argon2id 0.4.1-x64-mingw-ucrt → 0.5.0-x64-mingw-ucrt
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/README.md +12 -9
- data/lib/3.1/argon2id.so +0 -0
- data/lib/3.2/argon2id.so +0 -0
- data/lib/3.3/argon2id.so +0 -0
- data/lib/argon2id/password.rb +7 -12
- data/lib/argon2id/version.rb +1 -1
- data/test/test_password.rb +6 -12
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 046246d2626875dc6a452e42067e5a5bc46810d36dcd4cbb3b848ede3050475e
|
4
|
+
data.tar.gz: 77859d74535214733394e760c57a24e4f1ef5bb3c56ce08ed43d7d1018c0844f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 33cdbc4f20b4abbf01c153c8ad23d5b319ec57244a9170dfbc15875a25de62f93dd2c37929fea7800e54fc338f82631ac89e779fb26af3a6acfee5514393e4cd
|
7
|
+
data.tar.gz: 1142a07f1833a94374c766cbf339528adffb021f36d9fce45bbc974e327c61aef867389bc81662ecbdae71fa3769b44fba3fa79d5e16864a2fb5bfd2a3fba3a6
|
data/CHANGELOG.md
CHANGED
@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
7
7
|
|
8
|
+
## [0.5.0] - 2024-11-02
|
9
|
+
|
10
|
+
### Removed
|
11
|
+
|
12
|
+
- No longer expose the `type` of an encoded hash as it must always be an
|
13
|
+
Argon2id hash
|
14
|
+
|
8
15
|
## [0.4.1] - 2024-11-02
|
9
16
|
|
10
17
|
### Changed
|
@@ -86,6 +93,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
86
93
|
reference C implementation of Argon2, the password-hashing function that won
|
87
94
|
the Password Hashing Competition.
|
88
95
|
|
96
|
+
[0.5.0]: https://github.com/mudge/argon2id/releases/tag/v0.5.0
|
89
97
|
[0.4.1]: https://github.com/mudge/argon2id/releases/tag/v0.4.1
|
90
98
|
[0.4.0]: https://github.com/mudge/argon2id/releases/tag/v0.4.0
|
91
99
|
[0.3.0]: https://github.com/mudge/argon2id/releases/tag/v0.3.0
|
data/README.md
CHANGED
@@ -5,7 +5,7 @@ Ruby bindings to [Argon2][], the password-hashing function that won the 2015
|
|
5
5
|
|
6
6
|
[![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
|
7
7
|
|
8
|
-
**Current version:** 0.
|
8
|
+
**Current version:** 0.5.0
|
9
9
|
**Bundled Argon2 version:** libargon2.1 (20190702)
|
10
10
|
|
11
11
|
```ruby
|
@@ -135,6 +135,10 @@ password == "opensesame" #=> true
|
|
135
135
|
password == "notopensesame" #=> false
|
136
136
|
```
|
137
137
|
|
138
|
+
> [!WARNING]
|
139
|
+
> `Argon2id::Password.new` does not support hashes generated from other Argon2
|
140
|
+
> variants such as Argon2i and Argon2d.
|
141
|
+
|
138
142
|
For compatibility with [bcrypt-ruby][], `Argon2id::Password#==` is aliased to `Argon2id::Password.is_password?`:
|
139
143
|
|
140
144
|
```ruby
|
@@ -147,7 +151,6 @@ The various parts of the encoded hash can be retrieved:
|
|
147
151
|
|
148
152
|
```ruby
|
149
153
|
password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
150
|
-
password.type #=> "argon2id"
|
151
154
|
password.version #=> 19
|
152
155
|
password.m_cost #=> 256
|
153
156
|
password.t_cost #=> 2
|
@@ -198,11 +201,11 @@ notes](https://github.com/mudge/argon2id/releases) for each version and can be
|
|
198
201
|
checked with `sha256sum`, e.g.
|
199
202
|
|
200
203
|
```console
|
201
|
-
$ gem fetch argon2id -v 0.4.
|
202
|
-
Fetching argon2id-0.4.
|
203
|
-
Downloaded argon2id-0.4.
|
204
|
-
$ sha256sum argon2id-0.4.
|
205
|
-
|
204
|
+
$ gem fetch argon2id -v 0.4.1
|
205
|
+
Fetching argon2id-0.4.1-arm64-darwin.gem
|
206
|
+
Downloaded argon2id-0.4.1-arm64-darwin
|
207
|
+
$ sha256sum argon2id-0.4.1-arm64-darwin.gem
|
208
|
+
c74c06c2c4ce70d6c3822f05d83bab4ea431dd16ec086c9c856da3c6e0d9bbe9 argon2id-0.4.1-arm64-darwin.gem
|
206
209
|
```
|
207
210
|
|
208
211
|
[GPG](https://www.gnupg.org/) signatures are attached to each release (the
|
@@ -212,8 +215,8 @@ from a public keyserver, e.g. `gpg --keyserver keyserver.ubuntu.com --recv-key
|
|
212
215
|
0x39AC3530070E0F75`):
|
213
216
|
|
214
217
|
```console
|
215
|
-
$ gpg --verify argon2id-0.4.
