RubyGems - rbnacl-libsodium - Versions diffs - 1.0.8 → 1.0.9 - Mend

rbnacl-libsodium 1.0.8 → 1.0.9

Files changed (204) hide show

data/vendor/libsodium/test/default/auth7.c CHANGED

@@ -8,25 +8,25 @@ static unsigned char a[64];
 int main(void)
 {
-    int clen;
+    size_t clen;
     for (clen = 0; clen < sizeof c; ++clen) {
         randombytes_buf(key, sizeof key);
         randombytes_buf(c, clen);
         crypto_auth_hmacsha512(a, c, clen, key);
         if (crypto_auth_hmacsha512_verify(a, c, clen, key) != 0) {
-            printf("fail %d\n", clen);
+            printf("fail %u\n", (unsigned int) clen);
             return 100;
         }
         if (clen > 0) {
-            c[rand() % clen] += 1 + (rand() % 255);
+            c[(size_t) rand() % clen] += 1 + (rand() % 255);
             if (crypto_auth_hmacsha512_verify(a, c, clen, key) == 0) {
-                printf("forgery %d\n", clen);
+                printf("forgery %u\n", (unsigned int) clen);
                 return 100;
             }
             a[rand() % sizeof a] += 1 + (rand() % 255);
             if (crypto_auth_hmacsha512_verify(a, c, clen, key) == 0) {
-                printf("forgery %d\n", clen);
+                printf("forgery %u\n", (unsigned int) clen);
                 return 100;
             }
         }

data/vendor/libsodium/test/default/box.c CHANGED

@@ -22,7 +22,7 @@ static const unsigned char nonce[24]
         0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6,
         0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 };
-// API requires first 32 bytes to be 0
+/* API requires first 32 bytes to be 0 */
 static const unsigned char m[163]
     = { 0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
         0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
@@ -55,12 +55,12 @@ int main(void)
             printf("\n");
     }
     printf("\n");
     ret = crypto_box(c, m, 163, nonce, small_order_p, alicesk);
     assert(ret == -1);
     memset(c, 0, sizeof c);
     ret = crypto_box_beforenm(k, bobpk, alicesk);
     assert(ret == 0);
     crypto_box_afternm(c, m, 163, nonce, k);
@@ -70,7 +70,7 @@ int main(void)
             printf("\n");
     }
     printf("\n");
     ret = crypto_box_beforenm(k, small_order_p, alicesk);
     assert(ret == -1);

data/vendor/libsodium/test/default/box2.c CHANGED

@@ -22,7 +22,7 @@ static unsigned char nonce[24]
         0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6,
         0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 };
-// API requires first 16 bytes to be 0
+/* API requires first 16 bytes to be 0 */
 static unsigned char c[163]
     = { 0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
         0,    0,    0,    0,    0xf3, 0xff, 0xc7, 0x70, 0x3f, 0x94, 0x00, 0xe5,

data/vendor/libsodium/test/default/core6.c CHANGED

@@ -17,7 +17,7 @@ static unsigned char c[16]
 static unsigned char out[64];
-void print(unsigned char *x, unsigned char *y)
+static void print(unsigned char *x, unsigned char *y)
 {
     int i;
     unsigned int borrow = 0;

data/vendor/libsodium/test/default/generichash.c CHANGED

@@ -1291,7 +1291,7 @@ static struct {
     }
 };
-int
+static int
 tv(void)
 {
     unsigned char *expected_out;
@@ -1366,6 +1366,17 @@ main(void)
         printf("%02x", (unsigned int) out[j]);
     }
     printf("\n");
+    assert(crypto_generichash(NULL, 0,
+                              in, (unsigned long long) sizeof in,
+                              k, sizeof k) == -1);
+    assert(crypto_generichash(NULL, crypto_generichash_BYTES_MAX + 1,
+                              in, (unsigned long long) sizeof in,
+                              k, sizeof k) == -1);
+    assert(crypto_generichash(NULL, (unsigned long long) sizeof in,
+                              in, (unsigned long long) sizeof in,
+                              k, crypto_generichash_KEYBYTES_MAX + 1) == -1);
     assert(crypto_generichash_bytes_min() > 0U);
     assert(crypto_generichash_bytes_max() > 0U);
     assert(crypto_generichash_bytes() > 0U);

