Socket
Socket
Sign inDemoInstall

bcrypt-pbkdf

Package Overview
Dependencies
1
Maintainers
4
Versions
3
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

bcrypt-pbkdf

Port of the OpenBSD bcrypt_pbkdf function to pure JS


Version published
Maintainers
4

Package description

What is bcrypt-pbkdf?

The bcrypt-pbkdf package is a node.js library that implements Password-Based Key Derivation Function 2 (PBKDF2) with bcrypt as its pseudorandom function. This allows for the secure derivation of keys from passwords, which can then be used for cryptographic operations such as encryption, decryption, and authentication. It is particularly useful in scenarios where password security is paramount.

What are bcrypt-pbkdf's main functionalities?

Key Derivation

This feature demonstrates how to derive a key from a password using the bcrypt-pbkdf package. The `pbkdf2Sync` function takes a password, salt, number of iterations (rounds), desired key length, and hash function as arguments, and returns a derived key. This is useful for generating secure keys for encryption or authentication purposes.

"use strict";
const bcrypt_pbkdf = require('bcrypt-pbkdf');
const password = 'mysecretpassword';
const salt = 'somesalt';
const keyLength = 32; // Desired length of the derived key
const rounds = 10; // Number of iterations

const derivedKey = bcrypt_pbkdf.pbkdf2Sync(password, salt, rounds, keyLength, 'sha256');
console.log(derivedKey.toString('hex'));

Other packages similar to bcrypt-pbkdf

Readme

Source

Port of the OpenBSD bcrypt_pbkdf function to pure Javascript. npm-ified version of Devi Mandiri's port, with some minor performance improvements. The code is copied verbatim (and un-styled) from Devi's work.

This product includes software developed by Niels Provos.

API

bcrypt_pbkdf.pbkdf(pass, passlen, salt, saltlen, key, keylen, rounds)

Derive a cryptographic key of arbitrary length from a given password and salt, using the OpenBSD bcrypt_pbkdf function. This is a combination of Blowfish and SHA-512.

See this article for further information.

Parameters:

  • pass, a Uint8Array of length passlen
  • passlen, an integer Number
  • salt, a Uint8Array of length saltlen
  • saltlen, an integer Number
  • key, a Uint8Array of length keylen, will be filled with output
  • keylen, an integer Number
  • rounds, an integer Number, number of rounds of the PBKDF to run

bcrypt_pbkdf.hash(sha2pass, sha2salt, out)

Calculate a Blowfish hash, given SHA2-512 output of a password and salt. Used as part of the inner round function in the PBKDF.

Parameters:

  • sha2pass, a Uint8Array of length 64
  • sha2salt, a Uint8Array of length 64
  • out, a Uint8Array of length 32, will be filled with output

License

This source form is a 1:1 port from the OpenBSD blowfish.c and bcrypt_pbkdf.c. As a result, it retains the original copyright and license. The two files are under slightly different (but compatible) licenses, and are here combined in one file. For each of the full license texts see LICENSE.

FAQs

Last updated on 29 Jun 2018

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc