xref: /freebsd/sys/contrib/libsodium/test/default/pwhash_argon2i.c (revision ccb59683b98360afaf5b5bb641a68fea22c68d0b)
1 
2 #define TEST_NAME "pwhash_argon2i"
3 #include "cmptest.h"
4 
5 #define OUT_LEN 128
6 #define OPSLIMIT 3
7 #define MEMLIMIT 5000000
8 
9 static void
10 tv(void)
11 {
12     static struct {
13         const char *       passwd_hex;
14         size_t             passwd_len;
15         const char *       salt_hex;
16         size_t             outlen;
17         unsigned long long opslimit;
18         size_t             memlimit;
19         unsigned int       lanes;
20     } tests[] = {
21         { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
22           "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
23           "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5"
24           "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
25           127,
26           "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
27           155, 5, 7256678, 1 },
28         { "e125cee61c8cb7778d9e5ad0a6f5d978ce9f84de213a8556d9ffe202020ab4a6ed"
29           "9074a4eb3416f9b168f137510f3a30b70b96cbfa219ff99f6c6eaffb15c06b60e0"
30           "0cc2890277f0fd3c622115772f7048adaebed86e",
31           86,
32           "f1192dd5dc2368b9cd421338b22433455ee0a3699f9379a08b9650ea2c126f0d",
33           250, 4, 7849083, 1 },
34         { "92263cbf6ac376499f68a4289d3bb59e5a22335eba63a32e6410249155b956b6a3"
35           "b48d4a44906b18b897127300b375b8f834f1ceffc70880a885f47c33876717e392"
36           "be57f7da3ae58da4fd1f43daa7e44bb82d3717af4319349c24cd31e46d295856b0"
37           "441b6b289992a11ced1cc3bf3011604590244a3eb737ff221129215e4e4347f491"
38           "5d41292b5173d196eb9add693be5319fdadc242906178bb6c0286c9b6ca6012746"
39           "711f58c8c392016b2fdfc09c64f0f6b6ab7b",
40           183,
41           "3b840e20e9555e9fb031c4ba1f1747ce25cc1d0ff664be676b9b4a90641ff194",
42           249, 3, 7994791, 1 },
43         { "027b6d8e8c8c474e9b69c7d9ed4f9971e8e1ce2f6ba95048414c3970f0f09b70e3"
44           "b6c5ae05872b3d8678705b7d381829c351a5a9c88c233569b35d6b0b809df44b64"
45           "51a9c273f1150e2ef8a0b5437eb701e373474cd44b97ef0248ebce2ca0400e1b53"
46           "f3d86221eca3f18eb45b702b9172440f774a82cbf1f6f525df30a6e293c873cce6"
47           "9bb078ed1f0d31e7f9b8062409f37f19f8550aae",
48           152,
49           "eb2a3056a09ad2d7d7f975bcd707598f24cd32518cde3069f2e403b34bfee8a5", 5,
50           4, 1397645, 1 },
51         { "4a857e2ee8aa9b6056f2424e84d24a72473378906ee04a46cb05311502d5250b82"
52           "ad86b83c8f20a23dbb74f6da60b0b6ecffd67134d45946ac8ebfb3064294bc097d"
53           "43ced68642bfb8bbbdd0f50b30118f5e",
54           82,
55           "39d82eef32010b8b79cc5ba88ed539fbaba741100f2edbeca7cc171ffeabf258",
56           190, 3, 1432947, 1 },
57         { "c7b09aec680e7b42fedd7fc792e78b2f6c1bea8f4a884320b648f81e8cf515e8ba"
58           "9dcfb11d43c4aae114c1734aa69ca82d44998365db9c93744fa28b63fd16000e82"
59           "61cbbe083e7e2da1e5f696bde0834fe53146d7e0e35e7de9920d041f5a5621aabe"
60           "02da3e2b09b405b77937efef3197bd5772e41fdb73fb5294478e45208063b5f58e"
61           "089dbeb6d6342a909c1307b3fff5fe2cf4da56bdae50848f",
62           156,
63           "039c056d933b475032777edbaffac50f143f64c123329ed9cf59e3b65d3f43b6",
64           178, 3, 4886999, 1 },
65         { "b540beb016a5366524d4605156493f9874514a5aa58818cd0c6dfffaa9e90205f1"
66           "7b",
67           34,
68           "44071f6d181561670bda728d43fb79b443bb805afdebaf98622b5165e01b15fb",
69           231, 1, 1631659, 1 },
70         { "a14975c26c088755a8b715ff2528d647cd343987fcf4aa25e7194a8417fb2b4b3f"
71           "7268da9f3182b4cfb22d138b2749d673a47ecc7525dd15a0a3c66046971784bb63"
72           "d7eae24cc84f2631712075a10e10a96b0e0ee67c43e01c423cb9c44e5371017e9c"
73           "496956b632158da3fe12addecb88912e6759bc37f9af2f45af72c5cae3b179ffb6"
74           "76a697de6ebe45cd4c16d4a9d642d29ddc0186a0a48cb6cd62bfc3dd229d313b30"
75           "1560971e740e2cf1f99a9a090a5b283f35475057e96d7064e2e0fc81984591068d"
76           "55a3b4169f22cccb0745a2689407ea1901a0a766eb99",
77           220,
78           "3d968b2752b8838431165059319f3ff8910b7b8ecb54ea01d3f54769e9d98daf",
79           167, 3, 1784128, 1 },
80     };
81     char          passwd[256];
82     unsigned char salt[crypto_pwhash_SALTBYTES];
83     unsigned char out[256];
84     char          out_hex[256 * 2 + 1];
85     size_t        i = 0U;
86 
87     do {
88         sodium_hex2bin((unsigned char *) passwd, sizeof passwd,
89                        tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL,
90                        NULL, NULL);
91         sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex,