data/vendor/libsodium/test/default/generichash2.c CHANGED

@@ -13,10 +13,10 @@ main(void)
     assert(crypto_generichash_statebytes() >= sizeof st);
     for (h = 0; h < crypto_generichash_KEYBYTES_MAX; ++h)
-        k[h] = h;
+        k[h] = (unsigned char) h;
     for (i = 0; i < MAXLEN; ++i) {
-        in[i] = i;
+        in[i] = (unsigned char) i;
         if (crypto_generichash_init(&st, k,
                                     1 + i % crypto_generichash_KEYBYTES_MAX,
                                     1 + i % crypto_generichash_BYTES_MAX) != 0) {

data/vendor/libsodium/test/default/generichash3.c CHANGED

@@ -20,6 +20,7 @@ main(void)
     size_t        i;
     size_t        j;
+    assert(crypto_generichash_blake2b_statebytes() >= sizeof st);
     for (h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) {
         k[h] = (unsigned char) h;
     }
@@ -129,6 +130,19 @@ main(void)
     }
     printf("\n");
+    assert(crypto_generichash_blake2b_salt_personal
+           (NULL, 0,
+            in, (unsigned long long) sizeof in,
+            k, sizeof k, NULL, NULL) == -1);
+    assert(crypto_generichash_blake2b_salt_personal
+           (NULL, crypto_generichash_BYTES_MAX + 1,
+            in, (unsigned long long) sizeof in,
+            k, sizeof k, NULL, NULL) == -1);
+    assert(crypto_generichash_blake2b_salt_personal
+           (NULL, (unsigned long long) sizeof in,
+            in, (unsigned long long) sizeof in,
+            k, crypto_generichash_KEYBYTES_MAX + 1, NULL, NULL) == -1);
     crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES,
                                                   NULL, personal);
     crypto_generichash_blake2b_update(&st, in, MAXLEN);
@@ -147,6 +161,13 @@ main(void)
     }
     printf("\n");
+    assert(crypto_generichash_blake2b_init_salt_personal
+           (&st, k, sizeof k, 0, NULL, NULL) == -1);
+    assert(crypto_generichash_blake2b_init_salt_personal
+           (&st, k, sizeof k, crypto_generichash_blake2b_BYTES_MAX + 1, NULL, NULL) == -1);
+    assert(crypto_generichash_blake2b_init_salt_personal
+           (&st, k, crypto_generichash_blake2b_KEYBYTES_MAX + 1, sizeof out, NULL, NULL) == -1);
     assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES,
                                                          NULL, personal) == 0);
     assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES,

