Options
All
  • Public
  • Public/Protected
  • All
Menu

Class SecurePass

Hierarchy

  • SecurePass

Index

Constructors

Properties

Accessors

Methods

Constructors

constructor

  • Create a new instance of SecurePass to hash passwords, verify passwords, generate one time reset tokens and verify one time reset tokens.

    Parameters

    • Optional options: SecurePassOptions

      SecurePassOptions to configure work settings of Argon2ID.

    Returns SecurePass

Properties

Static HashBytes

HashBytes: number = 128

Length of the Password Hash output buffer.

readonly

Static KeyBytes

KeyBytes: number = 32

Length of the secret Key buffer returned by generateOneTimeAuth and generateOneTimeAuthCode.

readonly

Static MacBytes

MacBytes: number = 16

Length of the Mac buffer returned by generateOneTimeAuth.

readonly

Static MemLimitDefault

MemLimitDefault: number = 67108864

Default Memory Limit. 64MB.

readonly

Static MemLimitInteractive

MemLimitInteractive: number = 67108864

Interactive Memory Limit. 64MB. This value is the same as MemLimitDefault. This memory limit is recommended for interactive "online" applications, when combined with OpsLimitInteractive, this option requires 64 MiB of dedicated RAM and provides a baseline configuration for web app security. Choosing a higher value such as MemLimitModerate, MemLimitSensitive or a custom value may improve security.

readonly

Static MemLimitMaximum

MemLimitMaximum: number = 4398046510080

The Maximum Allowed Memory Limit. 4TB.

readonly

Static MemLimitMinimum

MemLimitMinimum: number = 8192

The Minimum Allowed Memory Limit. 8KB.

readonly

Static MemLimitModerate

MemLimitModerate: number = 268435456

Moderate Memory Limit. 256MB. This memory limit, combined with OpsLimitModerate provides a good performance and security baseline for applications that require higher security than the default/interactive preset. Use of this option requires a minimum of 256 MiB of dedicated RAM.

readonly

Static MemLimitSensitive

MemLimitSensitive: number = 1073741824

Sensitive Memory Limit. 1GB. This memory limit, combined with OpsLimitSensitive, is recommended for highly sensitive data and non-interactive operations. Use of this option requires a minimum of 1024 MiB of dedicated RAM.

readonly

Static OpsLimitDefault

OpsLimitDefault: number = 2

Default Operations Limit. 2 Operations.

readonly

Static OpsLimitInteractive

OpsLimitInteractive: number = 2

Interactive Operations Limit. 2 Operations.This value is the same as OpsLimitDefault. This operations limit is recommended for interactive "online" applications, when combined with MemLimitInteractive, this option provides a baseline configuration for web app security. Choosing a higher value such as MemLimitModerate, MemLimitSensitive or a custom value may improve security.

readonly

Static OpsLimitMaximum

OpsLimitMaximum: number = 4294967295

The Maximum Allowed Operations Limit. 4294967295 Operations.

readonly

Static OpsLimitMinimum

OpsLimitMinimum: number = 1

The Minimum Allowed Operations Limit. 1 Operation.

readonly

Static OpsLimitModerate

OpsLimitModerate: number = 3

Moderate Operations Limit. 3 Operations. This operations limit, combined with MemLimitModerate provides a good performance and security baseline for applications that require higher security than the default/interactive preset. Using this options takes around 0.7 seconds to derrive a hash on a 2.8Ghz Core i7 CPU.

readonly

Static OpsLimitSensitive

OpsLimitSensitive: number = 4

Sensitive Operations Limit. 4 Operations. This memory limit, combined with OpsLimitSensitive, is recommended for highly sensitive data and non-interactive operations. Using this option it takes around 3.5 seconds to derrive a hash on a 2.8Ghz Core i7 CPU.

readonly

Static PasswordBytesMax

PasswordBytesMax: number = 2147483647

Maxium Length for the Password input buffer.

readonly

Static PasswordBytesMin

PasswordBytesMin: number = 1

Minimum Length for the Password input buffer.

readonly

Static SaltBytes

SaltBytes: number = 16

Length of the Salt buffer.

readonly

Accessors

MemLimit

  • get MemLimit(): number
  • set MemLimit(newValue: number): void

  • Returns the currently configured Memory Limit.

