RubyGems - rbnacl-libsodium - Versions diffs - 1.0.13 → 1.0.15 - Mend

rbnacl-libsodium 1.0.13 → 1.0.15

Files changed (201) hide show

data/vendor/libsodium/test/default/misuse.c ADDED

@@ -0,0 +1,145 @@
+#define TEST_NAME "misuse"
+#include "cmptest.h"
+#ifdef HAVE_CATCHABLE_ABRT
+# include <signal.h>
+static void
+sigabrt_handler_13(int sig)
+{
+    (void) sig;
+    exit(0);
+}
+static void
+sigabrt_handler_12(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_13);
+    assert(crypto_pwhash_str_alg(NULL, "", 0U, 1U, 1U, -1) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_11(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_12);
+    assert(crypto_box_easy(NULL, NULL, crypto_stream_xsalsa20_MESSAGEBYTES_MAX,
+                           NULL, NULL, NULL) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_10(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_11);
+    assert(crypto_box_easy_afternm(NULL, NULL, crypto_stream_xsalsa20_MESSAGEBYTES_MAX,
+                                   NULL, NULL) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_9(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_10);
+    assert(sodium_base642bin(NULL, 1, NULL, 1, NULL, NULL, NULL, -1) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_8(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_9);
+    assert(sodium_bin2base64(NULL, 1, NULL, 1, sodium_base64_VARIANT_ORIGINAL) == NULL);
+    exit(1);
+}
+static void
+sigabrt_handler_7(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_8);
+    assert(sodium_bin2base64(NULL, 1, NULL, 1, -1) == NULL);
+    exit(1);
+}
+static void
+sigabrt_handler_6(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_7);
+    assert(sodium_pad(NULL, NULL, SIZE_MAX, 16, 1) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_5(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_6);
+    assert(crypto_aead_xchacha20poly1305_ietf_encrypt(NULL, NULL, NULL, UINT64_MAX,
+                                                      NULL, 0, NULL, NULL, NULL) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_4(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_5);
+    assert(crypto_aead_chacha20poly1305_ietf_encrypt(NULL, NULL, NULL, UINT64_MAX,
+                                                     NULL, 0, NULL, NULL, NULL) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_3(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_4);
+    assert(crypto_aead_chacha20poly1305_encrypt(NULL, NULL, NULL, UINT64_MAX,
+                                                NULL, 0, NULL, NULL, NULL) == -1);
+    exit(1);
+}
+static void
+sigabrt_handler_2(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_3);
+#if SIZE_MAX > 0x4000000000ULL
+    randombytes_buf_deterministic(NULL, 0x4000000001ULL, NULL);
+#else
+    abort();
+#endif
+    exit(1);
+}
+static void
+sigabrt_handler_1(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_2);
+    assert(crypto_kx_server_session_keys(NULL, NULL, NULL, NULL, NULL) == -1);
+    exit(1);
+}
+int
+main(void)
+{
+    signal(SIGABRT, sigabrt_handler_1);
+    assert(crypto_kx_client_session_keys(NULL, NULL, NULL, NULL, NULL) == -1);
+    return 1;
+}
+#else
+int
+main(void)
+{
+    return 0;
+}
+#endif

data/vendor/libsodium/test/default/misuse.exp ADDED

File without changes

data/vendor/libsodium/test/default/onetimeauth.c CHANGED

@@ -56,6 +56,8 @@ main(void)
     assert(crypto_onetimeauth_poly1305_bytes() == crypto_onetimeauth_bytes());
     assert(crypto_onetimeauth_poly1305_keybytes() ==
            crypto_onetimeauth_keybytes());
+    assert(crypto_onetimeauth_statebytes() > 0);
+    assert(crypto_onetimeauth_statebytes() == crypto_onetimeauth_poly1305_statebytes());
     return 0;
 }

