argon2id 0.1.2-x64-mingw32 → 0.2.1-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e08dac3c5ae335fd51ca751fef00f6799d1fe54a0302d3c38fadd2b66ee9b03c
4
- data.tar.gz: e06bca0bde28b2efdbffb6a585f532fa5b6217cb976396a7e3a1ba1c4bd2558d
3
+ metadata.gz: 5395f231b2bff729f42af21bd4110639718b0521035d81031cf562d6ddea69a1
4
+ data.tar.gz: a9a7f5af397fe14a6904c949e58751bf023d584f8dbd07d6314613f5d2cce3dd
5
5
  SHA512:
6
- metadata.gz: c3fb37d7cea17b9dc0cc5de519922b501e65ccef9ae07370c5a082542eaf99d90382fb4d3d4a6ad1f850f2dce5445e018f4bdd1ab2fb16df208d5896ebbd8689
7
- data.tar.gz: 1caa95453687c622a94cca9e2e05841ca9b877228a78b7d9a0b9fe724cee05f9edff956a00447b2a7186a8148f1da1c98c3c134f38a4b1df0431d0231804c99e
6
+ metadata.gz: 0f22d13183885d4eff14b810819ce4b2de7041337d4f3b1102ac3b3d23940ee886de48369f63a59203de42ef98f040b1e5d9791222c2e7f36a4eb103c94570f5
7
+ data.tar.gz: e1e162e8235505a37dec163cd31f456b4e3443532d0408fd412c1134370176f455bea1492985d46e7dff27b403c6a084684e5badc323836c41fbf5102fe6f706
data/CHANGELOG.md CHANGED
@@ -5,12 +5,31 @@ All notable changes to this project will be documented in this file.
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6
6
  and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
7
 
8
+ ## [0.2.1] - 2024-11-01
9
+
10
+ ### Added
11
+
12
+ - Anything that can be coerced to a String can now be passed to
13
+ `Argon2id::Password.new`
14
+
15
+ ## [0.2.0] - 2024-11-01
16
+
17
+ ### Added
18
+
19
+ - The original salt for an `Argon2id::Password` can now be retrieved with
20
+ `Argon2id::Password#salt`
21
+
22
+ ### Changed
23
+
24
+ - Encoded hashes are now validated when initialising an `Argon2id::Password`,
25
+ raising an `ArgumentError` if they are invalid
26
+
8
27
  ## [0.1.2] - 2024-11-01
9
28
 
10
29
  ### Fixed
11
30
 
12
- - Validate that the encoded hash passed to Argon2id::Password.new is a
13
- null-terminated C string, raising an ArgumentError if it contains extra null
31
+ - Validate that the encoded hash passed to `Argon2id::Password.new` is a
32
+ null-terminated C string, raising an `ArgumentError` if it contains extra null
14
33
  bytes
15
34
 
16
35
  ## [0.1.1] - 2024-11-01
@@ -32,6 +51,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
32
51
  reference C implementation of Argon2, the password-hashing function that won
33
52
  the Password Hashing Competition.
34
53
 
54
+ [0.2.1]: https://github.com/mudge/argon2id/releases/tag/v0.2.1
55
+ [0.2.0]: https://github.com/mudge/argon2id/releases/tag/v0.2.0
35
56
  [0.1.2]: https://github.com/mudge/argon2id/releases/tag/v0.1.2
36
57
  [0.1.1]: https://github.com/mudge/argon2id/releases/tag/v0.1.1
37
58
  [0.1.0]: https://github.com/mudge/argon2id/releases/tag/v0.1.0
data/README.md CHANGED
@@ -5,17 +5,17 @@ function that won the 2015 [Password Hashing Competition][].
5
5
 
6
6
  [![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
7
7
 
8
- **Current version:** 0.1.2
8
+ **Current version:** 0.2.1
9
9
  **Bundled Argon2 version:** libargon2.1 (20190702)
10
10
 
