What is evp_bytestokey?
The evp_bytestokey package is a utility for deriving a key and IV from a password, mimicking the OpenSSL EVP_BytesToKey method. It is commonly used in cryptographic operations where a secure key needs to be generated from a password for encryption or decryption purposes.
What are evp_bytestokey's main functionalities?
Key and IV Generation
This feature allows the generation of a key and IV (Initialization Vector) from a given password and salt. It is useful for cryptographic operations where a secure key is needed. The example demonstrates how to use the package to generate a 256-bit key and a 128-bit IV from a password and salt.
const evp_bytestokey = require('evp_bytestokey');
const password = 'secret password';
const salt = 'salt';
const keyIv = evp_bytestokey(password, salt, 32, 16);
console.log(keyIv.key); // Buffer containing the key
console.log(keyIv.iv); // Buffer containing the IV
Other packages similar to evp_bytestokey
crypto
The 'crypto' module is a built-in Node.js module that provides cryptographic functionality. It includes a wide range of cryptographic operations, including key generation, encryption, decryption, and hashing. While it does not directly mimic OpenSSL's EVP_BytesToKey, it offers the PBKDF2 function, which can be used for securely deriving keys from passwords. This makes it a more versatile option compared to evp_bytestokey, but requires more setup for similar tasks.
node-forge
node-forge is a comprehensive Node.js module that includes a variety of cryptographic operations, including key generation, encryption, decryption, and certificate management. It offers more flexibility and a wider range of cryptographic tools compared to evp_bytestokey. While it does not directly implement EVP_BytesToKey, it provides similar functionality through its own APIs for password-based key derivation.
EVP_BytesToKey


The insecure key derivation algorithm from OpenSSL.
WARNING: DO NOT USE, except for compatibility reasons.
MD5 is insecure.
Use at least scrypt
or pbkdf2-hmac-sha256
instead.
API
EVP_BytesToKey(password, salt, keyLen, ivLen)
password
- Buffer
, password used to derive the key data.salt
- 8 byte Buffer
or null
, salt is used as a salt in the derivation.keyBits
- number
, key length in bits.ivLen
- number
, iv length in bytes.
Returns: { key: Buffer, iv: Buffer }
Examples
MD5 with aes-256-cbc
:
const crypto = require('crypto')
const EVP_BytesToKey = require('evp_bytestokey')
const result = EVP_BytesToKey(
'my-secret-password',
null,
32,
16
)
const cipher = crypto.createCipheriv('aes-256-cbc', result.key, result.iv)
LICENSE MIT