Giter Site home page Giter Site logo

Comments (3)

NicolasPelletier avatar NicolasPelletier commented on June 27, 2024

I have time on my hands so here is a little comparison with ncb000gt module. It demonstrate that the two modules don't give the same results. This is problematic as one may want to make sure that the implementation of bcrypt is correct in the module one uses.

/*jslint node: true, indent: 4, stupid: true */
var bcrypt = require('bcrypt'),
    bcrypt_nodejs = require('bcrypt-nodejs'),
    salt = '$2a$05$0000000000000000000000',
    pw,
    hash,
    hash_nodejs;

pw = 'ThisIsAPassword';
console.log('----- Using latin password: \"' + pw + '\" -----');
console.log('Password length in bytes: ' + Buffer.byteLength(pw));
hash = bcrypt.hashSync(pw, salt);
hash_nodejs = bcrypt_nodejs.hashSync(pw, salt);
console.log('Hash with  ncb000gt / node.bcrypt.js  :\n\t ' + hash);
console.log('Hash with  shaneGirish / bcrypt-nodejs:\n\t ' + hash_nodejs);
console.log((hash === hash_nodejs) ? 'PASSED' : 'FAILED');

pw = '\u6e2f';
console.log('----- Using utf-8 password: \"' + pw + '\" -----');
console.log('Password length in bytes: ' + Buffer.byteLength(pw));
hash = bcrypt.hashSync(pw, salt);
hash_nodejs = bcrypt_nodejs.hashSync(pw, salt);
console.log('Hash with  ncb000gt / node.bcrypt.js  :\n\t ' + hash);
console.log('Hash with  shaneGirish / bcrypt-nodejs:\n\t ' + hash_nodejs);
console.log((hash === hash_nodejs) ? 'PASSED' : 'FAILED');

I don't know yet how to submit a patch so I'll work on that next, but for the moment, here is a fix which make the above code pass both tests.

function hashpw(password, salt, progress) {
   ...
    // Old code
    //    for (var r = 0; r < password.length; r++) {
    //        passwordb.push(getByte(password.charAt(r)));
    //    }
    //
    // New working code.
    var buf = new Buffer(password);
    for (var r = 0; r < buf.length; r++) {
        passwordb.push(buf[r]);
    }

from bcrypt-nodejs.

NicolasPelletier avatar NicolasPelletier commented on June 27, 2024

I proposed a correction in #4, including a unit test demonstrating that the change works.

from bcrypt-nodejs.

shaneMangudi avatar shaneMangudi commented on June 27, 2024

The proposed correction was merged in. Closing this issue.

from bcrypt-nodejs.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.