crypto.scrypt(password, salt, keylen[, options], callback)


提供异步的 scrypt 实现。 Scrypt 是一个基于密码的密钥派生函数,被设计为在计算和内存方面都非常高成本,目的是使暴力破解无法成功。

salt 应尽可能独特。 建议盐值是随机的并且至少 16 个字节长。 有关详细信息,请参见 NIST SP 800-132

callback 函数有两个参数:errderivedKey。 当密钥派生失败时, err 是一个异常对象,否则 errnullderivedKey 会作为 Buffer 传给回调。

当任何的输入参数指定了无效的值或类型时,会抛出异常。

const crypto = require('crypto');
// 使用出厂默认值。
crypto.scrypt('密码', '盐值', 64, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '00d9e09...8a4f15a'
});
// 使用自定义的 N 参数。必须是 2 的次方。
crypto.scrypt('密码', '盐值', 64, { N: 1024 }, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // 'f710b45...f04e377'
});

Provides an asynchronous scrypt implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.

The salt should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See NIST SP 800-132 for details.

The callback function is called with two arguments: err and derivedKey. err is an exception object when key derivation fails, otherwise err is null. derivedKey is passed to the callback as a Buffer.

An exception is thrown when any of the input arguments specify invalid values or types.

const crypto = require('crypto');
// Using the factory defaults.
crypto.scrypt('secret', 'salt', 64, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...08d59ae'
});
// Using a custom N parameter. Must be a power of two.
crypto.scrypt('secret', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...aa39b34'
});