Commit 8ff81631 authored by Peter Marschall's avatar Peter Marschall Committed by Quanah Gibson-Mount
Browse files

ITS#9206 contrib/passwd/argon2: consolidate libsodium implementation

* use 'crypto_pwhash_str_alg(..., crypto_pwhash_ALG_ARGON2ID13)' to set
  the algorithm to Argon2.
  According to libsodium's documentation, the original 'crypto_pwhash_str()'
  only guarantees a "memory-hard, CPU-intensive hash function", but not
  necessarily Argon2.  Although in released versions of libsodium Argon2 is
  the only implemented backend, this may chane in the future.
* multiply the 'memory' parameter by 1024 to align it with the libargon2
  implementation. The objective is to have consistent configuration in
  OpenLDAP's pw-argon2 module no matter what backend implementation is used.

Signed-off-by: default avatarPeter Marschall <>
parent 0ff54ddf
......@@ -128,8 +128,9 @@ slapd_argon2_hash(
AC_MEMCPY( hash->bv_val, scheme->bv_val, scheme->bv_len );
p += scheme->bv_len;
if ( crypto_pwhash_str( p, passwd->bv_val, passwd->bv_len,
iterations, memory ) == 0 ) {
if ( crypto_pwhash_str_alg( p, passwd->bv_val, passwd->bv_len,
iterations, memory * 1024,
crypto_pwhash_ALG_ARGON2ID13 ) == 0 ) {
hash->bv_len = strlen( hash->bv_val );
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment