bcrypt-nodejs - npm Package Compare versions

Comparing version 0.0.2 to 0.0.3

bCrypt.js

@@ -410,7 +410,7 @@ var crypto = require("crypto");
 		lr[0] ^= sw.key;
-		
+
 		sw = streamtoword(data, offp);
 		offp = sw.offp;
 		lr[1] ^= sw.key;
-		
+
 		lr = encipher(lr, 0, P, S);
@@ -424,7 +424,7 @@ P[i] = lr[0];
 		lr[0] ^= sw.key;
-		
+
 		sw = streamtoword(data, offp);
 		offp = sw.offp;
 		lr[1] ^= sw.key;
-		
+
 		lr = encipher(lr, 0, P, S);
@@ -450,10 +450,10 @@ S[i] = lr[0];
 	one_percent = Math.floor(rounds / 100) + 1;
-	
+
 	var P = P_orig.slice();
 	var S = S_orig.slice();
-	
+
 	ekskey(salt, password, P, S);
 
 	var i = 0;
-	
+
 	while(true) {
@@ -523,8 +523,10 @@ if(i < rounds){
 	password = password + (minor >= 'a' ? "\000" : "");
-	for (var r = 0; r < password.length; r++) {
-		passwordb.push(getByte(password.charAt(r)));
+
+	var buf = new Buffer(password);
+	for (var r = 0; r < buf.length; r++) {
+		passwordb.push(buf[r]);
 	}
 	saltb = decode_base64(real_salt, BCRYPT_SALT_LEN);
 	var hashed = crypt_raw(passwordb, saltb, rounds, progress);
-	
+
 	var rs = [];
@@ -541,3 +543,3 @@ rs.push("$2");
 	rs.push(encode_base64(hashed, bf_crypt_ciphertext.length * 4 - 1));
-	
+
 	return(rs.join(''));
@@ -557,3 +559,3 @@ };
 	output.push('$');
-	
+
 	var rand_buf;
@@ -565,3 +567,3 @@ try {
 	}
-	
+
 	output.push(encode_base64(rand_buf, BCRYPT_SALT_LEN));
@@ -620,2 +622,3 @@ return output.join('');
 		salt - [REQUIRED] - the salt to be used to hash the password. if specified as a number then a salt will be generated and used (see examples).
+		progress - a callback to be called during the hash calculation to signify progress
 		callback - [REQUIRED] - a callback to be fired once the data has been encrypted. uses eio making it asynchronous.
@@ -645,23 +648,23 @@ error - First parameter to the callback detailing any errors.
 	*/
-	
+
 	if(typeof data != "string" ||  typeof encrypted != "string") {
 		throw "Incorrect arguments";
 	}
-	
+
 	var encrypted_length = encrypted.length;
-	
+
 	if(encrypted_length != 60) {
 		throw "Not a valid BCrypt hash.";
 	}
-	
+
 	var same = true;
-	var hash_data = hashSync(data, encrypted.substr(0, encrypted_length-31));	
+	var hash_data = hashSync(data, encrypted.substr(0, encrypted_length-31));
 	var hash_data_length = hash_data.length;
-	
+
 	same = hash_data_length == encrypted_length;
-	
+
 	var max_length = (hash_data_length < encrypted_length) ? hash_data_length : encrypted_length;
 
 	// to prevent timing attacks, should check entire string
-	// don't exit after found to be false	
+	// don't exit after found to be false
 	for (var i = 0; i < max_length; ++i) {
@@ -672,3 +675,3 @@ if (hash_data_length >= i && encrypted_length >= i && hash_data[i] != encrypted[i]) {
 	}
-	
+
 	return same;
@@ -714,2 +717,2 @@ }
 exports.compare = compare;
-exports.getRounds = getRounds;
+exports.getRounds = getRounds;

package.json

@@ -6,7 +6,4 @@ {
 	"author": "Shane Girish (https://github.com/shaneGirish)",
-	"version": "0.0.2",
-	"author": {
-		"name": "Shane Girish",
-		"email": "shaneGirish@gmail.com"
-	},
+	"version": "0.0.3",
+	"author": "Shane Girish <shaneGirish@gmail.com>",
 	"repository": {
@@ -20,3 +17,5 @@ "type": "git",
 	"contributors": [
-		
+		"Alex Murray <> (https://github.com/alexmurray)",
+		"Nicolas Pelletier <> (https://github.com/NicolasPelletier)",
+		"Josh Rogers <> (https://github.com/geekymole)"
 	],
@@ -23,0 +22,0 @@ "keywords": [

README.md

 bcrypt-nodejs
 ===========================================
 
+Warning : A change was made in v0.0.3 to allow encoding of UTF-8 encoded strings. This causes strings encoded in v0.0.2 or earlier to not work in v0.0.3 anymore.
+
 Native JS implementation of BCrypt for Node.
@@ -11,3 +13,3 @@ Has the same functionality as [node.bcrypt.js] expect for a few tiny differences.
 
