haskell-hvr / argon2 Goto Github PK
View Code? Open in Web Editor NEWHaskell bindings to libargon2 - the reference implementation of the Argon2 password-hashing function
Home Page: http://hackage.haskell.org/package/argon2
License: Other
Haskell bindings to libargon2 - the reference implementation of the Argon2 password-hashing function
Home Page: http://hackage.haskell.org/package/argon2
License: Other
Configuring argon2-1.2.0...
Building argon2-1.2.0...
Preprocessing library argon2-1.2.0...
[1 of 2] Compiling Crypto.Argon2.FFI ( .stack-work\dist\2672c1f3\build\Crypto\Argon2\FFI.hs, .stack-work\dist\2672c1f3\build\Crypto\Argon2\FFI.o )
[2 of 2] Compiling Crypto.Argon2 ( src\Crypto\Argon2.hs, .stack-work\dist\2672c1f3\build\Crypto\Argon2.o )
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x340): multiple definition of `decode_string'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x340): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x5d0): multiple definition of `encode_string'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x5d0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x960): multiple definition of `b64len'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x960): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x990): multiple definition of `numlen'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/encoding.o:encoding.c:(.text+0x990): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x0): multiple definition of `init_block_value'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x40): multiple definition of `copy_block'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x40): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x80): multiple definition of `xor_block'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x80): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0xa0): multiple definition of `allocate_memory'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0xa0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0xf0): multiple definition of `secure_wipe_memory'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0xf0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x120): multiple definition of `clear_memory'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x120): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x150): multiple definition of `free_memory'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x150): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x160): multiple definition of `finalize'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x160): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x2a0): multiple definition of `index_alpha'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x2a0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x3e0): multiple definition of `fill_memory_blocks'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x3e0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x570): multiple definition of `validate_inputs'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x570): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x730): multiple definition of `fill_first_blocks'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x730): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x800): multiple definition of `initial_hash'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x800): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x820): multiple definition of `initialize'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/core.o:core.c:(.text+0x820): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/thread.o:thread.c:(.text+0x0): multiple definition of `argon2_thread_create'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/thread.o:thread.c:(.text+0x0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/thread.o:thread.c:(.text+0x60): multiple definition of `argon2_thread_join'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/thread.o:thread.c:(.text+0x60): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/thread.o:thread.c:(.text+0xa0): multiple definition of `argon2_thread_exit'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/thread.o:thread.c:(.text+0xa0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x0): multiple definition of `fill_block'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x8f0): multiple definition of `fill_block_with_xor'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x8f0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x11f0): multiple definition of `generate_addresses'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x11f0): first defined here
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x1330): multiple definition of `fill_segment'
.stack-work\dist\2672c1f3\build\phc-winner-argon2/src/ref.o:ref.c:(.text+0x1330): first defined here
This seems similar to #10 but I tried to build their branch, and that doesn't solve the issue
From the error it seems to obviously be a problem with the argon2 C library itself, but given that argon2 builds just fine on Windows, I'm not sure why only here I'm seeing the problem
P-H-C/phc-winner-argon2@78d2a57 dropped ARGON2_FLAG_CLEAR_MEMORY
With current cabal file, builds are only possible with GHC 7.10
Basically, implement a tool mimicking
https://github.com/P-H-C/phc-winner-argon2#command-line-utility
(using optparse-applicative
) which allows to interactively access the argon2
API for scripting, debugging and testing purposes.
I noticed that the hashes generated have varying lengths.
Prelude Crypto.Argon2 B> B.length $ hash defaultHashOptions "1" "saltsaltsalt"
52
Prelude Crypto.Argon2 B> B.length $ hash defaultHashOptions "2" "saltsaltsalt"
514
Prelude Crypto.Argon2 B> B.length $ hash defaultHashOptions "3" "saltsaltsalt"
146
Suspect what's going on here is the bytestring is being truncated on NULL.
on OSX i have symbol collisions between see c
duplicate symbol _blake2b_init_key in:
/Users/carter/.cabal/store/ghc-8.0.1/cryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb/lib/libHScryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb.a(blake2b.o)
/Users/carter/.cabal/store/ghc-8.0.1/argon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1/lib/libHSargon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1.a(blake2b.o)
duplicate symbol _blake2b_init in:
/Users/carter/.cabal/store/ghc-8.0.1/cryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb/lib/libHScryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb.a(blake2b.o)
/Users/carter/.cabal/store/ghc-8.0.1/argon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1/lib/libHSargon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1.a(blake2b.o)
duplicate symbol _blake2b_init_param in:
/Users/carter/.cabal/store/ghc-8.0.1/cryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb/lib/libHScryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb.a(blake2b.o)
/Users/carter/.cabal/store/ghc-8.0.1/argon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1/lib/libHSargon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1.a(blake2b.o)
duplicate symbol _blake2b_final in:
/Users/carter/.cabal/store/ghc-8.0.1/cryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb/lib/libHScryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb.a(blake2b.o)
/Users/carter/.cabal/store/ghc-8.0.1/argon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1/lib/libHSargon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1.a(blake2b.o)
duplicate symbol _blake2b_update in:
/Users/carter/.cabal/store/ghc-8.0.1/cryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb/lib/libHScryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb.a(blake2b.o)
/Users/carter/.cabal/store/ghc-8.0.1/argon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1/lib/libHSargon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1.a(blake2b.o)
duplicate symbol _blake2b in:
/Users/carter/.cabal/store/ghc-8.0.1/cryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb/lib/libHScryptonite-0.20-0af5802ff1a1deb4cb611283f80d9b336faa42a9e6e78f7dbab10d01ae0d2eeb.a(blake2b.o)
/Users/carter/.cabal/store/ghc-8.0.1/argon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1/lib/libHSargon2-1.2.0-b9f6a4cdf7fc9c099739f9e37ad85d14069af01351740db465356c55afa097c1.a(blake2b.o)
ld: 6 duplicate symbols for architecture x86_64
clang-3.8: error: linker command failed with exit code 1 (use -v to see invocation)
`clang' failed in phase `Linker'. (Exit code: 1)
The test suite seems to take a very long time to run. It's been observed running for at least several hours.
Looking at the code, arbitraryHashOptions will pick on average 2^31 iterations. 10000 iterations takes roughly 10 minutes on semi-modern hardware, so 2^31 iterations is in the ballpark of several years (depending on how much memory is used, number of threads, etc).
Probably makes sense to cap the number of iterations at some smaller amount.
(Seems like it could also pick an amount of memory to use that is excessive, although so far I have not seen the test suite use much memory.)
On a 32-bit architecture, the Word64
type is not available, which causes a build failure:
hephaestus ~/tmp/argon2-1.1.0 % cabal build
Building argon2-1.1.0...
Preprocessing library argon2-1.1.0...
[1 of 2] Compiling Crypto.Argon2.FFI ( dist/build/Crypto/Argon2/FFI.hs, dist/build/Crypto/Argon2/FFI.o )
[2 of 2] Compiling Crypto.Argon2 ( src/Crypto/Argon2.hs, dist/build/Crypto/Argon2.o )
src/Crypto/Argon2.hs:99:41:
Couldn't match type ‘Word64’ with ‘Word32’
Expected type: Argon2Encoded
Actual type: Word32
-> Word32
-> Word32
-> Ptr CChar
-> Word32
-> Ptr CChar
-> Word32
-> Word32
-> CString
-> Word32
-> IO Int32
In the fourth argument of ‘hashEncoded'’, namely
‘FFI.argon2i_hash_encoded’
In the first argument of ‘unsafePerformIO’, namely
‘(hashEncoded'
options
password
salt
FFI.argon2i_hash_encoded
FFI.argon2d_hash_encoded)’
src/Crypto/Argon2.hs:99:66:
Couldn't match type ‘Word64’ with ‘Word32’
Expected type: Argon2Encoded
Actual type: Word32
-> Word32
-> Word32
-> Ptr CChar
-> Word32
-> Ptr CChar
-> Word32
-> Word32
-> CString
-> Word32
-> IO Int32
In the fifth argument of ‘hashEncoded'’, namely
‘FFI.argon2d_hash_encoded’
In the first argument of ‘unsafePerformIO’, namely
‘(hashEncoded'
options
password
salt
FFI.argon2i_hash_encoded
FFI.argon2d_hash_encoded)’
src/Crypto/Argon2.hs:108:48:
Couldn't match type ‘Word64’ with ‘Word32’
Expected type: Argon2Unencoded
Actual type: Word32
-> Word32
-> Word32
-> Ptr CChar
-> Word32
-> Ptr CChar
-> Word32
-> Ptr CChar
-> Word32
-> IO Int32
In the fourth argument of ‘hash'’, namely ‘FFI.argon2i_hash_raw’
In the first argument of ‘unsafePerformIO’, namely
‘(hash'
options password salt FFI.argon2i_hash_raw FFI.argon2d_hash_raw)’
src/Crypto/Argon2.hs:108:69:
Couldn't match type ‘Word64’ with ‘Word32’
Expected type: Argon2Unencoded
Actual type: Word32
-> Word32
-> Word32
-> Ptr CChar
-> Word32
-> Ptr CChar
-> Word32
-> Ptr CChar
-> Word32
-> IO Int32
In the fifth argument of ‘hash'’, namely ‘FFI.argon2d_hash_raw’
In the first argument of ‘unsafePerformIO’, namely
‘(hash'
options password salt FFI.argon2i_hash_raw FFI.argon2d_hash_raw)’
Fails to build on Debian unstable. There are different build failures depending on whether or not. I have the debian package libargon2-0-dev installed
joey@darkstar:~/tmp>cabal install argon2
Resolving dependencies...
Configuring argon2-1.1.0...
Building argon2-1.1.0...
Preprocessing library argon2-1.1.0...
