argon2id 0.4.1-x64-mingw32 → 0.6.0-x64-mingw32

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e3d3da4428a9c2f9e9915b0106b145dd14c77ac8684c2c8ab4ffecd95b894066
-  data.tar.gz: 7663e9da59aa1f5ce5f6cc2fbae0ab4cef3e43fe5f8bb4cb30d9fe90a3318eaa
+  metadata.gz: 9830d34e6ade0521646b04b6ac5bb6636880959d2fb28e03d30e6302027a016f
+  data.tar.gz: bfa8e53f5b9dffe5f5b7a264400a7aaaa3cecbf4ee9066181272db1c00e47571
 SHA512:
-  metadata.gz: 48ce7637db3e654e75892d2b450fead28cca3c624389981e901163b34f130dc2afd9a0d5f128d0d231a39e14f7f603b63c081175a79a13bbe55b6a1704e956c9
-  data.tar.gz: 2a9260599b166685acf43079b438ba74ccce7eb8d61a72914301f055168eb9e13f26401435777e91ed48d25f68af9826eff95d0bd44040718c64bcb65236818f
+  metadata.gz: 25d3e39fe9ddd17b9795905fe1c16d20a39b3795e2447c6cf9a9dadad1e09c52be3048dc73783bd0410ce4b279c3cf84c8e37691a9ce0af34b2bed6c3a60db9d
+  data.tar.gz: 25c021ef3950a43fd06441730dd74c9bfa8f86bafde3c098b52020ba48e32b2b8c624dd0f9bfe2a90c02959c4753ab747f4f89cecaf5872e5d22cd16e2381bb4

data/CHANGELOG.md

@@ -5,6 +5,19 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.6.0] - 2024-11-05
+
+### Changed
+
+- Move the internal API to `Argon2id::Password` and make it explicitly private
+
+## [0.5.0] - 2024-11-02
+
+### Removed
+
+- No longer expose the `type` of an encoded hash as it must always be an
+  Argon2id hash
+
 ## [0.4.1] - 2024-11-02
 
 ### Changed
@@ -86,6 +99,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   reference C implementation of Argon2, the password-hashing function that won
   the Password Hashing Competition.
 
+[0.6.0]: https://github.com/mudge/argon2id/releases/tag/v0.6.0
+[0.5.0]: https://github.com/mudge/argon2id/releases/tag/v0.5.0
 [0.4.1]: https://github.com/mudge/argon2id/releases/tag/v0.4.1
 [0.4.0]: https://github.com/mudge/argon2id/releases/tag/v0.4.0
 [0.3.0]: https://github.com/mudge/argon2id/releases/tag/v0.3.0

data/README.md

@@ -5,7 +5,7 @@ Ruby bindings to [Argon2][], the password-hashing function that won the 2015
 
 [![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
 
-**Current version:** 0.4.1  
+**Current version:** 0.6.0  
 **Bundled Argon2 version:** libargon2.1 (20190702)
 
 ```ruby
@@ -135,6 +135,10 @@ password == "opensesame"    #=> true
 password == "notopensesame" #=> false
 ```
 
+> [!WARNING]
+> `Argon2id::Password.new` does not support hashes generated from other Argon2
+> variants such as Argon2i and Argon2d.
+
 For compatibility with [bcrypt-ruby][], `Argon2id::Password#==` is aliased to `Argon2id::Password.is_password?`:
 
 ```ruby
@@ -147,7 +151,6 @@ The various parts of the encoded hash can be retrieved:
 
 ```ruby
 password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
-password.type        #=> "argon2id"
 password.version     #=> 19
 password.m_cost      #=> 256
 password.t_cost      #=> 2
@@ -198,11 +201,11 @@ notes](https://github.com/mudge/argon2id/releases) for each version and can be
 checked with `sha256sum`, e.g.
