diff --git a/packages/core/src/utils/crypto/abstract.ts b/packages/core/src/utils/crypto/abstract.ts index 79de17ba..943b0d83 100644 --- a/packages/core/src/utils/crypto/abstract.ts +++ b/packages/core/src/utils/crypto/abstract.ts @@ -53,10 +53,13 @@ export abstract class BaseCryptoProvider implements ICryptoProvider { abstract createAesEcb(key: Buffer): IEncryptionScheme + // algo: sha1 or sha512 (default sha512) abstract pbkdf2( password: Buffer, salt: Buffer, - iterations: number + iterations: number, + keylen?: number, // = 64 + algo?: string ): MaybeAsync abstract sha1(data: Buffer): MaybeAsync diff --git a/packages/core/src/utils/crypto/forge-crypto.ts b/packages/core/src/utils/crypto/forge-crypto.ts index 39fa8da0..2e8bbd34 100644 --- a/packages/core/src/utils/crypto/forge-crypto.ts +++ b/packages/core/src/utils/crypto/forge-crypto.ts @@ -59,15 +59,17 @@ export class ForgeCryptoProvider extends BaseCryptoProvider { pbkdf2( password: Buffer, salt: Buffer, - iterations: number + iterations: number, + keylen = 64, + algo = 'sha512' ): MaybeAsync { return new Promise((resolve, reject) => forge.pkcs5.pbkdf2( password.toString('binary'), salt.toString('binary'), iterations, - 64, - forge.md.sha512.create(), + keylen, + forge.md[algo].create(), (err: Error | null, buf: string) => err !== null ? reject(err) diff --git a/packages/core/src/utils/crypto/node-crypto.ts b/packages/core/src/utils/crypto/node-crypto.ts index ffe15d85..3204f828 100644 --- a/packages/core/src/utils/crypto/node-crypto.ts +++ b/packages/core/src/utils/crypto/node-crypto.ts @@ -44,15 +44,17 @@ export class NodeCryptoProvider extends BaseCryptoProvider { pbkdf2( password: Buffer, salt: Buffer, - iterations: number + iterations: number, + keylen = 64, + algo = 'sha512', ): MaybeAsync { return new Promise((resolve, reject) => pbkdf2( password, salt, iterations, - 64, - 'sha512', + keylen, + algo, (err: Error | null, buf: Buffer) => err !== null ? reject(err) : resolve(buf) )