Changing m_cost and t_cost to memory_cost and time_cost

- Updating tests
- Adjusting cost factors:
 - memory_cost = 1 MiB
 - time_cost = 2
 - threads = 2

diff --git a/ext/standard/password.c b/ext/standard/password.c
index ca5c3000f48ad557412e636242dc85832c89ebbd..117db2bf1648f99edf5d1f7411a196e48b8c9675 100644 (file)
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -45,7 +45,6 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
        REGISTER_LONG_CONSTANT("PASSWORD_BCRYPT", PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT);
 #if HAVE_ARGON2LIB
        REGISTER_LONG_CONSTANT("PASSWORD_ARGON2I", PHP_PASSWORD_ARGON2I, CONST_CS | CONST_PERSISTENT);
-       REGISTER_LONG_CONSTANT("PASSWORD_ARGON2", PHP_PASSWORD_ARGON2, CONST_CS | CONST_PERSISTENT);
 #endif
 
        REGISTER_LONG_CONSTANT("PASSWORD_BCRYPT_DEFAULT_COST", PHP_PASSWORD_BCRYPT_COST, CONST_CS | CONST_PERSISTENT);
@@ -195,13 +194,13 @@ PHP_FUNCTION(password_get_info)
                case PHP_PASSWORD_ARGON2I:
                        {
                                zend_long v = 0;
-                               zend_long m_cost = PHP_PASSWORD_ARGON2_MEMORY_COST;
-                               zend_long t_cost = PHP_PASSWORD_ARGON2_TIME_COST;
+                               zend_long memory_cost = PHP_PASSWORD_ARGON2_MEMORY_COST;
+                               zend_long time_cost = PHP_PASSWORD_ARGON2_TIME_COST;
                                zend_long threads = PHP_PASSWORD_ARGON2_THREADS;
 
-                               sscanf(hash, "$%*[argon2i]$v=" ZEND_LONG_FMT "$m=" ZEND_LONG_FMT ",t=" ZEND_LONG_FMT ",p=" ZEND_LONG_FMT, &v, &m_cost, &t_cost, &threads);
-                               add_assoc_long(&options, "m_cost", m_cost);
-                               add_assoc_long(&options, "t_cost", t_cost);
+                               sscanf(hash, "$%*[argon2i]$v=" ZEND_LONG_FMT "$m=" ZEND_LONG_FMT ",t=" ZEND_LONG_FMT ",p=" ZEND_LONG_FMT, &v, &memory_cost, &time_cost, &threads);
+                               add_assoc_long(&options, "memory_cost", memory_cost);
+                               add_assoc_long(&options, "time_cost", time_cost);
                                add_assoc_long(&options, "threads", threads);
                        }
                        break;
@@ -259,25 +258,25 @@ PHP_FUNCTION(password_needs_rehash)
                case PHP_PASSWORD_ARGON2I:
                        {
                                zend_long v = 0;
-                               zend_long new_m_cost = PHP_PASSWORD_ARGON2_MEMORY_COST, m_cost = 0;
-                               zend_long new_t_cost = PHP_PASSWORD_ARGON2_TIME_COST, t_cost = 0;
+                               zend_long new_memory_cost = PHP_PASSWORD_ARGON2_MEMORY_COST, memory_cost = 0;
+                               zend_long new_time_cost = PHP_PASSWORD_ARGON2_TIME_COST, time_cost = 0;
                                zend_long new_threads = PHP_PASSWORD_ARGON2_THREADS, threads = 0;
 
-                               if (options && (option_buffer = zend_hash_str_find(options, "m_cost", sizeof("m_cost")-1)) != NULL) {
-                                       new_m_cost = zval_get_long(option_buffer);
+                               if (options && (option_buffer = zend_hash_str_find(options, "memory_cost", sizeof("memory_cost")-1)) != NULL) {
+                                       new_memory_cost = zval_get_long(option_buffer);
                                }
 
