Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
By Sarah Gooding - May 09, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
@stablelib/hmac
Advanced tools
What is @stablelib/hmac?
@stablelib/hmac is a JavaScript library that provides HMAC (Hash-based Message Authentication Code) functionality. It is part of the StableLib collection of cryptographic libraries, which are designed to be secure, efficient, and easy to use.
What are @stablelib/hmac's main functionalities?
HMAC Generation
This feature allows you to generate an HMAC using a specified hash function (in this case, SHA-256) and a key. The code sample demonstrates how to create an HMAC instance, update it with a message, and then generate the HMAC digest.
const { HMAC } = require('@stablelib/hmac');
const { SHA256 } = require('@stablelib/sha256');
const key = new Uint8Array([1, 2, 3, 4, 5]);
const message = new Uint8Array([6, 7, 8, 9, 10]);
const hmac = new HMAC(SHA256, key);
const mac = hmac.update(message).digest();
console.log(mac);HMAC Verification
This feature allows you to verify an HMAC against an expected value. The code sample demonstrates how to create an HMAC instance, generate the HMAC digest, and then verify it against an expected MAC value.
const { HMAC } = require('@stablelib/hmac');
const { SHA256 } = require('@stablelib/sha256');
const key = new Uint8Array([1, 2, 3, 4, 5]);
const message = new Uint8Array([6, 7, 8, 9, 10]);
const expectedMac = new Uint8Array([/* expected MAC bytes */]);
const hmac = new HMAC(SHA256, key);
const mac = hmac.update(message).digest();
const isValid = HMAC.verify(SHA256, key, message, expectedMac);
console.log(isValid);Other packages similar to @stablelib/hmac
crypto-js
crypto-js is a widely-used library that provides a variety of cryptographic algorithms, including HMAC. It is known for its ease of use and comprehensive documentation. Compared to @stablelib/hmac, crypto-js offers a broader range of cryptographic functions but may not be as optimized for performance and security.
jshashes
jshashes is a lightweight library that provides various hash functions and HMAC implementations. It is designed to be simple and easy to integrate into projects. While it offers similar HMAC functionality to @stablelib/hmac, it may not have the same level of security and performance optimizations.
tweetnacl
tweetnacl is a cryptographic library that provides high-level cryptographic functions, including HMAC. It is known for its small size and high performance. Compared to @stablelib/hmac, tweetnacl focuses on providing a minimalistic and highly secure set of cryptographic primitives.
The README file is missing
FAQs
Hash-based message authentication code (HMAC)
The npm package @stablelib/hmac receives a total of 201,410 weekly downloads. As such, @stablelib/hmac popularity was classified as popular.
We found that @stablelib/hmac demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 03 Jan 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025