stackoom
  简体   繁体   中英

password encryption nodeJS PBKDF2

 原文  2019-11-20 13:30:14       node.js/ encryption/ asp.net-identity

Question

We are moving from asp.net to nodeJS and user's password were in hash that was generated by default ASP.net encryption, so 1st problem was how to match user password with hash password is solved in following code and this working perfectly But now i am stuck how to generate same kind hash for new users? 

    // NodeJS implementation of crypto, I'm sure google's 
// cryptoJS would work equally well.
var crypto = require('crypto');

// The value stored in [dbo].[AspNetUsers].[PasswordHash]
var hashedPwd = "ADOEtXqGCnWCuuc5UOAVIvMVJWjANOA/LoVy0E4XCyUHIfJ7dfSY0Id+uJ20DTtG+A==";
var hashedPasswordBytes = new Buffer(hashedPwd, 'base64');

var hexChar = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F"];

var saltString = "";
var storedSubKeyString = "";

// build strings of octets for the salt and the stored key
for (var i = 1; i < hashedPasswordBytes.length; i++) {
    if (i > 0 && i <= 16) {
        saltString += hexChar[(hashedPasswordBytes[i] >> 4) & 0x0f] + hexChar[hashedPasswordBytes[i] & 0x0f]
    }
    if (i > 0 && i > 16) {
        storedSubKeyString += hexChar[(hashedPasswordBytes[i] >> 4) & 0x0f] + hexChar[hashedPasswordBytes[i] & 0x0f];
    }
}

// password provided by the user
var password = 'welcome1';

// TODO remove debug - logging passwords in prod is considered 
// tasteless for some odd reason
console.log('cleartext: ' + password);
console.log('saltString: ' + saltString);
console.log('storedSubKeyString: ' + storedSubKeyString);

// This is where the magic happens. 
// If you are doing your own hashing, you can (and maybe should)
// perform more iterations of applying the salt and perhaps
// use a stronger hash than sha1, but if you want it to work
// with the [as of 2015] Microsoft Identity framework, keep
// these settings.
var nodeCrypto = crypto.pbkdf2Sync(new Buffer(password), new Buffer(saltString, 'hex'), 1000, 256, 'sha1');

// get a hex string of the derived bytes
var derivedKeyOctets = nodeCrypto.toString('hex').toUpperCase();

console.log("hex of derived key octets: " + derivedKeyOctets);

// The first 64 bytes of the derived key should
// match the stored sub key
if (derivedKeyOctets.indexOf(storedSubKeyString) === 0) {
    console.info("passwords match!");
} else {
    console.warn("passwords DO NOT match!");
}

1 answers

solution1
 0  2019-11-21 07:58:58

I solved my problem, Code for encrypt is:

salt = '1234123412341234';
saltString = new Buffer(salt).toString('hex');
var crypto = require('crypto');

var password = 'welcome';

var nodeCrypto = crypto.pbkdf2Sync(new Buffer(password), new Buffer(saltString, 'hex'), 1000, 32, 'sha1');

var hashInHex="00"+saltString+nodeCrypto.toString('hex').toUpperCase();
var FinalHash = Buffer.from(hashInHex, 'hex').toString('base64')
console.log("newhash: "+FinalHash);
console.log("salt: "+saltString);

thanks

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Generating PBKDF2 keys in C# and NodeJS C# & NodeJS PBKDF Encryption Generate the same PBKDF2 keys in C# and NodeJS How to use nodejs crypto pbkdf2 salt of type bytes array in php hash_pbkdf2 No callback provided to pbkdf2 Java/Node PBKDF2 hash of the user password using the salt and the iteration count - Node Equivalent SALT and HASH using pbkdf2 password encryption in nodejs with bcrypt wordpress password encryption in NodeJS What is wrong with my PBKDF2 in Node here?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM