crypto.scrypt(password, salt, keylen[, options], callback)

版本历史

版本	变更
v18.0.0	Passing an invalid callback to the `callback` argument now throws `ERR_INVALID_ARG_TYPE` instead of `ERR_INVALID_CALLBACK`.
v15.0.0	The password and salt arguments can also be ArrayBuffer instances.
v12.8.0, v10.17.0	The `maxmem` value can now be any safe integer.
v10.9.0	The `cost`, `blockSize` and `parallelization` option names have been added.
v10.5.0	新增于: v10.5.0

password <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
salt <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
keylen <number>
options <Object>
- cost <number> CPU/内存成本参数。必须是大于 1 的 2 的幂。默认值： 16384。
- blockSize <number> 块大小参数。默认值： 8。
- parallelization <number> 并行化参数。默认值： 1。
- N <number> cost 的别名。只能指定其中一个。
- r <number> blockSize 的别名。只能指定其中一个。
- p <number> parallelization 的别名。只能指定其中一个。
- maxmem <number> 内存上限。当 (大约) 128 * N * r > maxmem 时会出错。默认值： 32 * 1024 * 1024。
callback <Function>
- err <Error>
- derivedKey <Buffer>

提供异步 scrypt 实现。Scrypt 是一种基于密码的密钥派生函数，旨在在计算和内存上消耗大量资源，从而使暴力破解攻击无利可图。

【Provides an asynchronous scrypt implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.】

salt 应尽可能唯一。建议盐值是随机的，并且至少为 16 字节长。详情请参阅 NIST SP 800-132。

【The salt should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See NIST SP 800-132 for details.】

在传递 password 或 salt 字符串时，请考虑将字符串用作加密 API 输入时的注意事项。

【When passing strings for password or salt, please consider caveats when using strings as inputs to cryptographic APIs.】

callback 函数会传入两个参数：err 和 derivedKey。当密钥派生失败时，err 是一个异常对象，否则 err 为 null。derivedKey 作为 Buffer 传递给回调函数。

【The callback function is called with two arguments: err and derivedKey. err is an exception object when key derivation fails, otherwise err is null. derivedKey is passed to the callback as a Buffer.】

当任何输入参数指定无效的值或类型时，会抛出异常。

【An exception is thrown when any of the input arguments specify invalid values or types.】

const {
  scrypt,
} = await import('node:crypto');

// Using the factory defaults.
scrypt('password', 'salt', 64, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...08d59ae'
});
// Using a custom N parameter. Must be a power of two.
scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...aa39b34'
});const {
  scrypt,
} = require('node:crypto');

// Using the factory defaults.
scrypt('password', 'salt', 64, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...08d59ae'
});
// Using a custom N parameter. Must be a power of two.
scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
  if (err) throw err;
  console.log(derivedKey.toString('hex'));  // '3745e48...aa39b34'
});