diff options
author | Marc Alexander <admin@m-a-styles.de> | 2020-01-30 21:38:35 +0100 |
---|---|---|
committer | Marc Alexander <admin@m-a-styles.de> | 2020-01-30 21:38:35 +0100 |
commit | c221858fabe1f99e55d4938f5b0aa35f53457a70 (patch) | |
tree | a20fa8aca1101a8de6fad5d7f0845dd0d1050177 | |
parent | Merge branch '3.3.x' (diff) | |
parent | Merge pull request #5843 from JoshyPHP/ticket/16342 (diff) | |
download | phpbb-c221858fabe1f99e55d4938f5b0aa35f53457a70.tar.gz phpbb-c221858fabe1f99e55d4938f5b0aa35f53457a70.tar.bz2 phpbb-c221858fabe1f99e55d4938f5b0aa35f53457a70.zip |
Merge branch '3.3.x'
-rw-r--r-- | phpBB/config/default/container/services_password.yml | 4 | ||||
-rw-r--r-- | phpBB/phpbb/passwords/driver/argon2i.php | 6 | ||||
-rw-r--r-- | tests/passwords/drivers_test.php | 4 |
3 files changed, 7 insertions, 7 deletions
diff --git a/phpBB/config/default/container/services_password.yml b/phpBB/config/default/container/services_password.yml index a9adbebfd7..38f7404330 100644 --- a/phpBB/config/default/container/services_password.yml +++ b/phpBB/config/default/container/services_password.yml @@ -1,7 +1,7 @@ parameters: - passwords.driver.argon2_memory_cost: 1024 + passwords.driver.argon2_memory_cost: 65536 passwords.driver.argon2_threads: 2 - passwords.driver.argon2_time_cost: 2 + passwords.driver.argon2_time_cost: 4 passwords.driver.bcrypt_cost: 10 services: diff --git a/phpBB/phpbb/passwords/driver/argon2i.php b/phpBB/phpbb/passwords/driver/argon2i.php index 03368f6361..3150eadfdd 100644 --- a/phpBB/phpbb/passwords/driver/argon2i.php +++ b/phpBB/phpbb/passwords/driver/argon2i.php @@ -33,7 +33,7 @@ class argon2i extends base_native * @param int $threads Number of threads to use (optional) * @param int $time_cost Maximum amount of time (optional) */ - public function __construct(\phpbb\config\config $config, helper $helper, $memory_cost = 1024, $threads = 2, $time_cost = 2) + public function __construct(\phpbb\config\config $config, helper $helper, $memory_cost = 65536, $threads = 2, $time_cost = 4) { parent::__construct($config, $helper); @@ -42,8 +42,8 @@ class argon2i extends base_native * See https://wiki.php.net/rfc/sodium.argon.hash and PHPBB3-16266 * Don't allow cost factors to be below default settings where possible */ - $this->memory_cost = max($memory_cost, defined('PASSWORD_ARGON2_DEFAULT_MEMORY_COST') ? PASSWORD_ARGON2_DEFAULT_MEMORY_COST : 1024); - $this->time_cost = max($time_cost, defined('PASSWORD_ARGON2_DEFAULT_TIME_COST') ? PASSWORD_ARGON2_DEFAULT_TIME_COST : 2); + $this->memory_cost = max($memory_cost, defined('PASSWORD_ARGON2_DEFAULT_MEMORY_COST') ? PASSWORD_ARGON2_DEFAULT_MEMORY_COST : 65536); + $this->time_cost = max($time_cost, defined('PASSWORD_ARGON2_DEFAULT_TIME_COST') ? PASSWORD_ARGON2_DEFAULT_TIME_COST : 4); $this->threads = (defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium') ? PASSWORD_ARGON2_DEFAULT_THREADS : max($threads, defined('PASSWORD_ARGON2_DEFAULT_THREADS') ? PASSWORD_ARGON2_DEFAULT_THREADS : 1); } diff --git a/tests/passwords/drivers_test.php b/tests/passwords/drivers_test.php index fc11ca0bc7..37b333e23a 100644 --- a/tests/passwords/drivers_test.php +++ b/tests/passwords/drivers_test.php @@ -24,8 +24,8 @@ class phpbb_passwords_helper_test extends \phpbb_test_case // Initialize argon2 default options $this->argon2_default_cost_options = [ - 'memory_cost' => 1024, - 'time_cost' => 2, + 'memory_cost' => 65536, + 'time_cost' => 4, 'threads' => 2 ]; |