 
 ```console
-$ gem fetch argon2id -v 0.4.0
-Fetching argon2id-0.4.0-arm64-darwin.gem
-Downloaded argon2id-0.4.0-arm64-darwin
-$ sha256sum argon2id-0.4.0-arm64-darwin.gem
-2cecd6d5a1ecaf0a025e95714c0dee22dfc3d4585b649c57c06f432031b55a77  argon2id-0.4.0-arm64-darwin.gem
+$ gem fetch argon2id -v 0.5.0
+Fetching argon2id-0.5.0-arm64-darwin.gem
+Downloaded argon2id-0.5.0-arm64-darwin
+$ sha256sum argon2id-0.5.0-arm64-darwin.gem
+871e9d9bcad09e75620ce9ddd32cd99a4ebc3a6db1516e487680787faa7368a3  argon2id-0.5.0-arm64-darwin.gem
 ```
 
 [GPG](https://www.gnupg.org/) signatures are attached to each release (the
@@ -212,8 +215,8 @@ from a public keyserver, e.g. `gpg --keyserver keyserver.ubuntu.com --recv-key
 0x39AC3530070E0F75`):
 
 ```console
-$ gpg --verify argon2id-0.4.0-arm64-darwin.gem.sig argon2id-0.4.0-arm64-darwin.gem
-gpg: Signature made Sat  2 Nov 15:25:15 2024 GMT
+$ gpg --verify argon2id-0.5.0-arm64-darwin.gem.sig argon2id-0.5.0-arm64-darwin.gem
+gpg: Signature made Sat  2 Nov 21:09:51 2024 GMT
 gpg:                using RSA key 702609D9C790F45B577D7BEC39AC3530070E0F75
 gpg: Good signature from "Paul Mucur <mudge@mudge.name>" [unknown]
 gpg:                 aka "Paul Mucur <paul@ghostcassette.com>" [unknown]

data/Rakefile

@@ -20,16 +20,20 @@ ENV["RUBY_CC_VERSION"] = %w[3.3.0 3.2.0 3.1.0 3.0.0 2.7.0 2.6.0].join(":")
 
 gemspec = Gem::Specification.load("argon2id.gemspec")
 
-if RUBY_PLATFORM == "java"
-  gemspec.files.reject! { |path| File.fnmatch?("ext/*", path) }
-  gemspec.extensions.clear
-  gemspec.platform = Gem::Platform.new("java")
-  gemspec.required_ruby_version = ">= 3.1.0"
-end
-
 Gem::PackageTask.new(gemspec).define
 
+namespace :java do
+  java_gemspec = gemspec.dup
+  java_gemspec.files.reject! { |path| File.fnmatch?("ext/*", path) }
+  java_gemspec.extensions.clear
+  java_gemspec.platform = Gem::Platform.new("java")
+  java_gemspec.required_ruby_version = ">= 3.1.0"
+
+  Gem::PackageTask.new(java_gemspec).define
+end
+
 Rake::ExtensionTask.new("argon2id", gemspec) do |e|
+  e.lib_dir = "lib/argon2id"
   e.cross_compile = true
   e.cross_platform = cross_platforms
 end
@@ -57,15 +61,6 @@ namespace :gem do
       SCRIPT
     end
   end
-
-  desc "Compile gem for JRuby"
-  task :jruby do
-    RakeCompilerDock.sh <<~SCRIPT, rubyvm: "jruby", platform: "jruby", verbose: true
-      gem install bundler --no-document &&
-      bundle &&
-      bundle exec rake gem
-    SCRIPT
-  end
 end
 
 task default: [:compile, :test]

data/argon2id.gemspec

@@ -45,11 +45,10 @@ Gem::Specification.new do |s|
     "ext/argon2id/libargon2/thread.c",
     "ext/argon2id/libargon2/thread.h",
     "lib/argon2id.rb",
+    "lib/argon2id/extension.rb",
     "lib/argon2id/password.rb",
     "lib/argon2id/version.rb",
-    "test/test_hash_encoded.rb",
-    "test/test_password.rb",
-    "test/test_verify.rb"
+    "test/test_password.rb"
   ]
   s.rdoc_options = ["--main", "README.md"]
 

data/ext/argon2id/argon2id.c

@@ -5,21 +5,11 @@
 
 #define UNUSED(x) (void)(x)
 
-VALUE mArgon2id, cArgon2idError;
-
-/* call-seq: hash_encoded(t_cost, m_cost, parallelism, pwd, salt, output_len)
- *
- * Hashes a password with Argon2id, producing an encoded hash.
