Added support for argon2 pwhash (requires libsodium >= 1.0.9)

[elijh]

No description provided.

[tarcieri]

Thanks for the PR!

Looks like there might be a bit of necessary upstream work to get the build going again. I'll take a look, and then you can rebase.

[elijh]

Thanks! I forgot to include the spec in the PR. fixed.

[elijh]

OK, I fix the test when running with older versions of libsodium. Alas, the CI is not run with a libsodium that has argon2, so argon2 test is just skipped.

[tarcieri]

@elijh can you rebase against master?

[tarcieri]

scrypt isn't "deprecated". It's actually still my preferred choice (I say this as a PHC judge)

[elijh]

I will remove the deprecation note. Although the scrypt code is still there, and can be called directly, it can no longer be used via libsodium's crypto_pwhash function (src/libsodium/crypto_pwhash/crypto_pwhash.c).

int
crypto_pwhash(unsigned char * const out, unsigned long long outlen,
              const char * const passwd, unsigned long long passwdlen,
              const unsigned char * const salt,
              unsigned long long opslimit, size_t memlimit, int alg)
{
    if (alg != crypto_pwhash_ALG_ARGON2I13) {
        errno = EINVAL;
        return -1;
    }
    return crypto_pwhash_argon2i(out, outlen, passwd, passwdlen, salt,
                                 opslimit, memlimit, alg);
}

I took this to mean it is deprecated, but only by inference. I am fond of scrypt, but I can understand the libsodium philosophy of reducing programmer choice.

[elijh]

ok, rebased and deprecation text made.

[tarcieri]

Looks good, thanks!