crypto.scrypt(password, salt, keylen[, options], callback)
password<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>salt<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>keylen<number>options<Object>cost<number> CPU/内存成本参数。 必须是大于 1 的 2 的幂。 默认值:16384。blockSize<number> 块大小参数。 默认值:8。parallelization<number> 并行化参数。 默认值:1。N<number>cost的别名。 只能指定两者之一。r<number>blockSize的别名。 只能指定两者之一。p<number>parallelization的别名。 只能指定两者之一。maxmem<number> 内存上限。 当(大约)128 * N * r > maxmem时,则为错误。 默认值:32 * 1024 * 1024。
callback<Function>
提供异步 scrypt 实现。 Scrypt 是一个基于密码的密钥派生函数,其设计在计算和内存方面都非常昂贵,以使蛮力攻击毫无回报。
salt 应该尽可能唯一。
建议盐是随机的,长度至少为 16 字节。
有关详细信息,请参阅 NIST SP 800-132。
当为 password 或 salt 传入字符串时,请考虑到当使用字符串作为加密 API 输入时的注意事项。
callback 函数使用两个参数调用:err 和 derivedKey。
当密钥派生失败时 err 为异常对象,否则 err 为 null。
derivedKey 作为 Buffer 传给回调。
当任何输入参数指定无效值或类型时,将抛出异常。
const {
scrypt
} = await import('node:crypto');
// 使用出厂默认设置。
scrypt('password', 'salt', 64, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
// 使用自定义 N 参数。必须是二的幂。
scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...aa39b34'
});const {
scrypt,
} = require('node:crypto');
// 使用出厂默认设置。
scrypt('password', 'salt', 64, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
// 使用自定义 N 参数。必须是二的幂。
scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...aa39b34'
});password<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>salt<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>keylen<number>options<Object>cost<number> CPU/memory cost parameter. Must be a power of two greater than one. Default:16384.blockSize<number> Block size parameter. Default:8.parallelization<number> Parallelization parameter. Default:1.N<number> Alias forcost. Only one of both may be specified.r<number> Alias forblockSize. Only one of both may be specified.p<number> Alias forparallelization. Only one of both may be specified.maxmem<number> Memory upper bound. It is an error when (approximately)128 * N * r > maxmem. Default:32 * 1024 * 1024.
callback<Function>
Provides an asynchronous scrypt implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.
The salt should be as unique as possible. It is recommended that a salt is
random and at least 16 bytes long. See NIST SP 800-132 for details.
When passing strings for password or salt, please consider
caveats when using strings as inputs to cryptographic APIs.
The callback function is called with two arguments: err and derivedKey.
err is an exception object when key derivation fails, otherwise err is
null. derivedKey is passed to the callback as a Buffer.
An exception is thrown when any of the input arguments specify invalid values or types.
const {
scrypt
} = await import('node:crypto');
// Using the factory defaults.
scrypt('password', 'salt', 64, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
// Using a custom N parameter. Must be a power of two.
scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...aa39b34'
});const {
scrypt,
} = require('node:crypto');
// Using the factory defaults.
scrypt('password', 'salt', 64, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
// Using a custom N parameter. Must be a power of two.
scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...aa39b34'
});