How to mimic php crypt() on NODE.JS

Question

Please help with php -> javascript(node.js) conversion

$key = crypt($key, $salt);

I'm rewriting php script with node.js, and I got stuck with hash signature generation in php, which is made using crypt() function with salt matching "CRYPT_EXT_DES" pattern

CRYPT_EXT_DES - Extended DES-based hash. The "salt" is a 9-character string consisting of an underscore followed by 4 bytes of iteration count and 4 bytes of salt. These are encoded as printable characters, 6 bits per character, least significant character first. The values 0 to 63 are encoded as "./0-9A-Za-z". Using invalid characters in the salt will cause crypt() to fail.

I'm not really experienced with encryption, and studying node.js docs on crypto module didnt help. Please help how to implement this on node.js!

Answer 1

It looks like the crypt(3) library should work.

Eg:

const crypt = require( 'crypt3/sync' ),
      key = "password",
      hash = crypt( key, crypt.createSalt( 'sha512' ) );

And then to test stored hash...

const crypt = require( 'crypt3/sync' ),
      key = "password",
      hash = /* stored hash */;

if ( crypt( key, hash ) !== hash ) {
  // access denied
  return false;
}

(six year late, I know)

Answer 2

you can do this with https://github.com/thomas-alrek/node-php-password

var Password = require("node-php-password");

var options = {
    cost: 10,
    salt: "qwertyuiopasdfghjklzxc"
};
const hashedPassword = Password.hash(password, "PASSWORD_DEFAULT", options);

and this will be the same result as in php

crypt(password,'$2y$10$'.'qwertyuiopasdfghjklzxc'.'$')