Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I significantly constrained the space of admissible encodings to deal with #143 .
The
keyid
anddata
parameters in the encoding are gone, as they are either not used in validation, or they cause validation to fail. Similarly, the salt is now required. Before if no salt was provided, the encoding wouldn't include the salt or the hash value. Because there was no hash value, any later validation check would fail.I also made changes to
validate_context
. Empty vs.NULL
passwords and salts now produce the same results and errors. The salt was the real outlier here, aNULL
salt was allowed while an empty salt produced an error (ARGON2_SALT_TOO_SHORT
). This is inconsistent with the rest of Argon2, where switching a parameter from empty toNULL
produces the exact same hash value (or produces the exact same error).Note that this doesn't break virtually any consumers of the public API in
argon2.h
because all encodings emitted from functions likeargon2_hash()
are still valid. There are only two cases where an existing consumer would see breakage:data
parameter to the string encoding. Note that this parameter has always been ignored.NULL
salt (because hashing with an empty salt doesn't work). This is quite insecure, and they already would have been unable to useargon2_verify()
as it would just fail when decoding the encoded string.I also added tests for a bad salt in an encoding string.