Wow indeed Sam you're completely right, with Version13 the test passes. Thank you a lot for help.
Unfortunately, because of that version mismatch, all my users' hashes were created with a version not supported by golang.org/x/crypto/argon2, so I can't migrate :/ Le jeudi 11 octobre 2018 19:10:45 UTC+2, Sam Whited a écrit : > > On Thu, Oct 11, 2018, at 11:37, Thomas Bruyelle wrote: > > I want to update my authentication code by using > > golang.org/x/crypto/argon2, as a replacement of > > github.com/tvdburgt/go-argon2 which uses the legacy C lib under the > hood > > through CGO. > > The main benefit is of course to drop the usage of CGO. > > > > But I encounter a serious issue, with the same inputs (password, salt, > > times, threads, memory), the 2 libraries give me 2 different hashes. > > That means it's impossible for me to migrate, or else I have to ask all > my > > users to regenerate their passwords, which is not acceptable for me. > > The x/crypto/argon2 package implements version 13, if you add "Version: > Version13," to your context they should be the same. The docs claim this > is the default for the legacy version, but they appear to be wrong. > > —Sam > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
