Add Argon2i password hashing for AEAD

8 years ago · e18f71b03f
4 changed files with 23 additions and 9 deletions
--- a/src/aead.c
+++ b/src/aead.c
@ -735,8 +735,8 @@ aead_key_init(int method, const char *pass)
        FATAL("Cannot initialize cipher");
    }

-    cipher->key_len = crypto_derive_key(cipher, (const uint8_t *)pass,
-                                        cipher->key, supported_aead_ciphers_key_size[cipher->method]);
+    cipher->key_len = crypto_derive_key(cipher, pass, cipher->key,
+                                        supported_aead_ciphers_key_size[cipher->method], 2);

    if (cipher->key_len == 0) {
        FATAL("Cannot generate key and nonce");
--- a/src/crypto.c
+++ b/src/crypto.c
@ -101,9 +101,23 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md)
 }

 int
-crypto_derive_key(const cipher_t *cipher, const uint8_t *pass,
-                  uint8_t *key, size_t nkey)
+crypto_derive_key(const cipher_t *cipher, const char *pass,
+                  uint8_t *key, size_t nkey, int version)
 {
+    if (version == 2) {
+        const unsigned char salt[crypto_pwhash_SALTBYTES] = {
+            's', 'h', 'a', 'd', 'o', 'w', 's', 'o',
+            'c', 'k', 's', ' ', 'h', 'a', 's', 'h'
+        };
+        int err = crypto_pwhash (key, nkey, (char*)pass, strlen(pass), salt,
+                crypto_pwhash_OPSLIMIT_INTERACTIVE, crypto_pwhash_MEMLIMIT_INTERACTIVE,
+                crypto_pwhash_ALG_DEFAULT);
+        if (err)
+            FATAL("Out of memory when doing password hashing");
+        else
+            return nkey;
+    }
+
    size_t datal;
    datal = strlen((const char *)pass);

@ -130,7 +144,7 @@ crypto_derive_key(const cipher_t *cipher, const uint8_t *pass,
        if (addmd) {
            mbedtls_md_update(&c, md_buf, mds);
        }
-        mbedtls_md_update(&c, pass, datal);
+        mbedtls_md_update(&c, (uint8_t *)pass, datal);
        mbedtls_md_finish(&c, &(md_buf[0]));

        for (i = 0; i < mds; i++, j++) {
--- a/src/crypto.h
+++ b/src/crypto.h
@ -109,8 +109,8 @@ int rand_bytes(void *output, int len);
 crypto_t *crypto_init(const char *password, const char *method);
 unsigned char *crypto_md5(const unsigned char *d, size_t n,
                          unsigned char *md);
-int crypto_derive_key(const cipher_t *cipher,
-                      const uint8_t *pass, uint8_t *key, size_t nkey);
+int crypto_derive_key(const cipher_t *cipher, const char *pass,
+        uint8_t *key, size_t nkey, int version);

 extern struct cache *nonce_cache;
 extern const char *supported_stream_ciphers[];
--- a/src/stream.c
+++ b/src/stream.c
@ -614,8 +614,8 @@ stream_key_init(int method, const char *pass)
        FATAL("Cannot initialize cipher");
    }

-    cipher->key_len = crypto_derive_key(cipher, (const uint8_t *)pass,
-                                        cipher->key, cipher_key_size(cipher));
+    cipher->key_len = crypto_derive_key(cipher, pass,
+                                        cipher->key, cipher_key_size(cipher), 1);

    if (cipher->key_len == 0) {
        FATAL("Cannot generate key and NONCE");