From b55febaafa045cd6c5cc8661798777f7d87b3364 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Tue, 1 Mar 2016 14:08:31 +0100
Subject: [PATCH] Bump ARGON2_MIN_TIME to 3, adjust tests accordingly

---
 src/libsodium/crypto_pwhash/argon2/argon2.h |  2 +-
 test/default/pwhash_argon2i.c               | 25 +++++++++++++--------
 test/default/pwhash_argon2i.exp             |  7 +++---
 3 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/src/libsodium/crypto_pwhash/argon2/argon2.h b/src/libsodium/crypto_pwhash/argon2/argon2.h
index 2efa754a..b8688743 100644
--- a/src/libsodium/crypto_pwhash/argon2/argon2.h
+++ b/src/libsodium/crypto_pwhash/argon2/argon2.h
@@ -45,7 +45,7 @@
     ARGON2_MIN(UINT32_C(0xFFFFFFFF), UINT64_C(1) << ARGON2_MAX_MEMORY_BITS)
 
 /* Minimum and maximum number of passes */
-#define ARGON2_MIN_TIME UINT32_C(1)
+#define ARGON2_MIN_TIME UINT32_C(3)
 #define ARGON2_MAX_TIME UINT32_C(0xFFFFFFFF)
 
 /* Minimum and maximum password length in bytes */
diff --git a/test/default/pwhash_argon2i.c b/test/default/pwhash_argon2i.c
index acf9aefd..e64abbee 100644
--- a/test/default/pwhash_argon2i.c
+++ b/test/default/pwhash_argon2i.c
@@ -3,8 +3,8 @@
 #include "cmptest.h"
 
 #define OUT_LEN 128
-#define OPSLIMIT 2
-#define MEMLIMIT 10000000
+#define OPSLIMIT 3
+#define MEMLIMIT 5000000
 
