crypto.pbkdf2(pw, salt, 10000, 128, function(err, key) {
cryptPw = key.toString('base64');
crypto.pbkdf2(pw, salt, 10000, 128, function(err, key) {
var newPw = key.toString('base64');
expect(newPw).to.be(cryptPw);
done();
});
});
crypto.randomBytes(len, function(err, salt) {
if (err)
return fn(err);
salt = salt.toString('base64');
crypto.pbkdf2(pwd, salt, iterations, len, function(err, hash) {
if (err)
return fn(err);
fn(null, salt, hash.toString('base64'));
});
});
//
// Test PBKDF2 with RFC 6070 test vectors (except #4)
//
function testPBKDF2(password, salt, iterations, keylen, expected) {
const actual = crypto.pbkdf2Sync(password, salt, iterations, keylen,
'sha256');
assert.strictEqual(actual, expected);
const cb = common.mustCall((err, actual) => {
assert.strictEqual(actual, expected);
});
crypto.pbkdf2(password, salt, iterations, keylen, 'sha256', cb);
}
//
// Generates a hash from the password and stored salt. Comapres it to the stored hash.
function compareHashes(suppliedPassword, redishash, callback) {
crypto.pbkdf2(suppliedPassword, redishash['salt'], iterations, keyLength, function (err, derivedKey) {
if(err) {
callback(err, null);
return;
}
var hashesMatch = redishash['hashed.password'] === derivedKey.toString('base64');
callback(null, hashesMatch);
});
}
var calcHash = function() {
crypto.pbkdf2(password, salt, iterations, 64, 'sha1', function(err, key) {
if(err)
return callback(err);
var res = 'pbkdf2$' + iterations +
'$' + key.toString('hex') +
'$' + salt.toString('hex');
callback(null, res);
})
};
var pbkdf2 = function (pass, salt, done) {
crypto.pbkdf2(pass, salt, crypto_conf.iterations, crypto_conf.keylen, function (err, derivedKey) {
if (err) {
done('암호화중 오류가 발생했습니다.');
} else {
var cryp_pass = Buffer(derivedKey, 'binary').toString('hex');
done(null, cryp_pass);
}
});
};
helper.hashPassword = function (password, callback) {
crypto.pbkdf2(password, config.security.salt, config.security.iterations, config.security.keylen, function (err, pass) {
if (err) {
callback(err);
} else {
var buff = new Buffer(pass, "binary");
callback(null, buff.toString("hex"));
}
});
};
AccountSchema.methods.validatePassword = function(password, callback) {
var pass = this.password;
crypto.pbkdf2(password, this.salt, iterations, keyLength, function(err, hash) {
if(hash.toString('hex') !== pass) {
return callback(false);
}
return callback(true);
});
};
return new Promise(function(resolve, reject){
crypto.pbkdf2(text, salt, iterations, keylen, digest, function(err, hash){
if (err){
reject(err);
return;
}
resolve(hash);
});
});
//
// Creates a salted hash of a plaintext password
function createSaltedHash(plaintextPassword, callback) {
var salt = crypto.randomBytes(128).toString('base64');
crypto.pbkdf2(plaintextPassword, salt, iterations, keyLength, function(err, derivedKey) {
if(err) {
callback(err, null);
return;
}
callback(null, {salt: salt, derivedKey: derivedKey.toString('base64')});
});
}
this.model('User').findOne({'user_name': user_name}, function(err, user){
if(!err){
//One way hash password
crypto.pbkdf2(password, salt, 10000, 512, function(err, derivedKey) {
console.log("password: "******" ,\nEncrypted: ", derivedKey.toString('base64'));
console.log(user.password == derivedKey.toString('base64'));
return callback(user.password == derivedKey.toString('base64'));
});
}
});
userSchema.pre('save', function(next) {
//Cache user
var user = this;
//One way hash password
crypto.pbkdf2(user.password, salt, 10000, 512, function(err, derivedKey) {
user.password = derivedKey.toString('base64');
next();
});
});
