Argon2 delivers different Hash 4.1.1 vs. newest Release

VCL TMS Cryptography Pack
1

This is a realy critical problem:
Using a Version 4.1.1 and newest Version of Cryptography Pack i get different Hashes!
Code used:

fArgon2 := TArgon2KeyDerivation.Create(nil);
fArgon2.outputSizeBytes := 32;
fArgon2.counter := 10; // 10 Iterationen
fArgon2.memory := 16;
fArgon2.unicode := yesUni;
fArgon2.outputFormat := TConvertType.Base64;

var
key:string;
begin
fArgon2.StringSalt := TNetEncoding.Base64.Decode(aSalt);
key:=TNetEncoding.Base64.Encode(fArgon2.GenerateKey(aPWD));
result := (aHashedPWD = key);

3

Hi,
Do you use Unicode characters in your salt? In version 4.2.6.1, we fixed an issue about Unicode characters in TArgon2KeyDerivation.SetStringSalt method.
Best regards,
Marion

4

Hi Marion,

we use a standard delphi string to set the salt. Is there a posibility to get an overload or a deprecated method to use the old (buggy) variant?
BR
Jürgen

5

Hi Jürgen,
I will create a deprecated method to use the old variant. I will release a new version next week.
Best regards,
Marion

6

Thanks! That will help as a LOT!

7

Hi,
In the 4.3.1 version, I have added a new property named useDeprecatedSalt that you can set to true to use the last version of SetStringSalt.
Best regards,
Marion

8

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.