Rust library for hashing passwords using Argon2, the password-hashing function that won the Password Hashing Competition (PHC).
To use rust-argon2, add the following to your Cargo.toml:
toml
[dependencies]
rust-argon2 = "0.1.0"
And the following to your crate root:
rust
extern crate argon2;
Create a password hash using the defaults and verify it:
```rust use argon2;
let password = b"password"; let salt = b"randomsalt"; let hash = argon2::hashencodeddefaults(password, salt).unwrap(); let matches = argon2::verify_encoded(&hash, password).unwrap(); assert!(matches); ```
Create a password hash with custom settings and verify it:
```rust use argon2::{self, Variant, Version};
let variant = Variant::Argon2i; let version = Version::Version13; let memorycost = 65536; let timecost = 10; let parallelism = 1; let password = b"password"; let salt = b"othersalt"; let hashlength = 32; let hash = argon2::hashencodedstd(variant, version, memorycost, timecost, parallelism, password, salt, hashlength).unwrap(); let matches = argon2::verify_encoded(&hash, password).unwrap(); assert!(matches); ```
This crate has the same limitation as the blake2-rfc crate that it uses.
It does not attempt to clear potentially sensitive data from its work
memory. To do so correctly without a heavy performance penalty would
require help from the compiler. It's better to not attempt to do so than to
present a false assurance.
This version uses the standard implementation and does not yet implement optimizations. Therefore, it is not the fastest implementation available.
Rust-argon2 is dual licensed under the MIT and Apache 2.0 licenses, the same licenses as the Rust compiler.
Contributions are welcome. By submitting a pull request you are agreeing to make you work available under the license terms of the Rust-argon2 project.