From 10e42591ac72285736d5cc4ee5e7c2f68dbf1e4b Mon Sep 17 00:00:00 2001
From: Xavier Del Campo Romero <xavi92@disroot.org>
Date: Wed, 8 Oct 2025 13:50:52 +0200
Subject: Replace OpenSSL with libsodium and argon2id

The SHA256-based password hashing algorithm used by slcl(1) and
usergen(1) is considered insecure against several kinds of attacks,
including brute force attacks. [1]

Therefore, a stronger password hashing algorithm based on the Argon2id
key derivation function is now used by default. While OpenSSL does
support Argon2id, it is only supported by very recent versions [2],
which are still not packaged by most distributions as of the time of
this writing. [3]

As an alternative to OpenSSL, libsodium [4] had several benefits:

- It provides easy-to-use functions for password hashing, base64
encoding/decoding and other cryptographic primitives used by slcl(1)
and usergen(1).

- It is packaged by most distributions [5], and most often only the patch
version differs, which ensures good compatibility across distributions.

Unfortunately, and as opposed to OpenSSL, libsodium does not come with
command-line tools. Therefore, usergen(1) had to be rewritten in C.

In order to maintain backwards compatiblity with existing databases,
slcl(1) and usergen(1) shall support the insecure, SHA256-based password
hashing algorithm. However, Argon2id shall now be the default choice for
usergen(1).

[1]: https://security.stackexchange.com/questions/195563/why-is-sha-256-not-good-for-passwords
[2]: https://docs.openssl.org/3.3/man7/EVP_KDF-ARGON2/
[3]: https://repology.org/project/openssl/versions
[4]: https://www.libsodium.org/
[5]: https://repology.org/project/libsodium/versions
---
 README.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 80e850f..685d58c 100644
--- a/README.md
+++ b/README.md
@@ -58,7 +58,6 @@ to `slcl`. If required, encryption should be done before uploading e.g.: using
 (provided as a `git` submodule).
 - [`fdzipstream`](https://github.com/CTrabant/fdzipstream.git)
 (provided as a `git` submodule).
-- `jq` (for [`usergen`](usergen) only).
 - CMake (optional).
 
 ### Ubuntu / Debian
@@ -66,7 +65,7 @@ to `slcl`. If required, encryption should be done before uploading e.g.: using
 #### Mandatory packages
 
 ```sh
-sudo apt install build-essential libcjson-dev libssl-dev m4 jq zlib1g
+sudo apt install build-essential libcjson-dev libssl-dev m4 zlib1g
 ```
 
 #### Optional packages
@@ -176,7 +175,7 @@ schema:
 }
 ```
 
-[`usergen`](usergen) is an interactive script that consumes a directory,
+[`usergen`](usergen) is an interactive program that consumes a directory,
 a username, a password and, optionally, a user quota in MiB. A salt is
 randomly generated using `openssl` and passwords are hashed multiple times
 beforehand - see [`usergen`](usergen) and [`auth.c`](auth.c) for further
-- 
cgit v1.2.3