Add Argon2 password hashing (RFC 9106)#1334
Open
Coralesoft wants to merge 3 commits intoweidai11:masterfrom
Open
Add Argon2 password hashing (RFC 9106)#1334Coralesoft wants to merge 3 commits intoweidai11:masterfrom
Coralesoft wants to merge 3 commits intoweidai11:masterfrom
Conversation
- Implement Argon2d, Argon2i, and Argon2id variants - Add RFC 9106 test vectors - Integrate with existing test suite - Support OpenMP parallelization - All variants verified against RFC 9106 Known Answer Tests
- Implement BLAKE3 hash with 32-byte default output - Support keyed hashing (MAC mode) and key derivation (KDF mode) - Add variable-length output (XOF) support - Implement tree hashing with Merkle structure for parallelization - Add official test vectors from BLAKE3 team reference implementation - Integrate with existing test suite (test.cpp case 88) - All test vectors verified against official BLAKE3 specification
Replaces variable-time separator search with constant-time implementation to mitigate Marvin Attack (CVE-2022-4304). Uses bitwise operations to avoid data-dependent timing leaks. Fixes three timing vulnerabilities: - Variable-time while loop - Early return on invalid padding - Variable-length memcpy operation Fixes weidai11#1247
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I've implemented Argon2 password hashing for Cryptopp.
( I was using the cryptopp library for a project and also needed Argon2)
This adds support for all three variants from RFC 9106: Argon2d, Argon2i, and Argon2id.
What's included:
Testing:
I've verified all three variants against the RFC 9106 Known Answer Tests and they all pass.
The implementation follows the same patterns as Scrypt and other KDFs in the library.
Implementation notes:
Let me know if you'd like me to make any changes or if you have questions
Thanks
Colin
Resolves #399