Argon2 string methods include trailing null byte terminators

[judilsteve]

To reproduce, install the Sodium.Core package from NuGet and use the following in a .NET Core 6.0 app:

using Sodium;

var paddedString = PasswordHash.ArgonHashString(
    somePassword,
    PasswordHash.StrengthArgon.Moderate);
var paddedLength = paddedString.Length; // 128

var trimmedString = paddedString.TrimEnd('\0');
var trimmedStringLength = trimmed.Length; // <128

This is pretty low-impact, since the corresponding ArgonHashStringVerify and ArgonPasswordNeedsRehash methods happily accept the padded strings, but it does cause some oddities for other software. For example, if I store the padded strings in a SQLite database, then DB Browser for SQLite refuses to show them as strings, and instead displays them as byte arrays. I'd imagine that other Argon libraries might throw or do weird things if given one of these padded strings, so there's a potential interop issue there (although the fix is pretty simple; just call TrimEnd('\0') first) .

[samuel-lucas6]

The string is meant to be zero-terminated, as explained here. However, the output could be trimmed and then the input for verification could be made zero-terminated as a workaround.