argon2id 0.7.0 → 0.8.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fe0651aa144c9dd31ce3eec05fff4a92b19f9c3123ccca67c2f19ae0e0047e85
-  data.tar.gz: fdc003fc28fd0258bf838c599f5a7bf784296aefbd3658efc87e6ca23a9ea4a4
+  metadata.gz: 119b279c6ef2b526ac12f0e6a586d48cf472f2b45fb84d82a99dd918a2d846e9
+  data.tar.gz: 8e1c05a7b9b2b67cd386c76c404ec546eddb7f87382a6fbdb39146709e6ae05b
 SHA512:
-  metadata.gz: b6eae30f919739df31878696ec9ce8d2bfd26bbc4c8dfe8a442021d139b51c80c6bc362c9810cad9dc706b4f32d36333ca85bbcdd5620ae169981d6766fd3d8c
-  data.tar.gz: d9c614f7e76e809677402b3f451b932ccfe413775d4bbf27131552f4c6249f819cef39db7285a85f5f91aaa37ad4b2f3cde6f24545f9d7eb412598df3cdcdbb8
+  metadata.gz: 6a01dcec727fdea0a54cd963d2a944db78885ab159e5bbf94fbba7bcba175dc503c10f4e1c70785a37075669f4426baffe2b7e411fd7ae11bb26351ae54fc94f
+  data.tar.gz: 5060c0426198101d970d939731787309a58d346a247f0d8d5ee478898067a387d4ec7f92586faf80b6e258b7670410c167ce33b71f9f87ce0ca3b7b98fd629e9

data/CHANGELOG.md

@@ -5,6 +5,23 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.8.0.rc1] - 2024-12-16
+
+### Added
+
+- Add Ruby 3.4.0-rc1 support to the precompiled, native gems
+
+### Changed
+
+- Provide separate precompiled, native gems for GNU and Musl
+- Require glibc 2.29+ for x86-linux-gnu and x86_64-linux-gnu (and recommend
+  RubyGems 3.3.22+ and Bundler 2.3.21+)
+
+### Removed
+
+- Drop support for Ruby versions older than 3.1 as they do not ship with a
+  version of RubyGems new enough to handle the new Musl gems
+
 ## [0.7.0] - 2024-11-08
 
 ### Fixed
@@ -111,6 +128,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   reference C implementation of Argon2, the password-hashing function that won
   the Password Hashing Competition.
 
+[0.8.0.rc1]: https://github.com/mudge/argon2id/releases/tag/v0.8.0.rc1
 [0.7.0]: https://github.com/mudge/argon2id/releases/tag/v0.7.0
 [0.6.0]: https://github.com/mudge/argon2id/releases/tag/v0.6.0
 [0.5.0]: https://github.com/mudge/argon2id/releases/tag/v0.5.0

data/README.md

@@ -5,7 +5,7 @@ Ruby bindings to [Argon2][], the password-hashing function that won the 2015
 
 [![Build Status](https://github.com/mudge/argon2id/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/mudge/argon2id/actions)
 
-**Current version:** 0.7.0  
+**Current version:** 0.8.0.rc1  
 **Bundled Argon2 version:** libargon2.1 (20190702)
 
 ```ruby
@@ -28,6 +28,7 @@ password.salt   #=> "e-\xA7\x04U\x81\xA6{v\xF0x\xED\xCC\xD3\x96\xE3"
     * [Verifying passwords](#verifying-passwords)
     * [Validating encoded hashes](#validating-encoded-hashes)
     * [Errors](#errors)
+    * [Usage with Active Record](#usage-with-active-record)
 * [Requirements](#requirements)
     * [Native gems](#native-gems)
     * [Verifying the gems](#verifying-the-gems)
@@ -196,11 +197,67 @@ Argon2id::Password.create("password", salt_len: 0)
 # Salt is too short (Argon2id::Error)
 ```
 
+### Usage with Active Record
+
+If you're planning to use this with Active Record instead of [Rails' own
+bcrypt-based
+`has_secure_password`](https://api.rubyonrails.org/v8.0/classes/ActiveModel/SecurePassword/ClassMethods.html),
+you can use the following as a starting point:
+
+#### The `User` model
+
+```ruby
+require "argon2id"
+
+# Schema: User(name: string, password_digest:string)
+class User < ApplicationRecord
+  attr_reader :password
+
+  validates :password_digest, presence: true
+  validates :password, confirmation: true, allow_blank: true
+
+  def password=(unencrypted_password)
+    if unencrypted_password.nil?
+      @password = nil
+      self.password_digest = nil
+    elsif !unencrypted_password.empty?
+      @password = unencrypted_password
+      self.password_digest = Argon2id::Password.create(unencrypted_password)
+    end
+  end
+
+  def authenticate(unencrypted_password)
+    password_digest? && Argon2id::Password.new(password_digest).is_password?(unencrypted_password) && self
+  end
+
+  def password_salt
+    Argon2id::Password.new(password_digest).salt if password_digest?
+  end
+end
+```
+
+This can then be used like so:
+
+```ruby
+user = User.new(name: "alice", password: "", password_confirmation: "diffpassword")
+user.save                               #=> false, password required
+user.password = "password"
+user.save                               #=> false, confirmation doesn't match
+user.password_confirmation = "password"
+user.save                               #=> true
+
+user.authenticate("notright") #=> false
+user.authenticate("password") #=> user
+
+User.find_by(name: "alice")&.authenticate("notright") #=> false
+User.find_by(name: "alice")&.authenticate("password") #=> user
+```
+
 ## Requirements
 
