The salt with 31 rounds is insecure. The bitwise shift here: https://github.com/dcodeIO/bcrypt.js/blob/d5d46150e9da7d15d3f70fd97649e923d95013af/src/bcrypt/impl.js#L409 Will result in -2147483648 not 2147483648. So this: https://github.com/dcodeIO/bcrypt.js/blob/d5d46150e9da7d15d3f70fd97649e923d95013af/src/bcrypt/impl.js will never run. Pull request https://github.com/dcodeIO/bcrypt.js/pull/24
The salt with 31 rounds is insecure. The bitwise shift here:
bcrypt.js/src/bcrypt/impl.js
Line 409 in d5d4615
Will result in -2147483648 not 2147483648. So this:
https://github.com/dcodeIO/bcrypt.js/blob/d5d46150e9da7d15d3f70fd97649e923d95013af/src/bcrypt/impl.js
will never run.
Pull request #24