Merge pull request #290 from bmarwell/SHIRO-290-review1

[SHIRO-290] add review suggestions
apache · Apr 16, 2021 · 388df53 · 388df53
2 parents 9909a99 + d138ccf
commit 388df53
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 20 deletions.
diff --git a/...hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2Hash.java b/...hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2Hash.java
@@ -53,6 +53,9 @@
  *
  * <p>Example crypt string is: {@code $argon2i$v=19$m=16384,t=100,p=2$M3ByeyZKLjFRREJqQi87WQ$5kRCtDjL6RoIWGq9bL27DkFNunucg1hW280PmP0XDtY}.</p>
  *
+ * <p>Default values are taken from <a href="https://datatracker.ietf.org/doc/draft-irtf-cfrg-argon2/?include_text=1">draft-irtf-cfrg-argon2-13</a>.
+ * This implementation is using the parameters from section 4, paragraph 2 (memory constrained environment).</p>
+ *
  * @since 2.0
  */
 class Argon2Hash extends AbstractCryptHash {
@@ -64,24 +67,35 @@ class Argon2Hash extends AbstractCryptHash {
 
     public static final int DEFAULT_ALGORITHM_VERSION = Argon2Parameters.ARGON2_VERSION_13;
 
-    public static final int DEFAULT_ITERATIONS = 3;
+    /**
+     * Number of iterations, default taken from draft-irtf-cfrg-argon2-13, 4.2.
+     */
+    public static final int DEFAULT_ITERATIONS = 1;
 
-    public static final int DEFAULT_MEMORY_KIB = 4096;
+    /**
+     * Amount of memory, default (64 MiB) taken from draft-irtf-cfrg-argon2-13, 4.2.
+     */
+    public static final int DEFAULT_MEMORY_KIB = 64 * 1024;
 
     private static final Set<String> ALGORITHMS_ARGON2 = new HashSet<>(Arrays.asList("argon2id", "argon2i", "argon2d"));
 
     private static final Pattern DELIMITER_COMMA = Pattern.compile(",");
 
-
+    /**
+     * Number of default lanes, p=4 is the default recommendation, taken from draft-irtf-cfrg-argon2-13, 4.2.
+     */
     public static final int DEFAULT_PARALLELISM = 4;
 
-    public static final int DEFAULT_OUTPUT_LENGTH = 32;
+    /**
+     * 256 bits tag size is the default recommendation, taken from draft-irtf-cfrg-argon2-13, 4.2.
+     */
+    public static final int DEFAULT_OUTPUT_LENGTH_BITS = 256;
 
 
     /**
-     * 128 bits of salt is the recommended salt length.
+     * 128 bits of salt is the recommended salt length, taken from draft-irtf-cfrg-argon2-13, 4.2.
      */
-    private static final int SALT_LENGTH = 16;
+    private static final int SALT_LENGTH_BITS = 128;
 
     private final int argonVersion;
 
@@ -110,7 +124,7 @@ protected static ByteSource createSalt() {
     }
 
     public static ByteSource createSalt(SecureRandom random) {
-        return new SimpleByteSource(random.generateSeed(SALT_LENGTH));
+        return new SimpleByteSource(random.generateSeed(SALT_LENGTH_BITS / 8));
     }
 
     public static Argon2Hash fromString(String input) {
@@ -181,7 +195,7 @@ public static Argon2Hash generate(final ByteSource source, final ByteSource salt
     }
 
     public static Argon2Hash generate(String algorithmName, ByteSource source, ByteSource salt, int iterations) {
-        return generate(algorithmName, DEFAULT_ALGORITHM_VERSION, source, salt, iterations, DEFAULT_MEMORY_KIB, DEFAULT_PARALLELISM, DEFAULT_OUTPUT_LENGTH);
+        return generate(algorithmName, DEFAULT_ALGORITHM_VERSION, source, salt, iterations, DEFAULT_MEMORY_KIB, DEFAULT_PARALLELISM, DEFAULT_OUTPUT_LENGTH_BITS);
     }
 
     public static Argon2Hash generate(
@@ -192,7 +206,7 @@ public static Argon2Hash generate(
             int iterations,
             int memoryAsKB,
             int parallelism,
-            int outputLength
+            int outputLengthBits
     ) {
         final int type;
         switch (requireNonNull(algorithmName, "algorithmName")) {
@@ -222,7 +236,7 @@ public static Argon2Hash generate(
         final Argon2BytesGenerator gen = new Argon2BytesGenerator();
         gen.init(parameters);
 
