mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-01-31 03:27:39 +00:00
561 lines
20 KiB
C
561 lines
20 KiB
C
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:8;coding:utf-8 -*-│
|
|
│vi: set net ft=c ts=4 sts=4 sw=4 fenc=utf-8 :vi│
|
|
╚──────────────────────────────────────────────────────────────────────────────╝
|
|
│ │
|
|
│ Argon2 reference source code package - reference C implementations │
|
|
│ │
|
|
│ Copyright 2015 │
|
|
│ Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves │
|
|
│ │
|
|
│ You may use this work under the terms of a Creative Commons CC0 1.0 │
|
|
│ License/Waiver or the Apache Public License 2.0, at your option. The │
|
|
│ terms of these licenses can be found at: │
|
|
│ │
|
|
│ - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 │
|
|
│ - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 │
|
|
│ │
|
|
╚─────────────────────────────────────────────────────────────────────────────*/
|
|
#include "libc/limits.h"
|
|
#include "libc/mem/mem.h"
|
|
#include "libc/str/str.h"
|
|
#include "third_party/argon2/argon2.h"
|
|
#include "third_party/argon2/core.h"
|
|
#include "third_party/argon2/encoding.h"
|
|
|
|
asm(".ident\t\"\\n\\n\
|
|
argon2 (CC0 or Apache2)\\n\
|
|
Copyright 2016 Daniel Dinu, Dmitry Khovratovich\\n\
|
|
Copyright 2016 Jean-Philippe Aumasson, Samuel Neves\"");
|
|
/* clang-format off */
|
|
|
|
/**
|
|
* Function that gives the string representation of an argon2_type.
|
|
* @param type The argon2_type that we want the string for
|
|
* @param uppercase Whether the string should have the first letter uppercase
|
|
* @return NULL if invalid type, otherwise the string representation.
|
|
*/
|
|
const char *argon2_type2string(argon2_type type, int uppercase) {
|
|
switch (type) {
|
|
case Argon2_d:
|
|
return uppercase ? "Argon2d" : "argon2d";
|
|
case Argon2_i:
|
|
return uppercase ? "Argon2i" : "argon2i";
|
|
case Argon2_id:
|
|
return uppercase ? "Argon2id" : "argon2id";
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
/**
|
|
* Function that performs memory-hard hashing with certain degree of parallelism
|
|
* @param context Pointer to the Argon2 internal structure
|
|
* @return Error code if smth is wrong, ARGON2_OK otherwise
|
|
*/
|
|
int argon2_ctx(argon2_context *context, argon2_type type) {
|
|
/* 1. Validate all inputs */
|
|
int result = validate_inputs(context);
|
|
uint32_t memory_blocks, segment_length;
|
|
argon2_instance_t instance;
|
|
|
|
if (ARGON2_OK != result) {
|
|
return result;
|
|
}
|
|
|
|
if (Argon2_d != type && Argon2_i != type && Argon2_id != type) {
|
|
return ARGON2_INCORRECT_TYPE;
|
|
}
|
|
|
|
/* 2. Align memory size */
|
|
/* Minimum memory_blocks = 8L blocks, where L is the number of lanes */
|
|
memory_blocks = context->m_cost;
|
|
|
|
if (memory_blocks < 2 * ARGON2_SYNC_POINTS * context->lanes) {
|
|
memory_blocks = 2 * ARGON2_SYNC_POINTS * context->lanes;
|
|
}
|
|
|
|
segment_length = memory_blocks / (context->lanes * ARGON2_SYNC_POINTS);
|
|
/* Ensure that all segments have equal length */
|
|
memory_blocks = segment_length * (context->lanes * ARGON2_SYNC_POINTS);
|
|
|
|
instance.version = context->version;
|
|
instance.memory = NULL;
|
|
instance.passes = context->t_cost;
|
|
instance.memory_blocks = memory_blocks;
|
|
instance.segment_length = segment_length;
|
|
instance.lane_length = segment_length * ARGON2_SYNC_POINTS;
|
|
instance.lanes = context->lanes;
|
|
instance.threads = context->threads;
|
|
instance.type = type;
|
|
|
|
if (instance.threads > instance.lanes) {
|
|
instance.threads = instance.lanes;
|
|
}
|
|
|
|
/* 3. Initialization: Hashing inputs, allocating memory, filling first
|
|
* blocks
|
|
*/
|
|
result = initialize(&instance, context);
|
|
|
|
if (ARGON2_OK != result) {
|
|
return result;
|
|
}
|
|
|
|
/* 4. Filling memory */
|
|
result = fill_memory_blocks(&instance);
|
|
|
|
if (ARGON2_OK != result) {
|
