ext/phc-winner-argon2/src/test.c in argon2-1.1.1 vs ext/phc-winner-argon2/src/test.c in argon2-1.1.2

@@ -1,5 +1,22 @@
+/*
+ * Argon2 reference source code package - reference C implementations
+ *
+ * Copyright 2015
+ * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
+ *
+ * You may use this work under the terms of a Creative Commons CC0 1.0 
+ * License/Waiver or the Apache Public License 2.0, at your option. The terms of
+ * these licenses can be found at:
+ *
+ * - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
+ * - Apache 2.0        : http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * You should have received a copy of both of these licenses along with this
+ * software. If not, they may be obtained at the above URLs.
+ */
+
 #include <stdio.h>
 #include <stdint.h>
 #include <inttypes.h>
 #include <stdlib.h>
 #include <string.h>
@@ -109,13 +126,20 @@
 
     /* Handle an invalid encoding correctly (it is missing a $) */
     ret = argon2_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
                         "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
                         "password", strlen("password"), Argon2_i);
-    assert(ret == ARGON2_OUTPUT_TOO_SHORT);
+    assert(ret == ARGON2_DECODING_FAIL);
     printf("Recognise an invalid encoding: PASS\n");
 
+    /* Handle an invalid encoding correctly (salt is too short) */
+    ret = argon2_verify("$argon2i$m=65536,t=2,p=1$"
+                        "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
+                        "password", strlen("password"), Argon2_i);
+    assert(ret == ARGON2_SALT_TOO_SHORT);
+    printf("Recognise an invalid salt in encoding: PASS\n");
+
     /* Handle an mismatching hash (the encoded password is "passwore") */
     ret = argon2_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
                         "$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo",
                         "password", strlen("password"), Argon2_i);
     assert(ret == ARGON2_VERIFY_MISMATCH);
@@ -181,11 +205,18 @@
 
     /* Handle an invalid encoding correctly (it is missing a $) */
     ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
                         "wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
                         "password", strlen("password"), Argon2_i);
-    assert(ret == ARGON2_OUTPUT_TOO_SHORT);
+    assert(ret == ARGON2_DECODING_FAIL);
     printf("Recognise an invalid encoding: PASS\n");
+
+    /* Handle an invalid encoding correctly (salt is too short) */
+    ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$"
+                        "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
+                        "password", strlen("password"), Argon2_i);
+    assert(ret == ARGON2_SALT_TOO_SHORT);
+    printf("Recognise an invalid salt in encoding: PASS\n");
 
     /* Handle an mismatching hash (the encoded password is "passwore") */
     ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
                         "$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM",
                         "password", strlen("password"), Argon2_i);