argon2id password hash (#113)

gmcodentech · jiacai2050 · web-flow · commit b8278210cd68 · 2025-08-29T07:52:15.000+08:00
Hello, I want to add this example in the section of Cryptography. As the
'Argon2' is a powerful and popular algorithms, I think adding this would
be really helpful for all zig learners.

---------

Co-authored-by: Jiacai Liu &lt;dev@liujiacai.net&gt;
diff --git a/assets/src/02-03.zig b/assets/src/02-03.zig
@@ -0,0 +1,36 @@
+const std = @import("std");
+
+pub fn main() !void {
+    var dbg = std.heap.DebugAllocator(.{}){};
+    defer _ = dbg.deinit();
+    const allocator = dbg.allocator();
+
+    const password = "happy";
+
+    //Random salt (Must be at least 8 bytes, recommended 16+)
+    var raw: [8]u8 = undefined;
+    std.crypto.random.bytes(&raw);
+    const salt = try std.fmt.allocPrint(allocator, "{s}", .{std.fmt.bytesToHex(raw, .lower)});
+    defer allocator.free(salt);
+
+    //Parameters for Argon2id
+    const params = std.crypto.pwhash.argon2.Params{
+        .t = 3, // Iterations (time cost)
+        .m = 16, // Memory cost in KiB (here 16 MiB)
+        .p = 1, // Threads
+    };
+
+    const dk_len: usize = 16; // derive 16 or 32-byte key
+    var derived: [dk_len]u8 = undefined;
+
+    try std.crypto.pwhash.argon2.kdf(
+        allocator,
+        &derived,
+        password,
+        salt,
+        params,
+        .argon2id, //argon2i, argon2d and argon2id
+    );
+
+    std.debug.print("Argon2id derived key: {s}\n", .{std.fmt.bytesToHex(derived, .lower)});
+}
diff --git a/src/en-US/02-03-argon2.smd b/src/en-US/02-03-argon2.smd
@@ -0,0 +1,14 @@
+---
+.title = "Salt and hash a password with Argon2",
+.date = "2025-08-28",
+.author = "ZigCC",
+.layout = "section.shtml",
+---
+Salt and hash a password with Argon2
+
+This Zig program derives a cryptographic key from a password and salt using the Argon2id password hashing algorithm. It uses [std.crypto.pwhash.argon2] to hash a salted password, where the salt is generated using [`std.crypto.random`].
+
+[]($code.siteAsset('src/02-03.zig').language('zig'))
+
+[`std.crypto.pwhash.argon2`]: https://ziglang.org/documentation/0.14.0/std/#std.crypto.pwhash.argon2
+[`std.crypto.random`]: https://ziglang.org/documentation/0.14.0/std/#std.crypto.tlcsprng.interface
diff --git a/src/en-US/toc.smd b/src/en-US/toc.smd
@@ -19,6 +19,7 @@
 
   - [Calculate SHA-256 digest of a file](02-01-sha-digest)
   - [Salt and hash a password with PBKDF2](02-02-pbkdf2)
+  - [Salt and hash a password with Argon2](02-03-argon2)
 
 - Date and Time
 