    Returns number

  • Sets the Memory Limit to the new value provided.

    Parameters

    • newValue: number

      The new Memory Limit.

    Returns void

OpsLimit

  • get OpsLimit(): number
  • set OpsLimit(newValue: number): void

  • Returns the currently configured Operations Limit.

    Returns number

  • Sets the Operations Limit to the new value provided.

    Parameters

    • newValue: number

    Returns void

Methods

hashPassword

  • hashPassword(password: Buffer): Promise<Buffer>
  • hashPassword(password: Buffer, callback: HashPasswordCallback): void

  • Takes the provided password and returns the derived Argon2ID hash.

    Parameters

    • password: Buffer

      The password to be hashed.

    Returns Promise<Buffer>

  • Parameters

    Returns void

hashPasswordSync

  • hashPasswordSync(password: Buffer): Buffer

  • Takes the provided password and returns the derived Argon2ID hash.

    Parameters

    • password: Buffer

      The password to be hashed.

    Returns Buffer

verifyHash

  • Takes the provided password and the hash buffer and returns the result of the verification as an enumeration value.

    Parameters

    • password: Buffer

      The password to be verified.

    • hash: Buffer

      The hash to be verified against.

    Returns Promise<VerificationResult>

  • Parameters

    Returns void

verifyHashSync

  • Takes the provided password and the hash buffer and returns the result of the verification as an enumeration value.

    Parameters

    • password: Buffer

      The password to be verified.

    • hash: Buffer

      The hash to be verified against.

    Returns VerificationResult

Static generateOneTimeAuth

  • Generates a random key, and then uses that key and the supplied message, to generate a one time authentication mac.

    Parameters

    • message: Buffer

      The message to be used as the base of the one time authentication key.

    Returns GenerateOneTimeAuthResult

Static generateOneTimeAuthCode

  • Generates a random key, and then uses that key and the supplied message, to generate a one time authentication code.

    Parameters

    • message: Buffer

      The message to be used as the base of the one time authentication code.

    Returns GenerateOneTimeAuthCodeResult

Static isInvalid

  • Tests a VerificationResult enumeration and returns true if the value is Invalid.

    Parameters

    Returns boolean

Static isInvalidOrUnrecognized

  • Tests a VerificationResult enumeration and returns true if the value is InvalidOrUnrecognized.

    Parameters

    Returns boolean

Static isValid

  • Tests a VerificationResult enumeration and returns true if the value is Valid.

    Parameters

    Returns boolean

Static isValidNeedsRehash

  • Tests a VerificationResult enumeration and returns true if the value is ValidNeedsRehash.

    Parameters

    Returns boolean

Static verifyOneTimeAuth

  • verifyOneTimeAuth(mac: Buffer, message: Buffer, key: Buffer): boolean

  • Verifys the authenticity of the mac using the supplied message and, the key returned when generating the mac.

    Parameters

    • mac: Buffer

      The authentication mac generated by generateOneTimeAuth.

    • message: Buffer

      The original message used to generate the mac.

    • key: Buffer

      The authentication key generated by generateOneTimeAuth.

    Returns boolean

Static verifyOneTimeAuthCode

  • verifyOneTimeAuthCode(code: string, key: Buffer): boolean

  • Verifys the authenticity of the supplied authentication code using the key returned when generating the code.

    Parameters

    • code: string

      The one time authentication code generated by generateOneTimeAuthCode.

    • key: Buffer

      The authentication key generated by generateOneTimeAuthCode.

    Returns boolean

Generated using TypeDoc