EVP\_BytesToKey

![NPM Package](https://www.npmjs.org/package/evp_bytestokey)
![Build Status](https://travis-ci.org/crypto-browserify/EVP_BytesToKey)
![Dependency status](https://david-dm.org/crypto-browserify/EVP_BytesToKey#info=dependencies)

![js-standard-style](https://github.com/feross/standard)

The insecure [key derivation algorithm from OpenSSL.][1]

WARNING: DO NOT USE, except for compatibility reasons.

MD5 is insecure.

Use at least scrypt or pbkdf2-hmac-sha256 instead.

API

EVP_BytesToKey(password, salt, keyLen, ivLen)

* password - Buffer, password used to derive the key data.
* salt - 8 byte Buffer or null, salt is used as a salt in the derivation.
* keyBits - number, key length in bits.
* ivLen - number, iv length in bytes.

Returns: { key: Buffer, iv: Buffer }

Examples

MD5 with aes-256-cbc:

``js const crypto = require('crypto') const EVP_BytesToKey = require('evp_bytestokey')

const result = EVP_BytesToKey( 'my-secret-password', null, 32, 16 ) // => // { key: , // iv: }

const cipher = crypto.createCipheriv('aes-256-cbc', result.key, result.iv)``

LICENSE MIT

[1]: https://wiki.openssl.org/index.php/Manual:EVP_BytesToKey(3)
[2]: https://nodejs.org/api/crypto.html#crypto_class_hash