The digest string for the crypto.pbkdf2Sync function is malfunctioning

I've been working on revamping the authentication system for an old application that previously ran on node 4.5, but I keep encountering an error whenever I attempt to log in.

TypeError [ERR_INVALID_ARG_TYPE]: The "digest" argument must be one of type string or null. Received type undefined
    at check (internal/crypto/pbkdf2.js:56:13)

Here's my approach to resolving the issue:
The original code snippet is:

crypto.pbkdf2Sync(password, new Buffer(this.salt, 'base64'), 10000, 64).toString('base64');

My updated version looks like this:

pbkdf2Sync(password, new Buffer(this.salt, 'base64'), 10000, 64,'sha512').toString('base64');

Unfortunately, the update doesn't seem to work as the previously stored hashed passwords do not align with the new hashes generated by the implementation.

Do you have any suggestions on how I can tackle this issue?

javascriptnpm

Answer №1

It is recommended to include "sha1" as the digest parameter when generating a key, as this is the default algorithm used in case no digest parameter is provided - according to the documentation:

When generating a key of a specific byte length (keylen) from the password, salt, and iterations, an HMAC digest algorithm specified by digest is utilized. In the event that no digest algorithm is specified, 'sha1' is automatically used.

By explicitly specifying "sha1" as the digest in the function, we can ensure that the desired outcome is achieved:

crypto.pbkdf2Sync(password, Buffer.from(this.salt, 'base64'), 10000, 64, "sha1").toString('base64');

Answer №2

A piece of code is currently executing on an online compiler utilizing Node 12.16.1 with smooth operation and no errors. This code snippet originally belonged to a different project, hence additional context has been provided.

Output:

Create a 32-byte AES key using PBKDF2
aesKeySha256 length:  32  data:  e1ea3e4b0376c0f9bf93b94fe71719a099317297b79108aacd88c8a355d7a3d4
aesKeySha1   length:  32  data:  d6bc1ae2aea28f5098826b555d7a0fe073e5bc7d8136d232e01d422ba2dd761e
aesKeySha1   Base64:  1rwa4q6ij1CYgmtVXXoP4HPlvH2BNtIy4B1CK6Lddh4=

Note on Security: The following code incorporates a fixed salt - for live deployment, ensure to use a randomly generated salt for each execution:

console.log("Create a 32-byte long AES key using PBKDF2");
var crypto = require('crypto');

var password = "secret password";
var PBKDF2_ITERATIONS = 15000; // the higher number of iterations, the better but slower

// ### Security Notification: Never utilize a fixed salt in production environments, reserved for comparative purposes only
var salt = generateFixedSalt32Byte();
// Kindly make use of the function generateSalt32Byte() below instead
// var salt = generateSalt32Byte();

var aesKeySha256 = generateAes256KeyPbkdf2Sha256(password, PBKDF2_ITERATIONS, salt);  
console.log('aesKeySha256 length: ',
  aesKeySha256.length, ' data: ', bytesToHex(aesKeySha256));
var aesKeySha1 = generateAes256KeyPbkdf2Sha1(password, PBKDF2_ITERATIONS, salt);  
console.log('aesKeySha1   length: ',
  aesKeySha1.length, ' data: ', bytesToHex(aesKeySha1));

var aesKeySha1Base64 = generateAes256KeyPbkdf2Sha1Base64(password, PBKDF2_ITERATIONS, salt);  
console.log('aesKeySha1   Base64: ', aesKeySha1Base64);

function generateAes256KeyPbkdf2Sha256(password, iterations, salt) {
  return crypto.pbkdf2Sync(password, salt, iterations, 32, 'sha256');
}

function generateAes256KeyPbkdf2Sha1(password, iterations, salt) {
  return crypto.pbkdf2Sync(password, salt, iterations, 32, 'sha1');
}

function generateAes256KeyPbkdf2Sha1Base64(password, iterations, salt) {
  return crypto.pbkdf2Sync(password, salt, iterations, 32, 'sha1').toString('base64');
}

function generateSalt32Byte() {
  return crypto.randomBytes(32);
}

function generateFixedSalt32Byte() {
  return Buffer.from('0000000000000000000000000000000000000000000000000000000000000000', 'hex');
}

function bytesToHex(input) {
  return input.toString('hex');
}

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Tips for circumventing CORS in an ajax request using various browser extensions or add-ons

I am encountering a cross-origin problem with my WCF service. Despite adding an extension in chrome to bypass CORS, the issue persists. Is there any other extension/add-on/plugin available to test the service locally and bypass the CORS problem? Edit Aft ...

javascriptasp.netajaxwcfcors

Vue.js - dynamically applying CSS classes based on conditions

Within a VueNative project that utilizes NativeBase as a component library, with tags prefixed by nb-, the code snippet below is found within the <template> tags of the footer.vue file which houses navigation buttons. This piece of logic successfully ...

javascriptcssvue.jsvuejs2vue-native

Adding JavaScript to dynamically loaded AJAX content

I'm new to AJAX and JavaScript and unsure of how to get it working. Here is the website: When you click on portfolio images, the details load via AJAX. I want to create a slideshow for projects with multiple full-sized images. However, due to the co ...

javascriptjqueryhtmlajaxwordpress

Encountering issues with npm-adduser when trying to input credentials for npm account

After developing an npm package on one machine, I cloned it to a different machine and encountered an error when trying to run npm publish: npm ERR! need auth auth and email required for publishing npm ERR! need auth You need to authorize this machine usi ...

node.jsnpm

What steps should be taken to ensure that Google effectively crawls through an AngularJS application?

