hash-stream-validation
Advanced tools
The hash-stream-validation npm package is used to validate the integrity of data streams by computing and comparing hash values. It is particularly useful for ensuring data integrity during transmission or storage.
Hash Validation
This feature allows you to validate the hash of a data stream against an expected hash value. In this example, a file stream is created and its hash is validated using the SHA-256 algorithm.
const hashStreamValidation = require('hash-stream-validation');
const fs = require('fs');
const fileStream = fs.createReadStream('path/to/file');
const expectedHash = 'expectedHashValue';
hashStreamValidation.validateStream(fileStream, expectedHash, 'sha256')
.then(() => console.log('Hash is valid'))
.catch(err => console.error('Hash validation failed', err));Generate Hash
This feature allows you to generate a hash for a given data stream. In this example, a file stream is created and its hash is generated using the SHA-256 algorithm.
const hashStreamValidation = require('hash-stream-validation');
const fs = require('fs');
const fileStream = fs.createReadStream('path/to/file');
hashStreamValidation.generateHash(fileStream, 'sha256')
.then(hash => console.log('Generated hash:', hash))
.catch(err => console.error('Hash generation failed', err));The built-in Node.js 'crypto' module provides cryptographic functionality that includes a set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify functions. It is more versatile but also more complex to use compared to hash-stream-validation.
The stream-hash package is used to calculate the hash of a stream. It is similar to hash-stream-validation but focuses solely on hash generation rather than validation.
The hasha package is a versatile hashing library that supports multiple hash algorithms and can hash strings, buffers, and streams. It offers more flexibility but does not provide built-in validation like hash-stream-validation.
Hash a stream of data, then validate
$ npm install --save hash-stream-validation
var hashStreamValidation = require('hash-stream-validation');
var validateStream = hashStreamValidation();
fs.createReadStream(filePath)
.pipe(validateStream)
.on('data', function() { /*... */ })
.on('end', function() {
validateStream.test('md5', /*checksum*/);
});
If the speeds are too slow for your use, this module will try to require fast-crc32c. We chose not to make it an optionalDependency because npm's scary warning output confuses users into thinking their hard drive was just erased.
$ npm install --save fast-crc32c
After a successful upload to a Google Cloud Storage bucket, the API will respond with the hash of data it has received. During our upload, we can run the data through this module, then confirm after the upload if we both arrived at the same results. If not, we know something went wrong during the transmission.
BooleantrueEnable crc32c hashing via sse4_crc32.*
BooleantrueEnable MD5 hashing.
StringThe alogrithm to test the sum against ('crc32c' or 'md5').
StringThe base64-encoded sum to validate.
FAQs
Hash a stream of data, then validate
The npm package hash-stream-validation receives a total of 524,340 weekly downloads. As such, hash-stream-validation popularity was classified as popular.
We found that hash-stream-validation demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.