-                               if (options && (option_buffer = zend_hash_str_find(options, "t_cost", sizeof("t_cost")-1)) != NULL) {
-                                       new_t_cost = zval_get_long(option_buffer);
+                               if (options && (option_buffer = zend_hash_str_find(options, "time_cost", sizeof("time_cost")-1)) != NULL) {
+                                       new_time_cost = zval_get_long(option_buffer);
                                }
 
                                if (options && (option_buffer = zend_hash_str_find(options, "threads", sizeof("threads")-1)) != NULL) {
                                        new_threads = zval_get_long(option_buffer);
                                }
 
-                               sscanf(hash, "$%*[argon2i]$v=" ZEND_LONG_FMT "$m=" ZEND_LONG_FMT ",t=" ZEND_LONG_FMT ",p=" ZEND_LONG_FMT, &v, &m_cost, &t_cost, &threads);
+                               sscanf(hash, "$%*[argon2i]$v=" ZEND_LONG_FMT "$m=" ZEND_LONG_FMT ",t=" ZEND_LONG_FMT ",p=" ZEND_LONG_FMT, &v, &memory_cost, &time_cost, &threads);
 
-                               if (new_t_cost != t_cost || new_m_cost != m_cost || new_threads != threads) {
+                               if (new_time_cost != time_cost || new_memory_cost != memory_cost || new_threads != threads) {
                                        RETURN_TRUE;
                                }
                        }
@@ -367,8 +366,8 @@ PHP_FUNCTION(password_hash)
        zval *option_buffer;
 
 #if HAVE_ARGON2LIB
-       size_t t_cost = PHP_PASSWORD_ARGON2_TIME_COST; 
-       size_t m_cost = PHP_PASSWORD_ARGON2_MEMORY_COST;
+       size_t time_cost = PHP_PASSWORD_ARGON2_TIME_COST; 
+       size_t memory_cost = PHP_PASSWORD_ARGON2_MEMORY_COST;
        size_t threads = PHP_PASSWORD_ARGON2_THREADS;
        argon2_type type = Argon2_i;
 #endif
@@ -399,21 +398,21 @@ PHP_FUNCTION(password_hash)
 #if HAVE_ARGON2LIB
                case PHP_PASSWORD_ARGON2I:
                        {
-                               if (options && (option_buffer = zend_hash_str_find(options, "m_cost", sizeof("m_cost")-1)) != NULL) {
-                                       m_cost = zval_get_long(option_buffer);
+                               if (options && (option_buffer = zend_hash_str_find(options, "memory_cost", sizeof("memory_cost")-1)) != NULL) {
+                                       memory_cost = zval_get_long(option_buffer);
                                }
 
-                               if (m_cost > ARGON2_MAX_MEMORY || m_cost < ARGON2_MIN_MEMORY) {
-                                       php_error_docref(NULL, E_WARNING, "Memory cost is outside of allowed memory range", m_cost);
+                               if (memory_cost > ARGON2_MAX_MEMORY || memory_cost < ARGON2_MIN_MEMORY) {
+                                       php_error_docref(NULL, E_WARNING, "Memory cost is outside of allowed memory range", memory_cost);
                                        RETURN_NULL();
                                }
 
-                               if (options && (option_buffer = zend_hash_str_find(options, "t_cost", sizeof("t_cost")-1)) != NULL) {
-                                       t_cost = zval_get_long(option_buffer);
+                               if (options && (option_buffer = zend_hash_str_find(options, "time_cost", sizeof("time_cost")-1)) != NULL) {
+                                       time_cost = zval_get_long(option_buffer);
                                }
 
-                               if (t_cost > ARGON2_MAX_TIME || t_cost < ARGON2_MIN_TIME) {
-                                       php_error_docref(NULL, E_WARNING, "Time cost is outside of allowed time range", t_cost);
+                               if (time_cost > ARGON2_MAX_TIME || time_cost < ARGON2_MIN_TIME) {
+                                       php_error_docref(NULL, E_WARNING, "Time cost is outside of allowed time range", time_cost);
                                        RETURN_NULL();
                                }
                                
