From e18f71b03fb54a0d34b6aa41f8966620722c4c56 Mon Sep 17 00:00:00 2001 From: Max Lv Date: Sun, 29 Jan 2017 17:41:39 +0800 Subject: [PATCH] Add Argon2i password hashing for AEAD --- src/aead.c | 4 ++-- src/crypto.c | 20 +++++++++++++++++--- src/crypto.h | 4 ++-- src/stream.c | 4 ++-- 4 files changed, 23 insertions(+), 9 deletions(-) diff --git a/src/aead.c b/src/aead.c index a68bf7cc..cbdea5a4 100644 --- a/src/aead.c +++ b/src/aead.c @@ -735,8 +735,8 @@ aead_key_init(int method, const char *pass) FATAL("Cannot initialize cipher"); } - cipher->key_len = crypto_derive_key(cipher, (const uint8_t *)pass, - cipher->key, supported_aead_ciphers_key_size[cipher->method]); + cipher->key_len = crypto_derive_key(cipher, pass, cipher->key, + supported_aead_ciphers_key_size[cipher->method], 2); if (cipher->key_len == 0) { FATAL("Cannot generate key and nonce"); diff --git a/src/crypto.c b/src/crypto.c index c5b9afbc..adc61147 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -101,9 +101,23 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md) } int -crypto_derive_key(const cipher_t *cipher, const uint8_t *pass, - uint8_t *key, size_t nkey) +crypto_derive_key(const cipher_t *cipher, const char *pass, + uint8_t *key, size_t nkey, int version) { + if (version == 2) { + const unsigned char salt[crypto_pwhash_SALTBYTES] = { + 's', 'h', 'a', 'd', 'o', 'w', 's', 'o', + 'c', 'k', 's', ' ', 'h', 'a', 's', 'h' + }; + int err = crypto_pwhash (key, nkey, (char*)pass, strlen(pass), salt, + crypto_pwhash_OPSLIMIT_INTERACTIVE, crypto_pwhash_MEMLIMIT_INTERACTIVE, + crypto_pwhash_ALG_DEFAULT); + if (err) + FATAL("Out of memory when doing password hashing"); + else + return nkey; + } + size_t datal; datal = strlen((const char *)pass); @@ -130,7 +144,7 @@ crypto_derive_key(const cipher_t *cipher, const uint8_t *pass, if (addmd) { mbedtls_md_update(&c, md_buf, mds); } - mbedtls_md_update(&c, pass, datal); + mbedtls_md_update(&c, (uint8_t *)pass, datal); mbedtls_md_finish(&c, &(md_buf[0])); for (i = 0; i < mds; i++, j++) { diff --git a/src/crypto.h b/src/crypto.h index e30eec80..ac9474f5 100644 --- a/src/crypto.h +++ b/src/crypto.h @@ -109,8 +109,8 @@ int rand_bytes(void *output, int len); crypto_t *crypto_init(const char *password, const char *method); unsigned char *crypto_md5(const unsigned char *d, size_t n, unsigned char *md); -int crypto_derive_key(const cipher_t *cipher, - const uint8_t *pass, uint8_t *key, size_t nkey); +int crypto_derive_key(const cipher_t *cipher, const char *pass, + uint8_t *key, size_t nkey, int version); extern struct cache *nonce_cache; extern const char *supported_stream_ciphers[]; diff --git a/src/stream.c b/src/stream.c index ec1b302c..9e399709 100644 --- a/src/stream.c +++ b/src/stream.c @@ -614,8 +614,8 @@ stream_key_init(int method, const char *pass) FATAL("Cannot initialize cipher"); } - cipher->key_len = crypto_derive_key(cipher, (const uint8_t *)pass, - cipher->key, cipher_key_size(cipher)); + cipher->key_len = crypto_derive_key(cipher, pass, + cipher->key, cipher_key_size(cipher), 1); if (cipher->key_len == 0) { FATAL("Cannot generate key and NONCE");