92                        strlen(tests[i].salt_hex), NULL, NULL, NULL);
93         if (crypto_pwhash(out, (unsigned long long) tests[i].outlen, passwd,
94                           tests[i].passwd_len, (const unsigned char *) salt,
95                           tests[i].opslimit, tests[i].memlimit,
96                           crypto_pwhash_alg_argon2i13()) != 0) {
97             printf("[tv] pwhash failure (maybe intentional): [%u]\n",
98                    (unsigned int) i);
99             continue;
100         }
101         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
102         printf("%s\n", out_hex);
103     } while (++i < (sizeof tests) / (sizeof tests[0]));
104 }
105 
106 static void
107 tv2(void)
108 {
109     static struct {
110         const char *       passwd_hex;
111         size_t             passwd_len;
112         const char *       salt_hex;
113         size_t             outlen;
114         unsigned long long opslimit;
115         size_t             memlimit;
116         unsigned int       lanes;
117     } tests[] = {
118         { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
119           "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
120           "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5"
121           "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
122           127,
123           "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
124           155, 4, 397645, 1 },
125         { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0"
126           "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d"
127           "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5"
128           "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6",
129           127,
130           "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2",
131           155, 3, 397645, 1 },
132     };
133     char          passwd[256];
134     unsigned char salt[crypto_pwhash_SALTBYTES];
135     unsigned char out[256];
136     char          out_hex[256 * 2 + 1];
137     size_t        i = 0U;
138 
139     do {
140         sodium_hex2bin((unsigned char *) passwd, sizeof passwd,
141                        tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL,
142                        NULL, NULL);
143         sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex,
144                        strlen(tests[i].salt_hex), NULL, NULL, NULL);
145         if (crypto_pwhash(out, (unsigned long long) tests[i].outlen, passwd,
146                           tests[i].passwd_len, (const unsigned char *) salt,
147                           tests[i].opslimit, tests[i].memlimit,
148                           crypto_pwhash_alg_argon2i13()) != 0) {
149             printf("[tv2] pwhash failure: [%u]\n", (unsigned int) i);
150             continue;
151         }
152         sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen);
153         printf("%s\n", out_hex);
154     } while (++i < (sizeof tests) / (sizeof tests[0]));
155 
156     if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 3,
157                       1ULL << 12, 0) != -1) {
158         printf("[tv2] pwhash should have failed (0)\n");
159     }
160     if (crypto_pwhash_argon2i(out, sizeof out, "password", strlen("password"), salt, 3,
161                               1ULL << 12, 0) != -1) {
162         printf("[tv2] pwhash should have failed (0')\n");
163     }
164     if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 3,
165                       1, crypto_pwhash_alg_argon2i13()) != -1) {
166         printf("[tv2] pwhash should have failed (1)\n");
167     }
168     if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 3,
169                       1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
170         printf("[tv2] pwhash should have failed (2)\n");
171     }
172     if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 2,
173                       1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
174         printf("[tv2] pwhash should have failed (3)\n");
175     }
176     if (crypto_pwhash(out, 15, "password", strlen("password"), salt, 3,
177                       1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
178         printf("[tv2] pwhash with a short output length should have failed\n");
179     }
180     if (crypto_pwhash(out, sizeof out, "password", 0x100000000ULL, salt, 3,
181                       1ULL << 12, crypto_pwhash_alg_argon2i13()) != -1) {
182         printf("[tv2] pwhash with a long password length should have failed\n");
183     }
184     assert(crypto_pwhash_argon2i(out, sizeof out, "password", strlen("password"), salt,
185                                  OPSLIMIT, MEMLIMIT, crypto_pwhash_alg_argon2id13()) == -1);
186 }
187 
