wildduck/lib/hashes.js

'use strict';

const bcrypt = require('bcryptjs');
const pbkdf2 = require('@phc/pbkdf2'); // see https://www.npmjs.com/package/@phc/pbkdf2
const unixcrypt = require('unixcrypt');
// inefficient but we are rehashing immediately after successful verification
const { argon2Verify } = require('hash-wasm');
// this crap is only needed to support legacy users imported from some older system
const cryptMD5 = require('./md5/cryptmd5').cryptMD5;
const consts = require('./consts');
const unixCryptTD = require('unix-crypt-td-js');

// just pass hashing through to bcrypt
module.exports.hash = async password => {
    password = (password || '').toString();

    switch (consts.DEFAULT_HASH_ALGO) {
        case 'pbkdf2':
            return await pbkdf2.hash(password, {
                iterations: consts.PDKDF2_ITERATIONS,
                saltSize: consts.PDKDF2_SALT_SIZE,
                digest: consts.PDKDF2_DIGEST
            });
        case 'bcrypt':
        default:
            return await bcrypt.hash(password, consts.BCRYPT_ROUNDS);
    }
};

// compare against known hashing algos
module.exports.compare = async (password, hash) => {
    password = (password || '').toString();
    hash = (hash || '').toString();

    let algo = checkHashSupport(hash);
    if (!algo.result) {
        throw new Error('Invalid algo: ' + JSON.stringify(algo.algo));
    }

    switch (algo.algo) {
        case 'pbkdf2':
            return await pbkdf2.verify(hash, password);

        case 'bcrypt':
            return await bcrypt.compare(password, hash);

        case 'unixcrypt':
            return await unixcryptCompareAsync(password, hash);

        case 'argon2':
            try {
                // throws if does not match
                return await argon2Verify({
                    password,
                    hash
                });
            } catch (err) {
                return false;
            }

        case 'md5': {
            let result;

            let salt = hash.split('$')[2] || '';
            result = cryptMD5(password, salt) === hash;

            return result;
        }

        case 'des': {
            let result;

            let salt = hash.substr(0, 2);
            result = unixCryptTD(password, salt) === hash;

            return result;
        }

        default:
            throw new Error('Invalid algo: ' + JSON.stringify(algo));
    }
};

function checkHashSupport(hash) {
    hash = (hash || '').toString();

    if (/^[0-9a-z./]{13}$/i.test(hash)) {
        // DES https://passlib.readthedocs.io/en/stable/lib/passlib.hash.des_crypt.html#format
        return { result: true, algo: 'des' };
    }

    let algo = [].concat(hash.match(/^\$([^$]+)\$/) || [])[1];
    algo = (algo || '').toString().toLowerCase();

    switch (algo) {
        case 'pbkdf2-sha512':
        case 'pbkdf2-sha256':
        case 'pbkdf2-sha1':
            return { result: true, algo: 'pbkdf2' };
        case '2a':
        case '2b':
        case '2y':
            return { result: true, algo: 'bcrypt' };
        case '6': // sha512crypt
        case '5': // sha256crypt
            return { result: true, algo: 'unixcrypt' };

        case 'argon2d':
        case 'argon2i':
        case 'argon2id':
            return { result: true, algo: 'argon2' };

        case '1': {
            return { result: true, algo: 'md5' };
        }

        default:
            return { result: false, algo };
    }
}

module.exports.checkHashSupport = checkHashSupport;

module.exports.shouldRehash = hash => {
    hash = (hash || '').toString();

    if (/^[0-9a-z./]{13}$/i.test(hash)) {
        // DES https://passlib.readthedocs.io/en/stable/lib/passlib.hash.des_crypt.html#format
        return true;
    }

    let algo = [].concat(hash.match(/^\$([^$]+)\$/) || [])[1];
    algo = (algo || '').toString().toLowerCase();

    switch (algo) {
        case 'pbkdf2-sha512':
        case 'pbkdf2-sha256': {
            let [, iterations] = hash.match(/^\$[^$]+\$i=(\d+)\$/) || [];

            if (consts.DEFAULT_HASH_ALGO !== 'pbkdf2') {
                return true;
            }

            iterations = (iterations && Number(iterations)) || 0;

            if (iterations && consts.PDKDF2_ITERATIONS > iterations) {
                return true;
            }

            return false;
        }
        case '2a':
        case '2b':
        case '2y':
            return consts.DEFAULT_HASH_ALGO !== 'bcrypt';

