🚀 Socket Launch Week 🚀 Day 5: Introducing Socket Fix.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@originjs/crypto-js-wasm

Package Overview
Dependencies
Maintainers
5
Versions
8
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@originjs/crypto-js-wasm

An alternate to crypto-js implemented with WebAssembly and ESM

1.0.0-beta0
Source
npm
Version published
Weekly downloads
98
-14.78%
Maintainers
5
Weekly downloads
 
Created
Source

@originjs/crypto-js-wasm

English | 中文

crypto-js-wasm is a javascript library of crypto standards. Inspired by crypto-js, but now powered by WebAssembly.

  • Safe: The process of encryption is fully enclosed and invisible thanks to WebAssembly
  • Efficient: Up to 16x faster than crypto-js (see Benchmark)
  • Compatible: Has the same API with crypto-js
  • Browser & Nodejs: Support both browser and nodejs
  • Versatile: 15+ crypto standards supported, including MD5, SHA-x, AES, RC4, etc
  • ESM: Crypto standards can be imported as ES modules

Getting started

npm install @originjs/crypto-js-wasm

or

pnpm install @originjs/crypto-js-wasm

or

yarn add @originjs/crypto-js-wasm

Usage

Note that the async function loadWasm() should be called once (and once only!) for each algorithm that will be used, unless loadAllWasm() is called at the very beginning.

import CryptoJSW from 'crypto-js-wasm';

// (Optional) load all wasm files
await CryptoJSW.loadAllWasm();

// Async/Await syntax
await CryptoJSW.MD5.loadWasm();
const rstMD5 = CryptoJSW.MD5('message').toString();
console.log(rstMD5);

// Promise syntax
CryptoJSW.SHA256.loadWasm().then(() => {
    const rstSHA256 = CryptoJSW.SHA256('message').toString();
    console.log(rstSHA256);
})

Available standards

  • MD5 / HmacMD5
  • SHA1 / HmacSHA1
  • SHA224 / HmacSHA224
  • SHA256 / HmacSHA256
  • SHA384 / HmacSHA384
  • SHA512 / HmacSHA512
  • SHA3 / HmacSHA3
  • RIPEMD160 / HmacRIPEMD160
  • PBKDF2
  • EvpKDF

  • AES
  • Blowfish
  • DES
  • TripleDES
  • Rabbit
  • RabbitLegacy
  • RC4
  • RC4Drop

Coming next

  • RSA

Benchmark

The benchmark below is run on a desktop PC (i5-4590, 16 GB RAM, Windows 10 Version 21H2 (OSBuild 19044, 1466)).

Chrome 102.0.5005.63:

benchmark_chrome

Firefox 101.0:

benchmark_firefox

Nodejs v16.6.4:

nodejs

Development

# install dependencies
pnpm install

# build for production
pnpm run build

# run all tests
pnpm run test

# run all tests with coverage
pnpm run coverage

Why do we need a async loadWasm call?

This is because the WebAssembly binary needs to be load by WebAssembly.instantiate, and it is async.

The async WebAssembly.instantiate is recommended instead of its sync variant WebAssembly.instance, and in many cases the WebAssembly.instance can not load WebAssembly binary whose size is not small enough.

Why do we store wasm binaries in base64-encoded chars?

This is because crypto-js-wasm may be used in browser or nodejs. This is relative elegant implementation comparing with wasm loader in browser(powered by webpack, vite or something else) or fs in nodejs.

License

Distributed under the Mulan Permissive Software License

Keywords

security
crypto
WebAssembly
WASM
Hash
MD5

FAQs

Package last updated on 15 Jun 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Socket Fix for Safe, Automated Dependency Upgrades

Product

Introducing Socket Fix for Safe, Automated Dependency Upgrades

Automatically fix and test dependency updates with socket fix—a new CLI tool that turns CVE alerts into safe, automated upgrades.

By John-David Dalton  -  Apr 25, 2025