|
return result;
|
|
}
|
|
/* 5. Finalization */
|
|
finalize(context, &instance);
|
|
|
|
return ARGON2_OK;
|
|
}
|
|
|
|
int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt, const size_t saltlen,
|
|
void *hash, const size_t hashlen, char *encoded,
|
|
const size_t encodedlen, argon2_type type,
|
|
const uint32_t version){
|
|
|
|
argon2_context context;
|
|
int result;
|
|
uint8_t *out;
|
|
|
|
if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
|
|
return ARGON2_PWD_TOO_LONG;
|
|
}
|
|
|
|
if (saltlen > ARGON2_MAX_SALT_LENGTH) {
|
|
return ARGON2_SALT_TOO_LONG;
|
|
}
|
|
|
|
if (hashlen > ARGON2_MAX_OUTLEN) {
|
|
return ARGON2_OUTPUT_TOO_LONG;
|
|
}
|
|
|
|
if (hashlen < ARGON2_MIN_OUTLEN) {
|
|
return ARGON2_OUTPUT_TOO_SHORT;
|
|
}
|
|
|
|
out = malloc(hashlen);
|
|
if (!out) {
|
|
return ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
}
|
|
|
|
context.out = (uint8_t *)out;
|
|
context.outlen = (uint32_t)hashlen;
|
|
context.pwd = (uint8_t *)(uintptr_t)pwd;
|
|
context.pwdlen = (uint32_t)pwdlen;
|
|
context.salt = (uint8_t *)(uintptr_t)salt;
|
|
context.saltlen = (uint32_t)saltlen;
|
|
context.secret = NULL;
|
|
context.secretlen = 0;
|
|
context.ad = NULL;
|
|
context.adlen = 0;
|
|
context.t_cost = t_cost;
|
|
context.m_cost = m_cost;
|
|
context.lanes = parallelism;
|
|
context.threads = parallelism;
|
|
context.allocate_cbk = NULL;
|
|
context.free_cbk = NULL;
|
|
context.flags = ARGON2_DEFAULT_FLAGS;
|
|
context.version = version;
|
|
|
|
result = argon2_ctx(&context, type);
|
|
|
|
if (result != ARGON2_OK) {
|
|
clear_internal_memory(out, hashlen);
|
|
free(out);
|
|
return result;
|
|
}
|
|
|
|
/* if raw hash requested, write it */
|
|
if (hash) {
|
|
memcpy(hash, out, hashlen);
|
|
}
|
|
|
|
/* if encoding requested, write it */
|
|
if (encoded && encodedlen) {
|
|
if (encode_string(encoded, encodedlen, &context, type) != ARGON2_OK) {
|
|
clear_internal_memory(out, hashlen); /* wipe buffers if error */
|
|
clear_internal_memory(encoded, encodedlen);
|
|
free(out);
|
|
return ARGON2_ENCODING_FAIL;
|
|
}
|
|
}
|
|
clear_internal_memory(out, hashlen);
|
|
free(out);
|
|
|
|
return ARGON2_OK;
|
|
}
|
|
|
|
/**
|
|
* Hashes a password with Argon2i, producing an encoded hash
|
|
* @param t_cost Number of iterations
|
|
* @param m_cost Sets memory usage to m_cost kibibytes
|
|
* @param parallelism Number of threads and compute lanes
|
|
* @param pwd Pointer to password
|
|
* @param pwdlen Password size in bytes
|
|
* @param salt Pointer to salt
|
|
* @param saltlen Salt size in bytes
|
|
* @param hashlen Desired length of the hash in bytes
|
|
* @param encoded Buffer where to write the encoded hash
|
|
* @param encodedlen Size of the buffer (thus max size of the encoded hash)
|
|
* @pre Different parallelism levels will give different results
|
|
* @pre Returns ARGON2_OK if successful
|
|
*/
|
|
int argon2i_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, const size_t hashlen,
|
|
char *encoded, const size_t encodedlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
NULL, hashlen, encoded, encodedlen, Argon2_i,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
/**
|
|
* Hashes a password with Argon2i, producing a raw hash at @hash
|
|
* @param t_cost Number of iterations
|
|
* @param m_cost Sets memory usage to m_cost kibibytes
|
|
* @param parallelism Number of threads and compute lanes
|
|
* @param pwd Pointer to password
|
|
* @param pwdlen Password size in bytes
|
|
* @param salt Pointer to salt
|
|
* @param saltlen Salt size in bytes
|
|
* @param hash Buffer where to write the raw hash - updated by the function
|
|
* @param hashlen Desired length of the hash in bytes
|
|
* @pre Different parallelism levels will give different results
|
|
* @pre Returns ARGON2_OK if successful
|
|
*/
|
|
int argon2i_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, void *hash, const size_t hashlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
