2.8 KiB
2.8 KiB
Argon2id for Elixir
Fast and secure Argon2 password hashing library for Elixir.
Features
- Uses the pure Rust implementation of Argon2
- Only Argon2i implementation (version 0x13) at the moment
- Built-in security presets (OWASP, Strong)
Installation
Add argon2id_elixir to your list of dependencies in mix.exs:
def deps do
[
{:argon2id_elixir, "~> 1.1.1"}
]
end
Ensure you have Rust installed, as it's required for compilation:
# On Windows
winget install Rust.Rust
# On Unix-like systems (https://rustup.rs/)
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
Usage
Basic Password Hashing
# Hash a password with default OWASP settings
hash = Argon2.hash_password("secure_password123")
# Verify a password
if Argon2.verify_password("secure_password123", hash) do
# Password matches
else
# Password is incorrect
end
Configuration Presets
Three security presets are available:
# OWASP (default) - Recommended for most use cases
hash = Argon2.hash_password("secure_password123")
# Strong - Higher security for sensitive applications
hash = Argon2.hash_password("secure_password123", "strong")
Preset specifications:
- OWASP: m=19456 KiB, t=2, p=1
- Strong: m=65540 KiB, t=3, p=4
- Test: m=1024 KiB, t=1, p=1 (Useful for testing)
Benchmarking
You can benchmark the different configurations on your hardware:
mix run -e "Argon2.Benchmark.run(10)"
Configuration Benchmarks (averaged over 10 runs):
OWASP:
Hash time: 25ms
Verify time: 24ms
Memory: 19MB
STRONG:
Hash time: 145ms
Verify time: 139ms
Memory: 65MB
Development
# Install dependencies
mix deps.get
# Run tests
mix test
# Run benchmarks
mix run -e "Argon2.Benchmark.run()"
# Run code quality checks
mix quality
# Generate documentation
mix docs
# Format code
mix format
License
Licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Credits
- RustCrypto Argon2 - The Rust implementation
- Rustler - Elixir NIF interface