This is a prelude to Argon2d and Argon2id support. The rationale here
is that supporting both with the current API would require way too many
functions. Using a structure also helps manage the ungodly amount of
arguments this function has.
A number of unresolved questions so far:
- Should we pass by value or by reference?
- Should we start the struct with a size field, Microsoft style?
- Should we add a version field?
- Should we keep the nb_lanes field?
- If so should we support more than one lane, even while staying single
threaded?
- Should we provide structures with default values to begin with?
This is mostly an API/ABI compatibility question. Personally I think we
should omit the size field and pass by value, it feels more convenient
in practice.
A version field would let us support future versions of Argon2 without
breaking users, but the specs are so stable nowadays that I'm not sure
this is worth the trouble. We may add it if users don't need to know
it's there.
The nb_lanes field however might be required for compatibility with the
_current_ specs, so I'm inclined to keep it even if we delay multi-lane
support indefinitely.
Default values are a difficult problem. The correct strength for
password hashing is highly context dependent: we almost always want to
chose the highest tolerable strength, and there is no one size fits all.
The current manual outlines a _process_ for finding the values that work
for any given situation.
If we don't provide defaults, users have to fill out the fields
themselves, including fields that won't change often (nb_iterations), or
aren't supported yet (nb_lanes if we keep it). If we do provide
defaults, we need to chose them very carefully, and risk quick
obsolescence.
Finally, it's not clear which field should be in the struct, and which
field should be a regular argument. Right now I put fields that are
likely to stay identical from invocation to invocation in the struct.
Another possibility is to instead restrict ourselves to fields that have
a good default, which would likely demote the nb_blocks to being a
regular argument. That way users will know what parameters should be
treated as strong recommendations, and which they're supposed to chose
themselves.
projects / Monocypher.git / commit