Why is bcrypt in node so slow?

F

frontendo2017-08-26 15:00:37

Node.js

frontendo, 2017-08-26 15:00:37

There is such a code

const bcrypt = require('bcrypt-nodejs');
  async encodePassword(password) {
    let st = Date.now();
    const a = await bcrypt.hashSync(password, bcrypt.genSaltSync(1));
    console.log('hash-' + (Date.now() - st));
    return a;
  }

what is asynchronous, what is synchronous runs in 500-700ms. Hashes a 6 character password to store in the database. I use sequelize. I don't understand what's funny. I tried all the similar modules in the node, all of them have a catastrophically long execution. Maybe I'm misunderstanding something. Wondering what password hashing tool others use

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey Shashenkov, 2017-08-26
@frontendo

Why are you using it synchronously? Use asynchronously hashinstead hashSync
In general, I use standard crypto

async example

const crypto = require('crypto');
const util = require('util');
const cryptoPbkdf2 = util.promisify(crypto.pbkdf2); 

let hashLength = 16;
let iterations = 10;
async function createSaltHash(email) {
    let salt = crypto.randomBytes(hashLength).toString('base64');
    let hash = (await cryptoPbkdf2(email, salt, iterations, hashLength, 'sha512')).toString();
    return { salt, hash }
};

async function checkSaltHash(email, salt, hash) {
    if (!email || !hash || !salt) return false;
    let userHash = (await cryptoPbkdf2(email, salt, iterations, hashLength, 'sha512')).toString();
    let check = userHash == hash;
    return check;
};