data/vendor/libsodium/test/default/pwhash.c CHANGED

@@ -3,8 +3,8 @@
 #include "cmptest.h"
 #define OUT_LEN 128
-#define OPSLIMIT 1000000
-#define MEMLIMIT 10000000
+#define OPSLIMIT 3
+#define MEMLIMIT 5000000
 static void tv(void)
 {
@@ -15,6 +15,7 @@ static void tv(void)
         size_t              outlen;
         unsigned long long  opslimit;
         size_t              memlimit;
+        unsigned int        lanes;
     } tests[] = {
           { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
             "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
@@ -22,13 +23,13 @@ static void tv(void)
             "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
             127,
             "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
-            155, 481326, 7256678 },
+            155, 5, 7256678, 1 },
           { "e125cee61c8cb7778d9e5ad0a6f5d978ce9f84de213a8556d9ffe202020ab4a6ed"
             "9074a4eb3416f9b168f137510f3a30b70b96cbfa219ff99f6c6eaffb15c06b60e0"
             "0cc2890277f0fd3c622115772f7048adaebed86e",
             86,
             "f1192dd5dc2368b9cd421338b22433455ee0a3699f9379a08b9650ea2c126f0d",
-            250, 535778, 7849083 },
+            250, 4, 7849083, 1 },
           { "92263cbf6ac376499f68a4289d3bb59e5a22335eba63a32e6410249155b956b6a3"
             "b48d4a44906b18b897127300b375b8f834f1ceffc70880a885f47c33876717e392"
             "be57f7da3ae58da4fd1f43daa7e44bb82d3717af4319349c24cd31e46d295856b0"
@@ -37,7 +38,7 @@ static void tv(void)
             "711f58c8c392016b2fdfc09c64f0f6b6ab7b",
             183,
             "3b840e20e9555e9fb031c4ba1f1747ce25cc1d0ff664be676b9b4a90641ff194",
-            249, 311757, 7994791 },
+            249, 3, 7994791, 1 },
           { "027b6d8e8c8c474e9b69c7d9ed4f9971e8e1ce2f6ba95048414c3970f0f09b70e3"
             "b6c5ae05872b3d8678705b7d381829c351a5a9c88c233569b35d6b0b809df44b64"
             "51a9c273f1150e2ef8a0b5437eb701e373474cd44b97ef0248ebce2ca0400e1b53"
@@ -45,19 +46,13 @@ static void tv(void)
             "9bb078ed1f0d31e7f9b8062409f37f19f8550aae",
             152,
             "eb2a3056a09ad2d7d7f975bcd707598f24cd32518cde3069f2e403b34bfee8a5",
-            5, 643464, 1397645 },
+            5, 4, 1397645, 1 },
           { "4a857e2ee8aa9b6056f2424e84d24a72473378906ee04a46cb05311502d5250b82"
             "ad86b83c8f20a23dbb74f6da60b0b6ecffd67134d45946ac8ebfb3064294bc097d"
             "43ced68642bfb8bbbdd0f50b30118f5e",
             82,
             "39d82eef32010b8b79cc5ba88ed539fbaba741100f2edbeca7cc171ffeabf258",
-            190, 758010, 5432947 },
-          { "1845e375479537e9dd4f4486d5c91ac72775d66605eeb11a787b78a7745f1fd005"
-            "2d526c67235dbae1b2a4d575a74cb551c8e9096c593a497aee74ba3047d911358e"
-            "de57bc27c9ea1829824348daaab606217cc931dcb6627787bd6e4e5854f0e8",
-            97,
-            "3ee91a805aa62cfbe8dce29a2d9a44373a5006f4a4ce24022aca9cecb29d1473",
-            212, 233177, 13101817 },
+            190, 3, 1432947, 1 },
           { "c7b09aec680e7b42fedd7fc792e78b2f6c1bea8f4a884320b648f81e8cf515e8ba"
             "9dcfb11d43c4aae114c1734aa69ca82d44998365db9c93744fa28b63fd16000e82"
             "61cbbe083e7e2da1e5f696bde0834fe53146d7e0e35e7de9920d041f5a5621aabe"
@@ -65,19 +60,12 @@ static void tv(void)
             "089dbeb6d6342a909c1307b3fff5fe2cf4da56bdae50848f",
             156,
             "039c056d933b475032777edbaffac50f143f64c123329ed9cf59e3b65d3f43b6",
-            178, 234753, 4886999 },
-          { "8f3a06e2fd8711350a517bb12e31f3d3423e8dc0bb14aac8240fca0995938d59bb"
-            "37bd0a7dfc9c9cc0705684b46612e8c8b1d6655fb0f9887562bb9899791a0250d1"
-            "320f945eda48cdc20c233f40a5bb0a7e3ac5ad7250ce684f68fc0b8c9633bfd75a"
-            "ad116525af7bdcdbbdb4e00ab163fd4df08f243f12557e",
-            122,
-            "90631f686a8c3dbc0703ffa353bc1fdf35774568ac62406f98a13ed8f47595fd",
