UNPKG

phc-argon2

Version:

Node.JS Argon2 password hashing algorithm following the PHC string format

github.com/thetutlage/phc-argon2

thetutlage/phc-argon2

345 lines (302 loc) 9.27 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
/* eslint-disable capitalized-comments,complexity,prefer-destructuring,promise/prefer-await-to-then,unicorn/prevent-abbreviations */ 'use strict'; const argon2 = require('argon2'); const tsse = require('tsse'); const phc = require('@phc/format'); const gensalt = require('@kdf/salt'); const MAX_UINT32 = 4294967295; // 2**32 - 1 const MAX_UINT24 = 16777215; // 2**24 - 1 /** * Default configurations used to generate a new hash. * @private * @type {Object} */ const defaults = Object.freeze({ // Argon2 variant to use. Can be one of argon2(d), argon2(i) or argon2(id). variant: 'id', // time cost, in linear iterations. iterations: 3, // memory cost, in kibibytes. memory: 4096, // parallelism, in number of threads and lanes. parallelism: 1, // The minimum recommended size for the salt is 128 bits. saltSize: 16 }); /** * Supported Argon2 variants. * Argon2 currently has three modes: * - d: Argon2d data-dependent. * - i: Argon2i data-independent. * - id: Argon2id a mix of the two. * See https://crypto.stackexchange.com/a/49969 * @private * @type {Object} */ const variants = Object.freeze({ i: argon2.argon2i, d: argon2.argon2d, id: argon2.argon2id }); /** * Supported Argon2 versions. * @private * @type {number[]} */ const versions = [ 0x10, // 1.0 (16) 0x13 // 1.3 (19) ]; /** * Computes the hash string of the given password in the PHC format using argon2 * package. * @public * @param {string} password The password to hash. * @param {Object} [options] Optional configurations related to the hashing * function. * @param {number} [options.variant=id] Optinal variant of argon2 to use. * Can be one of [`'d'`, `'i'`, `'id'`] for argon2d, argon2i and argon2id * respectively. * @param {number} [options.iterations=3] Optional number of iterations to use. * Must be an integer within the range (`1` <= `iterations` <= `2^32-1`). * @param {number} [options.memory=4096] Optional amount of memory to use in * kibibytes. * Must be an integer within the range (`8` <= `memory` <= `2^32-1`). * @param {number} [options.parallelism=1] Optional degree of parallelism to * use. * Must be an integer within the range (`1` <= `parallelism` <= `2^24-1`). * @param {number} [options.saltSize=16] Optional number of bytes to use when * autogenerating new salts. * Must be an integer within the range (`1` <= `saltSize` <= `2^10-1`). * @return {Promise.<string>} The generated secure hash string in the PHC * format. */ function hash(password, options) { options = options || {}; let variant = options.variant || defaults.variant; const iterations = options.iterations || defaults.iterations; const memory = options.memory || defaults.memory; const parallelism = options.parallelism || defaults.parallelism; const saltSize = options.saltSize || defaults.saltSize; const version = versions[versions.length - 1]; // Iterations Validation if (typeof iterations !== 'number' || !Number.isInteger(iterations)) { return Promise.reject( new TypeError("The 'iterations' option must be an integer") ); } if (iterations < 1 || iterations > MAX_UINT32) { return Promise.reject( new TypeError( `The 'iterations' option must be in the range (1 <= iterations <= ${MAX_UINT32})` ) ); } // Parallelism Validation if (typeof parallelism !== 'number' || !Number.isInteger(parallelism)) { return Promise.reject( new TypeError("The 'parallelism' option must be an integer") ); } if (parallelism < 1 || parallelism > MAX_UINT24) { return Promise.reject( new TypeError( `The 'parallelism' option must be in the range (1 <= parallelism <= ${MAX_UINT24})` ) ); } // Memory Validation if (typeof memory !== 'number' || !Number.isInteger(memory)) { return Promise.reject( new TypeError("The 'memory' option must be an integer") ); } const minmem = 8 * parallelism; if (memory < minmem || memory > MAX_UINT32) { return Promise.reject( new TypeError( `The 'memory' option must be in the range (${minmem} <= memory <= ${MAX_UINT32})` ) ); } // Variant Validation if (typeof variant !