using crypto.pbkdf2Sync in node 6 return different hash then node4
Question
we are trying upgrading our current project nodeJS version (4.2.4) to the latest version (6.9.1) and we encounter such a problem, we have some authenticated method on user password which does something like this :
return this.password === crypto.pbkdf2Sync(password, this.salt, 10000, 64).toString('base64');
this.password is the user password hash that worked on node 4.2.4 and password is the user input,
since we upgrade to node 6.9.1 it stop working and return false where in node 4.2.4 it return true
we already try to add any digest option(since now it required) but didn't find one that match
maybe there is more things we should change ? can someone help ?
- note in Node 5 it work as usual with no change in code
1 answers
solution1
4 ACCPTED 2016-11-02 11:58:45
You need to change your code to:
crypto.pbkdf2Sync(password, new Buffer(this.salt, 'binary'), 10000, 64).toString('base64');
from node 6 the default salt is not binary
You also need to add digest, for example:
crypto.pbkdf2Sync(password, new Buffer(this.salt, 'binary'), 10000, 64, 'DSA-SHA1').toString('base64')
See the API here: https://nodejs.org/api/crypto.html#crypto_crypto_pbkdf2sync_password_salt_iterations_keylen_digest
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.