 This gem requires any of the following to run:
 
-* [Ruby](https://www.ruby-lang.org/en/) 2.6 to 3.3
+* [Ruby](https://www.ruby-lang.org/en/) 3.1 to 3.4.0-rc1
 * [JRuby](https://www.jruby.org) 9.4
 * [TruffleRuby](https://www.graalvm.org/ruby/) 24.1
 
@@ -214,11 +271,10 @@ This gem requires any of the following to run:
 Where possible, a pre-compiled native gem will be provided for the following platforms:
 
 * Linux
-    * `aarch64-linux` and `arm-linux` (requires [glibc](https://www.gnu.org/software/libc/) 2.29+)
-    * `x86-linux` and `x86_64-linux` (requires [glibc](https://www.gnu.org/software/libc/) 2.17+)
-    * [musl](https://musl.libc.org/)-based systems such as [Alpine](https://alpinelinux.org) are supported as long as a [glibc-compatible library is installed](https://wiki.alpinelinux.org/wiki/Running_glibc_programs)
+    * `aarch64-linux`, `arm-linux`, `x86-linux`, `x86_64-linux` (requires [glibc](https://www.gnu.org/software/libc/) 2.29+, RubyGems 3.3.22+ and Bundler 2.3.21+)
+    * [musl](https://musl.libc.org/)-based systems such as [Alpine](https://alpinelinux.org) are supported with Bundler 2.5.6+
 * macOS `x86_64-darwin` and `arm64-darwin`
-* Windows `x64-mingw32` and `x64-mingw-ucrt`
+* Windows `x64-mingw-ucrt`
 * Java: any platform running JRuby 9.4 or higher
 
 ### Verifying the gems
@@ -228,11 +284,11 @@ notes](https://github.com/mudge/argon2id/releases) for each version and can be
 checked with `sha256sum`, e.g.
 
 ```console
-$ gem fetch argon2id -v 0.6.0
-Fetching argon2id-0.6.0-arm64-darwin.gem
-Downloaded argon2id-0.6.0-arm64-darwin
-$ sha256sum argon2id-0.6.0-arm64-darwin.gem
-18f1f04be4b5e7badb4d491762e57874febeeb46c64ce1b0a5e3a75b39b5baeb  argon2id-0.6.0-arm64-darwin.gem
+$ gem fetch argon2id -v 0.7.0
+Fetching argon2id-0.7.0-arm64-darwin.gem
+Downloaded argon2id-0.7.0-arm64-darwin
+$ sha256sum argon2id-0.7.0-arm64-darwin.gem
+26bba5bcefa56827c728222e6df832aef5c8c4f4d3285875859a1d911477ec68  argon2id-0.7.0-arm64-darwin.gem
 ```
 