-            55, 695191, 15738350 },
+            178, 3, 4886999, 1 },
           { "b540beb016a5366524d4605156493f9874514a5aa58818cd0c6dfffaa9e90205f1"
             "7b",
             34,
             "44071f6d181561670bda728d43fb79b443bb805afdebaf98622b5165e01b15fb",
-            231, 78652, 6631659 },
+            231, 1, 1631659, 1 },
           { "a14975c26c088755a8b715ff2528d647cd343987fcf4aa25e7194a8417fb2b4b3f"
             "7268da9f3182b4cfb22d138b2749d673a47ecc7525dd15a0a3c66046971784bb63"
             "d7eae24cc84f2631712075a10e10a96b0e0ee67c43e01c423cb9c44e5371017e9c"
@@ -87,10 +75,10 @@ static void tv(void)
             "55a3b4169f22cccb0745a2689407ea1901a0a766eb99",
             220,
             "3d968b2752b8838431165059319f3ff8910b7b8ecb54ea01d3f54769e9d98daf",
-            167, 717248, 10784179 },
+            167, 3, 1784128, 1 },
       };
     char          passwd[256];
-    unsigned char salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES];
+    unsigned char salt[crypto_pwhash_SALTBYTES];
     unsigned char out[256];
     char          out_hex[256 * 2 + 1];
     size_t        i = 0U;
@@ -101,12 +89,12 @@ static void tv(void)
                        NULL, NULL);
         sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex,
                        strlen(tests[i].salt_hex), NULL, NULL, NULL);
-        if (crypto_pwhash_scryptsalsa208sha256(
-                out, (unsigned long long) tests[i].outlen,
-                passwd, tests[i].passwdlen,
-                (const unsigned char *) salt, tests[i].opslimit,
-                tests[i].memlimit) != 0) {
-            printf("pwhash failure\n");
+        if (crypto_pwhash(out, (unsigned long long) tests[i].outlen,
+                          passwd, tests[i].passwdlen,
+                          (const unsigned char *) salt, tests[i].opslimit,
+                          tests[i].memlimit, crypto_pwhash_alg_default()) != 0) {
+            printf("[tv] pwhash failure (maybe intentional): [%u]\n", (unsigned int) i);
+            continue;
         }
         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
         printf("%s\n", out_hex);
@@ -122,6 +110,7 @@ static void tv2(void)
         size_t              outlen;
         unsigned long long  opslimit;
         size_t              memlimit;
+        unsigned int        lanes;
     } tests[] = {
           { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
             "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
@@ -129,17 +118,17 @@ static void tv2(void)
             "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
             127,
             "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
-            155, 64, 1397645 },
+            155, 4, 1397645, 1 },
           { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
             "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
             "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5"
             "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
             127,
             "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
-            155, 32768, 1397645 },
+            155, 3, 1397645, 1 },
       };
     char          passwd[256];
-    unsigned char salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES];
+    unsigned char salt[crypto_pwhash_SALTBYTES];
     unsigned char out[256];
     char          out_hex[256 * 2 + 1];
     size_t        i = 0U;
@@ -150,16 +139,41 @@ static void tv2(void)
                        NULL, NULL);
         sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex,
                        strlen(tests[i].salt_hex), NULL, NULL, NULL);
-        if (crypto_pwhash_scryptsalsa208sha256(
-                out, (unsigned long long) tests[i].outlen,
-                passwd, tests[i].passwdlen,
