jussi/argon2id_elixir
jussi/argon2id_elixir
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity

feat: remove test_unsafe

Browse source
This commit is contained in:
Jussi 2024-11-09 15:23:09 +02:00
parent abb3eab559
commit d2839286ce
7 changed files with 8 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -11,3 +11,4 @@ argon2id_elixir-*.tar
.DS_Store .DS_Store
/.elixir_ls/ /.elixir_ls/
*.xml *.xml
native/argon2/target/

10
README.md
View file

@ -6,7 +6,7 @@ Fast and secure Argon2 password hashing library for Elixir.
- Uses the pure Rust implementation of Argon2 - Uses the pure Rust implementation of Argon2
- Only Argon2i implementation (version 0x13) at the moment - Only Argon2i implementation (version 0x13) at the moment
- Built-in security presets (OWASP, Strong, Test/Unsafe) - Built-in security presets (OWASP, Strong)
## Installation ## Installation
@ -56,9 +56,6 @@ hash = Argon2.hash_password("secure_password123")
# Strong - Higher security for sensitive applications # Strong - Higher security for sensitive applications
hash = Argon2.hash_password("secure_password123", "strong") hash = Argon2.hash_password("secure_password123", "strong")
# Test - Fast but unsafe, only for testing purposes
hash = Argon2.hash_password("secure_password123", "test_unsafe")
``` ```
Preset specifications: Preset specifications:
@ -86,11 +83,6 @@ STRONG:
Hash time: 145ms Hash time: 145ms
Verify time: 139ms Verify time: 139ms
Memory: 65MB Memory: 65MB
TEST_UNSAFE:
Hash time: 1ms
Verify time: 1ms
Memory: 1MB
``` ```
## Development ## Development

9
lib/argon2_elixir.ex
View file

@ -1,15 +1,13 @@
defmodule Argon2 do defmodule Argon2 do
@moduledoc """ @moduledoc """
Argon2 password hashing for Elixir using Rust NIFs. Argon2 password hashing using Rust.
This module provides a secure way to hash passwords using the Argon2i algorithm This module provides a secure way to hash passwords using the Argon2i algorithm.
with configuration presets following security best practices.
## Security Presets ## Security Presets
* `:owasp` (default) - OWASP recommended settings (m=19456, t=2, p=1) * `:owasp` (default) - OWASP recommended settings (m=19456, t=2, p=1)
* `:strong` - Higher security settings (m=65540, t=3, p=4) * `:strong` - Higher security settings (m=65540, t=3, p=4)
* `:test_unsafe` - Fast settings for testing only (m=1024, t=1, p=1)
## Examples ## Examples
@ -34,7 +32,6 @@ defmodule Argon2 do
* Passwords must be at least 8 characters long * Passwords must be at least 8 characters long
* Each hash uses a unique random salt * Each hash uses a unique random salt
* The `:test_unsafe` preset should never be used in production
""" """
@type password :: String.t() @type password :: String.t()
@ -46,7 +43,7 @@ defmodule Argon2 do
## Options ## Options
* `config` - One of `"owasp"` (default), `"strong"`, or `"test_unsafe"` * `config` - One of `"owasp"` (default) or `"strong"`
## Examples ## Examples

3
lib/benchmark.ex
View file

@ -4,7 +4,7 @@ defmodule Argon2.Benchmark do
""" """
def run(rounds \\ 5) do def run(rounds \\ 5) do
configs = [nil, "strong", "test_unsafe"] configs = [nil, "strong"]
password = "benchmark_password123" password = "benchmark_password123"
IO.puts("Configuration Benchmarks (averaged over #{rounds} runs):\n") IO.puts("Configuration Benchmarks (averaged over #{rounds} runs):\n")
@ -37,7 +37,6 @@ defmodule Argon2.Benchmark do
case config do case config do
"owasp" -> 19 "owasp" -> 19
"strong" -> 65 "strong" -> 65
"test_unsafe" -> 1
end end
IO.puts(""" IO.puts("""

4
mix.exs
View file

@ -6,7 +6,7 @@ defmodule Argon2.MixProject do
def project do def project do
[ [
app: :argon2id_elixir, app: :argon2id_elixir,
version: "1.0.0", version: "1.1.0",
elixir: "~> 1.17", elixir: "~> 1.17",
start_permanent: Mix.env() == :prod, start_permanent: Mix.env() == :prod,
deps: deps(), deps: deps(),
@ -113,7 +113,7 @@ defmodule Argon2.MixProject do
[ [
main: "Argon2", main: "Argon2",
source_url: @source_url, source_url: @source_url,
extras: ["README.md"], extras: ["README.md", "LICENSE-APACHE", "LICENSE-MIT"],
groups_for_modules: [ groups_for_modules: [
Core: [ Core: [
Argon2, Argon2,

3
native/argon2/src/lib.rs
View file

@ -13,7 +13,6 @@ const MIN_PASSWORD_LENGTH: usize = 8;
enum ConfigType { enum ConfigType {
Owasp, Owasp,
Strong, Strong,
TestUnsafe,
} }
impl ConfigType { impl ConfigType {
@ -21,7 +20,6 @@ impl ConfigType {
match self { match self {
ConfigType::Owasp => Params::new(19456, 2, 1, None).expect("Invalid OWASP config"), ConfigType::Owasp => Params::new(19456, 2, 1, None).expect("Invalid OWASP config"),
ConfigType::Strong => Params::new(65540, 3, 4, None).expect("Invalid strong config"), ConfigType::Strong => Params::new(65540, 3, 4, None).expect("Invalid strong config"),
ConfigType::TestUnsafe => Params::new(1024, 1, 1, None).expect("Invalid test config"),
} }
} }
} }
@ -39,7 +37,6 @@ fn hash_password(password: String, config_type: Option<String>) -> Result<String
let config_type = match config_type.as_deref() { let config_type = match config_type.as_deref() {
Some("strong") => ConfigType::Strong, Some("strong") => ConfigType::Strong,
Some("test_unsafe") => ConfigType::TestUnsafe,
_ => ConfigType::Owasp, _ => ConfigType::Owasp,
}; };

7
test/argon2_test.exs
View file

@ -16,13 +16,6 @@ defmodule Argon2Test do
assert String.starts_with?(hash, "$argon2i$v=19$m=65540,t=3,p=4$") assert String.starts_with?(hash, "$argon2i$v=19$m=65540,t=3,p=4$")
end end
test "hashes a password with test/development config" do
config = "test_unsafe"
hash = Argon2.hash_password("password123", config)
assert is_binary(hash)
assert String.starts_with?(hash, "$argon2i$v=19$m=1024,t=1,p=1")
end
test "generates different hashes for the same password" do test "generates different hashes for the same password" do
hash1 = Argon2.hash_password("same_password123") hash1 = Argon2.hash_password("same_password123")
hash2 = Argon2.hash_password("same_password123") hash2 = Argon2.hash_password("same_password123")