crypto.randomBytes(settings.crypt.saltsize, function(err, buf) {
if(err) throw err;
salt = buf.toString('hex');
//console.log('Have %d bytes of random data: %s', buf.length, buf);
crypto.pbkdf2(password, salt, settings.crypt.iterations, settings.crypt.keylen, function(err, key) {
if(err) throw err;
hash = key.toString('hex');
nextStep();
});
})
exports.derive = function (password, salt, callback) {
var valid = !!(password && salt);
if (!valid) {
callback && callback();
return;
}
crypto.pbkdf2(password, salt, 10000, 64, function (err, derivedKey) {
err && handleErr(err);
callback && callback(derivedKey.toJSON().join('') || undefined);
});
};
User.findOne({email : email}, function(err, user) {
if (err) {res.json({error : "Database Error"}); return;}
if (!user) {res.json({error : "Invalid Email or Password"}); return;}
crypto.pbkdf2(password, user.salt, 1000, 32, function(err, pass) {
pass = Buffer(pass, 'binary').toString('hex');
if (pass !== user.password) {
res.json({error : "Invalid Email or Password"}); return; }
req.session.current_user = user.username;
res.json({redirect : user.username});
});
});
(function (password, salt) {
crypto.pbkdf2(password, salt, 200000, 20, 'sha256', function(err, hash){
if (err) {
// Error occurred during password verification
debug(JSON.stringify(err));
res.auth.params.response = 'error';
} else {
console.log(hash.toString('hex'));
}
});
})('doe', 'salt3');
var hashWithPbkdf2 = function(password, salt, callback) {
var bufferedPassword = new Buffer(password);
crypto.pbkdf2(bufferedPassword, salt, ITERATION_COUNT, KEY_SIZE, function(err, hash) {
if (err) {
callback(err);
} else {
callback(null, Buffer.concat([salt, hash]));
}
});
};
crypto.randomBytes(128, function (err, salt) {
if (err) { throw err;}
salt = salt.toString('hex');
console.log(salt); //生成salt
crypto.pbkdf2(txt, salt, 4096, 256, function (err,hash) {
if (err) { throw err; }
hash = hash.toString('hex');
console.log(hash);//生成密文
})
})
exports.checkPassword = function(password, salt, storedKey, cb) {
crypto.pbkdf2(password, salt, PKBDF2_ITERATIONS, KEY_SIZE, function(err, derivedKey) {
if (err) {
return cb(err);
}
var key = new Buffer(derivedKey, 'binary').toString('base64'); // derivedKey is a Buffer
cb(null, key === storedKey);
});
};
function nativePBKDF2 (password, salt, iterations, keylen, digest, callback) {
checkParameters(password, salt, iterations, keylen)
if (typeof digest === 'function') {
callback = digest
digest = 'sha1'
}
if (typeof callback !== 'function') throw new Error('No callback provided to pbkdf2')
return native.pbkdf2(password, salt, iterations, keylen, digest, callback)
}
var expiry = 60 * 24 * 90; //90 Days
/**
* Encrypt password (pbkdf2, bcrypt, scrypt)
* @param password
* @param salt
* @param callback
*/
function encryptPassword(password, salt, callback) {
if (typeof salt === 'function') {
callback = salt;
salt = crypto.randomBytes(16).toString('base64');
}
salt = new Buffer(salt, 'base64');
crypto.pbkdf2(password, salt, 1000, 64, function (err, hashedPassword) {
if (err) return callback(err, null);
callback(null, {salt: salt.toString('base64'), hashedPassword: hashedPassword.toString('base64')});
});
}
var hashPassword = function (opts) {
var deferred = Q.defer();
crypto.pbkdf2(opts.plaintext, opts.salt, opts.iterations, 64, function (err, key) {
if (err) {
deferred.reject(err);
}
opts.key = new Buffer(key).toString('base64');
deferred.resolve({ encodedUsername: opts.key, salt: opts.salt });
});
return deferred.promise;
};
var pash = function (password, salt, callback) {
"use strict";
if (!password) {
handleError("No password supplied", callback);