- *
- * - +t_cost+: number of iterations
- * - +m_cost+: sets memory usage to +m_cost+ kibibytes
- * - +parallelism+: number of threads and compute lanes
- * - +pwd+: the password
- * - +salt+: the salt
- * - +output_len+: desired length of the hash in bytes
- */
+VALUE mArgon2id, cArgon2idError, cArgon2idPassword;
+ID id_encoded;
+
 static VALUE
-rb_argon2id_hash_encoded(VALUE module, VALUE iterations, VALUE memory, VALUE threads, VALUE pwd, VALUE salt, VALUE hashlen)
+rb_argon2id_hash_encoded(VALUE klass, VALUE iterations, VALUE memory, VALUE threads, VALUE pwd, VALUE salt, VALUE hashlen)
 {
   uint32_t t_cost, m_cost, parallelism;
   size_t encodedlen, outlen;
@@ -27,7 +17,7 @@ rb_argon2id_hash_encoded(VALUE module, VALUE iterations, VALUE memory, VALUE thr
   int result;
   VALUE hash;
 
-  UNUSED(module);
+  UNUSED(klass);
 
   t_cost = FIX2INT(iterations);
   m_cost = FIX2INT(memory);
@@ -53,16 +43,12 @@ rb_argon2id_hash_encoded(VALUE module, VALUE iterations, VALUE memory, VALUE thr
   return hash;
 }
 
-/* call-seq: verify(encoded, pwd)
- *
- * Verifies a password against an encoded string.
- */
 static VALUE
-rb_argon2id_verify(VALUE module, VALUE encoded, VALUE pwd) {
+rb_argon2id_verify(VALUE self, VALUE pwd) {
   int result;
+  VALUE encoded;
 
-  UNUSED(module);
-
+  encoded = rb_ivar_get(self, id_encoded);
   result = argon2id_verify(StringValueCStr(encoded), StringValuePtr(pwd), RSTRING_LEN(pwd));
   if (result == ARGON2_OK) {
     return Qtrue;
@@ -80,8 +66,11 @@ rb_argon2id_verify(VALUE module, VALUE encoded, VALUE pwd) {
 void
 Init_argon2id(void)
 {
+  id_encoded = rb_intern("@encoded");
+
   mArgon2id = rb_define_module("Argon2id");
   cArgon2idError = rb_define_class_under(mArgon2id, "Error", rb_eStandardError);
-  rb_define_singleton_method(mArgon2id, "hash_encoded", rb_argon2id_hash_encoded, 6);
-  rb_define_singleton_method(mArgon2id, "verify", rb_argon2id_verify, 2);
+  cArgon2idPassword = rb_define_class_under(mArgon2id, "Password", rb_cObject);
+  rb_define_private_method(rb_singleton_class(cArgon2idPassword), "hash_encoded", rb_argon2id_hash_encoded, 6);
+  rb_define_private_method(cArgon2idPassword, "verify", rb_argon2id_verify, 1);
 }

data/ext/argon2id/extconf.rb

@@ -14,4 +14,4 @@ $CPPFLAGS << " " << "-I$(srcdir)/libargon2"
 have_header("stdint.h")
 have_header("argon2.h")
 
-create_makefile "argon2id"
+create_makefile "argon2id/argon2id"

data/lib/argon2id/extension.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+if RUBY_PLATFORM == "java"
+  require "java"
+  require "openssl"
+
+  module Argon2id
+    Error = Class.new(StandardError)
+
+    class Password
+      def self.hash_encoded(t_cost, m_cost, parallelism, pwd, salt, hashlen)
+        raise Error, "Salt is too short" if salt.empty?
