Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

crypto: PBKDF2 function from OpenSSL #1491

Closed
wants to merge 2 commits into from
Closed

Conversation

pixelglow
Copy link

I've added the PBKDF2 function from OpenSSL i.e. the Password-Based Key Derivation Function using HMAC-SHA1 as the pseudorandom function. See for example: http://en.wikipedia.org/wiki/PBKDF2.

Since the function is meant to take significant time to process, I've written it with an async callback

crypto.pbkdf2('password', 'salt', 1, 20, function (err, result) { 
  assert.equal(result, '\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9\xb5\x24\xaf\x60\x12\x06\x2f\xe0\x37\xa6', 'pbkdf1 test vector 1');
});

The parameters are:

  • password -- string or Buffer
  • salt -- string or Buffer
  • iter -- number of iterations, should be >= 0
  • keylen -- the length of the derived key, should be >= 0

The callback returns either a generic error message or a binary-encoded string result.

I've added some tests based on RFC 6070 to exercise it.

Why this should be in core?

  • Issue AES encryption and decryption gives incorrect results #1318 talks about the need for PBKDF2.
  • It's a basic cryptographic function found in the same OpenSSL library that provides the other crypto library functions.
  • It's just a simple function and would look out of place in a "userland" repo all by itself. :-)

@pixelglow
Copy link
Author

There are other PBKDF2 implementations out there in pure Javascript, but they will be even slower because they work off the process ticks, rather than use the EIO thread pool like this implementation.

@bnoordhuis
Copy link
Member

LGTM in general. Couple of nits but I'll address those in the patch. Can you sign the CLA?

cc @pquerna

@koichik
Copy link

koichik commented Aug 11, 2011

@pixelglow - Can you add docs (crypto.markdown)?

@pixelglow
Copy link
Author

Signed the CLA and applied the changes you wanted. The function seems to hold up well even when blasted with 1000 calls on a Snow Leopard system, and the underlying OpenSSL function doesn't appear to hold on to state, so I'm pretty sure it will work asynchronously as advertised.

@bnoordhuis
Copy link
Member

Thanks, landed in 04122ad.

TryCatch try_catch; // don't quite see the necessity of this

If the callback throws and there's no TryCatch guard in place, the exception is re-raised the next time you enter V8 - but the stack trace will point to your point of entry, not the callback. Extremely confusing.

@bnoordhuis bnoordhuis closed this Aug 12, 2011
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants