Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrInvalidHash is returned if the required parameters can not be obtained // from the hash. ErrInvalidHash = fmt.Errorf("argon2id: invalid hash format") // ErrVersionIncompatible is returned if the Argon2id version generating // the hash does not match the version validating it. ErrVersionIncompatible = fmt.Errorf("argon2id: incompatible version") // Prefix is set to be compatible with Dovecot. Can be set to an empty string. Prefix = "{ARGON2ID}" )
var DefaultParams = &Params{
Memory: 512 * 1024,
Iterations: 3,
Parallelism: 4,
SaltLen: 32,
KeyLen: 32,
}
DefaultParams provides sane default parameters for password hashing as of 2021. Depending on your environment you will need to adjust these.
Functions ¶
func Generate ¶
Generate generates a new Argon2ID hash with recommended values for it's complexity parameters. By default the generated hash is compatible with the Dovecot Password Scheme.
See https://doc.dovecot.org/configuration_manual/authentication/password_schemes/
It looks like this
{ARGON2ID}$argon2id$v=19$m=524288,t=3,p=4$464unwkIcBGXjqWBZ0A5FWClURgYdWFqRlQaBJOE5fs$5ofdht4OkXsg/tftXGgxNchAdgHzpe+QJyizabiKZFk
Types ¶
type Params ¶
type Params struct {
Memory uint32
Iterations uint32
Parallelism uint8
SaltLen uint32
KeyLen uint32
}
Params contains the input parameters for the Argon2id algorithm. Memory and Iterations tweak the computational cost. If you have more cores available you can change the parallelism to reduce runtime without reducing cost. But note that this will change the hash.
See https://tools.ietf.org/html/draft-irtf-cfrg-argon2-04#section-4
Source Files