Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

unixcrypt

markusberg21.4kApache-2.02.0.3TypeScript support: included

Node.js implementation of Unixcrypt, specifically SHA-256 and SHA-512

sha256crypt, sha512crypt, unixcrypt

readme

Unixcrypt for Node.js

node.js build coverage version license

A Node.js module for encrypting and verifying passwords according to the SHA-256 and SHA-512 Crypt standard: https://www.akkadia.org/drepper/SHA-crypt.txt

Dependencies

This package has no external dependencies. It uses the cryptographic facilities built into Node.js. Since version 2.0 this package is ESModule only. If you require CommonJS functionality, you can still use the 1.x version.

For development, there are dependencies on TypeScript, and vitest.

Goals and motivation

I needed an implementation of SHA-512-crypt for another project (for compatibility purposes with an older project), and I wasn't happy with any of the already available packages. Another motivation was that I wanted to write a Node.js module in TypeScript. This seemed a perfect candidate as it's:

  • something that I need
  • a well known standard
  • plenty of tests already written

Installation

$ npm install unixcrypt

Usage

JavaScript

The JavaScript usage should be identical to the TypeScript below.

TypeScript

import { encrypt, verify } from "unixcrypt"

const plaintextPassword = "password"

// without providing salt, random salt is used, and default number of rounds
const pwHash = encrypt(plaintextPassword)

// verify password with generated hash
console.log(verify(plaintextPassword, pwHash))
// true

// specify number of rounds
const moreRounds = encrypt(plaintextPassword, "$6$rounds=10000")
console.log(verify(plaintextPassword, moreRounds))
// true

// provide custom salt
const customSalt = encrypt(plaintextPassword, "$6$salt")
console.log(verify(plaintextPassword, customSalt))
// true

// or provide both rounds and salt
const customRoundsAndSalt = encrypt(plaintextPassword, "$6$rounds=10000$salt")
console.log(verify(plaintextPassword, customRoundsAndSalt))
// true

// you can also use SHA-256
const sha256 = encrypt(plaintextPassword, "$5")
console.log(verify(plaintextPassword, sha256))
// true

Test

The tests are written with the built-in node:assert module, using the vitest test runner.

$ npm test

or

$ npm run test:watch

to get automatic re-tests when files are changed.

changelog

Changelog

All notable changes to this project will be documented in this file.

[2.0.0] - 2024-02-18

  • feat: minimum required version of Node.js is 18.x
  • chore: update all packages
  • test: replace test runner with vitest
  • test: use built-in node:assert module

[1.2.0] - 2023-04-16

  • feat: minimum required version of Node.js is 14.x
  • fix: properly generate hash with empty salt
  • chore: update dependencies
  • ci: migrate to GitHub actions for CI and some of the badges

[1.1.0] - 2022-03-22

  • Upgrade most dependencies
  • Minimum required version of Node.js is now 12.19.0

[1.0.3] - 2019-07-19

Added

  • Dependency on prettier for consistent code formatting
  • Pre-commit hook for pretty-quick

Changed

  • Updated dependencies of jest

Removed

  • Devdependency on ts-node