argon2-1.3.0.0: Memory-hard password hash and proof-of-work function

LicenseBSD3
Maintainerhvr@gnu.org
Safe HaskellTrustworthy
LanguageHaskell2010

Crypto.Argon2

Contents

Description

Crypto.Argon2 provides bindings to the reference implementation of Argon2, the password-hashing function that won the Password Hashing Competition (PHC).

The main entry points to this module are hashEncoded, which produces a crypt-like ASCII output; and hash which produces a ByteString (a stream of bytes). Argon2 is a configurable hash function, and can be configured by supplying a particular set of HashOptions - defaultHashOptions should provide a good starting point. See HashOptions for more documentation on the particular parameters that can be adjusted.

For (unsafe) access directly to the C interface, see Crypto.Argon2.FFI.

Since: 1.3.0.0

Synopsis

Hash computation & verification

Binary hash representation

hash Source #

Arguments

:: HashOptions

Options pertaining to how expensive the hash is to calculate.

-> ByteString

The password to hash. Must be less than 4294967295 bytes.

-> ByteString

The salt to use when hashing. Must be less than 4294967295 bytes.

-> Either Argon2Status ByteString

The un-encoded password hash (or error code in case of failure).

Encode a password with a given salt and HashOptions and produce a binary stream of bytes (of size hashLength).

ASCII-encoded representation

These operations use the PHC string format, a crypt(3)-like serialization format for password hashes.

hashEncoded Source #

Arguments

:: HashOptions

Options pertaining to how expensive the hash is to calculate.

-> ByteString

The password to hash. Must be less than 4294967295 bytes.

-> ByteString

The salt to use when hashing. Must be less than 4294967295 bytes.

-> Either Argon2Status ShortText

The encoded password hash (or error code in case of failure).

Encode a password with a given salt and HashOptions and produce a textual encoding according to the PHC string format of the result.

Use verifyEncoded to verify.

verifyEncoded :: ShortText -> ByteString -> Argon2Status Source #

Verify that a given password could result in a given hash output. Automatically determines the correct HashOptions based on the encoded hash (using the PHC string format as produced by hashEncoded).

Returns Argon2Ok on successful verification. If decoding is successful but the password mismatches, Argon2VerifyMismatch is returned; if decoding fails, the respective Argon2Status code is returned.

Configuring hashing

data HashOptions Source #

Parameters that can be adjusted to change the runtime performance of the hashing. See also defaultHashOptions.

Constructors

HashOptions 

Fields

Instances

Bounded HashOptions Source # 
Eq HashOptions Source # 
Ord HashOptions Source # 
Read HashOptions Source # 
Show HashOptions Source # 
Generic HashOptions Source # 

Associated Types

type Rep HashOptions :: * -> * #

NFData HashOptions Source # 

Methods

rnf :: HashOptions -> () #

type Rep HashOptions Source # 

data Argon2Variant Source #

Which variant of Argon2 to use. You should choose the variant that is most applicable to your intention to hash inputs.

Constructors

Argon2i

Argon2i uses data-independent memory access, which is preferred for password hashing and password-based key derivation. Argon2i is slower as it makes more passes over the memory to protect from tradeoff attacks.

Argon2d

Argon2d is faster and uses data-depending memory access, which makes it suitable for cryptocurrencies and applications with no threats from side-channel timing attacks.

Argon2id

Argon2id works as Argon2i for the first half of the first iteration over the memory, and as Argon2d for the rest, thus providing both side-channel attack protection and brute-force cost savings due to time-memory tradeoffs.

Instances

Bounded Argon2Variant Source # 
Enum Argon2Variant Source # 
Eq Argon2Variant Source # 
Ord Argon2Variant Source # 
Read Argon2Variant Source # 
Show Argon2Variant Source # 
Generic Argon2Variant Source # 

Associated Types

type Rep Argon2Variant :: * -> * #

NFData Argon2Variant Source # 

Methods

rnf :: Argon2Variant -> () #

type Rep Argon2Variant Source # 
type Rep Argon2Variant = D1 * (MetaData "Argon2Variant" "Crypto.Argon2" "argon2-1.3.0.0-3ASTb2AnD95JV4mJ6Vmn0b" False) ((:+:) * (C1 * (MetaCons "Argon2i" PrefixI False) (U1 *)) ((:+:) * (C1 * (MetaCons "Argon2d" PrefixI False) (U1 *)) (C1 * (MetaCons "Argon2id" PrefixI False) (U1 *))))

data Argon2Version Source #

Version of the Argon2 algorithm.

