-
Aaron Jones authored
I don't like the idea of a password encryption-capable module needing a third-party library, but I liked this module even less. It doesn't support parallelism, it doesn't support other versions of Argon2, it doesn't support other types of Argon2; one of those types, Argon2id, is more suitable for password hashing than Argon2d is, ... It is also rather difficult to write a benchmarking utility for, because it is not in libathemecore like our new Digest API is. Now that we have a proper binding to a library, update the included PBKDF2 benchmarking utility to support Argon2 as well. Change the default type from Argon2d to Argon2id. Add automatic optimal crypto module parameter benchmarking to the utility, and fix a long-standing memory corruption bug in it. Finally, elaborate a lot on the various configuration options of Argon2 in the example configuration file. While we're at it, tweak the time recommendations in the example configuration file too.
To find the state of this project's repository at the time of any of these versions, check out the tags.