1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
|
bcrypt.js
=========
Optimized bcrypt in JavaScript with zero dependencies. Compatible to the C++ [bcrypt](https://npmjs.org/package/bcrypt)
binding on node.js and also working in the browser.
<a href="https://travis-ci.org/dcodeIO/bcrypt.js"><img alt="build static" src="https://travis-ci.org/dcodeIO/bcrypt.js.svg?branch=master" /></a> <a href="https://npmjs.org/package/bcryptjs"><img src="https://img.shields.io/npm/v/bcryptjs.svg" alt=""></a> <a href="https://npmjs.org/package/bcryptjs"><img src="https://img.shields.io/npm/dm/bcryptjs.svg" alt=""></a> <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=dcode%40dcode.io&item_name=Open%20Source%20Software%20Donation&item_number=dcodeIO%2Fbcrypt.js"><img alt="donate ❤" src="https://img.shields.io/badge/donate-❤-ff2244.svg"></a>
Security considerations
-----------------------
Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the
iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with
increasing computation power. ([see](http://en.wikipedia.org/wiki/Bcrypt))
While bcrypt.js is compatible to the C++ bcrypt binding, it is written in pure JavaScript and thus slower ([about 30%](https://github.com/dcodeIO/bcrypt.js/wiki/Benchmark)), effectively reducing the number of iterations that can be
processed in an equal time span.
The maximum input length is 72 bytes (note that UTF8 encoded characters use up to 4 bytes) and the length of generated
hashes is 60 characters.
Usage
-----
The library is compatible with CommonJS and AMD loaders and is exposed globally as `dcodeIO.bcrypt` if neither is
available.
### node.js
On node.js, the inbuilt [crypto module](http://nodejs.org/api/crypto.html)'s randomBytes interface is used to obtain
secure random numbers.
`npm install bcryptjs`
```js
var bcrypt = require('bcryptjs');
...
```
### Browser
In the browser, bcrypt.js relies on [Web Crypto API](http://www.w3.org/TR/WebCryptoAPI)'s getRandomValues
interface to obtain secure random numbers. If no cryptographically secure source of randomness is available, you may
specify one through [bcrypt.setRandomFallback](https://github.com/dcodeIO/bcrypt.js#setrandomfallbackrandom).
```js
var bcrypt = dcodeIO.bcrypt;
...
```
or
```js
require.config({
paths: { "bcrypt": "/path/to/bcrypt.js" }
});
require(["bcrypt"], function(bcrypt) {
...
});
```
Usage - Sync
------------
To hash a password:
```javascript
var bcrypt = require('bcryptjs');
var salt = bcrypt.genSaltSync(10);
var hash = bcrypt.hashSync("B4c0/\/", salt);
// Store hash in your password DB.
```
To check a password:
```javascript
// Load hash from your password DB.
bcrypt.compareSync("B4c0/\/", hash); // true
bcrypt.compareSync("not_bacon", hash); // false
```
Auto-gen a salt and hash:
```javascript
var hash = bcrypt.hashSync('bacon', 8);
```
Usage - Async
-------------
To hash a password:
```javascript
var bcrypt = require('bcryptjs');
bcrypt.genSalt(10, function(err, salt) {
bcrypt.hash("B4c0/\/", salt, function(err, hash) {
// Store hash in your password DB.
});
});
```
To check a password:
```javascript
// Load hash from your password DB.
bcrypt.compare("B4c0/\/", hash, function(err, res) {
// res === true
});
bcrypt.compare("not_bacon", hash, function(err, res) {
// res === false
});
// As of bcryptjs 2.4.0, compare returns a promise if callback is omitted:
bcrypt.compare("B4c0/\/", hash).then((res) => {
// res === true
});
```
Auto-gen a salt and hash:
```javascript
bcrypt.hash('bacon', 8, function(err, hash) {
});
```
**Note:** Under the hood, asynchronisation splits a crypto operation into small chunks. After the completion of a chunk, the execution of the next chunk is placed on the back of [JS event loop queue](https://developer.mozilla.org/en/docs/Web/JavaScript/EventLoop), thus efficiently sharing the computational resources with the other operations in the queue.