 static void tv(void)
 {
@@ -52,7 +52,7 @@ static void tv(void)
             "43ced68642bfb8bbbdd0f50b30118f5e",
             82,
             "39d82eef32010b8b79cc5ba88ed539fbaba741100f2edbeca7cc171ffeabf258",
-            190, 1, 5432947, 1 },
+            190, 3, 1432947, 1 },
           { "c7b09aec680e7b42fedd7fc792e78b2f6c1bea8f4a884320b648f81e8cf515e8ba"
             "9dcfb11d43c4aae114c1734aa69ca82d44998365db9c93744fa28b63fd16000e82"
             "61cbbe083e7e2da1e5f696bde0834fe53146d7e0e35e7de9920d041f5a5621aabe"
@@ -65,7 +65,7 @@ static void tv(void)
             "7b",
             34,
             "44071f6d181561670bda728d43fb79b443bb805afdebaf98622b5165e01b15fb",
-            231, 1, 6631659, 1 },
+            231, 1, 1631659, 1 },
           { "a14975c26c088755a8b715ff2528d647cd343987fcf4aa25e7194a8417fb2b4b3f"
             "7268da9f3182b4cfb22d138b2749d673a47ecc7525dd15a0a3c66046971784bb63"
             "d7eae24cc84f2631712075a10e10a96b0e0ee67c43e01c423cb9c44e5371017e9c"
@@ -75,7 +75,7 @@ static void tv(void)
             "55a3b4169f22cccb0745a2689407ea1901a0a766eb99",
             220,
             "3d968b2752b8838431165059319f3ff8910b7b8ecb54ea01d3f54769e9d98daf",
-            167, 1, 10784179, 1 },
+            167, 3, 1784128, 1 },
       };
     char          passwd[256];
     unsigned char salt[crypto_pwhash_SALTBYTES];
@@ -94,7 +94,8 @@ static void tv(void)
                 passwd, tests[i].passwdlen,
                 (const unsigned char *) salt, tests[i].opslimit,
                 tests[i].memlimit) != 0) {
-            printf("pwhash failure\n");
+            printf("[tv] pwhash failure (maybe intentional): [%u]\n", (unsigned int) i);
+            continue;
         }
         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
         printf("%s\n", out_hex);
@@ -144,7 +145,8 @@ static void tv2(void)
                 passwd, tests[i].passwdlen,
                 (const unsigned char *) salt, tests[i].opslimit,
                 tests[i].memlimit) != 0) {
-            printf("pwhash failure\n");
+            printf("[tv2] pwhash failure: [%u]\n", (unsigned int) i);
+            continue;
         }
         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
         printf("%s\n", out_hex);
@@ -159,6 +161,8 @@ static void tv3(void)
     } tests[] = {
         { "",
           "$argon2i$m=4096,t=1,p=1$X1NhbHQAAAAAAAAAAAAAAA$bWh++MKN1OiFHKgIWTLvIi1iHicmHH7+Fv3K88ifFfI" },
+        { "",
+          "$argon2i$m=2048,t=4,p=1$SWkxaUhpY21ISDcrRnYzSw$Mbg/Eck1kpZir5T9io7C64cpffdTBaORgyriLQFgQj8" },
         { "^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg ",
           "$argon2i$m=4096,t=3,p=2$X1NhbHQAAAAAAAAAAAAAAA$z/QMiU4lQxGsYNc/+K/bizwsA1P11UG2dj/7+aILJ4I" },
         { "K3S=KyH#)36_?]LxeR8QNKw6X=gFbxai$C%29V*",
@@ -177,7 +181,8 @@ static void tv3(void)
         memcpy(passwd, tests[i].passwd, strlen(tests[i].passwd) + 1U);
         if (crypto_pwhash_argon2i_str_verify
             (out, passwd, strlen(passwd)) != 0) {
-            printf("pwhash_str failure: [%u]\n", (unsigned int)i);
+            printf("[tv3] pwhash_str failure (maybe intentional): [%u]\n", (unsigned int) i);
+            continue;
         }
         sodium_free(out);
         sodium_free(passwd);
@@ -201,13 +206,15 @@ int main(void)
     if (crypto_pwhash_str(str_out, passwd, strlen(passwd),
                           OPSLIMIT, MEMLIMIT) != 0) {
         printf("pwhash_str failure\n");
+        return 1;
     }
     if (crypto_pwhash_str(str_out2, passwd, strlen(passwd),
                           OPSLIMIT, MEMLIMIT) != 0) {
         printf("pwhash_str(2) failure\n");
+        return 1;
     }
     if (strcmp(str_out, str_out2) == 0) {
-        printf("pwhash_str doesn't generate different salts\n");
+        printf("pwhash_str() doesn't generate different salts\n");
     }
     if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out),
                        crypto_pwhash_STRBYTES - strlen(str_out)) != 1 ||
diff --git a/test/default/pwhash_argon2i.exp b/test/default/pwhash_argon2i.exp
index fefa459a..c6266140 100644