        // Always rehash the following algos
        case '6': // sha512crypt
        case '5': // sha256crypt
        case '1': // md5
        case 'argon2d': // Argon2 (mostly because we are using an inefficient implementation)
        case 'argon2i':
        case 'argon2id':
        case 'pbkdf2-sha1':
            return true;

        default:
            return false;
    }
};

async function unixcryptCompareAsync(password, hash) {
    password = (password || '').toString();
    hash = (hash || '').toString();

    return unixcrypt.verify(password, hash);
}
Allow using password hashes 2018-09-07 15:56:11 +08:00			`'use strict';`

use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`const bcrypt = require('bcryptjs');`
			`const pbkdf2 = require('@phc/pbkdf2'); // see https://www.npmjs.com/package/@phc/pbkdf2`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00			`const unixcrypt = require('unixcrypt');`
fix(typos): fixed typos ZMS-167 (#740) 2024-10-14 15:37:58 +08:00			`// inefficient but we are rehashing immediately after successful verification`
Replaces argon2-browser with hash-wasm module 2022-12-01 21:35:42 +08:00			`const { argon2Verify } = require('hash-wasm');`
updated md5 hash handling 2018-09-11 20:49:35 +08:00			`// this crap is only needed to support legacy users imported from some older system`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`const cryptMD5 = require('./md5/cryptmd5').cryptMD5;`
			`const consts = require('./consts');`
Added support for DES password hashes 2022-05-24 22:01:45 +08:00			`const unixCryptTD = require('unix-crypt-td-js');`
Allow using password hashes 2018-09-07 15:56:11 +08:00
			`// just pass hashing through to bcrypt`
v1.21.1 2019-07-12 16:19:46 +08:00			`module.exports.hash = async password => {`
bumped deps 2019-01-25 21:19:51 +08:00			`password = (password \|\| '').toString();`

use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`switch (consts.DEFAULT_HASH_ALGO) {`
			`case 'pbkdf2':`
starting asyncifying 2019-07-11 15:52:43 +08:00			`return await pbkdf2.hash(password, {`
			`iterations: consts.PDKDF2_ITERATIONS,`
			`saltSize: consts.PDKDF2_SALT_SIZE,`
			`digest: consts.PDKDF2_DIGEST`
			`});`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`case 'bcrypt':`
			`default:`
starting asyncifying 2019-07-11 15:52:43 +08:00			`return await bcrypt.hash(password, consts.BCRYPT_ROUNDS);`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`}`
			`};`
Allow using password hashes 2018-09-07 15:56:11 +08:00
			`// compare against known hashing algos`
v1.21.1 2019-07-12 16:19:46 +08:00			`module.exports.compare = async (password, hash) => {`
bumped deps 2019-01-25 21:19:51 +08:00			`password = (password \|\| '').toString();`
			`hash = (hash \|\| '').toString();`

Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`let algo = checkHashSupport(hash);`
			`if (!algo.result) {`
			`throw new Error('Invalid algo: ' + JSON.stringify(algo.algo));`
			`}`

			`switch (algo.algo) {`
			`case 'pbkdf2':`
			`return await pbkdf2.verify(hash, password);`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`case 'bcrypt':`
			`return await bcrypt.compare(password, hash);`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`case 'unixcrypt':`
			`return await unixcryptCompareAsync(password, hash);`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00
			`case 'argon2':`
			`try {`
			`// throws if does not match`
Replaces argon2-browser with hash-wasm module 2022-12-01 21:35:42 +08:00			`return await argon2Verify({`
			`password,`
			`hash`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00			`});`
			`} catch (err) {`
			`return false;`
			`}`

Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`case 'md5': {`
			`let result;`

			`let salt = hash.split('$')[2] \|\| '';`
			`result = cryptMD5(password, salt) === hash;`

			`return result;`
			`}`
Added support for DES password hashes 2022-05-24 22:01:45 +08:00
			`case 'des': {`
			`let result;`

			`let salt = hash.substr(0, 2);`
			`result = unixCryptTD(password, salt) === hash;`

			`return result;`
			`}`

Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`default:`
			`throw new Error('Invalid algo: ' + JSON.stringify(algo));`
			`}`
			`};`