hash, hashlen, NULL, 0, Argon2_i, ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2d_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, const size_t hashlen,
|
|
char *encoded, const size_t encodedlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
NULL, hashlen, encoded, encodedlen, Argon2_d,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2d_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, void *hash, const size_t hashlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
hash, hashlen, NULL, 0, Argon2_d, ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2id_hash_encoded(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, const size_t hashlen,
|
|
char *encoded, const size_t encodedlen) {
|
|
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
NULL, hashlen, encoded, encodedlen, Argon2_id,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
int argon2id_hash_raw(const uint32_t t_cost, const uint32_t m_cost,
|
|
const uint32_t parallelism, const void *pwd,
|
|
const size_t pwdlen, const void *salt,
|
|
const size_t saltlen, void *hash, const size_t hashlen) {
|
|
return argon2_hash(t_cost, m_cost, parallelism, pwd, pwdlen, salt, saltlen,
|
|
hash, hashlen, NULL, 0, Argon2_id,
|
|
ARGON2_VERSION_NUMBER);
|
|
}
|
|
|
|
static int argon2_compare(const uint8_t *b1, const uint8_t *b2, size_t len) {
|
|
size_t i;
|
|
uint8_t d = 0U;
|
|
|
|
for (i = 0U; i < len; i++) {
|
|
d |= b1[i] ^ b2[i];
|
|
}
|
|
return (int)((1 & ((d - 1) >> 8)) - 1);
|
|
}
|
|
|
|
int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
|
|
argon2_type type) {
|
|
|
|
argon2_context ctx;
|
|
uint8_t *desired_result = NULL;
|
|
int ret = ARGON2_OK;
|
|
size_t encoded_len;
|
|
uint32_t max_field_len;
|
|
|
|
if (pwdlen > ARGON2_MAX_PWD_LENGTH) {
|
|
return ARGON2_PWD_TOO_LONG;
|
|
}
|
|
|
|
if (encoded == NULL) {
|
|
return ARGON2_DECODING_FAIL;
|
|
}
|
|
|
|
encoded_len = strlen(encoded);
|
|
if (encoded_len > UINT32_MAX) {
|
|
return ARGON2_DECODING_FAIL;
|
|
}
|
|
|
|
/* No field can be longer than the encoded length */
|
|
max_field_len = (uint32_t)encoded_len;
|
|
|
|
ctx.saltlen = max_field_len;
|
|
ctx.outlen = max_field_len;
|
|
|
|
ctx.salt = malloc(ctx.saltlen);
|
|
ctx.out = malloc(ctx.outlen);
|
|
if (!ctx.salt || !ctx.out) {
|
|
ret = ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
goto fail;
|
|
}
|
|
|
|
ctx.pwd = (uint8_t *)pwd;
|
|
ctx.pwdlen = (uint32_t)pwdlen;
|
|
|
|
ret = decode_string(&ctx, encoded, type);
|
|
if (ret != ARGON2_OK) {
|
|
goto fail;
|
|
}
|
|
|
|
/* Set aside the desired result, and get a new buffer. */
|
|
desired_result = ctx.out;
|
|
ctx.out = malloc(ctx.outlen);
|
|
if (!ctx.out) {
|
|
ret = ARGON2_MEMORY_ALLOCATION_ERROR;
|
|
goto fail;
|
|
}
|
|
|
|
ret = argon2_verify_ctx(&ctx, (char *)desired_result, type);
|
|
if (ret != ARGON2_OK) {
|
|
goto fail;
|
|
}
|
|
|
|
fail:
|
|
free(ctx.salt);
|
|
free(ctx.out);
|
|
free(desired_result);
|
|
|
|
return ret;
|
|
}
|
|
|
|
/**
|
|
* Verifies a password against an encoded string
|
|
* Encoded string is restricted as in validate_inputs()
|
|
* @param encoded String encoding parameters, salt, hash
|
|
* @param pwd Pointer to password
|
|
* @pre Returns ARGON2_OK if successful
|
|
*/
|
|
int argon2i_verify(const char *encoded, const void *pwd, const size_t pwdlen) {
|
|
|
|
return argon2_verify(encoded, pwd, pwdlen, Argon2_i);
|
|
}
|
|
|
|
int argon2d_verify(const char *encoded, const void *pwd, const size_t pwdlen) {
|
|
|
|
return argon2_verify(encoded, pwd, pwdlen, Argon2_d);
|
|
}
|
|
|
|
int argon2id_verify(const char *encoded, const void *pwd, const size_t pwdlen) {
|
|
|
|
return argon2_verify(encoded, pwd, pwdlen, Argon2_id);
|
|
}
|
|
|
|
/**
|
|
* Argon2d: Version of Argon2 that picks memory blocks depending
|
|
* on the password and salt. Only for side-channel-free
|
|
* environment!!
