ENGCOM-5500: additional check for correct version of sodium #23866

Author: sidolov

lib/internal/Magento/Framework/Encryption/Encryptor.php

@@ -162,7 +162,7 @@ public function __construct(
      */
     public function getLatestHashVersion(): int
     {
-        if (extension_loaded('sodium')) {
+        if (extension_loaded('sodium') && defined('SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13')) {
             return self::HASH_VERSION_ARGON2ID13;
         }
 
@@ -314,8 +314,8 @@ public function validateHashVersion($hash, $validateCount = false)
      * Explode password hash
      *
      * @param string $hash
-     * @throws \RuntimeException When given hash cannot be processed.
      * @return array
+     * @throws \RuntimeException When given hash cannot be processed.
      */
     private function explodePasswordHash($hash)
     {
@@ -398,6 +398,7 @@ public function encryptWithFastestAvailableAlgorithm($data)
             ':' . $this->getCipherVersion() .
             ':' . base64_encode($crypt->encrypt($data));
     }
+
     /**
      * Look for key and crypt versions in encrypted data before decrypting
      *
@@ -579,13 +580,15 @@ private function getArgonHash($data, $salt = ''): string
             $salt = str_pad($salt, SODIUM_CRYPTO_PWHASH_SALTBYTES, $salt);
         }
 
-        return bin2hex(sodium_crypto_pwhash(
-            SODIUM_CRYPTO_SIGN_SEEDBYTES,
-            $data,
-            $salt,
-            SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
-            SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE,
-            $this->hashVersionMap[self::HASH_VERSION_ARGON2ID13]
-        ));
+        return bin2hex(
+            sodium_crypto_pwhash(
+                SODIUM_CRYPTO_SIGN_SEEDBYTES,
+                $data,
+                $salt,
+                SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
+                SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE,
+                $this->hashVersionMap[self::HASH_VERSION_ARGON2ID13]
+            )
+        );
     }
 }