Skip to content

Commit 713fcf3

Browse files
m90m90
committed
docs(argon2): improve docs for threads parameter
previously the docs read as if the thread parameter could be a dynamic value, adjusted to the number of cpus available on the host machine. in distributed systems, this would create non-portable hashes.
1 parent c8d3bf9 commit 713fcf3

File tree

1 file changed

+16
-10
lines changed

1 file changed

+16
-10
lines changed

argon2/argon2.go

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -59,18 +59,21 @@ const (
5959
// For example, you can get a derived key for e.g. AES-256 (which needs a
6060
// 32-byte key) by doing:
6161
//
62-
// key := argon2.Key([]byte("some password"), salt, 3, 32*1024, 4, 32)
62+
// key := argon2.Key([]byte("some password"), salt, 3, 32*1024, 1, 32)
6363
//
6464
// The draft RFC recommends[2] time=3, and memory=32*1024 is a sensible number.
6565
// If using that amount of memory (32 MB) is not possible in some contexts then
6666
// the time parameter can be increased to compensate.
6767
//
6868
// The time parameter specifies the number of passes over the memory and the
6969
// memory parameter specifies the size of the memory in KiB. For example
70-
// memory=32*1024 sets the memory cost to ~32 MB. The number of threads can be
71-
// adjusted to the number of available CPUs. The cost parameters should be
72-
// increased as memory latency and CPU parallelism increases. Remember to get a
73-
// good random salt.
70+
// memory=32*1024 sets the memory cost to ~32 MB. The threads parameter defines
71+
// the parallelism degree used while deriving the key. It is commonly left at 1.
72+
//
73+
// The cost parameters should be increased as memory latency and CPU parallelism
74+
// increases. Remember to get a good random salt. All cost parameters affect the
75+
// result, so it is important to use static values for portability in
76+
// distributed systems.
7477
func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte {
7578
return deriveKey(argon2i, password, salt, nil, nil, time, memory, threads, keyLen)
7679
}
@@ -83,18 +86,21 @@ func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint3
8386
// For example, you can get a derived key for e.g. AES-256 (which needs a
8487
// 32-byte key) by doing:
8588
//
86-
// key := argon2.IDKey([]byte("some password"), salt, 1, 64*1024, 4, 32)
89+
// key := argon2.IDKey([]byte("some password"), salt, 1, 64*1024, 1, 32)
8790
//
8891
// The draft RFC recommends[2] time=1, and memory=64*1024 is a sensible number.
8992
// If using that amount of memory (64 MB) is not possible in some contexts then
9093
// the time parameter can be increased to compensate.
9194
//
9295
// The time parameter specifies the number of passes over the memory and the
9396
// memory parameter specifies the size of the memory in KiB. For example
94-
// memory=64*1024 sets the memory cost to ~64 MB. The number of threads can be
95-
// adjusted to the numbers of available CPUs. The cost parameters should be
96-
// increased as memory latency and CPU parallelism increases. Remember to get a
97-
// good random salt.
97+
// memory=32*1024 sets the memory cost to ~32 MB. The threads parameter defines
98+
// the parallelism degree used while deriving the key. It is commonly left at 1.
99+
//
100+
// The cost parameters should be increased as memory latency and CPU parallelism
101+
// increases. Remember to get a good random salt. All cost parameters affect the
102+
// result, so it is important to use static values for portability in
103+
// distributed systems.
98104
func IDKey(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte {
99105
return deriveKey(argon2id, password, salt, nil, nil, time, memory, threads, keyLen)
100106
}

0 commit comments

Comments
 (0)