188 static void
189 tv3(void)
190 {
191     static struct {
192         const char *passwd;
193         const char *out;
194     } tests[] = {
195         { "",
196           "$argon2i$v=19$m=4096,t=1,p=1$X1NhbHQAAAAAAAAAAAAAAA$bWh++"
197           "MKN1OiFHKgIWTLvIi1iHicmHH7+Fv3K88ifFfI" },
198         { "",
199           "$argon2i$v=19$m=2048,t=4,p=1$SWkxaUhpY21ISDcrRnYzSw$Mbg/"
200           "Eck1kpZir5T9io7C64cpffdTBaORgyriLQFgQj8" },
201         { "^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg ",
202           "$argon2i$v=19$m=4096,t=3,p=2$X1NhbHQAAAAAAAAAAAAAAA$z/QMiU4lQxGsYNc/"
203           "+K/bizwsA1P11UG2dj/7+aILJ4I" },
204         { "K3S=KyH#)36_?]LxeR8QNKw6X=gFbxai$C%29V*",
205           "$argon2i$v=19$m=4096,t=3,p=1$X1NhbHQAAAAAAAAAAAAAAA$fu2Wsecyt+"
206           "yPnBvSvYN16oP5ozRmkp0ixJ1YL19V3Uo" }
207     };
208     char   *out;
209     char   *passwd;
210     size_t  i = 0U;
211     int     ret;
212 
213     do {
214         out = (char *) sodium_malloc(strlen(tests[i].out) + 1U);
215         assert(out != NULL);
216         memcpy(out, tests[i].out, strlen(tests[i].out) + 1U);
217         passwd = (char *) sodium_malloc(strlen(tests[i].passwd) + 1U);
218         assert(passwd != NULL);
219         memcpy(passwd, tests[i].passwd, strlen(tests[i].passwd) + 1U);
220         ret = crypto_pwhash_str_verify(out, passwd, strlen(passwd));
221         sodium_free(out);
222         sodium_free(passwd);
223         if (ret != 0) {
224             printf("[tv3] pwhash_str failure (maybe intentional): [%u]\n",
225                    (unsigned int) i);
226         }
227     } while (++i < (sizeof tests) / (sizeof tests[0]));
228 }
229 
230 static void
231 str_tests(void)
232 {
233     char       *str_out;
234     char       *str_out2;
235     char       *salt;
236     const char *passwd = "Correct Horse Battery Staple";
237 
238     salt     = (char *) sodium_malloc(crypto_pwhash_SALTBYTES);
239     str_out  = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
240     str_out2 = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
241     memcpy(salt, ">A 16-bytes salt", crypto_pwhash_SALTBYTES);
242     if (crypto_pwhash_argon2i_str(str_out, passwd, strlen(passwd), OPSLIMIT,
243                                   MEMLIMIT) != 0) {
244         printf("pwhash_argon2i_str failure\n");
245     }
246     if (crypto_pwhash_argon2i_str(str_out2, passwd, strlen(passwd), OPSLIMIT,
247                                   MEMLIMIT) != 0) {
248         printf("pwhash_argon2i_str(2) failure\n");
249     }
250     if (strcmp(str_out, str_out2) == 0) {
251         printf("pwhash_argon2i_str() doesn't generate different salts\n");
252     }
253     if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) != 0) {
254         printf("needs_rehash() false positive\n");
255     }
256     if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1 ||
257         crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT / 2, MEMLIMIT) != 1 ||
258         crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != 1 ||
259         crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT * 2, MEMLIMIT) != 1) {
260         printf("needs_rehash() false negative\n");
261     }
262     if (crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1) {
263         printf("pwhash_str_needs_rehash() didn't handle argon2i\n");
264     }
265     if (crypto_pwhash_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1 ||
266         crypto_pwhash_argon2i_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1) {
267         printf("needs_rehash() didn't fail with an invalid hash string\n");
268     }
269     if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out),
270                        crypto_pwhash_STRBYTES - strlen(str_out)) != 1 ||
271         sodium_is_zero((const unsigned char *) str_out2 + strlen(str_out2),
272                        crypto_pwhash_STRBYTES - strlen(str_out2)) != 1) {
273         printf("pwhash_str() doesn't properly pad with zeros\n");
274     }
275     if (crypto_pwhash_argon2i_str_verify(str_out, passwd, strlen(passwd)) != 0) {
276         printf("pwhash_str_verify(1) failure\n");
277     }
278     str_out[14]++;
279     if (crypto_pwhash_argon2i_str_verify(str_out, passwd, strlen(passwd)) != -1) {
280         printf("pwhash_str_verify(2) failure\n");
281     }
282     str_out[14]--;
283     assert(str_out[crypto_pwhash_STRBYTES - 1U] == 0);
284 
285     if (crypto_pwhash_argon2i_str(str_out2, passwd, 0x100000000ULL, OPSLIMIT,
286                                   MEMLIMIT) != -1) {
287         printf("pwhash_str() with a large password should have failed\n");
288     }
289     if (crypto_pwhash_argon2i_str(str_out2, passwd, strlen(passwd), 1, MEMLIMIT) !=
290         -1) {