Constructors

Argon2Version10

Version 1.0 (deprecated)

Argon2Version13

Version 1.3 (See this announcment for more details)

Instances

Bounded Argon2Version Source # 
Enum Argon2Version Source # 
Eq Argon2Version Source # 
Ord Argon2Version Source # 
Read Argon2Version Source # 
Show Argon2Version Source # 
Generic Argon2Version Source # 

Associated Types

type Rep Argon2Version :: * -> * #

NFData Argon2Version Source # 

Methods

rnf :: Argon2Version -> () #

type Rep Argon2Version Source # 
type Rep Argon2Version = D1 * (MetaData "Argon2Version" "Crypto.Argon2" "argon2-1.3.0.0-3ASTb2AnD95JV4mJ6Vmn0b" False) ((:+:) * (C1 * (MetaCons "Argon2Version10" PrefixI False) (U1 *)) (C1 * (MetaCons "Argon2Version13" PrefixI False) (U1 *)))

defaultHashOptions :: HashOptions Source #

A set of default HashOptions, taken from the argon2 executable.

defaultHashOptions :: HashOptions
defaultHashOptions =
  HashOptions { hashIterations  = 3
              , hashMemory      = 2 ^ 12 -- 4 MiB
              , hashParallelism = 1
              , hashVariant     = Argon2i
              , hashVersion     = Argon2Version13
              , hashLength      = 2 ^ 5 -- 32 bytes
              }

For more information on how to select these parameters for your application, see section 6.4 of the Argon2 specification.

Status codes

data Argon2Status Source #

Returned status code for Argon2 functions.

Not all HashOptions can necessarily be used to compute hashes. If you supply unsupported or invalid HashOptions (or hashing otherwise fails) an Argon2Status value will be returned to describe the failure.

Note that this enumeration contains some status codes which are not expected to be returned by the operation provided by the Haskell API.

Constructors

Argon2Ok

OK (operation succeeded)

Argon2OutputPtrNull

Output pointer is NULL

Argon2OutputTooShort

Output is too short

Argon2OutputTooLong

Output is too long

Argon2PwdTooShort

Password is too short

Argon2PwdTooLong

Password is too long

Argon2SaltTooShort

Salt is too short

Argon2SaltTooLong

Salt is too long

Argon2AdTooShort

Associated data is too short

Argon2AdTooLong

Associated data is too long

Argon2SecretTooShort

Secret is too short

Argon2SecretTooLong

Secret is too long

Argon2TimeTooSmall

Time cost is too small

Argon2TimeTooLarge

Time cost is too large

Argon2MemoryTooLittle

Memory cost is too small

Argon2MemoryTooMuch

Memory cost is too large

Argon2LanesTooFew

Too few lanes

Argon2LanesTooMany

Too many lanes

Argon2PwdPtrMismatch

Password pointer is NULL, but password length is not 0

Argon2SaltPtrMismatch

Salt pointer is NULL, but salt length is not 0

Argon2SecretPtrMismatch

Secret pointer is NULL, but secret length is not 0

Argon2AdPtrMismatch

Associated data pointer is NULL, but ad length is not 0

Argon2MemoryAllocationError

Memory allocation error

Argon2FreeMemoryCbkNull

The free memory callback is NULL

Argon2AllocateMemoryCbkNull

The allocate memory callback is NULL

Argon2IncorrectParameter

Argon2_Context context is NULL

Argon2IncorrectType

There is no such version of Argon2

Argon2OutPtrMismatch

Output pointer mismatch

Argon2ThreadsTooFew

Not enough threads

Argon2ThreadsTooMany

Too many threads

Argon2MissingArgs

Missing arguments

Argon2EncodingFail

Encoding failed

Argon2DecodingFail

Decoding failed

Argon2ThreadFail

Threading failure

Argon2DecodingLengthFail

Some of encoded parameters are too long or too short

Argon2VerifyMismatch

The password does not match the supplied hash

Argon2InternalError

Internal error or unrecognized status code

Instances

Bounded Argon2Status Source # 
Enum Argon2Status Source # 
Eq Argon2Status Source # 
Ord Argon2Status Source # 
Read Argon2Status Source # 
Show Argon2Status Source # 
Exception Argon2Status Source # 
NFData Argon2Status Source # 

Methods

rnf :: Argon2Status -> () #