On Thu, Oct 11, 2018, at 11:37, Thomas Bruyelle wrote: > I want to update my authentication code by using > golang.org/x/crypto/argon2, as a replacement of > github.com/tvdburgt/go-argon2 which uses the legacy C lib under the hood > through CGO. > The main benefit is of course to drop the usage of CGO. > > But I encounter a serious issue, with the same inputs (password, salt, > times, threads, memory), the 2 libraries give me 2 different hashes. > That means it's impossible for me to migrate, or else I have to ask all my > users to regenerate their passwords, which is not acceptable for me.
The x/crypto/argon2 package implements version 13, if you add "Version: Version13," to your context they should be the same. The docs claim this is the default for the legacy version, but they appear to be wrong. —Sam -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
