expose Argon2 options (as we did for bcrypt)

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon 2020-01-20 18:11:00 +01:00
parent ddf6942d90
commit 171bb98229
No known key found for this signature in database
GPG key ID: 7424F1874854DF23
2 changed files with 31 additions and 0 deletions

View file

@ -1433,6 +1433,31 @@ $CONFIG = array(
*/
'tempdirectory' => '/tmp/nextcloudtemp',
/**
* Hashing
*
* Nextcloud uses the Argon2 algorithm (with PHP >= 7.2) to create hashes by its
* own and exposes its configuration options as following. More information can
* be found at: https://www.php.net/manual/en/function.password-hash.php
*/
/**
* The allowed maximum memory to be used by the algorithm for computing a hash.
*/
'hashingMemoryCost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
/**
* The allowed maximum time that can be used by the algorithm for computing a
* hash.
*/
'hashingTimeCost' => PASSWORD_ARGON2_DEFAULT_TIME_COST,
/**
* The allowed number of CPU threads that can be used by the algorithm for
* computing a hash.
*/
'hashingThreads' => PASSWORD_ARGON2_DEFAULT_THREADS,
/**
* The hashing cost used by hashes generated by Nextcloud
* Using a higher value requires more time and CPU power to calculate the hashes

View file

@ -63,6 +63,12 @@ class Hasher implements IHasher {
public function __construct(IConfig $config) {
$this->config = $config;
$this->options = [
'memory_cost' => (int)$this->config->getSystemValue('hashingMemoryCost', PASSWORD_ARGON2_DEFAULT_MEMORY_COST),
'time_cost' => (int)$this->config->getSystemValue('hashingTimeCost', PASSWORD_ARGON2_DEFAULT_TIME_COST),
'threads' => (int)$this->config->getSystemValue('hashingThreads', PASSWORD_ARGON2_DEFAULT_THREADS),
];
$hashingCost = $this->config->getSystemValue('hashingCost', null);
if(!\is_null($hashingCost)) {
$this->options['cost'] = $hashingCost;