+
+        salt_bytes = salt.to_java_bytes
+        output = Java::byte[hashlen].new
+        params = Java::OrgBouncycastleCryptoParams::Argon2Parameters::Builder
+          .new(Java::OrgBouncycastleCryptoParams::Argon2Parameters::ARGON2_id)
+          .with_salt(salt_bytes)
+          .with_parallelism(parallelism)
+          .with_memory_as_kb(m_cost)
+          .with_iterations(t_cost)
+          .build
+        generator = Java::OrgBouncycastleCryptoGenerators::Argon2BytesGenerator.new
+
+        generator.init(params)
+        generator.generate_bytes(pwd.to_java_bytes, output)
+
+        encoder = Java::JavaUtil::Base64.get_encoder.without_padding
+        encoded_salt = encoder.encode_to_string(salt_bytes)
+        encoded_output = encoder.encode_to_string(output)
+
+        "$argon2id$v=19$m=#{m_cost},t=#{t_cost},p=#{parallelism}" \
+          "$#{encoded_salt}$#{encoded_output}"
+      rescue Java::JavaLang::IllegalStateException => e
+        raise Error, e.message
+      end
+
+      private_class_method :hash_encoded
+
+      private
+
+      def verify(pwd)
+        other_output = Java::byte[output.bytesize].new
+        params = Java::OrgBouncycastleCryptoParams::Argon2Parameters::Builder
+          .new(Java::OrgBouncycastleCryptoParams::Argon2Parameters::ARGON2_id)
+          .with_salt(salt.to_java_bytes)
+          .with_parallelism(parallelism)
+          .with_memory_as_kb(m_cost)
+          .with_iterations(t_cost)
+          .build
+        generator = Java::OrgBouncycastleCryptoGenerators::Argon2BytesGenerator.new
+        generator.init(params)
+        generator.generate_bytes(pwd.to_java_bytes, other_output)
+
+        Java::OrgBouncycastleUtil::Arrays.constant_time_are_equal?(
+          output.to_java_bytes,
+          other_output
+        )
+      end
+    end
+  end
+else
+  begin
+    ::RUBY_VERSION =~ /(\d+\.\d+)/
+    require_relative "#{Regexp.last_match(1)}/argon2id"
+  rescue LoadError
+    require "argon2id/argon2id"
+  end
+end

data/lib/argon2id/password.rb

@@ -25,7 +25,6 @@ module Argon2id
   #
   # You can read various parameters out of a password hash:
   #
-  #   password.type        #=> "argon2id"
   #   password.version     #=> 19
   #   password.m_cost      #=> 19456
   #   password.t_cost      #=> 2
@@ -36,7 +35,7 @@ module Argon2id
     PATTERN = %r{
       \A
       \$
-      (argon2(?:id|i|d))
+      argon2id
       (?:\$v=(\d+))?
       \$m=(\d+)
       ,t=(\d+)
@@ -51,9 +50,6 @@ module Argon2id
     # The encoded password hash.
     attr_reader :encoded
 
-    # The type of the hashing function.
