????
Your IP : 3.17.80.220
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyPassword = exports.hashPassword = void 0;
const crypto_1 = require("crypto");
const DIGEST_ALGORITHM = 'sha512';
function hashPassword(password) {
const PBKDF2IterCount = 100000;
const PBKDF2SubkeyLength = 256 / 8;
const PBKDF2SaltSize = 128 / 8;
if (!password)
throw new Error('Password must not be null or empty!');
const iterCount = +process.env.PASSWORD_ITERATION_COUNT || PBKDF2IterCount;
if (iterCount < PBKDF2IterCount)
throw new Error(`Iteration count must be larger than or equal ${PBKDF2IterCount} for security!`);
const salt = (0, crypto_1.randomBytes)(PBKDF2SaltSize);
const hash = (0, crypto_1.pbkdf2Sync)(password, salt, iterCount, PBKDF2SubkeyLength, DIGEST_ALGORITHM);
const iterBuf = Buffer.allocUnsafe(4);
iterBuf.writeUint32BE(iterCount);
const sizeBuf = Buffer.allocUnsafe(4);
sizeBuf.writeUint32BE(PBKDF2SaltSize);
return Buffer.concat([Buffer.alloc(1, 0), iterBuf, sizeBuf, salt, hash]).toString('base64');
}
exports.hashPassword = hashPassword;
function verifyPassword(hashedPassword, password) {
if (!password)
throw new Error('Password must not be null or empty!');
const buf = Buffer.from(hashedPassword, 'base64');
if (buf.readUIntBE(0, 1) !== 0)
throw new Error('Invalid hashed password!');
const iterCount = buf.subarray(1, 5).readUint32BE();
const saltSize = buf.subarray(5, 9).readUint32BE();
const salt = buf.subarray(9, saltSize + 9);
const savedHash = buf.subarray(saltSize + 9);
const keyLength = buf.length - saltSize - 9;
const hash = (0, crypto_1.pbkdf2Sync)(password, salt, iterCount, keyLength, DIGEST_ALGORITHM);
return Buffer.compare(savedHash, hash) === 0;
}
exports.verifyPassword = verifyPassword;
//# sourceMappingURL=password.js.map