You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 7-8.RSVP
Sign inDemoInstall


Package Overview
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies



Pure-JS CRC-32

Version published

Package description

What is crc-32?

The crc-32 npm package is a JavaScript library for calculating CRC32 checksums. CRC32 is a checksum algorithm that generates a 32-bit hash of data, which can be used to verify the integrity of data during transmission or storage. This package provides functions to compute CRC32 checksums for strings and byte arrays.

What are crc-32's main functionalities?

CRC32 checksum from a string

This feature allows you to compute the CRC32 checksum of a given string. The 'crc32.str' function takes a string as input and returns the checksum as a signed 32-bit integer.

"use strict";
var crc32 = require('crc-32');
var str = 'Hello World';
var checksum = crc32.str(str);
console.log('Checksum for string:', checksum);

CRC32 checksum from a byte array

This feature allows you to compute the CRC32 checksum of a byte array. The 'crc32.buf' function takes a byte array (Uint8Array) as input and returns the checksum as a signed 32-bit integer.

"use strict";
var crc32 = require('crc-32');
var buf = new Uint8Array([72, 101, 108, 108, 111, 32, 87, 111, 114, 108, 100]);
var checksum = crc32.buf(buf);
console.log('Checksum for byte array:', checksum);

Other packages similar to crc-32




Standard CRC-32 algorithm implementation in JS (for the browser and nodejs). Emphasis on correctness, performance, and IE6+ support.


With npm:

$ npm install crc-32

When installed globally, npm installs a script crc32 that computes the checksum for a specified file or standard input.

CDN Availability (click to show)


Using NodeJS or a bundler:

var CRC32 = require("crc-32");

In the browser, the crc32.js script can be loaded directly:

<script src="crc32.js"></script>

The browser script exposes a variable CRC32.

The script will manipulate module.exports if available . This is not always desirable. To prevent the behavior, define DO_NOT_EXPORT_CRC.

CRC32C (Castagnoli)

The module and CDNs also include a parallel script for CRC32C calculations.

Using NodeJS or a bundler:

var CRC32C = require("crc-32/crc32c");

In the browser, the crc32c.js script can be loaded directly:

<script src="crc32c.js"></script>

The browser exposes a variable CRC32C.

The script will manipulate module.exports if available . This is not always desirable. To prevent the behavior, define DO_NOT_EXPORT_CRC.


In all cases, the relevant function takes an argument representing data and an optional second argument representing the starting "seed" (for rolling CRC).

The return value is a signed 32-bit integer.

  • CRC32.buf(byte array or buffer[, seed]) assumes the argument is a sequence of 8-bit unsigned integers (nodejs Buffer, Uint8Array or array of bytes).

  • CRC32.bstr(binary string[, seed]) assumes the argument is a binary string where byte i is the low byte of the UCS-2 char: str.charCodeAt(i) & 0xFF

  • CRC32.str(string[, seed]) assumes the argument is a standard JS string and calculates the hash of the UTF-8 encoding.

For example:

// var CRC32 = require('crc-32');               // uncomment this line if in node
CRC32.str("SheetJS")                            // -1647298270
CRC32.bstr("SheetJS")                           // -1647298270
CRC32.buf([ 83, 104, 101, 101, 116, 74, 83 ])   // -1647298270

crc32 = CRC32.buf([83, 104])                    // -1826163454  "Sh"
crc32 = CRC32.str("eet", crc32)                 //  1191034598  "Sheet"
CRC32.bstr("JS", crc32)                         // -1647298270  "SheetJS"

[CRC32.str("\u2603"),  CRC32.str("\u0003")]     // [ -1743909036,  1259060791 ]
[CRC32.bstr("\u2603"), CRC32.bstr("\u0003")]    // [  1259060791,  1259060791 ]
[CRC32.buf([0x2603]),  CRC32.buf([0x0003])]     // [  1259060791,  1259060791 ]

// var CRC32C = require('crc-32/crc32c');       // uncomment this line if in node
CRC32C.str("SheetJS")                           // -284764294
CRC32C.bstr("SheetJS")                          // -284764294
CRC32C.buf([ 83, 104, 101, 101, 116, 74, 83 ])  // -284764294

crc32c = CRC32C.buf([83, 104])                  // -297065629   "Sh"
crc32c = CRC32C.str("eet", crc32c)              //  1241364256  "Sheet"
CRC32C.bstr("JS", crc32c)                       // -284764294   "SheetJS"

[CRC32C.str("\u2603"),  CRC32C.str("\u0003")]   // [  1253703093,  1093509285 ]
[CRC32C.bstr("\u2603"), CRC32C.bstr("\u0003")]  // [  1093509285,  1093509285 ]
[CRC32C.buf([0x2603]),  CRC32C.buf([0x0003])]   // [  1093509285,  1093509285 ]

Best Practices

Even though the initial seed is optional, for performance reasons it is highly recommended to explicitly pass the default seed 0.

In NodeJS with the native Buffer implementation, it is oftentimes faster to convert binary strings with Buffer.from(bstr, "binary") first:

/* Frequently slower in NodeJS */
crc32 = CRC32.bstr(bstr, 0);
/* Frequently faster in NodeJS */
crc32 = CRC32.buf(Buffer.from(bstr, "binary"), 0);

This does not apply to browser Buffer shims, and thus is not implemented in the library directly.


make test will run the nodejs-based test.

To run the in-browser tests, run a local server and go to the ctest directory. make ctestserv will start a python SimpleHTTPServer server on port 8000.

To update the browser artifacts, run make ctest.

To generate the bits file, use the crc32 function from python zlib:

>>> from zlib import crc32
>>> x="foo bar baz٪☃🍣"
>>> crc32(x)
>>> crc32(x+x)
>>> crc32(x+x+x)

The included crc32.njs script can process files or standard input:

$ echo "this is a test" > t.txt
$ bin/crc32.njs t.txt

For comparison, the included script uses python zlib:

$ bin/ t.txt

On OSX the command cksum generates unsigned CRC-32 with Algorithm 3:

$ cksum -o 3 <
1891069052 4161613172
$ crc32 --unsigned ~/Downloads/


make perf will run algorithmic performance tests (which should justify certain decisions in the code).

The adler-32 project has more performance notes


Please consult the attached LICENSE file for details. All rights not explicitly granted by the Apache 2.0 license are reserved by the Original Author.


Sauce Test Status

Build Status Coverage Status Dependencies Status NPM Downloads Analytics



Package last updated on 04 Apr 2022

Did you know?


Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.


Related posts

SocketSocket SOC 2 Logo


  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog


Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc