search

P-H-C / phc-winner-argon2

The password hash Argon2, winner of PHC
Other
4.73k stars 403 forks source link

ASN.1 module #348

Open tarcieri opened 2 years ago

tarcieri commented 2 years ago

RFC9106 provides the foundational work for eventually using Argon2 for e.g. PKCS#5. However, what's missing is an ASN.1 module to do so.

There's such a module specified for scrypt in RFC7914 Section 7.

Using that as inspiration, an Argon2 ASN.1 module might look something like this:

argon2-params ::= SEQUENCE {
    version INTEGER, -- 16 or 19
    salt OCTET STRING,
    memorySize INTEGER (1..MAX),
    iterations INTEGER (1..MAX),
    parallelization INTEGER (1..MAX),
    keyId OCTET STRING OPTIONAL,
    data OCTET STRING OPTIONAL,
}

Argon2d, Argon2i, and Argon2id could potentially be selected by assigning them different OIDs.

ljluestc commented 6 months ago 

-- Define Argon2 OID values for different modes (example values)
argon2d OID ::= { 1 2 3 4 1 }
argon2i OID ::= { 1 2 3 4 2 }
argon2id OID ::= { 1 2 3 4 3 }

-- Define the Argon2 parameters structure
Argon2Params ::= SEQUENCE {
    version INTEGER { v16(16), v19(19) },
    salt OCTET STRING,
    memorySize INTEGER (1..MAX),
    iterations INTEGER (1..MAX),
    parallelization INTEGER (1..MAX),
    keyId OCTET STRING OPTIONAL,
    data OCTET STRING OPTIONAL
}
tarcieri commented 6 months ago

FYI, I made a repo to collaborate on this here a few years ago: https://github.com/P-H-C/argon2-asn1