MCPcopy
hub / github.com/mongodb/node-mongodb-native / passwordDigest

Function passwordDigest

src/cmap/auth/scram.ts:217–256  ·  view source on GitHub ↗
(username: string, password: string)

Source from the content-addressed store, hash-verified

215}
216
217function passwordDigest(username: string, password: string) {
218 if (typeof username !== 'string') {
219 throw new MongoInvalidArgumentError('Username must be a string');
220 }
221
222 if (typeof password !== 'string') {
223 throw new MongoInvalidArgumentError('Password must be a string');
224 }
225
226 if (password.length === 0) {
227 throw new MongoInvalidArgumentError('Password cannot be empty');
228 }
229
230 let nodeCrypto;
231 try {
232 // TODO: NODE-7424 - remove dependency on 'crypto' for SCRAM-SHA-1 authentication
233 // eslint-disable-next-line @typescript-eslint/no-require-imports
234 nodeCrypto = require('crypto');
235 } catch (e) {
236 throw new MongoRuntimeError(
237 'Node.js crypto module is required for SCRAM-SHA-1 authentication',
238 {
239 cause: e
240 }
241 );
242 }
243
244 try {
245 const md5 = nodeCrypto.createHash('md5');
246 md5.update(`${username}:mongo:${password}`, 'utf8');
247 return md5.digest('hex');
248 } catch (err) {
249 if (nodeCrypto.getFips()) {
250 // This error is (slightly) more helpful than what comes from OpenSSL directly, e.g.
251 // 'Error: error:060800C8:digital envelope routines:EVP_DigestInit_ex:disabled for FIPS'
252 throw new Error('Auth mechanism SCRAM-SHA-1 is not supported in FIPS mode');
253 }
254 throw err;
255 }
256}
257
258// XOR two buffers
259function xor(a: Uint8Array, b: Uint8Array) {

Callers 1

Calls 1

updateMethod · 0.45

Tested by

no test coverage detected