JSPM

@sequencemedia/pbkdf2

1.0.371
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 474
  • Score
    100M100P100Q110183F
  • License ISC

Package Exports

  • @sequencemedia/pbkdf2
  • @sequencemedia/pbkdf2/index.mjs

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@sequencemedia/pbkdf2) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

@sequencemedia/pbkdf2

Compare a given password to a hash and salt

Exposes the crypto pbkdf2 utilities as async functions for Node and the shell

ES functions are exported from the package root alongside a TS definition

Password validation by hash and salt comparison

A password can be compared with a hash and salt (and the number of iterations that were used to compute it) to determine whether it is valid

The ES functions expect the same argument types as the underlying Node utilities

  • The hash is a Buffer
  • The salt is a Buffer
  • iterations is a Number
  • keylen is a Number
  • digest is a String

Etc.

compare

The password is expected as the first argument, while the others are fields on a params object

const isValid = await compare(password, {
  hash,
  salt,
  iterations,
  keylen,
  digest
})

hash

As with compare, the password is expected as the first argument, while the others are fields on a params object (except for hash which can of course be omitted)

const value = await hash(password, {
  hash,
  iterations,
  keylen,
  digest
})

salt

An async wrapper around crypto.randomBytes() to generate a salt of the salt size

const value = await salt(size)

In the shell

Scripts are exposed to npm in the package and each script can of course be invoked from the command line directly in the shell

{
  "compare": "node scripts/compare.mjs",
  "hash": "node scripts/hash.mjs",
  "salt": "node scripts/salt.mjs"
}

Where required, both the hash and salt arguments are expected from the command line to be strings in Base64 format. Both iterations and keylen are coerced from strings to numbers

npm run compare -- \
  --password <PASSWORD> \
  --hash <HASH> \
  --salt <SALT> \
  --keylen <KEY LENGTH> \
  --iterations <ITERATIONS> \
  --digest <DIGEST>
node ./scripts/compare.mjs \
  --password <PASSWORD> \
  --hash <HASH> \
  --salt <SALT> \
  --keylen <KEY LENGTH> \
  --iterations <ITERATIONS> \
  --digest <DIGEST>

Etc.

  • The hash is decoded from a Base64 String to a Buffer
  • The salt is decoded from a Base64 String to a Buffer

Tests

npm test
./compare.sh