-    attr_reader :type
-
     # The version number of the hashing function.
     attr_reader :version
 
@@ -93,7 +89,7 @@ module Argon2id
     #   #=> "$argon2id$v=19$m=12288,t=3,p=1$JigW7fFn+N3NImt+aWpuzw$eM5F1cKeIBALNTU6LuWra75Zi2nymGvQLWzJzVFv0Nc"
     def self.create(pwd, t_cost: Argon2id.t_cost, m_cost: Argon2id.m_cost, parallelism: Argon2id.parallelism, salt_len: Argon2id.salt_len, output_len: Argon2id.output_len)
       new(
-        Argon2id.hash_encoded(
+        hash_encoded(
           Integer(t_cost),
           Integer(m_cost),
           Integer(parallelism),
@@ -113,13 +109,12 @@ module Argon2id
       raise ArgumentError, "invalid hash" unless PATTERN =~ String(encoded)
 
       @encoded = $&
-      @type = $1
-      @version = Integer($2 || 0x10)
-      @m_cost = Integer($3)
-      @t_cost = Integer($4)
-      @parallelism = Integer($5)
-      @salt = $6.unpack1("m")
-      @output = $7.unpack1("m")
+      @version = Integer($1 || 0x10)
+      @m_cost = Integer($2)
+      @t_cost = Integer($3)
+      @parallelism = Integer($4)
+      @salt = $5.unpack1("m")
+      @output = $6.unpack1("m")
     end
 
     # Return the encoded password hash.
@@ -132,7 +127,7 @@ module Argon2id
     #   password == "password"    #=> true
     #   password == "notpassword" #=> false
     def ==(other)
-      Argon2id.verify(encoded, String(other))
+      verify(String(other))
     end
 
     alias_method :is_password?, :==

data/lib/argon2id/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Argon2id
-  VERSION = "0.4.1"
+  VERSION = "0.6.0"
 end

data/lib/argon2id.rb

@@ -1,18 +1,8 @@
 # frozen_string_literal: true
 
-if RUBY_PLATFORM == "java"
-  require "openssl"
-else
-  begin
-    ::RUBY_VERSION =~ /(\d+\.\d+)/
-    require_relative "#{Regexp.last_match(1)}/argon2id.so"
-  rescue LoadError
-    require "argon2id.so"
-  end
-end
-
-require "argon2id/version"
+require "argon2id/extension"
 require "argon2id/password"
+require "argon2id/version"
 
 module Argon2id
   # The default "time cost" of 2 iterations recommended by OWASP.
@@ -52,57 +42,4 @@ module Argon2id
     # The default desired length of the hash in bytes used by Argon2id::Password.create
     attr_accessor :output_len
   end
-
-  if RUBY_PLATFORM == "java"
-    Error = Class.new(StandardError)
-
-    def self.hash_encoded(t_cost, m_cost, parallelism, pwd, salt, hashlen)
-      output = hash_raw(t_cost, m_cost, parallelism, pwd, salt, hashlen)
-
-      encoder = Java::JavaUtil::Base64.get_encoder.without_padding
-      encoded_salt = encoder.encode_to_string(salt.to_java_bytes)
-      encoded_output = encoder.encode_to_string(output)
-
-      "$argon2id$v=19$m=#{Integer(m_cost)},t=#{Integer(t_cost)}," \
-        "p=#{Integer(parallelism)}$#{encoded_salt}$#{encoded_output}"
-    end
-
-    def self.verify(encoded, pwd)
-      password = Password.new(encoded)
-      other_raw = hash_raw(
-        password.t_cost,
-        password.m_cost,
-        password.parallelism,
-        String(pwd),
-        password.salt,
-        password.output.bytesize
-      )
-
-      Java::OrgBouncycastleUtil::Arrays.constant_time_are_equal(
-        password.output.to_java_bytes,
-        other_raw
-      )
-    end
-
-    def self.hash_raw(t_cost, m_cost, parallelism, pwd, salt, hashlen)
-      raise Error, "Salt is too short" if String(salt).empty?
