exports.create = function (name, password, callback) { scrypt.kdf(password, scryptParameters, function (err, result) { if (err) return callback(err); var passwordHash = result.toString('base64'); db.User.create(name, passwordHash, callback); }); };
scrypt.verifyKdf(user.passwordHash, oldPassword, function (err, result) { if (err) return callback(err); if (!result) return callback("Wrong password"); scrypt.kdf(newPassword, scryptParameters, function (err, result) { if (err) return callback(err); var newHash = result.toString('base64'); db.User.updatePassword(user.id, newHash, callback); }); });
function parseUserShare(share) { var scryptBuffer = new Buffer(share.scrypt, 'hex'); // Check if it passes the difficulty test if (scryptBuffer[31] != 0 || scryptBuffer[30] > 6) return penalize(share); // Check if the scrypt matches var headerBuffer = new Buffer(share.header, 'hex'); var myScrypt = scrypt.kdf(headerBuffer, { N: 1024, r: 1, p: 1}, 32, headerBuffer).hash.toString('hex'); if (share.scrypt != myScrypt) return penalize(share); // Make sure they haven't submitted this before redis.zscore('shares::accepted', share.header, function(err, score) { if (err) return log.error(err, share); if (score) return penalize(share); // TODO: Give them some reputation // Add it to the tracker redis.zadd('shares::accepted', Date.now(), share.header); // Add money to their account redis.zcount('shares::accepted', Date.now() - (1000 * 60 * 60), '+inf', function(err, count) { if (err) return log.error(err, share); // No dividing by zero! if (!count || count < 1) count = 1; // Calculate the payout var amount = (config.payouts.targetPerHour / count); if (amount > config.payouts.maxPerShare) amount = config.payouts.maxPerShare; // Figure out if this session has an email associated with it redis.get('session::' + share.session + '::email', function(err, email) { if (err) return log.error(err, share); // Save it to the proper place var key = null; if (email) key = 'balance::email::' + email; else key = 'balance::session::' + share.session; log.info(key + ' ' + amount); redis.incrbyfloat(key, amount); }); }); }); };
.get()(function(err, res, body) { if(err) { msg.send(err); return; } body = JSON.parse(body); if(body.status.code === 0) { var loginSession = body.login_session; var csrfToken = body.csrf_token; var salt = body.salt; var bytes = []; for(var i=0; i< salt.length-1; i+=2){ bytes.push(parseInt(salt.substr(i, 2), 16)); } var binarySalt = String.fromCharCode.apply(String, bytes); scrypt.kdf(password, {N: Math.pow(2,15), r:8, p:1}, 224, binarySalt, function (err, result) { var hash = crypto.createHmac('sha512', result.hash.slice(192, 224)); hash.update(new Buffer(loginSession, 'base64')); var hashed_data = hash.digest('hex'); var params = "csrf_token=" + csrfToken + "&login_session=" + loginSession + "&email_or_username="******"&hmac_pwh=" + hashed_data; msg.http("https://keybase.io") .path("/_/api/1.0/login.json") .post(params)(function (err, res, body) { if(err) { msg.send(err); return; } body = JSON.parse(body); if(body.status.code === 0) { msg.send(body.session); } else { msg.send(body.status.des); } }); }); } else { msg.send(body.status.des); } });
'hash': (password) => scrypt.kdf(password, params),