSION_NUMBER);
217	0	}
218
219		int argon2id_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
220		const uint32_t parallelism, const void *pwd,
221		const size_t pwdlen, const void *salt,
222		const size_t saltlen, const size_t hashlen,
223	0	char *encoded, const size_t encodedlen) {
224
225	0	return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
226	0	NULL, hashlen, encoded, encodedlen, Argon2_id,
227	0	ARGON2_VERSION_NUMBER);
228	0	}
229
230		int argon2id_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
231		const uint32_t parallelism, const void *pwd,
232		const size_t pwdlen, const void *salt,
233	0	const size_t saltlen, void *hash, const size_t hashlen) {
234	0	return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
235	0	hash, hashlen, NULL, 0, Argon2_id,
236	0	ARGON2_VERSION_NUMBER);
237	0	}
238
239	0	static int argon2_compare(const uint8_t b1, const uint8_t b2, size_t len) {
240	0	size_t i;
241	0	uint8_t d = 0U;
242
243	0	for (i = 0U; i < len; i++) {
244	0	d \|= b1[i] ^ b2[i];
245	0	}
246	0	return (int)((1 & ((d - 1) >> 8)) - 1);
247	0	}
248
249		int argon2_verify(const char encoded, const void pwd, const size_t pwdlen,
250	0	argon2_type type) {
251
252	0	argon2_context ctx;
253	0	uint8_t *desired_result = NULL;
254
255	0	int ret = ARGON2_OK;
256
257	0	size_t encoded_len;
258	0	uint32_t max_field_len;
259
260	0	if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
261	0	return ARGON2_PWD_TOO_LONG;
262	0	}
263
264	0	if (encoded == NULL) {
265	0	return ARGON2_DECODING_FAIL;
266	0	}
267
268	0	encoded_len = strlen(encoded);
269	0	if (encoded_len > UINT32_MAX) {
270	0	return ARGON2_DECODING_FAIL;
271	0	}
272
273		/* No field can be longer than the encoded length */
274	0	max_field_len = (uint32_t)encoded_len;
275
276	0	ctx.saltlen = max_field_len;
277	0	ctx.outlen = max_field_len;
278
279	0	ctx.salt = malloc(ctx.saltlen);
280	0	ctx.out = malloc(ctx.outlen);
281	0	if (!ctx.salt \|\| !ctx.out) {
282	0	ret = ARGON2_MEMORY_ALLOCATION_ERROR;
283	0	goto fail;
284	0	}
285
286	0	ctx.pwd = (uint8_t *)pwd;
287	0	ctx.pwdlen = (uint32_t)pwdlen;
288
289	0	ret = decode_string(&ctx, encoded, type);
290	0	if (ret != ARGON2_OK) {
291	0	goto fail;
292	0	}
293
294		/* Set aside the desired result, and get a new buffer. */
295	0	desired_result = ctx.out;
296	0	ctx.out = malloc(ctx.outlen);
297	0	if (!ctx.out) {
298	0	ret = ARGON2_MEMORY_ALLOCATION_ERROR;
299	0	goto fail;
300	0	}
301
302	0	ret = argon2_verify_ctx(&ctx, (char *)desired_result, type);
303	0	if (ret != ARGON2_OK) {
304	0	goto fail;
305	0	}
306
307	0	fail:
308	0	free(ctx.salt);
309	0	free(ctx.out);
310	0	free(desired_result);
311
312	0	return ret;
313	0	}
314
315	0	int argon2i_verify(const char encoded, const void pwd, const size_t pwdlen) {
316
317	0	return argon2_verify(encoded, pwd, pwdlen, Argon2_i);
318	0	}
319
320	0	int argon2d_verify(const char encoded, const void pwd, const size_t pwdlen) {
321
322	0	return argon2_verify(encoded, pwd, pwdlen, Argon2_d);
323	0	}
324
325	0	int argon2id_verify(const char encoded, const void pwd, const size_t pwdlen) {
326
327	0	return argon2_verify(encoded, pwd, pwdlen, Argon2_id);
328	0	}
329
330	0	int argon2d_ctx(argon2_context *context) {
331	0	return argon2_ctx(context, Argon2_d);
332	0	}
333
334	0	int argon2i_ctx(argon2_context *context) {
335	0	return argon2_ctx(context, Argon2_i);
336	0	}
337
338	0	int argon2id_ctx(argon2_context *context) {
339	0	return argon2_ctx(context, Argon2_id);
340	0	}
341
342		int argon2_verify_ctx(argon2_context context, const char hash,
343	0	argon2_type type) {
344	0	int ret = argon2_ctx(context, type);
345	0	if (ret != ARGON2_OK) {
346	0	return ret;
347	0	}
348
349	0	if (argon2_compare((uint8_t *)hash, context->out, context->outlen)) {
350	0	return ARGON2_VERIFY_MISMATCH;
351	0	}
