Global/wakapi
1
0
Fork 0
mirror of https://github.com/muety/wakapi.git synced 2025-12-05 14:10:24 -08:00
Code Issues Packages Projects Releases Wiki Activity

chore: cap parallelism of argon2id hashing

Browse Source
This commit is contained in:
Ferdinand Mütsch
2025-11-14 18:00:23 +01:00
parent f516b58ebf
commit ee4aa4da6e
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
utils/auth.go
View File

@@ -3,11 +3,14 @@ package utils
import (
"encoding/base64"
"errors"
"github.com/alexedwards/argon2id"
"golang.org/x/crypto/bcrypt"
"net/http"
"regexp"
"runtime"
"strings"
"github.com/alexedwards/argon2id"
"github.com/duke-git/lancet/v2/mathutil"
"golang.org/x/crypto/bcrypt"
)
var md5Regex = regexp.MustCompile(`^[a-f0-9]{32}$`)
@@ -80,10 +83,8 @@ func CompareArgon2Id(hashed, plain, pepper string) bool {
func HashArgon2Id(plain, pepper string) (string, error) {
plainPepperedPassword := strings.TrimSpace(plain) + pepper
params := *argon2id.DefaultParams
// Check for the uint8 overflow bug on high-core-count CPUs.
if params.Parallelism == 0 {
// If the overflow is detected, set parallelism to a safe default.
params.Parallelism = 2
if params.Parallelism == 0 { // https://github.com/muety/wakapi/issues/866
params.Parallelism = uint8(mathutil.Min[int](runtime.NumCPU(), 255))
}
hash, err := argon2id.CreateHash(plainPepperedPassword, &params)
if err == nil {