Check-in [3872cde7b2]
Overview
Comment:Added untested argon2-based key derivation
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | monocypher
Files: files | file ages | folders
SHA3-256: 3872cde7b27ee1634274c6629916ef57fee2270feb47e81910fa63e7bfbe6923
User & Date: rkeene on 2019-01-10 09:45:20
Other Links: branch diff | manifest | tags
Context
2019-01-10
09:55
Minor cleanup check-in: 78b6dd6345 user: rkeene tags: monocypher
09:45
Added untested argon2-based key derivation check-in: 3872cde7b2 user: rkeene tags: monocypher
09:18
Added more Argon2 files, and try to build with as few public symbols as possible check-in: 489a16edb6 user: rkeene tags: monocypher
Changes

Modified nano.c from [3e25e24c1a] to [2ca35184b8].

18
19
20
21
22
23
24



25
26
27
28
29
30
31
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34







+
+
+







#define NANO_SECRET_KEY_LENGTH 32
#define NANO_PUBLIC_KEY_LENGTH 32
#define NANO_BLOCK_HASH_LENGTH 32
#define NANO_BLOCK_SIGNATURE_LENGTH 64
#define NANO_WORK_VALUE_LENGTH 8
#define NANO_WORK_HASH_LENGTH  8
#define NANO_WORK_DEFAULT_MIN  0xffffffc000000000LLU
#define NANO_KDF_ARGON2_MEMORY 64 * 1024
#define NANO_KDF_ARGON2_TIMING 1
#define NANO_KDF_ARGON2_THREADS 1

#define TclNano_AttemptAlloc(x) ((void *) Tcl_AttemptAlloc(x))
#define TclNano_Free(x) Tcl_Free((char *) x)
#define TclNano_SetIntVar(interp, name, intValue) \
	tclobj_ret = Tcl_SetVar2Ex(interp, name, NULL, Tcl_NewIntObj(intValue), TCL_GLOBAL_ONLY | TCL_LEAVE_ERR_MSG); \
	if (!tclobj_ret) { \
		return(TCL_ERROR); \
278
279
280
281
282
283
284
285
286

287



288
289
290


291
292
293
294
295
296


297
298
299
300
301
302
303
304



305
306
307
308
309

310
311
312
313
314
315
316
317










318


319
320
321
322
323
324
325
326
327
281
282
283
284
285
286
287

288
289

290
291
292
293


294
295
296
297
298
299


300
301




302



303
304
305





306








307
308
309
310
311
312
313
314
315
316
317
318
319
320

321
322
323
324
325
326
327







-

+
-
+
+
+

-
-
+
+




-
-
+
+
-
-
-
-

-
-
-
+
+
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+

+
+

-








	return(TCL_OK);

	/* NOTREACH */
	clientData = clientData;
}

#if 0
static int nano_tcl_derive_key_from_password(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
	void *password, *salt;
	argon2_context argon2_context_item;
	int password_length, salt_length;
	unsigned char result[32];
	int hash_ret;

	if (objc != 2) {
		Tcl_WrongNumArgs(interp, 1, objv, "password");
	if (objc != 3) {
		Tcl_WrongNumArgs(interp, 1, objv, "password salt");

		return(TCL_ERROR);
	}

unsigned char password[] = {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}
unsigned char salt[] = {0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02}
	password = Tcl_GetByteArrayFromObj(objv[1], &password_length);
	salt = Tcl_GetByteArrayFromObj(objv[2], &salt_length);
unsigned char secret[] = {0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03}
unsigned char ad[] = {0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04}
unsigned char phd[] = {0x24, 0xfd, 0xe9, 0x5a, 0x9d, 0xf5, 0x49, 0xd0, 0x02, 0xbd, 0x21, 0xb8, 0xb3, 0x45, 0x57, 0xe0, 0xf2, 0x53, 0x03, 0xd6, 0x53, 0x12, 0xf4, 0xc0, 0x7e, 0x1b, 0x0f, 0x12, 0x75, 0xb3, 0xe9, 0xd9, 0x45, 0xe9, 0x7b, 0x66, 0xbf, 0xe4, 0x27, 0x20, 0x6e, 0xca, 0xc7, 0xea, 0x2f, 0xfb, 0x1b, 0xe2, 0xc8, 0x3a, 0x15, 0xa6, 0x64, 0xb2, 0x4b, 0x4f, 0x6b, 0xc3, 0x34, 0x0d, 0x24, 0x89, 0x0b, 0x13}
unsigned char final_tag[] = {0xf8, 0x7c, 0x95, 0x96, 0xbd, 0xbf, 0x75, 0x0b, 0xfb, 0x35, 0x3a, 0x89, 0x70, 0xe5, 0x44, 0x1a, 0x70, 0x24, 0x3e, 0xb4, 0x90, 0x30, 0xdf, 0xe2, 0x74, 0xd9, 0xad, 0x4e, 0x37, 0x0e, 0x38, 0x9b}

