Overview
The node provides universal cryptographic operations including encryption, decryption, hashing, HMAC generation, base64 and hex encoding/decoding, and key derivation. Specifically for the Key Derivation operation, it derives cryptographic keys from input data (usually a password or passphrase) using either PBKDF2 or Scrypt algorithms.
This node is useful when you need to generate strong cryptographic keys from passwords or other secret inputs for use in encryption, authentication, or other security-related tasks. For example, you can derive a key from a user password to encrypt sensitive data securely or generate keys for API authentication tokens.
Properties
| Name | Meaning |
|---|---|
| Key Derivation Method | The algorithm used to derive the key. Options: PBKDF2, Scrypt. |
| Key | The password or key material used as input for key derivation. |
| Input Data | The data to process (in this case, the password or secret string). |
| Salt | Optional salt value in hexadecimal format. If empty, a random salt is generated automatically. |
| Iterations | Number of iterations for PBKDF2 key derivation (ignored if using Scrypt). Default is 100000. |
| Key Length | Desired length of the derived key in bytes. |
| Output Format | Format of the output derived key. Options: Base64, Hex, UTF-8 String, JSON (Auto-Parse). |
Output
The output JSON contains the following fields:
operation: The name of the performed operation (keyDerivation).result: The derived key encoded in the selected output format (e.g., Base64, Hex).success: Boolean indicating whether the operation succeeded.inputLength: Length of the input data string processed.
The derived key is returned as a string in the specified output format. There is no binary output for this operation.
Dependencies
- Uses Node.js built-in
cryptomodule for cryptographic functions. - No external services or APIs are required.
- Requires proper configuration of the node parameters such as key, salt, iterations, and key length.
Troubleshooting
Common Issues:
- Providing an invalid salt string that is not valid hexadecimal will cause errors.
- Using unsupported key derivation methods will throw an error.
- Setting an excessively high iteration count may cause performance issues or timeouts.
- Incorrect key length values might lead to unexpected results or errors.
Error Messages:
"Unknown key derivation method: ...": Means the selected method is not supported; choose either PBKDF2 or Scrypt."Key derivation failed: ...": General failure during key derivation, often due to invalid input parameters like salt format or key length.
Resolution Tips:
- Ensure salt is a valid hex string or leave empty to auto-generate.
- Use reasonable iteration counts (e.g., 100,000) for PBKDF2.
- Verify key length matches expected sizes for your cryptographic use case.
- Confirm the input key/password is provided and non-empty.