How to use pbkdf2 - 10 common examples

To help you get started, we’ve selected a few pbkdf2 examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github tradle / react-native-crypto / test / pbkdf2.js View on Github external
vectors.forEach(function (input) {
    // skip inputs that will take way too long
    if (input.iterations > 10000) return

    var key = crypto.pbkdf2Sync(input.password, input.salt, input.iterations, input.length)

    if (key.toString('hex') !== input.sha1) {
      console.log(input)
    }

    t.equal(key.toString('hex'), input.sha1)
  })
github getcanoe / canoe / Wallet.js View on Github external
api.pack = function () {
    var pack = api.getEntireJSON()
    pack = Buffer.from(stringToArr(pack))

    var context = blake2bInit(32)
    blake2bUpdate(context, pack)
    checksum = blake2bFinal(context)

    var salt = Buffer.from(nacl.randomBytes(16)) // new Buffer(nacl.randomBytes(16))
    var key = pbkdf2.pbkdf2Sync(passPhrase, salt, iterations, 32, 'sha1')

    var options = { mode: AES.CBC, padding: Iso10126 }
    var encryptedBytes = AES.encrypt(pack, key, salt, options)

    var payload = Buffer.concat([Buffer.from(checksum), salt, encryptedBytes])
    return payload.toString('hex')
  }
github buttercup / buttercup-core / source / encryption / encrypt.js View on Github external
generateDerivedKey: function(password, usedSalt, rounds) {
            rounds = rounds || getRandomInRange(
                config.DERIVED_KEY_ITERATIONS_MIN,
                config.DERIVED_KEY_ITERATIONS_MAX
            );
            var salt = usedSalt || lib.generateSalt(config.SALT_LENGTH),
                derivedKey = pbkdf2.pbkdf2Sync(
                    password,
                    salt,
                    rounds,
                    config.PASSWORD_KEY_SIZE + config.HMAC_KEY_SIZE, // size
                    config.DERIVED_KEY_ALGORITHM
                );
            // Get key and split it into 2 buffers: 1 for the password, 1 for the HMAC key
            var derivedKeyHex = derivedKey.toString("hex"),
                dkhLength = derivedKeyHex.length,
                keyBuffer = new Buffer(derivedKeyHex.substr(0, dkhLength / 2), "hex"),
                hmacBuffer = new Buffer(derivedKeyHex.substr(dkhLength / 2, dkhLength / 2), "hex");
            return {
                salt: salt,
                key: keyBuffer,
                hmac: hmacBuffer,
                rounds: rounds
github cryptocoinjs / scryptsy / lib / scrypt.js View on Github external
// send progress notifications once every 1,000 ops
      if (currentOp % 1000 === 0) {
        progressCallback({
          current: currentOp,
          total: totalOps,
          percent: (currentOp / totalOps) * 100.0
        })
      }
    }
  }

  for (var i = 0; i < p; i++) {
    smix(B, i * 128 * r, r, N, V, XY, _X, B32, x, tickCallback)
  }

  return pbkdf2.pbkdf2Sync(key, B, 1, dkLen, 'sha256')
}
github polkadot-js / common / packages / util-crypto / src / mnemonic / toMiniSecret.ts View on Github external
export default function toMiniSecret (mnemonic: string, password = ''): Uint8Array {
  if (isReady()) {
    return bip39ToMiniSecret(mnemonic, password);
  }

  const entropy = u8aToBuffer(toEntropy(mnemonic));
  const salt = u8aToBuffer(stringToU8a(`mnemonic${password}`));

