secret-utils
Common crypto
snippets (generate random bytes, salt, hash password, etc)
You should use the Node.js modules for bcrypt
or scrypt
,
but if you'd rather have pure Node.js JavaScript without compiled modules,
well, here you go.
npm install --save secret-utils
var secretutils = ; secretutils;// '1cCk4GzgSDjbuFSRHOrte5_WHW02oYQwaxetY72UxPc'
API
- createShadow
- testSecret
- url64
- random
- int
- hashsum
- sha1sum
- sha256sum
- alphanum
.createShadow()
createShadow(secret[, hashtype[, salt ]])
secretutils; // output salt: 'rVhp3Lb7WktdzC0DY9TZtHOOVtdZVWeMCv6YLKizaWI' shadow: 'e26f053d55a744e823f37d1caacd9bb4c082f4ec09fe891e60890f8f8505882c' hashtype: 'sha256'
Given a secret (password, passphrase, etc), returns a shadow, hashtype, and salt.
hashtype
defaults to sha256
salt
defaults to url64(32)
.testSecret()
testSecret(salt, secret, shadow[, hashtype ])
secretutils;// true
Given a salt, secret, shadow (and hashtype), determine if the secret matches the shadow.
hashtype
defaults to sha256
returns true
or false
.genSalt()
genSalt(len)
secretutils;// '1cCk4GzgSDjbuFSRHOrte5_WHW02oYQwaxetY72UxPc'
Alias of .url64(len)
.url64()
url64(len)
secretutils;// '1cCk4GzgSDjbuFSRHOrte5_WHW02oYQwaxetY72UxPc'
Creates a url-safe base64 string with a given entropy
NOTE that a length of 96 bytes would become a 128-char string
Source:
crypto // Convert '+' to '-' // Convert '/' to '_' // Remove ending '=' ;
.random()
random(len[, encoding])
secretutils;// <Buffer ce ef 12 c3 47 a9 98 88 1f ... >
Generate a securely random Buffer
with len
bytes of entropy, optionally encoded as a string.
.int()
int(min, max)
secretutils;// 1
Generate a securely random 48-bit integer.
.hashsum()
hashsum(hashtype, str)
secretutils;// 'a0d281586a74a2bc49414c683b5729aa39c6204b'
Return the hash of a given string. Useful for short strings, not for large buffers.
Source:
return ;
.sha1sum()
sha1sum(str)
secretutils;// 'a0d281586a74a2bc49414c683b5729aa39c6204b'
Return the sha1sum of a given string. Useful for short strings, not for large buffers.
Source:
return ;
.sha256sum()
sha256sum(str)
secretutils;// 'b81efbad017cbe4f785fb9603cc732d5f0263b34edc1e37f2cb13e13aa0f392b'
Return the sha1sum of a given string. Useful for short strings, not for large buffers.
Source:
return ;
.alphanum()
alphanum(len)
secretutils;// ktp827asite9kp7x
Return an alphanumeric (A-Za-z0-9) string (insecure, using Math.random()
).
Why?
Most of the crypto
functions are built on a stream-esque API,
but many of the common use cases for crypto involve very short strings.
sha1sum(str)
is simply easier to read (and write) at-a-glance
than require('crypto').createHash('sha1').update(val).digest('hex');
Removing a minor annoyance, that's all.
Thanks
Code snatched from
crypto-rand
urlsafe-base64