Hash the salt? #30
Description
Thanks for your works on this!
I want to leave up the password and salt(could be username, email, phone, ...) for the user and save the key and the key of the salt like below is it a good practice?
const N = 65536, r = 8, p = 1;
const dkLen = 32;
function hash(password, salty) {
const passwordBuffer = new buffer.SlowBuffer(password.normalize('NFKC'));
const saltBuffer = new buffer.SlowBuffer(salty.normalize('NFKC'));
const saltKey = scrypt.syncScrypt(saltBuffer, saltBuffer, N, r, p, dkLen);
const key = scrypt.syncScrypt(passwordBuffer, saltKey, N, r, p, dkLen);
const hexKey = Buffer.from(key).toString('hex');
const hexSalt = Buffer.from(saltKey).toString('hex');
return hexKey+":"+hexSalt;
}