mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-09 02:52:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#9206 contrib/passwd/argon2: consolidate libsodium implementation

Browse Source 
* use 'crypto_pwhash_str_alg(..., crypto_pwhash_ALG_ARGON2ID13)' to set
  the algorithm to Argon2.
  According to libsodium's documentation, the original 'crypto_pwhash_str()'
  only guarantees a "memory-hard, CPU-intensive hash function", but not
  necessarily Argon2.  Although in released versions of libsodium Argon2 is
  the only implemented backend, this may chane in the future.
* multiply the 'memory' parameter by 1024 to align it with the libargon2
  implementation. The objective is to have consistent configuration in
  OpenLDAP's pw-argon2 module no matter what backend implementation is used.

Signed-off-by: Peter Marschall <peter@adpm.de>
This commit is contained in:
Peter Marschall 2020-04-07 12:11:38 +02:00 committed by Ryan Tandy
parent 2be4576a0c
commit 40ce9a46c9
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
contrib/slapd-modules/passwd/argon2/pw-argon2.c
View File

@ -128,8 +128,9 @@ slapd_argon2_hash(
AC_MEMCPY( hash->bv_val, scheme->bv_val, scheme->bv_len );
p += scheme->bv_len;
if ( crypto_pwhash_str( p, passwd->bv_val, passwd->bv_len,
iterations, memory ) == 0 ) {
if ( crypto_pwhash_str_alg( p, passwd->bv_val, passwd->bv_len,
iterations, memory * 1024,
crypto_pwhash_ALG_ARGON2ID13 ) == 0 ) {
hash->bv_len = strlen( hash->bv_val );
rc = LUTIL_PASSWD_OK;
}