Home Esplora Aiuto
Registrati Accedi
tarfeef101
/
viki
1
0
Forka 0
File Problemi 3 Pull Requests 0 Wiki
Albero (Tree): b831f3cf14
Rami (Branch) Tag
viki
/
node_modules
/
sodium
/
deps
/
libsodium
/
test
/
default
/
pwhash_argon2id.c

pwhash_argon2id.c 25 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498 
  1. 

  2. #define TEST_NAME "pwhash_argon2id"
    3. 

  3. #include "cmptest.h"
    4. 

  4. 

  5. #define OUT_LEN 128
    6. 

  6. #define OPSLIMIT 3
    7. 

  7. #define MEMLIMIT 5000000
    8. 

  8. 

  9. static void
    10. 

  10. tv(void)
    11. 

  11. {
    12. 

  12.     static struct {
    13. 

  13.         const char *       passwd_hex;
    14. 

  14.         size_t             passwd_len;
    15. 

  15.         const char *       salt_hex;
    16. 

  16.         size_t             outlen;
    17. 

  17.         unsigned long long opslimit;
    18. 

  18.         size_t             memlimit;
    19. 

  19.         unsigned int       lanes;
    20. 

  20.     } tests[] = {
    21. 

  21.         { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
    22. 

  22.           "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
    23. 

  23.           "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5"
    24. 

  24.           "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
    25. 

  25.           127,
    26. 

  26.           "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
    27. 

  27.           155, 5, 7256678, 1 },
    28. 

  28.         { "e125cee61c8cb7778d9e5ad0a6f5d978ce9f84de213a8556d9ffe202020ab4a6ed"
    29. 

  29.           "9074a4eb3416f9b168f137510f3a30b70b96cbfa219ff99f6c6eaffb15c06b60e0"
    30. 

  30.           "0cc2890277f0fd3c622115772f7048adaebed86e",
    31. 

  31.           86,
    32. 

  32.           "f1192dd5dc2368b9cd421338b22433455ee0a3699f9379a08b9650ea2c126f0d",
    33. 

  33.           250, 4, 7849083, 1 },
    34. 

  34.         { "92263cbf6ac376499f68a4289d3bb59e5a22335eba63a32e6410249155b956b6a3"
    35. 

  35.           "b48d4a44906b18b897127300b375b8f834f1ceffc70880a885f47c33876717e392"
    36. 

  36.           "be57f7da3ae58da4fd1f43daa7e44bb82d3717af4319349c24cd31e46d295856b0"
    37. 

  37.           "441b6b289992a11ced1cc3bf3011604590244a3eb737ff221129215e4e4347f491"
    38. 

  38.           "5d41292b5173d196eb9add693be5319fdadc242906178bb6c0286c9b6ca6012746"
    39. 

  39.           "711f58c8c392016b2fdfc09c64f0f6b6ab7b",
    40. 

  40.           183,
    41. 

  41.           "3b840e20e9555e9fb031c4ba1f1747ce25cc1d0ff664be676b9b4a90641ff194",
    42. 

  42.           249, 3, 7994791, 1 },
    43. 

  43.         { "027b6d8e8c8c474e9b69c7d9ed4f9971e8e1ce2f6ba95048414c3970f0f09b70e3"
    44. 

  44.           "b6c5ae05872b3d8678705b7d381829c351a5a9c88c233569b35d6b0b809df44b64"
    45. 

  45.           "51a9c273f1150e2ef8a0b5437eb701e373474cd44b97ef0248ebce2ca0400e1b53"
    46. 

  46.           "f3d86221eca3f18eb45b702b9172440f774a82cbf1f6f525df30a6e293c873cce6"
    47. 

  47.           "9bb078ed1f0d31e7f9b8062409f37f19f8550aae",
    48. 

  48.           152,
    49. 

  49.           "eb2a3056a09ad2d7d7f975bcd707598f24cd32518cde3069f2e403b34bfee8a5", 5,
    50. 

  50.           4, 1397645, 1 },
    51. 

  51.         { "4a857e2ee8aa9b6056f2424e84d24a72473378906ee04a46cb05311502d5250b82"
    52. 

  52.           "ad86b83c8f20a23dbb74f6da60b0b6ecffd67134d45946ac8ebfb3064294bc097d"
    53. 

  53.           "43ced68642bfb8bbbdd0f50b30118f5e",
    54. 

  54.           82,
    55. 

  55.           "39d82eef32010b8b79cc5ba88ed539fbaba741100f2edbeca7cc171ffeabf258",
    56. 

  56.           190, 3, 1432947, 1 },
    57. 

  57.         { "c7b09aec680e7b42fedd7fc792e78b2f6c1bea8f4a884320b648f81e8cf515e8ba"
    58. 

  58.           "9dcfb11d43c4aae114c1734aa69ca82d44998365db9c93744fa28b63fd16000e82"
    59. 

  59.           "61cbbe083e7e2da1e5f696bde0834fe53146d7e0e35e7de9920d041f5a5621aabe"
    60. 

  60.           "02da3e2b09b405b77937efef3197bd5772e41fdb73fb5294478e45208063b5f58e"
    61. 

  61.           "089dbeb6d6342a909c1307b3fff5fe2cf4da56bdae50848f",
    62. 

  62.           156,
    63. 

  63.           "039c056d933b475032777edbaffac50f143f64c123329ed9cf59e3b65d3f43b6",
    64. 

  64.           178, 3, 4886999, 1 },
    65. 

  65.         { "b540beb016a5366524d4605156493f9874514a5aa58818cd0c6dfffaa9e90205f1"
    66. 

  66.           "7b",
    67. 

  67.           34,
    68. 

  68.           "44071f6d181561670bda728d43fb79b443bb805afdebaf98622b5165e01b15fb",
    69. 

  69.           231, 1, 1631659, 1 },
    70. 

  70.         { "a14975c26c088755a8b715ff2528d647cd343987fcf4aa25e7194a8417fb2b4b3f"
    71. 

  71.           "7268da9f3182b4cfb22d138b2749d673a47ecc7525dd15a0a3c66046971784bb63"
    72. 

  72.           "d7eae24cc84f2631712075a10e10a96b0e0ee67c43e01c423cb9c44e5371017e9c"
    73. 

  73.           "496956b632158da3fe12addecb88912e6759bc37f9af2f45af72c5cae3b179ffb6"
    74. 

  74.           "76a697de6ebe45cd4c16d4a9d642d29ddc0186a0a48cb6cd62bfc3dd229d313b30"
    75. 

  75.           "1560971e740e2cf1f99a9a090a5b283f35475057e96d7064e2e0fc81984591068d"
    76. 

  76.           "55a3b4169f22cccb0745a2689407ea1901a0a766eb99",
    77. 

  77.           220,
    78. 

  78.           "3d968b2752b8838431165059319f3ff8910b7b8ecb54ea01d3f54769e9d98daf",
    79. 

  79.           167, 3, 1784128, 1 },
    80. 

  80.     };
    81. 

  81.     char          passwd[256];
    82. 

  82.     unsigned char salt[crypto_pwhash_SALTBYTES];
    83. 

  83.     unsigned char out[256];
    84. 

  84.     char          out_hex[256 * 2 + 1];
    85. 

  85.     size_t        i = 0U;
    86. 

  86. 

  87.     do {
    88. 

  88.         sodium_hex2bin((unsigned char *) passwd, sizeof passwd,
    89. 

  89.                        tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL,
    90. 

  90.                        NULL, NULL);
    91. 

  91.         sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex,
    92. 

  92.                        strlen(tests[i].salt_hex), NULL, NULL, NULL);
    93. 

  93.         if (crypto_pwhash(out, (unsigned long long) tests[i].outlen, passwd,
    94. 

  94.                           tests[i].passwd_len, (const unsigned char *) salt,
    95. 

  95.                           tests[i].opslimit, tests[i].memlimit,
    96. 

  96.                           crypto_pwhash_alg_default()) != 0) {
    97. 

  97.             printf("[tv] pwhash failure (maybe intentional): [%u]\n",
    98. 

  98.                    (unsigned int) i);
    99. 

  99.             continue;
    100. 

  100.         }
    101. 

  101.         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
    102. 

  102.         printf("%s\n", out_hex);
    103. 

  103.     } while (++i < (sizeof tests) / (sizeof tests[0]));
    104. 

  104. }
    105. 

  105. 

  106. static void
    107. 

  107. tv2(void)
    108. 

  108. {
    109. 

  109.     static struct {
    110. 

  110.         const char *       passwd_hex;
    111. 

  111.         size_t             passwd_len;
    112. 

  112.         const char *       salt_hex;
    113. 

  113.         size_t             outlen;
    114. 

  114.         unsigned long long opslimit;
    115. 

  115.         size_t             memlimit;
    116. 

  116.         unsigned int       lanes;
    117. 

  117.     } tests[] = {
    118. 

  118.         { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
    119. 

  119.           "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
    120. 

  120.           "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5"
    121. 

  121.           "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
    122. 

  122.           127,
    123. 

  123.           "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
    124. 

  124.           155, 4, 1397645, 1 },
    125. 

  125.         { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
    126. 

  126.           "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
    127. 

  127.           "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5"
    128. 

  128.           "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
    129. 

  129.           127,
    130. 

  130.           "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
    131. 

  131.           155, 3, 1397645, 1 },
    132. 

  132.     };
    133. 

  133.     char          passwd[256];
    134. 

  134.     unsigned char salt[crypto_pwhash_SALTBYTES];
    135. 

  135.     unsigned char out[256];
    136. 

  136.     char          out_hex[256 * 2 + 1];
    137. 

  137.     size_t        i = 0U;
    138. 

  138. 

  139.     do {
    140. 

  140.         sodium_hex2bin((unsigned char *) passwd, sizeof passwd,
    141. 

  141.                        tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL,
    142. 

  142.                        NULL, NULL);
    143. 

  143.         sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex,
    144. 

  144.                        strlen(tests[i].salt_hex), NULL, NULL, NULL);
    145. 

  145.         if (crypto_pwhash(out, (unsigned long long) tests[i].outlen, passwd,
    146. 

  146.                           tests[i].passwd_len, (const unsigned char *) salt,
    147. 

  147.                           tests[i].opslimit, tests[i].memlimit,
    148. 

  148.                           crypto_pwhash_alg_default()) != 0) {
    149. 

  149.             printf("[tv2] pwhash failure: [%u]\n", (unsigned int) i);
    150. 

  150.             continue;
    151. 

  151.         }
    152. 

  152.         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
    153. 

  153.         printf("%s\n", out_hex);
    154. 

  154.     } while (++i < (sizeof tests) / (sizeof tests[0]));
    155. 

  155. 

  156.     if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 3,
    157. 

  157.                                1ULL << 12, 0) != -1) {
    158. 

  158.         printf("[tv2] pwhash should have failed (0)\n");
    159. 

  159.     }
    160. 

  160.     if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 3,
    161. 

  161.                                1, crypto_pwhash_argon2id_alg_argon2id13()) != -1) {
    162. 

  162.         printf("[tv2] pwhash should have failed (1)\n");
    163. 

  163.     }
    164. 

  164.     if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 3,
    165. 

  165.                                1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) {
    166. 

  166.         printf("[tv2] pwhash should have failed (2)\n");
    167. 

  167.     }
    168. 

  168.     if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 2,
    169. 

  169.                                1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) {
    170. 

  170.         printf("[tv2] pwhash should have failed (3)\n");
    171. 

  171.     }
    172. 

  172.     if (crypto_pwhash_argon2id(out, 15, "password", strlen("password"), salt, 3,
    173. 

  173.                                1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) {
    174. 

  174.         printf("[tv2] pwhash with a short output length should have failed\n");
    175. 

  175.     }
    176. 

  176.     if (crypto_pwhash_argon2id(out, sizeof out, "password", 0x100000000ULL, salt, 3,
    177. 

  177.                                1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) {
    178. 

  178.         printf("[tv2] pwhash with a long password length should have failed\n");
    179. 

  179.     }
    180. 

  180. }
    181. 

  181. 

  182. static void
    183. 

  183. tv3(void)
    184. 

  184. {
    185. 

  185.     static struct {
    186. 

  186.         const char *passwd;
    187. 

  187.         const char *out;
    188. 

  188.     } tests[] = {
    189. 

  189.         { "",
    190. 

  190.           "$argon2id$v=19$m=4096,t=0,p=1$X1NhbHQAAAAAAAAAAAAAAA$bWh++MKN1OiFHKgIWTLvIi1iHicmHH7+Fv3K88ifFfI" },
    191. 

  191.         { "",
    192. 

  192.           "$argon2id$v=19$m=2048,t=4,p=1$SWkxaUhpY21ISDcrRnYzSw$Mbg/Eck1kpZir5T9io7C64cpffdTBaORgyriLQFgQj8" },
    193. 

  193.         { "",
    194. 

  194.           "$argon2id$v=19$m=4882,t=2,p=1$bA81arsiXysd3WbTRzmEOw$Nm8QBM+7RH1DXo9rvp5cwKEOOOfD2g6JuxlXihoNcpE" },
    195. 

  195.         { "^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg ",
    196. 

  196.           "$argon2id$v=19$m=4096,t=0,p=1$PkEgMTYtYnl0ZXMgc2FsdA$ltB/ue1kPtBMBGfsysMpPigE6hiNEKZ9vs8vLNVDQGA" },
    197. 

  197.         { "^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg ",
    198. 

  198.           "$argon2id$v=19$m=4096,t=19,p=1$PkEgMTYtYnl0ZXMgc2FsdA$ltB/ue1kPtBMBGfsysMpPigE6hiNEKZ9vs8vLNVDQGA" },
    199. 

  199.         { "K3S=KyH#)36_?]LxeR8QNKw6X=gFbxai$C%29V*",
    200. 

  200.           "$argon2id$v=19$m=4096,t=1,p=3$PkEgcHJldHR5IGxvbmcgc2FsdA$HUqx5Z1b/ZypnUrvvJ5UC2Q+T6Q1WwASK/Kr9dRbGA0" }
    201. 

  201.     };
    202. 

  202.     char   *out;
    203. 

  203.     char   *passwd;
    204. 

  204.     size_t  i = 0U;
    205. 

  205. 

  206.     do {
    207. 

  207.         out = (char *) sodium_malloc(strlen(tests[i].out) + 1U);
    208. 

  208.         assert(out != NULL);
    209. 

  209.         memcpy(out, tests[i].out, strlen(tests[i].out) + 1U);
    210. 

  210.         passwd = (char *) sodium_malloc(strlen(tests[i].passwd) + 1U);
    211. 

  211.         assert(passwd != NULL);
    212. 

  212.         memcpy(passwd, tests[i].passwd, strlen(tests[i].passwd) + 1U);
    213. 

  213.         if (crypto_pwhash_str_verify(out, passwd, strlen(passwd)) != 0) {
    214. 

  214.             printf("[tv3] pwhash_argon2id_str failure (maybe intentional): [%u]\n",
    215. 

  215.                    (unsigned int) i);
    216. 

  216.             continue;
    217. 

  217.         }
    218. 

  218.         sodium_free(out);
    219. 

  219.         sodium_free(passwd);
    220. 

  220.     } while (++i < (sizeof tests) / (sizeof tests[0]));
    221. 

  221. }
    222. 

  222. 

  223. static void
    224. 

  224. str_tests(void)
    225. 

  225. {
    226. 

  226.     char       *str_out;
    227. 

  227.     char       *str_out2;
    228. 

  228.     char       *salt;
    229. 

  229.     const char *passwd = "Correct Horse Battery Staple";
    230. 

  230. 

  231. 

  232.     salt     = (char *) sodium_malloc(crypto_pwhash_argon2id_SALTBYTES);
    233. 

  233.     str_out  = (char *) sodium_malloc(crypto_pwhash_argon2id_STRBYTES);
    234. 

  234.     str_out2 = (char *) sodium_malloc(crypto_pwhash_argon2id_STRBYTES);
    235. 

  235.     memcpy(salt, ">A 16-bytes salt", crypto_pwhash_argon2id_SALTBYTES);
    236. 

  236.     if (crypto_pwhash_str(str_out, passwd, strlen(passwd), OPSLIMIT,
    237. 

  237.                           MEMLIMIT) != 0) {
    238. 

  238.         printf("pwhash_str failure\n");
    239. 

  239.     }
    240. 

  240.     if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), OPSLIMIT,
    241. 

  241.                           MEMLIMIT) != 0) {
    242. 

  242.         printf("pwhash_str(2) failure\n");
    243. 

  243.     }
    244. 

  244.     if (strcmp(str_out, str_out2) == 0) {
    245. 

  245.         printf("pwhash_str() doesn't generate different salts\n");
    246. 

  246.     }
    247. 

  247.     if (crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) != 0 ||
    248. 

  248.         crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) != 0) {
    249. 

  249.         printf("needs_rehash() false positive\n");
    250. 

