-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathminiCrypt.js
More file actions
63 lines (58 loc) · 2.62 KB
/
Copy pathminiCrypt.js
File metadata and controls
63 lines (58 loc) · 2.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
//I THINK we're allowed to use code from class so this should be fine to use? I wouldn't want to risk implementing it myself anyway
'use strict';
/*
DISCLAIMER
Implementing cryptographically sound behavior in software is both very important and very hard.
As such, in practice you should take great caution and be extra certain of what you're doing.
Given this, it's best to rely on existing code that has been battle-tested and vetted by those knowledgeable.
Node.js provides a native cryptography module, by the name 'crypto'.
This is essentially a JS wrapper around OpenSSL, a widely used and longstanding library written primarily in C that provides a vast array of cryptographic functions.
If you'd like to learn more about the theory and maths behind cryptography, then take 466 next semester. Great professor.
*/
import * as c from 'crypto';
// const c = require('crypto');
/**
@module miniCrypt
@desc A tiny crypto lib for the 326 kids.
*/
export default (function() {
/**
@constructor
@arg {number} its - The number of iterations to be performed; higher iterations means more security but slower speed.
@arg {number} keyL - The length of the result in bytes.
@arg {number} saltL - The amount of salt in bytes.
@arg {string} saltL - The digest (i.e. hash) algorithm to use.
@desc Creates a new `MiniCrypt` instance.
*/
function MiniCrypt(its = 1e5, keyL = 64, saltL = 16, digest = 'sha256') {
this.its = its;
this.keyL = keyL;
this.saltL = saltL;
this.digest = digest;
}
/**
@public
@memberof MiniCrypt
@arg {string} pw - The plain-text user password to be hashed.
@returns {[string, string]} - An array containing (1) the salt used to hash the specified password, and (2) the hash itself.
@desc Hash a user password.
*/
MiniCrypt.prototype.hash = function(pw) {
const salt = c.randomBytes(this.saltL).toString('hex'), // get our new salt for this pw
hash = c.pbkdf2Sync(pw, salt, this.its, this.keyL, this.digest).toString('hex'); // hash the pw
return [salt, hash]; // return the pair for safe storage
};
/**
@public
@memberof MiniCrypt
@arg {string} pw - The plain-text user password to be checked.
@arg {string} salt - The salt associated with the user.
@arg {string} hash - The hash associated with the user.
@returns {Boolean} - A result of `true` iff `pw` & `salt` hash to `hash`.
@desc Validate a user password.
*/
MiniCrypt.prototype.check = function(pw, salt, hash) {
return c.timingSafeEqual(c.pbkdf2Sync(pw, salt, this.its, this.keyL, this.digest), Buffer.from(hash, 'hex'));
};
return MiniCrypt;
}());