-
-      hash = Java::byte[Integer(hashlen)].new
-      params = Java::OrgBouncycastleCryptoParams::Argon2Parameters::Builder
-        .new(Java::OrgBouncycastleCryptoParams::Argon2Parameters::ARGON2_id)
-        .with_salt(String(salt).to_java_bytes)
-        .with_parallelism(Integer(parallelism))
-        .with_memory_as_kb(Integer(m_cost))
-        .with_iterations(Integer(t_cost))
-        .build
-      generator = Java::OrgBouncycastleCryptoGenerators::Argon2BytesGenerator.new
-
-      generator.init(params)
-      generator.generate_bytes(String(pwd).to_java_bytes, hash)
-
-      hash
-    rescue Java::JavaLang::IllegalStateException => e
-      raise Error, e.message
-    end
-  end
 end

data/test/test_password.rb

@@ -98,6 +98,18 @@ class TestPassword < Minitest::Test
     end
   end
 
+  def test_raises_for_hashes_with_null_bytes
+    assert_raises(ArgumentError) do
+      Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4\x00foo")
+    end
+  end
+
+  def test_raises_for_non_argon2id_hashes
+    assert_raises(ArgumentError) do
+      Argon2id::Password.new("$argon2i$v=19$m=256,t=2,p=1$c29tZXNhbHQ$iekCn0Y3spW+sCcFanM2xBT63UP2sghkUoHLIUpWRS8")
+    end
+  end
+
   def test_salt_supports_versionless_hashes
     password = Argon2id::Password.new("$argon2id$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
 
@@ -110,18 +122,6 @@ class TestPassword < Minitest::Test
     assert Argon2id::Password.new(password) == "password"
   end
 
-  def test_extracting_type_from_hash
-    password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
-
-    assert_equal "argon2id", password.type
-  end
-
-  def test_extracting_type_from_argoni_hash
-    password = Argon2id::Password.new("$argon2i$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
-
-    assert_equal "argon2i", password.type
-  end
-
   def test_extracting_version_from_hash
     password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
 
@@ -175,4 +175,58 @@ class TestPassword < Minitest::Test
 
     assert_equal "\x9D\xFE\xB9\x10\xE8\v\xAD\x03\x11\xFE\xE2\x0F\x9C\x0E+\x12\xC1y\x87\xB4\xCA\xC9\f.\xF5M[0!\xC6\x8B\xFE".b, password.output
   end
+
+  def test_libargon2_test_case_1
+    password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
+
+    assert password == "password"
+  end
+
+  def test_libargon2_test_case_1_returns_false_with_incorrect_password
+    password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4")
+
+    refute password == "not password"
+  end
+
+  def test_libargon2_test_case_2
+    password = Argon2id::Password.new("$argon2id$v=19$m=256,t=2,p=2$c29tZXNhbHQ$bQk8UB/VmZZF4Oo79iDXuL5/0ttZwg2f/5U52iv1cDc")
+
+    assert password == "password"
+  end
+
+  def test_encoded_password_does_not_include_trailing_null_byte
+    password = Argon2id::Password.create("password", t_cost: 2, m_cost: 256, salt_len: 8)
+
+    refute password.to_s.end_with?("\x00")
+  end
+
+  def test_raises_with_too_short_output
+    assert_raises(Argon2id::Error) do
+      Argon2id::Password.create("password", t_cost: 2, m_cost: 256, salt_len: 8, output_len: 1)
+    end
+  end
+
+  def test_raises_with_too_few_threads_and_compute_lanes
+    assert_raises(Argon2id::Error) do
+      Argon2id::Password.create("password", t_cost: 2, m_cost: 256, parallelism: 0, salt_len: 8)
+    end
+  end
+
+  def test_raises_with_too_small_memory_cost
+    assert_raises(Argon2id::Error) do
+      Argon2id::Password.create("password", t_cost: 2, m_cost: 0, salt_len: 8)
+    end
+  end
+
+  def test_raises_with_too_small_time_cost
+    assert_raises(Argon2id::Error) do
+      Argon2id::Password.create("password", t_cost: 0, m_cost: 256, salt_len: 8)