  250.     }
    251. 

  251.     if (crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1 ||
    252. 

  252.         crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT - 1, MEMLIMIT) != 1 ||
    253. 

  253.         crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != 1 ||
    254. 

  254.         crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT + 1, MEMLIMIT) != 1) {
    255. 

  255.         printf("needs_rehash() false negative (0)\n");
    256. 

  256.     }
    257. 

  257.     if (crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1 ||
    258. 

  258.         crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT - 1, MEMLIMIT) != 1 ||
    259. 

  259.         crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != 1 ||
    260. 

  260.         crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT + 1, MEMLIMIT) != 1) {
    261. 

  261.         printf("needs_rehash() false negative (1)\n");
    262. 

  262.     }
    263. 

  263.     if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != -1 ||
    264. 

  264.         crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT - 1, MEMLIMIT) != -1 ||
    265. 

  265.         crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != -1 ||
    266. 

  266.         crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT + 1, MEMLIMIT) != -1) {
    267. 

  267.         printf("needs_rehash() false negative (2)\n");
    268. 

  268.     }
    269. 

  269.     if (crypto_pwhash_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1 ||
    270. 

  270.         crypto_pwhash_argon2id_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1) {
    271. 

  271.         printf("needs_rehash() didn't fail with an invalid hash string\n");
    272. 

  272.     }
    273. 

  273.     if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out),
    274. 

  274.                        crypto_pwhash_STRBYTES - strlen(str_out)) != 1 ||
    275. 

  275.         sodium_is_zero((const unsigned char *) str_out2 + strlen(str_out2),
    276. 

  276.                        crypto_pwhash_STRBYTES - strlen(str_out2)) != 1) {
    277. 

  277.         printf("pwhash_argon2id_str() doesn't properly pad with zeros\n");
    278. 

  278.     }
    279. 

  279.     if (crypto_pwhash_argon2id_str_verify(str_out, passwd, strlen(passwd)) != 0) {
    280. 

  280.         printf("pwhash_argon2id_str_verify(1) failure\n");
    281. 

  281.     }
    282. 

  282.     if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
    283. 

  283.         printf("pwhash_str_verify(1') failure\n");
    284. 

  284.     }
    285. 

  285.     str_out[14]++;
    286. 

  286.     if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != -1) {
    287. 

  287.         printf("pwhash_argon2id_str_verify(2) failure\n");
    288. 

  288.     }
    289. 

  289.     str_out[14]--;
    290. 

  290.     assert(str_out[crypto_pwhash_argon2id_STRBYTES - 1U] == 0);
    291. 

  291. 

  292.     if (crypto_pwhash_str(str_out2, passwd, 0x100000000ULL, OPSLIMIT,
    293. 

  293.                           MEMLIMIT) != -1) {
    294. 

  294.         printf("pwhash_str() with a large password should have failed\n");
    295. 

  295.     }
    296. 

  296.     if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), 1, MEMLIMIT) != 0) {
    297. 

  297.         printf("pwhash_str() with a small opslimit should not have failed\n");
    298. 

  298.     }
    299. 

  299.     if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), 0, MEMLIMIT) != -1) {
    300. 

  300.         printf("pwhash_argon2id_str() with a null opslimit should have failed\n");
    301. 

  301.     }
    302. 

  302.     if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1c29tZXNhbHQ"
    303. 

  303.                                  "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
    304. 

  304.                                  "password", 0x100000000ULL) != -1) {
    305. 

  305.         printf("pwhash_str_verify(invalid(0)) failure\n");
    306. 

  306.     }
    307. 

  307.     if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1c29tZXNhbHQ"
    308. 

  308.                                  "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
    309. 

  309.                                  "password", strlen("password")) != -1) {
    310. 

  310.         printf("pwhash_str_verify(invalid(1)) failure %d\n", errno);
    311. 

  311.     }
    312. 

  312.     if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1$c29tZXNhbHQ"
    313. 

  313.                                  "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
    314. 

  314.                                  "password", strlen("password")) != -1) {
    315. 

  315.         printf("pwhash_str_verify(invalid(2)) failure\n");
    316. 

  316.     }
    317. 

  317.     if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1$c29tZXNhbHQ"
    318. 

  318.                                  "$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo",
    319. 

  319.                                  "password", strlen("password")) != -1) {
    320. 

