argon2id 0.1.1-x86-linux → 0.1.2-x86-linux

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 991614aa16fc490d32e1e6c6f7cbf8a7069113e05a501960439cd54e3e8025b1
4
- data.tar.gz: 131e523d7dcac4e5a583d18827503815d2975a7c7d61d8dd19aab382f177d437
3
+ metadata.gz: e1f63546707d0e46aee9885bdefe53e2ad60fe73e09bbe39edf49a2b51c18b36
4
+ data.tar.gz: 5c41079e11b83b3383fe01af5ce6d2e9e92db960062b75250c27b45b8f657ae1
5
5
  SHA512:
6
- metadata.gz: f614191e7c7446f838931229a2d077946299d5f8cf173971fcc9d707523ab3b3a8dd9b871dba0098579bd54b8f8786ccc98dcd86fe6cab00bf8439f593fcbc77
7
- data.tar.gz: 4bc28a7588ddfe388d3f1a5cbd44b832ab40c9e0c7f4626c640f33c1cd6686642185b7c89a0b064d8bc430ad26359f2cde071476730074cbbf988461c4c2a095
6
+ metadata.gz: e96bca7cadf7b08f3c02ea4b623732fd6d25cca5cedc8793ca272d40339b904ae18ca67bfc12c505dead8a1488d8687d5218063750267164907f45490f53201c
7
+ data.tar.gz: d4585b583d27e9043545068a1683771dcb54b2d2f1b95afc5859c4930170dfc93002dd82d76bfdcf0728ac21ff7fab4467696ead4d3c0584388b8e0e91cf2b7d
data/CHANGELOG.md CHANGED
@@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file.
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6
6
  and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
7
 
8
+ ## [0.1.2] - 2024-11-01
9
+
10
+ ### Fixed
11
+
12
+ - Validate that the encoded hash passed to Argon2id::Password.new is a
13
+ null-terminated C string, raising an ArgumentError if it contains extra null
14
+ bytes
15
+
8
16
  ## [0.1.1] - 2024-11-01
9
17
 
10
18
  ### Added
@@ -24,5 +32,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
24
32
  reference C implementation of Argon2, the password-hashing function that won
25
33
  the Password Hashing Competition.
26
34
 
35
+ [0.1.2]: https://github.com/mudge/argon2id/releases/tag/v0.1.2
27
36
  [0.1.1]: https://github.com/mudge/argon2id/releases/tag/v0.1.1
28
37
  [0.1.0]: https://github.com/mudge/argon2id/releases/tag/v0.1.0
data/README.md CHANGED
@@ -5,7 +5,7 @@ function that won the 2015 [Password Hashing Competition][].
5
5
 
6
6
  [![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
7
7
 
8
- **Current version:** 0.1.1
8
+ **Current version:** 0.1.2
9
9
  **Bundled Argon2 version:** libargon2.1 (20190702)
10
10
 
11
11
  ```ruby
@@ -176,11 +176,11 @@ notes](https://github.com/mudge/argon2id/releases) for each version and can be
176
176
  checked with `sha256sum`, e.g.
177
177
 
178
178
  ```console
179
- $ gem fetch argon2id -v 0.1.0
180
- Fetching argon2id-0.1.0-arm64-darwin.gem
181
- Downloaded argon2id-0.1.0-arm64-darwin
182
- $ sha256sum argon2id-0.1.0-arm64-darwin.gem
183
- 652ba4ebe4176c3fa944652b5db3bee52670c1e6b76632f921dd1455ec0810aa argon2id-0.1.0-arm64-darwin.gem
179
+ $ gem fetch argon2id -v 0.1.1
180
+ Fetching argon2id-0.1.1-arm64-darwin.gem
181
+ Downloaded argon2id-0.1.1-arm64-darwin
182
+ $ sha256sum argon2id-0.1.1-arm64-darwin.gem
183
+ 8d47464edf847ca52c1d41cac1a9feff376e9a1e7c0a98ab58df846990caa1bb argon2id-0.1.1-arm64-darwin.gem
184
184
  ```
185
185
 
186
186
  [GPG](https://www.gnupg.org/) signatures are attached to each release (the
@@ -190,8 +190,8 @@ from a public keyserver, e.g. `gpg --keyserver keyserver.ubuntu.com --recv-key
190
190
  0x39AC3530070E0F75`):
191
191
 
192
192
  ```console
193
- $ gpg --verify argon2id-0.1.0-arm64-darwin.gem.sig argon2id-0.1.0-arm64-darwin.gem
194
- gpg: Signature made Thu 31 Oct 16:09:45 2024 GMT
193
+ $ gpg --verify argon2id-0.1.1-arm64-darwin.gem.sig argon2id-0.1.1-arm64-darwin.gem
194
+ gpg: Signature made Fri 1 Nov 07:24:16 2024 GMT
195
195
  gpg: using RSA key 702609D9C790F45B577D7BEC39AC3530070E0F75
196
196
  gpg: Good signature from "Paul Mucur <mudge@mudge.name>" [unknown]
197
197
  gpg: aka "Paul Mucur <paul@ghostcassette.com>" [unknown]
@@ -7,7 +7,7 @@
7
7
 