@@ -532,8 +531,8 @@ PHP_FUNCTION(password_hash)
                                int status = 0;
 
                                encoded_len = argon2_encodedlen(
-                                       t_cost,
-                                       m_cost,
+                                       time_cost,
+                                       memory_cost,
                                        threads,
                                        (uint32_t)salt_len,
                                        out_len
@@ -543,8 +542,8 @@ PHP_FUNCTION(password_hash)
                                zend_string *encoded = zend_string_alloc(encoded_len, 0);
 
                                status = argon2_hash(
-                                       t_cost,
-                                       m_cost,
+                                       time_cost,
+                                       memory_cost,
                                        threads,
                                        password,
                                        password_len,

diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index e2d6b4a73e30d7bfbb21d7a59e87ff209be05630..4bc2e5660f290474841c1c9426ae5dd1f057b528 100644 (file)
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -33,10 +33,9 @@ PHP_MINIT_FUNCTION(password);
 #define PHP_PASSWORD_BCRYPT_COST 10
 
 #if HAVE_ARGON2LIB
-#define PHP_PASSWORD_ARGON2     PHP_PASSWORD_ARGON2I
-#define PHP_PASSWORD_ARGON2_MEMORY_COST 1<<16
-#define PHP_PASSWORD_ARGON2_TIME_COST 3
-#define PHP_PASSWORD_ARGON2_THREADS 1
+#define PHP_PASSWORD_ARGON2_MEMORY_COST 1<<10
+#define PHP_PASSWORD_ARGON2_TIME_COST 2
+#define PHP_PASSWORD_ARGON2_THREADS 2
 #endif
 
 typedef enum {

diff --git a/ext/standard/tests/password/password_get_info_argon2.phpt b/ext/standard/tests/password/password_get_info_argon2.phpt
index 67ac8520a7d50bcc41612dc563da802ebdcf8bf8..903f9faca5287f32ed6b7dcd0e92a3c43fdbd182 100644 (file)
--- a/ext/standard/tests/password/password_get_info_argon2.phpt
+++ b/ext/standard/tests/password/password_get_info_argon2.phpt
@@ -2,7 +2,7 @@
 Test normal operation of password_get_info() with Argon2
 --SKIPIF--
 <?php
-if (!defined('PASSWORD_ARGON2')) die('Skipped: password_get_info not built with Argon2');
+if (!defined('PASSWORD_ARGON2I')) die('Skipped: password_get_info not built with Argon2');
 ?>
 --FILE--
 <?php
@@ -18,9 +18,9 @@ array(3) {
   string(7) "argon2i"
   ["options"]=>
   array(3) {
-    ["m_cost"]=>
+    ["memory_cost"]=>
     int(65536)
-    ["t_cost"]=>
+    ["time_cost"]=>
     int(3)
     ["threads"]=>
     int(1)

diff --git a/ext/standard/tests/password/password_hash_argon2.phpt b/ext/standard/tests/password/password_hash_argon2.phpt
index 02d239c0cd054592902244e6b386bf09456a4d4d..229d26fcae434ae9744ac8e89be3ca29e1679265 100644 (file)
--- a/ext/standard/tests/password/password_hash_argon2.phpt
+++ b/ext/standard/tests/password/password_hash_argon2.phpt
@@ -2,15 +2,12 @@
 Test normal operation of password_hash() with argon2
 --SKIPIF--
 <?php
-if (!defined('PASSWORD_ARGON2')) die('Skipped: password_get_info not built with Argon2');
+if (!defined('PASSWORD_ARGON2I')) die('Skipped: password_get_info not built with Argon2');
 --FILE--
 <?php
 
 $password = "the password for testing 12345!";
 
-$hash = password_hash($password, PASSWORD_ARGON2);
-var_dump(password_verify($password, $hash));
-
 $hash = password_hash($password, PASSWORD_ARGON2I);
 var_dump(password_verify($password, $hash));
 
