When I'm running the argon2 reference implementation (with defaults) from the command line, it gives me the following output:
echo "foobar" | argon2 saltsalt
Type: Argon2i
Iterations: 3
Memory: 4096 KiB
Parallelism: 1
Hash: 5cc2bb9cf1671aaecaf871e4f855380e2d068ad3292f726b485b7d33ecc3e98b
Encoded: $argon2i$v=19$m=4096,t=3,p=1$c2FsdHNhbHQ$XMK7nPFnGq7K+HHk+FU4Di0GitMpL3JrSFt9M+zD6Ys
0.003 seconds
Verification ok
If I feed the same parameters in a Go program, using x/crypt/argon2, I'm getting a different hash:
const (
salt = "saltsalt"
time = 3
memory = 4096
threads = 1
keyLen = 32
version = 19
)
func main() {
if version != argon2.Version {
log.Fatalf("%d != %d", version, argon2.Version)
}
key := argon2.Key([]byte("foobar"), []byte(salt), time, memory, threads, keyLen)
fmt.Printf("HEX: %x\nBASE64: %s\n", key, base64.RawStdEncoding.EncodeToString(key))
}
Output:
HEX: 300d6525330bde3cbc2c9cabf6520fffaf3fa26b875924712a37960b47746b99
BASE64: MA1lJTML3jy8LJyr9lIP/68/omuHWSRxKjeWC0d0a5k
I expected the Base64 output to be the same as the last part of the Encoded field command line output, as it is described in the PHC string format specification:
The B64 encoding is the standard Base64 encoding (RFC 4648, section 4) except that the padding = signs are omitted, and extra characters (whitespace) are not allowed:
I assumed that the Hash field was Hex encoded, but I'm not sure.
Both claim argon2, version 19. Isn't the output supposed to be the same, using the same parameters, password and salt? Is there something I'm overlooking here? Am I using the wrong encoding?
