argon2id 0.1.2-x86-mingw32 → 0.2.1-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +23 -2
- data/README.md +19 -11
- data/argon2id.gemspec +1 -0
- data/lib/2.6/argon2id.so +0 -0
- data/lib/2.7/argon2id.so +0 -0
- data/lib/3.0/argon2id.so +0 -0
- data/lib/3.1/argon2id.so +0 -0
- data/lib/3.2/argon2id.so +0 -0
- data/lib/3.3/argon2id.so +0 -0
- data/lib/argon2id/password.rb +26 -1
- data/lib/argon2id/version.rb +1 -1
- data/lib/argon2id.rb +1 -1
- data/test/test_password.rb +31 -5
- metadata +15 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ffb40daba9c92444739309976c3f15db6c2454108e8c3259428037ee59fabba1
|
4
|
+
data.tar.gz: 34372b2528c192f37b95dd932a0fca8e28a05ad4ec3116be84fbf3b107230540
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3d58ba284bfd6f8ca102e1d1f0057fc195c86076dad5b72ad3675a07f0b91fd46f58571d6801c9f388f4ee31ce2d3d989d01f38fc8076338c32d00282836cac9
|
7
|
+
data.tar.gz: e8d8d6b43f51641fc97b222c525750a2ccbda5a17b483cfc4a17715b60696886313461917f0b749d362e8e1fef63ee5768e52f6a8d344ced01f4fd3b7d643f3e
|
data/CHANGELOG.md
CHANGED
@@ -5,12 +5,31 @@ All notable changes to this project will be documented in this file.
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
7
7
|
|
8
|
+
## [0.2.1] - 2024-11-01
|
9
|
+
|
10
|
+
### Added
|
11
|
+
|
12
|
+
- Anything that can be coerced to a String can now be passed to
|
13
|
+
`Argon2id::Password.new`
|
14
|
+
|
15
|
+
## [0.2.0] - 2024-11-01
|
16
|
+
|
17
|
+
### Added
|
18
|
+
|
19
|
+
- The original salt for an `Argon2id::Password` can now be retrieved with
|
20
|
+
`Argon2id::Password#salt`
|
21
|
+
|
22
|
+
### Changed
|
23
|
+
|
24
|
+
- Encoded hashes are now validated when initialising an `Argon2id::Password`,
|
25
|
+
raising an `ArgumentError` if they are invalid
|
26
|
+
|
8
27
|
## [0.1.2] - 2024-11-01
|
9
28
|
|
10
29
|
### Fixed
|
11
30
|
|
12
|
-
- Validate that the encoded hash passed to Argon2id::Password.new is a
|
13
|
-
null-terminated C string, raising an ArgumentError if it contains extra null
|
31
|
+
- Validate that the encoded hash passed to `Argon2id::Password.new` is a
|
32
|
+
null-terminated C string, raising an `ArgumentError` if it contains extra null
|
14
33
|
bytes
|
15
34
|
|
16
35
|
## [0.1.1] - 2024-11-01
|
@@ -32,6 +51,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
32
51
|
reference C implementation of Argon2, the password-hashing function that won
|
33
52
|
the Password Hashing Competition.
|
34
53
|
|
54
|
+
[0.2.1]: https://github.com/mudge/argon2id/releases/tag/v0.2.1
|
55
|
+
[0.2.0]: https://github.com/mudge/argon2id/releases/tag/v0.2.0
|
35
56
|
[0.1.2]: https://github.com/mudge/argon2id/releases/tag/v0.1.2
|
36
57
|
[0.1.1]: https://github.com/mudge/argon2id/releases/tag/v0.1.1
|
37
58
|
[0.1.0]: https://github.com/mudge/argon2id/releases/tag/v0.1.0
|
data/README.md
CHANGED
@@ -5,17 +5,17 @@ function that won the 2015 [Password Hashing Competition][].
