JSPM

@sequencemedia/pbkdf2

1.1.9
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 387
  • Score
    100M100P100Q114288F
  • License ISC

Package Exports

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@sequencemedia/pbkdf2) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    @sequencemedia/pbkdf2

    Compare a given password to a hash and salt

    Exposes the crypto pbkdf2 utilities as async functions for Node and the shell

    ES functions are exported from the package root alongside a TS definition

    Password validation by hash and salt comparison

    A password can be compared with a hash and salt (and the number of iterations that were used to compute it) to determine whether it is valid

    The ES functions expect the same argument types as the underlying Node utilities

    • The hash is a Buffer
    • The salt is a Buffer
    • iterations is a Number
    • keylen is a Number
    • digest is a String

    Etc.

    compare

    The password is expected as the first argument, while the others are fields on a params object

    const isValid = await compare(password, {
  hash,
  salt,
  iterations,
  keylen,
  digest
})

    hash

    As with compare, the password is expected as the first argument, while the others are fields on a params object (except for hash which can of course be omitted)

    const value = await hash(password, {
  hash,
  iterations,
  keylen,
  digest
})

    salt

    An async wrapper around crypto.randomBytes() to generate a salt of the salt size

    const value = await salt(size)

    In the shell

    Scripts are exposed to npm in the package and each script can of course be invoked from the command line directly in the shell

    {
  "compare": "node scripts/compare.mjs",
  "hash": "node scripts/hash.mjs",
  "salt": "node scripts/salt.mjs"
}

    Where required, both the hash and salt arguments are expected from the command line to be strings in Base64 format. Both iterations and keylen are coerced from strings to numbers

    npm run compare -- \
  --password <PASSWORD> \
  --hash <HASH> \
  --salt <SALT> \
  --keylen <KEY LENGTH> \
  --iterations <ITERATIONS> \
  --digest <DIGEST>
    node ./scripts/compare.mjs \
  --password <PASSWORD> \
  --hash <HASH> \
  --salt <SALT> \
  --keylen <KEY LENGTH> \
  --iterations <ITERATIONS> \
  --digest <DIGEST>

    Etc.

    • The hash is decoded from a Base64 String to a Buffer
    • The salt is decoded from a Base64 String to a Buffer

    Tests

    npm test
    ./compare.sh