haru
Please confide in me if you ever need help. I'll be there for you.
haru is a library to help with password hashing.
Specification
A HARU20
object contains the following fields:
-
v
: the version string ("HARU20"
) -
h
: the computed hash, encoded as Base64 string -
s
: the salt for computing the hash, encoded as Base64 -
m
: the hash method -
p
: an array of values for the method
Currently available hash method:
-
1
: PBKDF2 -
2
: scrypt
PBKDF2 hash
Parameters: [N]
-
N
: number of iterations for PBKDF2
The hash is computed from an arbitrary UTF-8 string password
using PBKDF2 with
the following parameters:
- Salt: an arbitrary salt
- Number of iterations:
N
- Key length: 64
- Digest algorithm: SHA512
scrypt hash
Parameters: [N, r, p, m]
-
N
: CPU/memory cost parameter -
r
: block size parameter -
p
: parallelization parameter -
m
: memory upper bound
The hash is computed from an arbitrary UTF-8 string password
using scrypt with
the following parameters:
- Salt: an arbitrary salt
- Key length: 64
- CPU/memory cost:
N
- Block size:
r
- Parallelization:
p
- Memory upper bound:
m
HARU10
Migration from It is possible to convert the hash stored in HARU10
to HARU20
.
An example of hash HARU10
format:
{
"v": "HARU10",
"h": "Hk+3J2J6bc07pe8x7s5JeNtCPop8hKVRrj4Ae8xwI6eUzjPPKaVT8uk4/0mi+rNldaRs/OiHseHRNs7ukQ1Jrg==",
"s": "J++Jb6DTXKw=",
"c": 6.5536
}
The same hash in HARU20
format:
{
"v": "HARU20",
"h": "Hk+3J2J6bc07pe8x7s5JeNtCPop8hKVRrj4Ae8xwI6eUzjPPKaVT8uk4/0mi+rNldaRs/OiHseHRNs7ukQ1Jrg==",
"s": "J++Jb6DTXKw=",
"m": 1,
"p": [65536]
}
Examples
PBKDF2
{
"v": "HARU20",
"h": "b2TD+AI4E9jCyrQ8q/qmXtBhgir+l0Bg2AedEi+4afQg7iW8mZ81LkgqsZWD6aaufKt6m6PlOzam8NGjZaCqQA==",
"s": "c2FsdA==",
"m": 1,
"p": [65536]
}
Scrypt
{
"v": "HARU20",
"h": "dFcxr0SE8yOWiWntoomu7gBbWQOsVh5kpayhIXl793NO+f1YQi4uIhg7ysup7Ie6DIO3oueI8Dzg2gZGNDPNpg==",
"s": "c2FsdA==",
"m": 2,
"p": [16384, 8, 1, 33554432]
}
Installation
$ npm install @tkesgar/haru
This package requires Node.js v10.5.0 or above (for
scrypt
support).
Usage
Create a new password hash
import { fromPassword } from "@tkesgar/haru";
const haru = await fromPassword("correct horse battery staple");
console.log(await haru.test("Tr0ub4dor&3"));
console.log(await haru.test("correct horse battery staple")); // true
Save password hash to storage
import { fromPassword } from "@tkesgar/haru";
const haru = await fromPassword("correct horse battery staple");
const passwordHash = JSON.stringify(haru);
const user = await User.findByName("admin");
await user.set("password_hash", passwordHash);
Load password hash from storage
import { fromJSON, test } from "@tkesgar/haru";
const user = await User.findByName("admin");
const passwordHash = user.get("password_Hash");
const haru = fromJSON(passwordHash);
if (await haru.test("correct horse battery staple")) {
console.log("Hello admin!");
}
if (await test(passwordHash, "correct horse battery staple")) {
console.log("Hello admin!");
}
Contribute
Feel free to create issues or submit pull requests.
License
Licensed under MIT License.