参考实现和 Go 之间的不同 argon2 output
[英]Different argon2 output between reference implementation and Go
问题描述
When I'm running the argon2 reference implementation (with defaults) from the command line, it gives me the following output:
当我从命令行运行 argon2 参考实现(使用默认值)时,它给了我以下 output:
echo "foobar" | argon2 saltsalt
Type: Argon2i
Iterations: 3
Memory: 4096 KiB
Parallelism: 1
Hash: 5cc2bb9cf1671aaecaf871e4f855380e2d068ad3292f726b485b7d33ecc3e98b
Encoded: $argon2i$v=19$m=4096,t=3,p=1$c2FsdHNhbHQ$XMK7nPFnGq7K+HHk+FU4Di0GitMpL3JrSFt9M+zD6Ys
0.003 seconds
Verification ok
If I feed the same parameters in a Go program , using x/crypt/argon2 , I'm getting a different hash:如果我在Go 程序中输入相同的参数,使用x/crypt/argon2 ,我会得到不同的 hash:
const (
salt = "saltsalt"
time = 3
memory = 4096
threads = 1
keyLen = 32
version = 19
)
func main() {
if version != argon2.Version {
log.Fatalf("%d != %d", version, argon2.Version)
}
key := argon2.Key([]byte("foobar"), []byte(salt), time, memory, threads, keyLen)
fmt.Printf("HEX: %x\nBASE64: %s\n", key, base64.RawStdEncoding.EncodeToString(key))
}
Output: Output:
HEX: 300d6525330bde3cbc2c9cabf6520fffaf3fa26b875924712a37960b47746b99
BASE64: MA1lJTML3jy8LJyr9lIP/68/omuHWSRxKjeWC0d0a5k
I expected the Base64 output to be the same as the last part of the Encoded field command line output, as it is described in the PHC string format specification:我预计 Base64 output 与Encoded字段命令行 output 的最后一部分相同,如PHC 字符串格式规范中所述:
The B64 encoding is the standard Base64 encoding (RFC 4648, section 4) except that the padding = signs are omitted, and extra characters (whitespace) are not allowed:
I assumed that the Hash field was Hex encoded, but I'm not sure.我假设Hash字段是十六进制编码的,但我不确定。
Both claim argon2, version 19. Isn't the output supposed to be the same, using the same parameters, password and salt?两者都声称 argon2,版本 19。output 不应该是相同的,使用相同的参数、密码和盐吗? Is there something I'm overlooking here?有什么我在这里忽略的吗? Am I using the wrong encoding?我使用了错误的编码吗?
1 个解决方案
解决方案1
0 2022-09-08 16:11:32
Foolish enough, I forgot the detail about echo omitting a newline after output.太愚蠢了,我忘记了在 output 之后echo显省略换行符的细节。 Using echo -n of printf to pipe into the argon2 command gives the output corresponding to the Go library.在argon2命令中使用printf到 pipe 的echo -n可以得到与 Z5F0FF8B27B87666A6BDE87251C5FDE7Z 对应的 output3299D13 库。
$ echo -n "foobar" | argon2 saltsalt
Type: Argon2i
Iterations: 3
Memory: 4096 KiB
Parallelism: 1
Hash: 300d6525330bde3cbc2c9cabf6520fffaf3fa26b875924712a37960b47746b99
Encoded: $argon2i$v=19$m=4096,t=3,p=1$c2FsdHNhbHQ$MA1lJTML3jy8LJyr9lIP/68/omuHWSRxKjeWC0d0a5k
0.006 seconds
Verification ok
Output from the Go program above: Output 来自上述 Go 程序:
HEX: 300d6525330bde3cbc2c9cabf6520fffaf3fa26b875924712a37960b47746b99 BASE64: MA1lJTML3jy8LJyr9lIP/68/omuHWSRxKjeWC0d0a5k
解决方案2
0 2022-09-15 11:27:34
It works as designed, each time you hash a password, it should generate a different hash.它按设计工作,每次您 hash 输入密码时,它应该生成不同的 hash。 This is because of the salt, which is generated randomly and should be different for each call.这是因为盐是随机生成的,每次调用都应该不同。 The salt will become part of the resulting hash-string, so one can read it from there to verify an entered password. salt 将成为生成的哈希字符串的一部分,因此可以从那里读取它以验证输入的密码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.