aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/phpbb/passwords/driver/argon2i.php9
-rw-r--r--phpBB/phpbb/passwords/driver/base_native.php19
2 files changed, 5 insertions, 23 deletions
diff --git a/phpBB/phpbb/passwords/driver/argon2i.php b/phpBB/phpbb/passwords/driver/argon2i.php
index f4a6e3e644..f622ad889b 100644
--- a/phpBB/phpbb/passwords/driver/argon2i.php
+++ b/phpBB/phpbb/passwords/driver/argon2i.php
@@ -38,13 +38,14 @@ class argon2i extends base_native
parent::__construct($config, $helper);
/**
- * For Sodium implementation of argon2 algorithm, set special cost factor values (since PHP 7.4)
+ * For Sodium implementation of argon2 algorithm (since PHP 7.4), set special value of 1 for "threads" cost factor
* See https://wiki.php.net/rfc/sodium.argon.hash and PHPBB3-16266
* Don't allow cost factors to be below default settings where possible
*/
- $this->memory_cost = $this->is_sodium() ? max($memory_cost, 256 * 1024) : max($memory_cost, 1024);
- $this->threads = $this->is_sodium() ? 1 : max($threads, 2);
- $this->time_cost = $this->is_sodium() ? max($time_cost, 3) : max($time_cost, 2);
+ $this->memory_cost = max($memory_cost, PASSWORD_ARGON2_DEFAULT_MEMORY_COST);
+ $this->time_cost = max($time_cost, PASSWORD_ARGON2_DEFAULT_TIME_COST);
+ $this->threads = (defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium') ?
+ PASSWORD_ARGON2_DEFAULT_THREADS : max($threads, PASSWORD_ARGON2_DEFAULT_THREADS);
}
/**
diff --git a/phpBB/phpbb/passwords/driver/base_native.php b/phpBB/phpbb/passwords/driver/base_native.php
index ab2e9f83a4..87498327f9 100644
--- a/phpBB/phpbb/passwords/driver/base_native.php
+++ b/phpBB/phpbb/passwords/driver/base_native.php
@@ -58,25 +58,6 @@ abstract class base_native extends base
}
/**
- * Check if Sodium implementation for argon2 algorithm is being used
- *
- * @link https://wiki.php.net/rfc/sodium.argon.hash
- *
- * @return bool
- */
- public function is_sodium()
- {
- static $is_sodium;
-
- if (!isset($is_sodium))
- {
- $is_sodium = defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium';
- }
-
- return $is_sodium;
- }
-
- /**
* {@inheritdoc}
*/
public function is_supported()
generated by cgit v1.2.1 (git 2.21.0) at 2024-09-23 14:42:15 +0000