data/vendor/libsodium/test/default/{pwhash.c → pwhash_argon2i.c} RENAMED

@@ -1,5 +1,5 @@
-#define TEST_NAME "pwhash"
+#define TEST_NAME "pwhash_argon2i"
 #include "cmptest.h"
 #define OUT_LEN 128
@@ -93,7 +93,7 @@ tv(void)
         if (crypto_pwhash(out, (unsigned long long) tests[i].outlen, passwd,
                           tests[i].passwd_len, (const unsigned char *) salt,
                           tests[i].opslimit, tests[i].memlimit,
-                          crypto_pwhash_alg_default()) != 0) {
+                          crypto_pwhash_alg_argon2i13()) != 0) {
             printf("[tv] pwhash failure (maybe intentional): [%u]\n",
                    (unsigned int) i);
             continue;
@@ -145,7 +145,7 @@ tv2(void)
         if (crypto_pwhash(out, (unsigned long long) tests[i].outlen, passwd,
                           tests[i].passwd_len, (const unsigned char *) salt,
                           tests[i].opslimit, tests[i].memlimit,
-                          crypto_pwhash_alg_default()) != 0) {
+                          crypto_pwhash_alg_argon2i13()) != 0) {
             printf("[tv2] pwhash failure: [%u]\n", (unsigned int) i);
             continue;
         }
@@ -157,24 +157,28 @@ tv2(void)
                       1ULL << 12, 0) != -1) {
         printf("[tv2] pwhash should have failed (0)\n");
     }
+    if (crypto_pwhash_argon2i(out, sizeof out, "password", strlen("password"), salt, 3,
+                              1ULL << 12, 0) != -1) {
+        printf("[tv2] pwhash should have failed (0')\n");
+    }
     if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 3,
-                      1, crypto_pwhash_alg_default()) != -1) {
+                      1, crypto_pwhash_alg_argon2i13()) != -1) {
         printf("[tv2] pwhash should have failed (1)\n");
     }
     if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 3,
-                      1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+                      1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
         printf("[tv2] pwhash should have failed (2)\n");
     }
     if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 2,
-                      1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+                      1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
         printf("[tv2] pwhash should have failed (3)\n");
     }
     if (crypto_pwhash(out, 15, "password", strlen("password"), salt, 3,
-                      1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+                      1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
         printf("[tv2] pwhash with a short output length should have failed\n");
     }
     if (crypto_pwhash(out, sizeof out, "password", 0x100000000ULL, salt, 3,
-                      1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+                      1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
         printf("[tv2] pwhash with a long password length should have failed\n");
     }
 }
@@ -220,33 +224,40 @@ tv3(void)
     } while (++i < (sizeof tests) / (sizeof tests[0]));
 }
-int
-main(void)
+static void
+str_tests(void)
 {
     char       *str_out;
     char       *str_out2;
     char       *salt;
     const char *passwd = "Correct Horse Battery Staple";
-    tv();
-    tv2();
-    tv3();
     salt     = (char *) sodium_malloc(crypto_pwhash_SALTBYTES);
     str_out  = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
     str_out2 = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
     memcpy(salt, ">A 16-bytes salt", crypto_pwhash_SALTBYTES);
-    if (crypto_pwhash_str(str_out, passwd, strlen(passwd), OPSLIMIT,
-                          MEMLIMIT) != 0) {
-        printf("pwhash_str failure\n");
-        return 1;
+    if (crypto_pwhash_argon2i_str(str_out, passwd, strlen(passwd), OPSLIMIT,
+                                  MEMLIMIT) != 0) {
+        printf("pwhash_argon2i_str failure\n");
     }
-    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), OPSLIMIT,
-                          MEMLIMIT) != 0) {
-        printf("pwhash_str(2) failure\n");
-        return 1;
+    if (crypto_pwhash_argon2i_str(str_out2, passwd, strlen(passwd), OPSLIMIT,
+                                  MEMLIMIT) != 0) {
+        printf("pwhash_argon2i_str(2) failure\n");
     }
     if (strcmp(str_out, str_out2) == 0) {
-        printf("pwhash_str() doesn't generate different salts\n");
