pbkdf2-cryptdeprecated

Cryptographically secure password hashing algorithm based on pbkdf2 key derivation function

Usage no npm install needed!

<script type="module">
  import pbkdf2Crypt from 'https://cdn.skypack.dev/pbkdf2-crypt';
</script>

README

pbkdf2-crypt

Mac/Linux Build Status Windows Build status Codecov Coverage report Known Vulnerabilities Dependency Status
XO Code Style used AVA Test Runner used Istanbul Test Coverage used NP Release System used
Latest version on npm Project license

🔒 Cryptographically secure password hashing algorithm based on pbkdf2 key derivation function.
Coded with ❤️ by Simone Primarosa.

DEPRECATED!!! USE @phc/pbkdf2 INSTEAD

Install

npm install --save pbkdf2-crypt

Usage

const pbkdf2c = require('pbkdf2-crypt');

// Hash and verify with pbkdf2 and default configs
pbkdf2c.hash('We are all unicorns')
  .then(hash) => {

    console.log(hash);
    //=> "mOyc16tOzjyRlVwE0UknfYLkWhboVaepNDSlpXGsgVIjmV3ATpMgbUkvtAQVuGWYX8499ta+qTSwMS5mShHrPEMR1w/JRa3TiOYRK6D7K7Q0JhFkp83suUKaO2qqXf7XXlbeEQjEHyxXOQejKBxhbl7vdlgQcUnsovCtEhOesD0=,B1izIvz3r4CKWswSeWh11ClEVrXxs/2jDD0LGSUMar/KQyBI6x4CfkcnsC4WHU29Meew8aQYyURwS8tjP7N+tMM1NhM1FDnWH0766noazbVd1rNG8IHoroD8v0jQcHYTRth2pviQaoJszKcLP43XT+c9DNYolDXzeKQAPZ3+mI0=,10000,128,sha512"

    pbkdf2c.verify(hash, 'We are all unicorns')
      .then(match) => {
        console.log(match);
        //=> true
      });

  });

// Hash and verify with pbkdf2 and custom configs
pbkdf2c.hash('We are all unicorns', {digest: 'sha1', iterations: 15000})
  .then(hash) => {

    console.log(hash);
    //=> "suaEhih1LNHXbcWMc7lzdY7z0F3bVbVvuIGr7kAMCPNQ9vGsIhQWL//GIdZ4NNLs8n7rNkRFYHzEqBjl+GgzSQ==,T82zIg2ej8IOYBqqlGOtduKVFUUMras1eJ1U1khGTfeP1caP3jAozGQqS149Pynq9PlEGP0hhMOsywrKj97VUw==,7500,64,sha1"

    pbkdf2c.verify(hash, 'We are all unicorns')
      .then(match) => {
        console.log(match);
        //=> true
      });

  });

API

hash(password, [options])Promise.<string>

Computes the secure hash string of the given password.

verify(hash, input)Promise.<boolean>

Determines whether or not the user's input matches the secure hashed password.

hash(password, [options]) ⇒ Promise.<string>

Computes the secure hash string of the given password.

Kind: global function
Returns: Promise.<string> - The generated secure hash string.
Access: public

Param Type Description
password string The password to hash.
[options] Object Configurations related to the hashing function.
[options.iterations] number The number of iterations to compute the derived key.
[options.keylen] number Length of the computed derived key.
[options.digest] number A digest function from the crypto.getHashes() list of supported digest functions.

verify(hash, input) ⇒ Promise.<boolean>

Determines whether or not the user's input matches the secure hashed password.

Kind: global function
Returns: Promise.<boolean> - A boolean that is true if the hash computed for the input matches.
Access: public

Param Type Description
hash string Secure hash string generated from this package.
input string User's password input.

Contributing

Contributions are REALLY welcome and if you find a security flaw in this code, PLEASE report it.
Please check the contributing guidelines for more details. Thanks!

Authors

See also the list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE file for details.