I would like to translate Java code password hashing used in Blynk IoT software that I can use in Express.js app. Thanks for any help!
Java code: https://www.onlinegdb.com/HJe19lyFB
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
public class Main {
public static void main(String[] args){
System.out.println(makeHash("password","mail@gmail.com"));
}
private static final String SHA_256 = "SHA-256";
private Main() {
try {
MessageDigest.getInstance(SHA_256);
} catch (NoSuchAlgorithmException e) {
}
}
public static String makeHash(String password, String salt) {
try {
MessageDigest md = MessageDigest.getInstance(SHA_256);
md.update(password.getBytes(StandardCharsets.UTF_8));
byte[] byteData = md.digest(makeHash(salt.toLowerCase()));
return Base64.getEncoder().encodeToString(byteData);
} catch (Exception e) {
//ignore, will never happen.
}
return password;
}
private static byte[] makeHash(String val) throws NoSuchAlgorithmException {
return MessageDigest.getInstance(SHA_256).digest(val.getBytes(StandardCharsets.UTF_8));
}
}
Currently not working solution: https://repl.it/@patryk0493/blynk-password-hashing
const btoa = require('btoa');
var util = require('util');
const KJUR = require('jsrsasign');
const password = 'password';
const email = 'mail@gmail.com';
const options = {"alg": "sha256", "prov": "cryptojs"}
makeHash = (str) => {
const md = new KJUR.crypto.MessageDigest(options);
return md.digestString(new util.TextEncoder().encode(str.toLowerCase()))
}
const md = new KJUR.crypto.MessageDigest(options);
md.updateString(new util.TextEncoder().encode(password));
const byteData = md.digest(makeHash(email.toLowerCase()));
const base64 = btoa(byteData)
console.log(base64);
You can re-implement the Java password hashing using the standard Node.js crypto module:
const crypto = require('crypto');
const makeHash = (data) => {
const hash = crypto.createHash('sha256');
return hash.update(data, 'utf8');
}
const password = "password";
const salt = "mail@gmail.com";
const result = makeHash(password)
.update(makeHash(salt).digest())
.digest('base64')
console.log(result);