I am trying to generate a 256-bit output using Argon2 password hasher. The function take s a hash_len parameter which I set to 32. Thinking that 32 bytes equals 256 bits.
hash_len
Why does Argon2 output the length of 43, and not 32?
from argon2 import PasswordHasher password = "abc123" salt = b'b8b17dbde0a2c67707342c459f6225ed' hasher = PasswordHasher( salt_len=len(salt), hash_len=32, ) hasherOutput = hasher.hash(password, salt = salt) hash = hasherOutput.split('$')[-1] print(len(hash)) # Output: 43 # Expected: 32
The Argon2 hash you are generating has a format that includes additional information beyond just the raw hash. The length of 43 includes the hash, salt, and additional metadata. Argon2 hashes typically have a format like:
$argon2<version>$<parameters>$<salt>$<hash>
In your case, the length of 43 is likely due to the inclusion of version information, parameters, salt, and the actual hash value.
If you only want to extract the raw hash portion, you can use the raw=True parameter when calling the hash method:
raw=True
hash
hasherOutput = hasher.hash(password, salt=salt, raw=True) print(len(hasherOutput))
This will give you the raw hash without any additional metadata, and the length should be equal to the specified hash_len (32 bytes).