291         printf("pwhash_str() with a small opslimit should have failed\n");
292     }
293     if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
294                                          "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
295                                          "password", 0x100000000ULL) != -1) {
296         printf("pwhash_str_verify(invalid(0)) failure\n");
297     }
298     if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ"
299                                  "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
300                                  "password", strlen("password")) != -1) {
301         printf("pwhash_str_verify(invalid(1)) failure %d\n", errno);
302     }
303     if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
304                                          "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
305                                          "password", strlen("password")) != -1) {
306         printf("pwhash_str_verify(invalid(2)) failure\n");
307     }
308     if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
309                                  "$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo",
310                                  "password", strlen("password")) != -1) {
311         printf("pwhash_str_verify(invalid(3)) failure\n");
312     }
313     if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1c29tZXNhbHQ"
314                                  "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
315                                  "password", strlen("password")) != -1) {
316         printf("pwhash_str_verify(invalid(4)) failure\n");
317     }
318     if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
319                                  "wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
320                                  "password", strlen("password")) != -1) {
321         printf("pwhash_str_verify(invalid(5)) failure\n");
322     }
323     if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
324                                  "$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM",
325                                  "password", strlen("password")) != -1) {
326         printf("pwhash_str_verify(invalid(6)) failure\n");
327     }
328     if (crypto_pwhash_str_verify(
329             "$argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
330             "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
331             "password", strlen("password")) != 0) {
332         printf("pwhash_str_verify(valid(7)) failure\n");
333     }
334     if (crypto_pwhash_str_verify(
335             "$argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
336             "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
337             "passwore", strlen("passwore")) != -1 || errno != EINVAL) {
338         printf("pwhash_str_verify(invalid(7)) failure\n");
339     }
340     if (crypto_pwhash_str_verify(
341             "$Argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
342             "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
343             "password", strlen("password")) != -1 || errno != EINVAL) {
344         printf("pwhash_str_verify(invalid(8)) failure\n");
345     }
346     if (crypto_pwhash_str_verify(
347             "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
348             "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
349             "password", strlen("password")) != -1 || errno != EINVAL) {
350         printf("pwhash_str_verify(invalid(9)) failure\n");
351     }
352     if (crypto_pwhash_str_verify(
353             "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVla~=mRpc29kaXNrdw"
354             "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M",
355             "password", strlen("password")) != -1 || errno != EINVAL) {
356         printf("pwhash_str_verify(invalid(10)) failure\n");
357     }
358     if (crypto_pwhash_str_verify(
359             "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw"
360             "$TNnWIwlu1061JHrnCqIAmjs3huSxYI~=U+0jWipu7Kc9M",
361             "password", strlen("password")) != -1 || errno != EINVAL) {
362         printf("pwhash_str_verify(invalid(11)) failure\n");
363     }
364     assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
365                                  crypto_pwhash_ALG_ARGON2I13) == 0);
366     assert(crypto_pwhash_argon2i_str_verify(str_out, "test", 4) == 0);
367     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
368                                                   OPSLIMIT, MEMLIMIT) == 0);
369     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
370                                                   OPSLIMIT / 2, MEMLIMIT) == 1);
