Add Argon2 bundled library to crypto backend.

The Argon2i/id is a password hashing function that won Password Hashing Competiton. It will be (optionally) used in LUKS2 for passworrd-based key derivation. We have to bundle code for now (similar PBKDF2 years ago) because there is yet no usable implementation in common crypto libraries. (Once there is native implementation, cryptsetup will switch to the crypto library version.) For now, we use reference (not optimized but portable) implementation. This patch contains bundled Argon2 algorithm library copied from https://github.com/P-H-C/phc-winner-argon2 For more info see Password Hashing Competition site: https://password-hashing.net/ and draft of RFC document https://datatracker.ietf.org/doc/draft-irtf-cfrg-argon2/ Signed-off-by: Milan Broz <gmazyland@gmail.com>
2025-12-05 16:00:05 +01:00 · 2017-04-14 13:51:13 +02:00
parent 9bd06be43b
commit 09d14a0b6c
28 changed files with 3640 additions and 55 deletions
--- a/lib/crypto_backend/crypto_backend.h
+++ b/lib/crypto_backend/crypto_backend.h
@@ -65,7 +65,7 @@ int crypt_pbkdf(const char *kdf, const char *hash,
 		const char *password, size_t password_length,
 		const char *salt, size_t salt_length,
 		char *key, size_t key_length,
-		unsigned int iterations);
+		uint32_t iterations, uint32_t memory, uint32_t parallel);

 #if USE_INTERNAL_PBKDF2
 /* internal PBKDF2 implementation */
@@ -77,6 +77,14 @@ int pkcs5_pbkdf2(const char *hash,
 		 unsigned int hash_block_size);
 #endif

+#if USE_INTERNAL_ARGON2
+/* internal Argon2 implementation */
+int argon2(const char *type, const char *password, size_t password_length,
+	   const char *salt, size_t salt_length,
+	   char *key, size_t key_length,
+	   uint32_t iterations, uint32_t memory, uint32_t parallel);
+#endif
+
 /* CRC32 */
 uint32_t crypt_crc32(uint32_t seed, const unsigned char *buf, size_t len);