js-crypto-pbkdf
Advanced tools
Universal Module for Password-based Key Derivation Function (PBKDF) in JavaScript
WARNING: At this time this solution should be considered suitable for research and experimentation, further code and security review is needed before utilization in a production application.
This library is designed to 'universally' provide PBKDF (Password-based Key Derivation Function) functions, i.e., it works both on most modern browsers and on Node.js just by importing from NPM/source code. This key utility library provides both PBKDF1 and PBKDF2 specified in PKCS#5 v2.1 (RFC8018).
At your project directory, do either one of the following.
$ npm install --save js-crypto-pbkdf // npm
$ yarn add js-crypto-pbkdf // yarn
$ git clone https://github.com/junkurihara/jscu.git
$ cd js-crypto-utils/packages/js-crypto-pbkdf
& yarn build
Then you should import the package as follows.
import pbkdf from 'js-crypto-pbkdf'; // for npm
import pbkdf from 'path/to/js-crypto-pbkdf/dist/index.js'; // for github
The bundled file is also given as js-crypto-pbkdf/dist/jscpbkdf.bundle.js for a use case where the module is imported as a window.jscpbkdf object via script tags.
See RFC8018 Section 5.2 for detailed specification.
const password = 'password'; // string or Uint8Array
const salt = ...; // Uint8Array
const iterationCount = 2048;
const derivedKeyLen = 32;
const hash = 'SHA-256'; // 'SHA-384', 'SHA-512', 'SHA-1', 'MD5', 'SHA3-512', 'SHA3-384', 'SHA3-256', or 'SHA3-224'
pbkdf.pbkdf2(
password,
salt,
iterationCount,
derivedKeyLen,
hash
).then( (key) => {
// now you get the derived key of intended length
});
See RFC8018 Section 5.1 for detailed specification.
const password = 'password'; // string or Uint8Array
const salt = ...; // Uint8Array
const iterationCount = 2048;
const derivedKeyLen = 32;
const hash = 'SHA-256'; // 'SHA-384', 'SHA-512', 'SHA-1', 'MD5', 'SHA3-512', 'SHA3-384', 'SHA3-256', or 'SHA3-224'
pbkdf.pbkdf1(
password,
salt,
iterationCount,
derivedKeyLen,
hash
).then( (key) => {
// now you get the derived key of intended length
});
Licensed under the MIT license, see LICENSE file.
FAQs
Universal Module for Password-based Key Derivation Function (PBKDF) in JavaScript
We found that js-crypto-pbkdf demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket and Seal Security collaborate to fix a critical npm overrides bug, resolving a three-year security issue in the JavaScript ecosystem's most popular package manager.
Security News
TypeScript is porting its compiler to Go, delivering 10x faster builds, lower memory usage, and improved editor performance for a smoother developer experience.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.