I've setup Scrypt and hashing - the KDF - works fine.
However, whenever I try to verifyKdf() I get an error.
return scryptNative.verifySync(args[0], args[1]); ^
Error
at Object.verifyKdfSync (/home/arc/Desktop/scrypt-test/node_modules/scrypt/index.js:331:25)
My code to hash it.
// a promise chain...
.then(() => scrypt.kdf(newPassword, scryptParameters))
.then(hashedPassword => {
user.hashedPassword = hashedPassword.toString('base64')
resolve(store.save(user.id, user))
})
then to verify: (here it falls into the catch() and err simple contains "Error")
scrypt.verifyKdf(user.hashdPassword, enteredPassword)
.then(result => {
if (result) return resolve(user)
else return reject('Wrong password')
})
.catch(err => {
console.log('scrypt verify failed: ', err)
return reject('Internal Error')
})
The Problem is that .toString('base64') is used. Although this in itself is not a problem, you have to revert it back to a buffer.
To fix it use new Buffer( /* Password */ , 'base64') and would look like this:
scrypt.verifyKdf(new Buffer(user.hasdPassword, 'base64'), password)
This solution would work as well when instead of base64 hex was used.