Package Exports
- argon2
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (argon2) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
node-argon2 
Bindings to the reference Argon2 implementation.
Before installing
You MUST have a node-gyp global install before proceeding with install. node-argon2 works only and is tested against >=4.0.0 .
Usage
It's possible to hash a password using both Argon2i (default) and Argon2d, sync and async, and to verify if a password matches a hash, and also generate random cryptographically-safe salts. Salts must be at least 8-byte long buffers.
To hash a password:
const argon2 = require('argon2');
const salt = new Buffer('somesalt');
argon2.hash('password', salt).then(hash => {
// ...
}).catch(err => {
// ...
});
// OR
try {
const hash = argon2.hashSync('password', salt);
} catch (err) {
//...
}
// ES6
try {
const hash = await argon2.hash('password', salt);
} catch (err) {
//...
}You can choose between Argon2i and Argon2d by passing an object as the third
argument with the argon2d key set to whether or not you want Argon2d:
argon2.hash('password', salt, {
argon2d: true
}.then(hash => {
// ...
});
// OR
try {
const hash = argon2.hashSync('password', salt, {
argon2d: true
});
} catch (err) {
// ...
}
// ES6
try {
const hash = await argon2.hash('password', salt, {
argon2d: true
});
} catch (err) {
// ...
}The argon2d option is flexible and accepts any truthy or falsy values.
You can provide your own salt as the second parameter. It is highly recommended to use the salt generating methods instead of a hardcoded, constant salt:
argon2.generateSalt().then(salt => {
// ...
});
// OR
var salt = argon2.generateSaltSync();
// ES6
const salt = await argon2.generateSalt();You can also pass a desired salt length as parameter. Although the default of 16 is enough and very safe, Argon2 will use all salt bytes.
argon2.generateSalt(32).then(salt => {
// ...
});
// OR
var salt = argon2.generateSaltSync(32);
// ES6
const salt = await argon2.generateSalt(32);Please keep in mind synchronous salt generation is blocking, since it waits for entropy when enough is not available, so please refrain from using sync version.
You can also modify time, memory and parallelism constraints passing the object
as the third parameter, with keys timeCost, memoryCost and parallelism,
respectively defaulted to 3, 12 (meaning 2^12 KB) and 1 (threads):
const options = {
timeCost: 4, memoryCost: 13, parallelism: 2, argon2d: true
};
argon2.generateSalt().then(salt => {
argon2.hash('password', salt, options).then(hash => {
// ...
});
});
// OR
var hash = argon2.hashSync('password', argon2.generateSaltSync(), options);
// ES6
var hash = await argon2.hash('password', await argon2.generateSalt(), options);The default parameters for Argon2 can be accessed with defaults:
console.log(argon2.defaults);
// => { timeCost: 3, memoryCost: 12, parallelism: 1, argon2d: false }To verify a password:
argon2.verify('<big long hash>', 'password').then(() => {
// password match
}).catch(() => {
// password did not match
});
// OR
if (argon2.verifySync('<big long hash>', 'password')) {
// password match
} else {
// password did not match
}
// ES6
try {
await argon2.verify('<big long hash>', 'password');
// password match
} catch (err) {
// password did not match
}First parameter must have been generated by an Argon2 encoded hashing method, not raw.
License
Work licensed under the MIT License. Please check [P-H-C/phc-winner-argon2] (https://github.com/P-H-C/phc-winner-argon2) for license over Argon2 and the reference implementation.