			`function checkHashSupport(hash) {`
			`hash = (hash \|\| '').toString();`

Added support for DES password hashes 2022-05-24 22:01:45 +08:00			`if (/^[0-9a-z./]{13}$/i.test(hash)) {`
			`// DES https://passlib.readthedocs.io/en/stable/lib/passlib.hash.des_crypt.html#format`
			`return { result: true, algo: 'des' };`
			`}`

bumped deps 2019-01-25 21:19:51 +08:00			`let algo = [].concat(hash.match(/^\$([^$]+)\$/) \|\| [])[1];`
			`algo = (algo \|\| '').toString().toLowerCase();`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00
bumped deps 2019-01-25 21:19:51 +08:00			`switch (algo) {`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`case 'pbkdf2-sha512':`
			`case 'pbkdf2-sha256':`
			`case 'pbkdf2-sha1':`
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`return { result: true, algo: 'pbkdf2' };`
Allow using password hashes 2018-09-07 15:56:11 +08:00			`case '2a':`
			`case '2b':`
			`case '2y':`
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`return { result: true, algo: 'bcrypt' };`
added support for sha256crypt 2020-10-08 16:32:48 +08:00			`case '6': // sha512crypt`
			`case '5': // sha256crypt`
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`return { result: true, algo: 'unixcrypt' };`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00
			`case 'argon2d':`
fixed invalid argon2 key 2020-10-08 15:57:26 +08:00			`case 'argon2i':`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00			`case 'argon2id':`
			`return { result: true, algo: 'argon2' };`

Allow using password hashes 2018-09-07 15:56:11 +08:00			`case '1': {`
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`return { result: true, algo: 'md5' };`
Allow using password hashes 2018-09-07 15:56:11 +08:00			`}`
Added support for DES password hashes 2022-05-24 22:01:45 +08:00
Allow using password hashes 2018-09-07 15:56:11 +08:00			`default:`
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`return { result: false, algo };`
Allow using password hashes 2018-09-07 15:56:11 +08:00			`}`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00			`}`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00
Remove call to crypto libraries on user creation, check only hash formats 2020-07-14 22:02:05 +08:00			`module.exports.checkHashSupport = checkHashSupport;`

use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`module.exports.shouldRehash = hash => {`
bumped deps 2019-01-25 21:19:51 +08:00			`hash = (hash \|\| '').toString();`
Force rehashing of DES hashes 2022-05-24 22:09:24 +08:00
			`if (/^[0-9a-z./]{13}$/i.test(hash)) {`
			`// DES https://passlib.readthedocs.io/en/stable/lib/passlib.hash.des_crypt.html#format`
			`return true;`
			`}`

bumped deps 2019-01-25 21:19:51 +08:00			`let algo = [].concat(hash.match(/^\$([^$]+)\$/) \|\| [])[1];`
			`algo = (algo \|\| '').toString().toLowerCase();`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00
bumped deps 2019-01-25 21:19:51 +08:00			`switch (algo) {`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`case 'pbkdf2-sha512':`
fix(password-hash): Rehash pbkdf2 if required iterations count increases 2024-03-12 20:50:15 +08:00			`case 'pbkdf2-sha256': {`
			`let [, iterations] = hash.match(/^\$[^$]+\$i=(\d+)\$/) \|\| [];`

			`if (consts.DEFAULT_HASH_ALGO !== 'pbkdf2') {`
			`return true;`
			`}`

			`iterations = (iterations && Number(iterations)) \|\| 0;`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00
fix(password-hash): Rehash pbkdf2 if required iterations count increases 2024-03-12 20:50:15 +08:00			`if (iterations && consts.PDKDF2_ITERATIONS > iterations) {`
			`return true;`
			`}`

			`return false;`
			`}`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00			`case '2a':`
			`case '2b':`
			`case '2y':`
			`return consts.DEFAULT_HASH_ALGO !== 'bcrypt';`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00
			`// Always rehash the following algos`
			`case '6': // sha512crypt`
added support for sha256crypt 2020-10-08 16:32:48 +08:00			`case '5': // sha256crypt`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00			`case '1': // md5`
fixed invalid argon2 key 2020-10-08 15:57:26 +08:00			`case 'argon2d': // Argon2 (mostly because we are using an inefficient implementation)`
			`case 'argon2i':`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00			`case 'argon2id':`
fix(password-hash): Rehash pbkdf2 if required iterations count increases 2024-03-12 20:50:15 +08:00			`case 'pbkdf2-sha1':`
add support for sha512crypt hashes during migration 2020-07-14 03:02:07 +08:00			`return true;`
use pbkdf2 as default password hash (uses native module), added disabled property for filter API 2018-09-21 16:25:55 +08:00
			`default:`
			`return false;`
			`}`
			`};`
add support for sha512crypt hashes during migration 2020-07-14 03:02:07 +08:00
			`async function unixcryptCompareAsync(password, hash) {`
			`password = (password \|\| '').toString();`
			`hash = (hash \|\| '').toString();`

			`return unixcrypt.verify(password, hash);`
allow importing users with argon2 password hashes 2020-10-08 15:50:51 +08:00			`}`