argon2 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +9 -2
- data/ext/argon2_wrap/Makefile +0 -1
- data/ext/argon2_wrap/test.c +1 -0
- data/ext/phc-winner-argon2/src/argon2.c +25 -3
- data/ext/phc-winner-argon2/src/core.c +1 -2
- data/ext/phc-winner-argon2/src/core.h +1 -1
- data/ext/phc-winner-argon2/src/encoding.c +5 -6
- data/ext/phc-winner-argon2/src/encoding.h +4 -1
- data/ext/phc-winner-argon2/src/run.c +18 -2
- data/lib/argon2/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a59ac92cbaf98d789372ec5b51337d53be008395
|
|
4
|
+
data.tar.gz: abd378d5272207160eedb6d8027652ff3ef6930a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 55fb89025c32f22c92d140e614461d04c8da2a6e6d0d9c75d80e05b0947c1864a0acebbbde6a52266445dd64dfe89a76bcfd914e54669f8f287b7c8e949c04d2
|
|
7
|
+
data.tar.gz: dd2698c9e8d5483dc42dc866d9911ac899efdaba3ba32475dfd4673c1a16a4ed42bd518c3f8c623006f8ffb0cbd608d37f6d2a832e96346f60c9589e9f4715d7
|
data/README.md
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
|
-
# Argon2
|
|
1
|
+
# Ruby Argon2 Gem
|
|
2
2
|
|
|
3
3
|
This Ruby Gem provides FFI bindings, and a simplified interface, to the Argon2 algorithm. [Argon2](https://github.com/P-H-C/phc-winner-argon2) is the official winner of the Password Hashing Competition, a several year project to identify a successor to bcrypt/PBKDF/scrypt methods of securely storing passwords. This is an independant project and not official from the PHC team.
|
|
4
4
|
|
|
5
|
-
*This gem is now considered a beta release* and at this point is not recommended for production use.
|
|
5
|
+
*This gem is now considered a beta release* and at this point is not recommended for production use. The more detailed advice here, is that it is feature complete, and I do not intend on making backward breaking API changes without bumping the Gem version semantically. There is complete tests and documentation, and I'm working on a project to put this into production.
|
|
6
|
+
|
|
7
|
+
However, at this point, the reference C library that we pull in is under active development, ([including from myself](https://github.com/P-H-C/phc-winner-argon2/pulls?q=is%3Apr+author%3Atechnion)), and this binding isn't released grade until that is.
|
|
6
8
|
|
|
7
9
|
|
|
8
10
|
[](https://travis-ci.org/technion/ruby-argon2)
|
|
@@ -16,10 +18,12 @@ This project has several key tenants to its design:
|
|
|
16
18
|
* The reference Argon2 implementation is to be used "unaltered". To ensure compliance wit this goal, and encourage regular updates from upstream, this is implemented as a git submodule, and is intended to stay that way.
|
|
17
19
|
* The FFI interface is kept as slim as possible, with wrapper classes preferred to implementing context structs in FFI
|
|
18
20
|
* Security and maintainability take top priority. This can have an impact on platform support. A PR that contains platform specific code paths is unlikely to be accepted.
|
|
21
|
+
* Tested platforms are MRI Ruby 2.2 and JRuby 9000. No assertions are made on other platforms.
|
|
19
22
|
* Errors from the C interface are raised as Exceptions. There are a lot of exception classes, but they tend to relate to things like very broken input, and code bugs. Calls to this library should generally not require a rescue.
|
|
20
23
|
* Test suits should aim for 100% code coverage.
|
|
21
24
|
* Default work values should not be considered constants. I will increase them from time to time.
|
|
22
25
|
* Not exposing the threads parameter is a design choice. I believe there is significant risk, and minimal gain in using a value other than '1'. Four threads on a four core box completely ties up the entire server to process one user logon. If you want more security, increase m_cost.
|
|
26
|
+
* Many Rubocop errors have been disabled, but any commit should avoid new alerts or demonstrate their necessity.
|
|
23
27
|
|
|
24
28
|
## Usage
|
|
25
29
|
|
|
@@ -66,6 +70,9 @@ myhash = argon.hash("A password")
|
|
|
66
70
|
Argon2::Password.verify_password("A password", myhash, KEY)
|
|
67
71
|
```
|
|
68
72
|
|
|
73
|
+
## RubyDocs documentation
|
|
74
|
+
|
|
75
|
+
[The usual URL](http://www.rubydoc.info/gems/argon2) will provide detailed documentation.
