Provides an asynchronous scrypt implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.
The salt should be as unique as possible. It is recommended that a salt is
random and at least 16 bytes long. See NIST SP 800-132 for details.
When passing strings for password or salt, please consider caveats when using strings as inputs to cryptographic APIs.
The callback function is called with two arguments: err and derivedKey. err is an exception object when key derivation fails, otherwise err is null. derivedKey is passed to the
callback as a Buffer.
An exception is thrown when any of the input arguments specify invalid values or types.
const {
scrypt,
} = await import('node:crypto');
// Using the factory defaults.
scrypt('password', 'salt', 64, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...08d59ae'
});
// Using a custom N parameter. Must be a power of two.
scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
if (err) throw err;
console.log(derivedKey.toString('hex')); // '3745e48...aa39b34'
});
Provides an asynchronous scrypt implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding.
The
saltshould be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See NIST SP 800-132 for details.When passing strings for
passwordorsalt, please considercaveats when using strings as inputs to cryptographic APIs.The
callbackfunction is called with two arguments:errandderivedKey.erris an exception object when key derivation fails, otherwiseerrisnull.derivedKeyis passed to the callback as aBuffer.An exception is thrown when any of the input arguments specify invalid values or types.