jsSHA implements the complete Secure Hash Standard (SHA) family (SHA-1, SHA-224/256/384/512, SHA3-224/256/384/512, SHAKE128/256, cSHAKE128/256, and KMAC128/256) with HMAC
jsSHA is a JavaScript library that provides various cryptographic hash functions and HMAC (Hash-based Message Authentication Code) functionalities. It supports a wide range of hash algorithms including SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512, and SHAKE128/256.
Hashing
This feature allows you to create a hash of a given input text using various algorithms. In this example, SHA-256 is used to hash the input text 'This is my input text' and the result is output in hexadecimal format.
const jsSHA = require('jssha');
const shaObj = new jsSHA('SHA-256', 'TEXT');
shaObj.update('This is my input text');
const hash = shaObj.getHash('HEX');
console.log(hash);HMAC
This feature allows you to create an HMAC using a specified key and input text. In this example, SHA-256 is used to create an HMAC for the input text 'This is my input text' with the key 'my-secret-key', and the result is output in hexadecimal format.
const jsSHA = require('jssha');
const shaObj = new jsSHA('SHA-256', 'TEXT');
shaObj.setHMACKey('my-secret-key', 'TEXT');
shaObj.update('This is my input text');
const hmac = shaObj.getHMAC('HEX');
console.log(hmac);SHAKE
This feature allows you to use the SHAKE (Secure Hash Algorithm Keccak) function, which is a variable-length hash function. In this example, SHAKE128 is used with an output length of 256 bits to hash the input text 'This is my input text', and the result is output in hexadecimal format.
const jsSHA = require('jssha');
const shaObj = new jsSHA('SHAKE128', 'TEXT', {shakeLen: 256});
shaObj.update('This is my input text');
const shake = shaObj.getHash('HEX');
console.log(shake);crypto-js is a widely-used library that provides a variety of cryptographic algorithms including MD5, SHA-1, SHA-256, and more. It is similar to jsSHA in terms of hashing capabilities but also includes additional features like encryption and decryption using AES, DES, and other algorithms.
hash.js is a library that provides a simple and efficient way to compute hash digests using various algorithms like SHA-1, SHA-256, SHA-512, and more. It is similar to jsSHA but focuses solely on hashing without HMAC or other cryptographic functionalities.
node-forge is a comprehensive library that provides a wide range of cryptographic functionalities including hashing, HMAC, encryption, and digital signatures. It is more feature-rich compared to jsSHA, offering additional capabilities like PKI (Public Key Infrastructure) and TLS (Transport Layer Security) support.
A pure TypeScript/JavaScript streaming implementation of the complete Secure Hash Standard (SHA) family (SHA-1, SHA-224/256/384/512, SHA3-224/256/384/512, SHAKE128/256, cSHAKE128/256, and KMAC128/256) with HMAC.
More complete documentation can be found on the jsSHA Wiki but below are common use-cases.
Include the desired JavaScript file (sha.js, sha1.js, sha256.js, sha512.js, or sha3.js) in your header:
<script type="text/javascript" src="/path/to/sha.js"></script>
jsSHA is available through NPM and be installed by simply doing
npm install jssha
To use the module, first require it using:
const jsSHA = require("jssha");
/* The limited variant files are also exported (sha1, sha256, sha512, and sha3)
* using conditional subpath exports in Node.js v13+ or using --experimental-modules
* in v12 */
const jsSHA1 = require("jssha/sha1");
/* For Node.js versions that don't support subpath exports, you can do the
* following instead: */
const jsSHA1 = require("jssha/dist/sha1");
/* Alternatively, you can load it as an ESM (Node.js v13+ or using
* --experimental-modules in v12) */
import jsSHA from "jssha";
Instantiate a new jsSHA object with the desired hash variant, input format,
and options as parameters. The hash variant can be one of SHA-1, SHA-224,
SHA3-224, SHA-256, SHA3-256, SHA-384, SHA3-384, SHA-512, SHA3-512, SHAKE128, or
SHAKE256. The input format can be one of HEX, TEXT, B64, BYTES, ARRAYBUFFER, or
UINT8ARRAY. You can then stream in input using the update object function,
calling it multiple times if needed. Finally, simply call getHash with the
output type as a parameter (B64, HEX, BYTES, ARRAYBUFFER, or UINT8ARRAY).