+    end
+  end
+
+  def test_raises_with_too_short_salt
+    assert_raises(Argon2id::Error) do
+      Argon2id::Password.create("password", t_cost: 2, m_cost: 256, salt_len: 0)
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: argon2id
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.6.0
 platform: x64-mingw32
 authors:
 - Paul Mucur
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-11-02 00:00:00.000000000 Z
+date: 2024-11-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake-compiler
@@ -82,15 +82,14 @@ files:
 - ext/argon2id/libargon2/ref.c
 - ext/argon2id/libargon2/thread.c
 - ext/argon2id/libargon2/thread.h
-- lib/2.6/argon2id.so
-- lib/2.7/argon2id.so
-- lib/3.0/argon2id.so
 - lib/argon2id.rb
+- lib/argon2id/2.6/argon2id.so
+- lib/argon2id/2.7/argon2id.so
+- lib/argon2id/3.0/argon2id.so
+- lib/argon2id/extension.rb
 - lib/argon2id/password.rb
 - lib/argon2id/version.rb
-- test/test_hash_encoded.rb
 - test/test_password.rb
-- test/test_verify.rb
 homepage: https://github.com/mudge/argon2id
 licenses:
 - BSD-3-Clause

data/test/test_hash_encoded.rb

@@ -1,54 +0,0 @@
-# frozen_string_literal: true
-
-require "minitest/autorun"
-require "argon2id"
-
-class TestHashEncoded < Minitest::Test
-  def test_valid_password_and_salt_encodes_successfully
-    encoded = Argon2id.hash_encoded(2, 256, 1, "password", "somesalt", 32)
-
-    assert_equal "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", encoded
-  end
-
-  def test_password_with_parallelism_of_two
-    encoded = Argon2id.hash_encoded(2, 256, 2, "password", "somesalt", 32)
-
-    assert_equal "$argon2id$v=19$m=256,t=2,p=2$c29tZXNhbHQ$bQk8UB/VmZZF4Oo79iDXuL5/0ttZwg2f/5U52iv1cDc", encoded
-  end
-
-  def test_valid_password_does_not_include_trailing_null_byte
-    encoded = Argon2id.hash_encoded(2, 256, 1, "password", "somesalt", 32)
-
-    refute encoded.end_with?("\x00")
-  end
-
-  def test_raises_with_too_short_output
-    assert_raises(Argon2id::Error) do
-      Argon2id.hash_encoded(2, 256, 1, "password", "somesalt", 1)
-    end
-  end
-
-  def test_raises_with_too_few_lanes
-    assert_raises(Argon2id::Error) do
-      Argon2id.hash_encoded(2, 256, 0, "password", "somesalt", 32)
-    end
-  end
-
-  def test_raises_with_too_small_memory_cost
-    assert_raises(Argon2id::Error) do
-      Argon2id.hash_encoded(2, 0, 1, "password", "somesalt", 32)
-    end
-  end
-
-  def test_raises_with_too_small_time_cost
-    assert_raises(Argon2id::Error) do
-      Argon2id.hash_encoded(0, 256, 1, "password", "somesalt", 32)
-    end
-  end
-
-  def test_raises_with_too_short_salt
-    assert_raises(Argon2id::Error) do
-      Argon2id.hash_encoded(2, 256, 1, "password", "", 32)
-    end
-  end
-end

data/test/test_verify.rb

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-require "minitest/autorun"
-require "argon2id"
-
-class TestVerify < Minitest::Test
-  def test_returns_true_with_correct_password
-    assert Argon2id.verify(
-      "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4",
-      "password"
-    )
-  end
-
-  def test_returns_false_with_incorrect_password
-    refute Argon2id.verify(
-      "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4",
-      "not password"
-    )
-  end
-
-  def test_raises_if_given_invalid_encoded
-    assert_raises(ArgumentError) do
-      Argon2id.verify("", "opensesame")
-    end
-  end
-
-  def test_raises_if_given_encoded_with_null_byte
-    assert_raises(ArgumentError) do
-      Argon2id.verify(
-        "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4\x00foo",
-        "password"
-      )
-    end
-  end
-end