Add librecrypt_is_enabled

Signed-off-by: Mattias Andrée <m@maandree.se>

7 files changed, 284 insertions, 4 deletions

diff --git a/Makefile b/Makefile
index b51cf7f..03f302a 100644
--- a/Makefile
+++ b/Makefile
@@ -37,7 +37,8 @@ OBJ_PUBLIC_NO_FUZZ =\
 	librecrypt_wipe.o\
 	librecrypt_wipe_str.o\
 	librecrypt_equal_binary.o\
-	librecrypt_equal.o
+	librecrypt_equal.o\
+	librecrypt_is_enabled.o
 
 OBJ_PUBLIC =\
 	$(OBJ_PUBLIC_FUZZ)\
diff --git a/README b/README
index 60c4367..f1f115b 100644
--- a/README
+++ b/README
@@ -47,7 +47,7 @@ DESCRIPTION
 	librecrypt_add_algorithm(3)
 		Append an algorithm chain to a password hash string.
 
-   Password hashing configuration generation functions:
+   Password hashing configuration functions:
 	librecrypt_test_supported(3)
 		Check whether an algorithm chain is supported.
 
@@ -103,6 +103,11 @@ DESCRIPTION
 		Get encoding alphabet for the last algorithm in a
 		chain.
 
+   Library introspection functions (ADVANCED):
+	librecrypt_is_enabled(3)
+		Check whenther the library is compiled with support
+		for a specific hash algorithm.
+
 NOTES
 	Using librecrypt_add_algorithm(3) to hash existing password
 	hashes should be used as a transitional mitigation strategy
diff --git a/librecrypt.7 b/librecrypt.7
index 0530246..8abf6d7 100644
--- a/librecrypt.7
+++ b/librecrypt.7
@@ -66,7 +66,7 @@ Validate password against known password hash.
 .BR librecrypt_add_algorithm (3)
 Append an algorithm chain to a password hash string.
 .sp
-.SS Password hashing configuration generation functions:
+.SS Password hashing configuration functions:
 .TP
 .BR librecrypt_test_supported (3)
 Check whether an algorithm chain is supported.
@@ -125,6 +125,11 @@ binary.
 .BR librecrypt_get_encoding (3)
 Get encoding alphabet for the last algorithm in a
 chain.
+.sp
+.SS Library introspection functions (ADVANCED):
+.BR librecrypt_is_enabled (3)
+Check whenther the library is compiled with support
+for a specific hash algorithm.
 
 .SH NOTES
 Using
diff --git a/librecrypt.h b/librecrypt.h
index 08efde6..d526e1d 100644
--- a/librecrypt.h
+++ b/librecrypt.h
@@ -10,11 +10,13 @@
 
 #if defined(__GNUC__)
 # define LIBRECRYPT_PURE__ __attribute__((__pure__))
+# define LIBRECRYPT_CONST__ __attribute__((__const__))
 # define LIBRECRYPT_NONNULL__ __attribute__((__nonnull__))
 # define LIBRECRYPT_NONNULL_I__(I) __attribute__((__nonnull__(I)))
 # define LIBRECRYPT_WUR__ __attribute__((__warn_unused_result__))
 #else
 # define LIBRECRYPT_PURE__
+# define LIBRECRYPT_CONST__
 # define LIBRECRYPT_NONNULL__
 # define LIBRECRYPT_NONNULL_I__(I)
 # define LIBRECRYPT_WUR__
@@ -58,6 +60,53 @@
 
 
 /**
+ * Hash algorithms that the library might support
+ */
+enum librecrypt_hash_algorithm {
+	/**
+	 * Argon2i, version 1.0 ("$argon2i$v=13$", optionally without "$v=13")
+	 */
+	LIBRECRYPT_ARGON2I_V1_0,
+
+	/**
+	 * Argon2i, version 1.3 ("$argon2i$v=19$")
+	 */
+	LIBRECRYPT_ARGON2I_V1_3,
+
+	/**
+	 * Argon2d, version 1.0 ("$argon2d$v=13$", optionally without "$v=13")
+	 */
+	LIBRECRYPT_ARGON2D_V1_0,
+
+	/**
+	 * Argon2d, version 1.3 ("$argon2d$v=19$")
+	 */
+	LIBRECRYPT_ARGON2D_V1_3,
+
+	/**
+	 * Argon2id, version 1.0 ("$argon2id$v=13$", optionally without "$v=13")
+	 */
+	LIBRECRYPT_ARGON2ID_V1_0,
+
+	/**
+	 * Argon2id, version 1.3 ("$argon2id$v=19$")
+	 */
+	LIBRECRYPT_ARGON2ID_V1_3,
+
+	/**
+	 * Argon2ds, version 1.0 ("$argon2ds$v=13$", optionally without "$v=13")
+	 */
+	LIBRECRYPT_ARGON2DS_V1_0,
+
+	/**
+	 * Argon2ds, version 1.3 ("$argon2ds$v=19$")
+	 */
+	LIBRECRYPT_ARGON2DS_V1_3
+};
+
+
+
+/**
  * Get number of bytes in a password hash string
  * that make up the algorithm configuration
  * 
@@ -859,6 +908,8 @@ int librecrypt_verify(const char *phrase, size_t len, const char *settings, void
  *                     if the selected word does not match such constraints
  *                     for the first algorithm in the chain, 0 is returned
  * 
+ * @seealso  librecrypt_is_enabled
+ * 
  * This function is MT-Safe and AS-Safe
  * 
  * @since  1.0
@@ -868,6 +919,23 @@ int librecrypt_test_supported(const char *phrase, size_t len, int text, const ch
 