+        printf("pwhash_argon2i_str() doesn't generate different salts\n");
+    }
+    if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) != 0) {
+        printf("needs_rehash() false positive\n");
+    }
+    if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1 ||
+        crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT / 2, MEMLIMIT) != 1 ||
+        crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != 1 ||
+        crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT * 2, MEMLIMIT) != 1) {
+        printf("needs_rehash() false negative\n");
+    }
+    if (crypto_pwhash_argon2i_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1) {
+        printf("needs_rehash() didn't fail with an invalid hash string\n");
     }
     if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out),
                        crypto_pwhash_STRBYTES - strlen(str_out)) != 1 ||
@@ -254,39 +265,37 @@ main(void)
                        crypto_pwhash_STRBYTES - strlen(str_out2)) != 1) {
         printf("pwhash_str() doesn't properly pad with zeros\n");
     }
-    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
+    if (crypto_pwhash_argon2i_str_verify(str_out, passwd, strlen(passwd)) != 0) {
         printf("pwhash_str_verify(1) failure\n");
     }
     str_out[14]++;
-    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != -1) {
+    if (crypto_pwhash_argon2i_str_verify(str_out, passwd, strlen(passwd)) != -1) {
         printf("pwhash_str_verify(2) failure\n");
     }
     str_out[14]--;
     assert(str_out[crypto_pwhash_STRBYTES - 1U] == 0);
-    if (crypto_pwhash_str(str_out2, passwd, 0x100000000ULL, OPSLIMIT,
-                          MEMLIMIT) != -1) {
+    if (crypto_pwhash_argon2i_str(str_out2, passwd, 0x100000000ULL, OPSLIMIT,
+                                  MEMLIMIT) != -1) {
         printf("pwhash_str() with a large password should have failed\n");
-        return 1;
     }
-    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), 1, MEMLIMIT) !=
+    if (crypto_pwhash_argon2i_str(str_out2, passwd, strlen(passwd), 1, MEMLIMIT) !=
         -1) {
         printf("pwhash_str() with a small opslimit should have failed\n");
-        return 1;
     }
-    if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
-                                 "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
-                                 "password", 0x100000000ULL) != -1) {
+    if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
+                                         "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
+                                         "password", 0x100000000ULL) != -1) {
         printf("pwhash_str_verify(invalid(0)) failure\n");
     }
-    if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
+    if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
                                  "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
                                  "password", strlen("password")) != -1) {
         printf("pwhash_str_verify(invalid(1)) failure %d\n", errno);
     }
-    if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
-                                 "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
-                                 "password", strlen("password")) != -1) {
+    if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
+                                         "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
+                                         "password", strlen("password")) != -1) {
         printf("pwhash_str_verify(invalid(2)) failure\n");
     }
     if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
@@ -333,85 +342,103 @@ main(void)
             "password", strlen("password")) != -1 || errno != EINVAL) {
         printf("pwhash_str_verify(invalid(9)) failure\n");
     }
-    assert(crypto_pwhash_bytes_min() > 0U);
-    assert(crypto_pwhash_bytes_max() > crypto_pwhash_bytes_min());
-    assert(crypto_pwhash_passwd_max() > crypto_pwhash_passwd_min());
-    assert(crypto_pwhash_saltbytes() > 0U);
-    assert(crypto_pwhash_strbytes() > 1U);
-    assert(crypto_pwhash_strbytes() > strlen(crypto_pwhash_strprefix()));
+    if (crypto_pwhash_str_verify(
+            "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVla~=mRpc29kaXNrdw"
+            "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
+            "password", strlen("password")) != -1 || errno != EINVAL) {
+        printf("pwhash_str_verify(invalid(10)) failure\n");
+    }
+    if (crypto_pwhash_str_verify(
+            "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
+            "$TNnWIwlu1061JHrnCqIAmjs3huSxYI~=U+0jWipu7Kc9M",
+            "password", strlen("password")) != -1 || errno != EINVAL) {
+        printf("pwhash_str_verify(invalid(11)) failure\n");
+    }
+    assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
+                                 crypto_pwhash_ALG_ARGON2I13) == 0);
+    assert(crypto_pwhash_argon2i_str_verify(str_out, "test", 4) == 0);
+    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
+                                                  OPSLIMIT, MEMLIMIT) == 0);
+    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
+                                                  OPSLIMIT / 2, MEMLIMIT) == 1);
+    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
+                                                  OPSLIMIT, MEMLIMIT / 2) == 1);
+    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == 1);
+    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1);
+    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out + 1,
+                                                  OPSLIMIT, MEMLIMIT) == -1);
+    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1);
+    assert(crypto_pwhash_argon2id_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
+    assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
+                                 crypto_pwhash_ALG_ARGON2ID13) == 0);
+    assert(crypto_pwhash_argon2id_str_verify(str_out, "test", 4) == 0);
+    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
+                                                   OPSLIMIT, MEMLIMIT) == 0);
+    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
+                                                   OPSLIMIT / 2, MEMLIMIT) == 1);
+    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
+                                                   OPSLIMIT, MEMLIMIT / 2) == 1);
+    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == 1);
+    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == -1);
+    assert(crypto_pwhash_argon2id_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
+    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out + 1,
+                                                   OPSLIMIT, MEMLIMIT) == -1);
+    sodium_free(salt);
+    sodium_free(str_out);
+    sodium_free(str_out2);
+}
-    assert(crypto_pwhash_opslimit_min() > 0U);
-    assert(crypto_pwhash_opslimit_max() > 0U);
-    assert(crypto_pwhash_memlimit_min() > 0U);
-    assert(crypto_pwhash_memlimit_max() > 0U);
-    assert(crypto_pwhash_opslimit_interactive() > 0U);
-    assert(crypto_pwhash_memlimit_interactive() > 0U);
-    assert(crypto_pwhash_opslimit_moderate() > 0U);
-    assert(crypto_pwhash_memlimit_moderate() > 0U);
-    assert(crypto_pwhash_opslimit_sensitive() > 0U);
-    assert(crypto_pwhash_memlimit_sensitive() > 0U);
-    assert(strcmp(crypto_pwhash_primitive(), "argon2i") == 0);
+int
+main(void)
+{
+    tv();
+    tv2();
+    tv3();
+    str_tests();
+    assert(crypto_pwhash_argon2i_bytes_min() > 0U);
+    assert(crypto_pwhash_argon2i_bytes_max() > crypto_pwhash_argon2i_bytes_min());
+    assert(crypto_pwhash_argon2i_passwd_max() > crypto_pwhash_argon2i_passwd_min());
+    assert(crypto_pwhash_argon2i_saltbytes() > 0U);
+    assert(crypto_pwhash_argon2i_strbytes() > 1U);
+    assert(crypto_pwhash_argon2i_strbytes() > strlen(crypto_pwhash_argon2i_strprefix()));
-    assert(crypto_pwhash_bytes_min() == crypto_pwhash_BYTES_MIN);
-    assert(crypto_pwhash_bytes_max() == crypto_pwhash_BYTES_MAX);
-    assert(crypto_pwhash_passwd_min() == crypto_pwhash_PASSWD_MIN);
-    assert(crypto_pwhash_passwd_max() == crypto_pwhash_PASSWD_MAX);
-    assert(crypto_pwhash_saltbytes() == crypto_pwhash_SALTBYTES);
-    assert(crypto_pwhash_strbytes() == crypto_pwhash_STRBYTES);
+    assert(crypto_pwhash_argon2i_opslimit_min() > 0U);
+    assert(crypto_pwhash_argon2i_opslimit_max() > 0U);
+    assert(crypto_pwhash_argon2i_memlimit_min() > 0U);
+    assert(crypto_pwhash_argon2i_memlimit_max() > 0U);
+    assert(crypto_pwhash_argon2i_opslimit_interactive() > 0U);
+    assert(crypto_pwhash_argon2i_memlimit_interactive() > 0U);
+    assert(crypto_pwhash_argon2i_opslimit_moderate() > 0U);
