Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
scrypt - npm Package Compare versions
Comparing version 4.0.6 to 4.0.7
| { | ||
| "name": "scrypt", | ||
| "description": "The scrypt crypto library for NodeJS", | ||
| "version": "4.0.6", | ||
| "version": "4.0.7", | ||
| "keywords": [ | ||
@@ -6,0 +6,0 @@ "scrypt", |
@@ -1,9 +0,34 @@ | ||
| # Scrypt For NodeJS | ||
| # Scrypt For Node/IO | ||
| [](https://travis-ci.org/barrysteyn/node-scrypt) | ||
| [](https://travis-ci.org/barrysteyn/node-scrypt) [](http://badge.fury.io/js/scrypt) | ||
| node-scrypt is a native node C++ wrapper for Colin Percival's scrypt utility. | ||
| Scrypt for Node/IO is a native node/io C++ wrapper for Colin Percival's scrypt utility. | ||
| As should be the case with any security tool, this library should be scrutinized by anyone using it. If you find or suspect an issue with the code- please bring it to my attention and I'll spend some time trying to make sure that this tool is as secure as possible. | ||
| # News And Updates | ||
| ## Node-Scrypt Version 4 | ||
| Fully compatible with Node versions 0.10x and up and IO. Library rewritten using [nan](https://github.com/rvagg/nan). | ||
| ## Node-Scrypt Version 3 | ||
| Version 3's main highlight is support for the **Microsoft Windows** platform. | ||
| ### Node-Scrypt Version 2 | ||
| Node-Scrypt version 2.0 is a complete rewrite of the previous module. It's main highlights are: | ||
| * Access to the underlying key derivation function | ||
| * Extensive use of node's buffers | ||
| * Easy configuration | ||
| * Removal of scrypt encryption/decryption (this will soon be moved to another module) | ||
| The module consists of four functions: | ||
| 1. [params](#params) - a translation function that produces scrypt parameters | ||
| 2. [hash](#hash) - produces a 256 bit hash using scrypt's key derivation function | ||
| 3. [verify](#verify) - verify's a hash produced by this module | ||
| 4. [kdf](#key-derivation-function) - scrypt's underlying key dervivation function | ||
| It also consists of four extra functions that provide [backward compatibility](#backward-compatibility-for-users-of-version-1x) to the previous version. | ||
| ## Table Of Contents | ||
@@ -13,3 +38,2 @@ | ||
| * [Installation Instructions](#installation-instructions) | ||
| * [Introducing Node-scrypt version 2.X](#introducing-node-scrypt-version-2) | ||
| * [API](#api) | ||
@@ -33,3 +57,3 @@ * [Example Usage](#example-usage) | ||
| To install node-gyp for windows, refer to the [windows specific install instructions](https://github.com/TooTallNate/node-gyp#installation) of the node-gyp documentation. | ||
| To install node-gyp for windows, refer to the [windows specific install instructions](https://github.com/TooTallNate/node-gyp#installation) of the node-gyp documentation (also look [here](https://github.com/TooTallNate/node-gyp/wiki/Visual-Studio-2010-Setup) for helpful hints). | ||
@@ -39,3 +63,3 @@ #### OpenSSL | ||
| * [OpenSSL For Windows 32 bit](Win32 OpenSSL v1.0.2) | ||
| * [OpenSSL For Windows 32 bit](http://slproweb.com/download/Win32OpenSSL-1_0_2.exe) | ||
| * [OpenSSL For Windows 64 bit](http://slproweb.com/download/Win64OpenSSL-1_0_2.exe) | ||
@@ -66,26 +90,2 @@ | ||
| ## Node-Scrypt Version 4 | ||
| Fully compatible with Node versions 0.10x and up and IO. Library rewritten using Nan. | ||
| ## Node-Scrypt Version 3 | ||
| Version 3's main highlight is support for the **Microsoft Windows** platform. | ||
| ### Node-Scrypt Version 2 | ||
| Node-Scrypt version 2.0 is a complete rewrite of the previous module. It's main highlights are: | ||
| * Access to the underlying key derivation function | ||
| * Extensive use of node's buffers | ||
| * Easy configuration | ||
| * Removal of scrypt encryption/decryption (this will soon be moved to another module) | ||
| The module consists of four functions: | ||
| 1. [params](#params) - a translation function that produces scrypt parameters | ||
| 2. [hash](#hash) - produces a 256 bit hash using scrypt's key derivation function | ||
| 3. [verify](#verify) - verify's a hash produced by this module | ||
| 4. [kdf](#key-derivation-function) - scrypt's underlying key dervivation function | ||
| It also consists of four extra functions that provide [backward compatibility](#backward-compatibility-for-users-of-version-1x) to the previous version. | ||
| #### Encodings | ||
@@ -168,5 +168,10 @@ The following encodings are accepted: | ||
| ## API | ||
| ##### A Note On Error Handling | ||
| ##### A Note On Error Synchronous Handling | ||
| All synchronous functionality should be wrapped in a `try ... catch` as exceptions are thrown in case of error. For asynchronous functionality, error are returned as the first argument to the callback function if such an error exists. An error is an object with both an error code and a message describing the error. | ||
| ##### A Note On Error Asynchronous Handling | ||
| For asynchronous functionality, an error is thrown if the error is a programmer error. For more information about different error types, see [this](https://www.joyent.com/developers/node/design/errors#) article. For example, specifying the `hashEncoding` for verify that is different to the actual hash's encoding will throw an error. | ||