-        final byte[] hash = new byte[outputLength];
+        final byte[] hash = new byte[outputLengthBits / 8];
         gen.generateBytes(source.getBytes(), hash);
 
         return new Argon2Hash(algorithmName, argonVersion, hash, new SimpleByteSource(salt), iterations, memoryAsKB, parallelism);
@@ -262,7 +276,15 @@ public int getIterations() {
     @Override
     public boolean matchesPassword(ByteSource plaintextBytes) {
         try {
-            Argon2Hash compare = generate(this.getAlgorithmName(), this.argonVersion, plaintextBytes, this.getSalt(), this.getIterations(), this.memoryKiB, this.parallelism, this.getBytes().length);
+            Argon2Hash compare = generate(
+                    this.getAlgorithmName(),
+                    this.argonVersion,
+                    plaintextBytes,
+                    this.getSalt(),
+                    this.getIterations(),
+                    this.memoryKiB,
+                    this.parallelism,
+                    this.getBytes().length * 8);
 
             return this.equals(compare);
         } catch (IllegalArgumentException illegalArgumentException) {
@@ -274,7 +296,7 @@ public boolean matchesPassword(ByteSource plaintextBytes) {
 
     @Override
     public int getSaltLength() {
-        return SALT_LENGTH;
+        return SALT_LENGTH_BITS / 8;
     }
 
     @Override

diff --git a/...rgon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2HashProvider.java b/...rgon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2HashProvider.java
@@ -99,9 +99,9 @@ public Argon2Hash generate(HashRequest hashRequest) {
                     .flatMap(algoV -> intOrEmpty(algoV, Parameters.PARAMETER_PARALLELISM))
                     .orElse(Parameters.DEFAULT_PARALLELISM);
 
-            final int outputLength = Optional.ofNullable(hashRequest.getParameters().get(Parameters.PARAMETER_OUTPUT_LENGTH))
-                    .flatMap(algoV -> intOrEmpty(algoV, Parameters.PARAMETER_OUTPUT_LENGTH))
-                    .orElse(Parameters.DEFAULT_OUTPUT_LENGTH);
+            final int outputLengthBits = Optional.ofNullable(hashRequest.getParameters().get(Parameters.PARAMETER_OUTPUT_LENGTH_BITS))
+                    .flatMap(algoV -> intOrEmpty(algoV, Parameters.PARAMETER_OUTPUT_LENGTH_BITS))
+                    .orElse(Parameters.DEFAULT_OUTPUT_LENGTH_BITS);
 
             return Argon2Hash.generate(
                     algorithmName,
@@ -111,7 +111,7 @@ public Argon2Hash generate(HashRequest hashRequest) {
                     iterations,
                     memoryKib,
                     parallelism,
-                    outputLength
+                    outputLengthBits
             );
         }
 
@@ -162,7 +162,7 @@ public static final class Parameters {
         public static final int DEFAULT_ITERATIONS = Argon2Hash.DEFAULT_ITERATIONS;
         public static final int DEFAULT_MEMORY_KIB = Argon2Hash.DEFAULT_MEMORY_KIB;
         public static final int DEFAULT_PARALLELISM = Argon2Hash.DEFAULT_PARALLELISM;
-        public static final int DEFAULT_OUTPUT_LENGTH = Argon2Hash.DEFAULT_OUTPUT_LENGTH;
+        public static final int DEFAULT_OUTPUT_LENGTH_BITS = Argon2Hash.DEFAULT_OUTPUT_LENGTH_BITS;
 
         /**
          * Parameter for modifying the internal algorithm used by Argon2.
@@ -192,13 +192,13 @@ public static final class Parameters {
         public static final String PARAMETER_PARALLELISM = "Argon2.parallelism";
 
         /**
-         * The output length of the resulting data section.
+         * The output length (in bits) of the resulting data section.
          *
          * <p>Argon2 allows to modify the length of the generated output.</p>
          *
-         * <p>The default value is {@value DEFAULT_OUTPUT_LENGTH} when this parameter is not specified.</p>
+         * <p>The default value is {@value DEFAULT_OUTPUT_LENGTH_BITS} when this parameter is not specified.</p>
          */
-        public static final String PARAMETER_OUTPUT_LENGTH = "Argon2.outputLength";
+        public static final String PARAMETER_OUTPUT_LENGTH_BITS = "Argon2.outputLength";
 
         private Parameters() {
             // utility class