1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
|
From f65956e4fb4dc15ba8129e69b13a2cd758e85f46 Mon Sep 17 00:00:00 2001
From: Sara Golemon <pollita@php.net>
Date: Tue, 9 Jul 2019 11:18:13 -0400
Subject: [PATCH] Relax argon2 mem_cost down to 64k, bump time_cost to 4
---
ext/sodium/sodium_pwhash.c | 5 ++---
.../tests/php_password_hash_argon2i.phpt | 18 +++++++++---------
.../tests/php_password_hash_argon2id.phpt | 19 ++++++++++---------
ext/standard/php_password.h | 7 ++-----
.../password_needs_rehash_argon2.phpt | 14 +++++---------
5 files changed, 28 insertions(+), 35 deletions(-)
diff --git a/ext/sodium/sodium_pwhash.c b/ext/sodium/sodium_pwhash.c
index d615a24ab6e2..7b7f574e173a 100644
--- a/ext/sodium/sodium_pwhash.c
+++ b/ext/sodium/sodium_pwhash.c
@@ -29,7 +29,6 @@
#if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6)
/**
- * OPSLIMIT and MEMLIMIT are taken from libsodium's MODERATE values.
* MEMLIMIT is normalized to KB even though sodium uses Bytes in order to
* present a consistent user-facing API.
*
@@ -37,8 +36,8 @@
*
* When updating these values, synchronize ext/standard/php_password.h values.
*/
-#define PHP_SODIUM_PWHASH_MEMLIMIT (256 << 10)
-#define PHP_SODIUM_PWHASH_OPSLIMIT 3
+#define PHP_SODIUM_PWHASH_MEMLIMIT (64 << 10)
+#define PHP_SODIUM_PWHASH_OPSLIMIT 4
#define PHP_SODIUM_PWHASH_THREADS 1
static zend_string *php_sodium_argon2_hash(const zend_string *password, zend_array *options, int alg) {
diff --git a/ext/sodium/tests/php_password_hash_argon2i.phpt b/ext/sodium/tests/php_password_hash_argon2i.phpt
index 9ce6c7399eee..4522e6d1753a 100644
--- a/ext/sodium/tests/php_password_hash_argon2i.phpt
+++ b/ext/sodium/tests/php_password_hash_argon2i.phpt
@@ -36,38 +36,38 @@ foreach([1, 2, 4] as $mem) {
--EXPECTF--
Argon2 provider: string(%d) "%s"
Using password: string(44) "%s"
-Hash: string(97) "$argon2i$v=19$m=262144,t=3,p=1$%s$%s"
+Hash: string(96) "$argon2i$v=19$m=65536,t=4,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(97) "$argon2i$v=19$m=262144,t=6,p=1$%s$%s"
+Hash: string(96) "$argon2i$v=19$m=65536,t=8,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(98) "$argon2i$v=19$m=262144,t=12,p=1$%s$%s"
+Hash: string(97) "$argon2i$v=19$m=65536,t=16,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(97) "$argon2i$v=19$m=524288,t=3,p=1$%s$%s"
+Hash: string(97) "$argon2i$v=19$m=131072,t=4,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(97) "$argon2i$v=19$m=524288,t=6,p=1$%s$%s"
+Hash: string(97) "$argon2i$v=19$m=131072,t=8,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(98) "$argon2i$v=19$m=524288,t=12,p=1$%s$%s"
+Hash: string(98) "$argon2i$v=19$m=131072,t=16,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(98) "$argon2i$v=19$m=1048576,t=3,p=1$%s$%s"
+Hash: string(97) "$argon2i$v=19$m=262144,t=4,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(98) "$argon2i$v=19$m=1048576,t=6,p=1$%s$%s"
+Hash: string(97) "$argon2i$v=19$m=262144,t=8,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(99) "$argon2i$v=19$m=1048576,t=12,p=1$%s$%s"
+Hash: string(98) "$argon2i$v=19$m=262144,t=16,p=1$%s$%s"
bool(true)
bool(false)
diff --git a/ext/sodium/tests/php_password_hash_argon2id.phpt b/ext/sodium/tests/php_password_hash_argon2id.phpt
index e6d4c1ee80a9..db5145718b8f 100644
--- a/ext/sodium/tests/php_password_hash_argon2id.phpt
+++ b/ext/sodium/tests/php_password_hash_argon2id.phpt
@@ -36,38 +36,39 @@ foreach([1, 2, 4] as $mem) {
--EXPECTF--
Argon2 provider: string(%d) "%s"
Using password: string(44) "%s"
-Hash: string(98) "$argon2id$v=19$m=262144,t=3,p=1$%s$%s"
+Hash: string(97) "$argon2id$v=19$m=65536,t=4,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(98) "$argon2id$v=19$m=262144,t=6,p=1$%s$%s"
+Hash: string(97) "$argon2id$v=19$m=65536,t=8,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(99) "$argon2id$v=19$m=262144,t=12,p=1$%s$%s"
+Hash: string(98) "$argon2id$v=19$m=65536,t=16,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(98) "$argon2id$v=19$m=524288,t=3,p=1$%s$%s"
+Hash: string(98) "$argon2id$v=19$m=131072,t=4,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(98) "$argon2id$v=19$m=524288,t=6,p=1$%s$%s"
+Hash: string(98) "$argon2id$v=19$m=131072,t=8,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(99) "$argon2id$v=19$m=524288,t=12,p=1$%s$%s"
+Hash: string(99) "$argon2id$v=19$m=131072,t=16,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(99) "$argon2id$v=19$m=1048576,t=3,p=1$%s$%s"
+Hash: string(98) "$argon2id$v=19$m=262144,t=4,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(99) "$argon2id$v=19$m=1048576,t=6,p=1$%s$%s"
+Hash: string(98) "$argon2id$v=19$m=262144,t=8,p=1$%s$%s"
bool(true)
bool(false)
Using password: string(44) "%s"
-Hash: string(100) "$argon2id$v=19$m=1048576,t=12,p=1$%s$%s"
+Hash: string(99) "$argon2id$v=19$m=262144,t=16,p=1$%s$%s"
bool(true)
bool(false)
+
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index ce3fdba6bbc4..97a6bf63a21e 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -34,14 +34,11 @@ PHP_MSHUTDOWN_FUNCTION(password);
#if HAVE_ARGON2LIB
/**
- * OPSLIMIT and MEMLIMIT are taken from libsodium's MODERATE values.
