crypto.scryptSync(password, salt, keylen[, options])

版本历史
版本变更
v12.8.0, v10.17.0

maxmem 值现在可以是任何安全整数。

v10.9.0

添加了 costblockSizeparallelization 选项名称。

v10.5.0

新增于: v10.5.0

  • password <string> | <Buffer> | <TypedArray> | <DataView>

  • salt <string> | <Buffer> | <TypedArray> | <DataView>

  • keylen <number>

  • options <Object>

    • cost <number> CPU/内存成本参数。必须是大于 1 的 2 的幂。默认值:16384

      ¥cost <number> CPU/memory cost parameter. Must be a power of two greater than one. Default: 16384.

    • blockSize <number> 块大小参数。默认值:8

      ¥blockSize <number> Block size parameter. Default: 8.

    • parallelization <number> 并行化参数。默认值:1

      ¥parallelization <number> Parallelization parameter. Default: 1.

    • N <number> cost 的别名。只能指定两者之一。

      ¥N <number> Alias for cost. Only one of both may be specified.

    • r <number> blockSize 的别名。只能指定两者之一。

      ¥r <number> Alias for blockSize. Only one of both may be specified.

    • p <number> parallelization 的别名。只能指定两者之一。

      ¥p <number> Alias for parallelization. Only one of both may be specified.

    • maxmem <number> 内存上限。当(大约)128 * N * r > maxmem 时,则为错误。默认值:32 * 1024 * 1024

      ¥maxmem <number> Memory upper bound. It is an error when (approximately) 128 * N * r > maxmem. Default: 32 * 1024 * 1024.

  • 返回:<Buffer>

    ¥Returns: <Buffer>

提供同步 scrypt 实现。Scrypt 是一个基于密码的密钥派生函数,其设计在计算和内存方面都非常昂贵,以使蛮力攻击毫无回报。

¥Provides a synchronous scrypt implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.

salt 应该尽可能唯一。建议盐是随机的,长度至少为 16 字节。详见 NIST SP 800-132

¥The salt should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See NIST SP 800-132 for details.

passwordsalt 传递字符串时,请考虑 使用字符串作为加密 API 的输入时的注意事项

¥When passing strings for password or salt, please consider caveats when using strings as inputs to cryptographic APIs.

当密钥派生失败时抛出异常,否则派生的密钥作为 Buffer 返回。

¥An exception is thrown when key derivation fails, otherwise the derived key is returned as a Buffer.

当任何输入参数指定无效值或类型时,将抛出异常。

¥An exception is thrown when any of the input arguments specify invalid values or types.

const {
  scryptSync,
} = await import('node:crypto');
// Using the factory defaults.

const key1 = scryptSync('password', 'salt', 64);
console.log(key1.toString('hex'));  // '3745e48...08d59ae'
// Using a custom N parameter. Must be a power of two.
const key2 = scryptSync('password', 'salt', 64, { N: 1024 });
console.log(key2.toString('hex'));  // '3745e48...aa39b34'const {
  scryptSync,
} = require('node:crypto');
// Using the factory defaults.

const key1 = scryptSync('password', 'salt', 64);
console.log(key1.toString('hex'));  // '3745e48...08d59ae'
// Using a custom N parameter. Must be a power of two.
const key2 = scryptSync('password', 'salt', 64, { N: 1024 });
console.log(key2.toString('hex'));  // '3745e48...aa39b34'