argon2id 0.1.2-x86-linux → 0.2.0-x86-linux

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e1f63546707d0e46aee9885bdefe53e2ad60fe73e09bbe39edf49a2b51c18b36
4
- data.tar.gz: 5c41079e11b83b3383fe01af5ce6d2e9e92db960062b75250c27b45b8f657ae1
3
+ metadata.gz: 856f05288f1c391b7a2e0fa02106ae7ecff332a75c882234ba1521c060e35baf
4
+ data.tar.gz: 3f7761affd039e53dd979ab1064e25598773a5b5723e7dec1d0c8b5a890e3c92
5
5
  SHA512:
6
- metadata.gz: e96bca7cadf7b08f3c02ea4b623732fd6d25cca5cedc8793ca272d40339b904ae18ca67bfc12c505dead8a1488d8687d5218063750267164907f45490f53201c
7
- data.tar.gz: d4585b583d27e9043545068a1683771dcb54b2d2f1b95afc5859c4930170dfc93002dd82d76bfdcf0728ac21ff7fab4467696ead4d3c0584388b8e0e91cf2b7d
6
+ metadata.gz: 2afcc7f9524863a2df47a11a15756ea998f8b405fad1b3616cb379dfa90cb194961c938a5c7b8e29cdd23edc90e8633acde091746735992474b794a12cf59191
7
+ data.tar.gz: 640526ac7b13260f9303bacebf9995f9dc7240d3852053973f035ae9096e5449f24d0cd41509592b36fa770f9994a63195c2941a2a4c45b156ee8f216fe4ceb5
data/CHANGELOG.md CHANGED
@@ -7,10 +7,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ## [0.1.2] - 2024-11-01
9
9
 
10
+ ### Added
11
+
12
+ - The original salt for an `Argon2id::Password` can now be retrieved with
13
+ `Argon2id::Password#salt`
14
+
15
+ ### Changed
16
+
17
+ - Encoded hashes are now validated when initialising an `Argon2id::Password`,
18
+ raising an `ArgumentError` if they are invalid
19
+
20
+ ## [0.1.2] - 2024-11-01
21
+
10
22
  ### Fixed
11
23
 
12
- - Validate that the encoded hash passed to Argon2id::Password.new is a
13
- null-terminated C string, raising an ArgumentError if it contains extra null
24
+ - Validate that the encoded hash passed to `Argon2id::Password.new` is a
25
+ null-terminated C string, raising an `ArgumentError` if it contains extra null
14
26
  bytes
15
27
 
16
28
  ## [0.1.1] - 2024-11-01
@@ -32,6 +44,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
32
44
  reference C implementation of Argon2, the password-hashing function that won
33
45
  the Password Hashing Competition.
34
46
 
47
+ [0.2.0]: https://github.com/mudge/argon2id/releases/tag/v0.2.0
35
48
  [0.1.2]: https://github.com/mudge/argon2id/releases/tag/v0.1.2
36
49
  [0.1.1]: https://github.com/mudge/argon2id/releases/tag/v0.1.1
37
50
  [0.1.0]: https://github.com/mudge/argon2id/releases/tag/v0.1.0
data/README.md CHANGED
@@ -5,17 +5,17 @@ function that won the 2015 [Password Hashing Competition][].
5
5
 
6
6
  [![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
7
7
 
8
- **Current version:** 0.1.2
8
+ **Current version:** 0.2.0
9
9
  **Bundled Argon2 version:** libargon2.1 (20190702)
10
10
 
11
11
  ```ruby
12
- Argon2::Password.create("opensesame").to_s
12
+ Argon2id::Password.create("opensesame").to_s
13
13
  #=> "$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU"
14
14
 
15
- Argon2::Password.create("opensesame") == "opensesame"
15
+ Argon2id::Password.create("opensesame") == "opensesame"
16
16
  #=> true
17
17
 
18
- Argon2::Password.new("$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU") == "opensesame"
18
+ Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU") == "opensesame"
19
19
  #=> true
20
20
  ```
21
21
 
@@ -142,6 +142,14 @@ password.is_password?("opensesame") #=> true
142
142
  password.is_password?("notopensesame") #=> false
143
143
  ```
144
144
 
145
+ The original salt for a password can be retrieved with `Argon2id::Password#salt`:
146
+
147
+ ```ruby
148
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
149
+ password.salt
150
+ #=> "somesalt"
151
+ ```
152
+
145
153
  ### Errors
146
154
 
147
155
  Any errors returned from Argon2 will be raised as `Argon2id::Error`, e.g.
data/argon2id.gemspec CHANGED
@@ -53,6 +53,7 @@ Gem::Specification.new do |s|
53
53
  ]
54
54
  s.rdoc_options = ["--main", "README.md"]
55
55
 
56
+ s.add_runtime_dependency("base64")
56
57
  s.add_development_dependency("rake-compiler", "~> 1.2")
57
58
  s.add_development_dependency("rake-compiler-dock", "~> 1.5")
58
59
  s.add_development_dependency("minitest", "~> 5.25")
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "base64"
3
4
  require "openssl"
4
5
 
5
6
  module Argon2id
@@ -17,9 +18,28 @@ module Argon2id
17
18
  # password == "password"
18
19
  # #=> true
19
20
  class Password
21
+ # A regular expression to match valid hashes.
22
+ PATTERN = %r{
23
+ \A
24
+ \$
25
+ argon2(?:id|i|d)
26
+ (?:\$v=\d+)?
27
+ \$m=\d+
28
+ ,t=\d+
29
+ ,p=\d+
30
+ \$
31
+ (?<base64_salt>[a-zA-Z0-9+/]+)
32
+ \$
33
+ [a-zA-Z0-9+/]+
34
+ \z
35
+ }x.freeze
36
+
20
37
  # The encoded password hash.
21
38
  attr_reader :encoded
22
39
 
40
+ # The salt.
41
+ attr_reader :salt
42
+
23
43
  # Create a new Password object that hashes a given plain text password +pwd+.
24
44
  #
25
45
  # - +:t_cost+: integer (default 2) the "time cost" given as a number of iterations
@@ -57,8 +77,13 @@ module Argon2id
57
77
  # Create a new Password with the given encoded password hash.
58
78
  #
59
79
  # password = Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$FI8yp1gXbthJCskBlpKPoQ$nOfCCpS2r+I8GRN71cZND4cskn7YKBNzuHUEO3YpY2s")
80
+ #
81
+ # Raises an ArgumentError if given an invalid hash.
60
82
  def initialize(encoded)
83
+ raise ArgumentError, "invalid hash" unless PATTERN =~ encoded
84
+
61
85
  @encoded = encoded
86
+ @salt = Base64.decode64(Regexp.last_match(:base64_salt))
62
87
  end
63
88
 
64
89
  # Return the encoded password hash.
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Argon2id
4
- VERSION = "0.1.2"
4
+ VERSION = "0.2.0"
5
5
  end
data/lib/argon2id.rb CHANGED
@@ -15,7 +15,7 @@ module Argon2id
15
15
  DEFAULT_T_COST = 2
16
16
 
17
17
  # The default "memory cost" of 19 mebibytes recommended by OWASP.
18
- DEFAULT_M_COST = 19456
18
+ DEFAULT_M_COST = 19_456
19
19
 
20
20
  # The default 1 thread and compute lane recommended by OWASP.
21
21
  DEFAULT_PARALLELISM = 1
@@ -74,13 +74,33 @@ class TestPassword < Minitest::Test
74
74
  refute password.is_password?("notopensesame")
75
75
  end
76
76
 
77
- def test_raises_if_verifying_with_invalid_encoded_password
78
- password = Argon2id::Password.new("invalid")
77
+ def test_salt_returns_the_original_salt
78
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
79
79
 
80
- error = assert_raises(Argon2id::Error) do
81
- password.is_password?("opensesame")
80
+ assert_equal "somesalt", password.salt
81
+ end
82
+
83
+ def test_salt_returns_raw_bytes
84
+ password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw$lB3724qLPL9MNi10lkvIb4VxIk3q841CLvq0WTCZ0VQ")
85
+
86
+ assert_equal "*b1\xAD{\xF8\x96\xB9\xD2$\xF3\xB4,\xDE\xC6w".b, password.salt
87
+ end
88
+
89
+ def test_raises_for_invalid_hashes
90
+ assert_raises(ArgumentError) do
91
+ Argon2id::Password.new("not a valid hash")
82
92
  end
93
+ end
94
+
95
+ def test_raises_for_partial_hashes
96
+ assert_raises(ArgumentError) do
97
+ Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw")
98
+ end
99
+ end
100
+
101
+ def test_salt_supports_versionless_hashes
102
+ password = Argon2id::Password.new("$argon2id$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
83
103
 
84
- assert_equal "Decoding failed", error.message
104
+ assert_equal "somesalt", password.salt
85
105
  end
86
106
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: argon2id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.2.0
5
5
  platform: x86-linux
6
6
  authors:
7
7
  - Paul Mucur
@@ -10,6 +10,20 @@ bindir: bin
10
10
  cert_chain: []
11
11
  date: 2024-11-01 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: base64
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: rake-compiler
15
29
  requirement: !ruby/object:Gem::Requirement