Closed natefinch closed 3 years ago
Hi! We're migrating our user system at Mattel from bcrypt to argon2id, and I came across this repo, which wraps everything up nicely in a way I didn't want to have to write manually. However, there was one piece of missing functionality - which was returning the params that a password was hashed with, so we can know if we need to re-hash the password with updated params. I don't technically need DecodeHash exported right now, but it seems like the kind of utility function that could be useful if extracting data from a database directly or something similar.
Alternatively, I'm happy to fork this and put it up at github.com/Mattel if you don't want to be hassled with maintaining it.
No, it's all OK, Christmas is just a busy time :smiley:
Thanks for the PR. It all looks good and I've merged it now :+1:
Awesome. Merry Christmas! :)
And believe me, I understand being a busy maintainer :)
This change exports the function DecodeHash and adds a new function CheckHash, which returns the parameters used to create the given hash. This is useful for real-world use of argon2id hashing, where you should periodically upgrade the hashing parameters to keep up with increasing processor speed. In order to do that, you need to get the parameters a hash was saved with, to compare against your current gold standard.