Memory-hard password hash and proof-of-work function
|Latest on Hackage:||22.214.171.124|
This package is not currently in any snapshots. If you're interested in using it, we recommend adding it to Stackage Nightly. Doing so will make builds more reliable, and allow stackage.org to host generated Haddocks.
Argon2 is the key derivation function (KDF) selected as the winner of the Password Hashing Competition. The API exposed by this bindings provide access to the 3 specified variants
Argon2d(maximize resistance to GPU cracking attacks),
Argon2i(optimized to resist side-channel attacks), and
Argon2id(hybrid version combining
and allows to control various parameters (time cost, memory cost, parallelism) of the Argon2 function. Moreover, it is also supported to generate and verify the deprecated version 1.0 hashes, as well as the current version 1.3 hashes.
The Haskell API supports both raw binary hashes as well as the ASCII-based PHC string format.
This version provides bindings to the "
20171227" release of the Argon2 reference implementation (libargon2) of the Argon2 password-hashing function.
Please refer to the Argon2 specification for more information.
pkgconfig-dependsdecleration for @use-system-library@ configuration; also add new
pkg-configflag for falling back to non-
pkg-config-based FFI library linkage.
This represents a major rewrite/refactoring of this package.
Add support for generating version 1.0 hashes.
Add support for controlling length of generated hash.
Add support for hybrid
defaultHashOptionschanged to the current ones from the upstream
Argon2Exceptionby more direct
Argon2Statusenumeration; report failures purely via
Eitherrather than by throwing as exceptions.
verifyEncodedand return more informative
Argon2Statusresult instead of
phc-winner-argon2version updated to release
Mangle names of global symbols from
phc-winner-argon2to reduce risk of symbol clashes at the C ABI level.
Add support for
libargon2's optimised C routines on x86_64 (can be disabled via new
Fix potential memory leak.
Updated embedded phc-winner-argon2, so that hashes are generated using version 1.3 of the argon2 specification.
Note that that hashes generated using this version are different than hashes generated using previous versions, so anything that compares them or relies on them being stable may be broken by this update. However, Crypto.Argon2.verify will continue to be able to verify hashes produced by previous versions.
Use CSize for portability instead of Word64, fixing build on 32 bit systems. This changed the constructors of Argon2Exception, an API change.
Bug fix: Crypto.Argon2.hash returned a ByteString truncated at the first NULL.
Added use-system-library build flag.
First stable release. Same API as 1.0.0, but now features documentation and expected type class instances for data types.
QuickCheck properties added:
- verify (hashEncoded options password salt) password == True
- hash options password salt /= password
hashnow uses the underlying "raw" hash routines, rather than the encoded routines. This was a bug in 1.0.0. Thanks to @jorgen for this fix.
verifyadded, in order to correctly verify that a password matches an encoded password.
defaultHashOptionsare now more expensive.
- Initial release