- * Threads are fixed at 1 by libsodium.
- *
* When updating these values, synchronize ext/sodium/sodium_pwhash.c values.
* Note that libargon expresses memlimit in KB, while libsoidum uses bytes.
*/
-#define PHP_PASSWORD_ARGON2_MEMORY_COST (256 << 10)
-#define PHP_PASSWORD_ARGON2_TIME_COST 3
+#define PHP_PASSWORD_ARGON2_MEMORY_COST (64 << 10)
+#define PHP_PASSWORD_ARGON2_TIME_COST 4
#define PHP_PASSWORD_ARGON2_THREADS 1
#endif
diff --git a/ext/standard/tests/password/password_needs_rehash_argon2.phpt b/ext/standard/tests/password/password_needs_rehash_argon2.phpt
index 9552be1dc924..69588d02ad4a 100644
--- a/ext/standard/tests/password/password_needs_rehash_argon2.phpt
+++ b/ext/standard/tests/password/password_needs_rehash_argon2.phpt
@@ -10,24 +10,20 @@ if (!defined('PASSWORD_ARGON2ID')) die('skip password_hash not built with Argon2
$hash = password_hash('test', PASSWORD_ARGON2I);
var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['memory_cost' => 1<<17]));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['time_cost' => 4]));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['threads' => 4]));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST * 2]));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST + 1]));
$hash = password_hash('test', PASSWORD_ARGON2ID);
var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['memory_cost' => 1<<17]));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['time_cost' => 4]));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['threads' => 4]));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST * 2]));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST + 1]));
+
echo "OK!";
-?>
--EXPECT--
bool(false)
bool(true)
bool(true)
-bool(true)
bool(false)
bool(true)
bool(true)
-bool(true)
OK!
From db0eaa8cf1cbeeec5968a5f91a416541d354ccfe Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Wed, 10 Jul 2019 09:00:41 +0200
Subject: [PATCH] improve libargon2/libsodium compatibility
---
ext/standard/password.c | 15 +++++++++++++++
ext/standard/tests/password/bug75221.phpt | 2 +-
.../password/password_hash_error_argon2.phpt | 4 ++--
3 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/ext/standard/password.c b/ext/standard/password.c
index aacb30e61cb7..a12590c0e083 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -571,6 +571,21 @@ static const php_password_algo* php_password_algo_find_zval_ex(zval *arg, const
#if HAVE_ARGON2LIB
case 2: return &php_password_algo_argon2i;
case 3: return &php_password_algo_argon2id;
+#else
+ case 2:
+ {
+ zend_string *n = zend_string_init("argon2i", sizeof("argon2i")-1, 0);
+ const php_password_algo* ret = php_password_algo_find(n);
+ zend_string_release(n);
+ return ret;
+ }
+ case 3:
+ {
+ zend_string *n = zend_string_init("argon2id", sizeof("argon2id")-1, 0);
+ const php_password_algo* ret = php_password_algo_find(n);
+ zend_string_release(n);
+ return ret;
+ }
#endif
}
return NULL;
diff --git a/ext/standard/tests/password/bug75221.phpt b/ext/standard/tests/password/bug75221.phpt
index ec03f92ea6cd..bd6e386a164e 100644
--- a/ext/standard/tests/password/bug75221.phpt
+++ b/ext/standard/tests/password/bug75221.phpt
@@ -9,7 +9,7 @@ if (!defined('PASSWORD_ARGON2I')) die('skip password_hash not built with Argon2'
$hash = password_hash(
"php",
PASSWORD_ARGON2I,
- ['memory_cost' => 16384, 'time_cost' => 2, 'threads' => 4]
+ ['memory_cost' => 64 << 10, 'time_cost' => 4, 'threads' => 1]
);
var_dump(substr($hash, -1, 1) !== "\0");
?>
diff --git a/ext/standard/tests/password/password_hash_error_argon2.phpt b/ext/standard/tests/password/password_hash_error_argon2.phpt
index 070d61656ab1..2ea6b93627c0 100644
--- a/ext/standard/tests/password/password_hash_error_argon2.phpt
+++ b/ext/standard/tests/password/password_hash_error_argon2.phpt
@@ -21,7 +21,7 @@ NULL
Warning: password_hash(): Time cost is outside of allowed time range in %s on line %d
NULL
-Warning: password_hash(): Invalid number of threads in %s on line %d
+Warning: password_hash(): %sthread%s
NULL
Warning: password_hash(): Memory cost is outside of allowed memory range in %s on line %d
@@ -30,5 +30,5 @@ NULL
Warning: password_hash(): Time cost is outside of allowed time range in %s on line %d
NULL
-Warning: password_hash(): Invalid number of threads in %s on line %d
+Warning: password_hash(): %sthread%s
NULL
|
