Skip to content

Commit

Permalink
fix: argon2id configuration override (#96)
Browse files Browse the repository at this point in the history 
* fix: argon2id configuration override

* feat: add argon2id configuration override test
  • Loading branch information
@devhaozi
devhaozi authored Apr 17, 2023
1 parent eb2ef23 commit b37b9bd
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 5 deletions.
6 changes: 6 additions & 0 deletions hash/application_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,12 @@ func (s *ApplicationTestSuite) TestCheckHash() {
}
}

func (s *ApplicationTestSuite) TestConfigurationOverride() {
value := "$argon2id$v=19$m=65536,t=8,p=1$NlVjQm5PQUdWTHVTM1RBUg$Q5T7WfeCI7ucIdk6Na6AdQ"
s.True(s.hashers["argon2id"].Check("goravel", value))
s.True(s.hashers["argon2id"].NeedsRehash(value))
}

func (s *ApplicationTestSuite) TestNeedsRehash() {
for name, hasher := range s.hashers {
s.Run(name, func() {
Expand Down
14 changes: 9 additions & 5 deletions hash/argon2id.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ type Argon2id struct {
func NewArgon2id() *Argon2id {
return &Argon2id{
format: "$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s",
version: 19,
version: argon2.Version,
time: uint32(facades.Config.GetInt("hashing.argon2id.time", 4)),
memory: uint32(facades.Config.GetInt("hashing.argon2id.memory", 65536)),
threads: uint8(facades.Config.GetInt("hashing.argon2id.threads", 1)),
Expand Down Expand Up @@ -64,11 +64,15 @@ func (a *Argon2id) Check(value, hash string) bool {
if err != nil {
return false
}
if version != argon2.Version {
if version != a.version {
return false
}

_, err = fmt.Sscanf(hashParts[3], "m=%d,t=%d,p=%d", &a.memory, &a.time, &a.threads)
memory := a.memory
time := a.time
threads := a.threads

_, err = fmt.Sscanf(hashParts[3], "m=%d,t=%d,p=%d", &memory, &time, &threads)
if err != nil {
return false
}
Expand All @@ -83,7 +87,7 @@ func (a *Argon2id) Check(value, hash string) bool {
return false
}

hashToCompare := argon2.IDKey([]byte(value), salt, a.time, a.memory, a.threads, uint32(len(decodedHash)))
hashToCompare := argon2.IDKey([]byte(value), salt, time, memory, threads, uint32(len(decodedHash)))

return subtle.ConstantTimeCompare(decodedHash, hashToCompare) == 1
}
Expand All @@ -99,7 +103,7 @@ func (a *Argon2id) NeedsRehash(hash string) bool {
if err != nil {
return true
}
if version != argon2.Version {
if version != a.version {
return true
}

Expand Down

0 comments on commit b37b9bd

Please sign in to comment.