-                (const unsigned char *) salt, tests[i].opslimit,
-                tests[i].memlimit) != 0) {
-            printf("pwhash failure\n");
+        if (crypto_pwhash(out, (unsigned long long) tests[i].outlen,
+                          passwd, tests[i].passwdlen,
+                          (const unsigned char *) salt, tests[i].opslimit,
+                          tests[i].memlimit, crypto_pwhash_alg_default()) != 0) {
+            printf("[tv2] pwhash failure: [%u]\n", (unsigned int) i);
+            continue;
         }
         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
         printf("%s\n", out_hex);
     } while (++i < (sizeof tests) / (sizeof tests[0]));
+    if (crypto_pwhash(out, sizeof out, "password", strlen("password"),
+                      salt, 3, 1ULL << 12, 0) != -1) {
+        printf("[tv2] pwhash should have failed (0)\n");
+    }
+    if (crypto_pwhash(out, sizeof out, "password", strlen("password"),
+                      salt, 3, 1, crypto_pwhash_alg_default()) != -1) {
+        printf("[tv2] pwhash should have failed (1)\n");
+    }
+    if (crypto_pwhash(out, sizeof out, "password", strlen("password"),
+                      salt, 3, 1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+        printf("[tv2] pwhash should have failed (2)\n");
+    }
+    if (crypto_pwhash(out, sizeof out, "password", strlen("password"),
+                      salt, 2, 1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+        printf("[tv2] pwhash should have failed (3)\n");
+    }
+    if (crypto_pwhash(out, 0x100000000ULL, "password", strlen("password"),
+                      salt, 3, 1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+        printf("[tv2] pwhash with a long output length should have failed\n");
+    }
+    if (crypto_pwhash(out, sizeof out, "password", 0x100000000ULL,
+                      salt, 3, 1ULL << 12, crypto_pwhash_alg_default()) != -1) {
+        printf("[tv2] pwhash with a long password length should have failed\n");
+    }
 }
 static void tv3(void)
@@ -168,103 +182,15 @@ static void tv3(void)
         const char *passwd;
         const char *out;
     } tests[] = {
-          { "^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg "
-            "nrDFal+Jxl3,2`#^tFSu%v_+7iYse8-cCkNf!tD=KrW)",
-            "$7$B6....1....75gBMAGwfFWZqBdyF3WdTQnWdUsuTiWjG1fF9c1jiSD$tc8RoB3."
-            "Em3/zNgMLWo2u00oGIoTyJv4fl3Fl8Tix72" },
-          { "bl72h6#y<':MFRZ>B IA1=NRkCKS%W8`1I.2uQxJN0g)N N aTt^4K!Iw5r "
-            "H6;crDsv^a55j9tsk'/GqweZn;cdk6+F_St6:#*=?ZCD_lw>.",
-            "$7$A6....3....Iahc6qM0.UQJHVgE4h9oa1/"
-            "4OWlWLm9CCtfguvz6bQD$QnXCo3M7nIqtry2WKsUZ5gQ.mY0wAlJu."
-            "WUhtE8vF66" },
-          { "Py "
-            ">e.5b+tLo@rL`dC2k@eJ&4eVl!W=JJ4+k&mAt@gt',FS1JjqKW3aq21:]^kna`"
-            "mde7kVkN5NrpKUptu)@4*b&?BE_sJMG1=&@`3GBCV]Wg7xwgo7x3El",
-            "$7$96..../....f6bEusKt79kK4wdYN0ki2nw4bJQ7P3rN6k3BSigsK/"
-            "D$Dsvuw7vXj5xijmrb/NOhdgoyK/OiSIYv88cEtl9Cik7" },
-          { "2vj;Um]FKOL27oam(:Uo8+UmSTvb1FD*h?jk_,S=;RDgF-$Fjk?]9yvfxe@fN^!NN("
-            "Cuml?+2Raa",
-            "$7$86....I....7XwIxLtCx4VphmFeUa6OGuGJrFaIaYzDiLNu/"
-            "tyUPhD$U3q5GCEqCWxMwh.YQHDJrlg7FIZgViv9pcXE3h1vg61" },
-          { "CT=[9uUoGav,J`kU+348tA50ue#sL:ABZ3QgF+r[#vh:tTOiL>s8tv%,Jeo]jH/"
-            "_4^i(*jD-_ku[9Ko[=86 06V",
-            "$7$A6....2....R3.bjH6YS9wz9z8Jsj.3weGQ3J80ZZElGw2oVux1TP6$"
-            "i5u6lFzXDHaIgYEICinLD6WNaovbiXP8SnLrDRdKgA9" },
-          { "J#wNn`hDgOpTHNI.w^1a70%f,.9V_m038H_JIJQln`vdWnn/"
-            "rmILR?9H5g(+`;@H(2VosN9Fgk[WEjaBr'yB9Q19-imNa04[Mk5kvGcSn-TV",
-            "$7$B6....1....Dj1y.4mF1J9XmT/6IDskYdCLaPFJTq9xcCwXQ1DpT92$92/"
-            "hYfZLRq1nTLyIz.uc/dC6wLqwnsoqpkadrCXusm6" },
-          { "j4BS38Asa;p)[K+9TY!3YDj<LK-`nLVXQw9%*QfM",
