fix(encode) calculate appropriate encoded_len

Use 'argon2_encodedlen()' to determine the appropriate length of the encoded hash. 108 (old constant value) turned out to not always be desired/big enough, causing failures to encode especially with long salts. See thibaultcha:lua-argon2-ffi#8
thibaultcha · Nov 29, 2016 · b4e3f84 · b4e3f84
1 parent 338d445
commit b4e3f84
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/spec/argon2_spec.lua b/spec/argon2_spec.lua
@@ -82,6 +82,10 @@ describe("encrypt()", function()
     }))
     assert.matches("m=24,t=4,p=2", hash)
   end)
+  it("should calculate the appropriate encoded_len (triggered by long salt)", function()
+    local hash = assert(argon2.encrypt("password", string.rep("salt", 8)))
+    assert.matches("$argon2i$v=19$m=12,t=2,p=1$", hash, nil, true)
+  end)
 end)
 
 describe("verify()", function()

diff --git a/src/argon2.c b/src/argon2.c
@@ -44,7 +44,6 @@ Can be set to a new default in lua-argon2 (C binding only) by calling:
 #define DEFAULT_M_COST 12
 #define DEFAULT_PARALLELISM 1
 
-static const uint32_t ENCODED_LEN = 108u;
 static const uint32_t HASH_LEN = 32u;
 
 typedef struct {
@@ -176,7 +175,6 @@ local hash, err = argon2.encrypt("password", "somesalt", {t_cost = 4})
 static int largon2_encrypt(lua_State *L) {
     largon2_config *cfg = largon2_arg_init(L, 3);
 
-    char encoded[ENCODED_LEN];
     int ret_code;
 
     const char *plain, *salt;
@@ -221,14 +219,19 @@ static int largon2_encrypt(lua_State *L) {
         lua_pop(L, 1);
     }
 
+    size_t encoded_len = argon2_encodedlen(t_cost, m_cost, parallelism, saltlen,
+                                           HASH_LEN, argon2_t);
+
+    char encoded[encoded_len];
+
     if (argon2_t == Argon2_i)
         ret_code =
             argon2i_hash_encoded(t_cost, m_cost, parallelism, plain, plainlen,
-                                 salt, saltlen, HASH_LEN, encoded, ENCODED_LEN);
+                                 salt, saltlen, HASH_LEN, encoded, encoded_len);
     else
         ret_code =
             argon2d_hash_encoded(t_cost, m_cost, parallelism, plain, plainlen,
-                                 salt, saltlen, HASH_LEN, encoded, ENCODED_LEN);
+                                 salt, saltlen, HASH_LEN, encoded, encoded_len);
 
     if (ret_code != ARGON2_OK) {
         const char *err_msg = argon2_error_message(ret_code);