pkgs/development/haskell-modules/patches/cryptonite-remove-argon2.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

diff --git a/Crypto/KDF/Argon2.hs b/Crypto/KDF/Argon2.hs
index 044ba00..31dc6f1 100644
--- a/Crypto/KDF/Argon2.hs
+++ b/Crypto/KDF/Argon2.hs
@@ -12,6 +12,7 @@
 -- File started from Argon2.hs, from Oliver Charles
 -- at https://github.com/ocharles/argon2
 --
+{-# LANGUAGE DataKinds #-}
 module Crypto.KDF.Argon2
     (
       Options(..)
@@ -32,6 +33,7 @@ import           Control.Monad (when)
 import           Data.Word
 import           Foreign.C
 import           Foreign.Ptr
+import           Data.Proxy
 
 -- | Which variant of Argon2 to use. You should choose the variant that is most
 -- applicable to your intention to hash inputs.
@@ -100,33 +102,12 @@ defaultOptions =
             }
 
 hash :: (ByteArrayAccess password, ByteArrayAccess salt, ByteArray out)
-     => Options
+     => [Proxy "cryptonite:Crypto.KDF.Argon2.hash is known to be broken on this architecture. See https://github.com/haskell-crypto/cryptonite/issues/360"]
      -> password
      -> salt
      -> Int
      -> CryptoFailable out
-hash options password salt outLen
-    | saltLen < saltMinLength  = CryptoFailed CryptoError_SaltTooSmall
-    | outLen < outputMinLength = CryptoFailed CryptoError_OutputLengthTooSmall
-    | outLen > outputMaxLength = CryptoFailed CryptoError_OutputLengthTooBig
-    | otherwise                = CryptoPassed $ B.allocAndFreeze outLen $ \out -> do
-        res <- B.withByteArray password $ \pPass ->
-               B.withByteArray salt     $ \pSalt ->
-                    argon2_hash (iterations options)
-                                (memory options)
-                                (parallelism options)
-                                pPass
-                                (csizeOfInt passwordLen)
-                                pSalt
-                                (csizeOfInt saltLen)
-                                out
-                                (csizeOfInt outLen)
-                                (cOfVariant $ variant options)
-                                (cOfVersion $ version options)
-        when (res /= 0) $ error "argon2: hash: internal error"
-  where
-    saltLen = B.length salt
-    passwordLen = B.length password
+hash options password salt outLen = error "cryptonite:Crypto.KDF.Argon2.hash is known to be broken on this architecture. See https://github.com/haskell-crypto/cryptonite/issues/360"
 
 data Pass
 data Salt
diff --git a/tests/KAT_Argon2.hs b/tests/KAT_Argon2.hs
index a347fc5..fdba079 100644
--- a/tests/KAT_Argon2.hs
+++ b/tests/KAT_Argon2.hs
@@ -32,7 +32,7 @@ kdfTests = zipWith toKDFTest is vectors
   where
     toKDFTest i v =
         testCase (show i)
-            (CryptoPassed (kdfResult v) @=? Argon2.hash (kdfOptions v) (kdfPass v) (kdfSalt v) (B.length $ kdfResult v))
+            (pure ())
 
     is :: [Int]
     is = [1..]