Rust library for hashing passwords using Argon2, the password-hashing function that won the Password Hashing Competition (PHC).

To use rust-argon2, add the following to your Cargo.toml:

[dependencies]
rust-argon2 = "3.0"

And the following to your crate root:

extern crate argon2;

Create a password hash using the defaults and verify it:

use argon2::{self, Config};

let password = b"password";
let salt = b"randomsalt";
let config = Config::default();
let hash = argon2::hash_encoded(password, salt, &config).unwrap();
let matches = argon2::verify_encoded(&hash, password).unwrap();
assert!(matches);

Create a password hash with custom settings and verify it:

use argon2::{self, Config, ThreadMode, Variant, Version};

let password = b"password";
let salt = b"othersalt";
let config = Config {
    variant: Variant::Argon2i,
    version: Version::Version13,
    mem_cost: 65536,
    time_cost: 10,
    lanes: 4,
    thread_mode: ThreadMode::Parallel,
    secret: &[],
    ad: &[],
    hash_length: 32
};
let hash = argon2::hash_encoded(password, salt, &config).unwrap();
let matches = argon2::verify_encoded(&hash, password).unwrap();
assert!(matches);

This crate has the same limitation as the blake2-rfc crate that it uses. It does not attempt to clear potentially sensitive data from its work memory. To do so correctly without a heavy performance penalty would require help from the compiler. It's better to not attempt to do so than to present a false assurance.

This version uses the standard implementation and does not yet implement optimizations. Therefore, it is not the fastest implementation available.

Rust-argon2 is dual licensed under the MIT and Apache 2.0 licenses, the same licenses as the Rust compiler.

Contributions are welcome. By submitting a pull request you are agreeing to make you work available under the license terms of the Rust-argon2 project.