argon2_context_item.pwd = password;
argon2_context_item.pwdlen = sizeof(password);
argon2_context_item.salt = salt;
	hash_ret = argon2_hash(NANO_KDF_ARGON2_TIMING, NANO_KDF_ARGON2_MEMORY, 1,
	                       password, password_length,
	                       salt, salt_length,
argon2_context_item.saltlen = sizeof(salt);
argon2_context_item.secret = secret;
argon2_context_item.secretlen = sizeof(secret);
argon2_context_item.ad = ad;
argon2_context_item.adlen = sizeof(ad);
	                       result, sizeof(result),
argon2_context_item.t_cost = 3;
argon2_context_item.m_cost = 16;
argon2_context_item.lanes = 4;
argon2_context_item.threads = 4;
argon2_context_item.version = ARGON2_VERSION_NUMBER;
argon2_context_item.allocate_cbk = NULL;
argon2_context_item.free_cbk = NULL;
argon2_context_item.flags = 0;
	                       NULL, 0, Argon2_d, 0x10);

	if (hash_ret != ARGON2_OK) {
		Tcl_SetResult(interp, (char *) argon2_error_message(hash_ret), NULL);
		return(TCL_ERROR);
	}

	Tcl_SetObjResult(interp, Tcl_NewByteArrayObj(result, sizeof(result)));

	return(TCL_OK);

	/* NOTREACH */
	clientData = clientData;
}
#endif

static int nano_tcl_hash_data(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
	unsigned char *data, result[NANO_BLOCK_SIGNATURE_LENGTH];
	int tgifo_ret;
	int data_length, result_length;

	if (objc < 2 || objc > 3) {
605
606
607
608
609
610
611
612

613
614
615
616
617
618
619
620
621
622
605
606
607
608
609
610
611

612
613
614
615
616
617
618
619
620
621
622







-
+










	TclNano_CreateObjCommand(interp, "::nano::internal::selfTest", nano_tcl_self_test);
	TclNano_CreateObjCommand(interp, "::nano::internal::generateKey", nano_tcl_generate_keypair);
	TclNano_CreateObjCommand(interp, "::nano::internal::generateSeed", nano_tcl_generate_seed);
	TclNano_CreateObjCommand(interp, "::nano::internal::publicKey", nano_tcl_secret_key_to_public_key);
	TclNano_CreateObjCommand(interp, "::nano::internal::signDetached", nano_tcl_sign_detached);
	TclNano_CreateObjCommand(interp, "::nano::internal::verifyDetached", nano_tcl_verify_detached);
	TclNano_CreateObjCommand(interp, "::nano::internal::hashData", nano_tcl_hash_data);
//	TclNano_CreateObjCommand(interp, "::nano::internal::deriveKeyFromPassword", nano_tcl_derive_key_from_password);
	TclNano_CreateObjCommand(interp, "::nano::internal::deriveKeyFromPassword", nano_tcl_derive_key_from_password);
	TclNano_CreateObjCommand(interp, "::nano::internal::validateWork", nano_tcl_validate_work);
	TclNano_CreateObjCommand(interp, "::nano::internal::generateWork", nano_tcl_generate_work);
	TclNano_CreateObjCommand(interp, "::nano::internal::randomBytes", nano_tcl_random_bytes);

	TclNano_Eval(interp, nanoInitScript);

	TclNano_PkgProvide(interp, "nano", PACKAGE_VERSION);

	return(TCL_OK);
}