diff options
| author | cuishuang <imcusg@gmail.com> | 2025-10-20 17:55:48 +0800 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-10-27 09:33:07 -0700 |
| commit | 0997000b45e3a40598272081bcad03ffd21b8adb (patch) | |
| tree | f092ba94c5c3e61f5bb0a8b6d5eefee2f5446dd4 /argon2/argon2.go | |
| parent | 017a1aaa2d993492ef6f74ebe7c87f33d82d3717 (diff) | |
| download | go-x-crypto-0997000b45e3a40598272081bcad03ffd21b8adb.tar.xz | |
all: fix some comments
Change-Id: I0395c5db6edd7d90f9ec1dadbe881a77c906c732
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/713120
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Sean Liao <sean@liao.dev>
Reviewed-by: Sean Liao <sean@liao.dev>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Diffstat (limited to 'argon2/argon2.go')
| -rw-r--r-- | argon2/argon2.go | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/argon2/argon2.go b/argon2/argon2.go index 29f0a2d..2b65ec9 100644 --- a/argon2/argon2.go +++ b/argon2/argon2.go @@ -6,7 +6,7 @@ // Argon2 was selected as the winner of the Password Hashing Competition and can // be used to derive cryptographic keys from passwords. // -// For a detailed specification of Argon2 see [1]. +// For a detailed specification of Argon2 see [argon2-specs.pdf]. // // If you aren't sure which function you need, use Argon2id (IDKey) and // the parameter recommendations for your scenario. @@ -17,7 +17,7 @@ // It uses data-independent memory access, which is preferred for password // hashing and password-based key derivation. Argon2i requires more passes over // memory than Argon2id to protect from trade-off attacks. The recommended -// parameters (taken from [2]) for non-interactive operations are time=3 and to +// parameters (taken from [RFC 9106 Section 7.3]) for non-interactive operations are time=3 and to // use the maximum available memory. // // # Argon2id @@ -27,11 +27,11 @@ // half of the first iteration over the memory and data-dependent memory access // for the rest. Argon2id is side-channel resistant and provides better brute- // force cost savings due to time-memory tradeoffs than Argon2i. The recommended -// parameters for non-interactive operations (taken from [2]) are time=1 and to +// parameters for non-interactive operations (taken from [RFC 9106 Section 7.3]) are time=1 and to // use the maximum available memory. // -// [1] https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf -// [2] https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03#section-9.3 +// [argon2-specs.pdf]: https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf +// [RFC 9106 Section 7.3]: https://www.rfc-editor.org/rfc/rfc9106.html#section-7.3 package argon2 import ( @@ -59,7 +59,7 @@ const ( // // key := argon2.Key([]byte("some password"), salt, 3, 32*1024, 4, 32) // -// The draft RFC recommends[2] time=3, and memory=32*1024 is a sensible number. +// [RFC 9106 Section 7.3] recommends time=3, and memory=32*1024 as a sensible number. // If using that amount of memory (32 MB) is not possible in some contexts then // the time parameter can be increased to compensate. // @@ -69,6 +69,8 @@ const ( // adjusted to the number of available CPUs. The cost parameters should be // increased as memory latency and CPU parallelism increases. Remember to get a // good random salt. +// +// [RFC 9106 Section 7.3]: https://www.rfc-editor.org/rfc/rfc9106.html#section-7.3 func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte { return deriveKey(argon2i, password, salt, nil, nil, time, memory, threads, keyLen) } @@ -83,7 +85,7 @@ func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint3 // // key := argon2.IDKey([]byte("some password"), salt, 1, 64*1024, 4, 32) // -// The draft RFC recommends[2] time=1, and memory=64*1024 is a sensible number. +// [RFC 9106 Section 7.3] recommends time=1, and memory=64*1024 as a sensible number. // If using that amount of memory (64 MB) is not possible in some contexts then // the time parameter can be increased to compensate. // @@ -93,6 +95,8 @@ func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint3 // adjusted to the numbers of available CPUs. The cost parameters should be // increased as memory latency and CPU parallelism increases. Remember to get a // good random salt. +// +// [RFC 9106 Section 7.3]: https://www.rfc-editor.org/rfc/rfc9106.html#section-7.3 func IDKey(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte { return deriveKey(argon2id, password, salt, nil, nil, time, memory, threads, keyLen) } |