352
353	0	return ARGON2_OK;
354	0	}
355
356	0	int argon2d_verify_ctx(argon2_context context, const char hash) {
357	0	return argon2_verify_ctx(context, hash, Argon2_d);
358	0	}
359
360	0	int argon2i_verify_ctx(argon2_context context, const char hash) {
361	0	return argon2_verify_ctx(context, hash, Argon2_i);
362	0	}
363
364	0	int argon2id_verify_ctx(argon2_context context, const char hash) {
365	0	return argon2_verify_ctx(context, hash, Argon2_id);
366	0	}
367
368	0	const char *argon2_error_message(int error_code) {
369	0	switch (error_code) {
370	0	case ARGON2_OK:
371	0	return "OK";
372	0	case ARGON2_OUTPUT_PTR_NULL:
373	0	return "Output pointer is NULL";
374	0	case ARGON2_OUTPUT_TOO_SHORT:
375	0	return "Output is too short";
376	0	case ARGON2_OUTPUT_TOO_LONG:
377	0	return "Output is too long";
378	0	case ARGON2_PWD_TOO_SHORT:
379	0	return "Password is too short";
380	0	case ARGON2_PWD_TOO_LONG:
381	0	return "Password is too long";
382	0	case ARGON2_SALT_TOO_SHORT:
383	0	return "Salt is too short";
384	0	case ARGON2_SALT_TOO_LONG:
385	0	return "Salt is too long";
386	0	case ARGON2_AD_TOO_SHORT:
387	0	return "Associated data is too short";
388	0	case ARGON2_AD_TOO_LONG:
389	0	return "Associated data is too long";
390	0	case ARGON2_SECRET_TOO_SHORT:
391	0	return "Secret is too short";
392	0	case ARGON2_SECRET_TOO_LONG:
393	0	return "Secret is too long";
394	0	case ARGON2_TIME_TOO_SMALL:
395	0	return "Time cost is too small";
396	0	case ARGON2_TIME_TOO_LARGE:
397	0	return "Time cost is too large";
398	0	case ARGON2_MEMORY_TOO_LITTLE:
399	0	return "Memory cost is too small";
400	0	case ARGON2_MEMORY_TOO_MUCH:
401	0	return "Memory cost is too large";
402	0	case ARGON2_LANES_TOO_FEW:
403	0	return "Too few lanes";
404	0	case ARGON2_LANES_TOO_MANY:
405	0	return "Too many lanes";
406	0	case ARGON2_PWD_PTR_MISMATCH:
407	0	return "Password pointer is NULL, but password length is not 0";
408	0	case ARGON2_SALT_PTR_MISMATCH:
409	0	return "Salt pointer is NULL, but salt length is not 0";
410	0	case ARGON2_SECRET_PTR_MISMATCH:
411	0	return "Secret pointer is NULL, but secret length is not 0";
412	0	case ARGON2_AD_PTR_MISMATCH:
413	0	return "Associated data pointer is NULL, but ad length is not 0";
414	0	case ARGON2_MEMORY_ALLOCATION_ERROR:
415	0	return "Memory allocation error";
416	0	case ARGON2_FREE_MEMORY_CBK_NULL:
417	0	return "The free memory callback is NULL";
418	0	case ARGON2_ALLOCATE_MEMORY_CBK_NULL:
419	0	return "The allocate memory callback is NULL";
420	0	case ARGON2_INCORRECT_PARAMETER:
421	0	return "Argon2_Context context is NULL";
422	0	case ARGON2_INCORRECT_TYPE:
423	0	return "There is no such version of Argon2";
424	0	case ARGON2_OUT_PTR_MISMATCH:
425	0	return "Output pointer mismatch";
426	0	case ARGON2_THREADS_TOO_FEW:
427	0	return "Not enough threads";
428	0	case ARGON2_THREADS_TOO_MANY:
429	0	return "Too many threads";
430	0	case ARGON2_MISSING_ARGS:
431	0	return "Missing arguments";
432	0	case ARGON2_ENCODING_FAIL:
433	0	return "Encoding failed";
434	0	case ARGON2_DECODING_FAIL:
435	0	return "Decoding failed";
436	0	case ARGON2_THREAD_FAIL:
437	0	return "Threading failure";
438	0	case ARGON2_DECODING_LENGTH_FAIL:
439	0	return "Some of encoded parameters are too long or too short";
440	0	case ARGON2_VERIFY_MISMATCH:
441	0	return "The password does not match the supplied hash";
442	0	default:
443	0	return "Unknown error code";
444	0	}
445	0	}
446
447		size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, uint32_t parallelism,
448	0	uint32_t saltlen, uint32_t hashlen, argon2_type type) {
449	0	return strlen("$$v=$m=,t=,p=$$") + strlen(argon2_type2string(type, 0)) +
450	0	numlen(t_cost) + numlen(m_cost) + numlen(parallelism) +
451	0	b64len(saltlen) + b64len(hashlen) + numlen(ARGON2_VERSION_NUMBER) + 1;
452	0	}