{"id":28225516,"url":"https://github.com/6over3/bcrypt","last_synced_at":"2025-06-12T20:31:40.296Z","repository":{"id":275710586,"uuid":"926954356","full_name":"6over3/bcrypt","owner":"6over3","description":"A modern, secure implementation of bcrypt for JavaScript/TypeScript","archived":false,"fork":false,"pushed_at":"2025-03-06T04:40:50.000Z","size":34,"stargazers_count":28,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-11T20:12:47.262Z","etag":null,"topics":["bcrypt","bcrypt-node","bcrypt-nodejs","bcryptjs","node","node-js","nodejs"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/6over3.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-04T06:29:38.000Z","updated_at":"2025-05-19T10:52:31.000Z","dependencies_parsed_at":"2025-04-05T13:50:50.926Z","dependency_job_id":null,"html_url":"https://github.com/6over3/bcrypt","commit_stats":null,"previous_names":["uswriting/bcrypt","6over3/bcrypt"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/6over3/bcrypt","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6over3%2Fbcrypt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6over3%2Fbcrypt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6over3%2Fbcrypt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6over3%2Fbcrypt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/6over3","download_url":"https://codeload.github.com/6over3/bcrypt/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6over3%2Fbcrypt/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259522458,"owners_count":22870469,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bcrypt","bcrypt-node","bcrypt-nodejs","bcryptjs","node","node-js","nodejs"],"created_at":"2025-05-18T10:32:57.207Z","updated_at":"2025-06-12T20:31:40.283Z","avatar_url":"https://github.com/6over3.png","language":"TypeScript","readme":"# A Modern, Secure Implementation of bcrypt for JavaScript/TypeScript\n\n**Version:** 1.0.1  \n**Date:** 2025-02-04\n\n---\n\n## Abstract\n\nThis document details our modern implementation of the bcrypt password hashing algorithm in JavaScript/TypeScript. In response to well-documented vulnerabilities in legacy libraries[^1][^2], our implementation adheres strictly to the bcrypt 2b specification, enforces opinionated input validation, and is designed for compatibility with established libraries. The aim is to provide a secure, maintainable, and high-assurance bcrypt library suitable for modern applications.\n\n---\n\n## 1. Introduction\n\nEarly JavaScript cryptography often lacked uniformity. Prominent libraries such as [node.bcrypt.js](https://github.com/kelektiv/node.bcrypt.js) and [bcrypt.js](https://www.npmjs.com/package/bcryptjs) exemplify this period. Despite their widespread adoption—with millions of weekly downloads—both implementations exhibit a critical vulnerability: they silently truncate passwords longer than 72 bytes without issuing an error, leading to hash collisions.\n\n## 2. Technical Analysis\n\n### 2.1 Legacy Behavior\n\nExamination of the node.bcrypt.js source reveals the following logic:\n\n```c\n/* cap key_len at the actual maximum supported\n * length here to avoid integer wraparound */\nif (key_len \u003e 72)\n    key_len = 72;\n```\n\nThis code silently restricts the key length to 72 bytes. Consequently, when passwords exceed this size, the additional data is disregarded, potentially resulting in distinct inputs generating identical hashes.\n\n### 2.2 Empirical Validation\n\nThe following example (in Node.js) illustrates the issue:\n\n```js\nconst bcrypt = require('bcrypt');\n\nconst userid = \"b91fa9b4-69f1-4779-8d45-73f8653057f3\";\nconst username = \"my.very.long.username.with.more.characters@kondukto.io\";\nconst password1 = \"randomStrongPassword\";\nconst validInput = userid + username + password1;\n\nconst password2 = \"AAAAAAAAAAAAAAAAAAA\";\nconst bypassInput = userid + username + password2;\n\nbcrypt.genSalt(10, function(err, salt) {\n    bcrypt.hash(validInput, salt, function(err, hash) {\n        console.log(hash);\n    });\n    bcrypt.hash(bypassInput, salt, function(err, hash) {\n        console.log(hash);\n    });\n});\n```\n\n## 3. Our Implementation\n\nOur approach addresses these issues through an opinionated design that strictly enforces bcrypt's requirements. Key improvements include:\n\n- **Strict Input Validation:** The UTF‑8 encoding of the password, plus a trailing null terminator, must not exceed 72 bytes. Exceeding this limit triggers an error rather than silent truncation.