  320.         printf("pwhash_str_verify(invalid(3)) failure\n");
    321. 

  321.     }
    322. 

  322.     if (crypto_pwhash_str_verify("$argon2id$v=19$m=65536,t=2,p=1c29tZXNhbHQ"
    323. 

  323.                                  "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
    324. 

  324.                                  "password", strlen("password")) != -1) {
    325. 

  325.         printf("pwhash_str_verify(invalid(4)) failure\n");
    326. 

  326.     }
    327. 

  327.     if (crypto_pwhash_str_verify("$argon2id$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
    328. 

  328.                                  "wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
    329. 

  329.                                  "password", strlen("password")) != -1) {
    330. 

  330.         printf("pwhash_str_verify(invalid(5)) failure\n");
    331. 

  331.     }
    332. 

  332.     if (crypto_pwhash_str_verify("$argon2id$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
    333. 

  333.                                  "$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM",
    334. 

  334.                                  "password", strlen("password")) != -1) {
    335. 

  335.         printf("pwhash_str_verify(invalid(6)) failure\n");
    336. 

  336.     }
    337. 

  337.     if (crypto_pwhash_str_verify("$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
    338. 

  338.                                  "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
    339. 

  339.                                  "password", strlen("password")) != 0) {
    340. 

  340.         printf("pwhash_str_verify(valid(7)) failure\n");
    341. 

  341.     }
    342. 

  342.     if (crypto_pwhash_str_verify("$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
    343. 

  343.                                  "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
    344. 

  344.                                  "passwore", strlen("passwore")) != -1 || errno != EINVAL) {
    345. 

  345.         printf("pwhash_str_verify(invalid(7)) failure\n");
    346. 

  346.     }
    347. 

  347.     if (crypto_pwhash_str_verify("$Argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
    348. 

  348.                                  "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
    349. 

  349.                                  "password", strlen("password")) != -1 || errno != EINVAL) {
    350. 

  350.         printf("pwhash_str_verify(invalid(8)) failure\n");
    351. 

  351.     }
    352. 

  352.     if (crypto_pwhash_str_verify("$argon2id$v=19$m=256,t=3,p=2$MDEyMzQ1Njc"
    353. 

  353.                                  "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
    354. 

  354.                                  "password", strlen("password")) != -1 || errno != EINVAL) {
    355. 

  355.         printf("pwhash_str_verify(invalid(9)) failure\n");
    356. 

  356.     }
    357. 

  357.     assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
    358. 

  358.                                  crypto_pwhash_ALG_ARGON2ID13) == 0);
    359. 

  359.     assert(crypto_pwhash_argon2id_str_verify(str_out, "test", 4) == 0);
    360. 

  360.     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
    361. 

  361.                                                    OPSLIMIT, MEMLIMIT) == 0);
    362. 

  362.     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
    363. 

  363.                                                    OPSLIMIT / 2, MEMLIMIT) == 1);
    364. 

  364.     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
    365. 

  365.                                                    OPSLIMIT, MEMLIMIT / 2) == 1);
    366. 

  366.     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == 1);
    367. 

  367.     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == -1);
    368. 

  368.     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out + 1,
    369. 

  369.                                                    OPSLIMIT, MEMLIMIT) == -1);
    370. 

  370.     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == -1);
    371. 

  371.     assert(crypto_pwhash_argon2i_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
    372. 

  372.     assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
    373. 

  373.                                  crypto_pwhash_ALG_ARGON2I13) == 0);
    374. 

  374.     assert(crypto_pwhash_argon2i_str_verify(str_out, "test", 4) == 0);
    375. 

  375.     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
    376. 

  376.                                                   OPSLIMIT, MEMLIMIT) == 0);
    377. 

  377.     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
    378. 

  378.                                                   OPSLIMIT / 2, MEMLIMIT) == 1);
    379. 

  379.     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
    380. 

  380.                                                   OPSLIMIT, MEMLIMIT / 2) == 1);
    381. 

  381.     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == 1);
    382. 

  382.     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1);
    383. 

  383.     assert(crypto_pwhash_argon2i_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
    384. 

  384.     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out + 1,
    385. 

  385.                                                   OPSLIMIT, MEMLIMIT) == -1);
    386. 

  386.     sodium_free(salt);
    387. 

  387.     sodium_free(str_out);
    388. 

