v0.1.0

Copyright 2013 Nic Jansma

http://nicj.net

Licensed under the MIT license

saltthepass.js is the algorithm that generates salted passwords for SaltThePass.com.

saltthepass.js can be used to build your own app, website or program to generate the same salted password as saltthepass.com does.

Releases are available for download from GitHub.

Development: saltthepass.js - 6,861b

Production (without CryptoJS): saltthepass.min.js - 650b (minified / gzipped)

Production (with CryptoJS built-in): saltthepass.withcryptojs.min.js - 7,658b (minified / gzipped)

saltthepass.js is also available as the npm saltthepass module. You can install using Node Package Manager (npm):

npm install saltthepass

Please see SaltThePass.com for a description of how/why you would use salted passwords.

saltthepass.js depends on the CryptoJS library. SaltThePass is tested to work with CryptoJS v3.1.2, which is included in the deps/crypto-js folder. You will need to load the following CryptoJS modules in this order prior to loading saltthepass.js:

• crypto-js/core
• crypto-js/x64-core
• crypto-js/sha1
• crypto-js/sha512
• crypto-js/sha3
• crypto-js/md5
• crypto-js/ripemd160
• crypto-js/enc-base64

To use un-minified versions of saltthepass.js in the browser, you need to load the files in this order:

<script type="text/javascript" src="deps/crypto-js/core.js"></script>
<script type="text/javascript" src="deps/crypto-js/x64-core.js"></script>
<script type="text/javascript" src="deps/crypto-js/sha1.js"></script>
<script type="text/javascript" src="deps/crypto-js/sha512.js"></script>
<script type="text/javascript" src="deps/crypto-js/sha3.js"></script>
<script type="text/javascript" src="deps/crypto-js/md5.js"></script>
<script type="text/javascript" src="deps/crypto-js/ripemd160.js"></script>
<script type="text/javascript" src="deps/crypto-js/enc-base64.js"></script>
<script type="text/javascript" src="src/saltthepass.js"></script>

There are two minified versions of saltthepass.js provided in the dist/ folder:

• saltthepass.min.js - Does not include CryptoJS
• saltthepass.withcryptojs.min.js - Include CryptoJS

If your site already has the required CryptoJS modules loaded, you can use saltthepass.min.js.

If you are not already using CryptoJS and do not need to add additional CryptoJS modules, you can use saltthepass.withcryptojs.min.js.

To use saltthepass.js in NodeJS, you just need to install:

npm install saltthepass

Then require() it:

var saltthepass = require('saltthepass');
var saltedPassword = saltthepass.saltthepass('md5', 'mypassword', 'mydomain', 'myphrase');

First, load saltthepass.js in the browser:

<script type="text/javascript" src="dist/saltthepass.withcryptojs.min.js"></script>

or in Node:

var saltthepass = require('saltthepass');

Next, you can get a list of available hashes:

var hashes = saltthepass.getHashes();

This will be a list of strings, such as md5, sha3, etc. You can get additional data about the hashes via saltthepass.getHashFn() and saltthepass.getHashLength().

To generate a salted password, you simply call saltthepass.saltthepass() with the master password, domain name and (optional) domain phrase:

var saltedPassword = saltthepass.saltthepass('md5', 'mypassword', 'domain.com', 'domain phrase');

Gets the CryptoJS hash function for a specific hash.

Arguments

• hashName - Name of the hash, eg md5

Returns

Hashing function.

saltthepass.js tests are provided in the test/ directory, and can be run via nodeunit:

nodeunit test/test.js

Or via grunt:

grunt test

The tests can also be run in a web browser:

test/test.html

• v0.0.1 - 2013-05-22: Initial version