
Security News
npm ‘is’ Package Hijacked in Expanding Supply Chain Attack
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
argon2-wasm-edge
Advanced tools
Lightning fast Argon2 implementation runnable on Vercel Edge and CF Workers
This library is heavily inspired by hash-wasm. It only includes the Argon2 algorithm and can run on Vercel Edge functions and Cloudflare Workers.
hasingParams.ts
The recommended process for choosing the parameters can be found here.
export default {
parallelism: 1,
iterations: 256,
memorySize: 512, // use 512KB memory
hashLength: 32, // output size = 32 bytes
outputType: 'encoded', // return standard encoded string containing parameters needed to verify the key
};
import params from './hasingParams';
import { argon2id, argon2Verify } from 'argon2-wasm-edge';
async function run() {
// salt is a buffer containing random bytes
const salt = new Uint8Array(16);
window.crypto.getRandomValues(salt);
const key = await argon2id({ ...params, password: 'pass', salt });
console.log('Derived key:', key);
const isValid = await argon2Verify({
password: 'pass',
hash: key,
});
console.log(isValid ? 'Valid password' : 'Invalid password');
}
run();
api/hash-password.ts
import params from './hasingParams';
import { argon2id, setWASMModules } from 'argon2-wasm-edge';
// @ts-expect-error
import argon2WASM from 'argon2-wasm-edge/wasm/argon2.wasm?module';
// @ts-expect-error
import blake2bWASM from 'argon2-wasm-edge/wasm/blake2b.wasm?module';
setWASMModules({ argon2WASM, blake2bWASM });
export const config = { runtime: 'edge' };
export default async function handler(req: Request) {
const password = new URL(req.url).searchParams.get('password');
if (!password) throw new Error('Missing password, try /api/hash-password?password=verysecure');
const salt = new Uint8Array(16);
crypto.getRandomValues(salt);
const hashedPassword = await argon2id({ ...params, password, salt });
return new Response(`${password} => ${hashedPassword}`);
}
worker.ts
import params from './hasingParams';
import { argon2id, setWASMModules } from 'argon2-wasm-edge';
// @ts-expect-error
import argon2WASM from 'argon2-wasm-edge/wasm/argon2.wasm'; // <-- imports of wasm modules works differently in CF
// @ts-expect-error
import blake2bWASM from 'argon2-wasm-edge/wasm/blake2b.wasm';
setWASMModules({ argon2WASM, blake2bWASM });
async function fetch(req: Request) {
const password = new URL(req.url).searchParams.get('password');
if (!password) throw new Error('Missing password, try /api/hash-password?password=verysecure');
const salt = new Uint8Array(16);
crypto.getRandomValues(salt);
const hashedPassword = await argon2id({ ...params, password, salt });
return new Response(`${password} => ${hashedPassword}`);
}
export default { fetch }
FAQs
Lightning fast Argon2 implementation runnable on Vercel Edge and CF Workers
The npm package argon2-wasm-edge receives a total of 133 weekly downloads. As such, argon2-wasm-edge popularity was classified as not popular.
We found that argon2-wasm-edge demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Security News
A critical flaw in the popular npm form-data package could allow HTTP parameter pollution, affecting millions of projects until patched versions are adopted.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.