argon2id 0.1.2-x64-mingw32 → 0.2.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e08dac3c5ae335fd51ca751fef00f6799d1fe54a0302d3c38fadd2b66ee9b03c
4
- data.tar.gz: e06bca0bde28b2efdbffb6a585f532fa5b6217cb976396a7e3a1ba1c4bd2558d
3
+ metadata.gz: b93bee30fecb1b2e58a9f40f9ea4951ea7ceffe803fba4e623d74d23b603fc34
4
+ data.tar.gz: 267003c78f40fae42ae2ab12a5e625868bc0e895e49d614c5401b18330cc1de0
5
5
  SHA512:
6
- metadata.gz: c3fb37d7cea17b9dc0cc5de519922b501e65ccef9ae07370c5a082542eaf99d90382fb4d3d4a6ad1f850f2dce5445e018f4bdd1ab2fb16df208d5896ebbd8689
7
- data.tar.gz: 1caa95453687c622a94cca9e2e05841ca9b877228a78b7d9a0b9fe724cee05f9edff956a00447b2a7186a8148f1da1c98c3c134f38a4b1df0431d0231804c99e
6
+ metadata.gz: e70e14499003fdc80819c3d537e5e6b031afe2cf2fbf61aa7094affbad5bf2d1a8d7541f4f641fd91a448cb8d28e1086f4028f60f42fa8729c4b8c5d2cdf04fb
7
+ data.tar.gz: dec8adce409e0dfc2e6c4e54a1fb02ce69572acf79526b04f8d877eb6b318cd8fd78c4653fc1bf4aa8a7acee8088301514cfb71f145752a60558b2ebdfd0af3e
data/CHANGELOG.md CHANGED
@@ -7,10 +7,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ## [0.1.2] - 2024-11-01
9
9
 
10
+ ### Added
11
+
12
+ - The original salt for an `Argon2id::Password` can now be retrieved with
13
+ `Argon2id::Password#salt`
14
+
15
+ ### Changed
16
+
17
+ - Encoded hashes are now validated when initialising an `Argon2id::Password`,
18
+ raising an `ArgumentError` if they are invalid
19
+
20
+ ## [0.1.2] - 2024-11-01
21
+
10
22
  ### Fixed
11
23
 
12
- - Validate that the encoded hash passed to Argon2id::Password.new is a
13
- null-terminated C string, raising an ArgumentError if it contains extra null
24
+ - Validate that the encoded hash passed to `Argon2id::Password.new` is a
25
+ null-terminated C string, raising an `ArgumentError` if it contains extra null
14
26
  bytes
15
27
 
16
28
  ## [0.1.1] - 2024-11-01
@@ -32,6 +44,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
32
44
  reference C implementation of Argon2, the password-hashing function that won
33
45
  the Password Hashing Competition.
34
46
 
47
+ [0.2.0]: https://github.com/mudge/argon2id/releases/tag/v0.2.0
35
48
  [0.1.2]: https://github.com/mudge/argon2id/releases/tag/v0.1.2
36
49
  [0.1.1]: https://github.com/mudge/argon2id/releases/tag/v0.1.1
37
50
  [0.1.0]: https://github.com/mudge/argon2id/releases/tag/v0.1.0
data/README.md CHANGED
@@ -5,17 +5,17 @@ function that won the 2015 [Password Hashing Competition][].
5
5
 
6
6
  [![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
7
7
 
8
- **Current version:** 0.1.2
8
+ **Current version:** 0.2.0
9
9
  **Bundled Argon2 version:** libargon2.1 (20190702)
10
10
 
11
11
  ```ruby
12
- Argon2::Password.create("opensesame").to_s
12
+ Argon2id::Password.create("opensesame").to_s
13
13
  #=> "$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU"
14
14
 
15
- Argon2::Password.create("opensesame") == "opensesame"
15
+ Argon2id::Password.create("opensesame") == "opensesame"
16
16
  #=> true
17
17
 
18
- Argon2::Password.new("$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU") == "opensesame"
18
+ Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU") == "opensesame"
19
19
  #=> true
20
20
  ```
21
21
 