@@ -18,5 +15,4 @@ echo "OK!";
 ?>
 --EXPECT--
 bool(true)
-bool(true)
 OK!
\ No newline at end of file

diff --git a/ext/standard/tests/password/password_hash_error_argon2.phpt b/ext/standard/tests/password/password_hash_error_argon2.phpt
index 60496447a26c0cae1c4c32eeb08d495a9dfc22d6..cce3c61c1229431cbb5380b729c34ffe01ed6496 100644 (file)
--- a/ext/standard/tests/password/password_hash_error_argon2.phpt
+++ b/ext/standard/tests/password/password_hash_error_argon2.phpt
@@ -2,13 +2,13 @@
 Test error operation of password_hash() with argon2
 --SKIPIF--
 <?php
-if (!defined('PASSWORD_ARGON2')) die('Skipped: password_get_info not built with Argon2');
+if (!defined('PASSWORD_ARGON2I')) die('Skipped: password_get_info not built with Argon2');
 ?>
 --FILE--
 <?php
-var_dump(password_hash('test', PASSWORD_ARGON2, ['m_cost' => 0]));
-var_dump(password_hash('test', PASSWORD_ARGON2, ['t_cost' => 0]));
-var_dump(password_hash('test', PASSWORD_ARGON2, ['threads' => 0]));
+var_dump(password_hash('test', PASSWORD_ARGON2I, ['memory_cost' => 0]));
+var_dump(password_hash('test', PASSWORD_ARGON2I, ['time_cost' => 0]));
+var_dump(password_hash('test', PASSWORD_ARGON2I, ['threads' => 0]));
 ?>
 --EXPECTF--
 Warning: password_hash(): Memory cost is outside of allowed memory range in %s on line %d

diff --git a/ext/standard/tests/password/password_needs_rehash_argon2.phpt b/ext/standard/tests/password/password_needs_rehash_argon2.phpt
index 315fe1f6a1ddad2a8006875fd0247d853328f7c9..28592eb80b2be5bdbc2b0aae478ed96bddccec57 100644 (file)
--- a/ext/standard/tests/password/password_needs_rehash_argon2.phpt
+++ b/ext/standard/tests/password/password_needs_rehash_argon2.phpt
@@ -2,16 +2,16 @@
 Test normal operation of password_needs_rehash() with argon2
 --SKIPIF--
 <?php
-if (!defined('PASSWORD_ARGON2')) die('Skipped: password_get_info not built with Argon2');
+if (!defined('PASSWORD_ARGON2I')) die('Skipped: password_get_info not built with Argon2');
 ?>
 --FILE--
 <?php
 
 $hash = '$argon2i$v=19$m=65536,t=3,p=1$YkprUktYN0lHQTd2bWRFeA$79aA+6IvgclpDAJVoezProlqzIPy7do/P0sBDXS9Nn0';
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2, ['m_cost' => 1<<17]));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2, ['t_cost' => 2]));
-var_dump(password_needs_rehash($hash, PASSWORD_ARGON2, ['threads' => 2]));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['memory_cost' => 1<<17]));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['time_cost' => 2]));
+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['threads' => 2]));
 echo "OK!";
 ?>
 --EXPECT--

diff --git a/ext/standard/tests/password/password_verify_argon2.phpt b/ext/standard/tests/password/password_verify_argon2.phpt
index 557e7372f8a04c6240d7d6025fb604531bb11bfd..a3caefb09cf3346dc4bc6c628d5387398556124d 100644 (file)
--- a/ext/standard/tests/password/password_verify_argon2.phpt
+++ b/ext/standard/tests/password/password_verify_argon2.phpt
@@ -2,7 +2,7 @@
 Test normal operation of password_verify() with argon2
 --SKIPIF--
 <?php
-if (!defined('PASSWORD_ARGON2')) die('Skipped: password_get_info not built with Argon2');
+if (!defined('PASSWORD_ARGON2I')) die('Skipped: password_get_info not built with Argon2');
 ?>
 --FILE--
 <?php