phxql
commented
4 years ago Yes, the parameters stored in the hash itself are used to verify it. You can easily test that in a unit test: create a hash with memory 64M, then create a new instance with memory 128M and try to verify the hash from step 1.
Thanks for the praise, you're welcome! :)
FloatingSunfish
I'm using an Argon2id instance of Argon2 and noticed that the
verifyfunction only accepts a hash and a char array.I just wanted to confirm if verifying encoded hashes uses the configuration stored in the encoded hash itself.
This is actually very convenient as it means that Argon2id instances can be reconfigured to use more resources in the future while maintaining compatibility with encoded hashes generated with lesser resources.
Again, many thanks for making such a great library! :)