easy-crypto/password - Documentation

The password module provides utilities for dealing with passwords. This includes hashing and verifying passwords as well as derive secure cryptographic keys from passwords.

Source:

password.js, line 9

Members

(static, constant) InvalidHashError :Error

An error that hints that the hashing algorithm used is no longer valid and a rehash is required.

Since:

0.2.0

Source:

password.js, line 32

Type:

Error

(inner, constant) messages :Object

The message format for encoding and decoding data using protobuf.

Source:

password.js, line 21

Type:

Object

Methods

(async, static) deriveKey(password, salt, iterations, keylen, digest) → {Promise.<Buffer>}

Derive a cryptographically secure key using a password and a salt.

Since:

0.2.0

Source:

password.js, line 34

Parameters:

Name	Type	Description
`password`	`Data`	The password to be used for key derivation.
`salt`	`Data`	The salt to be applied to the password. The salt should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See NIST SP 800-132 for details.
`iterations`	`number`	The number of iterations to be performed. The value must be a number set as high as possible. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete.
`keylen`	`number`	The length of the key to be produced.
`digest`	`string`	The HMAC digest algorithm to be used.

Returns:

Type:: Promise.<Buffer>

The derived key.

(static) deriveKeySync(password, salt, iterations, keylen, digest) → {Buffer}

Derive a cryptographically secure key synchronously using a password and a salt.

Since:

0.2.0

Source:

password.js, line 62

Parameters:

Name	Type	Description
`password`	`Data`	The password to be used for key derivation.
`salt`	`Data`	The salt to be applied to the password. The salt should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See NIST SP 800-132 for details.
`iterations`	`number`	The number of iterations to be performed. The value must be a number set as high as possible. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete.
`keylen`	`number`	The length of the key to be produced.
`digest`	`string`	The HMAC digest algorithm to be used.

Returns:

Type:: Buffer

The derived key.

(async, static) hashPassword(password) → {Promise.<Buffer>}

Hash a password for storage.

Since:

0.2.0

Source:

password.js, line 84

Parameters:

Name	Type	Description
`password`	`Data`	The password to be hashed.

Returns:

Type:: Promise.<Buffer>

The hashed password optimized for storage.

(static) hashPasswordSync(password) → {Buffer}

Hash a password synchronously for storage.

Since:

0.2.0

Source:

password.js, line 110

Parameters:

Name	Type	Description
`password`	`Data`	The password to be hashed.

Returns:

Type:: Buffer

The hashed password optimized for storage.

(async, static) verifyHash(hashed, password) → {Promise.<boolean>}

Verify a previously hashed and stored password.

Since:

0.2.0

Source:

password.js, line 129

Parameters:

Name	Type	Description
`hashed`	`Buffer`	The hashed password to be verified.
`password`	`Data`	The actual password.

Returns:

Type:: Promise.<boolean>

Wether the hash was valid for the given password.

(static) verifyHashSync(hashed, password) → {Promise.<boolean>}

Verify a previously hashed and stored password synchronously.

Since:

0.2.0

Source:

password.js, line 151

Parameters:

Name	Type	Description
`hashed`	`Buffer`	The hashed password to be verified.
`password`	`Data`	The actual password.

Throws:

The hash was produced using an invalid algorithm. A rehash with the currently valid algorithm is required.
Type module:easy-crypto/password.InvalidHashError

Returns:

Type:: Promise.<boolean>

Wether the hash was valid for the given password.