From: Greg Burri <greg.burri@gmail.com>
Date: Thu, 5 Dec 2024 00:11:42 +0000 (+0100)
Subject: Reduce the memory used by argon2 (less secure)
X-Git-Url: https://git.euphorik.ch/?a=commitdiff_plain;h=38c286e8609d2c703cf11bb9bd8cc6613ae8b572;p=recipes.git

Reduce the memory used by argon2 (less secure)
---

diff --git a/backend/src/hash.rs b/backend/src/hash.rs
index 04b5623..d06a15a 100644
--- a/backend/src/hash.rs
+++ b/backend/src/hash.rs
@@ -5,9 +5,23 @@ use argon2::{
     Argon2,
 };
 
+fn get_argon2<'k>() -> Argon2<'k> {
+    Argon2::new(
+        argon2::Algorithm::Argon2id,
+        argon2::Version::V0x13,
+        argon2::Params::new(
+            4_096, // 4 MB. The code run on raspberry pi zero, the default memory is too high.
+            4,     // Number of iteration.
+            2,     // Degree of parallelism.
+            None,
+        )
+        .unwrap(),
+    )
+}
+
 pub fn hash(password: &str) -> Result<String, Box<dyn std::error::Error>> {
     let salt = SaltString::generate(&mut OsRng);
-    let argon2 = Argon2::default();
+    let argon2 = get_argon2();
     argon2
         .hash_password(password.as_bytes(), &salt)
         .map(|h| h.to_string())
@@ -18,7 +32,7 @@ pub fn verify_password(
     password: &str,
     hashed_password: &str,
 ) -> Result<bool, Box<dyn std::error::Error>> {
-    let argon2 = Argon2::default();
+    let argon2 = get_argon2();
     let parsed_hash = PasswordHash::new(hashed_password)?;
     Ok(argon2
         .verify_password(password.as_bytes(), &parsed_hash)