static generateSecret(password) { let secret = crypto.pbkdf2Sync(password, SALT, 10000, 512, 'sha512').toString('hex'); console.debug(`Secret: \n${secret}`); return secret; }
UserSchema.method('setPassword', function(password) { this.salt = crypto.randomBytes(16).toString('hex'); this.passwordHash = crypto.pbkdf2Sync(password, this.salt, 1000, 64).toString('hex'); });
/** * * @param mnemonic Array of strings representing a bip39 mnemonic sentence * @param passphrase String passphrase (defaults to "") */ function generateSeed(mnemonic, passphrase = "") { var salt = Buffer.from("mnemonic" + passphrase, "utf-8"); var password = Buffer.from(mnemonic.join(" "), "utf-8"); var seed = crypto.pbkdf2Sync(password, salt, 2048, 64, "sha512"); return seed.toString("hex"); }
/** * * @param password{Buffer} * @param salt{Buffer} * @param iterations{number} * @returns {*} */ function pbkdf2sha512(password, salt, iterations) { return crypto.pbkdf2Sync(password, salt, iterations, 64, 'sha512') }
const login = async (req, res) => { const { username, password } = req.body; // Check if empty request body if (!req.body || !username || !password) return res.status(400).json({ error: { message: 'Bad Request: empty data' } }); // Check login info const user = await User.findOne({ username }); if (!user) return res.status(401).json({ error: { message: 'Invalid Username' } }); const isValidPassword = crypto.pbkdf2Sync(password, SALT, 1000, 64, 'sha512').toString('hex') === user.password; if (!isValidPassword) return res.status(401).json({ error: { message: 'Invalid Password' } }); // Sign JWT and send it to Client const token = jwt.sign({ uid: user.get('_id') }, JWT_KEY, { expiresIn: '5m' }); return res.status(200).json({ data: { token } }); }
setPassword(pwd) { this.salt = crypto.randomBytes(16); this.password = crypto.pbkdf2Sync(pwd, this.salt, 12306, 64, 'sha512').toString('hex'); }
constructor (client) { this.client = client; client.fetchApplication().then(data => { password = pbkdf2Sync(pass, data.owner.id, 100000, 16, "sha512").toString("hex"); }).catch(); }
const register = async (req, res) => { const { username, email, password } = req.body; // Check if empty request body if (!req.body || !username || !password || !email) return res.status(400).json({ error: { message: 'Bad Request: empty data' } }); // Check if username or email has been taken const exUser = await User.findOne().or([{ username }, { email }]); if (exUser) return res.status(409).json({ error: { message: 'Username or email exists' } }); // Create new user const newUser = new User(); newUser.username = username; newUser.email = email; newUser.password = crypto.pbkdf2Sync(password, SALT, 1000, 64, 'sha512').toString('hex'); // hashing password await newUser.save(); return res.status(200).json({ data: { message: 'Success' } }); }
validatePwd(pwd) { let hashedPwd = crypto.pbkdf2Sync(pwd, this.salt, 12306, 64, 'sha512').toString('hex'); return this.password === hashedPwd; }
function hashPasswordSync(password) { const salt = randomBytes(16); const hash = pbkdf2Sync(password, salt, iterations, keyLength, 'sha512'); return `${hash.toString('hex')}:${salt.toString('hex')}`; }
UserSchema.method("validatePassword", function(password){ let hash = crypto.pbkdf2Sync(password, this.salt, 1000, 64).toString('hex'); return (hash === this.passwordHash); });
const encryptPasswordInSSh = function(password){ let salt = SSH_PASSWORD_KEY; let hash = crypto.pbkdf2Sync(password, salt,1000, 64, `sha512`).toString(`hex`); return hash; }
//creates a unique password. //500 iterations for speed and the hardware is outdated. //64 is length in bytes of the result function setPassword(password, salt){ return crypto.pbkdf2Sync(password, salt, 500, 64, `sha512`).toString(`hex`) }
const matchPassword = function(password,encryptedPassword) { let salt = SSH_PASSWORD_KEY; let hash = crypto.pbkdf2Sync(password,salt, 1000, 64, `sha512`).toString(`hex`); return encryptedPassword === hash; }
function encrypt_pass ( password, salt ) { // storage note, seems to result in length 684 var retval = ''; // 100,000 ~ 2.0s // 50,000 ~ 1.0s // 25,000 ~ 0.5s // 10,000 ~ 0.2s retval = crypto .pbkdf2Sync( password, salt, 10000, 512, 'sha512' ) .toString( 'base64' ); return retval; }