package argon2id implements the Argon2id password hashing algorithm. See: [[ https://datatracker.ietf.org/doc/rfc9106/ ]]

Collection Info

View Source
Collection
core
Path
crypto/argon2id
Entries
13
Constants 7
Jump to Constants
MAX_INPUT_SIZE MAX_PARALLELISM MAX_TAG_SIZE MIN_PARALLELISM MIN_TAG_SIZE RECOMMENDED_SALT_SIZE RECOMMENTED_TAG_SIZE
Types 1
Jump to Types
Parameters
Procedures 1
Jump to Procedures
derive
Procedure Groups 0
Variables 4
Jump to Variables
PARAMS_OWASP PARAMS_OWASP_SMALL PARAMS_RFC9106 PARAMS_RFC9106_SMALL

Source Files

Constants

7

MAX_INPUT_SIZE #

Source 
MAX_INPUT_SIZE :: (1 << 32) - 1

MAX_INPUT_SIZE is the mamximum size of the various inputs (password, salt, secret, ad) in bytes.

MAX_PARALLELISM #

Source 
MAX_PARALLELISM :: (1 << 24) - 1

MAX_PARALLELISM is the maximum allowed parallelism.

MAX_TAG_SIZE #

Source 
MAX_TAG_SIZE :: (1 << 32) - 1

MAX_TAG_SIZE is the maximum digest size in bytes.

MIN_PARALLELISM #

Source 
MIN_PARALLELISM :: 1

MIN_PARALLELISM is the minimum allowed parallelism.

MIN_TAG_SIZE #

Source 
MIN_TAG_SIZE :: 4

MIN_TAG_SIZE is the minimum digest size in bytes.

RECOMMENDED_SALT_SIZE #

Source 
RECOMMENDED_SALT_SIZE :: 16

RECOMMENDNED_SALT_SIZE is the recommended salt size in bytes.

RECOMMENTED_TAG_SIZE #

Source 
RECOMMENTED_TAG_SIZE :: 32

RECOMMENDED_TAG_SIZE is the recommended tag size in bytes.

Types

1

Procedures

1

derive #

Source 
@(require_results)
derive :: proc(
	parameters: ^Parameters, 
	password:   []u8, 
	salt:       []u8, 
	dst:        []u8, 
	secret:     []u8 = nil, 
	ad:         []u8 = nil, 
	sanitize:   bool = true, 
	allocator := context.allocator, 
) -> Allocator_Error {…}

derive invokes Argon2id with the specified parameter set and inputs, and outputs the derived key to dst.

Variables

4

PARAMS_OWASP #

Source 
@(rodata)
PARAMS_OWASP: Parameters = Parameters{memory_size = 19 * 1024, passes = 2, parallelism = 1}

PARAMS_OWASP is one of the recommended parameter set from the OWASP Password Storage Cheat Sheet (as of 2026/02). The cheat sheet contains additional variations to this parameter set with various trade-offs between `memory_size` and `passes` that are intended to provide equivalent security. See: [[ https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html ]]

PARAMS_OWASP_SMALL #

Source 
@(rodata)
PARAMS_OWASP_SMALL: Parameters = Parameters{memory_size = 7 * 1024, passes = 5, parallelism = 1}

PARAMS_OWASP_SMALL is equivalent in strength to PARAMS_OWASP, but trades off less memory use for more CPU usage.

PARAMS_RFC9106 #

Source 
@(rodata)
PARAMS_RFC9106: Parameters = Parameters{memory_size = 2 * 1024 * 1024, passes = 1, parallelism = 4}

PARAMS_RFC9106 is the first recommended "uniformly safe" parameter set per RFC 9106.

PARAMS_RFC9106_SMALL #

Source 
@(rodata)
PARAMS_RFC9106_SMALL: Parameters = Parameters{memory_size = 64 * 1024, passes = 3, parallelism = 4}

PARAMS_RFC9106_SMALL is the second recommended "uniformly safe" parameter set per RFC 9106 tailored for memory constrained environments.