For detail documentation, kindly refers to official libsodium.

When choosing password parameters for secure storing and processing(both KDF and hashing), it's best to follow official libsodium documentation as they have given out guidelines on how to choose the parameters.. This is a very serious security warning as failure in choosing the parameters will result in serious security vulnerabilities within your program which people can exploit on.

For full details on the strength and the enum properties for this wrapper library, kindly refer to this link.

(https://github.com/Chewhern/ASodium/blob/main/Source/SodiumPasswordHashArgon2.cs)

Deriving key from password

There're 2 types of key derivation, key derivation that allows developers to supply custom parameters into the hashing algorithms and there're default parameters which developers can then override if they think it's required.

Default Key Derivation

Initial Function

public static Byte[] Argon2PBKDF(long DerivedKeyLength, Byte[] Password, Byte[] Salt,Strength strength=Strength.MODERATE, Algorithm algorithm = Algorithm.DEFAULT,Boolean ClearKey=false)

Example Code

Byte[] RandomPasswords = SodiumRNG.GetRandomBytes(128);
Byte[] Salt = SodiumPasswordHashArgon2.GenerateSalt();
Byte[] DerivedKey = SodiumPasswordHashArgon2.Argon2PBKDF(32, RandomPasswords, Salt,SodiumPasswordHashArgon2.Strength.SENSITIVE);
//or it can also be
//Byte[] DerivedKey = SodiumPasswordHashArgon2.Argon2PBKDF(32, RandomPasswords, Salt);
MessageBox.Show(new System.Numerics.BigInteger(DerivedKey).ToString());

Custom Parameter Key Derivation

Initial Function

public static Byte[] Argon2PBKDFCustom(long DerivedKeyLength,Byte[] Password,Byte[] Salt,ulong OpsLimit,long MemLimit,Algorithm algorithm = Algorithm.DEFAULT,Boolean ClearKey=false)

Example Code

Byte[] RandomPasswords = SodiumRNG.GetRandomBytes(128);
Byte[] Salt = SodiumPasswordHashArgon2.GenerateSalt();
Byte[] DerivedKey = SodiumPasswordHashArgon2.Argon2PBKDFCustom(32, RandomPasswords, Salt, 5, 1610612736);
MessageBox.Show(new System.Numerics.BigInteger(DerivedKey).ToString());
//refer to libsodium documentation to decide your own parameters for opslimit and memlimit

Password Hashing and Storing

Initial Function

public static Boolean VerifyPasswordString(String HashedPasswordWithParamString,Byte[] Password,Boolean ClearKey=false) 

Default Password Hashing and Storing

Initial Function

public static String Argon2HashPassword(Byte[] Password,Strength strength=Strength.MODERATE,Boolean ClearKey=false)

Example Code

Byte[] RandomPasswords = SodiumRNG.GetRandomBytes(128);
Byte[] Salt = SodiumPasswordHashArgon2.GenerateSalt();
String HashedPasswordWithParam = SodiumPasswordHashArgon2.Argon2HashPassword(RandomPasswords);
MessageBox.Show(HashedPasswordWithParam);

Custom supplied parameter hashing and storing

Initial Function

public static String Argon2CustomParamHashPassword(Byte[] Password, ulong OpsLimit, long MemLimit,Boolean ClearKey=false)

Example Code

Byte[] RandomPasswords = SodiumRNG.GetRandomBytes(128);
Byte[] Salt = SodiumPasswordHashArgon2.GenerateSalt();
String HashedPasswordWithParam = SodiumPasswordHashArgon2.Argon2CustomParamHashPassword(RandomPasswords,5, 1610612736);
MessageBox.Show(HashedPasswordWithParam);

Checking if a hashed password needs rehash

Initial Function

public static int CustomParamsPasswordNeedsRehash(String HashedPasswordWithParamString,ulong OpsLimit,long MemLimit)
public static int PasswordNeedsRehash(String HashedPasswordWithParamString,Strength strength = Strength.MODERATE)

Example Code

Byte[] RandomPasswords = SodiumRNG.GetRandomBytes(128);
Byte[] Salt = SodiumPasswordHashArgon2.GenerateSalt();
String HashedPasswordWithParam = SodiumPasswordHashArgon2.Argon2HashPassword(RandomPasswords);
int Status = SodiumPasswordHashArgon2.PasswordNeedsRehash(HashedPasswordWithParam, SodiumPasswordHashArgon2.Strength.MODERATE);
MessageBox.Show(Status.ToString());
//Refer to libsodium for documentation