Rust library for hashing passwords using Argon2, the password-hashing function that won the Password Hashing Competition (PHC).
To use rust-argon2, add the following to your Cargo.toml:
[dependencies]
rust-argon2 = "0.1.0"And the following to your crate root:
extern crate argon2;Create a password hash using the defaults and verify it:
use argon2;
let password = b"password";
let salt = b"randomsalt";
let hash = argon2::hash_encoded_defaults(password, salt).unwrap();
let matches = argon2::verify_encoded(&hash, password).unwrap();
assert!(matches);Create a password hash with custom settings and verify it:
use argon2::{self, Variant, Version};
let variant = Variant::Argon2i;
let version = Version::Version13;
let memory_cost = 65536;
let time_cost = 10;
let parallelism = 1;
let password = b"password";
let salt = b"othersalt";
let hash_length = 32;
let hash = argon2::hash_encoded_std(variant,
version,
memory_cost,
time_cost,
parallelism,
password,
salt,
hash_length).unwrap();
let matches = argon2::verify_encoded(&hash, password).unwrap();
assert!(matches);This crate has the same limitation as the blake2-rfc crate that it uses.
It does not attempt to clear potentially sensitive data from its work
memory. To do so correctly without a heavy performance penalty would
require help from the compiler. It's better to not attempt to do so than to
present a false assurance.
This version uses the standard implementation and does not yet implement optimizations. Therefore, it is not the fastest implementation available.
Rust-argon2 is dual licensed under the MIT and Apache 2.0 licenses, the same licenses as the Rust compiler.
Contributions are welcome. By submitting a pull request you are agreeing to make you work available under the license terms of the Rust-argon2 project.