|
216
|
-
gpg: Signature made Sat 2 Nov
|
218
|
+
$ gpg --verify argon2id-0.4.1-arm64-darwin.gem.sig argon2id-0.4.1-arm64-darwin.gem
|
219
|
+
gpg: Signature made Sat 2 Nov 20:50:54 2024 GMT
|
217
220
|
gpg: using RSA key 702609D9C790F45B577D7BEC39AC3530070E0F75
|
218
221
|
gpg: Good signature from "Paul Mucur <mudge@mudge.name>" [unknown]
|
219
222
|
gpg: aka "Paul Mucur <paul@ghostcassette.com>" [unknown]
|
data/lib/3.1/argon2id.so
CHANGED
Binary file
|
data/lib/3.2/argon2id.so
CHANGED
Binary file
|
data/lib/3.3/argon2id.so
CHANGED
Binary file
|
data/lib/argon2id/password.rb
CHANGED
@@ -25,7 +25,6 @@ module Argon2id
|
|
25
25
|
#
|
26
26
|
# You can read various parameters out of a password hash:
|
27
27
|
#
|
28
|
-
# password.type #=> "argon2id"
|
29
28
|
# password.version #=> 19
|
30
29
|
# password.m_cost #=> 19456
|
31
30
|
# password.t_cost #=> 2
|
@@ -36,7 +35,7 @@ module Argon2id
|
|
36
35
|
PATTERN = %r{
|
37
36
|
\A
|
38
37
|
\$
|
39
|
-
|
38
|
+
argon2id
|
40
39
|
(?:\$v=(\d+))?
|
41
40
|
\$m=(\d+)
|
42
41
|
,t=(\d+)
|
@@ -51,9 +50,6 @@ module Argon2id
|
|
51
50
|
# The encoded password hash.
|
52
51
|
attr_reader :encoded
|
53
52
|
|
54
|
-
# The type of the hashing function.
|
55
|
-
attr_reader :type
|
56
|
-
|
57
53
|
# The version number of the hashing function.
|
58
54
|
attr_reader :version
|
59
55
|
|
@@ -113,13 +109,12 @@ module Argon2id
|
|
113
109
|
raise ArgumentError, "invalid hash" unless PATTERN =~ String(encoded)
|
114
110
|
|
115
111
|
@encoded = $&
|
116
|
-
@
|
117
|
-
@
|
118
|
-
@
|
119
|
-
@
|
120
|
-
@
|
121
|
-
@
|
122
|
-
@output = $7.unpack1("m")
|
112
|
+
@version = Integer($1 || 0x10)
|
113
|
+
@m_cost = Integer($2)
|
114
|
+
@t_cost = Integer($3)
|
115
|
+
@parallelism = Integer($4)
|
116
|
+
@salt = $5.unpack1("m")
|
117
|
+
@output = $6.unpack1("m")
|
123
118
|
end
|
124
119
|
|
125
120
|
# Return the encoded password hash.
|
data/lib/argon2id/version.rb
CHANGED
data/test/test_password.rb
CHANGED
@@ -98,6 +98,12 @@ class TestPassword < Minitest::Test
|
|
98
98
|
end
|
99
99
|
end
|
100
100
|
|
101
|
+
def test_raises_for_non_argon2id_hashes
|
102
|
+
assert_raises(ArgumentError) do
|
103
|
+
Argon2id::Password.new("$argon2i$v=19$m=256,t=2,p=1$c29tZXNhbHQ$iekCn0Y3spW+sCcFanM2xBT63UP2sghkUoHLIUpWRS8")
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
101
107
|
def test_salt_supports_versionless_hashes
|
102
108
|
password = Argon2id::Password.new("$argon2id$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
103
109
|
|
@@ -110,18 +116,6 @@ class TestPassword < Minitest::Test
|
|
110
116
|
assert Argon2id::Password.new(password) == "password"
|
111
117
|
end
|
112
118
|
|
113
|
-
def test_extracting_type_from_hash
|
114
|
-
password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
115
|
-
|
116
|
-
assert_equal "argon2id", password.type
|
117
|
-
end
|
118
|
-
|
119
|
-
def test_extracting_type_from_argoni_hash
|
120
|
-
password = Argon2id::Password.new("$argon2i$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
121
|
-
|
122
|
-
assert_equal "argon2i", password.type
|
123
|
-
end
|
124
|
-
|
125
119
|
def test_extracting_version_from_hash
|
126
120
|
password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
|
127
121
|
|