-            "$7$B6....1....5Ods8mojVwXJq4AywF/uI9BdMSiJ/zT8hQP/"
-            "4cB68VC$nk4ExHNXJ802froj51/1wJTrSZvTIyyK7PecOxRRaz0" },
-          { "M.R>Qw+!qJb]>pP :_.9`dxM9k [eR7Y!yL-3)sNs[R,j_/^ "
-            "TH=5ny'15>6UXWcQW^6D%XCsO[vN[%ReA-`tV1vW(Nt*0KVK#]45P_A",
-            "$7$B6....1....D/"
-            "eyk8N5y6Z8YVQEsw521cTx.9zzLuK7YDs1KMMh.o4$alfW8ZbsUWnXc."
-            "vqon2zoljVk24Tt1.IsCuo2KurvS2" },
-          { "K3S=KyH#)36_?]LxeR8QNKw6X=gFb'ai$C%29V* "
-            "tyh^Wo$TN-#Q4qkmtTCf0LLb.^E$0uykkP",
-            "$7$B6....1....CuBuU97xgAage8whp/"
-            "JNKobo0TFbsORGVbfcQIefyP8$aqalP."
-            "XofGViB8EPLONqHma8vs1xc9uTIMYh9CgE.S8" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          /* Invalid pwhash strings */
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....1....$TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$.6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A.....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6.........TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i44269$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AH" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx54269" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7^A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$!6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A!....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....!....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "",
-            "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7fA6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4#"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$AX....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....1!...TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....1" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "" },
-          { "Y0!?iQa9M%5ekffW(`",
-            "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$"
-            "" },
-      };
+        { "",
+          "$argon2i$v=19$m=4096,t=1,p=1$X1NhbHQAAAAAAAAAAAAAAA$bWh++MKN1OiFHKgIWTLvIi1iHicmHH7+Fv3K88ifFfI" },
+        { "",
+          "$argon2i$v=19$m=2048,t=4,p=1$SWkxaUhpY21ISDcrRnYzSw$Mbg/Eck1kpZir5T9io7C64cpffdTBaORgyriLQFgQj8" },
+        { "^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg ",
+          "$argon2i$v=19$m=4096,t=3,p=2$X1NhbHQAAAAAAAAAAAAAAA$z/QMiU4lQxGsYNc/+K/bizwsA1P11UG2dj/7+aILJ4I" },
+        { "K3S=KyH#)36_?]LxeR8QNKw6X=gFbxai$C%29V*",
+          "$argon2i$v=19$m=4096,t=3,p=1$X1NhbHQAAAAAAAAAAAAAAA$fu2Wsecyt+yPnBvSvYN16oP5ozRmkp0ixJ1YL19V3Uo" }
+    };
     char *out;
     char *passwd;
     size_t i = 0U;
@@ -276,9 +202,10 @@ static void tv3(void)
         passwd = (char *) sodium_malloc(strlen(tests[i].passwd) + 1U);
         assert(passwd != NULL);
         memcpy(passwd, tests[i].passwd, strlen(tests[i].passwd) + 1U);
-        if (crypto_pwhash_scryptsalsa208sha256_str_verify
+        if (crypto_pwhash_str_verify
             (out, passwd, strlen(passwd)) != 0) {
-            printf("pwhash_str failure: [%u]\n", (unsigned int)i);
+            printf("[tv3] pwhash_str failure (maybe intentional): [%u]\n", (unsigned int) i);
+            continue;
         }
         sodium_free(out);
         sodium_free(passwd);
@@ -295,49 +222,140 @@ int main(void)
     tv();
     tv2();
     tv3();
-    salt = (char *)
-        sodium_malloc(crypto_pwhash_scryptsalsa208sha256_SALTBYTES);
-    str_out = (char *)
-        sodium_malloc(crypto_pwhash_scryptsalsa208sha256_STRBYTES);
-    str_out2 = (char *)
-        sodium_malloc(crypto_pwhash_scryptsalsa208sha256_STRBYTES);
-    memcpy(salt, "[<~A 32-bytes salt for scrypt~>]",
-           crypto_pwhash_scryptsalsa208sha256_SALTBYTES);
-    if (crypto_pwhash_scryptsalsa208sha256_str(str_out, passwd, strlen(passwd),
-                                               OPSLIMIT, MEMLIMIT) != 0) {
