argon2 - npm Package Compare versions
Comparing version 0.17.0 to 0.17.1
@@ -0,1 +1,8 @@ | ||
| # 20171227 | ||
| * Added ABI version number | ||
| * AVX2/AVX-512F optimizations of BLAMKA | ||
| * Set Argon2 version number from the command line | ||
| * New bindings | ||
| * Minor bug and warning fixes (no security issue) | ||
| # 20161029 | ||
@@ -2,0 +9,0 @@ |
@@ -266,2 +266,3 @@ # Argon2 | ||
| * [mruby](https://github.com/Asmod4n/mruby-argon2) by [@Asmod4n](https://github.com/Asmod4n) | ||
| * [Swift](https://github.com/ImKcat/CatCrypto) by [@ImKcat](https://github.com/ImKcat) | ||
@@ -268,0 +269,0 @@ |
156
index.js
@@ -24,108 +24,72 @@ 'use strict' | ||
| module.exports = { | ||
| defaults, | ||
| limits, | ||
| const hash = (plain, options) => { | ||
| options = Object.assign({}, defaults, options) | ||
| hash (plain, options) { | ||
| options = Object.assign({}, defaults, options) | ||
| return new Promise((resolve, reject) => { | ||
| for (let key of Object.keys(limits)) { | ||
| const {max, min} = limits[key] | ||
| const value = options[key] | ||
| if (value > max || value < min) { | ||
| reject(new Error(`Invalid ${key}, must be between ${min} and ${max}.`)) | ||
| } | ||
| return new Promise((resolve, reject) => { | ||
| for (let key of Object.keys(limits)) { | ||
| const {max, min} = limits[key] | ||
| const value = options[key] | ||
| if (value > max || value < min) { | ||
| reject(new Error(`Invalid ${key}, must be between ${min} and ${max}.`)) | ||
| } | ||
| } | ||
| if ('salt' in options) { | ||
| return resolve() | ||
| if ('salt' in options) { | ||
| return resolve() | ||
| } | ||
| crypto.randomBytes(16, (err, salt) => { | ||
| if (err) { | ||
| return reject(err) | ||
| } | ||
| crypto.randomBytes(16, (err, salt) => { | ||
| if (err) { | ||
| return reject(err) | ||
| } | ||
| options.salt = salt | ||
| return resolve() | ||
| }) | ||
| }).then(() => { | ||
| return new Promise((resolve, reject) => { | ||
| bindings.hash(Buffer.from(plain), options, resolve, reject) | ||
| }) | ||
| }).then(hash => { | ||
| return new Promise((resolve, reject) => { | ||
| if (options.raw) { | ||
| return resolve(hash) | ||
| } | ||
| const algo = `$${type2string[options.type]}$v=${version}` | ||
| const params = [ | ||
| `m=${1 << options.memoryCost}`, | ||
| `t=${options.timeCost}`, | ||
| `p=${options.parallelism}` | ||
| ].join(',') | ||
| const base64hash = rightTrim(hash.toString('base64')) | ||
| const base64salt = rightTrim(options.salt.toString('base64')) | ||
| return resolve([algo, params, base64salt, base64hash].join('$')) | ||
| }) | ||
| options.salt = salt | ||
| return resolve() | ||
| }) | ||
| }, | ||
| verify (hash, plain, options) { | ||
| options = Object.assign({}, options) | ||
| const parsed = {} | ||
| const sections = hash.split('$') | ||
| }).then(() => { | ||
| return new Promise((resolve, reject) => { | ||
| if ('type' in options) { | ||
| return resolve() | ||
| bindings.hash(Buffer.from(plain), options, resolve, reject) | ||
| }) | ||
| }).then(hash => { | ||
| return new Promise((resolve, reject) => { | ||
| if (options.raw) { | ||
| return resolve(hash) | ||
| } | ||
| parsed.type = types[sections[1]] | ||
| return resolve() | ||
| }).then(() => { | ||
| return new Promise((resolve, reject) => { | ||
| const params = sections[sections.length - 3] | ||
| const algo = `$${type2string[options.type]}$v=${version}` | ||
| const params = [ | ||
| `m=${1 << options.memoryCost}`, | ||
