Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 24f1577

Browse filesBrowse files
author
Robin Chalas
committed
bug #25412 Extend Argon2i support check to account for sodium_compat (mbabker)
This PR was merged into the 3.4 branch. Discussion ---------- Extend Argon2i support check to account for sodium_compat | Q | A | ------------- | --- | Branch? | 3.4 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | N/A | License | MIT | Doc PR | N/A In the Argon2i password encoder, if in an environment where `sodium_compat` is installed without either natively running PHP 7.2 or the (lib)sodium extension, the `isSupported` check can return true because the library exposes the `sodium_crypto_pwhash_str()` function however a pure PHP implementation of the method is not implemented, so the library does not actually support the hashes. paragonie/sodium_compat#55 requested a way to check support through the polyfill to avoid this condition and the 1.4 release added it. This PR extends the encoder's `isSupported` check to be aware of the `sodium_compat` library and use its support check if able to avoid misreporting that `sodium_crypto_pwhash_str()` is available for use when it isn't. Commits ------- 95c1fc8 Extend Argon2i support check to account for sodium_compat
2 parents 17b5a2c + 95c1fc8 commit 24f1577
Copy full SHA for 24f1577

File tree

1 file changed

+9
-3
lines changed
Filter options

1 file changed

+9
-3
lines changed

‎src/Symfony/Component/Security/Core/Encoder/Argon2iPasswordEncoder.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Encoder/Argon2iPasswordEncoder.php
+9-3Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,15 @@ class Argon2iPasswordEncoder extends BasePasswordEncoder implements SelfSaltingE
2222
{
2323
public static function isSupported()
2424
{
25-
return (\PHP_VERSION_ID >= 70200 && \defined('PASSWORD_ARGON2I'))
26-
|| \function_exists('sodium_crypto_pwhash_str')
27-
|| \extension_loaded('libsodium');
25+
if (\PHP_VERSION_ID >= 70200 && \defined('PASSWORD_ARGON2I')) {
26+
return true;
27+
}
28+
29+
if (\class_exists('ParagonIE_Sodium_Compat') && \method_exists('ParagonIE_Sodium_Compat', 'crypto_pwhash_is_available')) {
30+
return \ParagonIE_Sodium_Compat::crypto_pwhash_is_available();
31+
}
32+
33+
return \function_exists('sodium_crypto_pwhash_str') || \extension_loaded('libsodium');
2834
}
2935

3036
/**

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.