pax_global_header00006660000000000000000000000064131534751570014525gustar00rootroot0000000000000052 comment=5b83312539cf4d21989e99562c09ba32a65070c8
EVP_BytesToKey-1.0.3/000077500000000000000000000000001315347515700143025ustar00rootroot00000000000000EVP_BytesToKey-1.0.3/.gitignore000066400000000000000000000000661315347515700162740ustar00rootroot00000000000000.nyc_output
build
coverage
node_modules
npm-debug.log
EVP_BytesToKey-1.0.3/.travis.yml000066400000000000000000000006011315347515700164100ustar00rootroot00000000000000sudo: false
language: node_js
node_js:
- "0.12"
- "4"
- "5"
- "6"
- "7"
- "8"
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- g++-4.8
env:
global:
- CXX=g++-4.8
matrix:
- TEST_SUITE=unit
matrix:
include:
- node_js: "6"
env: TEST_SUITE=lint
before_script:
- npm run test:prepare
script: npm run-script $TEST_SUITE
EVP_BytesToKey-1.0.3/LICENSE000066400000000000000000000021111315347515700153020ustar00rootroot00000000000000The MIT License (MIT)
Copyright (c) 2017 crypto-browserify contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
EVP_BytesToKey-1.0.3/README.md000066400000000000000000000033521315347515700155640ustar00rootroot00000000000000# EVP\_BytesToKey
[](https://www.npmjs.org/package/evp_bytestokey)
[](https://travis-ci.org/crypto-browserify/EVP_BytesToKey)
[](https://david-dm.org/crypto-browserify/EVP_BytesToKey#info=dependencies)
[](https://github.com/feross/standard)
The insecure [key derivation algorithm from OpenSSL.][1]
**WARNING: DO NOT USE, except for compatibility reasons.**
MD5 is insecure.
Use at least `scrypt` or `pbkdf2-hmac-sha256` instead.
## API
`EVP_BytesToKey(password, salt, keyLen, ivLen)`
* `password` - `Buffer`, password used to derive the key data.
* `salt` - 8 byte `Buffer` or `null`, salt is used as a salt in the derivation.
* `keyBits` - `number`, key length in **bits**.
* `ivLen` - `number`, iv length in bytes.
*Returns*: `{ key: Buffer, iv: Buffer }`
## Examples
MD5 with `aes-256-cbc`:
```js
const crypto = require('crypto')
const EVP_BytesToKey = require('evp_bytestokey')
const result = EVP_BytesToKey(
'my-secret-password',
null,
32,
16
)
// =>
// { key: ,
// iv: }
const cipher = crypto.createCipheriv('aes-256-cbc', result.key, result.iv)
```
## LICENSE [MIT](LICENSE)
[1]: https://wiki.openssl.org/index.php/Manual:EVP_BytesToKey(3)
[2]: https://nodejs.org/api/crypto.html#crypto_class_hash
EVP_BytesToKey-1.0.3/binding.gyp000066400000000000000000000013231315347515700164340ustar00rootroot00000000000000{
"targets": [{
"target_name": "OpenSSL_EVP_BytesToKey",
"sources": [
"./test/main.cc",
],
"cflags": [
"-Wall",
"-Wno-maybe-uninitialized",
"-Wno-uninitialized",
"-Wno-unused-function",
"-Wextra"
],
"cflags_cc+": [
"-std=c++0x"
],
"include_dirs": [
"/usr/local/include",
" 0 || ivLen > 0) {
var hash = new MD5()
hash.update(tmp)
hash.update(password)
if (salt) hash.update(salt)
tmp = hash.digest()
var used = 0
if (keyLen > 0) {
var keyStart = key.length - keyLen
used = Math.min(keyLen, tmp.length)
tmp.copy(key, keyStart, 0, used)
keyLen -= used
}
if (used < tmp.length && ivLen > 0) {
var ivStart = iv.length - ivLen
var length = Math.min(ivLen, tmp.length - used)
tmp.copy(iv, ivStart, used, used + length)
ivLen -= length
}
}
tmp.fill(0)
return { key: key, iv: iv }
}
module.exports = EVP_BytesToKey
EVP_BytesToKey-1.0.3/package.json000066400000000000000000000020601315347515700165660ustar00rootroot00000000000000{
"name": "evp_bytestokey",
"version": "1.0.3",
"description": "The insecure key derivation algorithm from OpenSSL",
"keywords": [
"crypto",
"openssl"
],
"homepage": "https://github.com/crypto-browserify/EVP_BytesToKey",
"bugs": {
"url": "https://github.com/crypto-browserify/EVP_BytesToKey/issues"
},
"license": "MIT",
"author": "Calvin Metcalf ",
"contributors": [
"Kirill Fomichev "
],
"files": [
"index.js"
],
"main": "index.js",
"repository": {
"type": "git",
"url": "https://github.com/crypto-browserify/EVP_BytesToKey.git"
},
"scripts": {
"coverage": "nyc tape test/*.js",
"lint": "standard",
"test": "npm run lint && npm run unit",
"test:prepare": "node-gyp rebuild",
