nodejs
diff --git a/‎doc/api/webcrypto.md‎
Lines changed: 116 additions & 3 deletions b/‎doc/api/webcrypto.md‎
Lines changed: 116 additions & 3 deletions
diff --git a/‎lib/internal/crypto/argon2.js‎
Lines changed: 58 additions & 1 deletion b/‎lib/internal/crypto/argon2.js‎
Lines changed: 58 additions & 1 deletion
diff --git a/‎lib/internal/crypto/keys.js‎
Lines changed: 7 additions & 0 deletions b/‎lib/internal/crypto/keys.js‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎lib/internal/crypto/util.js‎
Lines changed: 27 additions & 0 deletions b/‎lib/internal/crypto/util.js‎
Lines changed: 27 additions & 0 deletions
@@ -2,6 +2,9 @@
 
 <!-- YAML
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/59544
+    description: Argon2 algorithms are now supported.
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/59365
     description: ChaCha20-Poly1305 algorithm is now supported.
@@ -101,6 +104,9 @@ WICG proposal:
 
 Algorithms:
 
+* `'Argon2d'`[^openssl32]
+* `'Argon2i'`[^openssl32]
+* `'Argon2id'`[^openssl32]
 * `'ChaCha20-Poly1305'`
 * `'cSHAKE128'`
 * `'cSHAKE256'`
@@ -489,6 +495,9 @@ implementation and the APIs supported for each:
 | `'AES-CTR'`                          | ✔             | ✔           | ✔           | ✔                 | ✔                   |                        |               |          |                |
 | `'AES-GCM'`                          | ✔             | ✔           | ✔           | ✔                 | ✔                   |                        |               |          |                |
 | `'AES-KW'`                           | ✔             | ✔           | ✔           |                   | ✔                   |                        |               |          |                |
+| `'Argon2d'`[^modern-algos]           |               |             | ✔           |                   |                     | ✔                      |               |          |                |
+| `'Argon2i'`[^modern-algos]           |               |             | ✔           |                   |                     | ✔                      |               |          |                |
+| `'Argon2id'`[^modern-algos]          |               |             | ✔           |                   |                     | ✔                      |               |          |                |
 | `'ChaCha20-Poly1305'`[^modern-algos] | ✔             | ✔           | ✔           | ✔                 | ✔                   |                        |               |          |                |
 | `'cSHAKE128'`[^modern-algos]         |               |             |             |                   |                     |                        |               | ✔        |                |
 | `'cSHAKE256'`[^modern-algos]         |               |             |             |                   |                     |                        |               | ✔        |                |
@@ -641,6 +650,9 @@ Valid key usages depend on the key algorithm (identified by
 | `'AES-CTR'`                          | ✔           | ✔           |          |            |               |                | ✔           | ✔             |
 | `'AES-GCM'`                          | ✔           | ✔           |          |            |               |                | ✔           | ✔             |
 | `'AES-KW'`                           |             |             |          |            |               |                | ✔           | ✔             |
+| `'Argon2d'`[^modern-algos]           |             |             |          |            | ✔             | ✔              |             |               |
+| `'Argon2i'`[^modern-algos]           |             |             |          |            | ✔             | ✔              |             |               |
+| `'Argon2id'`[^modern-algos]          |             |             |          |            | ✔             | ✔              |             |               |
 | `'ChaCha20-Poly1305'`[^modern-algos] | ✔           | ✔           |          |            |               |                | ✔           | ✔             |
 | `'ECDH'`                             |             |             |          |            | ✔             | ✔              |             |               |
 | `'ECDSA'`                            |             |             | ✔        | ✔          |               |                |             |               |
@@ -743,6 +755,9 @@ The algorithms currently supported include:
 <!-- YAML
 added: v15.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/59544
+    description: Argon2 algorithms are now supported.
   - version:
     - v22.5.0
     - v20.17.0
@@ -759,7 +774,7 @@ changes:
 
 <!--lint disable maximum-line-length remark-lint-->
 
-* `algorithm` {EcdhKeyDeriveParams|HkdfParams|Pbkdf2Params}
+* `algorithm` {EcdhKeyDeriveParams|HkdfParams|Pbkdf2Params|Argon2Params}
 * `baseKey` {CryptoKey}
 * `length` {number|null} **Default:** `null`
 * Returns: {Promise} Fulfills with an {ArrayBuffer} upon success.
@@ -779,6 +794,9 @@ containing the generated data.
 
