Argon2i hash is now allowed to overlap with the work area
Fixes #183
Almost all of Monocypher allows arguments to overlap. Users may come to
expect it, and misuse those who don't allow such an overlap. (Chacha20
and AEAD are an exception, but (i) portability concerns prevents us to
allow it properly, and (ii) disallowed overlaps tend to trigger visible
corruptions immediately.)
Before, having the hash coincide with the working area meant the output
was always zero. All passwords have the same hash. Therefore all
passwords are correct. Oops. For the record, I made the mistake, and
caught the bug only days later, by pure luck.
Now overlap is allowed, and gives the right result. Note that the work
area is still wiped. The wipe just happens *before* the final hash is
computed.
projects / Monocypher.git / commit