diff options
Diffstat (limited to 'packages/anastasis-core')
-rw-r--r-- | packages/anastasis-core/package.json | 1 | ||||
-rw-r--r-- | packages/anastasis-core/src/crypto.ts | 34 |
2 files changed, 15 insertions, 20 deletions
diff --git a/packages/anastasis-core/package.json b/packages/anastasis-core/package.json index d45d28129..c3a7106fb 100644 --- a/packages/anastasis-core/package.json +++ b/packages/anastasis-core/package.json @@ -23,7 +23,6 @@ "dependencies": { "@gnu-taler/taler-util": "workspace:*", "fflate": "^0.7.4", - "hash-wasm": "^4.9.0", "tslib": "^2.5.3" }, "ava": { diff --git a/packages/anastasis-core/src/crypto.ts b/packages/anastasis-core/src/crypto.ts index 5e45f995f..3a9483aa1 100644 --- a/packages/anastasis-core/src/crypto.ts +++ b/packages/anastasis-core/src/crypto.ts @@ -26,8 +26,8 @@ import { secretbox_open, hash, bytesToString, + hashArgon2id, } from "@gnu-taler/taler-util"; -import { argon2id } from "hash-wasm"; export type Flavor<T, FlavorT extends string> = T & { _flavor?: `anastasis.${FlavorT}`; @@ -71,15 +71,13 @@ export async function userIdentifierDerive( ): Promise<UserIdentifier> { const canonIdData = canonicalJson(idData); const hashInput = stringToBytes(canonIdData); - const result = await argon2id({ - hashLength: 64, - iterations: 3, - memorySize: 1024 /* kibibytes */, - parallelism: 1, - password: hashInput, - salt: decodeCrock(serverSalt), - outputType: "binary", - }); + const result = await hashArgon2id( + hashInput, // password + decodeCrock(serverSalt), // salt + 3, // iterations + 1024, // memoryLimit (kibibytes) + 64, // hashLength + ); return encodeCrock(result); } @@ -343,15 +341,13 @@ export async function secureAnswerHash( truthUuid: TruthUuid, questionSalt: TruthSalt, ): Promise<SecureAnswerHash> { - const powResult = await argon2id({ - hashLength: 64, - iterations: 3, - memorySize: 1024 /* kibibytes */, - parallelism: 1, - password: stringToBytes(answer), - salt: decodeCrock(questionSalt), - outputType: "binary", - }); + const powResult = await hashArgon2id( + stringToBytes(answer), // password + decodeCrock(questionSalt), // salt + 3, // iterations + 1024, // memorySize (kibibytes) + 64, // hashLength + ); const kdfResult = kdfKw({ outputLength: 64, salt: decodeCrock(truthUuid), |