From 1cce9b1e00ed1d021ff8f6790d204c9a682785dd Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Fri, 8 Jan 2016 16:55:08 +0100
Subject: [PATCH] argon2i strings are variable length; check that they are
 zero-padded

---
 test/default/pwhash_argon2i.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/default/pwhash_argon2i.c b/test/default/pwhash_argon2i.c
index bc3dd1e1..48cdb769 100644
--- a/test/default/pwhash_argon2i.c
+++ b/test/default/pwhash_argon2i.c
@@ -209,6 +209,12 @@ int main(void)
     if (strcmp(str_out, str_out2) == 0) {
         printf("pwhash_str doesn't generate different salts\n");
     }
+    if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out),
+                       crypto_pwhash_STRBYTES - strlen(str_out)) != 1 ||
+        sodium_is_zero((const unsigned char *) str_out2 + strlen(str_out2),
+                       crypto_pwhash_STRBYTES - strlen(str_out2)) != 1) {
+        printf("pwhash_str() doesn't properly pad with zeros\n");
+    }
     if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
         printf("pwhash_str_verify failure\n");
     }