JavaScript cryptography

2011-05-15 00:00:00 +0100

Crypto-js seems to be a nice collection of standard cryptographic algorithms for JavaScript. Implementing PwdHash clones should be now easier than ever :) Sample code using crypto-js uses PBKDF2 to hash a “Secret Passphrase” with randomly generated salt. Number of iterations is 500.

Progress: </div>

Master pass: Salt: Output:

This is how it’s implemented:

<script type="text/javascript" src="files/ipsec/2.2.0-crypto-sha1-hmac-pbkdf2async.js"></script>
<script type="text/javascript">

var salt = Crypto.util.bytesToHex(Crypto.util.randomBytes(16));
document.getElementById('salt').value = salt;

function onCompleteHandler(result) {
    var key512bit1000 = result;
    document.getElementById('output').value =  Crypto.util.bytesToBase64(Crypto.util.hexToBytes(result));

function onProgressChangeHandler(percent) {
    document.getElementById('progress').innerHTML = percent + '%';

var pass = document.getElementById('input').value;

Crypto.PBKDF2Async(pass, salt, 64, onCompleteHandler, { iterations: 500, onProgressChange: onProgressChangeHandler });


Note that the example on crypto-js page uses bytesToString which seems to be no longer supported. I used bytesToHex instead.

Also have a look at Stanford SJCL.