Make it compile again

Avoid null SEGV if libargon passed string with too few $

Seen on netbsd-9 built xscreensaver running on a current system.
Whatever triggered this should also be fixed, but in the meantime
we can imp

Avoid null SEGV if libargon passed string with too few $

Seen on netbsd-9 built xscreensaver running on a current system.
Whatever triggered this should also be fixed, but in the meantime
we can improve the behaviour from "Segmentation Fault"

show more ...

Free strdup'd value in libargon decode_option error paths

If its worth freeing in the success path, its worth freeing in the
error path... (given we don't _exit or similar)

remove dup assignments (RVP)

crypt(3): document some of the memory units we're dealing with

Be a little bit more eager to let Argon2 use memory.

crypt(3): For argon2, default to time=3.

Good enough for a 50MHz SPARC, a shark, and the spec.

crypt(3): return 0 -> return NULL for function returning char *

crypt(3): Adapt default Argon2 parameters to system performance

If the parameters are unspecified:

- Set the default memory consumption based on the amount of memory
available to userspace.

The al

crypt(3): Adapt default Argon2 parameters to system performance

If the parameters are unspecified:

- Set the default memory consumption based on the amount of memory
available to userspace.

The algorithm actually slows down incredibly quickly as the "memory"
parameter is increased. We want to avoid running out of memory on low
memory systems, but increase the difficulty of bruteforcing passwords
from systems with a lot of memory. At the same time, we want to avoid
problems when concurrent logins are happening.

- Run a hashing loop for one second with steadily increasing "time"
until we settle on a value for "time". We want to use as much CPU time
as reasonable for computing the password hash without making logins
inconvenient.

show more ...

libcrypt: Hide more private symbols by default. Fix style.

added missing copyright header. pointed out by nia. no functional change

crypt(3): clean up some leftover debug goo

crypt(3): match the Argon2 reference implementation's Base64 exactly

There are too many minor variations regarding padding and exact alphabet
to safely use the implementation in libc or an existing

crypt(3): match the Argon2 reference implementation's Base64 exactly

There are too many minor variations regarding padding and exact alphabet
to safely use the implementation in libc or an existing implementation
in libcrypt.

show more ...

crypt(3): Make Argon2 implementation match the reference impl by
making sure input salts are decoded as base64.

paranoia: use explicit_memset

crypt-argon2: Properly honor user's version number.

Follow upstream by defaulting to 0x10 if it's not specified.

crypt-argon2: improve resilience of the parser.

Allow the version number to be unspecified as in the argon2 upstream
test suite, properly defaulting to a version if the v= block is
entirely missing,

crypt-argon2: improve resilience of the parser.

Allow the version number to be unspecified as in the argon2 upstream
test suite, properly defaulting to a version if the v= block is
entirely missing, and treating the remaining block as parameters.

Fix a null pointer derefence when the encoded password is unspecified
in the settings string.

show more ...

Remove extra semicolon.

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

show more ...