Enable to use system libargon2.

Rename --disable-argon2 to --disable-internal-argon2 option
and add --enable-libargon2 flag to allow system libarhgon2.

lib/crypto_backend/Makefile.am

@@ -5,7 +5,8 @@ noinst_LTLIBRARIES = libcrypto_backend.la
 libcrypto_backend_la_CFLAGS = $(AM_CFLAGS) -Wall @CRYPTO_CFLAGS@
 
 libcrypto_backend_la_SOURCES = crypto_backend.h \
-	crypto_cipher_kernel.c crypto_storage.c pbkdf_check.c crc32.c
+	crypto_cipher_kernel.c crypto_storage.c pbkdf_check.c crc32.c \
+	argon2_generic.c
 
 if CRYPTO_BACKEND_GCRYPT
 libcrypto_backend_la_SOURCES += crypto_gcrypt.c
@@ -31,7 +32,6 @@ if CRYPTO_INTERNAL_ARGON2
 SUBDIRS = argon2
 libcrypto_backend_la_DEPENDENCIES = argon2/libargon2.la
 libcrypto_backend_la_LIBADD = argon2/libargon2.la
-libcrypto_backend_la_SOURCES += argon2_generic.c
 endif
 
 AM_CPPFLAGS = -include config.h -I$(top_srcdir)/lib

lib/crypto_backend/argon2_generic.c

@@ -21,7 +21,11 @@
 
 #include <errno.h>
 #include "crypto_backend.h"
+#if HAVE_ARGON2_H
+#include <argon2.h>
+#else
 #include "argon2/argon2.h"
+#endif
 
 #define CONST_CAST(x) (x)(uintptr_t)
 
@@ -30,6 +34,9 @@ int argon2(const char *type, const char *password, size_t password_length,
 	   char *key, size_t key_length,
 	   uint32_t iterations, uint32_t memory, uint32_t parallel)
 {
+#if !USE_INTERNAL_ARGON2 && !HAVE_ARGON2_H
+	return -EINVAL;
+#else
 	argon2_type atype;
 	argon2_context context = {
 		.flags = ARGON2_DEFAULT_FLAGS,
@@ -68,6 +75,7 @@ int argon2(const char *type, const char *password, size_t password_length,
 	}
 
 	return r;
+#endif
 }
 
 #if 0

lib/crypto_backend/crypto_backend.h

@@ -81,13 +81,11 @@ int pkcs5_pbkdf2(const char *hash,
 		 unsigned int hash_block_size);
 #endif
 
-#if USE_INTERNAL_ARGON2
-/* internal Argon2 implementation */
+/* Argon2 implementation wrapper */
 int argon2(const char *type, const char *password, size_t password_length,
 	   const char *salt, size_t salt_length,
 	   char *key, size_t key_length,
 	   uint32_t iterations, uint32_t memory, uint32_t parallel);
-#endif
 
 /* CRC32 */
 uint32_t crypt_crc32(uint32_t seed, const unsigned char *buf, size_t len);

lib/crypto_backend/crypto_gcrypt.c

@@ -363,10 +363,8 @@ int crypt_pbkdf(const char *kdf, const char *hash,
 	if (!strcmp(kdf, "pbkdf2"))
 		return pbkdf2(hash, password, password_length, salt, salt_length,
 			      key, key_length, iterations);
-#if USE_INTERNAL_ARGON2
 	else if (!strncmp(kdf, "argon2", 6))
 		return argon2(kdf, password, password_length, salt, salt_length,
 			      key, key_length, iterations, memory, parallel);
-#endif
 	return -EINVAL;
 }

lib/crypto_backend/crypto_kernel.c

@@ -328,11 +328,9 @@ int crypt_pbkdf(const char *kdf, const char *hash,
 
 		return pkcs5_pbkdf2(hash, password, password_length, salt, salt_length,
 				    iterations, key_length, key, ha->block_length);
-#if USE_INTERNAL_ARGON2
 	} else if (!strncmp(kdf, "argon2", 6)) {
 		return argon2(kdf, password, password_length, salt, salt_length,
 			      key, key_length, iterations, memory, parallel);
-#endif
 	}
 
 	return -EINVAL;

lib/crypto_backend/crypto_nettle.c

@@ -307,11 +307,9 @@ int crypt_pbkdf(const char *kdf, const char *hash,
 			      (uint8_t *)key);
 		crypt_hmac_destroy(h);
 		return 0;
-#if USE_INTERNAL_ARGON2
 	} else if (!strncmp(kdf, "argon2", 6)) {
 		return argon2(kdf, password, password_length, salt, salt_length,
 			      key, key_length, iterations, memory, parallel);
-#endif
 	}
 
 	return -EINVAL;

lib/crypto_backend/crypto_nss.c

@@ -326,11 +326,9 @@ int crypt_pbkdf(const char *kdf, const char *hash,
 
 		return pkcs5_pbkdf2(hash, password, password_length, salt, salt_length,
 				    iterations, key_length, key, ha->block_length);
-#if USE_INTERNAL_ARGON2
 	} else if (!strncmp(kdf, "argon2", 6)) {
 		return argon2(kdf, password, password_length, salt, salt_length,
 			      key, key_length, iterations, memory, parallel);
-#endif
 	}
 
 	return -EINVAL;

lib/crypto_backend/crypto_openssl.c

@@ -331,11 +331,9 @@ int crypt_pbkdf(const char *kdf, const char *hash,
 	            (int)iterations, hash_id, (int)key_length, (unsigned char *)key))
 			return -EINVAL;
 		return 0;
-#if USE_INTERNAL_ARGON2
 	} else if (!strncmp(kdf, "argon2", 6)) {
 		return argon2(kdf, password, password_length, salt, salt_length,
 			      key, key_length, iterations, memory, parallel);
-#endif
 	}
 
 	return -EINVAL;