From ef18e458133a98b9e067bf827e89289417c0a5f7 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Fri, 9 Oct 2020 20:18:32 +0200
Subject: [PATCH] Fix Argon2 descriptions

The threads option for the password_hash function does not define the maximum allowed number of CPU threads to be used by the hashing algorithm but the exact number of threads that is used.

Similarly the memory_cost option for the password_hash function does not define the maximum allowed memory to be used by the hashing algorithm, but the exact amount of memory that is used by the hashing table. The minimum value is 8 KiB per thread.

The time_cost option for the password_hash function does not define the allowed time in seconds, but the number of iterations for the hash function.

If the minimum values are understood, the minimum values are used instead.

Signed-off-by: MichaIng <micha@dietpi.com>
---
 config/config.sample.php | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/config/config.sample.php b/config/config.sample.php
index 16216bb75c..30ea1efb36 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -1505,28 +1505,27 @@ $CONFIG = [
  */
 
 /**
- * The allowed maximum memory in KiB to be used by the algorithm for computing a
- * hash. The smallest possible value is 8. Values that undershoot the minimum
- * will be ignored in favor of the default.
+ * The number of CPU threads to be used by the algorithm for computing a hash.
+ * The value must be an integer, and the minimum value is 1. Rationally it does
+ * not help to provide a number higher than the available threads on the machine.
+ * Values that undershoot the minimum will be ignored in favor of the minimum.
+ */
+'hashingThreads' => PASSWORD_ARGON2_DEFAULT_THREADS,
+
+/**
+ * The memory in KiB to be used by the algorithm for computing a hash. The value
+ * must be an integer, and the minimum value is 8 times the number of CPU threads.
+ * Values that undershoot the minimum will be ignored in favor of the minimum.
  */
 'hashingMemoryCost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
 
 /**
- * The allowed maximum time in seconds that can be used by the algorithm for
- * computing a hash. The value must be an integer, and the minimum value is 1.
- * Values that undershoot the minimum will be ignored in favor of the default.
+ * The number of iterations that are used by the algorithm for computing a hash.
+ * The value must be an integer, and the minimum value is 1. Values that
+ * undershoot the minimum will be ignored in favor of the minimum.
  */
 'hashingTimeCost' => PASSWORD_ARGON2_DEFAULT_TIME_COST,
 
-/**
- * The allowed number of CPU threads that can be used by the algorithm for
- * computing a hash. The value must be an integer, and the minimum value is 1.
- * Rationally it does not help to provide a number higher than the available
- * threads on the machine. Values that undershoot the minimum will be ignored
- * in favor of the default.
- */
-'hashingThreads' => PASSWORD_ARGON2_DEFAULT_THREADS,
-
 /**
  * The hashing cost used by hashes generated by Nextcloud
  * Using a higher value requires more time and CPU power to calculate the hashes