[1 of 2] Compiling Crypto.Argon2.FFI ( dist/build/Crypto/Argon2/FFI.hs, dist/build/Crypto/Argon2/FFI.o )
[2 of 2] Compiling Crypto.Argon2 ( src/Crypto/Argon2.hs, dist/build/Crypto/Argon2.o )
phc-winner-argon2/src/argon2.c:19:22:
fatal error: encoding.h: No such file or directory
compilation terminated.
Failed to install argon2-1.1.0
cabal: Error: some packages failed to install:
argon2-1.1.0 failed during the building phase. The exception was:
ExitFailure 1
- exit 1
joey@darkstar:~/tmp>sudo apt-get remove libargon2-0
libargon2-0 libargon2-0-dev
joey@darkstar:~/tmp>sudo apt-get remove libargon2-0-dev
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
gstreamer0.10-alsa gstreamer0.10-plugins-bad libapache2-mod-dnssd
libargon2-0 libc6-i686:i386 libcdaudio1 libgnome-bluetooth13
libgstreamer-plugins-bad0.10-0 libkeybinder0 libqtwebkit4 libslv2-9
libstd-rust-1.8 linux-image-3.2.0-4-amd64 vlc-plugin-samba xfce4-volumed
Use 'sudo apt autoremove' to remove them.
The following packages will be REMOVED:
libargon2-0-dev
0 upgraded, 0 newly installed, 1 to remove and 408 not upgraded.
After this operation, 88.1 kB disk space will be freed.
Do you want to continue? [Y/n]
(Reading database ... 305707 files and directories currently installed.)
Removing libargon2-0-dev:amd64 (0~20160406-2) ...
joey@darkstar:~/tmp>cabal install argon2
Resolving dependencies...
Configuring argon2-1.1.0...
Building argon2-1.1.0...
Preprocessing library argon2-1.1.0...
FFI.hsc:6:20: fatal error: argon2.h: No such file or directory
compilation terminated.
compiling dist/build/Crypto/Argon2/FFI_hsc_make.c failed (exit code 1)
command was: /usr/bin/gcc -c dist/build/Crypto/Argon2/FFI_hsc_make.c -o dist/build/Crypto/Argon2/FFI_hsc_make.o -fno-stack-protector -D__GLASGOW_HASKELL__=710 -Dlinux_BUILD_OS=1 -Dx86_64_BUILD_ARCH=1 -Dlinux_HOST_OS=1 -Dx86_64_HOST_ARCH=1 -Iphc-winner-argon2/src -Idist/build/autogen -include dist/build/autogen/cabal_macros.h -I/usr/lib/ghc/bytes_6VWy06pWzJq9evDvK2d4w6/include -I/usr/lib/ghc/base_HQfYBxpPvuw8OunzQu6JGM/include -I/usr/lib/ghc/integ_2aU3IZNMF9a7mQ0OzsZ0dS/include -I/usr/lib/ghc/include -I/usr/lib/ghc/include/
Failed to install argon2-1.1.0
cabal: Error: some packages failed to install:
argon2-1.1.0 failed during the building phase. The exception was:
ExitFailure 1
I needed to use this to do password-based key derivation of a 32-byte key (for NaCl) and had to semi-fork the code to allow a user-defined outLen. (It didn't seem quite custom enough to warrant using the FFI bindings directly.)
Since adding an outLen parameter to the existing hash functions would break the API, perhaps it could be added as separate functions?
Very happy to send a pull request if you'd like.
hashEncoded does not generate the same hash as the argon2 reference implementation.
Installed argon2-1.1.0
joey@darkstar:~/tmp/argon2>ghci
GHCi, version 7.10.3: http://www.haskell.org/ghc/ :? for help
ghci> :set -XOverloadedStrings
ghci> import Crypto.Argon2
ghci> hashEncoded defaultHashOptions "foo" "12345678"
"$argon2i$m=131072,t=1,p=4$MTIzNDU2Nzg$f6N/8q+yVJ/Xzc27ZDSQhjFQl8GL6bR9KfXbtBXQoXr2DS4nezcDj0IZp/I4dhQuD4VzzCrpElxIgfKd/uK4ZQ"
Compare with the reference implementation's argon2 program (here from the argon2 package on Debian, version 0~20160821-1):
joey@darkstar:~>printf foo | argon2 12345678 -t 1 -m 17 -p 4 -e -l 64
$argon2i$v=19$m=131072,t=1,p=4$MTIzNDU2Nzg$agfSdiUj2SVmZ2rN0dCHMP6JWvA6OpVHg//dwN2/vMb63cTpDqrMpsXFQrEzYeGxd0iOvBTmtTqu3RlRniVisA
This is due to the haskell package embedding an older version of phc-winner-argon2. The new version adds $v=19 to the prefix of the encoded hash, and appears to have made some tweaks to the hash, so legitimately changing it.
My fork of this package adds a use-system-library build flag, and when built that way, it links against the system libargon2.so, and generates the same hash as the argon2 program does.
So, the embedded copy of phc-winner-argon2 needs to be updated.
I would be happy the help maintain this package -- starting with a update/revision for ghc-9.2.1 (base-4.16., bytestring-0.11.).
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.