goArgonPass is a Argon2 Password utility package for Go using the crypto library package Argon2 designed to be compatible with Passlib for Python and Argon2 PHP. Argon2 was the winner of the most recent Password Hashing Competition. This is designed for use anywhere password hashing and verification might be needed and is intended to replace implementations using bcrypt or Scrypt.
I ended up using "golang.org/x/crypto" directly in my own project, but just as a heads up, this implementation currently uses a time-insecure hash comparison because it early outs when it finds a mismatching byte here: https://github.com/dwin/goArgonPass/blob/master/password.go#L142
You can read about timing attacks here: https://codahale.com/a-lesson-in-timing-attacks/ but the core issue is that a determined attacker could measure the difference in execution time between a comparisonHash that has more vs fewer initial bytes in common with decodedHash.
dwin
commented
5 years ago
I ended up using "golang.org/x/crypto" directly in my own project, but just as a heads up, this implementation currently uses a time-insecure hash comparison because it early outs when it finds a mismatching byte here: https://github.com/dwin/goArgonPass/blob/master/password.go#L142
You can read about timing attacks here: https://codahale.com/a-lesson-in-timing-attacks/ but the core issue is that a determined attacker could measure the difference in execution time between a
comparisonHashthat has more vs fewer initial bytes in common withdecodedHash.Go's crypto library provides a time-secure comparison function you can use instead: https://golang.org/pkg/crypto/subtle/#ConstantTimeCompare
Full disclosure: I am not a cryptographer, nor do I know the specifics of how Argon2 works.