\n- **Specification Adherence:** Implements bcrypt version 2b exactly as specified in the original paper, including mandatory keying rules.\n- **Compatibility:** Fully compatible with the C implementation of bcrypt, providing a drop-in replacement for legacy libraries.\n- **Modern Architecture:** Developed in TypeScript and uses the standard Web Cryptography API, some type magic to prevent mistakes, and supports  all Javascript runtimes.\n\nThe implementation follows the bcrypt algorithm as described in the [original paper][^3]. The process includes an enhanced key schedule, repeated key mixing for 2^cost rounds, and encryption of a canonical initialization vector 64 times to produce a 24-byte output (of which 23 bytes are used).\n\n## 4. Usage Guide\n\n### Installation\n\n```bash\nnpm install @uswriting/bcrypt\n```\n\nThe package includes both ESM and CommonJS builds, allowing for compatibility with older versions of Node.js:\n\n```javascript\n// ESM import\nimport { hash, compare } from '@uswriting/bcrypt';\n\n// CommonJS require\nconst { hash, compare } = require('@uswriting/bcrypt');\n```\n\n### Basic Usage\n\n```typescript\nimport { hash, compare } from '@uswriting/bcrypt';\n\nconst costFactor = 10;\nconst password = \"mySecretPassword\";\n\ntry {\n  // Hash the password\n  const hashedPassword = hash(password, costFactor);\n  console.log(\"Hashed Password:\", hashedPassword);\n\n  // Verify the password against the hash\n  const isValid = compare(password, hashedPassword);\n  console.log(\"Password verification:\", isValid);\n} catch (err) {\n  console.error(\"Error:\", err);\n}\n```\n\n### Handling Oversized Passwords\n\n```typescript\nimport { hash, CryptoAssertError } from '@uswriting/bcrypt';\n\nconst longInput = \"a\".repeat(74); // Exceeds 71 bytes before null termination\n\ntry {\n  const hashed = hash(longInput, 10);\n  console.log(hashed);\n} catch (err) {\n  if (err instanceof CryptoAssertError) {\n    console.error(\"Input validation error:\", err.message);\n  }\n}\n```\n\n## 5. API Reference\n\n### Core Functions\n\n| Function | Description |\n|----------|-------------|\n| `hash(password: string, cost: VALID_COST): string` | Hashes the provided password using bcrypt. Enforces that the UTF‑8 encoding (plus a null terminator) does not exceed 72 bytes. |\n| `compare(password: string, hash: string): boolean` | Verifies whether the provided password corresponds to the given bcrypt hash, using a constant‑time comparison to mitigate timing attacks. |\n| `cryptRaw(rounds: number, salt: Uint8Array, password: Uint8Array): Uint8Array` | Computes the raw 24‑byte bcrypt hash using the Blowfish cipher; per the specification, only 23 bytes of the output are used. |\n\n### Supporting Classes\n\n- **BlowfishEngine:** Implements the core Blowfish cipher routines—including the F‑function, block encryption (Feistel network), and key expansion—according to the original specification.\n- **CryptoAssertError:** A custom error type thrown when critical invariants (e.g., password length) are violated.\n\n---\n\n## License\n\nMIT License - Free to use, modify, and distribute.\n\nUnited States Writing Corporation  \n2025-02-04\n\n---\n\n[^1]: https://n0rdy.foo/posts/20250121/okta-bcrypt-lessons-for-better-apis/\n[^2]: https://kondukto.io/blog/okta-vulnerability-bcrypt-auth\n[^3]: https://www.openbsd.org/papers/bcrypt-paper.pdf\n","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F6over3%2Fbcrypt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F6over3%2Fbcrypt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F6over3%2Fbcrypt/lists"}