== 'string') { return Promise.reject( new TypeError("The 'variant' option must be a string") ); } variant = variant.toLowerCase(); if (!Object.prototype.hasOwnProperty.call(variants, variant)) { return Promise.reject( new TypeError( `The 'variant' option must be one of: ${Object.keys(variants)}` ) ); } // Salt Size Validation if (saltSize < 8 || saltSize > 1024) { return Promise.reject( new TypeError( "The 'saltSize' option must be in the range (8 <= parallelism <= 1023)" ) ); } return gensalt(saltSize).then((salt) => { const params = { version, type: variants[variant], timeCost: iterations, memoryCost: memory, parallelism, salt, raw: true }; return argon2.hash(password, params).then((hash) => { const phcstr = phc.serialize({ id: `argon2${variant}`, version, params: { t: iterations, m: memory, p: parallelism }, salt, hash }); return phcstr; }); }); } /** * Determines whether or not the hash stored inside the PHC formatted string * matches the hash generated for the password provided. * @public * @param {string} phcstr Secure hash string generated from this package. * @param {string} password User's password input. * @returns {Promise.<boolean>} A boolean that is true if the hash computed * for the password matches. */ function verify(phcstr, password) { let phcobj; try { phcobj = phc.deserialize(phcstr); } catch (error) { return Promise.reject(error); } // Identifier Validation const idparts = phcobj.id.split('2'); if ( idparts.length !== 2 || idparts[0] === '' || idparts[1] === '' || idparts[0] !== 'argon' ) { return Promise.reject( new TypeError(`Incompatible ${phcobj.id} identifier found in the hash`) ); } if (!Object.prototype.hasOwnProperty.call(variants, idparts[1])) { return Promise.reject( new TypeError(`Unsupported ${idparts[1]} variant function`) ); } const variant = idparts[1]; // Version Validation if (typeof phcobj.version === 'undefined') { phcobj.version = versions[0]; // Old Argon2 strings without the version. } if (!versions.includes(phcobj.version)) { return Promise.reject( new TypeError(`Unsupported ${phcobj.version} version`) ); } const version = phcobj.version; // Parameters Existence Validation if (typeof phcobj.params !== 'object') { return Promise.reject(new TypeError('The param section cannot be empty')); } // Iterations Validation if ( typeof phcobj.params.t !== 'number' || !Number.isInteger(phcobj.params.t) ) { return Promise.reject(new TypeError("The 't' param must be an integer")); } if (phcobj.params.t < 1 || phcobj.params.t > MAX_UINT32) { return Promise.reject( new TypeError( `The 't' param must be in the range (1 <= t <= ${MAX_UINT32})` ) ); } const iterations = phcobj.params.t; // Parallelism Validation if ( typeof phcobj.params.p !== 'number' || !Number.isInteger(phcobj.params.p) ) { return Promise.reject(new TypeError("The 'p' param must be an integer")); } if (phcobj.params.p < 1 || phcobj.params.p > MAX_UINT24) { return Promise.reject( new TypeError( `The 'p' param must be in the range (1 <= p <= ${MAX_UINT24})` ) ); } const parallelism = phcobj.params.p; // Memory Validation if ( typeof phcobj.params.m !== 'number' || !Number.isInteger(phcobj.params.m) ) { return Promise.reject(new TypeError("The 'm' param must be an integer")); } const minmem = 8 * phcobj.params.p; if (phcobj.params.m < minmem || phcobj.params.m > MAX_UINT32) { return Promise.reject( new TypeError( `The 'm' param must be in the range (${minmem} <= m <= ${MAX_UINT32})` ) ); } const memory = phcobj.params.m; // Salt Validation if (typeof phcobj.salt === 'undefined') { return Promise.reject(new TypeError('No salt found in the given string')); } const salt = phcobj.salt; // Hash Validation if (typeof phcobj.hash === 'undefined') { return Promise.reject(new TypeError('No hash found in the given string')); } const hash = phcobj.hash; const keylen = phcobj.hash.byteLength; const params = { version, type: variants[variant], timeCost: iterations, memoryCost: memory, parallelism, salt, hashLength: keylen, raw: true }; return argon2.hash(password, params).then((newhash) => { const match = tsse(hash, newhash); return match; }); } /** * Gets the list of all identifiers supported by this hashing function. * @public * @returns {string[]} A list of identifiers supported by this hashing function. */ function identifiers() { return Object.keys(variants).map((variant) => `argon2${variant}`); } module.exports = { hash, verify, identifiers };