 The algorithms currently supported include:
 
+* `'Argon2d'`[^modern-algos]
+* `'Argon2i'`[^modern-algos]
+* `'Argon2id'`[^modern-algos]
 * `'ECDH'`
 * `'HKDF'`
 * `'PBKDF2'`
@@ -790,6 +808,9 @@ The algorithms currently supported include:
 <!-- YAML
 added: v15.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/59544
+    description: Argon2 algorithms are now supported.
   - version:
     - v18.4.0
     - v16.17.0
@@ -799,7 +820,7 @@ changes:
 
 <!--lint disable maximum-line-length remark-lint-->
 
-* `algorithm` {EcdhKeyDeriveParams|HkdfParams|Pbkdf2Params}
+* `algorithm` {EcdhKeyDeriveParams|HkdfParams|Pbkdf2Params|Argon2Params}
 * `baseKey` {CryptoKey}
 * `derivedKeyAlgorithm` {string|Algorithm|HmacImportParams|AesDerivedKeyParams}
 * `extractable` {boolean}
@@ -819,6 +840,9 @@ generate raw keying material, then passing the result into the
 
 The algorithms currently supported include:
 
+* `'Argon2d'`[^modern-algos]
+* `'Argon2i'`[^modern-algos]
+* `'Argon2id'`[^modern-algos]
 * `'ECDH'`
 * `'HKDF'`
 * `'PBKDF2'`
@@ -1054,7 +1078,7 @@ as the given `format` to create a {CryptoKey} instance using the provided
 `algorithm`, `extractable`, and `keyUsages` arguments. If the import is
 successful, the returned promise will be resolved with the created {CryptoKey}.
 
-If importing a `'PBKDF2'` key, `extractable` must be `false`.
+If importing KDF algorithm keys, `extractable` must be `false`.
 
 The algorithms currently supported include:
 
@@ -1064,6 +1088,9 @@ The algorithms currently supported include:
 | `'AES-CTR'`                          |          |           | ✔       | ✔       | ✔              |                |              |
 | `'AES-GCM'`                          |          |           | ✔       | ✔       | ✔              |                |              |
 | `'AES-KW'`                           |          |           | ✔       | ✔       | ✔              |                |              |
+| `'Argon2d'`[^modern-algos]           |          |           |         |         | ✔              |                |              |
+| `'Argon2i'`[^modern-algos]           |          |           |         |         | ✔              |                |              |
+| `'Argon2id'`[^modern-algos]          |          |           |         |         | ✔              |                |              |
 | `'ChaCha20-Poly1305'`[^modern-algos] |          |           | ✔       |         | ✔              |                |              |
 | `'ECDH'`                             | ✔        | ✔         | ✔       | ✔       |                | ✔              |              |
 | `'ECDSA'`                            | ✔        | ✔         | ✔       | ✔       |                | ✔              |              |
@@ -1470,6 +1497,90 @@ added: v15.0.0
 * Type: {string} Must be one of `'AES-CBC'`, `'AES-CTR'`, `'AES-GCM'`, or
   `'AES-KW'`
 
+### Class: `Argon2Params`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+#### `argon2Params.associatedData`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {ArrayBuffer|TypedArray|DataView|Buffer}
+
+Represents the optional associated data.
+
+#### `argon2Params.memory`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {number}
+
+Represents the memory size in kibibytes. It must be at least 8 times the degree of parallelism.
+
+#### `argon2Params.name`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {string} Must be one of `'Argon2d'`, `'Argon2i'`, or `'Argon2id'`.
+
+#### `argon2Params.nonce`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {ArrayBuffer|TypedArray|DataView|Buffer}
+
+Represents the nonce, which is a salt for password hashing applications.
+
+#### `argon2Params.parallelism`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {number}
+
+Represents the degree of parallelism.
+
+#### `argon2Params.passes`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {number}
+
+Represents the number of passes.
+
+#### `argon2Params.secretValue`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {ArrayBuffer|TypedArray|DataView|Buffer}
+
+Represents the optional secret value.
+
+#### `argon2Params.version`
+
+<!-- YAML
+added: REPLACEME
+-->
+
+* Type: {number}
+
+Represents the Argon2 version number. The default and currently only defined version is `19` (`0x13`).
+
 ### Class: `ContextParams`
 
 <!-- YAML
@@ -2178,6 +2289,8 @@ The length (in bytes) of the random salt to use.
 
