Collection of helper functions for crypto related stuff
- Source:
- Copyright:
- 5/19/19
Methods
(async, inner) createHashedObjectFromString(plaintextString, passwordAlgorithm, salt, saltRounds, passwordVersion)
- Source:
More specific function to created hashed object from a plaintext string
Parameters:
| Name | Type | Description |
|---|---|---|
plaintextString |
string | |
passwordAlgorithm |
string | from bcrypt|crypto_sha512|plain (just returns string itself) |
salt |
string | the salt to use, incorporated in return object; if blank a random one is generated |
saltRounds |
int | the number of rounds of salting |
passwordVersion |
int | password version number; passed to hash function, slows down hashing making brute forcing harder |
Returns:
hashed object with .hash containing the hashed string with salt info, etc. and other meta properties
(inner) generateRandomSalt()
- Source:
Generate a random salt of a default langth (DefCryptSaltLength const)
Returns:
hex string of length DefCryptSaltLength
(inner) genRandomStringFromCharSet(charset, length)
- Source:
Generate a random string of characters from a character set, of the length specified
Parameters:
| Name | Type | Description |
|---|---|---|
charset |
string | |
length |
int |
Returns:
the random string
(inner) genRandomStringHex(length)
- Source:
- See:
Generate a random hex string of a specified length, cryptographically random bytes used as data
Parameters:
| Name | Type | Description |
|---|---|---|
length |
int | the number of characters |
Returns:
random string of characters of specified length
(inner) genRandomStringHumanEasier(length)
- Source:
- See:
-
- stackoverflow ##### Notes * This is not cryptographically secure random numbers, as it uses Math.random
- To Do:
-
- Security: Replace with crypto secure prng?
This generates a random string using only characters and digits that are easy for humans to recognize and differentiate, and also alternates numbers and digits for even easier to remember codes.
Parameters:
| Name | Type | Description |
|---|---|---|
length |
int |
Returns:
random string consisting of only characters and digits found in DefHumanEasyCharacters
(inner) genRandomStringHumanEasy(length)
- Source:
- See:
-
- stackoverflow ##### Notes * This is not cryptographically secure random numbers, as it uses Math.random
- To Do:
-
- Security: Replace with crypto secure prng?
This generates a random string using only characters and digits that are easy for humans to recognize and differentiate
Parameters:
| Name | Type | Description |
|---|---|---|
length |
int |
Returns:
random string of specified characters consisting of only characters and digits found in DefHumanEasyCharacters
(async, inner) hashPlaintextPasswordToObj(passwordPlaintext)
- Source:
Take a plaintext string and hash it. A random salt is automatically generated and added to the hash object
Parameters:
| Name | Type | Description |
|---|---|---|
passwordPlaintext |
string |
Returns:
passwordHashedObj, an object with property fields for the hashed password, including hash (the hashed string), and other meta properties describing the hash operation
(async, inner) hashPlaintextStringInsecureButSearchable(plaintextString, salt)
- Source:
- To Do:
-
- In future we might use a two-part verification code, where first part is unique plaintext id, and second part is hashed string; in that way we could look up items by their plaintext part, and use any crypto for the hashed part.
Hash a string, but this time using a specific salt, returning a simple hashed string as result.
Notes
- This function needs to retun the SAME HASH no matter when we call it, so that we can search for result. This means we dont use a random salt
- And we always use sha51 algorithm.
- This helper function is used to hash verification codes in database so that if db is compromised it will be harder to retrieve plaintext verificaiton code
- We can't use random salt because we need to be able to look up matching items by the hashed version.
Parameters:
| Name | Type | Description |
|---|---|---|
plaintextString |
string | |
salt |
string |
Returns:
hashed string
(async, inner) testPlaintextPassword(passwordPlaintext, passwordHashedObj)
- Source:
Test a plaintext string (user entered password) against a stored passwordHashed object. The passwordHashedObj will contain the random salt to use and the algorithm used.
Parameters:
| Name | Type | Description |
|---|---|---|
passwordPlaintext |
string | |
passwordHashedObj |
object |
Returns:
true if they match, false if they don't, or throws ERROR if something else goes wrong (password algorithm not supported, etc.)