8
8
  VALUE mArgon2id, cArgon2idError;
9
9
 
10
- /* call-seq: Argon2id.hash_encode(t_cost, m_cost, parallelism, pwd, salt, output_len)
10
+ /* call-seq: hash_encoded(t_cost, m_cost, parallelism, pwd, salt, output_len)
11
11
  *
12
12
  * Hashes a password with Argon2id, producing an encoded hash.
13
13
  *
@@ -53,7 +53,7 @@ rb_argon2id_hash_encoded(VALUE module, VALUE iterations, VALUE memory, VALUE thr
53
53
  return hash;
54
54
  }
55
55
 
56
- /* call-seq: Argon2id.verify(encoded, pwd)
56
+ /* call-seq: verify(encoded, pwd)
57
57
  *
58
58
  * Verifies a password against an encoded string.
59
59
  */
@@ -63,7 +63,7 @@ rb_argon2id_verify(VALUE module, VALUE encoded, VALUE pwd) {
63
63
 
64
64
  UNUSED(module);
65
65
 
66
- result = argon2id_verify(StringValuePtr(encoded), StringValuePtr(pwd), RSTRING_LEN(pwd));
66
+ result = argon2id_verify(StringValueCStr(encoded), StringValuePtr(pwd), RSTRING_LEN(pwd));
67
67
  if (result == ARGON2_OK) {
68
68
  return Qtrue;
69
69
  }
data/lib/2.6/argon2id.so CHANGED
Binary file
data/lib/2.7/argon2id.so CHANGED
Binary file
data/lib/3.0/argon2id.so CHANGED
Binary file
data/lib/3.1/argon2id.so CHANGED
Binary file
data/lib/3.2/argon2id.so CHANGED
Binary file
data/lib/3.3/argon2id.so CHANGED
Binary file
@@ -17,15 +17,28 @@ module Argon2id
17
17
  # password == "password"
18
18
  # #=> true
19
19
  class Password
20
+ # The encoded password hash.
20
21
  attr_reader :encoded
21
22
 
22
- # Create a new Password object that hashes a given plain text password.
23
+ # Create a new Password object that hashes a given plain text password +pwd+.
23
24
  #
24
25
  # - +:t_cost+: integer (default 2) the "time cost" given as a number of iterations
25
26
  # - +:m_cost+: integer (default 19456) the "memory cost" given in kibibytes
26
27
  # - +:parallelism+: integer (default 1) the number of threads and compute lanes to use
27
28
  # - +:salt_len+: integer (default 16) the salt size in bytes
28
29
  # - +:output_len+: integer (default 32) the desired length of the hash in bytes
30
+ #
31
+ # For example, with the default configuration:
32
+ #
33
+ # password = Argon2id::Password.create("password")
34
+ # password.to_s
35
+ # #=> "$argon2id$v=19$m=19456,t=2,p=1$FI8yp1gXbthJCskBlpKPoQ$nOfCCpS2r+I8GRN71cZND4cskn7YKBNzuHUEO3YpY2s"
36
+ #
37
+ # When overriding the configuration:
38
+ #
39
+ # password = Argon2id::Password.create("password", t_cost: 3, m_cost: 12288)
40
+ # password.to_s
41
+ # #=> "$argon2id$v=19$m=12288,t=3,p=1$JigW7fFn+N3NImt+aWpuzw$eM5F1cKeIBALNTU6LuWra75Zi2nymGvQLWzJzVFv0Nc"
29
42
  def self.create(pwd, t_cost: Argon2id.t_cost, m_cost: Argon2id.m_cost, parallelism: Argon2id.parallelism, salt_len: Argon2id.salt_len, output_len: Argon2id.output_len)
30
43
  new(
31
44
  Argon2id.hash_encoded(
@@ -42,6 +55,8 @@ module Argon2id
42
55
  # call-seq: Argon2id::Password.new(encoded)
43
56
  #
44
57
  # Create a new Password with the given encoded password hash.
58
+ #
59
+ # password = Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$FI8yp1gXbthJCskBlpKPoQ$nOfCCpS2r+I8GRN71cZND4cskn7YKBNzuHUEO3YpY2s")
45
60
  def initialize(encoded)
46
61
  @encoded = encoded
47
62
  end
@@ -53,6 +68,10 @@ module Argon2id
53
68
 
54
69
  # Compare the password with given plain text, returning true if it verifies
55
70
  # successfully.
71
+ #
72
+ # password = Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$FI8yp1gXbthJCskBlpKPoQ$nOfCCpS2r+I8GRN71cZND4cskn7YKBNzuHUEO3YpY2s")
73
+ # password == "password" #=> true
74
+ # password == "notpassword" #=> false
56
75
  def ==(other)
57
76
  Argon2id.verify(encoded, String(other))
58
77
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Argon2id
4
- VERSION = "0.1.1"
4
+ VERSION = "0.1.2"
5
5
  end
data/lib/argon2id.rb CHANGED
@@ -11,10 +11,19 @@ require "argon2id/version"
11
11
  require "argon2id/password"
12
12
 
13
13
  module Argon2id
14
+ # The default "time cost" of 2 iterations recommended by OWASP.
14
15
  DEFAULT_T_COST = 2
16
+
17
+ # The default "memory cost" of 19 mebibytes recommended by OWASP.
15
18
  DEFAULT_M_COST = 19456
19
+
20
+ # The default 1 thread and compute lane recommended by OWASP.
16
21
  DEFAULT_PARALLELISM = 1
22
+
23
+ # The default salt length of 16 bytes.
17
24
  DEFAULT_SALT_LEN = 16
25
+
26
+ # The default desired hash length of 32 bytes.
18
27
  DEFAULT_OUTPUT_LEN = 32
19
28
 
20
29
  @t_cost = DEFAULT_T_COST
data/test/test_verify.rb CHANGED
@@ -5,15 +5,17 @@ require "argon2id"
5
5
 
6
6
  class TestVerify < Minitest::Test
7
7
  def test_returns_true_with_correct_password
8
- encoded = Argon2id.hash_encoded(2, 256, 1, "password", "somesalt", 32)
9
-
10
- assert Argon2id.verify(encoded, "password")
8
+ assert Argon2id.verify(
9
+ "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4",
10
+ "password"
11
+ )
11
12
  end
12
13
 
13
14
  def test_returns_false_with_incorrect_password
14
- encoded = Argon2id.hash_encoded(2, 256, 1, "password", "somesalt", 32)
15
-
16
- refute Argon2id.verify(encoded, "notopensesame")
15
+ refute Argon2id.verify(
16
+ "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4",
17
+ "not password"
18
+ )
17
19
  end
18
20
 
19
21
  def test_raises_if_given_invalid_encoded
@@ -21,4 +23,13 @@ class TestVerify < Minitest::Test
21
23
  Argon2id.verify("", "opensesame")
22
24
  end
23
25
  end
26
+
27
+ def test_raises_if_given_encoded_with_null_byte
28
+ assert_raises(ArgumentError) do
29
+ Argon2id.verify(
30
+ "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4\x00foo",
31
+ "password"
32
+ )
33
+ end
34
+ end
24
35
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: argon2id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  platform: x86-linux
6
6
  authors:
7
7
  - Paul Mucur