From fdcb4ca9a0413e583af8006e85423e6324d82440 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Vaz Date: Mon, 5 Aug 2024 16:48:07 -0300 Subject: [PATCH 1/7] Remove Argon2PasswordHasher from index.js --- index.js | 51 --------------------------------------------------- 1 file changed, 51 deletions(-) diff --git a/index.js b/index.js index 76620cf..d1901af 100644 --- a/index.js +++ b/index.js @@ -88,57 +88,6 @@ module.exports.getHasher = function(algorithm) { } }; - -module.exports.Argon2PasswordHasher = function() { - this.algorithm = "argon2"; - this.version = 19; - this.time_cost = 2; - this.memory_cost = 512; - this.parallelism_value = 2; - this.hash_length = 16; - - this.salt = async function() { - return await randomBytes(32) - } - - this.encode = async function(password) { - const options = { - timeCost: this.time_cost, - memoryCost: this.memory_cost, - parallelism: this.parallelism_value, - hashLength: this.hash_length - }; - - const salt = await this.salt(); - const hash = await argon2.hash(password, salt, options); - return this.algorithm + hash; - } - - this.verify = async function(password, hash_password) { - hash_password = hash_password.substring(this.algorithm.length, hash_password.length); - return await argon2.verify(hash_password, password); - } - - this.mustUpdate = function(hash_password) { - const parts = hash_password.split('$'); - if (parts[0] !== this.algorithm) { - return true; - } - - if (parts[2] !== this.version) { - return true; - } - - const options = "m=" + this.memory_cost + ",t=" + this.time_cost + ",p=" + this.parallelism_value; - if (options !== parts[3]) { - return true; - } - - return false; - } -}; - - module.exports.PBKDF2PasswordHasher = function() { this.algorithm = "pbkdf2_sha256"; this.iterations = 120000; From bdcc32f176c5e2541c1a6f77e7ace99535204ddf Mon Sep 17 00:00:00 2001 From: Paulo Henrique Vaz Date: Mon, 5 Aug 2024 16:48:09 -0300 Subject: [PATCH 2/7] Remove argon2-ffi dependency from package.json --- package.json | 1 - 1 file changed, 1 deletion(-) diff --git a/package.json b/package.json index 1ab8bfd..9b6ca70 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,6 @@ "name": "node-django-hashers", "version": "1.1.6", "dependencies": { - "argon2-ffi": "^1.1.0", "assert": "^1.4.1", "bcryptjs": "^2.3.0", "node-gyp": "^3.7.0" From 3659df886e086b48b698ff49417ac5a52f7d3c22 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Vaz Date: Mon, 5 Aug 2024 16:48:11 -0300 Subject: [PATCH 3/7] Remove redundant argon2 test case --- test/index.test.js | 6 ------ 1 file changed, 6 deletions(-) diff --git a/test/index.test.js b/test/index.test.js index 5cb80bb..e880e20 100644 --- a/test/index.test.js +++ b/test/index.test.js @@ -34,12 +34,6 @@ describe('getHashers test with all hashing algorithms', () => { assert.strictEqual(h, 'pbkdf2_sha256', 'Testing pbkdf2_sha256 from Django'); }); - it ('testing argon2', () => { - const hash_password = "argon2$argon2i$v=19$m=512,t=2,p=2$UXZPOFhoSUxrWmhQ$CCPcRG8t+LOJB8H1zL+Prw"; - const h = hashers.identifyHasher(hash_password); - assert.strictEqual(h, 'argon2', 'Testing argon2 from Django'); - }); - it ('testing pbkdf2_sha1', () => { const hash_password = "pbkdf2_sha1$36000$P6Y4I7YXzZpB$LrWCTPqWtIdPFYY5jt+w56QJGR0="; const h = hashers.identifyHasher(hash_password); From 1314b6eb1771836bfdede8a1cd8f7a0b21588934 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Vaz Date: Mon, 5 Aug 2024 19:45:46 -0300 Subject: [PATCH 4/7] Remove unused argon2 library import --- index.js | 1 - 1 file changed, 1 deletion(-) diff --git a/index.js b/index.js index d1901af..becd717 100644 --- a/index.js +++ b/index.js @@ -5,7 +5,6 @@ const bcrypt = require('bcryptjs'); const crypto = require('crypto'); -const argon2 = require('argon2-ffi').argon2i; const util = require('util'); const randomBytes = util.promisify(crypto.randomBytes); From 8fb0503965bf3cbcd0b059f6a9712270347ecfe0 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Vaz Date: Mon, 5 Aug 2024 19:48:45 -0300 Subject: [PATCH 5/7] Remove Argon2PasswordHasher from README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index ed2a388..ffdd6b6 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,6 @@ All password hashing algorithms for Django implemented in javascript for nodejs 6. MD5PasswordHasher 7. UnsaltedSHA1PasswordHasher 8. UnsaltedMD5PasswordHasher -9. Argon2PasswordHasher # Usage From 93dba96f0a32dfc51eb5ae3a6d8e2440aa238176 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Vaz Date: Mon, 5 Aug 2024 19:48:46 -0300 Subject: [PATCH 6/7] Remove Argon2 password hashing algorithm --- index.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/index.js b/index.js index becd717..8afc3e9 100644 --- a/index.js +++ b/index.js @@ -49,10 +49,6 @@ module.exports.getHasher = function(algorithm) { return new this.PBKDF2PasswordHasher(); } - case "argon2": { - return new this.Argon2PasswordHasher(); - } - case "pbkdf2_sha1": { return new this.PBKDF2SHA1PasswordHasher(); } From 29e3172172092e30904eef4dbe9aa797c6677c5e Mon Sep 17 00:00:00 2001 From: Paulo Henrique Vaz Date: Mon, 5 Aug 2024 19:48:47 -0300 Subject: [PATCH 7/7] Remove redundant argon2 encoding test case --- test/index.test.js | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/test/index.test.js b/test/index.test.js index e880e20..4cd73d2 100644 --- a/test/index.test.js +++ b/test/index.test.js @@ -88,14 +88,7 @@ describe('Test all password hashing algorithms encode and verify methods', () => const verify = await h.verify('password', hashPassword); assert.strictEqual(verify, true, 'Testing pbkdf2_sha256 encode and verify from Django'); }); - - it ('testing argon2 encode', async () => { - const h = new hashers.Argon2PasswordHasher(); - const hashPassword = await h.encode('password'); - const verify = await h.verify('password', hashPassword); - assert.strictEqual(verify, true, 'Testing argon2 encode and verify from Django'); - }); - + it ('testing pbkdf2_sha1 encode', async () => { const h = new hashers.PBKDF2SHA1PasswordHasher(); const hashPassword = await h.encode('password');