-This code is based on [javascript-bcrypt] and uses "crypto" to create random byte arrays.
+This code is based on [javascript-bcrypt] and uses [crypto] (http://nodejs.org/api/crypto.html) to create random byte arrays.
 
@@ -26,3 +28,3 @@ Basic usage:
 ```
-bcrypt.hash("bacon", null, function(err, hash) {
+bcrypt.hash("bacon", null, null, function(err, hash) {
 	// Store hash in your password DB.
@@ -55,5 +57,6 @@ });
 	* `salt` - [REQUIRED] - the salt to be used in encryption.
-* `hash(data, salt, cb)`
+* `hash(data, salt, progress, cb)`
 	* `data` - [REQUIRED] - the data to be encrypted.
 	* `salt` - [REQUIRED] - the salt to be used to hash the password.
+	* `progress` - a callback to be called during the hash calculation to signify progress
 	* `callback` - [REQUIRED] - a callback to be fired once the data has been encrypted.
@@ -73,8 +76,19 @@ * `error` - First parameter to the callback detailing any errors.
 	* `encrypted` - [REQUIRED] - hash from which the number of rounds used should be extracted.
+	
+Contributors
+============
 
+* [Alex Murray][alexmurray]
+* [Nicolas Pelletier][NicolasPelletier]
+* [Josh Rogers][geekymole]	
+	
 Credits
 -------------------------
-I heavily reused code from [node.bcrypt.js]. Though "Clipperz Javascript Crypto Library" was removed and its functionality replaced with "crypto".
+I heavily reused code from [javascript-bcrypt]. Though "Clipperz Javascript Crypto Library" was removed and its functionality replaced with "crypto".
 
 [node.bcrypt.js]:https://github.com/ncb000gt/node.bcrypt.js.git
-[javascript-bcrypt]:http://code.google.com/p/javascript-bcrypt/
+[javascript-bcrypt]:http://code.google.com/p/javascript-bcrypt/
+
+[alexmurray]:https://github.com/alexmurray
+[NicolasPelletier]:https://github.com/NicolasPelletier
+[geekymole]:https://github.com/geekymole

test-async.js

 var bCrypt = require("./bCrypt");
 
+var compares = 0;
+var salts = [];
+var hashes = [];
+
 console.log("\n\n Salts \n");
+bCrypt.genSalt(8, saltCallback);
+bCrypt.genSalt(10, saltCallback);
 
-var salt1 = bCrypt.genSaltSync(8);
-console.log(salt1);
-
-var salt2 = bCrypt.genSaltSync(10);
-console.log(salt2);
-
 function saltCallback(error, result) {
-	
+	if(!error) {
+		console.log(result);
+	} else {
+		console.log(error);
+	}
+	salts.push(result);
+	if(salts.length == 2) {
+		console.log("\n\n Hashes \n");
+		createHash(salts[0]);
+	}
 }
 
-
-console.log("\n\n Hashes \n");
-
-var hashes = [];
-int hashed = 0;
-
 function createHash(salt) {
@@ -26,4 +29,2 @@ bCrypt.hash("bacon", salt, null, hashCallback);
 
-createHash(salt1);
-
 function hashCallback(error, result) {
@@ -35,32 +36,38 @@ if(!error) {
 	}
-	hashes[hashed++] = result;
-	if(hashed == 4) {
-		startCompare();
+	hashes.push(result);
+	if(hashes.length == 2) {
+		createHash(salts[1]);
+	} else if(hashes.length == 4) {
+		console.log("\n\n True Compares \n");
+		compares = 0;
+		startCompares("bacon", trueCompareCallback);
 	}
 }
 
-console.log("\n\n True Compares \n");
+function startCompares(string, callback) {
+	bCrypt.compare(string, hashes[0], callback);
+	bCrypt.compare(string, hashes[1], callback);
+	bCrypt.compare(string, hashes[2], callback);
+	bCrypt.compare(string, hashes[3], callback);
+}
 
-console.log(bCrypt.compareSync("super secret", hash1));
-console.log(bCrypt.compareSync("super secret", hash2));
-console.log(bCrypt.compareSync("super secret", hash3));
-console.log(bCrypt.compareSync("super secret", hash4));
-console.log(bCrypt.compareSync("super secret", hash5));
-console.log(bCrypt.compareSync("super secret", hash6));
-console.log(bCrypt.compareSync("super secret", hash7));
-console.log(bCrypt.compareSync("super secret", hash8));
-console.log(bCrypt.compareSync("super secret", hash9));
-console.log(bCrypt.compareSync("super secret", hash0));
+function trueCompareCallback(error, result) {
+	if(!error) {
+		console.log(result);
+	} else {
+		console.log(error);
+	}
+	if(++compares == 4) {
+		console.log("\n\n False Compares \n");
+		compares = 0;
+		startCompares("veggies", falseCompareCallback);
+	}
+}
 
-console.log("\n\n False Compares \n");
-
-console.log(bCrypt.compareSync("supersecret", hash1));
-console.log(bCrypt.compareSync("supersecret", hash2));
-console.log(bCrypt.compareSync("supersecret", hash3));
-console.log(bCrypt.compareSync("supersecret", hash4));
-console.log(bCrypt.compareSync("supersecret", hash5));
-console.log(bCrypt.compareSync("supersecret", hash6));
-console.log(bCrypt.compareSync("supersecret", hash7));
-console.log(bCrypt.compareSync("supersecret", hash8));
-console.log(bCrypt.compareSync("supersecret", hash9));
-console.log(bCrypt.compareSync("supersecret", hash0));
