Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 | 1x 1x 22x 22x 21x 1x | /** * @file MFKDF Policy Setup * @copyright Multifactor 2022 All Rights Reserved * * @description * Setup MFKDF key derivation policy * * @author Vivek Nair (https://nair.me) <[email protected]> */ const setupKey = require('../setup/key').key const validate = require('./validate').validate /** * Validate and setup a policy-based multi-factor derived key * * @example * // setup key that can be derived from passwordA AND (passwordB OR passwordC) * const setup = await mfkdf.policy.setup( * await mfkdf.policy.and( * await mfkdf.setup.factors.password('passwordA', { id: 'passwordA' }), * await mfkdf.policy.or( * await mfkdf.setup.factors.password('passwordB', { id: 'passwordB' }), * await mfkdf.setup.factors.password('passwordC', { id: 'passwordC' }) * ) * ), { size: 8 } * ) * * // derive key with passwordA and passwordC (or passwordA and passwordB) * const derive = await mfkdf.policy.derive(setup.policy, { * passwordA: mfkdf.derive.factors.password('passwordA'), * passwordC: mfkdf.derive.factors.password('passwordC'), * }) * * setup.key.toString('hex') // -> e16a227944a65263 * derive.key.toString('hex') // -> e16a227944a65263 * * @param {MFKDFFactor} factor - Base factor used to derive this key * @param {Object} [options] - Configuration options * @param {string} [options.id] - Unique identifier for this key; random UUIDv4 generated by default * @param {number} [options.size=32] - Size of derived key, in bytes * @param {number} [options.threshold] - Number of factors required to derive key; factors.length by default (all required) * @param {Buffer} [options.salt] - Cryptographic salt; generated via secure PRG by default (recommended) * @param {string} [options.kdf='argon2id'] - KDF algorithm to use; pbkdf2, bcrypt, scrypt, argon2i, argon2d, or argon2id * @param {number} [options.pbkdf2rounds=310000] - Number of rounds to use if using pbkdf2 * @param {string} [options.pbkdf2digest='sha256'] - Hash function to use if using pbkdf2; sha1, sha256, sha384, or sha512 * @param {number} [options.bcryptrounds=10] - Number of rounds to use if using bcrypt * @param {number} [options.scryptcost=16384] - Iterations count (N) to use if using scrypt * @param {number} [options.scryptblocksize=8] - Block size (r) to use if using scrypt * @param {number} [options.scryptparallelism=1] - Parallelism factor (p) to use if using scrypt * @param {number} [options.argon2time=2] - Iterations to use if using argon2 * @param {number} [options.argon2mem=24576] - Memory to use if using argon2 * @param {number} [options.argon2parallelism=1] - Parallelism to use if using argon2 * @returns {MFKDFDerivedKey} A multi-factor derived key object * @author Vivek Nair (https://nair.me) <[email protected]> * @since 0.16.0 * @memberOf policy */ async function setup (factor, options) { const key = await setupKey([factor], options) if (!validate(key.policy)) throw new RangeError('policy contains duplicate ids') return key } module.exports.setup = setup |