crypto.argon2(algorithm, parameters, callback)

新增于: v24.7.0

稳定性: 1.2 - 发布候选

¥Stability: 1.2 - Release candidate

  • algorithm <string> Argon2 的变体,"argon2d""argon2i""argon2id" 之一。

    ¥algorithm <string> Variant of Argon2, one of "argon2d", "argon2i" or "argon2id".

  • parameters <Object>

    • message <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> 必需,这是 Argon2 密码哈希应用的密码。

      ¥message <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> REQUIRED, this is the password for password hashing applications of Argon2.

    • nonce <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> 必需,必须至少 8 个字节长。这是 Argon2 密码哈希应用中的盐值。

      ¥nonce <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> REQUIRED, must be at least 8 bytes long. This is the salt for password hashing applications of Argon2.

    • parallelism <number> 必需,并行度决定可以运行多少个计算链(通道)。必须大于 1 且小于 2**24-1

      ¥parallelism <number> REQUIRED, degree of parallelism determines how many computational chains (lanes) can be run. Must be greater than 1 and less than 2**24-1.

    • tagLength <number> 必需,要生成的密钥的长度。必须大于 4 且小于 2**32-1

      ¥tagLength <number> REQUIRED, the length of the key to generate. Must be greater than 4 and less than 2**32-1.

    • memory <number> 必需,内存消耗,以 1KiB 块为单位。必须大于 8 * parallelism 且小于 2**32-1。实际块数向下舍入为最接近的 4 * parallelism 倍数。

      ¥memory <number> REQUIRED, memory cost in 1KiB blocks. Must be greater than 8 * parallelism and less than 2**32-1. The actual number of blocks is rounded down to the nearest multiple of 4 * parallelism.

    • passes <number> 必需,遍历次数(迭代次数)。必须大于 1 且小于 2**32-1

      ¥passes <number> REQUIRED, number of passes (iterations). Must be greater than 1 and less than 2**32-1.

    • secret <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <undefined> 可选,类似于 salt 的随机附加输入,不应与派生密钥一起存储。这在密码哈希应用中被称为“胡椒”。如果使用,其长度不得超过 2**32-1 字节。

      ¥secret <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <undefined> OPTIONAL, Random additional input, similar to the salt, that should NOT be stored with the derived key. This is known as pepper in password hashing applications. If used, must have a length not greater than 2**32-1 bytes.

    • associatedData <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <undefined> 可选,要添加到哈希中的附加数据,功能上等同于 salt 或 secret,但用于非随机数据。如果使用,其长度不得超过 2**32-1 字节。

      ¥associatedData <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <undefined> OPTIONAL, Additional data to be added to the hash, functionally equivalent to salt or secret, but meant for non-random data. If used, must have a length not greater than 2**32-1 bytes.

  • callback <Function>

提供异步 Argon2 实现。Argon2 是一个基于密码的密钥派生函数,其设计旨在在计算和内存方面消耗大量资源,以使暴力破解攻击变得毫无价值。

¥Provides an asynchronous Argon2 implementation. Argon2 is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.

nonce 应该尽可能唯一。建议 nonce 为随机数,且长度至少为 16 个字节。详见 NIST SP 800-132

¥The nonce should be as unique as possible. It is recommended that a nonce is random and at least 16 bytes long. See NIST SP 800-132 for details.

传递 messagenoncesecretassociatedData 的字符串时,请考虑使用 使用字符串作为加密 API 的输入时的注意事项

¥When passing strings for message, nonce, secret or associatedData, please consider caveats when using strings as inputs to cryptographic APIs.

使用两个参数调用 callback 函数:errderivedKey。当密钥派生失败时 err 为异常对象,否则 errnullderivedKey 作为 Buffer 传给回调。

¥The callback function is called with two arguments: err and derivedKey. err is an exception object when key derivation fails, otherwise err is null. derivedKey is passed to the callback as a Buffer.

当任何输入参数指定无效值或类型时,将抛出异常。

¥An exception is thrown when any of the input arguments specify invalid values or types.

const { argon2, randomBytes } = await import('node:crypto');

const parameters = {
  message: 'password',
  nonce: randomBytes(16),
  parallelism: 4,
  tagLength: 64,
  memory: 65536,
  passes: 3,
};

argon2('argon2id', parameters, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // 'af91dad...9520f15'
});const { argon2, randomBytes } = require('node:crypto');

const parameters = {
  message: 'password',
  nonce: randomBytes(16),
  parallelism: 4,
  tagLength: 64,
  memory: 65536,
  passes: 3,
};

argon2('argon2id', parameters, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // 'af91dad...9520f15'
});