|
|
*****
|
|
* @param context Pointer to current Argon2 context
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2d_ctx(argon2_context *context) {
|
|
return argon2_ctx(context, Argon2_d);
|
|
}
|
|
|
|
/**
|
|
* Argon2i: Version of Argon2 that picks memory blocks
|
|
* independent on the password and salt. Good for side-channels,
|
|
* but worse w.r.t. tradeoff attacks if only one pass is used.
|
|
*****
|
|
* @param context Pointer to current Argon2 context
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2i_ctx(argon2_context *context) {
|
|
return argon2_ctx(context, Argon2_i);
|
|
}
|
|
|
|
/**
|
|
* Argon2id: Version of Argon2 where the first half-pass over memory is
|
|
* password-independent, the rest are password-dependent (on the password and
|
|
* salt). OK against side channels (they reduce to 1/2-pass Argon2i), and
|
|
* better with w.r.t. tradeoff attacks (similar to Argon2d).
|
|
*****
|
|
* @param context Pointer to current Argon2 context
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2id_ctx(argon2_context *context) {
|
|
return argon2_ctx(context, Argon2_id);
|
|
}
|
|
|
|
int argon2_verify_ctx(argon2_context *context, const char *hash,
|
|
argon2_type type) {
|
|
int ret = argon2_ctx(context, type);
|
|
if (ret != ARGON2_OK) {
|
|
return ret;
|
|
}
|
|
|
|
if (argon2_compare((uint8_t *)hash, context->out, context->outlen)) {
|
|
return ARGON2_VERIFY_MISMATCH;
|
|
}
|
|
|
|
return ARGON2_OK;
|
|
}
|
|
|
|
/**
|
|
* Verify if a given password is correct for Argon2d hashing
|
|
* @param context Pointer to current Argon2 context
|
|
* @param hash The password hash to verify. The length of the hash is
|
|
* specified by the context outlen member
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2d_verify_ctx(argon2_context *context, const char *hash) {
|
|
return argon2_verify_ctx(context, hash, Argon2_d);
|
|
}
|
|
|
|
/**
|
|
* Verify if a given password is correct for Argon2i hashing
|
|
* @param context Pointer to current Argon2 context
|
|
* @param hash The password hash to verify. The length of the hash is
|
|
* specified by the context outlen member
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2i_verify_ctx(argon2_context *context, const char *hash) {
|
|
return argon2_verify_ctx(context, hash, Argon2_i);
|
|
}
|
|
|
|
/**
|
|
* Verify if a given password is correct for Argon2id hashing
|
|
* @param context Pointer to current Argon2 context
|
|
* @param hash The password hash to verify. The length of the hash is
|
|
* specified by the context outlen member
|
|
* @return Zero if successful, a non zero error code otherwise
|
|
*/
|
|
int argon2id_verify_ctx(argon2_context *context, const char *hash) {
|
|
return argon2_verify_ctx(context, hash, Argon2_id);
|
|
}
|
|
|
|
/**
|
|
* Get the associated error message for given error code
|
|
* @return The error message associated with the given error code
|
|
*/
|
|
const char *argon2_error_message(int error_code) {
|
|
switch (error_code) {
|
|
case ARGON2_OK:
|
|
return "OK";
|
|
case ARGON2_OUTPUT_PTR_NULL:
|
|
return "Output pointer is NULL";
|
|
case ARGON2_OUTPUT_TOO_SHORT:
|
|
return "Output is too short";
|
|
case ARGON2_OUTPUT_TOO_LONG:
|
|
return "Output is too long";
|
|
case ARGON2_PWD_TOO_SHORT:
|
