From 004cb37fce4621fc8537146d866081c67045bc9b Mon Sep 17 00:00:00 2001 From: Aleksi Lindeman Date: Sun, 7 Apr 2019 17:14:12 +0200 Subject: Use argon2d instead of argon2i We want gpu-resistance instead of side-channel attack resistance since password is hashed locally. --- src/DatabaseStorage.cpp | 2 +- src/PasswordHash.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/DatabaseStorage.cpp b/src/DatabaseStorage.cpp index 5b9fb04..4e2da50 100644 --- a/src/DatabaseStorage.cpp +++ b/src/DatabaseStorage.cpp @@ -26,7 +26,7 @@ namespace odhtdb }; const u64 QUARANTINE_STORAGE_TIME_MICROSECONDS = 60 * 1.0e6; - const u16 STORAGE_VERSION = 4; + const u16 STORAGE_VERSION = 5; static void sqlite_exec_checked(sqlite3 *db, const char *sql) { diff --git a/src/PasswordHash.cpp b/src/PasswordHash.cpp index f877d20..b757583 100644 --- a/src/PasswordHash.cpp +++ b/src/PasswordHash.cpp @@ -14,7 +14,7 @@ namespace odhtdb result.data = new uint8_t[HASH_PASSWORD_LENGTH]; result.size = HASH_PASSWORD_LENGTH; - if(argon2i_hash_raw(tCost, mCost, parallelism, plainPassword.data, plainPassword.size, salt.data, salt.size, result.data, HASH_PASSWORD_LENGTH) != ARGON2_OK) + if(argon2d_hash_raw(tCost, mCost, parallelism, plainPassword.data, plainPassword.size, salt.data, salt.size, result.data, HASH_PASSWORD_LENGTH) != ARGON2_OK) throw std::runtime_error("Failed to hash password"); return result; -- cgit v1.2.3