You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105
  1. var md5 = require('create-hash/md5')
  2. var RIPEMD160 = require('ripemd160')
  3. var sha = require('sha.js')
  4. var Buffer = require('safe-buffer').Buffer
  5. var checkParameters = require('./precondition')
  6. var defaultEncoding = require('./default-encoding')
  7. var toBuffer = require('./to-buffer')
  8. var ZEROS = Buffer.alloc(128)
  9. var sizes = {
  10. md5: 16,
  11. sha1: 20,
  12. sha224: 28,
  13. sha256: 32,
  14. sha384: 48,
  15. sha512: 64,
  16. rmd160: 20,
  17. ripemd160: 20
  18. }
  19. function Hmac (alg, key, saltLen) {
  20. var hash = getDigest(alg)
  21. var blocksize = (alg === 'sha512' || alg === 'sha384') ? 128 : 64
  22. if (key.length > blocksize) {
  23. key = hash(key)
  24. } else if (key.length < blocksize) {
  25. key = Buffer.concat([key, ZEROS], blocksize)
  26. }
  27. var ipad = Buffer.allocUnsafe(blocksize + sizes[alg])
  28. var opad = Buffer.allocUnsafe(blocksize + sizes[alg])
  29. for (var i = 0; i < blocksize; i++) {
  30. ipad[i] = key[i] ^ 0x36
  31. opad[i] = key[i] ^ 0x5C
  32. }
  33. var ipad1 = Buffer.allocUnsafe(blocksize + saltLen + 4)
  34. ipad.copy(ipad1, 0, 0, blocksize)
  35. this.ipad1 = ipad1
  36. this.ipad2 = ipad
  37. this.opad = opad
  38. this.alg = alg
  39. this.blocksize = blocksize
  40. this.hash = hash
  41. this.size = sizes[alg]
  42. }
  43. Hmac.prototype.run = function (data, ipad) {
  44. data.copy(ipad, this.blocksize)
  45. var h = this.hash(ipad)
  46. h.copy(this.opad, this.blocksize)
  47. return this.hash(this.opad)
  48. }
  49. function getDigest (alg) {
  50. function shaFunc (data) {
  51. return sha(alg).update(data).digest()
  52. }
  53. function rmd160Func (data) {
  54. return new RIPEMD160().update(data).digest()
  55. }
  56. if (alg === 'rmd160' || alg === 'ripemd160') return rmd160Func
  57. if (alg === 'md5') return md5
  58. return shaFunc
  59. }
  60. function pbkdf2 (password, salt, iterations, keylen, digest) {
  61. checkParameters(iterations, keylen)
  62. password = toBuffer(password, defaultEncoding, 'Password')
  63. salt = toBuffer(salt, defaultEncoding, 'Salt')
  64. digest = digest || 'sha1'
  65. var hmac = new Hmac(digest, password, salt.length)
  66. var DK = Buffer.allocUnsafe(keylen)
  67. var block1 = Buffer.allocUnsafe(salt.length + 4)
  68. salt.copy(block1, 0, 0, salt.length)
  69. var destPos = 0
  70. var hLen = sizes[digest]
  71. var l = Math.ceil(keylen / hLen)
  72. for (var i = 1; i <= l; i++) {
  73. block1.writeUInt32BE(i, salt.length)
  74. var T = hmac.run(block1, hmac.ipad1)
  75. var U = T
  76. for (var j = 1; j < iterations; j++) {
  77. U = hmac.run(U, hmac.ipad2)
  78. for (var k = 0; k < hLen; k++) T[k] ^= U[k]
  79. }
  80. T.copy(DK, destPos)
  81. destPos += hLen
  82. }
  83. return DK
  84. }
  85. module.exports = pbkdf2