Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
What is ripemd160?
The ripemd160 npm package is a JavaScript implementation of the RIPEMD-160 cryptographic hash function. It allows users to generate 160-bit hash values from input data. This hash function is commonly used for integrity checks, digital signatures, and other cryptographic operations.
What are ripemd160's main functionalities?
Hashing Data
This feature allows users to create a RIPEMD-160 hash of any given string or buffer. The example code demonstrates how to hash the string 'hello world' and output the result in hexadecimal format.
"use strict";\nconst ripemd160 = require('ripemd160');\nconst hash = new ripemd160().update('hello world').digest('hex');\nconsole.log(hash); // Outputs the RIPEMD-160 hash of 'hello world' in hexadecimal formatOther packages similar to ripemd160
sha1
The sha1 package is another npm package that provides a JavaScript implementation of the SHA-1 hash function. SHA-1 is also a cryptographic hash function but produces a 160-bit hash value, similar in length to RIPEMD-160. However, SHA-1 is considered less secure than RIPEMD-160 due to vulnerabilities that have been discovered over time.
sha256
The sha256 package is used for computing SHA-256 hashes. SHA-256 is part of the SHA-2 family of cryptographic hash functions and produces a 256-bit hash. It is more secure than both RIPEMD-160 and SHA-1, but it generates a longer hash value.
md5
The md5 package is a JavaScript implementation of the MD5 hash function. MD5 produces a 128-bit hash value and is widely used for checksums and fingerprints. However, MD5 is considered cryptographically broken and unsuitable for further use due to its vulnerabilities to collision attacks.
ripemd160
Node style ripemd160 on pure JavaScript.
Example
var RIPEMD160 = require('ripemd160')
console.log(new RIPEMD160().update('42').digest('hex'))
// => 0df020ba32aa9b8b904471ff582ce6b579bf8bc8
var ripemd160stream = new RIPEMD160()
ripemd160stream.end('42')
console.log(ripemd160stream.read().toString('hex'))
// => 0df020ba32aa9b8b904471ff582ce6b579bf8bc8
LICENSE
MIT
FAQs
Compute ripemd160 of bytes or strings.
The npm package ripemd160 receives a total of 9,391,482 weekly downloads. As such, ripemd160 popularity was classified as popular.
We found that ripemd160 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 19 Apr 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024