371     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
372                                                   OPSLIMIT, MEMLIMIT / 2) == 1);
373     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == 1);
374     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1);
375     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out + 1,
376                                                   OPSLIMIT, MEMLIMIT) == -1);
377     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1);
378     assert(crypto_pwhash_argon2id_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
379     assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
380                                  crypto_pwhash_ALG_ARGON2ID13) == 0);
381     assert(crypto_pwhash_argon2id_str_verify(str_out, "test", 4) == 0);
382     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
383                                                    OPSLIMIT, MEMLIMIT) == 0);
384     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
385                                                    OPSLIMIT / 2, MEMLIMIT) == 1);
386     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
387                                                    OPSLIMIT, MEMLIMIT / 2) == 1);
388     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == 1);
389     assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == -1);
390     assert(crypto_pwhash_argon2id_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
391     assert(crypto_pwhash_argon2id_str_needs_rehash(str_out + 1,
392                                                    OPSLIMIT, MEMLIMIT) == -1);
393     sodium_free(salt);
394     sodium_free(str_out);
395     sodium_free(str_out2);
396 }
397 
398 int
399 main(void)
400 {
401     tv();
402     tv2();
403     tv3();
404     str_tests();
405 
406     assert(crypto_pwhash_argon2i_bytes_min() > 0U);
407     assert(crypto_pwhash_argon2i_bytes_max() > crypto_pwhash_argon2i_bytes_min());
408     assert(crypto_pwhash_argon2i_passwd_max() > crypto_pwhash_argon2i_passwd_min());
409     assert(crypto_pwhash_argon2i_saltbytes() > 0U);
410     assert(crypto_pwhash_argon2i_strbytes() > 1U);
411     assert(crypto_pwhash_argon2i_strbytes() > strlen(crypto_pwhash_argon2i_strprefix()));
412 
413     assert(crypto_pwhash_argon2i_opslimit_min() > 0U);
414     assert(crypto_pwhash_argon2i_opslimit_max() > 0U);
415     assert(crypto_pwhash_argon2i_memlimit_min() > 0U);
416     assert(crypto_pwhash_argon2i_memlimit_max() > 0U);
417     assert(crypto_pwhash_argon2i_opslimit_interactive() > 0U);
418     assert(crypto_pwhash_argon2i_memlimit_interactive() > 0U);
419     assert(crypto_pwhash_argon2i_opslimit_moderate() > 0U);
420     assert(crypto_pwhash_argon2i_memlimit_moderate() > 0U);
421     assert(crypto_pwhash_argon2i_opslimit_sensitive() > 0U);
422     assert(crypto_pwhash_argon2i_memlimit_sensitive() > 0U);
423 
424     assert(crypto_pwhash_argon2i_bytes_min() == crypto_pwhash_argon2i_BYTES_MIN);
425     assert(crypto_pwhash_argon2i_bytes_max() == crypto_pwhash_argon2i_BYTES_MAX);
426     assert(crypto_pwhash_argon2i_passwd_min() == crypto_pwhash_argon2i_PASSWD_MIN);
427     assert(crypto_pwhash_argon2i_passwd_max() == crypto_pwhash_argon2i_PASSWD_MAX);
428     assert(crypto_pwhash_argon2i_saltbytes() == crypto_pwhash_argon2i_SALTBYTES);
429     assert(crypto_pwhash_argon2i_strbytes() == crypto_pwhash_argon2i_STRBYTES);
430 
431     assert(crypto_pwhash_argon2i_opslimit_min() == crypto_pwhash_argon2i_OPSLIMIT_MIN);
432     assert(crypto_pwhash_argon2i_opslimit_max() == crypto_pwhash_argon2i_OPSLIMIT_MAX);
433     assert(crypto_pwhash_argon2i_memlimit_min() == crypto_pwhash_argon2i_MEMLIMIT_MIN);
434     assert(crypto_pwhash_argon2i_memlimit_max() == crypto_pwhash_argon2i_MEMLIMIT_MAX);
435     assert(crypto_pwhash_argon2i_opslimit_interactive() ==
436            crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE);
437     assert(crypto_pwhash_argon2i_memlimit_interactive() ==
438            crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE);
439     assert(crypto_pwhash_argon2i_opslimit_moderate() ==
440            crypto_pwhash_argon2i_OPSLIMIT_MODERATE);
441     assert(crypto_pwhash_argon2i_memlimit_moderate() ==
442            crypto_pwhash_argon2i_MEMLIMIT_MODERATE);
443     assert(crypto_pwhash_argon2i_opslimit_sensitive() ==
444            crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE);
445     assert(crypto_pwhash_argon2i_memlimit_sensitive() ==
446            crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE);
447 
448     assert(crypto_pwhash_argon2i_alg_argon2i13() == crypto_pwhash_argon2i_ALG_ARGON2I13);
449 
450     printf("OK\n");
451 
452     return 0;
453 }
454