  388.     sodium_free(str_out2);
    389. 

  389. }
    390. 

  390. 

  391. int
    392. 

  392. main(void)
    393. 

  393. {
    394. 

  394.     tv();
    395. 

  395.     tv2();
    396. 

  396.     tv3();
    397. 

  397.     str_tests();
    398. 

  398. 

  399.     assert(crypto_pwhash_bytes_min() > 0U);
    400. 

  400.     assert(crypto_pwhash_bytes_max() > crypto_pwhash_bytes_min());
    401. 

  401.     assert(crypto_pwhash_passwd_max() > crypto_pwhash_passwd_min());
    402. 

  402.     assert(crypto_pwhash_saltbytes() > 0U);
    403. 

  403.     assert(crypto_pwhash_strbytes() > 1U);
    404. 

  404.     assert(crypto_pwhash_strbytes() > strlen(crypto_pwhash_strprefix()));
    405. 

  405. 

  406.     assert(crypto_pwhash_opslimit_min() > 0U);
    407. 

  407.     assert(crypto_pwhash_opslimit_max() > 0U);
    408. 

  408.     assert(crypto_pwhash_memlimit_min() > 0U);
    409. 

  409.     assert(crypto_pwhash_memlimit_max() > 0U);
    410. 

  410.     assert(crypto_pwhash_opslimit_interactive() > 0U);
    411. 

  411.     assert(crypto_pwhash_memlimit_interactive() > 0U);
    412. 

  412.     assert(crypto_pwhash_opslimit_moderate() > 0U);
    413. 

  413.     assert(crypto_pwhash_memlimit_moderate() > 0U);
    414. 

  414.     assert(crypto_pwhash_opslimit_sensitive() > 0U);
    415. 

  415.     assert(crypto_pwhash_memlimit_sensitive() > 0U);
    416. 

  416.     assert(strcmp(crypto_pwhash_primitive(), "argon2i") == 0);
    417. 

  417. 

  418.     assert(crypto_pwhash_bytes_min() == crypto_pwhash_BYTES_MIN);
    419. 

  419.     assert(crypto_pwhash_bytes_max() == crypto_pwhash_BYTES_MAX);
    420. 

  420.     assert(crypto_pwhash_passwd_min() == crypto_pwhash_PASSWD_MIN);
    421. 

  421.     assert(crypto_pwhash_passwd_max() == crypto_pwhash_PASSWD_MAX);
    422. 

  422.     assert(crypto_pwhash_saltbytes() == crypto_pwhash_SALTBYTES);
    423. 

  423.     assert(crypto_pwhash_strbytes() == crypto_pwhash_STRBYTES);
    424. 

  424. 

  425.     assert(crypto_pwhash_opslimit_min() == crypto_pwhash_OPSLIMIT_MIN);
    426. 

  426.     assert(crypto_pwhash_opslimit_max() == crypto_pwhash_OPSLIMIT_MAX);
    427. 

  427.     assert(crypto_pwhash_memlimit_min() == crypto_pwhash_MEMLIMIT_MIN);
    428. 

  428.     assert(crypto_pwhash_memlimit_max() == crypto_pwhash_MEMLIMIT_MAX);
    429. 

  429.     assert(crypto_pwhash_opslimit_interactive() ==
    430. 

  430.            crypto_pwhash_OPSLIMIT_INTERACTIVE);
    431. 

  431.     assert(crypto_pwhash_memlimit_interactive() ==
    432. 

  432.            crypto_pwhash_MEMLIMIT_INTERACTIVE);
    433. 

  433.     assert(crypto_pwhash_opslimit_moderate() ==
    434. 

  434.            crypto_pwhash_OPSLIMIT_MODERATE);
    435. 

  435.     assert(crypto_pwhash_memlimit_moderate() ==
    436. 

  436.            crypto_pwhash_MEMLIMIT_MODERATE);
    437. 

  437.     assert(crypto_pwhash_opslimit_sensitive() ==
    438. 

  438.            crypto_pwhash_OPSLIMIT_SENSITIVE);
    439. 

  439.     assert(crypto_pwhash_memlimit_sensitive() ==
    440. 

  440.            crypto_pwhash_MEMLIMIT_SENSITIVE);
    441. 

  441. 

  442.     assert(crypto_pwhash_argon2id_bytes_min() == crypto_pwhash_bytes_min());
    443. 

