The crypto.scrypt() method is an inbuilt application programming interface of the crypto module which is used to enable an implementation of an asynchronous script. Where scrypt is a password-based key derivation function. It is intended to be costly computationally plus memory-wise. So, the brute-force attacks are made unsuccessful.
Syntax:
crypto.scrypt( password, salt, keylen, options, callback )
Parameters: This method accepts five parameters as mentioned above and described below:
- password: It can hold string, Buffer, TypedArray, or DataView type of data.
- salt: It holds string, Buffer, TypedArray, or DataView type of data. It must be as unique as possible. Moreover, it is suggested that a salt should be random and is at minimum 16 bytes long.
- keylen: It is the length of the key and it must be a number.
-
options: It is of type Object and it has seven parameters namely cost, blockSize, parallelization, N, r, p, and maximum. Where
- cost: It is a cost parameter for CPU or memory. It is a number and must be a power of two greater but greater than one and by default, its value is 16384.
- blockSize: It is the parameter for the size of the block allotted. It is a number and the by-default value is 8.
- parallelization: It is the parameter for Parallelization. It is a number and the by-default value is 1.
- N: It is an alias for cost. It is a number and only one of both can be defined.
- r: It is an alias for blockSize. It is a number and only one of both can be defined.
- p: It is an alias for parallelization. It is a number and only one of both can be defined.
- maxmem: It is the upper bound for the memory to be used. It is a number and an error can occur when 128 * N * r (approx) is greater than maxmem. The default value is (32 * 1024 * 1024).
- callback It is a function with two parameters namely err and derived key.
Return Value: It returns a buffer.
The below examples illustrate the use of crypto.scrypt() method in Node.js:
Example 1:
javascript
// Node.js program to demonstrate the// crypto.scrypt() method// Including crypto moduleconst crypto = require('crypto');
// Calling scrypt method with some of its parametercrypto.scrypt('GfG', 'ffdgsg', 32, (err, derivedKey) => {
if (err) throw err;
// Prints derived key as buffer
console.log("The derived key1 is :", derivedKey);
});// Calling scrypt method with the parameter Ncrypto.scrypt('GeeksforGeeks', 'tfytdx', 128,
{ N: 512 }, (err, derivedKey) => {
if (err) throw err;
// Prints derived key as buffer
console.log("The derived key2 is :", derivedKey);
console.log();
});
|
Output:
The derived key2 is : <Buffer b3 f8 72 5f 58 df 98 d9 c0 8a ba 0c 2c 50 85 b1 76 de 39 35 40 27 7d 57 f1 6a a1 07 54 dc c9 63 65 32 f2 db 29 95 dc ee 0b 9f e3 d5 0a 9e 3a d0 f6 b4 ... > The derived key1 is : <Buffer dd 47 ee 3e a8 2e f2 5b eb 18 7d 35 1b fd f5 a8 e5 f5 38 ef a7 ff 05 53 1e 86 69 ad cd e8 89 76 >
Example 2:
javascript
// Node.js program to demonstrate the// crypto.scrypt() method// Including crypto moduleconst crypto = require('crypto');
// Defining salt as typed arrayconst x = new Uint32Array(7);
// Calling scrypt method with some of its parametercrypto.scrypt('yytunnd', x, 16, (err, derivedKey) => {
if (err) throw err;
// Prints derived key which is encoded
console.log("The derived key1 is :",
derivedKey.toString("ascii"));
});// Defining salt as data viewconst y = new DataView(new ArrayBuffer(5));
// Calling scrypt method with the parameter Ncrypto.scrypt('oksjdjdn', y, 16, { N: 32 },
(err, derivedKey) => {
if (err) throw err;
// Prints derived key after encoding
console.log("The derived key2 is :",
derivedKey.toString("base64"));
console.log();
});
|
Output:
The derived key2 is : 6Gu0JKHDSHs0tkTuGYuQ7A==
The derived key1 is : G"@&H
pVCD3
X%Reference: https://nodejs.org/api/crypto.html#crypto_crypto_scrypt_password_salt_keylen_options_callback