I'd like to store user password hashes in a database.
When a new password is created, I get some bytes from
crypto.randombytes to use as salt, then feed the salt and password to
crypto.pbkdf2 (along with an iteration count and size).
I convert the salt with salt.toString('base64') in order to save it in
the password database.
I have noticed that the resulting key from pbkdf2 is essentially a
binary coded string; so convert it using
new Buffer(derivedKey,'binary').toString('base64')
before saving it to the database.
However, I see that the crypto API is going to change to using buffers
rather than binary encoded strings. Also, the 'binary' encoding is
going away.
That is fine and well, but what do I need to do to ensure that the
password hashes will be the same after the crypto API changes?
I understand I will have to rewrite the code, of course, but I want to
be able to use the same old hashes so that the password database can
still be used.
Can I expect the future crypto.pbkdf2 to produce a buffer identical to
today's new Buffer(derivedKey,'binary')?
Also, what is most future proof – to feed the binary salt as a buffer
to pbkdf2, or the stringified version thereof?
- Harald
--
--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en
---
You received this message because you are subscribed to the Google Groups
"nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