+    assert(crypto_pwhash_argon2i_memlimit_moderate() > 0U);
+    assert(crypto_pwhash_argon2i_opslimit_sensitive() > 0U);
+    assert(crypto_pwhash_argon2i_memlimit_sensitive() > 0U);
-    assert(crypto_pwhash_opslimit_min() == crypto_pwhash_OPSLIMIT_MIN);
-    assert(crypto_pwhash_opslimit_max() == crypto_pwhash_OPSLIMIT_MAX);
-    assert(crypto_pwhash_memlimit_min() == crypto_pwhash_MEMLIMIT_MIN);
-    assert(crypto_pwhash_memlimit_max() == crypto_pwhash_MEMLIMIT_MAX);
-    assert(crypto_pwhash_opslimit_interactive() ==
-           crypto_pwhash_OPSLIMIT_INTERACTIVE);
-    assert(crypto_pwhash_memlimit_interactive() ==
-           crypto_pwhash_MEMLIMIT_INTERACTIVE);
-    assert(crypto_pwhash_opslimit_moderate() ==
-           crypto_pwhash_OPSLIMIT_MODERATE);
-    assert(crypto_pwhash_memlimit_moderate() ==
-           crypto_pwhash_MEMLIMIT_MODERATE);
-    assert(crypto_pwhash_opslimit_sensitive() ==
-           crypto_pwhash_OPSLIMIT_SENSITIVE);
-    assert(crypto_pwhash_memlimit_sensitive() ==
-           crypto_pwhash_MEMLIMIT_SENSITIVE);
+    assert(crypto_pwhash_argon2i_bytes_min() == crypto_pwhash_argon2i_BYTES_MIN);
+    assert(crypto_pwhash_argon2i_bytes_max() == crypto_pwhash_argon2i_BYTES_MAX);
+    assert(crypto_pwhash_argon2i_passwd_min() == crypto_pwhash_argon2i_PASSWD_MIN);
+    assert(crypto_pwhash_argon2i_passwd_max() == crypto_pwhash_argon2i_PASSWD_MAX);
+    assert(crypto_pwhash_argon2i_saltbytes() == crypto_pwhash_argon2i_SALTBYTES);
+    assert(crypto_pwhash_argon2i_strbytes() == crypto_pwhash_argon2i_STRBYTES);
-    assert(crypto_pwhash_argon2i_bytes_min() == crypto_pwhash_bytes_min());
-    assert(crypto_pwhash_argon2i_bytes_max() == crypto_pwhash_bytes_max());
-    assert(crypto_pwhash_argon2i_passwd_min() == crypto_pwhash_passwd_min());
-    assert(crypto_pwhash_argon2i_passwd_max() == crypto_pwhash_passwd_max());
-    assert(crypto_pwhash_argon2i_saltbytes() == crypto_pwhash_saltbytes());
-    assert(crypto_pwhash_argon2i_strbytes() == crypto_pwhash_strbytes());
-    assert(strcmp(crypto_pwhash_argon2i_strprefix(),
-                  crypto_pwhash_strprefix()) == 0);
-    assert(crypto_pwhash_argon2i_opslimit_min() ==
-           crypto_pwhash_opslimit_min());
-    assert(crypto_pwhash_argon2i_opslimit_max() ==
-           crypto_pwhash_opslimit_max());
-    assert(crypto_pwhash_argon2i_memlimit_min() ==
-           crypto_pwhash_memlimit_min());
-    assert(crypto_pwhash_argon2i_memlimit_max() ==
-           crypto_pwhash_memlimit_max());
+    assert(crypto_pwhash_argon2i_opslimit_min() == crypto_pwhash_argon2i_OPSLIMIT_MIN);
+    assert(crypto_pwhash_argon2i_opslimit_max() == crypto_pwhash_argon2i_OPSLIMIT_MAX);
+    assert(crypto_pwhash_argon2i_memlimit_min() == crypto_pwhash_argon2i_MEMLIMIT_MIN);
+    assert(crypto_pwhash_argon2i_memlimit_max() == crypto_pwhash_argon2i_MEMLIMIT_MAX);
     assert(crypto_pwhash_argon2i_opslimit_interactive() ==
-           crypto_pwhash_opslimit_interactive());
-    assert(crypto_pwhash_argon2i_opslimit_moderate() ==
-           crypto_pwhash_opslimit_moderate());
-    assert(crypto_pwhash_argon2i_opslimit_sensitive() ==
-           crypto_pwhash_opslimit_sensitive());
+           crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE);
     assert(crypto_pwhash_argon2i_memlimit_interactive() ==
-           crypto_pwhash_memlimit_interactive());
+           crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE);
+    assert(crypto_pwhash_argon2i_opslimit_moderate() ==
+           crypto_pwhash_argon2i_OPSLIMIT_MODERATE);
     assert(crypto_pwhash_argon2i_memlimit_moderate() ==
-           crypto_pwhash_memlimit_moderate());
+           crypto_pwhash_argon2i_MEMLIMIT_MODERATE);
+    assert(crypto_pwhash_argon2i_opslimit_sensitive() ==
+           crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE);
     assert(crypto_pwhash_argon2i_memlimit_sensitive() ==
-           crypto_pwhash_memlimit_sensitive());
-    assert(crypto_pwhash_alg_argon2i13() ==
-           crypto_pwhash_argon2i_alg_argon2i13());
-    assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_ALG_ARGON2I13);
-    assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_alg_default());
+           crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE);
-    sodium_free(salt);
-    sodium_free(str_out);
-    sodium_free(str_out2);
+    assert(crypto_pwhash_argon2i_alg_argon2i13() == crypto_pwhash_argon2i_ALG_ARGON2I13);
     printf("OK\n");