Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Argon2i #113

Merged
merged 57 commits into from
Feb 6, 2020
Merged

Argon2i #113

merged 57 commits into from
Feb 6, 2020

Conversation

brycx
Copy link
Member

@brycx brycx commented Jan 4, 2020
edited
Loading

Closes #109.

TODO:

  • Argon2i single-threaded in hazardous. How should the allocations for the memory blocks be handled?
  • Switch to Argon2i in high-level orion::pwhash and orion::kdf. What parameters should be used as default for each of those high-level APIs?
  • Fuzzers in orion-fuzz.
  • Generated test vectors.

Edit: I haven't been able to get a solution working, that doesn't require heap allocation. Thus, the Argon2i implementation will not be available with no_std.

@brycx brycx added new feature New feature or request breaking change A breaking change labels Jan 4, 2020
@codecov
Copy link

codecov bot commented Jan 24, 2020
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@8396b16). Click here to learn what that means.
The diff coverage is 99.08%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master     #113   +/-   ##
=========================================
  Coverage          ?   97.66%           
=========================================
  Files             ?       55           
  Lines             ?     7715           
  Branches          ?        0           
=========================================
  Hits              ?     7535           
  Misses            ?      180           
  Partials          ?        0
Impacted Files Coverage Δ
tests/kdf/other_argon2i.rs 100% <ø> (ø)
src/errors.rs 94.23% <ø> (ø)
tests/aead/wycheproof_aead.rs 95.83% <100%> (ø)
tests/kdf/ref_argon2i.rs 100% <100%> (ø)
src/hazardous/kdf/argon2i.rs 99.19% <100%> (ø)
src/typedefs.rs 96.18% <100%> (ø)
tests/mac/mod.rs 100% <100%> (ø)
tests/kdf/custom_hkdf.rs 100% <100%> (ø)
src/kdf.rs 100% <100%> (ø)
src/pwhash.rs 96.08% <100%> (ø)
... and 8 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8396b16...1b4fab0. Read the comment docs.

@brycx brycx mentioned this pull request Jan 24, 2020
Merged
@brycx
argon2: Starting implementation: H0, compression G, P, G (xor), G2, f…
79b2358 
…ill_block (equivalent name to ref impl)
@brycx
argon2: Implement H'
7e3307d
@brycx
argon2: Move fill_block our of context struct and only declare tempor…
b624f41 
…ary vectors for permutation_p once.
@brycx
fmt
b1f0b3e
@brycx
argon2: Move g_xor out of struct, add temp test vectors
9242b05
@brycx
argon2: Fix extended_hash by indexing correctly when hashing over 64 …
0004797 
…bytes
@brycx
argon2: Implement data-independent addressing
32ce885
@brycx
argon2: Implementing password hashing. Not no_std compatible
261e394
@brycx
argon2: Refactor H0
2c10123
@brycx
argon2: Organize test modules
8a47291
@brycx
argon2: Result<T, UnknownCryptoError> API
e2ba191
@brycx
argon2: Input validation and test hashes that exceed the internal mem…
d27ba46 
…ory block size (128)
@brycx
argon2: Add tests and implement verify()
251aff8
@brycx
argon2: Add some test vectors generated with Monocypher
86e35a4
@brycx
argon2: Fix extended_hash when out is longer than 64 bytes. Add two t…
0be1f77 
…est vectors to hit these branches: n. 13 where we don't enter while loop and n. 14 where we do (with out lengths of 94 and 97, respectively)
@brycx
argon2: Remove unwraps()
62dccc7
@brycx
argon2: Add comment on unwrap() use
68f0e90
@brycx
argon2: Re-arrange derive_key and verify parameters to match the othe…
2d67bb7 
…r KDFs more
@brycx
argon2: Feature-gate on std
0e95a54
@brycx
argon2: Zeroize temporary blocks
9d912fc
@brycx
argon2: Docs
b866805
@brycx
argon2: Doc NIT
76de068
@brycx
argon2: Clippy lints
9bf51b0
@brycx
argon2: Add PyNaCl test vectors
53745d1
@brycx
argon2: fmt
df75075
@brycx
kdf: Use Argon2i
8396b16
@brycx
kdf/pwhash: Missing tests. Previously some quickcheck tests were remo…
3036229 
…ved because they took too long to complete
@brycx
Merge branch 'argon' of github.com:brycx/orion into argon
0e528e0
@brycx
kdf: Revert length-check in macro-defined from_slice() and move to kd…
34efc56 
…f instead.
@brycx
errors: Impl From<base64::DecodeError> only on std
61fe797
@brycx
CI: Argon2i testing added a lot of overhead to the tests. Increase ti…
5a82fde 
…meout to two minutes from the default one.
@brycx
kdf: length can never exceed the max value for u32. Remove check.
e901f6f
@brycx
errors: Move out of folder and into single file.
f348b87
@brycx
argon2i: Remove checked_add(). The counter is set to 1 at the beginni…
4543183 
…ng of each segment, and incremented by one for each n in offset..segment length. Because memory cost cannot be above u32::max_value(), segment_length will never reach a point were the 64-bit counter on Gidx could overflow.
@brycx
kdF: Lower memory usage on tests
6b79ea6
@brycx
kdf: Fix doc about length required to be less than 32 max, since reve…
78d8808 
…rt. Modify too resource-intensive test
@brycx
argon2i: Wipe working and tmp blocks in g_xor and g_two
81efce2
@brycx
pwhash/kdf: Missing documentation on length requirements
bccbea5
@brycx brycx changed the title WIP: Argon2i Argon2i Feb 1, 2020
brycx
brycx commented Feb 1, 2020
View reviewed changes
src/typedefs.rs
@@ -750,7 +750,7 @@ macro_rules! construct_secret_key_variable_size {
/// # }
/// ```
pub struct $name {
value: Vec<u8>,
pub(crate) value: Vec<u8>,
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is set to pub(crate) so we avoid allocation two different Vec<u8>s in orion::kdf which hold sensitive data.

@brycx
tests: Rename argon2i testing file
bba1f60
@brycx
argon2i: NIT remove .as_mut() on mut T
7e47086
@brycx
argon2i: Add missing assert_eq!() to test
7522735
@brycx
pwhash: Add tests for encoded password hashes and verification genera…
37a185f 
…ted with the reference implementation
@brycx
tests: Argon2i test vectors generated with the reference implementati…
cc04248 
…on, which include secret value and associated data parameters
@brycx
tests: Rename module
7dd2619
@brycx
pwhash: Add test to detect missing rejection of non-zero decimal para…
164fa2f 
…meters with leading zeroes
@brycx
pwhash: Reject leading zeroes on parameters with decimal values
7878afb
@brycx
pwhash: Document leading zeroes rejection
135e2ff
@brycx
pwhash: Define min and max length of encoded password hashes and test…
03d8c5c 
… for this
@brycx
pwhash: Document error if parameters are incorrectly ordered
432c4e2
@brycx
pwhash: Doc NIT
1b4fab0
@brycx brycx merged commit a2c20b4 into master Feb 6, 2020
@brycx brycx deleted the argon branch February 6, 2020 14:33
@cbeck88 cbeck88 mentioned this pull request Jul 14, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
breaking change A breaking change new feature New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add support for new password hashing algorithm
1 participant
@brycx