use argon2 with sync.Pool for better memory management (#11019)

pkg/madmin/encrypt.go

@@ -23,11 +23,13 @@ import (
 	"io"
 	"io/ioutil"
 
+	"github.com/minio/minio/pkg/argon2"
 	"github.com/secure-io/sio-go"
 	"github.com/secure-io/sio-go/sioutil"
-	"golang.org/x/crypto/argon2"
 )
 
+var idKey = argon2.NewIDKey(1, 64*1024, 4)
+
 // EncryptData encrypts the data with an unique key
 // derived from password using the Argon2id PBKDF.
 //
@@ -38,7 +40,7 @@ func EncryptData(password string, data []byte) ([]byte, error) {
 	salt := sioutil.MustRandom(32)
 
 	// Derive an unique 256 bit key from the password and the random salt.
-	key := argon2.IDKey([]byte(password), salt, 1, 64*1024, 4, 32)
+	key := idKey([]byte(password), salt, nil, nil, 32)
 
 	var (
 		id     byte
@@ -104,7 +106,7 @@ func DecryptData(password string, data io.Reader) ([]byte, error) {
 		return nil, err
 	}
 
-	key := argon2.IDKey([]byte(password), salt[:], 1, 64*1024, 4, 32)
+	key := idKey([]byte(password), salt[:], nil, nil, 32)
 	var (
 		err    error
 		stream *sio.Stream

pkg/madmin/encrypt_test.go

@@ -43,6 +43,7 @@ func TestEncryptData(t *testing.T) {
 			if err != nil {
 				t.Fatalf("Failed to encrypt data: %v", err)
 			}
+
 			plaintext, err := DecryptData(test.Password, bytes.NewReader(ciphertext))
 			if err != nil {
 				t.Fatalf("Failed to decrypt data: %v", err)