| `t=${options.timeCost}`, | ||
| `p=${options.parallelism}` | ||
| ].join(',') | ||
| const base64hash = rightTrim(hash.toString('base64')) | ||
| const base64salt = rightTrim(options.salt.toString('base64')) | ||
| return resolve([algo, params, base64salt, base64hash].join('$')) | ||
| }) | ||
| }) | ||
| } | ||
| if (!('memoryCost' in options)) { | ||
| const memoryCost = /m=(\d+)/.exec(params) | ||
| parsed.memoryCost = Math.log2(+memoryCost[1]) | ||
| } | ||
| const parser = /\$(argon2(?:i|d|id))\$v=(\d+)\$m=(\d+),t=(\d+),p=(\d+)(?:,[^$]+)?\$([^$]+)\$([^$]+)/ | ||
| const verify = (hash, plain) => { | ||
| const [_, type, version, memoryCost, timeCost, parallelism, salt, encoded] = hash.match(parser) | ||
| return new Promise((resolve, reject) => { | ||
| const options = { | ||
| type: module.exports[type], | ||
| version: +version, | ||
| memoryCost: Math.log2(+memoryCost), | ||
| timeCost: +timeCost, | ||
| parallelism: +parallelism, | ||
| salt: Buffer.from(rightPad(salt), 'base64'), | ||
| hashLength: Math.floor(encoded.length / 4 * 3) | ||
| } | ||
| bindings.hash(Buffer.from(plain), options, resolve, reject) | ||
| }).then(expected => { | ||
| return encoded === rightTrim(expected.toString('base64')) | ||
| }) | ||
| } | ||
| if (!('timeCost' in options)) { | ||
| const timeCost = /t=(\d+)/.exec(params) | ||
| parsed.timeCost = +timeCost[1] | ||
| } | ||
| if (!('parallelism' in options)) { | ||
| const parallelism = /p=(\d+)/.exec(params) | ||
| parsed.parallelism = +parallelism[1] | ||
| } | ||
| return resolve() | ||
| }) | ||
| }).then(() => { | ||
| return new Promise((resolve, reject) => { | ||
| if ('salt' in options) { | ||
| return resolve() | ||
| } | ||
| const salt = sections[sections.length - 2] | ||
| parsed.salt = Buffer.from(rightPad(salt), 'base64') | ||
| return resolve() | ||
| }) | ||
| }).then(() => { | ||
| options = Object.assign({}, defaults, parsed, options) | ||
| return new Promise((resolve, reject) => { | ||
| return bindings.hash(Buffer.from(plain), options, resolve, reject) | ||
| }) | ||
| }).then(raw => { | ||
| const expected = sections[sections.length - 1] | ||
| const base64hash = rightTrim(raw.toString('base64')) | ||
| return Promise.resolve(base64hash === expected) | ||
| }) | ||
| } | ||
| module.exports = { | ||
| defaults, | ||
| limits, | ||
| hash, | ||
| verify | ||
| } | ||
@@ -132,0 +96,0 @@ |
| { | ||
| "name": "argon2", | ||
| "version": "0.17.0", | ||
| "version": "0.17.1", | ||
| "description": "An Argon2 library for Node", | ||
@@ -10,3 +10,4 @@ "main": "index.js", | ||
| "clean": "node-gyp clean && rm -rf coverage .nyc_output", | ||
| "test": "tsc -p . && node test-d.js && standard index.js && nyc --reporter=lcov jest" | ||
| "lint": "standard --verbose | snazzy", | ||
| "test": "tsc -p . && node test-d.js && nyc --reporter=lcov jest" | ||
| }, | ||
@@ -40,3 +41,2 @@ "repository": { | ||
| "sandra": "^0.2.1", | ||
| "standard": "^10.0.2", | ||
| "typescript": "^2.1.5" | ||
@@ -46,9 +46,3 @@ }, | ||
| "node": ">=6.0.0" | ||
| }, | ||
| "ava": { | ||
| "files": [ | ||
| "test.js" | ||
| ], | ||
| "babel": "inherit" | ||
| } | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Improved metrics
- Dev dependency count
- decreased by-16.67%
5
- Number of medium supply chain risk alerts
- decreased by-50%
1
Worsened metrics
- Total package byte prevSize
- decreased by-1.42%
204409
- Lines of code
- decreased by-8.28%
299
No dependency changes