crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)


提供异步基于密码的密钥派生函数 2 (PBKDF2) 实现。 应用由 digest 指定的选定 HMAC 摘要算法以从 passwordsaltiterations 导出请求字节长度 (keylen) 的密钥。

提供的 callback 函数使用两个参数调用:errderivedKey。 如果在派生密钥时发生错误,则设置 err;否则 err 将是 null。 默认情况下,成功生成的 derivedKey 将作为 Buffer 传给回调。 如果任何输入参数指定了无效的值或类型,则会抛出错误。

如果 digestnull,则将使用 'sha1'。 此行为已弃用,请显式指定 digest

iterations 参数必须是尽可能高的数字。 迭代次数越多,派生密钥就越安全,但需要更长的时间才能完成。

salt 应该尽可能唯一。 建议盐是随机的,长度至少为 16 字节。 有关详细信息,请参阅 NIST SP 800-132

const crypto = require('crypto');
crypto.pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...08d59ae'
});

crypto.DEFAULT_ENCODING 属性可用于更改 derivedKey 传给回调的方式。 但是,此属性已被弃用,应避免使用。

const crypto = require('crypto');
crypto.DEFAULT_ENCODING = 'hex';
crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey);  // '3745e48...aa39b34'
});

可以使用 crypto.getHashes() 检索支持的摘要函数数组。

此 API 使用 libuv 的线程池,这对某些应用程序可能会产生意外的负面性能影响;有关更多信息,请参阅 UV_THREADPOOL_SIZE 文档。

Provides an asynchronous Password-Based Key Derivation Function 2 (PBKDF2) implementation. A selected HMAC digest algorithm specified by digest is applied to derive a key of the requested byte length (keylen) from the password, salt and iterations.

The supplied callback function is called with two arguments: err and derivedKey. If an error occurs while deriving the key, err will be set; otherwise err will be null. By default, the successfully generated derivedKey will be passed to the callback as a Buffer. An error will be thrown if any of the input arguments specify invalid values or types.

If digest is null, 'sha1' will be used. This behavior is deprecated, please specify a digest explicitly.

The iterations argument must be a number set as high as possible. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete.

The salt should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See NIST SP 800-132 for details.

const crypto = require('crypto');
crypto.pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...08d59ae'
});

The crypto.DEFAULT_ENCODING property can be used to change the way the derivedKey is passed to the callback. This property, however, has been deprecated and use should be avoided.

const crypto = require('crypto');
crypto.DEFAULT_ENCODING = 'hex';
crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey);  // '3745e48...aa39b34'
});

An array of supported digest functions can be retrieved using crypto.getHashes().

This API uses libuv's threadpool, which can have surprising and negative performance implications for some applications; see the UV_THREADPOOL_SIZE documentation for more information.