Reduce the memory used by argon2 (less secure)

author Greg Burri <greg.burri@gmail.com>

Thu, 5 Dec 2024 00:11:42 +0000 (01:11 +0100)

committer Greg Burri <greg.burri@gmail.com>

Thu, 5 Dec 2024 00:11:42 +0000 (01:11 +0100)
author Greg Burri <greg.burri@gmail.com>
Thu, 5 Dec 2024 00:11:42 +0000 (01:11 +0100)
committer Greg Burri <greg.burri@gmail.com>
Thu, 5 Dec 2024 00:11:42 +0000 (01:11 +0100)
diff --git a/backend/src/hash.rs b/backend/src/hash.rs

index 04b5623..d06a15a 100644 (file)
--- a/backend/src/hash.rs
+++ b/backend/src/hash.rs
@@ -5,9 +5,23 @@ use argon2::{
      Argon2,
  };
  
+fn get_argon2<'k>() -> Argon2<'k> {
+    Argon2::new(
+        argon2::Algorithm::Argon2id,
+        argon2::Version::V0x13,
+        argon2::Params::new(
+            4_096, // 4 MB. The code run on raspberry pi zero, the default memory is too high.
+            4,     // Number of iteration.
+            2,     // Degree of parallelism.
+            None,
+        )
+        .unwrap(),
+    )
+}
+
  pub fn hash(password: &str) -> Result<String, Box<dyn std::error::Error>> {
      let salt = SaltString::generate(&mut OsRng);
-    let argon2 = Argon2::default();
+    let argon2 = get_argon2();
      argon2
          .hash_password(password.as_bytes(), &salt)
          .map(|h| h.to_string())
@@ -18,7 +32,7 @@ pub fn verify_password(
      password: &str,
      hashed_password: &str,
  ) -> Result<bool, Box<dyn std::error::Error>> {
-    let argon2 = Argon2::default();
+    let argon2 = get_argon2();
      let parsed_hash = PasswordHash::new(hashed_password)?;
      Ok(argon2
          .verify_password(password.as_bytes(), &parsed_hash)
author	Greg Burri <greg.burri@gmail.com>
	Thu, 5 Dec 2024 00:11:42 +0000 (01:11 +0100)
committer	Greg Burri <greg.burri@gmail.com>
	Thu, 5 Dec 2024 00:11:42 +0000 (01:11 +0100)