@@ -142,6 +142,14 @@ password.is_password?("opensesame") #=> true
142
142
  password.is_password?("notopensesame") #=> false
143
143
  ```
144
144
 
145
+ The original salt for a password can be retrieved with `Argon2id::Password#salt`:
146
+
147
+ ```ruby
148
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
149
+ password.salt
150
+ #=> "somesalt"
151
+ ```
152
+
145
153
  ### Errors
146
154
 
147
155
  Any errors returned from Argon2 will be raised as `Argon2id::Error`, e.g.
data/argon2id.gemspec CHANGED
@@ -53,6 +53,7 @@ Gem::Specification.new do |s|
53
53
  ]
54
54
  s.rdoc_options = ["--main", "README.md"]
55
55
 
56
+ s.add_runtime_dependency("base64")
56
57
  s.add_development_dependency("rake-compiler", "~> 1.2")
57
58
  s.add_development_dependency("rake-compiler-dock", "~> 1.5")
58
59
  s.add_development_dependency("minitest", "~> 5.25")
data/lib/2.6/argon2id.so CHANGED
Binary file
data/lib/2.7/argon2id.so CHANGED
Binary file
data/lib/3.0/argon2id.so CHANGED
Binary file
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "base64"
3
4
  require "openssl"
4
5
 
5
6
  module Argon2id
@@ -17,9 +18,28 @@ module Argon2id
17
18
  # password == "password"
18
19
  # #=> true
19
20
  class Password
21
+ # A regular expression to match valid hashes.
22
+ PATTERN = %r{
23
+ \A
24
+ \$
25
+ argon2(?:id|i|d)
26
+ (?:\$v=\d+)?
27
+ \$m=\d+
28
+ ,t=\d+
29
+ ,p=\d+
30
+ \$
31
+ (?<base64_salt>[a-zA-Z0-9+/]+)
32
+ \$
33
+ [a-zA-Z0-9+/]+
34
+ \z
35
+ }x.freeze
36
+
20
37
  # The encoded password hash.
21
38
  attr_reader :encoded
22
39
 
40
+ # The salt.
41
+ attr_reader :salt
42
+
23
43
  # Create a new Password object that hashes a given plain text password +pwd+.
24
44
  #
25
45
  # - +:t_cost+: integer (default 2) the "time cost" given as a number of iterations
@@ -57,8 +77,13 @@ module Argon2id
57
77
  # Create a new Password with the given encoded password hash.
58
78
  #
59
79
  # password = Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$FI8yp1gXbthJCskBlpKPoQ$nOfCCpS2r+I8GRN71cZND4cskn7YKBNzuHUEO3YpY2s")
80
+ #
81
+ # Raises an ArgumentError if given an invalid hash.
60
82
  def initialize(encoded)
83
+ raise ArgumentError, "invalid hash" unless PATTERN =~ encoded
84
+
61
85
  @encoded = encoded
86
+ @salt = Base64.decode64(Regexp.last_match(:base64_salt))
62
87
  end
63
88
 
64
89
  # Return the encoded password hash.
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Argon2id
4
- VERSION = "0.1.2"
4
+ VERSION = "0.2.0"
5
5
  end
data/lib/argon2id.rb CHANGED
@@ -15,7 +15,7 @@ module Argon2id
15
15
  DEFAULT_T_COST = 2
16
16
 
17
17
  # The default "memory cost" of 19 mebibytes recommended by OWASP.
18
- DEFAULT_M_COST = 19456
18
+ DEFAULT_M_COST = 19_456
19
19
 
20
20
  # The default 1 thread and compute lane recommended by OWASP.
21
21
  DEFAULT_PARALLELISM = 1
@@ -74,13 +74,33 @@ class TestPassword < Minitest::Test
74
74
  refute password.is_password?("notopensesame")
75
75
  end
76
76
 
77
- def test_raises_if_verifying_with_invalid_encoded_password
78
- password = Argon2id::Password.new("invalid")
77
+ def test_salt_returns_the_original_salt
78
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
79
79
 
80
- error = assert_raises(Argon2id::Error) do
81
- password.is_password?("opensesame")
80
+ assert_equal "somesalt", password.salt
81
+ end
82
+
83
+ def test_salt_returns_raw_bytes
84
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw$lB3724qLPL9MNi10lkvIb4VxIk3q841CLvq0WTCZ0VQ")
85
+
86
+ assert_equal "*b1\xAD{\xF8\x96\xB9\xD2$\xF3\xB4,\xDE\xC6w".b, password.salt
87
+ end
88
+
89
+ def test_raises_for_invalid_hashes
90
+ assert_raises(ArgumentError) do
91
+ Argon2id::Password.new("not a valid hash")
82
92
  end
93
+ end
94
+
95
+ def test_raises_for_partial_hashes
96
+ assert_raises(ArgumentError) do
97
+ Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw")
98
+ end
99
+ end
100
+
101
+ def test_salt_supports_versionless_hashes
102
+ password = Argon2id::Password.new("$argon2id$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
83
103
 
84
- assert_equal "Decoding failed", error.message
104
+ assert_equal "somesalt", password.salt
85
105
  end
86
106
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: argon2id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.2.0
5
5
  platform: x64-mingw32
6
6
  authors:
7
7
  - Paul Mucur
@@ -10,6 +10,20 @@ bindir: bin
10
10
  cert_chain: []
11
11
  date: 2024-11-01 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: base64
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: rake-compiler
15
29
  requirement: !ruby/object:Gem::Requirement