Closed neha-rai07 closed 3 years ago
Hello,
Would you mind describing what this issue is about? What are you trying to do? What did you do? What happened? What would be a minimal test case to reproduce it?
Integrated with libsodium js and we are passing values to sodium.crypto_pwhash. Using ALGORITHM_ARGON2ID. In min version it fails on below
Not sure what this means? Want to understand what is the scenario in which this error is returned.
Unfortunately, the screenshot doesn't give much clarification about the bug you are trying to report, if this is what the issue is about.
Here's an example usage of the crypto_pwhash()
function, used for key derivation (not password storage), forcing the algorithm to be Argon2Id even if a better option is available:
const _sodium = require('libsodium-wrappers');
(async () => {
await _sodium.ready;
const sodium = _sodium;
const password = "password";
const salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES);
const opsLimit = 2;
const memLimit = 67108864;
const alg = sodium.crypto_pwhash_ALG_ARGON2ID13;
const outputLen = 32;
const derivedKey = sodium.crypto_pwhash(outputLen, password, salt, opsLimit, memLimit, alg);
console.log(derivedKey);
})();
For more information about how to use that function, the libsodium documentation on password hashing may help. The API is the same in JavaScript.
Found the cause of the error. We were using memLimit value < 8192. As per documentation, this value should be >=8192.
If the error was more verbose and descriptive instead of Invalid Usage, this could be helpful in identifying the issue earlier.
Error: invalid usage at h (sodium.js:formatted:17589) at Object.qA [as crypto_pwhash] (sodium.js:formatted:19328)
for below return new Promise((resolve, reject) => { resolve(sodium.to_hex(sodium.crypto_pwhash(challenge.derivedLength, hashInput, challenge.salt, challenge.iterationDifficulty, challenge.memoryDifficulty, sodium.crypto_pwhash_ALG_ARGON2ID13))); });