+function falseCompareCallback(error, result) {
+	if(!error) {
+		console.log(result);
+	} else {
+		console.log(error);
+	}
+}

test-sync.js

@@ -0,1 +1,2 @@
+/*jslint node: true, indent: 4, stupid: true */
 var bCrypt = require("./bCrypt");
@@ -46,24 +47,53 @@
 
-console.log(bCrypt.compareSync("super secret", hash1));
-console.log(bCrypt.compareSync("super secret", hash2));
-console.log(bCrypt.compareSync("super secret", hash5));
-console.log(bCrypt.compareSync("super secret", hash6));
-console.log(bCrypt.compareSync("super secret", hash9));
-console.log(bCrypt.compareSync("super secret", hash3));
-console.log(bCrypt.compareSync("super secret", hash4));
-console.log(bCrypt.compareSync("super secret", hash7));
-console.log(bCrypt.compareSync("super secret", hash8));
-console.log(bCrypt.compareSync("super secret", hash0));
+console.log(bCrypt.compareSync("super secret", hash1) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("super secret", hash2) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("super secret", hash5) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("super secret", hash6) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("super secret", hash9) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("super secret", hash3) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("super secret", hash4) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("super secret", hash7) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("super secret", hash8) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("super secret", hash0) ? 'FAILED' : 'PASSED');
 
 console.log("\n\n Second Set of Compares \n");
 
-console.log(bCrypt.compareSync("supersecret", hash1));
-console.log(bCrypt.compareSync("supersecret", hash2));
-console.log(bCrypt.compareSync("supersecret", hash5));
-console.log(bCrypt.compareSync("supersecret", hash6));
-console.log(bCrypt.compareSync("supersecret", hash9));
-console.log(bCrypt.compareSync("supersecret", hash3));
-console.log(bCrypt.compareSync("supersecret", hash4));
-console.log(bCrypt.compareSync("supersecret", hash7));
-console.log(bCrypt.compareSync("supersecret", hash8));
-console.log(bCrypt.compareSync("supersecret", hash0));
+console.log(bCrypt.compareSync("supersecret", hash1) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("supersecret", hash2) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("supersecret", hash5) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("supersecret", hash6) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("supersecret", hash9) ? 'FAILED' : 'PASSED');
+console.log(bCrypt.compareSync("supersecret", hash3) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("supersecret", hash4) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("supersecret", hash7) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("supersecret", hash8) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync("supersecret", hash0) ? 'PASSED' : 'FAILED');
+
+
+console.log('\n\n -------------------- UTF-8 passwords --------------------');
+var pw1 = '\u6e2f',  // http://www.fileformat.info/info/unicode/char/6e2f/index.htm
+    pw2 = '港', // Character 0x6e2f same as pw1.
+    pw3 = '\u6f2f',  // http://www.fileformat.info/info/unicode/char/6f2f/index.htm
+    pw4 = '漯', // Character 0x6f2f same as pw3.
+    salt = '$2a$05$0000000000000000000000',
+    hash_pw1 = bCrypt.hashSync(pw1, salt, null),
+    hash_pw2 = bCrypt.hashSync(pw2, salt, null),
+    hash_pw3 = bCrypt.hashSync(pw3, salt, null),
+    hash_pw4 = bCrypt.hashSync(pw4, salt, null);
+
+console.log("\n\n Hashes \n");
+console.log(hash_pw1);
+console.log(hash_pw2);
+console.log(hash_pw3);
+console.log(hash_pw4);
+
+console.log("\n\n Third Set of Compares \n");
+
+console.log(bCrypt.compareSync(pw1, hash_pw1) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync(pw2, hash_pw2) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync(pw3, hash_pw3) ? 'PASSED' : 'FAILED');
+console.log(bCrypt.compareSync(pw4, hash_pw4) ? 'PASSED' : 'FAILED');
+console.log('Hashes 1 and 3 are different: ' + (hash_pw1 !== hash_pw3) ? 'PASSED' : 'FAILED');
+console.log('Hashes 2 and 4 are different: ' + (hash_pw2 !== hash_pw4) ? 'PASSED' : 'FAILED');
+console.log('Hashes 1 and 2 are the same: ' + (hash_pw1 !== hash_pw2) ? 'PASSED' : 'FAILED');
+console.log('Hashes 3 and 4 are the same: ' + (hash_pw3 !== hash_pw4) ? 'PASSED' : 'FAILED');

No alert changes

Improved metrics

Total package byte prevSize

40922

increased by6.21%

Lines of code

790

increased by5.76%

Number of lines in readme file

90

increased by18.42%

No dependency changes