  // return the first 32 bytes as the seed
  return bufferToU8a(
    pbkdf2Sync(entropy, salt, 2048, 64, 'sha512')
  ).slice(0, 32);
}
github ethereum / web3.js / src / wallet / accounts / EthereumAccount.js View on Github external
toV3Keystore(password, options) {
        options = options || {};
        const salt = options.salt || randomBytes(32);
        const iv = options.iv || randomBytes(16);

        let derivedKey;
        const kdf = options.kdf || 'scrypt';
        const kdfparams = {
            dklen: options.dklen || 32,
            salt: salt.toString('hex')
        };

        if (kdf === 'pbkdf2') {
            kdfparams.c = options.c || 262144;
            kdfparams.prf = 'hmac-sha256';
            derivedKey = pbkdf2Sync(
                Buffer.from(password),
                Buffer.from(kdfparams.salt, 'hex'),
                kdfparams.c,
                kdfparams.dklen,
                'sha256'
            );
        } else if (kdf === 'scrypt') {
            // FIXME: support progress reporting callback
            kdfparams.n = options.n || 8192; // 2048 4096 8192 16384
            kdfparams.r = options.r || 8;
            kdfparams.p = options.p || 1;
            derivedKey = scrypt(
                Buffer.from(password),
                Buffer.from(kdfparams.salt, 'hex'),
                kdfparams.n,
                kdfparams.r,
github chriscohoat / rai-wallet / src / Wallet.js View on Github external
api.decryptAndCheck = function(data) {
    var bytes = new Buffer(data, 'hex');
    var checksum = bytes.slice(0, 32);
    var salt = bytes.slice(32, 48);
    var payload = bytes.slice(48);
    var key = pbkdf2.pbkdf2Sync(passPhrase, salt, iterations, 32, 'sha1');

    var options = {};
    options.padding = options.padding || Iso10126;
    var decryptedBytes = AES.decrypt(payload, key, salt, options);

    var context = blake.blake2bInit(32);
    blake.blake2bUpdate(context, decryptedBytes);
    var hash = uint8_hex(blake.blake2bFinal(context));

    if (hash != checksum.toString('hex').toUpperCase())
      return false;
    return decryptedBytes;
  }
github ethereum / web3.js / src / wallet / accounts / EthereumAccount.js View on Github external
derivedKey = scrypt(
                Buffer.from(password),
                Buffer.from(kdfparams.salt, 'hex'),
                kdfparams.n,
                kdfparams.r,
                kdfparams.p,
                kdfparams.dklen
            );
        } else if (json.crypto.kdf === 'pbkdf2') {
            kdfparams = json.crypto.kdfparams;

            if (kdfparams.prf !== 'hmac-sha256') {
                throw new Error('Unsupported parameters to PBKDF2');
            }

            derivedKey = pbkdf2Sync(
                Buffer.from(password),
                Buffer.from(kdfparams.salt, 'hex'),
                kdfparams.c,
                kdfparams.dklen,
                'sha256'
            );
        } else {
            throw new Error('Unsupported key derivation scheme');
        }

        const ciphertext = Buffer.from(json.crypto.ciphertext, 'hex');

        const mac = keccak256(Buffer.concat([derivedKey.slice(16, 32), ciphertext])).replace('0x', '');
        if (mac !== json.crypto.mac) {
            throw new Error('Key derivation failed - possibly wrong password');
        }
github Zilliqa / Zilliqa-JavaScript-Library / packages / zilliqa-js-crypto / src / keystore.ts View on Github external
async function getDerivedKey(
  key: Buffer,
  kdf: KDF,
  params: KDFParams,
): Promise {
  const salt = Buffer.from(params.salt, 'hex');

  if (kdf === 'pbkdf2') {
    const { c, dklen } = params as PBKDF2Params;
    return pbkdf2Sync(key, salt, c, dklen, 'sha256');
  }

  if (kdf === 'scrypt') {
    const { n, r, p, dklen } = params as ScryptParams;
    return scrypt(key, salt, n, r, p, dklen);
  }

  throw new Error('Only pbkdf2 and scrypt are supported');
}
github TronLink / tronlink-extension / packages / lib / utils.js View on Github external
const encryptKey = (password, salt) => {
    return pbkdf2.pbkdf2Sync(password, salt, 1, 256 / 8, 'sha512');
};

pbkdf2

This library provides the functionality of PBKDF2 with the ability to use any supported hashing algorithm returned from crypto.getHashes()

MIT
Latest version published 4 years ago

Package Health Score

71 / 100
Full package analysis