diff options
| author | NIIBE Yutaka <gniibe@fsij.org> | 2022-01-26 00:22:50 +0900 |
|---|---|---|
| committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-01-26 00:22:50 +0900 |
| commit | bafdb90d97b65db541ea917088ca956e6a364f6b (patch) | |
| tree | b2041913245036b27a31212f292f3c6d0e94851b /src/gcrypt.h.in | |
| parent | 3d353782d84b9720262d7b05adfae3aef7ff843b (diff) | |
| download | libgcrypt-bafdb90d97b65db541ea917088ca956e6a364f6b.tar.gz | |
cipher: Add new API for modern KDF function.
* cipher/kdf.c (hash, argon2_genh0_first_blocks): New for Argon2.
(argon2_init, argon2_ctl, argon2_iterator): Likewise.
(argon2_compute_row, argon2_final, argon2_close): Likewise.
(argon2_open): Likewise.
(balloon_open): New for Balloon.
(_gcry_kdf_open, _gcry_kdf_ctl, _gcry_kdf_iterator): Add new API.
(_gcry_kdf_compute_row, _gcry_kdf_final, _gcry_kdf_close): Likewise.
* src/gcrypt-int.h: Add declarations for new API.
* src/gcrypt.h.in: Likewise.
(enum gcry_kdf_algos): Add GCRY_KDF_ARGON2 and GCRY_KDF_BALLOON.
(enum gcry_kdf_subalgo_argon2): Add GCRY_KDF_ARGON2D,
GCRY_KDF_ARGON2I, and GCRY_KDF_ARGON2ID.
* src/libgcrypt.def, src/libgcrypt.vers: Update.
* src/visibility.h: Likewise.
* src/visibility.c: Add new API.
* tests/Makefile.am (t_kdf_LDADD, t_kdf_CFLAGS): Enable use of pthread.
* tests/t-kdf.c (check_argon2): New, not enabled yet.
--
New API has been added, decoupling thread support. Implementation of
Argon2 is on-going. Test is not enabled yet.
GnuPG-bug-id: 5797
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'src/gcrypt.h.in')
| -rw-r--r-- | src/gcrypt.h.in | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 6376b446..ea771db7 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -118,7 +118,7 @@ extern "C" { #ifdef _GCRYPT_IN_LIBGCRYPT #define _GCRY_ATTR_INTERNAL #else -#define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED +#define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED #endif /* Wrappers for the libgpg-error library. */ @@ -383,7 +383,7 @@ gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, /* Like gcry_sexp_build, but uses an array instead of variable function arguments. */ gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff, - const char *format, void **arg_list); + const char *format, void **arg_list); /* Release the S-expression object SEXP */ void gcry_sexp_release (gcry_sexp_t sexp); @@ -1591,7 +1591,16 @@ enum gcry_kdf_algos GCRY_KDF_ITERSALTED_S2K = 19, GCRY_KDF_PBKDF1 = 33, GCRY_KDF_PBKDF2 = 34, - GCRY_KDF_SCRYPT = 48 + GCRY_KDF_SCRYPT = 48, + GCRY_KDF_ARGON2 = 64, + GCRY_KDF_BALLOON = 65 + }; + +enum gcry_kdf_subalgo_argon2 + { + GCRY_KDF_ARGON2D = 0, + GCRY_KDF_ARGON2I = 1, + GCRY_KDF_ARGON2ID = 2 }; /* Derive a key from a passphrase. */ @@ -1601,8 +1610,20 @@ gpg_error_t gcry_kdf_derive (const void *passphrase, size_t passphraselen, unsigned long iterations, size_t keysize, void *keybuffer); - - +/* Another API to derive a key from a passphrase. */ +typedef struct gcry_kdf_handle *gcry_kdf_hd_t; +gcry_error_t gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int subalgo, + const unsigned long *param, unsigned int paramlen, + const void *passphrase, size_t passphraselen, + const void *salt, size_t saltlen, + const void *key, size_t keylen, + const void *ad, size_t adlen); +gcry_error_t gcry_kdf_ctl (gcry_kdf_hd_t h, int cmd, void *buffer, + size_t buflen); +gcry_error_t gcry_kdf_iterator (gcry_kdf_hd_t h, int *action_p, void **arg_p); +gcry_error_t gcry_kdf_compute_row (gcry_kdf_hd_t h, void *arg); +gcry_error_t gcry_kdf_final (gcry_kdf_hd_t h, size_t resultlen, void *result); +void gcry_kdf_close (gcry_kdf_hd_t h); /************************************ * * |