eran10 eran10 - 1 year ago 120
Javascript Question

using crypto.pbkdf2Sync in node 6 return different hash then node4

we are trying upgrading our current project nodeJS version (4.2.4) to the latest version (6.9.1) and we encounter such a problem, we have some authenticated method on user password which does something like this :

return this.password === crypto.pbkdf2Sync(password, this.salt, 10000, 64).toString('base64');

this.password is the user password hash that worked on node 4.2.4 and
password is the user input,

since we upgrade to node 6.9.1 it stop working and return false where in node 4.2.4 it return true

we already try to add any digest option(since now it required) but didn't find one that match

maybe there is more things we should change ? can someone help ?

  • note in Node 5 it work as usual with no change in code

Answer Source

You need to change your code to:

crypto.pbkdf2Sync(password, new Buffer(this.salt, 'binary'), 10000, 64).toString('base64');

from node 6 the default salt is not binary

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download