search

mheyman / Isopoh.Cryptography.Argon2

Fully managed .Net Core implementation of Argon2
Other
196 stars 9 forks source link

Output hash doesn't match output from argon2 linux utility #36

Closed sergey-brutsky closed 3 years ago

sergey-brutsky commented 3 years ago

Hi, it looks like library has a bug or I'm using it wrong way.

Here is output from argon2 utility on debian linux

 echo "123" | argon2 12345678
Type:       Argon2i
Iterations: 3
Memory:     4096 KiB
Parallelism:    1
Hash:       ae1aaf1a29bbfe3f7d7bdd66c9d6478862b4d478d029a57f83631a9904f04ee7
Encoded:    $argon2i$v=19$m=4096,t=3,p=1$MTIzNDU2Nzg$rhqvGim7/j99e91mydZHiGK01HjQKaV/g2MamQTwTuc
0.019 seconds
Verification ok

Here is my code

var config = new Argon2Config
{
    Type = Argon2Type.DataIndependentAddressing,
    Password = Encoding.UTF8.GetBytes("123"),
    Salt = Encoding.UTF8.GetBytes("12345678"),
    MemoryCost = 4096,
    HashLength = 32,
    TimeCost = 3,
    Lanes = 1
};

var hash = Argon2.Hash(config); 
Console.WriteLine(hash); #  $argon2i$v=19$m=4096,t=3,p=1$MTIzNDU2Nzg$03ZOmEzTC+JV0iORcPgaoAuZMIFRTIEaxFjKo9fc+LY

As I see output is different after the second dollar sign

Could you please explain me why ? Thanks

Details:

aptitude show argon2
Package: argon2                          
Version: 0~20171227-0.2
State: installed
Automatically installed: no
Multi-Arch: foreign
Priority: optional
Section: libs
Maintainer: Luca Bruno <lucab@debian.org>
Architecture: amd64
Uncompressed Size: 65.5 k
Depends: libc6 (>= 2.14)
Description: memory-hard hashing function - utility
 Argon2 is a password-hashing function that can be used to hash passwords for credential storage, key derivation, or other applications. 

 There are two main versions of Argon2: Argon2i and Argon2d. Argon2i is the safest against side-channel attacks, while Argon2d provides the highest resistance
 against GPU cracking attacks. 

 Argon2i and Argon2d are parametrized by: 
 * A time cost, which defines the amount of computation realized and therefore the execution time, given in number of iterations 
 * A memory cost, which defines the memory usage, given in kibibytes 
 * A parallelism degree, which defines the number of parallel threads 

 This package contains the argon2 tool for hashing data on the command-line.
Homepage: https://github.com/P-H-C/phc-winner-argon2
Tags: role::shared-lib
<PropertyGroup>
    <TargetFramework>netcoreapp3.1</TargetFramework>
</PropertyGroup>
<ItemGroup>
    <PackageReference Include="Isopoh.Cryptography.Argon2" Version="1.1.10" />
  </ItemGroup>
rangercej commented 3 years ago

I think this might be a due to echo: at the shell 'echo' outputs a new line, so you're hashing the string "123\n". If I try doing the same with echo -n to suppress the newline, it looks like I get the same hash:

$  echo -n '123' | argon2 12345678
Type:           Argon2i
Iterations:     3
Memory:         4096 KiB
Parallelism:    1
Hash:           d3764e984cd30be255d2239170f81aa00b993081514c811ac458caa3d7dcf8b6
Encoded:        $argon2i$v=19$m=4096,t=3,p=1$MTIzNDU2Nzg$03ZOmEzTC+JV0iORcPgaoAuZMIFRTIEaxFjKo9fc+LY
0.020 seconds
Verification ok
$
sergey-brutsky commented 3 years ago

Amazing, I didn't even think that problem could be in '\n'. Everything works as expected. @rangercej Thank you !