convert dot net encryption function in node js

Question

I have the code in dotnet of a function that compare clear password and the hash one. I am migrating this website site in node.js, but I am blocked on this part. I want to compare the password they enter at login with the hash from dotnet code. So I have to write the function in node.js.

I share some part of .net encryption code here

So array of byte is the same as the .net function but the encryption don't give me the same result :/ It's my headache since 1 day and a half.

Thx

When saving a password verifier just using a hash function is not sufficient and just adding a salt does little to improve the security. Instead iterate over an HMAC with a random salt for about a 100ms duration and save the salt with the hash. Better yet use a function such as `PBKDF2`, `Rfc2898DeriveBytes`, `Argon2`, `password_hash`, `Bcrypt` or similar functions. The point is to make the attacker spend substantial of time finding passwords by brute force. — zaph, Jun 01 '18 at 20:20

score -2 · Answer 1 · answered Jun 01 '18 at 18:25

-2

try using bcrypt npm for salt hashing the passwords or you can use other hashing algorithms like MD5 etc. https://www.npmjs.com/package/bcrypt

answered Jun 01 '18 at 18:25

xfankit

36
3

**DO NOT** use MD5, it is not secure for password verification. – zaph Jun 01 '18 at 20:20
Hint: you can delete the answer. – zaph Jun 02 '18 at 04:59

convert dot net encryption function in node js

1 Answers1