haskellPackages.cryptonite: Disable Argon2 on aarch64-darwin

A workaround for packages that don't use this hash function.
See https://github.com/haskell-crypto/cryptonite/issues/360
This commit is contained in:
Robert Hensing 2022-03-08 11:55:46 +01:00
parent 27e38e5bce
commit 71f2c74efb
2 changed files with 72 additions and 0 deletions

View file

@ -289,4 +289,7 @@ self: super: ({
# https://github.com/fpco/inline-c/issues/127
inline-c-cpp = dontCheck super.inline-c-cpp;
# https://github.com/haskell-crypto/cryptonite/issues/360
cryptonite = appendPatch ./patches/cryptonite-remove-argon2.patch super.cryptonite;
})

View file

@ -0,0 +1,69 @@
diff --git a/Crypto/KDF/Argon2.hs b/Crypto/KDF/Argon2.hs
index 044ba00..31dc6f1 100644
--- a/Crypto/KDF/Argon2.hs
+++ b/Crypto/KDF/Argon2.hs
@@ -12,6 +12,7 @@
-- File started from Argon2.hs, from Oliver Charles
-- at https://github.com/ocharles/argon2
--
+{-# LANGUAGE DataKinds #-}
module Crypto.KDF.Argon2
(
Options(..)
@@ -32,6 +33,7 @@ import Control.Monad (when)
import Data.Word
import Foreign.C
import Foreign.Ptr
+import Data.Proxy
-- | Which variant of Argon2 to use. You should choose the variant that is most
-- applicable to your intention to hash inputs.
@@ -100,33 +102,12 @@ defaultOptions =
}
hash :: (ByteArrayAccess password, ByteArrayAccess salt, ByteArray out)
- => Options
+ => [Proxy "cryptonite:Crypto.KDF.Argon2.hash is known to be broken on this architecture. See https://github.com/haskell-crypto/cryptonite/issues/360"]
-> password
-> salt
-> Int
-> CryptoFailable out
-hash options password salt outLen
- | saltLen < saltMinLength = CryptoFailed CryptoError_SaltTooSmall
- | outLen < outputMinLength = CryptoFailed CryptoError_OutputLengthTooSmall
- | outLen > outputMaxLength = CryptoFailed CryptoError_OutputLengthTooBig
- | otherwise = CryptoPassed $ B.allocAndFreeze outLen $ \out -> do
- res <- B.withByteArray password $ \pPass ->
- B.withByteArray salt $ \pSalt ->
- argon2_hash (iterations options)
- (memory options)
- (parallelism options)
- pPass
- (csizeOfInt passwordLen)
- pSalt
- (csizeOfInt saltLen)
- out
- (csizeOfInt outLen)
- (cOfVariant $ variant options)
- (cOfVersion $ version options)
- when (res /= 0) $ error "argon2: hash: internal error"
- where
- saltLen = B.length salt
- passwordLen = B.length password
+hash options password salt outLen = error "cryptonite:Crypto.KDF.Argon2.hash is known to be broken on this architecture. See https://github.com/haskell-crypto/cryptonite/issues/360"
data Pass
data Salt
diff --git a/tests/KAT_Argon2.hs b/tests/KAT_Argon2.hs
index a347fc5..fdba079 100644
--- a/tests/KAT_Argon2.hs
+++ b/tests/KAT_Argon2.hs
@@ -32,7 +32,7 @@ kdfTests = zipWith toKDFTest is vectors
where
toKDFTest i v =
testCase (show i)
- (CryptoPassed (kdfResult v) @=? Argon2.hash (kdfOptions v) (kdfPass v) (kdfSalt v) (B.length $ kdfResult v))
+ (pure ())
is :: [Int]
is = [1..]