 
 /**
+ * Check whether the library has been compiled to
+ * support a specific hash algorithm
+ *
+ * @param   algo  The hash algorithm
+ * @return        1 if the hash algorithm is enabled, 0 otherwise
+ * 
+ * @seealso  librecrypt_test_supported
+ * 
+ * This function is MT-Safe and AS-Safe
+ * 
+ * @since  1.1
+ */
+LIBRECRYPT_CONST__ LIBRECRYPT_WUR__
+int librecrypt_is_enabled(enum librecrypt_hash_algorithm algo);
+
+
+/**
  * Chain togather another set of hash algorithms
  * 
  * If you are using the `librecrypt_crypt` format,
diff --git a/librecrypt_is_enabled.3 b/librecrypt_is_enabled.3
new file mode 100644
index 0000000..b7570aa
--- /dev/null
+++ b/librecrypt_is_enabled.3
@@ -0,0 +1,113 @@
+.TH LIBRECRYPT_IS_ENABLED 3 LIBRECRYPT
+.SH NAME
+librecrypt_is_enabled - Check whether an algorithm was enabled at compile-time
+
+.SH SYNOPSIS
+.nf
+#include <librecrypt.h>
+
+enum librecrypt_hash_algorithm {
+	LIBRECRYPT_ARGON2I_V1_0,
+	LIBRECRYPT_ARGON2I_V1_3,
+	LIBRECRYPT_ARGON2D_V1_0,
+	LIBRECRYPT_ARGON2D_V1_3,
+	LIBRECRYPT_ARGON2ID_V1_0,
+	LIBRECRYPT_ARGON2ID_V1_3,
+	LIBRECRYPT_ARGON2DS_V1_0,
+	LIBRECRYPT_ARGON2DS_V1_3
+};
+
+int \fBlibrecrypt_is_enabled\fP(enum librecrypt_hash_algorithm \fIalgo\fP);
+.fi
+.PP
+Link with
+.IR -lrecrypt .
+
+.SH DESCRIPTION
+The
+.BR librecrypt_is_enabled ()
+function checks whether the the
+.B librecrypt
+library end it's dependencies where compiled to
+support the hash algorithm specified in the
+.I algo
+parameter.
+
+.SH RETURN VALUES
+The
+.BR librecrypt_is_enabled ()
+function returns 1 if the hash algorithm is
+enabled, 0 otherwise (disabled or not recognised).
+
+.SH ERRORS
+The
+.BR librecrypt_is_enabled ()
+function cannot fail.
+
+.SH ATTRIBUTES
+For an explanation of the terms used in this section, see
+.BR attributes (7).
+.PP
+.TS
+allbox;
+lb lb lb
+l l l.
+Interface	Attribute	Value
+T{
+.BR librecrypt_is_enabled ()
+T}	Thread safety	MT-Safe
+T{
+.BR librecrypt_is_enabled ()
+T}	Async-signal safety	AS-Safe
+.TE
+.sp
+
+.SH EXTENDED DESCRIPTION
+The following values for
+.I algo
+are supported and may cause the
+.BR librecrypt_is_enabled ()
+function to return either 0 or 1
+(all other cause the function to return 0):
+.TP
+.B LIBRECRYPT_ARGON2I_V1_0
+Argon2i, version 1.0, which is presented by
+\(dq$argon2i$v=13$\(dq, optionally without \(dq$v=13\(dq.
+.TP
+.B LIBRECRYPT_ARGON2I_V1_3
+Argon2i, version 1.3, which is presented by
+\(dq$argon2i$v=19$\(dq.
+.TP
+.B LIBRECRYPT_ARGON2D_V1_0
+Argon2d, version 1.0, which is presented by
+\(dq$argon2d$v=13$\(dq, optionally without \(dq$v=13\(dq.
+.TP
+.B LIBRECRYPT_ARGON2D_V1_3
+Argon2d, version 1.3, which is presented by
+\(dq$argon2d$v=19$\(dq.
+.TP
+.B LIBRECRYPT_ARGON2ID_V1_0
+Argon2id, version 1.0, which is presented by
+\(dq$argon2id$v=13$\(dq, optionally without \(dq$v=13\(dq.
+.TP
+.B LIBRECRYPT_ARGON2ID_V1_3
+Argon2id, version 1.3, which is presented by
+\(dq$argon2id$v=19$\(dq.
+.TP
+.B LIBRECRYPT_ARGON2DS_V1_0
+Argon2ds, version 1.0, which is presented by
+\(dq$argon2ds$v=13$\(dq, optionally without \(dq$v=13\(dq.
+.TP
+.B LIBRECRYPT_ARGON2DS_V1_3