 [^modern-algos]: See [Modern Algorithms in the Web Cryptography API][]
 
+[^openssl32]: Requires OpenSSL >= 3.2
+
 [^openssl35]: Requires OpenSSL >= 3.5
 
 [JSON Web Key]: https://tools.ietf.org/html/rfc7517
 
@@ -3,6 +3,7 @@
 const {
   FunctionPrototypeCall,
   MathPow,
+  StringPrototypeToLowerCase,
   Uint8Array,
 } = primordials;
 
@@ -17,7 +18,16 @@ const {
   kTypeArgon2id,
 } = internalBinding('crypto');
 
-const { getArrayBufferOrView } = require('internal/crypto/util');
+const {
+  lazyDOMException,
+  promisify,
+} = require('internal/util');
+
+const {
+  getArrayBufferOrView,
+  kKeyObject,
+} = require('internal/crypto/util');
+
 const {
   validateString,
   validateFunction,
@@ -179,7 +189,54 @@ function check(algorithm, parameters) {
   return { message, nonce, secret, associatedData, tagLength, passes, parallelism, memory, type };
 }
 
+const argon2Promise = promisify(argon2);
+function validateArgon2DeriveBitsLength(length) {
+  if (length === null)
+    throw lazyDOMException('length cannot be null', 'OperationError');
+
+  if (length % 8) {
+    throw lazyDOMException(
+      'length must be a multiple of 8',
+      'OperationError');
+  }
+
+  if (length < 32) {
+    throw lazyDOMException(
+      'length must be >= 32',
+      'OperationError');
+  }
+}
+
+async function argon2DeriveBits(algorithm, baseKey, length) {
+  validateArgon2DeriveBitsLength(length);
+
+  let result;
+  try {
+    result = await argon2Promise(
+      StringPrototypeToLowerCase(algorithm.name),
+      {
+        message: baseKey[kKeyObject].export(),
+        nonce: algorithm.nonce,
+        parallelism: algorithm.parallelism,
+        tagLength: length / 8,
+        memory: algorithm.memory,
+        passes: algorithm.passes,
+        secret: algorithm.secretValue,
+        associatedData: algorithm.associatedData,
+      },
+    );
+  } catch (err) {
+    throw lazyDOMException(
+      'The operation failed for an operation-specific reason',
+      { name: 'OperationError', cause: err });
+  }
+
+  return result.buffer;
+}
+
 module.exports = {
   argon2,
   argon2Sync,
+  argon2DeriveBits,
+  validateArgon2DeriveBitsLength,
 };
@@ -206,6 +206,12 @@ const {
         case 'HKDF':
           // Fall through
         case 'PBKDF2':
+          // Fall through
+        case 'Argon2d':
+          // Fall through
+        case 'Argon2i':
+          // Fall through
+        case 'Argon2id':
           result = importGenericSecretKey(
             algorithm,
             'KeyObject',
@@ -975,6 +981,7 @@ function importGenericSecretKey(
       keyObject = keyData;
       break;
     }
+    case 'raw-secret':
     case 'raw': {
       keyObject = createSecretKey(keyData);
       break;
 
@@ -36,6 +36,7 @@ const {
   EVP_PKEY_ML_DSA_44,
   EVP_PKEY_ML_DSA_65,
   EVP_PKEY_ML_DSA_87,
+  Argon2Job,
 } = internalBinding('crypto');
 
 const { getOptionValue } = require('internal/options');
@@ -205,6 +206,21 @@ const kAlgorithmDefinitions = {
     'wrapKey': null,
     'unwrapKey': null,
   },
+  'Argon2d': {
+    'deriveBits': 'Argon2Params',
+    'get key length': null,
+    'importKey': null,
+  },
+  'Argon2i': {
+    'deriveBits': 'Argon2Params',
+    'get key length': null,
+    'importKey': null,
+  },
+  'Argon2id': {
+    'deriveBits': 'Argon2Params',
+    'get key length': null,
+    'importKey': null,
+  },
   'ChaCha20-Poly1305': {
     'generateKey': null,
     'exportKey': null,
@@ -326,6 +342,9 @@ const kAlgorithmDefinitions = {
 // Conditionally supported algorithms
 const conditionalAlgorithms = {
   'AES-KW': !process.features.openssl_is_boringssl,
+  'Argon2d': !!Argon2Job,
+  'Argon2i': !!Argon2Job,
+  'Argon2id': !!Argon2Job,
   'ChaCha20-Poly1305': !process.features.openssl_is_boringssl ||
     ArrayPrototypeIncludes(getCiphers(), 'chacha20-poly1305'),
   'cSHAKE128': !process.features.openssl_is_boringssl ||
@@ -347,6 +366,9 @@ const conditionalAlgorithms = {
 
 // Experimental algorithms
 const experimentalAlgorithms = [
+  'Argon2d',
+  'Argon2i',
+  'Argon2id',
   'ChaCha20-Poly1305',
   'cSHAKE128',
   'cSHAKE256',
@@ -418,6 +440,11 @@ const simpleAlgorithmDictionaries = {
     functionName: 'BufferSource',
     customization: 'BufferSource',
   },
+  Argon2Params: {
+    associatedData: 'BufferSource',
+    nonce: 'BufferSource',
+    secretValue: 'BufferSource',
+  },
 };
 
 function validateMaxBufferLength(data, name) {