Skip to content

Commit 6f74bca

Browse files
techniontechnion
committed
Hash version fix
1 parent 63e6374 commit 6f74bca

File tree

2 files changed

+6
-9
lines changed

2 files changed

+6
-9
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -91,7 +91,7 @@ Version 1.0.0 included a major version bump over 0.1.4 due to several breaking c
9191

9292
The second of these is that the reference Argon2 implementation introduced an algorithm change, which produces a hash which is not backwards compatible. This is documented on [this PR on the C library](https://github.com/P-H-C/phc-winner-argon2/pull/115). This was a regrettable requirement to address a security concern in the algorithm itself. The two versions of the Argon2 algorithm are numbered 1.0 and 1.3 respectively.
9393

94-
Shortly after this, version 1.0.0 of this gem was released with this breaking change, supporting only Argon2 v1.3. Further time later, the official encoding format was updated, with a spec that included the version number, and the library introduced backward compatibility. This should remove the likelihood of such breaking changes in future. Version 1.1.0 will silently introduce the current version number in hashes, in order to avoid a further compatibility break.
94+
Shortly after this, version 1.0.0 of this gem was released with this breaking change, supporting only Argon2 v1.3. Further time later, the official encoding format was updated, with a spec that included the version number, and the library introduced backward compatibility. This should remove the likelihood of such breaking changes in future.
9595

9696

9797
## Platform Issues

test/legacy.rb renamed to test/legacy_test.rb

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,20 @@
11
# frozen_string_literal: true
22

33
require 'test_helper'
4-
# frozen_string_literal: true
54

5+
PASS = "password"
66
class Legacy < Minitest::Test
7-
HASH_1_0 = "$argon2i$m=65536,t=1,p=1$c29tZXNhbHQAAAAAAAAAAA$+r0d29hqEB0yasKr55ZgICsQGSkl0v0kgwhd+U3wyRo"
87
HASH_1_1 = "$argon2i$v=19$m=65536,t=1,p=1$c29tZXNhbHQAAAAAAAAAAA$+r0d29hqEB0yasKr55ZgICsQGSkl0v0kgwhd+U3wyRo"
98
HASH_0 = "$argon2i$v=16$m=256,t=2,p=1$c29tZXNhbHQ$/U3YPXYsSb3q9XxHvc0MLxur+GP960kN9j7emXX8zwY"
109
def test_legacy_hashes
11-
# These are the hash formats for 1.0 and 1.1 of this gem.
12-
assert Argon2::Password.verify_password(PASS, HASH_1_0)
10+
# These are the hash formats for 0 and 1.1 of this gem.
1311
assert Argon2::Password.verify_password(PASS, HASH_1_1)
1412
assert Argon2::Password.verify_password(PASS, HASH_0)
1513
end
1614

1715
def test_valid_hash_legacy_hashes
18-
# These are the hash formats for 1.0 and 1.1 of this gem.
19-
assert Argon2::Password.valid_hash?(PASS, HASH_1_0)
20-
assert Argon2::Password.valid_hash?(PASS, HASH_1_1)
21-
assert Argon2::Password.valid_hash?(PASS, HASH_0)
16+
# These are the hash formats for 0 and 1.1 of this gem.
17+
assert Argon2::Password.valid_hash?(HASH_1_1)
18+
assert Argon2::Password.valid_hash?(HASH_0)
2219
end
2320
end

0 commit comments

Comments
 (0)