Skip to content

Commit 4ce6d94

Browse files
authored
ENGCOM-5500: additional check for correct version of sodium #23866
2 parents 9e6a6c3 + 10a1800 commit 4ce6d94

File tree

1 file changed

+13
-10
lines changed

1 file changed

+13
-10
lines changed

lib/internal/Magento/Framework/Encryption/Encryptor.php

Lines changed: 13 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -162,7 +162,7 @@ public function __construct(
162162
*/
163163
public function getLatestHashVersion(): int
164164
{
165-
if (extension_loaded('sodium')) {
165+
if (extension_loaded('sodium') && defined('SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13')) {
166166
return self::HASH_VERSION_ARGON2ID13;
167167
}
168168

@@ -314,8 +314,8 @@ public function validateHashVersion($hash, $validateCount = false)
314314
* Explode password hash
315315
*
316316
* @param string $hash
317-
* @throws \RuntimeException When given hash cannot be processed.
318317
* @return array
318+
* @throws \RuntimeException When given hash cannot be processed.
319319
*/
320320
private function explodePasswordHash($hash)
321321
{
@@ -398,6 +398,7 @@ public function encryptWithFastestAvailableAlgorithm($data)
398398
':' . $this->getCipherVersion() .
399399
':' . base64_encode($crypt->encrypt($data));
400400
}
401+
401402
/**
402403
* Look for key and crypt versions in encrypted data before decrypting
403404
*
@@ -579,13 +580,15 @@ private function getArgonHash($data, $salt = ''): string
579580
$salt = str_pad($salt, SODIUM_CRYPTO_PWHASH_SALTBYTES, $salt);
580581
}
581582

582-
return bin2hex(sodium_crypto_pwhash(
583-
SODIUM_CRYPTO_SIGN_SEEDBYTES,
584-
$data,
585-
$salt,
586-
SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
587-
SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE,
588-
$this->hashVersionMap[self::HASH_VERSION_ARGON2ID13]
589-
));
583+
return bin2hex(
584+
sodium_crypto_pwhash(
585+
SODIUM_CRYPTO_SIGN_SEEDBYTES,
586+
$data,
587+
$salt,
588+
SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
589+
SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE,
590+
$this->hashVersionMap[self::HASH_VERSION_ARGON2ID13]
591+
)
592+
);
590593
}
591594
}

0 commit comments

Comments
 (0)