|
|
69
76
|
|
|
70
77
|
## FAQ
|
|
71
78
|
### Don't roll your own crypto!
|
data/ext/argon2_wrap/Makefile
CHANGED
data/ext/argon2_wrap/test.c
CHANGED
|
@@ -130,6 +130,9 @@ int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
|
|
|
130
130
|
}
|
|
131
131
|
|
|
132
132
|
out = malloc(hashlen);
|
|
133
|
+
if (!out) {
|
|
134
|
+
return ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
135
|
+
}
|
|
133
136
|
|
|
134
137
|
context.out = (uint8_t *)out;
|
|
135
138
|
context.outlen = (uint32_t)hashlen;
|
|
@@ -230,6 +233,7 @@ int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
|
|
|
230
233
|
|
|
231
234
|
argon2_context ctx;
|
|
232
235
|
uint8_t *out;
|
|
236
|
+
int ret;
|
|
233
237
|
|
|
234
238
|
/* max values, to be updated in decode_string */
|
|
235
239
|
ctx.adlen = 512;
|
|
@@ -239,17 +243,35 @@ int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
|
|
|
239
243
|
ctx.ad = malloc(ctx.adlen);
|
|
240
244
|
ctx.salt = malloc(ctx.saltlen);
|
|
241
245
|
ctx.out = malloc(ctx.outlen);
|
|
246
|
+
if (!ctx.out || !ctx.salt || !ctx.ad) {
|
|
247
|
+
free(ctx.ad);
|
|
248
|
+
free(ctx.salt);
|
|
249
|
+
free(ctx.out);
|
|
250
|
+
return ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
251
|
+
}
|
|
242
252
|
out = malloc(ctx.outlen);
|
|
253
|
+
if (!out) {
|
|
254
|
+
free(ctx.ad);
|
|
255
|
+
free(ctx.salt);
|
|
256
|
+
free(ctx.out);
|
|
257
|
+
return ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
258
|
+
}
|
|
243
259
|
|
|
244
|
-
decode_string(&ctx, encoded, type)
|
|
260
|
+
if(decode_string(&ctx, encoded, type) != 1) {
|
|
261
|
+
free(ctx.ad);
|
|
262
|
+
free(ctx.salt);
|
|
263
|
+
free(ctx.out);
|
|
264
|
+
free(out);
|
|
265
|
+
return ARGON2_DECODING_FAIL;
|
|
266
|
+
}
|
|
245
267
|
|
|
246
|
-
argon2_hash(ctx.t_cost, ctx.m_cost, ctx.threads, pwd, pwdlen, ctx.salt,
|
|
268
|
+
ret = argon2_hash(ctx.t_cost, ctx.m_cost, ctx.threads, pwd, pwdlen, ctx.salt,
|
|
247
269
|
ctx.saltlen, out, ctx.outlen, NULL, 0, type);
|
|
248
270
|
|
|
249
271
|
free(ctx.ad);
|
|
250
272
|
free(ctx.salt);
|
|
251
273
|
|
|
252
|
-
if (argon2_compare(out, ctx.out, ctx.outlen)) {
|
|
274
|
+
if (ret != ARGON2_OK || argon2_compare(out, ctx.out, ctx.outlen)) {
|
|
253
275
|
free(out);
|
|
254
276
|
free(ctx.out);
|
|
255
277
|
return ARGON2_DECODING_FAIL;
|
|
@@ -361,8 +361,7 @@ int validate_inputs(const argon2_context *context) {
|
|
|
361
361
|
return ARGON2_PWD_PTR_MISMATCH;
|
|
362
362
|
}
|
|
363
363
|
} else {
|
|
364
|
-
if (ARGON2_MIN_PWD_LENGTH
|
|
365
|
-
ARGON2_MIN_PWD_LENGTH > context->pwdlen) {
|
|
364
|
+
if (ARGON2_MIN_PWD_LENGTH > context->pwdlen) {
|
|
366
365
|
return ARGON2_PWD_TOO_SHORT;
|
|
367
366
|
}
|
|
368
367
|
|
|
@@ -171,7 +171,7 @@ void initial_hash(uint8_t *blockhash, argon2_context *context,
|
|
|
171
171
|
* @param blockhash Pointer to the pre-hashing digest
|
|
172
172
|
* @pre blockhash must point to @a PREHASH_SEED_LENGTH allocated values
|
|
173
173
|
*/
|
|
174
|
-
void
|
|
174
|
+
void fill_first_blocks(uint8_t *blockhash, const argon2_instance_t *instance);
|
|
175
175
|
|
|
176
176
|
/*
|
|
177
177
|
* Function allocates memory, hashes the inputs with Blake, and creates first
|
|
@@ -58,7 +58,7 @@
|
|
|
58
58
|
* Some macros for constant-time comparisons. These work over values in
|
|
59
59
|
* the 0..255 range. Returned value is 0x00 on "false", 0xFF on "true".