+    salt = (char *) sodium_malloc(crypto_pwhash_SALTBYTES);
+    str_out = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
+    str_out2 = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
+    memcpy(salt, ">A 16-bytes salt", crypto_pwhash_SALTBYTES);
+    if (crypto_pwhash_str(str_out, passwd, strlen(passwd),
+                          OPSLIMIT, MEMLIMIT) != 0) {
         printf("pwhash_str failure\n");
+        return 1;
     }
-    if (crypto_pwhash_scryptsalsa208sha256_str(str_out2, passwd, strlen(passwd),
-                                               OPSLIMIT, MEMLIMIT) != 0) {
+    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd),
+                          OPSLIMIT, MEMLIMIT) != 0) {
         printf("pwhash_str(2) failure\n");
+        return 1;
     }
     if (strcmp(str_out, str_out2) == 0) {
-        printf("pwhash_str doesn't generate different salts\n");
+        printf("pwhash_str() doesn't generate different salts\n");
     }
-    if (crypto_pwhash_scryptsalsa208sha256_str_verify(str_out, passwd,
-                                                      strlen(passwd)) != 0) {
-        printf("pwhash_str_verify failure\n");
+    if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out),
+                       crypto_pwhash_STRBYTES - strlen(str_out)) != 1 ||
+        sodium_is_zero((const unsigned char *) str_out2 + strlen(str_out2),
+                       crypto_pwhash_STRBYTES - strlen(str_out2)) != 1) {
+        printf("pwhash_str() doesn't properly pad with zeros\n");
     }
-    if (crypto_pwhash_scryptsalsa208sha256_str_verify(str_out, passwd,
-                                                      strlen(passwd)) != 0) {
-        printf("pwhash_str_verify failure\n");
+    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
+        printf("pwhash_str_verify(1) failure\n");
     }
     str_out[14]++;
-    if (crypto_pwhash_scryptsalsa208sha256_str_verify(
-        str_out, passwd, strlen(passwd)) == 0) {
+    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != -1) {
         printf("pwhash_str_verify(2) failure\n");
     }
     str_out[14]--;
+    assert(str_out[crypto_pwhash_STRBYTES - 1U] == 0);
+    if (crypto_pwhash_str(str_out2, passwd, 0x100000000ULL,
+                          OPSLIMIT, MEMLIMIT) != -1) {
+        printf("pwhash_str() with a large password should have failed\n");
+        return 1;
+    }
+    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd),
+                          1, MEMLIMIT) != -1) {
+        printf("pwhash_str() with a small opslimit should have failed\n");
+        return 1;
+    }
+    if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
+                                 "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
+                                 "password", 0x100000000ULL) != -1) {
+        printf("pwhash_str_verify(invalid(0)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
+                                 "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(1)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
+                                 "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(2)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
+                                 "$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(3)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1c29tZXNhbHQ"
+                                 "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(4)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
+                                 "wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(5)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
+                                 "$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(6)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
+                                 "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