| On a successful result, the err object of the callback function will be `null` (not `undefined`). | ||
| ##### Scrypt Parameter Object | ||
@@ -528,3 +533,3 @@ The scrypt parameter object is a JSON object that must have values for properties **N**, **r** and **p**. For example, it could look like this: | ||
| #####Cons | ||
| ##### Cons | ||
| There is just one con I can think of: It is a relatively new library (only been around since 2009). Cryptographers don't really like new libraries for production deployment as it has not been *battle tested*. That being said, it is being actively used in [Tarsnap](http://www.tarsnap.com/) (as mentioned above) and the author is very active. | ||
@@ -531,0 +536,0 @@ |
@@ -26,2 +26,3 @@ var test = require('tap').test; | ||
| kdf(buf, {"N":16,"r":1,"p":1},64,"", function(err, res) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.equal(res.hash.toString("hex"),"77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906","Asynchronous test: first test vector is correctly returned"); | ||
@@ -40,3 +41,4 @@ t.end(); | ||
| kdf("password", {"N":1024,"r":8,"p":16},64,buf, function(err, res) { | ||
| t.equal(res.hash.toString("hex"),"fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640","Synchronous test: second test vector is correctly returned"); | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.equal(res.hash.toString("hex"),"fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640","Asynchronous test: second test vector is correctly returned"); | ||
| t.end(); | ||
@@ -55,2 +57,3 @@ }); | ||
| kdf(buf, {"N":16384,"r":8,"p":1},64,salt, function(err, res) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.equal(res.hash,"7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887","Asynchronous test: third test vector is correctly returned"); | ||
@@ -125,2 +128,3 @@ t.end(); | ||
| scrypt.verifyHash(hash, keyString, function(err, result) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.notOk(err,"Asynchronous: no error verifying hash"); | ||
@@ -139,2 +143,3 @@ t.equal(result, true,"Asynchronous: hash has been verified as true => Result Is True"); | ||
| scrypt.passwordHash(keyString, scryptParameters, function(err, hash) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.notOk(err,"Asynchronous: no error hashing result"); | ||
@@ -222,2 +227,3 @@ scrypt.verifyHash(hash, "another key", function(err, result) { | ||
| scrypt.params(2, function(err, parameters) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.type(parameters,"object","Returned entity is an object"); | ||
@@ -233,2 +239,3 @@ t.type(parameters.N, "number","N is present in object and is of type number"); | ||
| scrypt.params(2, 0.5, function(err, parameters) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.type(parameters,"object","Returned entity is an object"); | ||
@@ -244,2 +251,3 @@ t.type(parameters.N, "number","N is present in object and is of type number"); | ||
| scrypt.params(2, 0.5, 1, function(err, parameters) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.type(parameters,"object","Returned entity is an object"); | ||
@@ -566,2 +574,3 @@ t.type(parameters.N, "number","N is present in object and is of type number"); | ||
| scrypt.passwordHash(keyString, 1, function(err, hash) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.ok(true, "The key was hashed successfully, as expected"); | ||
@@ -575,2 +584,3 @@ t.type(hash, "string", "The hash that was returned is of type 'string', as expected (because it is base64 encoded)"); | ||
| scrypt.passwordHash(keyString, 1, 0.05, function(err, hash) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.ok(true, "The key was hashed successfully, as expected"); | ||
@@ -584,2 +594,3 @@ t.type(hash, "string", "The hash that was returned is of type 'string', as expected (because it is base64 encoded)"); | ||
| scrypt.passwordHash(keyString, 1, 0.05, 0.05, function(err, hash) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.ok(true, "The key was hashed successfully, as expected"); | ||
@@ -593,2 +604,3 @@ t.type(hash, "string", "The hash that was returned is of type 'string', as expected (because it is base64 encoded)"); | ||
| scrypt.passwordHash(keyStringObject, scryptParameters, function(err, hash) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.ok(true, "The key was hashed successfully with a string object, as expected"); | ||
@@ -601,3 +613,4 @@ t.type(hash, "string", "The hash that was returned is of type 'string', as expected (because it is base64 encoded)"); | ||
| test("Password Hash (Asynchronous): hash key with correct arguments: key buffer and scrypt parameters object", function(t) { | ||
| scrypt.passwordHash(keyBuffer, scryptParameters,function (err, hash) { | ||
| scrypt.passwordHash(keyBuffer, scryptParameters, function (err, hash) { | ||
| t.deepEqual(err, null, "Asynchronous test: err object is correctly set as null"); | ||
| t.ok(true, "The key was hashed successfully with a buffer, as expected"); | ||
@@ -604,0 +617,0 @@ t.type(hash, "string", "The hash that was returned is of type 'string', as expected (because it is base64 encoded)"); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.08%
2156808
- Lines of code
- increased by1.36%
968
- Number of lines in readme file
- increased by0.88%
572
No dependency changes