|
|
5
5
|
|
6
6
|
[![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
|
7
7
|
|
8
|
-
**Current version:** 0.1
|
8
|
+
**Current version:** 0.2.1
|
9
9
|
**Bundled Argon2 version:** libargon2.1 (20190702)
|
10
10
|
|
11
11
|
```ruby
|
12
|
-
|
12
|
+
Argon2id::Password.create("opensesame").to_s
|
13
13
|
#=> "$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU"
|
14
14
|
|
15
|
-
|
15
|
+
Argon2id::Password.create("opensesame") == "opensesame"
|
16
16
|
#=> true
|
17
17
|
|
18
|
-
|
18
|
+
Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$ZS2nBFWBpnt28HjtzNOW4w$SQ+p+dIcWbpzWpZQ/ZZFj8IQkyhYZf127U4QdkRmKFU") == "opensesame"
|
19
19
|
#=> true
|
20
20
|
```
|
21
21
|
|
@@ -142,6 +142,14 @@ password.is_password?("opensesame") #=> true
|
|
142
142
|
password.is_password?("notopensesame") #=> false
|
143
143
|
```
|
144
144
|
|
145
|
+
The original salt for a password can be retrieved with `Argon2id::Password#salt`:
|
146
|
+
|
147
|
+
```ruby
|
148
|
+
password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
149
|
+
password.salt
|
150
|
+
#=> "somesalt"
|
151
|
+
```
|
152
|
+
|
145
153
|
### Errors
|
146
154
|
|
147
155
|
Any errors returned from Argon2 will be raised as `Argon2id::Error`, e.g.
|
@@ -176,11 +184,11 @@ notes](https://github.com/mudge/argon2id/releases) for each version and can be
|
|
176
184
|
checked with `sha256sum`, e.g.
|
177
185
|
|
178
186
|
```console
|
179
|
-
$ gem fetch argon2id -v 0.
|
180
|
-
Fetching argon2id-0.
|
181
|
-
Downloaded argon2id-0.
|
182
|
-
$ sha256sum argon2id-0.
|
183
|
-
|
187
|
+
$ gem fetch argon2id -v 0.2.0
|
188
|
+
Fetching argon2id-0.2.0-arm64-darwin.gem
|
189
|
+
Downloaded argon2id-0.2.0-arm64-darwin
|
190
|
+
$ sha256sum argon2id-0.2.0-arm64-darwin.gem
|
191
|
+
ce1fa632393e814da750f44146dc6de1353e4b24746fb94f6f4ea748b9dad26b argon2id-0.2.0-arm64-darwin.gem
|
184
192
|
```
|
185
193
|
|
186
194
|
[GPG](https://www.gnupg.org/) signatures are attached to each release (the
|
@@ -190,8 +198,8 @@ from a public keyserver, e.g. `gpg --keyserver keyserver.ubuntu.com --recv-key
|
|
190
198
|
0x39AC3530070E0F75`):
|
191
199
|
|
192
200
|
```console
|
193
|
-
$ gpg --verify argon2id-0.
|
194
|
-
gpg: Signature made Fri 1 Nov
|
201
|
+
$ gpg --verify argon2id-0.2.0-arm64-darwin.gem.sig argon2id-0.2.0-arm64-darwin.gem
|
202
|
+
gpg: Signature made Fri 1 Nov 14:48:57 2024 GMT
|
195
203
|
gpg: using RSA key 702609D9C790F45B577D7BEC39AC3530070E0F75
|
196
204
|
gpg: Good signature from "Paul Mucur <mudge@mudge.name>" [unknown]
|
197
205
|
gpg: aka "Paul Mucur <paul@ghostcassette.com>" [unknown]
|
data/argon2id.gemspec
CHANGED
@@ -53,6 +53,7 @@ Gem::Specification.new do |s|
|
|
53
53
|
]
|
54
54
|
s.rdoc_options = ["--main", "README.md"]
|
55
55
|
|
56
|
+
s.add_runtime_dependency("base64")
|
56
57
|
s.add_development_dependency("rake-compiler", "~> 1.2")
|
57
58
|
s.add_development_dependency("rake-compiler-dock", "~> 1.5")
|
58
59
|
s.add_development_dependency("minitest", "~> 5.25")
|
data/lib/2.6/argon2id.so
CHANGED
Binary file
|
data/lib/2.7/argon2id.so
CHANGED
Binary file
|
data/lib/3.0/argon2id.so
CHANGED
Binary file
|
data/lib/3.1/argon2id.so
CHANGED
Binary file
|
data/lib/3.2/argon2id.so
CHANGED
Binary file
|
data/lib/3.3/argon2id.so
CHANGED
Binary file
|
data/lib/argon2id/password.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
require "base64"
|
3
4
|
require "openssl"
|
4
5
|
|
5
6
|
module Argon2id
|
@@ -17,9 +18,28 @@ module Argon2id
|
|
17
18
|
# password == "password"
|
18
19
|
# #=> true
|
19
20
|
class Password
|
21
|
+
# A regular expression to match valid hashes.
|
22
|
+
PATTERN = %r{
|
23
|
+
\A
|
24
|
+
\$
|
25
|
+
argon2(?:id|i|d)
|
26
|
+
(?:\$v=\d+)?
|
27
|
+
\$m=\d+
|
28
|
+
,t=\d+
|
29
|
+
,p=\d+
|
30
|
+
\$
|
31
|
+
(?<base64_salt>[a-zA-Z0-9+/]+)
|
32
|
+
\$
|
33
|
+
[a-zA-Z0-9+/]+
|
34
|
+
\z
|
35
|
+
}x.freeze
|
36
|
+
|
20
37
|
# The encoded password hash.
|
21
38
|
attr_reader :encoded
|
22
39
|
|
40
|
+
# The salt.
|
41
|
+
attr_reader :salt
|
42
|
+
|
23
43
|
# Create a new Password object that hashes a given plain text password +pwd+.
|
24
44
|
#
|
25
45
|
# - +:t_cost+: integer (default 2) the "time cost" given as a number of iterations
|
@@ -57,8 +77,13 @@ module Argon2id
|
|
57
77
|
# Create a new Password with the given encoded password hash.
|
58
78
|
#
|
59
79
|
# password = Argon2id::Password.new("$argon2id$v=19$m=19456,t=2,p=1$FI8yp1gXbthJCskBlpKPoQ$nOfCCpS2r+I8GRN71cZND4cskn7YKBNzuHUEO3YpY2s")
|
80
|
+
#
|
81
|
+
# Raises an ArgumentError if given an invalid hash.
|
60
82
|
def initialize(encoded)
|
61
|
-
|
83
|
+
raise ArgumentError, "invalid hash" unless PATTERN =~ String(encoded)
|
84
|
+
|
85
|
+
@encoded = Regexp.last_match(0)
|
86
|
+
@salt = Base64.decode64(Regexp.last_match(1))
|
62
87
|
end
|
63
88
|
|
64
89
|
# Return the encoded password hash.
|
data/lib/argon2id/version.rb
CHANGED
data/lib/argon2id.rb
CHANGED
data/test/test_password.rb
CHANGED
@@ -74,13 +74,39 @@ class TestPassword < Minitest::Test
|
|
74
74
|
refute password.is_password?("notopensesame")
|
75
75
|
end
|
76
76
|
|
77
|
-
def
|
78
|
-
password = Argon2id::Password.new("
|
77
|
+
def test_salt_returns_the_original_salt
|
78
|
+
password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
79
79
|
|
80
|
-
|
81
|
-
|
80
|
+
assert_equal "somesalt", password.salt
|
81
|
+
end
|
82
|
+
|
83
|
+
def test_salt_returns_raw_bytes
|
84
|
+
password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw$lB3724qLPL9MNi10lkvIb4VxIk3q841CLvq0WTCZ0VQ")
|
85
|
+
|
86
|
+
assert_equal "*b1\xAD{\xF8\x96\xB9\xD2$\xF3\xB4,\xDE\xC6w".b, password.salt
|
87
|
+
end
|
88
|
+
|
89
|
+
def test_raises_for_invalid_hashes
|
90
|
+
assert_raises(ArgumentError) do
|
91
|
+
Argon2id::Password.new("not a valid hash")
|
82
92
|
end
|
93
|
+
end
|
94
|
+
|
95
|
+
def test_raises_for_partial_hashes
|
96
|
+
assert_raises(ArgumentError) do
|
97
|
+
Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$KmIxrXv4lrnSJPO0LN7Gdw")
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
101
|
+
def test_salt_supports_versionless_hashes
|
102
|
+
password = Argon2id::Password.new("$argon2id$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
103
|
+
|
104
|
+
assert_equal "somesalt", password.salt
|
105
|
+
end
|
106
|
+
|
107
|
+
def test_coerces_given_hash_to_string
|
108
|
+
password = Argon2id::Password.create("password")
|
83
109
|
|
84
|
-
|
110
|
+
assert Argon2id::Password.new(password) == "password"
|
85
111
|
end
|
86
112
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: argon2id
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1
|
4
|
+
version: 0.2.1
|
5
5
|
platform: x86-mingw32
|
6
6
|
authors:
|
7
7
|
- Paul Mucur
|
@@ -10,6 +10,20 @@ bindir: bin
|
|
10
10
|
cert_chain: []
|
11
11
|
date: 2024-11-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: base64
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
13
27
|
- !ruby/object:Gem::Dependency
|
14
28
|
name: rake-compiler
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|