Open cmrss2 opened 1 month ago
This has come up in the past (and gave birth to the other project you've mentioned -- eg, in #25 and #143).
In the past, I was uncomfortable to reimplement Argon2's higher-level functions and hoped for its maintainers to add peppering to them eventually (or, give us new APIs).
Sadly, that never materialized. From what I can tell (last commit 3 years ago), they consider it feature-complete.
I guess I should get over myself and use https://argon2-cffi.readthedocs.io/en/stable/api.html#argon2.low_level.core to implement it myself. Given my current FOSS pile of tasks, I'm not sure when that could be. :(
Wasn't sure whether to put this here or at argon2-cffi-bindings.
Would it be possible to allow the
secret
parameter when hashing (see https://github.com/P-H-C/phc-winner-argon2#library) for keyed hashing (peppering)?I know you can just append a secret key to the password/salt or use a HMAC before hashing, but it would be nice to use just the argon2 algorithm.
There are other Python argon2 bindings with keyed hashing, but they don't seem to be updated as often as this project is.
Thank you for maintaining this!