Hash encoding RFC

[b1ek]

Hey y'all. I've been studying this algorithm for a while and I have not found a formal specification of the hash encoding that is commonly used to store argon2 hashes.

It is shown in the README.md:

$ echo -n "password" | ./argon2 somesalt -t 2 -m 16 -p 4 -l 24
Type:           Argon2i
Iterations:     2
Memory:         65536 KiB
Parallelism:    4
Hash:           45d7ac72e76f242b20b77b9bf9bf9d5915894e669a24e6c6
Encoded:        $argon2i$v=19$m=65536,t=2,p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG
0.188 seconds
Verification ok

This one: $argon2i$v=19$m=65536,t=2,p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG

Can someone point me to an RFC or something about this? I've looked on google as well, but didn't find anything

[jc00ke]

I remember seeing that string format in bcrypt and was able to track down the earlier implementation: Modular Crypt Format, which pointed me to the PHC string format, which I believe is what you're looking for.

[th3r0b0t]

As @jc00ke pointed out, this format of encoding is widely used thus for example, you may store different types of hashes in a single TEXT (i.e. nVARCHAR) column in your database and determine the hashing algorithm at the runtime! It provides a good flexibility in case of migration and such cases.