|
return "Password is too short";
|
|
case ARGON2_PWD_TOO_LONG:
|
|
return "Password is too long";
|
|
case ARGON2_SALT_TOO_SHORT:
|
|
return "Salt is too short";
|
|
case ARGON2_SALT_TOO_LONG:
|
|
return "Salt is too long";
|
|
case ARGON2_AD_TOO_SHORT:
|
|
return "Associated data is too short";
|
|
case ARGON2_AD_TOO_LONG:
|
|
return "Associated data is too long";
|
|
case ARGON2_SECRET_TOO_SHORT:
|
|
return "Secret is too short";
|
|
case ARGON2_SECRET_TOO_LONG:
|
|
return "Secret is too long";
|
|
case ARGON2_TIME_TOO_SMALL:
|
|
return "Time cost is too small";
|
|
case ARGON2_TIME_TOO_LARGE:
|
|
return "Time cost is too large";
|
|
case ARGON2_MEMORY_TOO_LITTLE:
|
|
return "Memory cost is too small";
|
|
case ARGON2_MEMORY_TOO_MUCH:
|
|
return "Memory cost is too large";
|
|
case ARGON2_LANES_TOO_FEW:
|
|
return "Too few lanes";
|
|
case ARGON2_LANES_TOO_MANY:
|
|
return "Too many lanes";
|
|
case ARGON2_PWD_PTR_MISMATCH:
|
|
return "Password pointer is NULL, but password length is not 0";
|
|
case ARGON2_SALT_PTR_MISMATCH:
|
|
return "Salt pointer is NULL, but salt length is not 0";
|
|
case ARGON2_SECRET_PTR_MISMATCH:
|
|
return "Secret pointer is NULL, but secret length is not 0";
|
|
case ARGON2_AD_PTR_MISMATCH:
|
|
return "Associated data pointer is NULL, but ad length is not 0";
|
|
case ARGON2_MEMORY_ALLOCATION_ERROR:
|
|
return "Memory allocation error";
|
|
case ARGON2_FREE_MEMORY_CBK_NULL:
|
|
return "The free memory callback is NULL";
|
|
case ARGON2_ALLOCATE_MEMORY_CBK_NULL:
|
|
return "The allocate memory callback is NULL";
|
|
case ARGON2_INCORRECT_PARAMETER:
|
|
return "Argon2_Context context is NULL";
|
|
case ARGON2_INCORRECT_TYPE:
|
|
return "There is no such version of Argon2";
|
|
case ARGON2_OUT_PTR_MISMATCH:
|
|
return "Output pointer mismatch";
|
|
case ARGON2_THREADS_TOO_FEW:
|
|
return "Not enough threads";
|
|
case ARGON2_THREADS_TOO_MANY:
|
|
return "Too many threads";
|
|
case ARGON2_MISSING_ARGS:
|
|
return "Missing arguments";
|
|
case ARGON2_ENCODING_FAIL:
|
|
return "Encoding failed";
|
|
case ARGON2_DECODING_FAIL:
|
|
return "Decoding failed";
|
|
case ARGON2_THREAD_FAIL:
|
|
return "Threading failure";
|
|
case ARGON2_DECODING_LENGTH_FAIL:
|
|
return "Some of encoded parameters are too long or too short";
|
|
case ARGON2_VERIFY_MISMATCH:
|
|
return "The password does not match the supplied hash";
|
|
default:
|
|
return "Unknown error code";
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Returns the encoded hash length for the given input parameters
|
|
* @param t_cost Number of iterations
|
|
* @param m_cost Memory usage in kibibytes
|
|
* @param parallelism Number of threads; used to compute lanes
|
|
* @param saltlen Salt size in bytes
|
|
* @param hashlen Hash size in bytes
|
|
* @param type The argon2_type that we want the encoded length for
|
|
* @return The encoded hash length in bytes
|
|
*/
|
|
size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, uint32_t parallelism,
|
|
uint32_t saltlen, uint32_t hashlen, argon2_type type) {
|
|
return strlen("$$v=$m=,t=,p=$$") + strlen(argon2_type2string(type, 0)) +
|
|
numlen(t_cost) + numlen(m_cost) + numlen(parallelism) +
|
|
b64len(saltlen) + b64len(hashlen) + numlen(ARGON2_VERSION_NUMBER) + 1;
|
|
}
|