|
|
60
60
|
*/
|
|
61
|
-
#define EQ(x, y) ((((-((unsigned)(x) ^ (unsigned)(y))) >> 8) & 0xFF) ^ 0xFF)
|
|
61
|
+
#define EQ(x, y) ((((0U-((unsigned)(x) ^ (unsigned)(y))) >> 8) & 0xFF) ^ 0xFF)
|
|
62
62
|
#define GT(x, y) ((((unsigned)(y) - (unsigned)(x)) >> 8) & 0xFF)
|
|
63
63
|
#define GE(x, y) (GT(y, x) ^ 0xFF)
|
|
64
64
|
#define LT(x, y) GT(y, x)
|
|
@@ -122,11 +122,11 @@ static size_t to_base64(char *dst, size_t dst_len, const void *src,
|
|
|
122
122
|
acc_len += 8;
|
|
123
123
|
while (acc_len >= 6) {
|
|
124
124
|
acc_len -= 6;
|
|
125
|
-
*dst++ = b64_byte_to_char((acc >> acc_len) & 0x3F);
|
|
125
|
+
*dst++ = (char) b64_byte_to_char((acc >> acc_len) & 0x3F);
|
|
126
126
|
}
|
|
127
127
|
}
|
|
128
128
|
if (acc_len > 0) {
|
|
129
|
-
*dst++ = b64_byte_to_char((acc << (6 - acc_len)) & 0x3F);
|
|
129
|
+
*dst++ = (char) b64_byte_to_char((acc << (6 - acc_len)) & 0x3F);
|
|
130
130
|
}
|
|
131
131
|
*dst++ = 0;
|
|
132
132
|
return olen;
|
|
@@ -197,7 +197,6 @@ static const char *decode_decimal(const char *str, unsigned long *v) {
|
|
|
197
197
|
const char *orig;
|
|
198
198
|
unsigned long acc;
|
|
199
199
|
|
|
200
|
-
orig = str;
|
|
201
200
|
acc = 0;
|
|
202
201
|
for (orig = str;; str++) {
|
|
203
202
|
int c;
|
|
@@ -387,7 +386,7 @@ int encode_string(char *dst, size_t dst_len, argon2_context *ctx,
|
|
|
387
386
|
char tmp[30]; \
|
|
388
387
|
sprintf(tmp, "%lu", (unsigned long)(x)); \
|
|
389
388
|
SS(tmp); \
|
|
390
|
-
} while (0)
|
|
389
|
+
} while (0)
|
|
391
390
|
|
|
392
391
|
#define SB(buf, len) \
|
|
393
392
|
do { \
|
|
@@ -397,7 +396,7 @@ int encode_string(char *dst, size_t dst_len, argon2_context *ctx,
|
|
|
397
396
|
} \
|
|
398
397
|
dst += sb_len; \
|
|
399
398
|
dst_len -= sb_len; \
|
|
400
|
-
} while (0)
|
|
399
|
+
} while (0)
|
|
401
400
|
|
|
402
401
|
if (type == Argon2_i)
|
|
403
402
|
SS("$argon2i$m=");
|
|
@@ -27,6 +27,22 @@
|
|
|
27
27
|
#define THREADS_DEF 1
|
|
28
28
|
#define OUT_LEN 32
|
|
29
29
|
#define SALT_LEN 16
|
|
30
|
+
/* Sample encode: $argon2i$m=65536,t=2,p=4$c29tZXNhbHQAAAAAAAAAAA$QWLzI4TY9HkL2ZTLc8g6SinwdhZewYrzz9zxCo0bkGY
|
|
31
|
+
* Maximumum lengths are defined as:
|
|
32
|
+
* strlen $argon2i$ = 9
|
|
33
|
+
* m=65536 with strlen (uint32_t)-1 = 10, so this total is 12
|
|
34
|
+
* ,t=2,p=4 If we consider each number to potentially reach four digits in future, this = 14
|
|
35
|
+
* $c29tZXNhbHQAAAAAAAAAAA Formula for this is (SALT_LEN * 4 + 3) / 3 + 1 = 23
|
|
36
|
+
* $QWLzI4TY9HkL2ZTLc8g6SinwdhZewYrzz9zxCo0bkGY per above formula, = 44
|
|
37
|
+
* + NULL byte
|
|
38
|
+
* 9 + 12 + 14 + 23 + 44 + 1 = 103
|
|
39
|
+
* Rounded to 4 byte boundary: 104
|
|
40
|
+
*
|
|
41
|
+
* WARNING: 104 is only for the parameters supported by this
|
|
42
|
+
command-line utility. You'll need a longer ENCODED_LEN to support
|
|
43
|
+
longer salts and ouputs, as supported by the argon2 library
|
|
44
|
+
*/
|
|
45
|
+
#define ENCODED_LEN 108
|
|
30
46
|
|
|
31
47
|
#define UNUSED_PARAMETER(x) (void)(x)
|
|
32
48
|
|
|
@@ -67,8 +83,8 @@ static void run(uint8_t *out, char *pwd, uint8_t *salt, uint32_t t_cost,
|
|
|
67
83
|
uint32_t m_cost, uint32_t lanes, uint32_t threads,
|
|
68
84
|
argon2_type type) {
|
|
69
85
|
clock_t start_time, stop_time;
|
|
70
|
-
|
|
71
|
-
char encoded[
|
|
86
|
+
size_t pwdlen;
|
|
87
|
+
char encoded[ENCODED_LEN];
|
|
72
88
|
uint32_t i;
|
|
73
89
|
int result;
|
|
74
90
|
|
data/lib/argon2/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: argon2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Technion
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-11-
|
|
11
|
+
date: 2015-11-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi
|