function compare(data, encrypted, callback) {
/*
data - [REQUIRED] - data to compare.
encrypted - [REQUIRED] - data to be compared to.
callback - [REQUIRED] - a callback to be fired once the data has been compared. uses eio making it asynchronous.
error - First parameter to the callback detailing any errors.
same - Second parameter to the callback providing whether the data and encrypted forms match [true | false].
*/
if(!callback) {
throw "No callback function was given."
}
process.nextTick(function() {
var result = null;
var error = null;
try {
result = compareSync(data, encrypted)
} catch(err) {
error = err;
}
callback(error, result);
});
}...
Asynchronous
```
bcrypt.hash("bacon", null, null, function(err, hash) {
// Store hash in your password DB.
});
// Load hash from your password DB.
bcrypt.compare("bacon", hash, function(err, res) {
// res == true
});
bcrypt.compare("veggies", hash, function(err, res) {
// res = false
});
```
...function compareSync(data, encrypted) {
/*
data - [REQUIRED] - data to compare.
encrypted - [REQUIRED] - data to be compared to.
*/
if(typeof data != "string" || typeof encrypted != "string") {
throw "Incorrect arguments";
}
var encrypted_length = encrypted.length;
if(encrypted_length != 60) {
throw "Not a valid BCrypt hash.";
}
var same = true;
var hash_data = hashSync(data, encrypted.substr(0, encrypted_length-31));
var hash_data_length = hash_data.length;
same = hash_data_length == encrypted_length;
var max_length = (hash_data_length < encrypted_length) ? hash_data_length : encrypted_length;
// to prevent timing attacks, should check entire string
// don't exit after found to be false
for (var i = 0; i < max_length; ++i) {
if (hash_data_length >= i && encrypted_length >= i && hash_data[i] != encrypted[i]) {
same = false;
}
}
return same;
}...
Basic usage:
-----------
Synchronous
```
var hash = bcrypt.hashSync("bacon");
bcrypt.compareSync("bacon", hash); // true
bcrypt.compareSync("veggies", hash); // false
```
Asynchronous
```
bcrypt.hash("bacon", null, null, function(err, hash) {
// Store hash in your password DB.
...function genSalt(rounds, callback) {
/*
rounds - [OPTIONAL] - the number of rounds to process the data for. (default - 10)
seed_length - [OPTIONAL] - RAND_bytes wants a length. to make that a bit flexible, you can specify a seed_length. (default - 20
)
callback - [REQUIRED] - a callback to be fired once the salt has been generated. uses eio making it asynchronous.
error - First parameter to the callback detailing any errors.
salt - Second parameter to the callback providing the generated salt.
*/
if(!callback) {
throw "No callback function was given."
}
process.nextTick(function() {
var result = null;
var error = null;
try {
result = genSaltSync(rounds)
} catch(err) {
error = err;
}
callback(error, result);
});
}...
var bCrypt = require("./bCrypt");
var compares = 0;
var salts = [];
var hashes = [];
console.log("\n\n Salts \n");
bCrypt.genSalt(8, saltCallback);
bCrypt.genSalt(10, saltCallback);
function saltCallback(error, result) {
if(!error) {
console.log(result);
} else {
console.log(error);
...function genSaltSync(rounds) {
/*
rounds - [OPTIONAL] - the number of rounds to process the data for. (default - 10)
seed_length - [OPTIONAL] - RAND_bytes wants a length. to make that a bit flexible, you can specify a seed_length. (default - 20
)
*/
if(!rounds) {
rounds = GENSALT_DEFAULT_LOG2_ROUNDS;
}
return gensalt(rounds);
}...
/*jslint node: true, indent: 4, stupid: true */
var bCrypt = require("./bCrypt");
console.log("\n\n Salts \n");
var salt1 = bCrypt.genSaltSync(8);
console.log(salt1);
var salt2 = bCrypt.genSaltSync(10);
console.log(salt2);
console.log("\n\n Hashes \n");
...function getRounds(encrypted) {
//encrypted - [REQUIRED] - hash from which the number of rounds used should be extracted.
if(typeof encrypted != "string") {
throw "Incorrect arguments";
}
return Number(encrypted.split("$")[2]);
}n/a
function hash(data, salt, progress, callback) {
/*
data - [REQUIRED] - the data to be encrypted.
salt - [REQUIRED] - the salt to be used to hash the password. if specified as a number then a salt will be generated and used (
see examples).
progress - a callback to be called during the hash calculation to signify progress
callback - [REQUIRED] - a callback to be fired once the data has been encrypted. uses eio making it asynchronous.
error - First parameter to the callback detailing any errors.
encrypted - Second parameter to the callback providing the encrypted form.
*/
if(!callback) {
throw "No callback function was given."
}
process.nextTick(function() {
var result = null;
var error = null;
try {
result = hashSync(data, salt, progress)
} catch(err) {
error = err;
}
callback(error, result);
});
}...
bcrypt.compareSync("bacon", hash); // true
bcrypt.compareSync("veggies", hash); // false
```
Asynchronous
```
bcrypt.hash("bacon", null, null, function(err, hash) {
// Store hash in your password DB.
});
// Load hash from your password DB.
bcrypt.compare("bacon", hash, function(err, res) {
// res == true
});
...function hashSync(data, salt, progress) {
/*
data - [REQUIRED] - the data to be encrypted.
salt - [REQUIRED] - the salt to be used in encryption.
*/
if(!salt) {
salt = genSaltSync();
}
return hashpw(data, salt, progress);
}...
This code is based on [javascript-bcrypt] and uses [crypto] (http://nodejs.org/api/crypto.html) to create random byte arrays.
Basic usage:
-----------
Synchronous
```
var hash = bcrypt.hashSync("bacon");
bcrypt.compareSync("bacon", hash); // true
bcrypt.compareSync("veggies", hash); // false
```
Asynchronous
```
...