Skip to content

patrickToca/argon2

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

examples

examples

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

argon2.c

argon2.c

 
 

argon2.go

argon2.go

 
 

argon2.h

argon2.h

 
 

argon2_test.go

argon2_test.go

 
 

blake2-impl.h

blake2-impl.h

 
 

blake2.h

blake2.h

 
 

blake2b.c

blake2b.c

 
 

blamka-round-opt.h

blamka-round-opt.h

 
 

blamka-round-ref.h

blamka-round-ref.h

 
 

core.c

core.c

 
 

core.diff

core.diff

 
 

core.h

core.h

 
 

encoding.c

encoding.c

 
 

encoding.go

encoding.go

 
 

encoding.h

encoding.h

 
 

error.go

error.go

 
 

ref_opt.c

ref_opt.c

 
 

ref_opt.h

ref_opt.h

 
 

thread.c

thread.c

 
 

thread.h

thread.h

 
 

Repository files navigation

argon2

The fastest and easiest to use Argon2 bindings for Go!

Features

  • Zero dependencies
  • Easy to use API, including generation of raw and encoded hashes.
  • Up to date & used in production environments.
  • Contains Go-specific optimizations for a consistent 15% performance boost.
  • Allows you to enable all possible optimizations in Argon2, improving performance by up to 40% in total!

Usage

See examples/example.go for a simple introduction and try it out with:

go run examples/example.go

Performance

This library makes use of SSE, SSE2, SSSE3 and XOP, depending on whether they are enabled during compilation. This can be done by adding appropriate gcc optimization flags to the CGO_CFLAGS environment variable.

Here's an example which you could set before running go build etc.:

export CGO_CFLAGS="-Ofast -funroll-loops -march=native"

In this example -march=native will optimize the program for the current platform you're compiling on. If you are planning to deploy this library in a different environment you should replace it with a matching value listed here.

This way you can achieve an performance improvement of up to 25%. You can use this performance improvement as a free ticket for stronger hash settings and thus improved security at the same cost.

Current downsides

This package uses cgo like all Go bindings and thus comes with all it's downsides:

  • cgo makes cross-compilation hard.
  • Can cause excessive spawning of native threads. ¹

Due to the infinitely superior performance compared to a pure Go implementation I still personally believe that the benefits outweigh the drawbacks though.

¹ Let's say there is a situation where one or more Goroutines are stuck in a cgo call and a new regular Goroutine is spawned. If the scheduler can't find a suitable processor to run that Goroutine on, it will spawn a new processor. Furthermore one of the Goroutines stuck in cgo is then marked as a "native" thread, which is destroyed as soon as the call is finished. This downside has been mostly offset though by optimizing Argon2 to not spawn native threads as long as Config.Parallelism is 1 (which is the default).

Modifications to Argon2

Based on bc345e3.

  • Moved blake2 code into the root source directory & adjusted include paths to match this.
  • Merged ref.{h,c} and opt.{h,c} into one file (ref_opt.{h,c}) & adjusted include paths to match this. This allows us to use the __SSE__ precompiler flag for SSE detection instead of relying on a Makefile.
  • Optimized core.c's fill_memory_blocks (see core.diff). This will now prevent spawning additional threads whenever Config.Parallelism is 1.

About

Argon2 bindings for secure password hashing in Go!

godoc.org/github.com/lhecker/argon2

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 77.1%
  • Go 14.6%
  • C++ 8.3%