11
11
  ```ruby
12
- Argon2::Password.create("opensesame").to_s
12
+ Argon2id::Password.create("opensesame").to_s
13
13
  #=> "$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU"
14
14
 
15
- Argon2::Password.create("opensesame") == "opensesame"
15
+ Argon2id::Password.create("opensesame") == "opensesame"
16
16
  #=> true
17
17
 
18
- Argon2::Password.new("$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU") == "opensesame"
18
+ Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU") == "opensesame"
19
19
  #=> true
20
20
  ```
21
21
 
@@ -142,6 +142,14 @@ password.is_password?("opensesame") #=> true
142
142
  password.is_password?("notopensesame") #=> false
143
143
  ```
144
144
 
145
+ The original salt for a password can be retrieved with `Argon2id::Password#salt`:
146
+
147
+ ```ruby
148
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
149
+ password.salt
150
+ #=> "somesalt"
151
+ ```
152
+
145
153
  ### Errors
146
154
 
147
155
  Any errors returned from Argon2 will be raised as `Argon2id::Error`, e.g.
@@ -176,11 +184,11 @@ notes](https://github.com/mudge/argon2id/releases) for each version and can be
176
184
  checked with `sha256sum`, e.g.
177
185
 
178
186
  ```console
179
- $ gem fetch argon2id -v 0.1.1
180
- Fetching argon2id-0.1.1-arm64-darwin.gem
181
- Downloaded argon2id-0.1.1-arm64-darwin
182
- $ sha256sum argon2id-0.1.1-arm64-darwin.gem
183
- 8d47464edf847ca52c1d41cac1a9feff376e9a1e7c0a98ab58df846990caa1bb argon2id-0.1.1-arm64-darwin.gem
187
+ $ gem fetch argon2id -v 0.2.0
188
+ Fetching argon2id-0.2.0-arm64-darwin.gem
189
+ Downloaded argon2id-0.2.0-arm64-darwin
190
+ $ sha256sum argon2id-0.2.0-arm64-darwin.gem
191
+ ce1fa632393e814da750f44146dc6de1353e4b24746fb94f6f4ea748b9dad26b argon2id-0.2.0-arm64-darwin.gem
184
192
  ```
185
193
 
186
194
  [GPG](https://www.gnupg.org/) signatures are attached to each release (the
@@ -190,8 +198,8 @@ from a public keyserver, e.g. `gpg --keyserver keyserver.ubuntu.com --recv-key
190
198
  0x39AC3530070E0F75`):
191
199
 
192
200
  ```console
193
- $ gpg --verify argon2id-0.1.1-arm64-darwin.gem.sig argon2id-0.1.1-arm64-darwin.gem
194
- gpg: Signature made Fri 1 Nov 07:24:16 2024 GMT
201
+ $ gpg --verify argon2id-0.2.0-arm64-darwin.gem.sig argon2id-0.2.0-arm64-darwin.gem
202
+ gpg: Signature made Fri 1 Nov 14:48:57 2024 GMT
195
203
  gpg: using RSA key 702609D9C790F45B577D7BEC39AC3530070E0F75
196
204
  gpg: Good signature from "Paul Mucur <mudge@mudge.name>" [unknown]
197
205
  gpg: aka "Paul Mucur <paul@ghostcassette.com>" [unknown]
data/argon2id.gemspec CHANGED
@@ -53,6 +53,7 @@ Gem::Specification.new do |s|
53
53
  ]
54
54
  s.rdoc_options = ["--main", "README.md"]
55
55
 
56
+ s.add_runtime_dependency("base64")
56
57
  s.add_development_dependency("rake-compiler", "~> 1.2")
57
58
  s.add_development_dependency("rake-compiler-dock", "~> 1.5")
58
59
  s.add_development_dependency("minitest", "~> 5.25")
data/lib/2.6/argon2id.so CHANGED
Binary file
data/lib/2.7/argon2id.so CHANGED
Binary file
data/lib/3.0/argon2id.so CHANGED
Binary file
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "base64"
3
4
  require "openssl"
4
5
 