API
---
### setRandomFallback(random)
Sets the pseudo random number generator to use as a fallback if neither node's `crypto` module nor the Web Crypto
API is available. Please note: It is highly important that the PRNG used is cryptographically secure and that it is
seeded properly!
| Parameter | Type | Description
|-----------------|-----------------|---------------
| random | *function(number):!Array.<number>* | Function taking the number of bytes to generate as its sole argument, returning the corresponding array of cryptographically secure random byte values.
| **@see** | | http://nodejs.org/api/crypto.html
| **@see** | | http://www.w3.org/TR/WebCryptoAPI/
**Hint:** You might use [isaac.js](https://github.com/rubycon/isaac.js) as a CSPRNG but you still have to make sure to
seed it properly.
### genSaltSync(rounds=, seed_length=)
Synchronously generates a salt.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| rounds | *number* | Number of rounds to use, defaults to 10 if omitted
| seed_length | *number* | Not supported.
| **@returns** | *string* | Resulting salt
| **@throws** | *Error* | If a random fallback is required but not set
### genSalt(rounds=, seed_length=, callback)
Asynchronously generates a salt.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| rounds | *number | function(Error, string=)* | Number of rounds to use, defaults to 10 if omitted
| seed_length | *number | function(Error, string=)* | Not supported.
| callback | *function(Error, string=)* | Callback receiving the error, if any, and the resulting salt
| **@returns** | *Promise* | If `callback` has been omitted
| **@throws** | *Error* | If `callback` is present but not a function
### hashSync(s, salt=)
Synchronously generates a hash for the given string.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| s | *string* | String to hash
| salt | *number | string* | Salt length to generate or salt to use, default to 10
| **@returns** | *string* | Resulting hash
### hash(s, salt, callback, progressCallback=)
Asynchronously generates a hash for the given string.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| s | *string* | String to hash
| salt | *number | string* | Salt length to generate or salt to use
| callback | *function(Error, string=)* | Callback receiving the error, if any, and the resulting hash
| progressCallback | *function(number)* | Callback successively called with the percentage of rounds completed (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
| **@returns** | *Promise* | If `callback` has been omitted
| **@throws** | *Error* | If `callback` is present but not a function
### compareSync(s, hash)
Synchronously tests a string against a hash.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| s | *string* | String to compare
| hash | *string* | Hash to test against
| **@returns** | *boolean* | true if matching, otherwise false
| **@throws** | *Error* | If an argument is illegal
### compare(s, hash, callback, progressCallback=)
Asynchronously compares the given data against the given hash.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| s | *string* | Data to compare
| hash | *string* | Data to be compared to
| callback | *function(Error, boolean)* | Callback receiving the error, if any, otherwise the result
| progressCallback | *function(number)* | Callback successively called with the percentage of rounds completed (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
| **@returns** | *Promise* | If `callback` has been omitted
| **@throws** | *Error* | If `callback` is present but not a function
### getRounds(hash)
Gets the number of rounds used to encrypt the specified hash.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| hash | *string* | Hash to extract the used number of rounds from
| **@returns** | *number* | Number of rounds used
| **@throws** | *Error* | If `hash` is not a string
### getSalt(hash)
Gets the salt portion from a hash. Does not validate the hash.
| Parameter | Type | Description
|-----------------|-----------------|---------------
| hash | *string* | Hash to extract the salt from
| **@returns** | *string* | Extracted salt part
| **@throws** | *Error* | If `hash` is not a string or otherwise invalid
Command line
------------
`Usage: bcrypt <input> [salt]`
If the input has spaces inside, simply surround it with quotes.
Downloads
---------
* [Distributions](https://github.com/dcodeIO/bcrypt.js/tree/master/dist)
* [ZIP-Archive](https://github.com/dcodeIO/bcrypt.js/archive/master.zip)
* [Tarball](https://github.com/dcodeIO/bcrypt.js/tarball/master)
Credits
-------
Based on work started by Shane Girish at [bcrypt-nodejs](https://github.com/shaneGirish/bcrypt-nodejs) (MIT-licensed),
which is itself based on [javascript-bcrypt](http://code.google.com/p/javascript-bcrypt/) (New BSD-licensed).
License
-------
New-BSD / MIT ([see](https://github.com/dcodeIO/bcrypt.js/blob/master/LICENSE))
|