return;
}
if (!salt) {
handleError("No salt supplied", callback);
return;
}
return crypto.pbkdf2(password, salt, 10000, 64, complete.bind(null, callback));
};
crypto.randomBytes(length, function(err, salt) {
if (err) {
return fn(err);
}
salt = salt.toString('base64');
crypto.pbkdf2(password, salt, iterations, length, function(err, derivedKey) {
if (err) {
return fn(err);
}
fn(null, salt, derivedKey.toString('base64'));
});
});
function hash(data, salt, cb) {
crypto.pbkdf2(data, salt, HASH_ITERATIONS, HASH_LENGTH, 'sha1', function(err, hash) {
if (err) {
cb(err);
return;
}
cb(null, {
salt: salt,
hash: hash
});
});
}
crypto.randomBytes(config.saltBytes, function(err, saltFName){
if(err){
return callback(err)
}
crypto.pbkdf2(patientName, saltFName.toString('hex').slice(0, config.saltBytes), config.iterations, config.hashBytes, function(err, hashFName){
if(err){
return callback(err);
}
if(!err){ //hash firstname
if(patientName != "" || patientName != null){
/*********************************hash surname******************************************/
crypto.randomBytes(config.saltBytes, function(err, saltLName){
if(err){
return callback(err)
}
crypto.pbkdf2(patientSurname, saltLName.toString('hex').slice(0, config.saltBytes), config.iterations, config.hashBytes, function(err, hashLName){
if(err){
return callback(err);
}
if(!err){ //hash surname
if(patientSurname != "" || patientSurname != null){//adding user; no username field needed
var sendSaltHash = {
sendSaltFName: saltFName.toString('hex').slice(0, config.saltBytes),
sendHashFName: hashFName.toString('hex').slice(0, config.saltBytes),
sendSaltLName: saltLName.toString('hex').slice(0, config.saltBytes),
sendHashLName: hashLName.toString('hex').slice(0, config.saltBytes)
};
console.log("salting FName " + saltFName.toString('hex').slice(0, config.saltBytes));
console.log("hashing FName " + hashFName.toString('hex').slice(0, config.saltBytes));
console.log("salting LName " + saltLName.toString('hex').slice(0, config.saltBytes));
console.log("hashing LName " + hashLName.toString('hex').slice(0, config.saltBytes));
return callback(sendSaltHash);
}
else{
return callback(null);
}
}
});
});
}
else{
return callback(null);
}
}
});
});
return new Promise(function(resolve, reject) {
crypto.pbkdf2(resetToken, '', options.pbkdf2Iterations, options.pbkdf2KeyLength, options.pbkdf2Algorithm,
function(err, hashRaw) {
if (err) {
return reject(err);
}
var hash = new Buffer(hashRaw, 'binary').toString(options.encoding);
return resolve(hash);
});
});
(function() {
var expected =
'64c486c55d30d4c5a079b8823b7d7cb37ff0556f537da8410233bcec330ed956';
var key = crypto.pbkdf2Sync('password', 'salt', 32, 32, 'sha256');
assert.equal(key.toString('hex'), expected);
crypto.pbkdf2('password', 'salt', 32, 32, 'sha256', common.mustCall(ondone));
function ondone(err, key) {
if (err) throw err;
assert.equal(key.toString('hex'), expected);
}
})();
exports.hashPassword = function(password, config, callback) {
config = config || {
salt: crypto.randomBytes(16).toString('base64'),
work: exports.hashRounds,
keylen: 64
};
crypto.pbkdf2(password, config.salt, parseInt(config.work,10), parseInt(config.keylen,10), function(error, key) {
config.key = new Buffer(key, 'binary').toString('base64');
callback(error, config);
});
};
function hash_password(password, salt) {
var deferred = Q.defer();
crypto.pbkdf2(password, salt, 10000, 512, function(err, dk) {
if (err) {
console.error('Error hashing a password');
throw new Error(err);
} else {
deferred.resolve(new Buffer(dk).toString('base64'));
}
});
return deferred.promise;
}