Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket
Book a DemoSign in

node-forge

Package Overview
Dependencies
Maintainers
3
Versions
134
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

node-forge - npm Package Compare versions

Comparing version
0.6.28
 to
0.6.29
+1
-1
bower.json
{
"name": "forge",
"version": "0.6.28",
"version": "0.6.29",
"description": "JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.",

@@ -5,0 +5,0 @@ "authors": [

+55
-5
js/pbkdf2.js

@@ -16,13 +16,24 @@ /**

var _nodejs = (
typeof process !== 'undefined' && process.versions && process.versions.node);
var crypto;
if(_nodejs && !forge.disableNativeCode) {
crypto = require('crypto');
}
/**
* Derives a key from a password.
*
* @param p the password as a string of bytes.
* @param s the salt as a string of bytes.
* @param p the password as a binary-encoded string of bytes.
* @param s the salt as a binary-encoded string of bytes.
* @param c the iteration count, a positive integer.
* @param dkLen the intended length, in bytes, of the derived key,
* (max: 2^32 - 1) * hash length of the PRF.
* @param md the message digest to use in the PRF, defaults to SHA-1.
* @param [md] the message digest (or algorithm identifier as a string) to use
* in the PRF, defaults to SHA-1.
* @param [callback(err, key)] presence triggers asynchronous version, called
* once the operation completes.
*
* @return the derived key, as a string of bytes.
* @return the derived key, as a binary-encoded string of bytes, for the
* synchronous version (if no callback is specified).
*/

@@ -34,6 +45,45 @@ forge.pbkdf2 = pkcs5.pbkdf2 = function(p, s, c, dkLen, md, callback) {

}
// default prf to SHA-1
// use native implementation if possible and not disabled, note that
// some node versions only support SHA-1, others allow digest to be changed
if(_nodejs && !forge.disableNativeCode && crypto.pbkdf2 &&
(md === null || typeof md !== 'object') &&
(crypto.pbkdf2Sync.length > 4 || (!md || md === 'sha1'))) {
if(typeof md !== 'string') {
// default prf to SHA-1
md = 'sha1';
}
s = new Buffer(s, 'binary');
if(!callback) {
if(crypto.pbkdf2Sync.length === 4) {
return crypto.pbkdf2Sync(p, s, c, dkLen).toString('binary');
}
return crypto.pbkdf2Sync(p, s, c, dkLen, md).toString('binary');
}
if(crypto.pbkdf2Sync.length === 4) {
return crypto.pbkdf2(p, s, c, dkLen, function(err, key) {
if(err) {
return callback(err);
}
callback(null, key.toString('binary'));
});
}
return crypto.pbkdf2(p, s, c, dkLen, md, function(err, key) {
if(err) {
return callback(err);
}
callback(null, key.toString('binary'));
});
}
if(typeof md === 'undefined' || md === null) {
// default prf to SHA-1
md = forge.md.sha1.create();
}
if(typeof md === 'string') {
if(!(md in forge.md.algorithms)) {
throw new Error('Unknown hash algorithm: ' + md);
}
md = forge.md[md].create();
}

@@ -40,0 +90,0 @@ var hLen = md.digestLength;

+17
-0
nodejs/test/pbkdf2.js

@@ -42,2 +42,9 @@ (function() {

it('should derive a password with hmac-sha-256 (passed as an algorithm identifier) c=1000', function() {
// Note: might be too slow on old browsers
var salt = '4bcda0d1c689fe465c5b8a817f0ddf3d';
var dkHex = UTIL.bytesToHex(PBKDF2('password', salt, 1000, 48, 'sha256'));
ASSERT.equal(dkHex, '9da8a5f4ae605f35e82e5beac5f362df15c4255d88f738d641466a4107f9970238e768e72af29ac89a1b16ff277b31d2');
});
it('should asynchronously derive a password with hmac-sha-1 c=1', function(done) {

@@ -97,2 +104,12 @@ PBKDF2('password', 'salt', 1, 20, function(err, dk) {

});
it('should asynchronously derive a password with hmac-sha-256 (passed as an algorithm identifier) c=1000', function(done) {
// Note: might be too slow on old browsers
var salt = '4bcda0d1c689fe465c5b8a817f0ddf3d';
PBKDF2('password', salt, 1000, 48, 'sha256', function(err, dk) {
var dkHex = UTIL.bytesToHex(dk);
ASSERT.equal(dkHex, '9da8a5f4ae605f35e82e5beac5f362df15c4255d88f738d641466a4107f9970238e768e72af29ac89a1b16ff277b31d2');
done();
});
});
});

@@ -99,0 +116,0 @@ }

+1
-1
package.json
{
"name": "node-forge",
"version": "0.6.28",
"version": "0.6.29",
"description": "JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.",

@@ -5,0 +5,0 @@ "homepage": "http://github.com/digitalbazaar/forge",