crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)
password
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>salt
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>iterations
<number>keylen
<number>digest
<string>callback
<Function>
提供异步基于密码的密钥派生函数 2 (PBKDF2) 实现。
应用由 digest
指定的选定 HMAC 摘要算法以从 password
、salt
和 iterations
导出请求字节长度 (keylen
) 的密钥。
提供的 callback
函数使用两个参数调用:err
和 derivedKey
。
如果在派生密钥时发生错误,则设置 err
;否则 err
将是 null
。
默认情况下,成功生成的 derivedKey
将作为 Buffer
传给回调。
如果任何输入参数指定了无效的值或类型,则会抛出错误。
如果 digest
是 null
,则将使用 'sha1'
。
此行为已弃用,请显式指定 digest
。
iterations
参数必须是尽可能高的数字。
迭代次数越多,派生密钥就越安全,但需要更长的时间才能完成。
salt
应该尽可能唯一。
建议盐是随机的,长度至少为 16 字节。
有关详细信息,请参阅 NIST SP 800-132。
当为 password
或 salt
传入字符串时,请考虑到当使用字符串作为加密 API 输入时的注意事项。
const {
pbkdf2
} = await import('node:crypto');
pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
const {
pbkdf2,
} = require('node:crypto');
pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
crypto.DEFAULT_ENCODING
属性可用于更改 derivedKey
传给回调的方式。
但是,此属性已被弃用,应避免使用。
import crypto from 'node:crypto';
crypto.DEFAULT_ENCODING = 'hex';
crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey); // '3745e48...aa39b34'
});
const crypto = require('node:crypto');
crypto.DEFAULT_ENCODING = 'hex';
crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey); // '3745e48...aa39b34'
});
可以使用 crypto.getHashes()
检索支持的摘要函数数组。
此 API 使用 libuv 的线程池,这对某些应用程序可能会产生意外的负面性能影响;有关更多信息,请参阅 UV_THREADPOOL_SIZE
文档。
password
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>salt
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>iterations
<number>keylen
<number>digest
<string>callback
<Function>
Provides an asynchronous Password-Based Key Derivation Function 2 (PBKDF2)
implementation. A selected HMAC digest algorithm specified by digest
is
applied to derive a key of the requested byte length (keylen
) from the
password
, salt
and iterations
.
The supplied callback
function is called with two arguments: err
and
derivedKey
. If an error occurs while deriving the key, err
will be set;
otherwise err
will be null
. By default, the successfully generated
derivedKey
will be passed to the callback as a Buffer
. An error will be
thrown if any of the input arguments specify invalid values or types.
If digest
is null
, 'sha1'
will be used. This behavior is deprecated,
please specify a digest
explicitly.
The iterations
argument must be a number set as high as possible. The
higher the number of iterations, the more secure the derived key will be,
but will take a longer amount of time to complete.
The salt
should be as unique as possible. It is recommended that a salt is
random and at least 16 bytes long. See NIST SP 800-132 for details.
When passing strings for password
or salt
, please consider
caveats when using strings as inputs to cryptographic APIs.
const {
pbkdf2
} = await import('node:crypto');
pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
const {
pbkdf2,
} = require('node:crypto');
pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
The crypto.DEFAULT_ENCODING
property can be used to change the way the
derivedKey
is passed to the callback. This property, however, has been
deprecated and use should be avoided.
import crypto from 'node:crypto';
crypto.DEFAULT_ENCODING = 'hex';
crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey); // '3745e48...aa39b34'
});
const crypto = require('node:crypto');
crypto.DEFAULT_ENCODING = 'hex';
crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey); // '3745e48...aa39b34'
});
An array of supported digest functions can be retrieved using
crypto.getHashes()
.
This API uses libuv's threadpool, which can have surprising and
negative performance implications for some applications; see the
UV_THREADPOOL_SIZE
documentation for more information.