"unit": "tape test/*.js"
},
"devDependencies": {
"bindings": "^1.2.1",
"nan": "^2.4.0",
"nyc": "^8.1.0",
"standard": "^8.0.0",
"tape": "^4.6.0"
},
"gypfile": false,
"dependencies": {
"md5.js": "^1.3.4",
"safe-buffer": "^5.1.1"
}
}
EVP_BytesToKey-1.0.3/test/000077500000000000000000000000001315347515700152615ustar00rootroot00000000000000EVP_BytesToKey-1.0.3/test/index.js000066400000000000000000000031321315347515700167250ustar00rootroot00000000000000/* eslint-disable camelcase */
try {
require('bindings')('OpenSSL_EVP_BytesToKey')
} catch (err) {
console.error('Run "npm run test:prepare" first')
process.exit(1)
}
var Buffer = require('safe-buffer').Buffer
var OpenSSL_EVP_BytesToKey = require('bindings')('OpenSSL_EVP_BytesToKey')
var crypto = require('crypto')
var test = require('tape')
var EVP_BytesToKey = require('../')
var keyLen = 256
var ivLen = 16
for (var i = 0; i < 1000; ++i) {
var password = crypto.randomBytes(10 + Math.round(Math.random() * 100))
var salt = crypto.randomBytes(8)
test('password: ' + password.toString('base64') + ', salt: null', function (t) {
var result = EVP_BytesToKey(password, null, keyLen, ivLen)
var expected = OpenSSL_EVP_BytesToKey.md5_key32_iv16(null, password, 1)
t.same(result, expected)
t.end()
})
test('password: ' + password.toString('base64') + ', salt: ' + salt.toString('base64'), function (t) {
var result = EVP_BytesToKey(password, salt, keyLen, ivLen)
var expected = OpenSSL_EVP_BytesToKey.md5_key32_iv16(salt, password, 1)
t.same(result, expected)
t.end()
})
test('password: ' + password.toString('base64') + ', salt: ' + salt.toString('base64') + ', no iv', function (t) {
var result = EVP_BytesToKey(password, salt, keyLen, 0)
var expected = OpenSSL_EVP_BytesToKey.md5_key32_iv0(salt, password, 1)
t.same(result, expected)
t.end()
})
}
test('salt buffer length is 7', function (t) {
t.throws(function () {
EVP_BytesToKey(Buffer.alloc(5), Buffer.alloc(7))
}, /^RangeError: salt should be Buffer with 8 byte length$/)
t.end()
})
EVP_BytesToKey-1.0.3/test/main.cc000066400000000000000000000044521315347515700165210ustar00rootroot00000000000000#include
#include
#include
NAN_METHOD(md5_key32_iv16) {
Nan::HandleScope scope;
const EVP_CIPHER* cipher = EVP_get_cipherbyname("aes-256-cbc");
const unsigned char* salt = NULL;
if (!info[0]->IsNull()) {
salt = (const unsigned char*) node::Buffer::Data(info[0].As());
}
v8::Local data_buffer = info[1].As();
const unsigned char* data = (const unsigned char*) node::Buffer::Data(data_buffer);
const int count = info[3].As()->Value();
unsigned char key[32] = {0};
unsigned char iv[16] = {0};
int key_len = EVP_BytesToKey(cipher, EVP_md5(), salt, data, node::Buffer::Length(data_buffer), count, key, iv);
if (key_len != 32) {
return Nan::ThrowRangeError("invalid key length returned");
}
v8::Local obj = Nan::New();
obj->Set(Nan::New("key").ToLocalChecked(), Nan::CopyBuffer((const char*) key, 32).ToLocalChecked());
obj->Set(Nan::New("iv").ToLocalChecked(), Nan::CopyBuffer((const char*) iv, 16).ToLocalChecked());
info.GetReturnValue().Set(obj);
}
NAN_METHOD(md5_key32_iv0) {
Nan::HandleScope scope;
const EVP_CIPHER* cipher = EVP_get_cipherbyname("aes-256-cbc");
const unsigned char* salt = NULL;
if (!info[0]->IsNull()) {
salt = (const unsigned char*) node::Buffer::Data(info[0].As());
}
v8::Local data_buffer = info[1].As();
const unsigned char* data = (const unsigned char*) node::Buffer::Data(data_buffer);
const int count = info[3].As()->Value();
unsigned char key[32] = {0};
int key_len = EVP_BytesToKey(cipher, EVP_md5(), salt, data, node::Buffer::Length(data_buffer), count, key, NULL);
if (key_len != 32) {
return Nan::ThrowRangeError("invalid key length returned");
}
v8::Local obj = Nan::New();
obj->Set(Nan::New("key").ToLocalChecked(), Nan::CopyBuffer((const char*) key, 32).ToLocalChecked());
obj->Set(Nan::New("iv").ToLocalChecked(), Nan::CopyBuffer((const char*) NULL, 0).ToLocalChecked());
info.GetReturnValue().Set(obj);
}
NAN_MODULE_INIT(Init) {
Nan::Export(target, "md5_key32_iv16", md5_key32_iv16);
Nan::Export(target, "md5_key32_iv0", md5_key32_iv0);
}
NODE_MODULE(OpenSSL_EVP_BytesToKey, Init)