Relax argon2 mem_cost down to 64k, bump time_cost to 4

author: Sara Golemon <pollita@php.net> 2019-07-09 11:18:13 -0400
committer: Sara Golemon <pollita@php.net> 2019-07-09 11:36:48 -0400
commit: f65956e4fb4dc15ba8129e69b13a2cd758e85f46 (patch)
tree: 0e5310f3abf0b7ff2fa3f6825f62c8a4a18621e4 /ext/standard/php_password.h
parent: aa0e29a66838bd89547a5a8ec4ae25945556ad54 (diff)
download: php-git-f65956e4fb4dc15ba8129e69b13a2cd758e85f46.tar.gz
1 files changed, 2 insertions, 5 deletions
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index ce3fdba6bb..97a6bf63a2 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -34,14 +34,11 @@ PHP_MSHUTDOWN_FUNCTION(password);
 
 #if HAVE_ARGON2LIB
 /**
- * OPSLIMIT and MEMLIMIT are taken from libsodium's MODERATE values.
- * Threads are fixed at 1 by libsodium.
- *
  * When updating these values, synchronize ext/sodium/sodium_pwhash.c values.
  * Note that libargon expresses memlimit in KB, while libsoidum uses bytes.
  */
-#define PHP_PASSWORD_ARGON2_MEMORY_COST (256 << 10)
-#define PHP_PASSWORD_ARGON2_TIME_COST 3
+#define PHP_PASSWORD_ARGON2_MEMORY_COST (64 << 10)
+#define PHP_PASSWORD_ARGON2_TIME_COST 4
 #define PHP_PASSWORD_ARGON2_THREADS 1
 #endif
author	Sara Golemon <pollita@php.net>	2019-07-09 11:18:13 -0400
committer	Sara Golemon <pollita@php.net>	2019-07-09 11:36:48 -0400
commit	f65956e4fb4dc15ba8129e69b13a2cd758e85f46 (patch)
tree	0e5310f3abf0b7ff2fa3f6825f62c8a4a18621e4 /ext/standard/php_password.h
parent	aa0e29a66838bd89547a5a8ec4ae25945556ad54 (diff)
download	php-git-f65956e4fb4dc15ba8129e69b13a2cd758e85f46.tar.gz