BuildDocsReferenceGuidesBlog
Discord logo
Discord
GitHub logo
Fargon2
Bun

function

crypto.argon2

function argon2(
algorithm: Argon2Algorithm,
parameters: Argon2Parameters,
callback: (err: null | Error, derivedKey: NonSharedBuffer) => void
): void;

Provides an asynchronous Argon2 implementation. Argon2 is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.

The nonce should be as unique as possible. It is recommended that a nonce is random and at least 16 bytes long. See NIST SP 800-132 for details.

When passing strings for message, nonce, secret or associatedData, please consider caveats when using strings as inputs to cryptographic APIs.

The callback function is called with two arguments: err and derivedKey. err is an exception object when key derivation fails, otherwise err is null. derivedKey is passed to the callback as a Buffer.

An exception is thrown when any of the input arguments specify invalid values or types.

const { argon2, randomBytes } = await import('node:crypto');

const parameters = {
  message: 'password',
  nonce: randomBytes(16),
  parallelism: 4,
  tagLength: 64,
  memory: 65536,
  passes: 3,
};

argon2('argon2id', parameters, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // 'af91dad...9520f15'
});
@param algorithm

Variant of Argon2, one of "argon2d", "argon2i" or "argon2id".

Referenced types

type Argon2Algorithm = 'argon2d' | 'argon2i' | 'argon2id'

interface Argon2Parameters

  • associatedData?: string | ArrayBuffer | ArrayBufferView<ArrayBufferLike>

    OPTIONAL, Additional data to be added to the hash, functionally equivalent to salt or secret, but meant for non-random data. If used, must have a length not greater than 2**32-1 bytes.

  • memory: number

    REQUIRED, memory cost in 1KiB blocks. Must be greater than 8 * parallelism and less than 2**32-1. The actual number of blocks is rounded down to the nearest multiple of 4 * parallelism.

  • message: string | ArrayBuffer | ArrayBufferView<ArrayBufferLike>

    REQUIRED, this is the password for password hashing applications of Argon2.

  • nonce: string | ArrayBuffer | ArrayBufferView<ArrayBufferLike>

    REQUIRED, must be at least 8 bytes long. This is the salt for password hashing applications of Argon2.

  • parallelism: number

    REQUIRED, degree of parallelism determines how many computational chains (lanes) can be run. Must be greater than 1 and less than 2**24-1.

  • passes: number

    REQUIRED, number of passes (iterations). Must be greater than 1 and less than 2**32-1.

  • secret?: string | ArrayBuffer | ArrayBufferView<ArrayBufferLike>

    OPTIONAL, Random additional input, similar to the salt, that should NOT be stored with the derived key. This is known as pepper in password hashing applications. If used, must have a length not greater than 2**32-1 bytes.

  • tagLength: number

    REQUIRED, the length of the key to generate. Must be greater than 4 and less than 2**32-1.