+Argon2ds, version 1.3, which is presented by
+\(dq$argon2ds$v=19$\(dq.
+
+.SH HISTORY
+The
+.BR librecrypt_is_enabled ()
+function was introduced in version 1.1 of
+.BR librecrypt .
+
+.SH SEE ALSO
+.BR librecrypt (7),
+.BR librecrypt_test_supported (3)
diff --git a/librecrypt_is_enabled.c b/librecrypt_is_enabled.c
new file mode 100644
index 0000000..1bc9429
--- /dev/null
+++ b/librecrypt_is_enabled.c
@@ -0,0 +1,86 @@
+/* See LICENSE file for copyright and license details. */
+#include "common.h"
+#ifndef TEST
+
+
+#define INCLUDE(ALGO, VAL) IF__##ALGO##__SUPPORTED((UINT64_C(1) << (VAL)) |)
+
+static const uint64_t enabled =
+	INCLUDE(argon2i, LIBRECRYPT_ARGON2I_V1_0)
+	INCLUDE(argon2i, LIBRECRYPT_ARGON2I_V1_3)
+	INCLUDE(argon2d, LIBRECRYPT_ARGON2D_V1_0)
+	INCLUDE(argon2d, LIBRECRYPT_ARGON2D_V1_3)
+	INCLUDE(argon2id, LIBRECRYPT_ARGON2ID_V1_0)
+	INCLUDE(argon2id, LIBRECRYPT_ARGON2ID_V1_3)
+	INCLUDE(argon2ds, LIBRECRYPT_ARGON2DS_V1_0)
+	INCLUDE(argon2ds, LIBRECRYPT_ARGON2DS_V1_3)
+	UINT64_C(0);
+
+
+int
+librecrypt_is_enabled(enum librecrypt_hash_algorithm algo)
+{
+#if defined(__clang__)
+# pragma clang diagnostic push
+# pragma clang diagnostic ignored "-Wtautological-unsigned-enum-zero-compare"
+#endif
+
+	if (algo < 0 || algo >= 64)
+		return 0;
+
+#if defined(__clang__)
+# pragma clang diagnostic pop
+#endif
+
+	/* Version 1.0 and 1.3 of Argon2 are supported in all
+	 * versions of libar2, so there is no need to check
+	 * libar2_latest_argon2_version*/
+
+	return (int)(enabled >> (unsigned)algo) & 1;
+}
+
+
+#else
+
+
+#if defined(__clang__)
+# pragma clang diagnostic ignored "-Wassign-enum"
+# pragma clang diagnostic ignored "-Wsign-conversion"
+#endif
+
+
+#define CHECK(ALGO, EXPECTED)\
+	do {\
+		EXPECT(librecrypt_is_enabled(ALGO) == (EXPECTED));\
+		if ((int)(ALGO) > highest)\
+			highest = (int)(ALGO);\
+	} while (0)
+
+
+int
+main(void)
+{
+	int i, highest = -1;
+
+	SET_UP_ALARM();
+	INIT_RESOURCE_TEST();
+
+	CHECK((enum librecrypt_hash_algorithm)-1, 0);
+	CHECK(LIBRECRYPT_ARGON2I_V1_0, IF__argon2i__SUPPORTED(1 + ) 0);
+	CHECK(LIBRECRYPT_ARGON2I_V1_3, IF__argon2i__SUPPORTED(1 + ) 0);
+	CHECK(LIBRECRYPT_ARGON2D_V1_0, IF__argon2i__SUPPORTED(1 + ) 0);
+	CHECK(LIBRECRYPT_ARGON2D_V1_3, IF__argon2i__SUPPORTED(1 + ) 0);
+	CHECK(LIBRECRYPT_ARGON2ID_V1_0, IF__argon2i__SUPPORTED(1 + ) 0);
+	CHECK(LIBRECRYPT_ARGON2ID_V1_3, IF__argon2i__SUPPORTED(1 + ) 0);
+	CHECK(LIBRECRYPT_ARGON2DS_V1_0, IF__argon2i__SUPPORTED(1 + ) 0);
+	CHECK(LIBRECRYPT_ARGON2DS_V1_3, IF__argon2i__SUPPORTED(1 + ) 0);
+
+	for (i = 0; i < 1024 && highest != INT_MAX; i++)
+		CHECK((enum librecrypt_hash_algorithm)(highest + 1), 0);
+
+	STOP_RESOURCE_TEST();
+	return 0;
+}
+
+
+#endif
diff --git a/librecrypt_test_supported.3 b/librecrypt_test_supported.3
index 6afb068..9cb1ec4 100644
--- a/librecrypt_test_supported.3
+++ b/librecrypt_test_supported.3
@@ -99,6 +99,8 @@ function was introduced in version 1.0 of
 
 .SH SEE ALSO
 .BR librecrypt (7),
+.BR librecrypt_test_supported (3),
 .BR librecrypt_hash_binary (3),
 .BR librecrypt_hash (3),
-.BR librecrypt_crypt (3)
+.BR librecrypt_crypt (3),
+.BR librecrypt_verify (3)