Closed dlongley closed 8 years ago
The code currently identifies the password-based key derivation method as "PKCS5" (see: https://github.com/digitalbazaar/loginhub/blob/bf2e0d0545df632a5205ca623e324d19010f3c7e/components/main.js#L79).
PKCS#5, however, describes multiple pbkd functions, so this is unclear. We should be using PBKDF2, which refers to the specific function we use and is also the algorithm identifier used by the WebCrypto API: http://www.w3.org/TR/WebCryptoAPI/#pbkdf2
PBKDF2
The code currently identifies the password-based key derivation method as "PKCS5" (see: https://github.com/digitalbazaar/loginhub/blob/bf2e0d0545df632a5205ca623e324d19010f3c7e/components/main.js#L79).
PKCS#5, however, describes multiple pbkd functions, so this is unclear. We should be using
PBKDF2, which refers to the specific function we use and is also the algorithm identifier used by the WebCrypto API: http://www.w3.org/TR/WebCryptoAPI/#pbkdf2