+                                 "password", strlen("password")) != 0) {
+        printf("pwhash_str_verify(valid(7)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
+                                 "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
+                                 "passwore", strlen("passwore")) != -1) {
+        printf("pwhash_str_verify(invalid(7)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$Argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
+                                 "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(8)) failure\n");
+    }
+    if (crypto_pwhash_str_verify("$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
+                                 "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
+                                 "password", strlen("password")) != -1) {
+        printf("pwhash_str_verify(invalid(9)) failure\n");
+    }
+    assert(crypto_pwhash_saltbytes() > 0U);
+    assert(crypto_pwhash_strbytes() > 1U);
+    assert(crypto_pwhash_strbytes() > strlen(crypto_pwhash_strprefix()));
+    assert(crypto_pwhash_opslimit_interactive() > 0U);
+    assert(crypto_pwhash_memlimit_interactive() > 0U);
+    assert(crypto_pwhash_opslimit_moderate() > 0U);
+    assert(crypto_pwhash_memlimit_moderate() > 0U);
+    assert(crypto_pwhash_opslimit_sensitive() > 0U);
+    assert(crypto_pwhash_memlimit_sensitive() > 0U);
+    assert(strcmp(crypto_pwhash_primitive(), "argon2i") == 0);
+    assert(crypto_pwhash_opslimit_interactive() == crypto_pwhash_OPSLIMIT_INTERACTIVE);
+    assert(crypto_pwhash_memlimit_interactive() == crypto_pwhash_MEMLIMIT_INTERACTIVE);
+    assert(crypto_pwhash_opslimit_moderate() == crypto_pwhash_OPSLIMIT_MODERATE);
+    assert(crypto_pwhash_memlimit_moderate() == crypto_pwhash_MEMLIMIT_MODERATE);
+    assert(crypto_pwhash_opslimit_sensitive() == crypto_pwhash_OPSLIMIT_SENSITIVE);
+    assert(crypto_pwhash_memlimit_sensitive() == crypto_pwhash_MEMLIMIT_SENSITIVE);
-    assert(str_out[crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1U] == 0);
-    assert(crypto_pwhash_scryptsalsa208sha256_saltbytes() > 0U);
-    assert(crypto_pwhash_scryptsalsa208sha256_strbytes() > 1U);
-    assert(crypto_pwhash_scryptsalsa208sha256_strbytes() >
-           strlen(crypto_pwhash_scryptsalsa208sha256_strprefix()));
-    assert(crypto_pwhash_scryptsalsa208sha256_opslimit_interactive() > 0U);
-    assert(crypto_pwhash_scryptsalsa208sha256_memlimit_interactive() > 0U);
-    assert(crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive() > 0U);
-    assert(crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive() > 0U);
+    assert(crypto_pwhash_argon2i_saltbytes() == crypto_pwhash_saltbytes());
+    assert(crypto_pwhash_argon2i_strbytes() == crypto_pwhash_strbytes());
+    assert(strcmp(crypto_pwhash_argon2i_strprefix(), crypto_pwhash_strprefix()) == 0);
+    assert(crypto_pwhash_argon2i_opslimit_interactive() ==
+           crypto_pwhash_opslimit_interactive());
+    assert(crypto_pwhash_argon2i_opslimit_moderate() ==
+           crypto_pwhash_opslimit_moderate());
+    assert(crypto_pwhash_argon2i_opslimit_sensitive() ==
+           crypto_pwhash_opslimit_sensitive());
+    assert(crypto_pwhash_argon2i_memlimit_interactive() ==
+           crypto_pwhash_memlimit_interactive());
+    assert(crypto_pwhash_argon2i_memlimit_moderate() ==
+           crypto_pwhash_memlimit_moderate());
+    assert(crypto_pwhash_argon2i_memlimit_sensitive() ==
+           crypto_pwhash_memlimit_sensitive());
+    assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_argon2i_alg_argon2i13());
+    assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_ALG_ARGON2I13);
+    assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_alg_default());
     sodium_free(salt);
     sodium_free(str_out);