 [GPG](https://www.gnupg.org/) signatures are attached to each release (the
@@ -242,8 +298,8 @@ from a public keyserver, e.g. `gpg --keyserver keyserver.ubuntu.com --recv-key
 0x39AC3530070E0F75`):
 
 ```console
-$ gpg --verify argon2id-0.6.0-arm64-darwin.gem.sig argon2id-0.6.0-arm64-darwin.gem
-gpg: Signature made Tue  5 Nov 11:30:47 2024 GMT
+$ gpg --verify argon2id-0.7.0-arm64-darwin.gem.sig argon2id-0.7.0-arm64-darwin.gem
+gpg: Signature made Fri  8 Nov 13:45:18 2024 GMT
 gpg:                using RSA key 702609D9C790F45B577D7BEC39AC3530070E0F75
 gpg: Good signature from "Paul Mucur <mudge@mudge.name>" [unknown]
 gpg:                 aka "Paul Mucur <paul@ghostcassette.com>" [unknown]

data/Rakefile

@@ -5,18 +5,22 @@ require "minitest/test_task"
 CLEAN.add("lib/**/*.{o,so,bundle}", "pkg")
 
 cross_platforms = %w[
-  aarch64-linux
-  arm-linux
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
   arm64-darwin
   x64-mingw-ucrt
   x64-mingw32
-  x86-linux
+  x86-linux-gnu
+  x86-linux-musl
   x86-mingw32
   x86_64-darwin
-  x86_64-linux
+  x86_64-linux-gnu
+  x86_64-linux-musl
 ].freeze
 
-ENV["RUBY_CC_VERSION"] = %w[3.3.0 3.2.0 3.1.0 3.0.0 2.7.0 2.6.0].join(":")
+ENV["RUBY_CC_VERSION"] = %w[3.4.0 3.3.5 3.2.0 3.1.0].join(":")
 
 gemspec = Gem::Specification.load("argon2id.gemspec")
 

data/argon2id.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
     "source_code_uri" => "https://github.com/mudge/argon2id",
     "rubygems_mfa_required" => "true"
   }
-  s.required_ruby_version = ">= 2.6.0"
+  s.required_ruby_version = ">= 3.1.0"
   s.extensions = ["ext/argon2id/extconf.rb"]
   s.files = [
     "CHANGELOG.md",
@@ -54,6 +54,6 @@ Gem::Specification.new do |s|
   s.rdoc_options = ["--main", "README.md"]
 
   s.add_development_dependency("rake-compiler", "~> 1.2")
-  s.add_development_dependency("rake-compiler-dock", "~> 1.5")
+  s.add_development_dependency("rake-compiler-dock", "~> 1.7.0.rc1")
   s.add_development_dependency("minitest", "~> 5.25")
 end

data/lib/argon2id/extension.rb

@@ -15,10 +15,11 @@ if RUBY_PLATFORM == "java"
         output = Java::byte[hashlen].new
         params = Java::OrgBouncycastleCryptoParams::Argon2Parameters::Builder
           .new(Java::OrgBouncycastleCryptoParams::Argon2Parameters::ARGON2_id)
-          .with_salt(salt_bytes)
-          .with_parallelism(parallelism)
-          .with_memory_as_kb(m_cost)
+          .with_version(Java::OrgBouncycastleCryptoParams::Argon2Parameters::ARGON2_VERSION_13)
           .with_iterations(t_cost)
+          .with_memory_as_kb(m_cost)
+          .with_parallelism(parallelism)
+          .with_salt(salt_bytes)
           .build
         generator = Java::OrgBouncycastleCryptoGenerators::Argon2BytesGenerator.new
 
@@ -43,11 +44,11 @@ if RUBY_PLATFORM == "java"
         other_output = Java::byte[output.bytesize].new
         params = Java::OrgBouncycastleCryptoParams::Argon2Parameters::Builder
           .new(Java::OrgBouncycastleCryptoParams::Argon2Parameters::ARGON2_id)
-          .with_salt(salt.to_java_bytes)
-          .with_parallelism(parallelism)
-          .with_memory_as_kb(m_cost)
-          .with_iterations(t_cost)
           .with_version(version)
+          .with_iterations(t_cost)
+          .with_memory_as_kb(m_cost)
+          .with_parallelism(parallelism)
+          .with_salt(salt.to_java_bytes)
           .build
         generator = Java::OrgBouncycastleCryptoGenerators::Argon2BytesGenerator.new
         generator.init(params)

data/lib/argon2id/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Argon2id
-  VERSION = "0.7.0"
+  VERSION = "0.8.0.rc1"
 end

data/test/argon2id/test_password.rb

@@ -386,6 +386,12 @@ class TestPassword < Minitest::Test
     assert_instance_of Argon2id::Password, password
   end
 
+  def test_create_password_uses_version_13
+    password = Argon2id::Password.create("password")
+
+    assert_equal 0x13, password.version
+  end
+
   def test_create_password_uses_default_t_cost
     password = Argon2id::Password.create("password")
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: argon2id
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0.rc1
 platform: ruby
+original_platform: ''
 authors:
 - Paul Mucur
-autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-11-08 00:00:00.000000000 Z
+date: 2024-12-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake-compiler
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: 1.7.0.rc1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: 1.7.0.rc1
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -54,7 +54,6 @@ dependencies:
         version: '5.25'
 description: Ruby bindings to Argon2, the password-hashing function that won the 2015
   Password Hashing Competition.
-email: 
 executables: []
 extensions:
 - ext/argon2id/extconf.rb
@@ -99,7 +98,6 @@ metadata:
   homepage_uri: https://github.com/mudge/argon2id
   source_code_uri: https://github.com/mudge/argon2id
   rubygems_mfa_required: 'true'
-post_install_message: 
 rdoc_options:
 - "--main"
 - README.md
@@ -109,15 +107,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 3.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.22
-signing_key: 
+rubygems_version: 3.6.0.dev
 specification_version: 4
 summary: Ruby bindings to Argon2
 test_files: []