2026-05-08 16:36:58 +00:00
|
|
|
const pbkdf2HashPattern = /^pbkdf2-sha256\$(\d+)\$([A-Za-z0-9+/=]+)\$([A-Za-z0-9+/=]+)$/;
|
|
|
|
|
const pbkdf2Iterations = 210_000;
|
|
|
|
|
const pbkdf2KeyLengthBits = 256;
|
2026-04-19 01:30:54 +00:00
|
|
|
|
2026-05-08 16:36:58 +00:00
|
|
|
const bytesToBase64 = (bytesArg: Uint8Array): string => {
|
|
|
|
|
let binary = '';
|
|
|
|
|
for (const byte of bytesArg) {
|
|
|
|
|
binary += String.fromCharCode(byte);
|
|
|
|
|
}
|
|
|
|
|
return btoa(binary);
|
|
|
|
|
};
|
2026-04-19 01:30:54 +00:00
|
|
|
|
2026-05-08 16:36:58 +00:00
|
|
|
const base64ToBytes = (base64Arg: string): Uint8Array => {
|
|
|
|
|
const binary = atob(base64Arg);
|
|
|
|
|
const bytes = new Uint8Array(binary.length);
|
|
|
|
|
for (let i = 0; i < binary.length; i++) {
|
|
|
|
|
bytes[i] = binary.charCodeAt(i);
|
|
|
|
|
}
|
|
|
|
|
return bytes;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const timingSafeEqual = (aArg: Uint8Array, bArg: Uint8Array): boolean => {
|
|
|
|
|
if (aArg.length !== bArg.length) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let diff = 0;
|
|
|
|
|
for (let i = 0; i < aArg.length; i++) {
|
|
|
|
|
diff |= aArg[i] ^ bArg[i];
|
|
|
|
|
}
|
|
|
|
|
return diff === 0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const toArrayBuffer = (bytesArg: Uint8Array): ArrayBuffer => {
|
|
|
|
|
return bytesArg.buffer.slice(
|
|
|
|
|
bytesArg.byteOffset,
|
|
|
|
|
bytesArg.byteOffset + bytesArg.byteLength,
|
|
|
|
|
) as ArrayBuffer;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const derivePasswordHash = async (
|
|
|
|
|
passwordArg: string,
|
|
|
|
|
saltArg: Uint8Array,
|
|
|
|
|
iterationsArg: number,
|
|
|
|
|
): Promise<Uint8Array> => {
|
|
|
|
|
const key = await crypto.subtle.importKey(
|
|
|
|
|
'raw',
|
|
|
|
|
new TextEncoder().encode(passwordArg),
|
|
|
|
|
'PBKDF2',
|
|
|
|
|
false,
|
|
|
|
|
['deriveBits'],
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const bits = await crypto.subtle.deriveBits(
|
|
|
|
|
{
|
|
|
|
|
name: 'PBKDF2',
|
|
|
|
|
hash: 'SHA-256',
|
|
|
|
|
salt: toArrayBuffer(saltArg),
|
|
|
|
|
iterations: iterationsArg,
|
|
|
|
|
},
|
|
|
|
|
key,
|
|
|
|
|
pbkdf2KeyLengthBits,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return new Uint8Array(bits);
|
|
|
|
|
};
|
2026-04-19 01:30:54 +00:00
|
|
|
|
2026-05-08 16:36:58 +00:00
|
|
|
export function isPbkdf2Hash(passwordHash: string): boolean {
|
|
|
|
|
return pbkdf2HashPattern.test(passwordHash);
|
2026-04-19 01:30:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function hashPassword(password: string): Promise<string> {
|
2026-05-08 16:36:58 +00:00
|
|
|
// Use Web Crypto only so compiled binaries do not depend on external worker files.
|
|
|
|
|
const salt = crypto.getRandomValues(new Uint8Array(16));
|
|
|
|
|
const hash = await derivePasswordHash(password, salt, pbkdf2Iterations);
|
|
|
|
|
return `pbkdf2-sha256$${pbkdf2Iterations}$${bytesToBase64(salt)}$${bytesToBase64(hash)}`;
|
2026-04-19 01:30:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function verifyPassword(password: string, passwordHash: string): Promise<boolean> {
|
|
|
|
|
if (!passwordHash) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-08 16:36:58 +00:00
|
|
|
const pbkdf2Match = passwordHash.match(pbkdf2HashPattern);
|
|
|
|
|
if (pbkdf2Match) {
|
|
|
|
|
const iterations = Number(pbkdf2Match[1]);
|
|
|
|
|
const salt = base64ToBytes(pbkdf2Match[2]);
|
|
|
|
|
const expectedHash = base64ToBytes(pbkdf2Match[3]);
|
|
|
|
|
const actualHash = await derivePasswordHash(password, salt, iterations);
|
|
|
|
|
return timingSafeEqual(actualHash, expectedHash);
|
2026-04-19 01:30:54 +00:00
|
|
|
}
|
|
|
|
|
|
2026-05-08 16:36:58 +00:00
|
|
|
return false;
|
2026-04-19 01:30:54 +00:00
|
|
|
}
|