5
6
  module Argon2id
@@ -17,9 +18,28 @@ module Argon2id
17
18
  # password == "password"
18
19
  # #=> true
19
20
  class Password
21
+ # A regular expression to match valid hashes.
22
+ PATTERN = %r{
23
+ \A
24
+ \$
25
+ argon2(?:id|i|d)
26
+ (?:\$v=\d+)?
27
+ \$m=\d+
28
+ ,t=\d+
29
+ ,p=\d+
30
+ \$
31
+ (?<base64_salt>[a-zA-Z0-9+/]+)
32
+ \$
33
+ [a-zA-Z0-9+/]+
34
+ \z
35
+ }x.freeze
36
+
20
37
  # The encoded password hash.
21
38
  attr_reader :encoded
22
39
 
40
+ # The salt.
41
+ attr_reader :salt
42
+
23
43
  # Create a new Password object that hashes a given plain text password +pwd+.
24
44
  #
25
45
  # - +:t_cost+: integer (default 2) the "time cost" given as a number of iterations
@@ -57,8 +77,13 @@ module Argon2id
57
77
  # Create a new Password with the given encoded password hash.
58
78
  #
59
79
  # password = Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$FI8yp1gXbthJCskBlpKPoQ$nOfCCpS2r+I8GRN71cZND4cskn7YKBNzuHUEO3YpY2s")
80
+ #
81
+ # Raises an ArgumentError if given an invalid hash.
60
82
  def initialize(encoded)
61
- @encoded = encoded
83
+ raise ArgumentError, "invalid hash" unless PATTERN =~ String(encoded)
84
+
85
+ @encoded = Regexp.last_match(0)
86
+ @salt = Base64.decode64(Regexp.last_match(1))
62
87
  end
63
88
 
64
89
  # Return the encoded password hash.
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Argon2id
4
- VERSION = "0.1.2"
4
+ VERSION = "0.2.1"
5
5
  end
data/lib/argon2id.rb CHANGED
@@ -15,7 +15,7 @@ module Argon2id
15
15
  DEFAULT_T_COST = 2
16
16
 
17
17
  # The default "memory cost" of 19 mebibytes recommended by OWASP.
18
- DEFAULT_M_COST = 19456
18
+ DEFAULT_M_COST = 19_456
19
19
 
20
20
  # The default 1 thread and compute lane recommended by OWASP.
21
21
  DEFAULT_PARALLELISM = 1
@@ -74,13 +74,39 @@ class TestPassword < Minitest::Test
74
74
  refute password.is_password?("notopensesame")
75
75
  end
76
76
 
77
- def test_raises_if_verifying_with_invalid_encoded_password
78
- password = Argon2id::Password.new("invalid")
77
+ def test_salt_returns_the_original_salt
78
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
79
79
 
80
- error = assert_raises(Argon2id::Error) do
81
- password.is_password?("opensesame")
80
+ assert_equal "somesalt", password.salt
81
+ end
82
+
83
+ def test_salt_returns_raw_bytes
84
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw$lB3724qLPL9MNi10lkvIb4VxIk3q841CLvq0WTCZ0VQ")
85
+
86
+ assert_equal "*b1\xAD{\xF8\x96\xB9\xD2$\xF3\xB4,\xDE\xC6w".b, password.salt
87
+ end
88
+
89
+ def test_raises_for_invalid_hashes
90
+ assert_raises(ArgumentError) do
91
+ Argon2id::Password.new("not a valid hash")
82
92
  end
93
+ end
94
+
95
+ def test_raises_for_partial_hashes
96
+ assert_raises(ArgumentError) do
97
+ Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw")
98
+ end
99
+ end
100
+
101
+ def test_salt_supports_versionless_hashes
102
+ password = Argon2id::Password.new("$argon2id$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
103
+
104
+ assert_equal "somesalt", password.salt
105
+ end
106
+
107
+ def test_coerces_given_hash_to_string
108
+ password = Argon2id::Password.create("password")
83
109
 
84
- assert_equal "Decoding failed", error.message
110
+ assert Argon2id::Password.new(password) == "password"
85
111
  end
86
112
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: argon2id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.2.1
5
5
  platform: x64-mingw32
6
6
  authors:
7
7
  - Paul Mucur
@@ -10,6 +10,20 @@ bindir: bin
10
10
  cert_chain: []
11
11
  date: 2024-11-01 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: base64
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: rake-compiler
15
29
  requirement: !ruby/object:Gem::Requirement