search

bryant / argon2rs

The pure-Rust password hashing library running on Argon2.
MIT License
174 stars 19 forks source link

Another hash from other tools/libs #31

Closed jeorgen closed 6 years ago

jeorgen commented 6 years ago

My first day wih Rust so I may be doing something wrong, but I get different hashes with this library than with others. Using the CLI example like this

echo "masonit" | ./target/debug/argon2test 8 1 10 0123456789ABCDEF
Hash: 24c0fe610d4eee9e3a295b04d341b434dfb170fb909817990e252f8af75d220c

But if I do this with the argon2 tool in the repositories of Ubuntu 17.10, I get a different hash:

echo 'masonit' | argon2 0123456789ABCDEF -t 8 -m 10 -p 1
Hash:       cc894b3e1345fcc3f36c0f9b808021160ec34a97441987ffb7a775bb0c34d5e8

I get the same hash as with the argon2 tool in python3, with this script:

from nacl import pwhash

password = b'masonit'
kdf = pwhash.argon2i.kdf
salt = b'0123456789ABCDEF'
Alices_key = kdf(32, password, salt,
                 opslimit=8, memlimit=1048576 )
print(Alices_key.hex())
bryant commented 6 years ago

This could be due to the fact argon2rs is still on version 0x10 of the spec, whereas the latter two tools are version 0x13. I'll have a closer look this weekend.

bryant commented 6 years ago

Fixed in https://github.com/bryant/argon2rs/commit/03643d62bc5117d3ba5794aa1ebd3665d738e005.

$ echo -n "masonit" | cargo run --example cli 8 1 10 0123456789ABCDEF
     Running `target/debug/examples/cli 8 1 10 0123456789ABCDEF`
Hash: cc894b3e1345fcc3f36c0f9b808021160ec34a97441987ffb7a775bb0c34d5e8