According to a source at Allotment Digital, it is unnecessary to provide different or pre-rendered content to Google when using html5mode and removing hashtags from URLs. While some websites state that ajax crawling documents are deprecated, others such a ...

javascriptangularjsseogoogle-crawlers

Ensure the form is properly validated before initiating the submission process on 2checkout

Attempting to prevent the form from being submitted, I implemented the code below. Typically, this method works perfectly fine. However, when integrating 2checkout js (), it does not function as intended. <form onSubmit="validate(); return false;" meth ...

javascriptjqueryhtml2checkout

Expanding a table by including a new column using Node.js and Knex

Currently building a service for my router using Node.js and Knex, but I'm struggling to add a column to an existing table. Any assistance would be greatly appreciated. Even though I am working with PostgreSQL, I believe the solution will be similar r ...

javascriptnode.jspostgresqlbackendknex.js

Error: Jquery unrecognized - syntax issue

How can I properly add or remove the active class from an element based on a data-filter attribute in jQuery? When I attempt to do this, I receive the following error message:Uncaught Error: Syntax error, unrecognized expression: li[data-filter=.arroz-1] $ ...

javascriptjquery

Learn how to implement a feature in your chat application that allows users to reply to specific messages, similar to Skype or WhatsApp, using

I am currently working on creating a chatbox for both mobile and desktop websites. However, I have encountered an obstacle in implementing a specific message reply feature similar to Skype and WhatsApp. In this feature, the user can click on the reply butt ...

javascripthtmljquerycsschat

npm is a tool that allows you to easily incorporate pre-existing JavaScript

Currently, I am in the process of learning about npm modules and my goal is to package this module as an npm package. I have gone through the documentation on how to create an npm module. https://docs.npmjs.com/getting-started/creating-node-modules Base ...

node.jsnpm

Spotlight barn doors in Three.js are an innovative feature that

I have been experimenting with three.js to build a scene featuring spotlights. Is there a way to achieve the barn door effect for the lights in three.js? I attempted using small cubes as barn doors to block the light, but it was not successful. I am look ...

javascriptthree.js

Is there a way to restrict the number of times I can utilize slideToggle function?

When I continuously click on a div element in an HTML website that triggers the .slideToggle() method, it will keep opening and closing for as many times as I click. The problem arises when I stop clicking, as the <div> continues to toggle open and c ...

javascriptjquery

Unable to call upon JavaScript code from an external file

Just starting out with Spring and JavaScript! I've put together a JSP file https://i.sstatic.net/XemJ5.png In my first.js, you'll find the following method: function firstmethod() { window.alert("Enter a New Number"); return true; } H ...

javascripthtmljsp

Unable to run npm installation of less on an Ubuntu virtual machine

I encountered an issue when trying to install less. I utilized this command npm install -g less, yet it's producing the following error message: > vagrant@precise32:/$ sudo npm install -g less > npm http GET http://registry.npmjs.org/less npm ...

lessnpmvagrantvirtual-machineubuntu-server

Is it possible to conceal an HTML button depending on the user's source IP address?

Currently brainstorming an idea where a HTML button is only displayed to users within a specific range of IP addresses. This would trigger the download of an exe file upon clicking. I am working on an app that requires certain buttons to be hidden based on ...

reactjsbuttonnpmip-address

Node-powered Angular

Currently working on setting up client-side routing with AngularJS and Node. Ran into some issues along the way. EDIT After making changes to my code based on recommendations from @PareshGami, following https://github.com/scotch-io/starter-node-angular, I ...

javascriptangularjsnode.jsexpressweb

What is the process of dynamically loading CSS into an HTML document?

In my C# program, I am utilizing a web browser control and setting its HTML property programmatically by loading it from an HTML string variable. While this setup works almost perfectly, I have noticed that it loses the reference to the CSS file. I believe ...

c#javascriptcss

Mapbox GL JS stops displaying layers once a specific zoom level or distance threshold is reached

My map is using mapbox-gl and consists of only two layers: a marker and a circle that is centered on a specific point. The distance is dynamic, based on a predefined distance in meters. The issue I'm facing is that as I zoom in and move away from the ...

javascripttypescriptvue.jsmapbox-gl-js

What could be the reason for getting undefined when printing console.log(fibonacci(3))?

let array = [0, 1, 1]; const fibonacciSequence = (number) => { if (number < 2) { return array[number]; } else if (number == 2) { console.log(array.length-1); console.log((array[array.length-1])); // return (ar ...

javascript

Tips for updating process.version in a Node.js environment

After upgrading my node version from v3 to v11 using nvm with the command nvm use 11.12.0, I noticed that when I check the version using node -v in the terminal, it correctly shows 11.12.0. I also have a node js application that is started through pm2. I ...

javascriptnode.jsnpmpm2