class Argon2::Password
Front-end API for the Argon2 module.
def self.hash(pass)
def self.hash(pass) argon2 = Argon2::Password.new argon2.hash(pass) end
def self.verify_password(pass, hash, secret = nil)
def self.verify_password(pass, hash, secret = nil) raise ArgonHashFail, "Invalid hash" unless /^\$argon2i\$.{,110}/.match hash Argon2::Engine.argon2i_verify(pass, hash, secret) end
def hash(pass)
def hash(pass) # It is technically possible to include NULL bytes, however our C # uses strlen(). It is not deemed suitable to accept a user password # with such a character. raise ArgonHashFail, "NULL bytes not permitted" if /\0/.match(pass) Argon2::Engine.hash_argon2i_encode( pass, @salt, @t_cost, @m_cost, @secret) end
def initialize(options = {})
def initialize(options = {}) @t_cost = options[:t_cost] || 2 raise ArgonHashFail, "Invalid t_cost" if @t_cost < 1 || @t_cost > 10 @m_cost = options[:m_cost] || 16 raise ArgonHashFail, "Invalid m_cost" if @t_cost < 1 || @t_cost > 31 @salt = options[:salt_do_not_supply] || Engine.saltgen @secret = options[:secret] end