--- a/test/default/pwhash_argon2i.exp
+++ b/test/default/pwhash_argon2i.exp
@@ -2,10 +2,11 @@
 0bb3769b064b9c43a9460476ab38c4a9a2470d55d4c992c6e723af895e4c07c09af41f22f90eab583a0c362d177f4677f212482fd145bfb9ac6211635e48461122bb49097b5fb0739d2cd22a39bf03d268e7495d4fd8d710aa156202f0a06e932ff513e6e7c76a4e98b6df5cf922f124791b1076ad904e6897271f5d7d24c5929e2a3b836d0f2f2697c2d758ee79bf1264f3fae65f3744e0f6d7d07ef6e8b35b70c0f88e9036325bfb24ac7f550351486da87aef10d6b0cb77d1cf6e31cf98399c6f241c605c6530dffb4764784f6c0b0bf601d4e4431e8b18dabdc3079c6e264302ade79f61cbd5497c95486340bb891a737223100be0429650
 e9aa073b0b872f15c083d1d7ce52c09f493b827ca78f13a06c1721b45b1e17b24c04e19fe869333135360197a7eb55994fee3e8d9680aedfdf7674f3ad7b84d59d7eab03579ffc10c7093093bc48ec84252aa1b30f40f5e838f1443e15e2772a39f4e774eb052097e8881e94f15457b779fa2af2bbc9a993687657c7704ac8a37c25c1df4289eb4c70da45f2fd46bc0f78259767d3dd478a7c369cf866758bc36d9bd8e2e3c9fb0cf7fd6073ebf630c1f67fa7d303c07da40b36749d157ea37965fef810f2ea05ae6fc7d96a8f3470d73e15b22b42e8d6986dbfe5303256b2b3560372c4452ffb2a04fb7c6691489f70cb46831be0679117f7
 2d69359fa2
-eca3d4ff50afb3eac45484526beaca375219fda0781834bd9882bb982f1a9eb53c371cd90eb760603ba556b00a6e592044b41e31acb4add6734fc2083a072042a0800fb713a740bd28d781ae84b1173198c194c0225c023e5a35577fe2c2de8aad8d0bc52aae5bf29220d1e8bbe930acbd8896994264f6ad46caee3a5ee7664ddb9c2993011af42bb50489c278b2403ca2f029e970452bc05eb568b15f29f4065dfa62b54c095fcea523bc61c08ab2bdad3103544ad0e8d3c85e2d57847d
+c121209f0ba70aed93d49200e5dc82cce013cef25ea31e160bf8db3cf448a59d1a56f6c19259e18ea020553cb75781761d112b2d949a297584c65e60df95ad89c4109825a3171dc6f20b1fd6b0cdfd194861bc2b414295bee5c6c52619e544abce7d520659c3d51de2c60e89948d830695ab38dcb75dd7ab06a4770dd4bc7c8f335519e04b038416b1a7dbd25c026786a8105c5ffe7a0931364f0376ae5772be39b51d91d3281464e0f3a128e7155a68e87cf79626ffca0b2a3022fc8420
 91c337ce8918a5805a59b00bd1819d3eb4356807cbd2a80b271c4b482dce03f5b02ae4eb831ff668cbb327b93c300b41da4852e5547bea8342d518dd9311aaeb5f90eccf66d548f9275631f0b1fd4b299cec5d2e86a59e55dc7b3afab6204447b21d1ef1da824abaf31a25a0d6135c4fe81d34a06816c8a6eab19141f5687108500f3719a862af8c5fee36e130c69921e11ce83dfc72c5ec3b862c1bccc5fd63ad57f432fbcca6f9e18d5a59015950cdf053
-d80eaebc3582610cf33d9f733d0261d3b9ca4bf3a38c780e52785e69562a45669f3a74e3f854c5257b999d4977cdb98dd891d903bb7a822280b19767f6e5efaa079815ba6b4e15d44ef7f72ad42f94f6f03f96a8b965ed9dcbffeb96bad2e6e3afd139be5a4c31a7603cbd15ad6ffbf0e7e41400951007d45c5925f39d85b885287a5de5f450a1a5f422cd21ccf6fc7584c09250cd2458d91bffbd6ba6468081e1a8c48745374ffd0c924b5bec672ce8f8dbf8945f75e3ecf7d10914b7c9395a67bea587558706f399ad0167a840149f743df309a1594af583f696cdd16480a3dc9385867407e3
-5ad042aa97d612b73438ff21787b39ecc94adf21829f786909762a4d33597c538095b9156f8ed8114aaef415fe29194dacd06f8a3ab19a54c52d928c4e7df65a818001ed41e8b5decb49ded6f958b3f8ca468617430450f7fdce2ec7bcbe8c8d3e7b7c793428b35387950b4c010bdcb6c4ad89dd4d8a8cd914f7075ef5387627f5ffa427a9f1b184d9b2aee4e40ebe238e9bed0a66dc7260b8a462cfd8796214b1d158cbb0153f
+[tv] pwhash failure (maybe intentional): [6]
+e942951dfbc2d508294b10f9e97b47d0cd04e668a043cb95679cc1139df7c27cd54367688725be9d069f5704c12223e7e4ca181fbd0bed18bb4634795e545a6c04a7306933a41a794baedbb628d41bc285e0b9084055ae136f6b63624c874f5a1e1d8be7b0b7227a171d2d7ed578d88bfdcf18323198962d0dcad4126fd3f21adeb1e11d66252ea0c58c91696e91031bfdcc2a9dc0e028d17b9705ba2d7bcdcd1e3ba75b4b1fea
 9fbbc02a420b00614a49a8e8d89834df368fa54dbef5dce7f9928f4d09f45ce22766598c0c979a707b1df130ab8d63802447923f6e8b89b3c183d71d694161569b1937d8b58f0091fcb8b1f48f2e3f43067bb2498b727fb62cc776ed39219613aa2083619385ec64dfb38f3cda7fddce9cec708a1aa5e9b09d6a5f063cda6c644c5e4a6c1bba9362b27f050984ee3a91bbed69160c95d63c04724f
 28645e1a4f5bc2a58786c87f0d88c2c68047b874b122e2c3936fb6adf26d7ca8fbcb872a8aef282ff202526a91b8ca1d0926c4ae0f5429c342bfd4987916b147ccaa1624bbb2d3f197e56601a541939a1a867ee659515d379d252c8b53aa2297b6008f97bc4a246040b0fb4f46754482884ff04bdade7ffc74989c68ec085de660ef2071db22bacc227d43af282a2336049d78fe0b8ff543628dc8
+[tv3] pwhash_str failure (maybe intentional): [0]
 OK