Open In App

Node.js crypto.pbkdf2() Method

Improve
Improve
Improve
Like Article
Like
Save Article
Save
Share
Report issue
Report

The crypto.pbkdf2() method gives an asynchronous Password-Based Key Derivation Function 2 i.e. (PBKDF2) implementation. Moreover, a particular HMAC digest algorithm which is defined by digest is implemented to derive a key of the required byte length (keylen) from the stated password, salt, and iterations.

Syntax:

crypto.pbkdf2( password, salt, iterations, keylen, digest, callback )

Parameters: This method accepts six parameters as mentioned above and described below:

  • password: It can holds string, Buffer, TypedArray, or DataView type of data.
  • salt: It must be as unique as possible. However, it is recommended that a salt is arbitrary and in any case it is at least 16 bytes long. It is of type string, Buffer, TypedArray, or DataView.
  • iterations: It must be a number and should be set as high as possible. So, the more is the number of iterations, the more secure the derived key will be, but in that case it takes greater amount of time to complete. It is of type number.
  • keylen: It is the key of the required byte length and it is of type number.
  • digest: It is digest algorithms of string type.
  • callback: It is a function with two parameters namely err, and derivedKey.

Return Type: It returns the derived password based key.

Below example illustrate the use of crypto.pbkdf2() method in Node.js:

Example 1:




// Node.js program to demonstrate the 
// crypto.pbkdf2() method
  
// Including crypto module
const crypto = require('crypto');
  
// Implementing pbkdf2 with all its parameters
crypto.pbkdf2('secret', 'salt', 100000, 64,
         'sha512', (err, derivedKey) => {
  
  if (err) throw err;
  
  // Prints derivedKey
  console.log(derivedKey.toString('hex'));
});


Output:

3745e482c6e0ade35da10139e797157f4a5da669dad7d5da88ef87e
47471cc47ed941c7ad618e827304f083f8707f12b7cfdd5f489b782
f10cc269e3c08d59ae

Example 2:




// Node.js program to demonstrate the 
// crypto.pbkdf2() method
  
// Including crypto module
const crypto = require('crypto');
  
// Implementing pbkdf2 with all its parameters
// but digest is null
crypto.pbkdf2('secret', 'salt', 677, 6,
          null, (err, derivedKey) => {
  
  if (err) 
  {
    console.log(err);
  
  else
  {
  
  // Prints derivedKey without encoding
  console.log(derivedKey);
      
     }
});    


Output: Here, a buffer is returned as a derived key is not changed to string.

Buffer 71 1e 7b 7b 9b 53

Reference: https://nodejs.org/api/crypto.html#crypto_crypto_pbkdf2_password_salt_iterations_keylen_digest_callback



Last Updated : 11 Oct, 2021
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads