Prepare for Argon2id support

src/libsodium/crypto_pwhash/argon2/argon2-fill-block-avx2.c

@@ -20,7 +20,8 @@
 #include "private/common.h"
 #include "private/sse2_64_32.h"
 
-#if defined(HAVE_EMMINTRIN_H) && defined(HAVE_TMMINTRIN_H)
+#if defined(HAVE_AVX2INTRIN_H) && defined(HAVE_EMMINTRIN_H) && \
+    defined(HAVE_TMMINTRIN_H) && defined(HAVE_SMMINTRIN_H)
 
 # ifdef __GNUC__
 #  pragma GCC target("sse2")
@@ -148,7 +149,7 @@ fill_segment_avx2(const argon2_instance_t *instance,
     uint32_t  prev_offset, curr_offset;
     uint32_t  starting_index, i;
     __m256i   state[32];
-    const int data_independent_addressing = 1; /* instance->type == Argon2_i */
+    int       data_independent_addressing = 1;
 
     /* Pseudo-random values that determine the reference block position */
     uint64_t *pseudo_rands = NULL;
@@ -157,6 +158,11 @@ fill_segment_avx2(const argon2_instance_t *instance,
         return ARGON2_OK;
     }
 
+    if (instance->type == Argon2_id &&
+        (position.pass != 0 || position.slice >= ARGON2_SYNC_POINTS / 2)) {
+        data_independent_addressing = 0;
+    }
+
     pseudo_rands =
         (uint64_t *) malloc(sizeof(uint64_t) * instance->segment_length);
     if (pseudo_rands == NULL) {

src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ref.c

@@ -144,18 +144,23 @@ int
 fill_segment_ref(const argon2_instance_t *instance, argon2_position_t position)
 {
     block    *ref_block = NULL, *curr_block = NULL;
+    /* Pseudo-random values that determine the reference block position */
+    uint64_t *pseudo_rands = NULL;
     uint64_t  pseudo_rand, ref_index, ref_lane;
     uint32_t  prev_offset, curr_offset;
     uint32_t  starting_index;
     uint32_t  i;
-    const int data_independent_addressing = 1; /* instance->type == Argon2_i */
-    /* Pseudo-random values that determine the reference block position */
-    uint64_t *pseudo_rands = NULL;
+    int       data_independent_addressing = 1; /* instance->type == Argon2_i */
 
     if (instance == NULL) {
         return ARGON2_OK;
     }
 
+    if (instance->type == Argon2_id &&
+        (position.pass != 0 || position.slice >= ARGON2_SYNC_POINTS / 2)) {
+        data_independent_addressing = 0;
+    }
+
     pseudo_rands =
         (uint64_t *) malloc(sizeof(uint64_t) * (instance->segment_length));
 

src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ssse3.c

@@ -148,7 +148,7 @@ fill_segment_ssse3(const argon2_instance_t *instance,
     uint32_t  prev_offset, curr_offset;
     uint32_t  starting_index, i;
     __m128i   state[64];
-    const int data_independent_addressing = 1; /* instance->type == Argon2_i */
+    int       data_independent_addressing = 1;
 
     /* Pseudo-random values that determine the reference block position */
     uint64_t *pseudo_rands = NULL;
@@ -157,6 +157,11 @@ fill_segment_ssse3(const argon2_instance_t *instance,
         return ARGON2_OK;
     }
 
+    if (instance->type == Argon2_id &&
+        (position.pass != 0 || position.slice >= ARGON2_SYNC_POINTS / 2)) {
+        data_independent_addressing = 0;
+    }
+
     pseudo_rands =
         (uint64_t *) malloc(sizeof(uint64_t) * instance->segment_length);
     if (pseudo_rands == NULL) {

src/libsodium/crypto_pwhash/argon2/argon2.h

@@ -185,7 +185,7 @@ typedef struct Argon2_Context {
 } argon2_context;
 
 /* Argon2 primitive type */
-typedef enum Argon2_type { Argon2_i = 1 } argon2_type;
+typedef enum Argon2_type { Argon2_i = 1, Argon2_id = 2 } argon2_type;
 
 /*
  * Function that performs memory-hard hashing with certain degree of parallelism