Example to calculate the SHA-512 of "This is a test":
const shaObj = new jsSHA("SHA-512", "TEXT", { encoding: "UTF8" });
/* .update() can be chained */
shaObj.update("This is").update(" a ");
shaObj.update("test");
const hash = shaObj.getHash("HEX");
The constructor takes a hashmap as a optional third argument with defaults
{"encoding" : "UTF8", "numRounds" : 1}. numRounds controls the number of
hashing iterations/rounds performed and encoding specifies the encoding used
to encode TEXT-type inputs. Valid encoding values are "UTF8", "UTF16BE", and
"UTF16LE".
getHash also takes a hashmap as an optional second argument with defaults
{"outputUpper" : false, "b64Pad" : "="}. outputUpper is only used for "HEX"
outputs and b64Pad only for "B64" outputs.
Important: SHAKE128 and SHAKE256 require outputLen to be in the hashmap
where outputLen is the desired output length of the SHAKE algorithm in a
multiple of 8 bits.
Instantiate a new jsSHA object similiar to hashing but with the third argument
in the form of { "hmacKey": { "value": VALUE, "format": FORMAT } }. FORMAT
takes the same values as the input format from hashing and the VALUE is then
either a string, ArrayBuffer, or Uint8Array. You can stream in the input
using the update object function just like hashing. Finally, get the HMAC by
calling the getHash function with the output type as its argument. Example to
calculate the SHA-512 HMAC of the string "This is a test" with the key "abc":
const shaObj = new jsSHA("SHA-512", "TEXT", {
hmacKey: { value: "abc", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const hmac = shaObj.getHash("HEX");
Note: You cannot specify numRounds with HMAC.
Instantiate a new jsSHA object similiar to HMAC but first argument being
either "CSHAKE128" or "CSHAKE256" and the third argument in the form of
{ "customization"?: { "value": VALUE, "format": FORMAT }, "funcName"?: { "value": VALUE, "format": FORMAT } }.
FORMAT takes the same values as the input format from hashing and the VALUE is
then either a string, ArrayBuffer, or Uint8Array. Per the NIST
specification, both customization and funcName are optional. You can stream
in the input using the update object function just like hashing. Finally, get
the hash by calling the getHash function with the output type and length as
arguments. Example to calculate the cSHAKE128 of the string "This is a test"
with the customization string "My Tagged Application" and an output size of
256-bits.
const shaObj = new jsSHA("CSHAKE128", "TEXT", {
customization: { value: "My Tagged Application", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const cshake = shaObj.getHash("HEX", { outputLen: 256 });
Note: You cannot specify numRounds with cSHAKE.
Important: outputLen is required to be in the hashmap where outputLen
is the desired output length of the cSHAKE algorithm in a multiple of 8 bits.
Instantiate a new jsSHA object similiar to cSHAKE but first argument being
either "KMAC128" or "KMAC256" and the third argument in the form of
{ "customization"?: { "value": VALUE, "format": FORMAT }, "kmacKey?: { "value": VALUE, "format": FORMAT } }.
FORMAT takes the same values as the input format from hashing and the VALUE is
then either a string, ArrayBuffer, or Uint8Array. Per the NIST
specification customization is optional whereas kmacKey is required. You can
stream in the input using the update object function just like hashing.
Finally, get the hash by calling the getHash function with the output type and
length as arguments. Example to calculate the KMAC128 of the string "This is a
test" with the customization string "My Tagged Application", key "abc", and an
output size of 256-bits.
const shaObj = new jsSHA("KMAC128", "TEXT", {
customization: { value: "My Tagged Application", format: "TEXT" },
kmacKey: { value: "abc", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const kmac = shaObj.getHash("HEX", { outputLen: 256 });
Note: You cannot specify numRounds with KMAC.
Important: outputLen is required to be in the hashmap where outputLen
is the desired output length of the KMAC algorithm in a multiple of 8 bits.
The project's website is located at https://caligatio.github.io/jsSHA/
3.3.1 (2023-08-04)
FAQs
jsSHA implements the complete Secure Hash Standard (SHA) family (SHA-1, SHA-224/256/384/512, SHA3-224/256/384/512, SHAKE128/256, cSHAKE128/256, and KMAC128/256) with HMAC
The npm package jssha receives a total of 816,590 weekly downloads. As such, jssha popularity was classified as popular.
We found that jssha demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.