Argon2 implementation

[Jujumba]

• Basic implementation
• Data input
• Salt input
• rounds/memory/parallelism/secret input
• Variant/Version input
• Bugs 🪲🔍❌
• Hash verification

closes #4

[TheBestTvarynka]

Ping me when you'll be ready for the review

[Jujumba]

I'm truly sorry, this would take much more time than I expected (due to lack of time and I've accidentally made some weird bugs I can't catch yet 😇 ).

[TheBestTvarynka]

no problem. I can understand you 😅

[Jujumba]

I need a bit of your help, @TheBestTvarynka 😅

For some weird reason, the input (and all other elements) do not show up 🤷

And after selecting Argon2 input, this problem spreads to all other inputs

[TheBestTvarynka]

@Jujumba I'll look at this tonight after the work 🙏
thank you

[Jujumba]

@Jujumba I'll look at this tonight after the work 🙏

thank you

You would better sleep at night 😅
Check this one out when you are truly free.

@TheBestTvarynka

[TheBestTvarynka]

I finally have time to look at it. first inspection:

[TheBestTvarynka]

@Jujumba, this is the cause of your problem (see the image above).
I changed it to:

impl From<&Argon2Action> for bool {
    fn from(value: &Argon2Action) -> Self {
        match value {
            Argon2Action::Hash(_) => false,
            Argon2Action::Verify(_) => true,
        }
    }
}

And now it works:

[Jujumba]

@Jujumba, this is the cause of your problem (see the image above).

I changed it to:

impl From<&Argon2Action> for bool {

    fn from(value: &Argon2Action) -> Self {

        match value {

            Argon2Action::Hash(_) => false,

            Argon2Action::Verify(_) => true,

        }

    }

}

And now it works:

Thanks 🙏

[Jujumba]

What do you think, should I implement Argon2HashAction

pub struct Argon2HashAction {
    pub memory: u32,
    pub iters: u32,
    pub paralelism: u32,
    pub output_len: u32,
    pub salt: Vec<u8>,
    pub variant: Argon2Variant,
    pub version: Argon2Version
}

Or it's better to use hashing-config from rust-argon2 crate?

I tend to the second option, but maybe it's more convenient for you to have a home-baked configuration.

@TheBestTvarynka

[TheBestTvarynka]

@Jujumba you can take the one from the library. I'm OK with it. I don't think we'll need an additional functionality, so go ahead

[Jujumba]

Nevermind, I just realized it's impossible due to serialization :)

[Jujumba]

I think computational part is somehow ready for review

@TheBestTvarynka

[Jujumba]

Ah, and sorry if some lines you didn't expect to be changed were changed

cargo fmt did its job

[TheBestTvarynka]

great, can you fix merge conflicts first?

[TheBestTvarynka]

thank you for your work. I appreciate this. I left some comments. ping me when you fix them

[Jujumba]

Recently I've cleaned my laptop from windows, but had forgotten to push some changes, so I'll start some things over. Sorry 😅 😅

@TheBestTvarynka

[TheBestTvarynka]

no problem ❤️

[Jujumba]

I'm going to ask a bit stupid question, but I've been banging my head over the wall for the last 20 minutes with that: How to fix these merge conflicts?..

Sorry for the inconvenience

@TheBestTvarynka

[Jujumba]

You can look on new changes

@TheBestTvarynka

But there are still bugs (😇)

Like this one:

And this one (which seems extra weird)

Or perhaps this is not even a bug 🤷‍♂️

Edit: the last one persists despite of salt's length. Any salt ending with = considered invalid

Edit2: I've dug a bit deeper: The returned hash is encoded in b64 with no padding. Data encoded in which format does function process_argon2 should return?

[TheBestTvarynka]

looks good. about bugs:

the last one persists despite of salt's length. Any salt ending with = considered invalid

maybe. you should play with base64 formats (with and without padding)

I've dug a bit deeper: The returned hash is encoded in b64 with no padding. Data encoded in which format does function process_argon2 should return?

in bytes. if the output from the lib is in the b64 format, then decode it and return as plain bytes

[Jujumba]

maybe. you should play with base64 formats (with and without padding)

Thanks, I've got that working. But the weirdness seems to come from argon2 crate itself?....

Encoding Some data with Some salt salt returns this:
oenotYnYadelI+Fqhs92l9hnk0xyI6+sIeSC7+6OzqM

The data is derived before encoding to plain bytes.

"Translated" to UTF-8 it means the following: 赉iץ#jvgLr#!Σ, what's not a PHC string :(

Edit: I was encoding b64 to b64 😇 After the fix, issue still persists, I'll "investigate" it later

Edit2: I forgot to mention you: @TheBestTvarynka

[TheBestTvarynka]

good code but I always find something to fix 😄

1. run cargo clippy --all-targets --all-features -- -D warnings
2. run cargo +nightly fmt --all

[TheBestTvarynka]

Suggested change

	argon2 = "0.5.2"
	password-hash = "0.5.0"
	argon2 = "0.5"
	password-hash = "0.5"

[TheBestTvarynka]

the UI of the argon2 input can be improved, but it's not a blocker

[TheBestTvarynka]

1. run cargo +nightly fmt --all -- --check
2. run cargo clippy -- -D warnings

[Jujumba]

1. run cargo +nightly fmt --all -- --check

   2. run cargo clippy -- -D warnings

I guess I'm not meant to fix that?

error: unused imports: `ByteInputProps`, `ByteInput`
 --> src/common/mod.rs:7:40
  |
7 | pub use byte_input::{build_byte_input, ByteInput, ByteInputProps};
  |                                        ^^^^^^^^^  ^^^^^^^^^^^^^^
  |
  = note: `-D unused-imports` implied by `-D warnings`
  = help: to override `-D warnings` add `#[allow(unused_imports)]`

error: unused imports: `BytesViewerProps`, `BytesViewer`
 --> src/common/mod.rs:8:24
  |
8 | pub use bytes_viewer::{BytesViewer, BytesViewerProps};
  |                        ^^^^^^^^^^^  ^^^^^^^^^^^^^^^^

error: unused import: `CheckboxProps`
 --> src/common/mod.rs:9:30
  |
9 | pub use checkbox::{Checkbox, CheckboxProps};
  |                              ^^^^^^^^^^^^^

error: unused import: `SwitchProps`
  --> src/common/mod.rs:11:26
   |
11 | pub use switch::{Switch, SwitchProps};
   |                          ^^^^^^^^^^^

error: unused imports: `KrbInputData`, `KrbInput`, `KrbMode`, `RSA_HASH_ALGOS`
 --> src/crypto_helper.rs:9:32
  |
9 | pub use algorithm::{Algorithm, KrbInput, KrbInputData, KrbMode, RSA_HASH_ALGOS};
  |                                ^^^^^^^^  ^^^^^^^^^^^^  ^^^^^^^  ^^^^^^^^^^^^^^

error: unused import: `jwt::Jwt as JwtData`
  --> src/jwt.rs:11:9
   |
11 | pub use jwt::Jwt as JwtData;
   |         ^^^^^^^^^^^^^^^^^^^

As here no lints applied to my code

[TheBestTvarynka]

I guess I'm not meant to fix that?

@Jujumba please, fix the formatting ones but leave the clippy errors

[TheBestTvarynka]

@Jujumba will you fix the merge conflicts or do I have to do it?

[Jujumba]

I guess I'm not meant to fix that?

@Jujumba please, fix the formatting ones but leave the clippy errors

They are already fixed, aren't they?

[Jujumba]

@Jujumba will you fix the merge conflicts or do I have to do it?

I really would like to delegate that work on you. Sorry 🙁