This implementation utilizes the same registers found in the reference
implementation, aiming to produce a minimal semantic diff between the
Avo-generated output and the original hand-written assembly.
To verify the Avo implementation, the reference and Avo-generated
assembly files are fed to `go tool asm`, capturing the debug output into
corresponding temp files. The debug output contains supplementary
metadata (line numbers, instruction offsets, and source file references)
that must be removed in order to obtain a semantic diff of the two
files. This is accomplished via a small utility script written in awk.
Commands used to verify Avo output:
GOROOT=$(go env GOROOT)
ASM_PATH="argon2/blamka_amd64.s"
REFERENCE="b2d3a6a4b4d36521cd7f653879cf6981e7c5c340"
go tool asm -o /dev/null -I "$GOROOT"/src/runtime -debug \
<(git cat-file -p "$REFERENCE:$ASM_PATH") \
> /tmp/reference.s
go tool asm -o /dev/null -I "$GOROOT"/src/runtime -debug \
"$ASM_PATH" \
> /tmp/avo.s
normalize(){
awk '{
$1=$2=$3="";
print substr($0,4)
}'
}
diff <(normalize < /tmp/reference.s) <(normalize < /tmp/avo.s)
Change-Id: I3567eb80ef80dff248225f17470122c0a4e6951e
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/600315
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Done with:
go get go@1.18
go mod tidy
go fix ./...
Using go1.21.3.
Also update avo to v0.5.0 in the curve25519/internal/field/_asm module.
It's newer and produces no diff in the generated code.
For golang/go#60268.
Change-Id: I9bd771ee8561595d7f68aaca76df6e3e33d35013
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/534141
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Gofmt to update doc comments to the new formatting.
For golang/go#51082.
Change-Id: I076031b6613691eefbb0f21739366e3fd2011ec9
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/399356
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Make all our package sources use Go 1.17 gofmt format
(adding //go:build lines).
Not strictly necessary but will avoid spurious changes
as files are edited.
Part of //go:build change (#41184).
See https://golang.org/design/draft-gobuild
Change-Id: I70526bf588bf4078887e567795867ece785d666b
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/294415
Trust: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
appengine is obsolete and superseded by purego, and gc is a more
precise tag for files that use gc-syntax assembly.
Change-Id: I716f59de772ebeee4adf4d2a432edf300122cef0
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/269920
Trust: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
This change exports the Argon2 variant Argon2id and improves documenation.
The following parameter recommendations are added:
- Argon2i:
time=3 and max. memory for non-interactive scenarios as recommended by the
RFC draft https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03#section-9.3
- Argon2id:
time=2 and memory=64MB for interactive scenarios as used by libsodium >= 1.0.9
https://download.libsodium.org/doc/password_hashing/the_argon2i_function.html
time=1 and max. memory for non-interactive scenarios as recommended by the
RFC draft linked above.
Fixesgolang/go#23602
Change-Id: Ia4d537e6126e5aff1243f2b5579df6bc8edb851a
Reviewed-on: https://go-review.googlesource.com/91935
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
The change fixes argon2_test build failure which currently
reads as follows when built with gccgo:
./argon2/blamka_ref.go:9:1: error: redefinition of 'processBlock'
func processBlock(out, in1, in2 *block) {
^
./argon2/blamka_amd64.go:53:1: note: previous definition of 'processBlock' was here
func processBlock(out, in1, in2 *block) {
^
./argon2/blamka_ref.go:13:1: error: redefinition of 'processBlockXOR'
func processBlockXOR(out, in1, in2 *block) {
^
./argon2/blamka_amd64.go:57:1: note: previous definition of 'processBlockXOR' was here
func processBlockXOR(out, in1, in2 *block) {
^
Change-Id: I5c1d7360a2a91a2ac27273a5c1da2a139b1537a7
Reviewed-on: https://go-review.googlesource.com/88455
Run-TryBot: Alex Vaghin <ddos@google.com>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
This change fixes an incorrect key derivation if the
degree of parallelism is greater than 1.
This change adds additional test vectors generated by the
https://github.com/P-H-C/phc-winner-argon2 CLI.
Fixesgolang/go#23200
Change-Id: I8add8382b9e9ebbf9a70493050867c9af4ed6aa7
Reviewed-on: https://go-review.googlesource.com/85055
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
This CL adds the package argon2. The argon2 package implements
the Argon2 PBKDF family (Argon2i, Argon2d, Argon2id).
Argon2 is memory-hard key derivation function and is specified
at https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
It can be used to derive cryptographic keys with high entropy from low
entropy passwords.
Fixesgolang/go#19896
Change-Id: I5b099682a8e3d7569ad18400cebddefc99a7e22f
Reviewed-on: https://go-review.googlesource.com/82575
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
Garrett Bodley
Egon Elbre
Dmitri Shuralyov
Russ Cox
Tobias Klauser
Tamir Duberstein
Andreas Auernhammer
Mark Rushakoff
Alex Vaghin