  443.     assert(crypto_pwhash_argon2id_bytes_max() == crypto_pwhash_bytes_max());
    444. 

  444.     assert(crypto_pwhash_argon2id_passwd_min() == crypto_pwhash_passwd_min());
    445. 

  445.     assert(crypto_pwhash_argon2id_passwd_max() == crypto_pwhash_passwd_max());
    446. 

  446.     assert(crypto_pwhash_argon2id_saltbytes() == crypto_pwhash_saltbytes());
    447. 

  447.     assert(crypto_pwhash_argon2id_strbytes() == crypto_pwhash_strbytes());
    448. 

  448.     assert(strcmp(crypto_pwhash_argon2id_strprefix(),
    449. 

  449.                   crypto_pwhash_strprefix()) == 0);
    450. 

  450.     assert(crypto_pwhash_argon2id_opslimit_min() ==
    451. 

  451.            crypto_pwhash_opslimit_min());
    452. 

  452.     assert(crypto_pwhash_argon2id_opslimit_max() ==
    453. 

  453.            crypto_pwhash_opslimit_max());
    454. 

  454.     assert(crypto_pwhash_argon2id_memlimit_min() ==
    455. 

  455.            crypto_pwhash_memlimit_min());
    456. 

  456.     assert(crypto_pwhash_argon2id_memlimit_max() ==
    457. 

  457.            crypto_pwhash_memlimit_max());
    458. 

  458.     assert(crypto_pwhash_argon2id_opslimit_interactive() ==
    459. 

  459.            crypto_pwhash_opslimit_interactive());
    460. 

  460.     assert(crypto_pwhash_argon2id_opslimit_moderate() ==
    461. 

  461.            crypto_pwhash_opslimit_moderate());
    462. 

  462.     assert(crypto_pwhash_argon2id_opslimit_sensitive() ==
    463. 

  463.            crypto_pwhash_opslimit_sensitive());
    464. 

  464.     assert(crypto_pwhash_argon2id_memlimit_interactive() ==
    465. 

  465.            crypto_pwhash_memlimit_interactive());
    466. 

  466.     assert(crypto_pwhash_argon2id_memlimit_moderate() ==
    467. 

  467.            crypto_pwhash_memlimit_moderate());
    468. 

  468.     assert(crypto_pwhash_argon2id_memlimit_sensitive() ==
    469. 

  469.            crypto_pwhash_memlimit_sensitive());
    470. 

  470.     assert(crypto_pwhash_alg_argon2id13() ==
    471. 

  471.            crypto_pwhash_argon2id_alg_argon2id13());
    472. 

  472.     assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_ALG_ARGON2I13);
    473. 

  473.     assert(crypto_pwhash_alg_argon2i13() != crypto_pwhash_alg_default());
    474. 

  474.     assert(crypto_pwhash_alg_argon2id13() == crypto_pwhash_ALG_ARGON2ID13);
    475. 

  475.     assert(crypto_pwhash_alg_argon2id13() != crypto_pwhash_alg_argon2i13());
    476. 

  476.     assert(crypto_pwhash_alg_argon2id13() == crypto_pwhash_alg_default());
    477. 

  477. 

  478.     assert(crypto_pwhash_argon2id(NULL, 0, NULL, 0, NULL,
    479. 

  479.                                   crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE,
    480. 

  480.                                   crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE,
    481. 

  481.                                   0) == -1);
    482. 

  482.     assert(crypto_pwhash_argon2id(NULL, 0, NULL, 0, NULL,
    483. 

  483.                                  crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE,
    484. 

  484.                                  crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE,
    485. 

  485.                                  crypto_pwhash_ALG_ARGON2I13) == -1);
    486. 

  486.     assert(crypto_pwhash_argon2i(NULL, 0, NULL, 0, NULL,
    487. 

  487.                                  crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE,
    488. 

  488.                                  crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE,
    489. 

  489.                                  0) == -1);
    490. 

  490.     assert(crypto_pwhash_argon2i(NULL, 0, NULL, 0, NULL,
    491. 

  491.                                  crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE,
    492. 

  492.                                  crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE,
    493. 

  493.                                  crypto_pwhash_ALG_ARGON2ID13) == -1);
    494. 

  494. 

  495.     printf("OK\n");
    496. 

  496. 

  497.     return 0;
    498. 

  498. }
    499.