Big update!Announcing Socket for GitHub 1.0. Learn more
Socket
BlogLoveFAQ
Install
Log in

evp_bytestokey

Package Overview
Dependencies
2
Maintainers
2
Versions
4
Issues
File Explorer

Advanced tools

evp_bytestokey

The insecure key derivation algorithm from OpenSSL

    1.0.3latest

Version published
Maintainers
2
Weekly downloads
11,842,804
increased by0.09%

Weekly downloads

Readme

Source

EVP_BytesToKey

NPM Package Build Status Dependency status

js-standard-style

The insecure key derivation algorithm from OpenSSL.

WARNING: DO NOT USE, except for compatibility reasons.

MD5 is insecure.

Use at least scrypt or pbkdf2-hmac-sha256 instead.

API

EVP_BytesToKey(password, salt, keyLen, ivLen)

  • password - Buffer, password used to derive the key data.
  • salt - 8 byte Buffer or null, salt is used as a salt in the derivation.
  • keyBits - number, key length in bits.
  • ivLen - number, iv length in bytes.

Returns: { key: Buffer, iv: Buffer }

Examples

MD5 with aes-256-cbc:

const crypto = require('crypto') const EVP_BytesToKey = require('evp_bytestokey') const result = EVP_BytesToKey( 'my-secret-password', null, 32, 16 ) // => // { key: <Buffer e3 4f 96 f3 86 24 82 7c c2 5d ff 23 18 6f 77 72 54 45 7f 49 d4 be 4b dd 4f 6e 1b cc 92 a4 27 33>, // iv: <Buffer 85 71 9a bf ae f4 1e 74 dd 46 b6 13 79 56 f5 5b> } const cipher = crypto.createCipheriv('aes-256-cbc', result.key, result.iv)

LICENSE MIT

Keywords

FAQs

What is evp_bytestokey?

The insecure key derivation algorithm from OpenSSL

Is evp_bytestokey popular?

The npm package evp_bytestokey receives a total of 9,638,420 weekly downloads. As such, evp_bytestokey popularity was classified as popular.

Is evp_bytestokey well maintained?

We found that evp_bytestokey demonstrated a not healthy version release cadence and project activity. It has 2 open source maintainers collaborating on the project.

Last updated on 05 Sep 2017
Socket

Product

Subscribe to our newsletter

Get open source security insights delivered straight into your inbox. Be the first to learn about new features and product updates.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc