magmaus3/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: replaced flaky argon2 with better argon2 crate (#37)

Browse source 
* feat: replaced flaky argon2 with better argon2 crate

* fix: applied cargo fmt nightly

* docs: added comment specifying what the settings for Argon2 mean

* fix: made hashing error a bit more descriptive

* fix: fixed incorrect value for Kib
This commit is contained in:
Nineko 2023-12-25 16:28:56 +01:00 committed by GitHub
parent 6a9f8dfa6f
commit fdc3e07be6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 84 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/utils/mod.rs
View file

@ -1,7 +1,7 @@
pub mod error;
use crate::{Error, Result};
use argon2::{Config, Variant};
use crate::{services, Error, Result};
use argon2::{password_hash::SaltString, PasswordHasher};
use rand::prelude::*;
use ring::digest;
use ruma::{
@ -72,14 +72,13 @@ pub fn random_string(length: usize) -> String {
}
/// Calculate a new hash for the given password
pub fn calculate_password_hash(password: &str) -> Result<String, argon2::Error> {
let hashing_config = Config {
variant: Variant::Argon2id,
..Config::owasp2() // m=19456 (19 MiB), t=2, p=1 from https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id
};
let salt = random_string(32);
argon2::hash_encoded(password.as_bytes(), salt.as_bytes(), &hashing_config)
pub fn calculate_password_hash(password: &str) -> Result<String, argon2::password_hash::Error> {
let salt = SaltString::generate(thread_rng());
services()
.globals
.argon
.hash_password(password.as_bytes(), &salt)
.map(|it| it.to_string())
}
#[tracing::instrument(skip(keys))]