tessl/npm-sjcl
Stanford JavaScript Crypto Library providing comprehensive cryptographic operations including AES encryption, hash functions, key derivation, and elliptic curve cryptography.
—
Pending
hash-functions.mddocs/
Hash Functions
SJCL provides implementations of several cryptographic hash functions including SHA-1, SHA-256, SHA-512, and RIPEMD-160, with both one-shot hashing and streaming interfaces for large data processing.
Capabilities
SHA-256
The most commonly used hash function in SJCL, providing 256-bit hash outputs with good security and performance.
/**
* SHA-256 hash constructor for streaming operations
* @param {Hash} [hash] - Optional existing hash state to copy
*/
new sjcl.hash.sha256(hash);
/**
* Compute SHA-256 hash in one operation
* @param {BitArray|string} data - Data to hash (bit array or string)
* @returns {BitArray} 256-bit hash as bit array
*/
sjcl.hash.sha256.hash(data);
/**
* Block size constant for SHA-256
*/
sjcl.hash.sha256.prototype.blockSize = 512;Instance Methods:
/**
* Reset hash state to initial values
* @returns {sjcl.hash.sha256} This hash instance for chaining
*/
sjcl.hash.sha256.prototype.reset();
/**
* Add data to the hash
* @param {BitArray|string} data - Data to add to hash
* @returns {sjcl.hash.sha256} This hash instance for chaining
*/
sjcl.hash.sha256.prototype.update(data);
/**
* Complete the hash and return result
* @returns {BitArray} Final hash value as bit array
*/
sjcl.hash.sha256.prototype.finalize();Usage Examples:
const sjcl = require('sjcl');
// One-shot hashing
const hash1 = sjcl.hash.sha256.hash("Hello, World!");
const hexHash1 = sjcl.codec.hex.fromBits(hash1);
console.log(hexHash1);
// Streaming hashing
const hasher = new sjcl.hash.sha256();
hasher.update("Hello, ");
hasher.update("World!");
const hash2 = hasher.finalize();
const hexHash2 = sjcl.codec.hex.fromBits(hash2);
console.log(hexHash2); // Same as hexHash1
// Hash binary data
const binaryData = sjcl.codec.utf8String.toBits("Hello, World!");
const hash3 = sjcl.hash.sha256.hash(binaryData);SHA-1
Legacy hash function, still supported but not recommended for new applications due to known vulnerabilities.
/**
* SHA-1 hash constructor for streaming operations
* @param {Hash} [hash] - Optional existing hash state to copy
*/
new sjcl.hash.sha1(hash);
/**
* Compute SHA-1 hash in one operation
* @param {BitArray|string} data - Data to hash
* @returns {BitArray} 160-bit hash as bit array
*/
sjcl.hash.sha1.hash(data);
/**
* Block size constant for SHA-1
*/
sjcl.hash.sha1.prototype.blockSize = 512;Instance Methods:
/**
* Reset hash state to initial values
*/
sjcl.hash.sha1.prototype.reset();
/**
* Add data to the hash
* @param {BitArray|string} data - Data to add to hash
*/
sjcl.hash.sha1.prototype.update(data);
/**
* Complete the hash and return result
* @returns {BitArray} Final hash value as bit array
*/
sjcl.hash.sha1.prototype.finalize();SHA-512
High-security hash function providing 512-bit hash outputs, suitable for applications requiring maximum security.
/**
* SHA-512 hash constructor for streaming operations
* @param {Hash} [hash] - Optional existing hash state to copy
*/
new sjcl.hash.sha512(hash);
/**
* Compute SHA-512 hash in one operation
* @param {BitArray|string} data - Data to hash
* @returns {BitArray} 512-bit hash as bit array
*/
sjcl.hash.sha512.hash(data);
/**
* Block size constant for SHA-512
*/
sjcl.hash.sha512.prototype.blockSize = 1024;Instance Methods:
/**
* Reset hash state to initial values
*/
sjcl.hash.sha512.prototype.reset();
/**
* Add data to the hash
* @param {BitArray|string} data - Data to add to hash
*/
sjcl.hash.sha512.prototype.update(data);
/**
* Complete the hash and return result
* @returns {BitArray} Final hash value as bit array
*/
sjcl.hash.sha512.prototype.finalize();Usage Examples:
const sjcl = require('sjcl');
// SHA-512 one-shot hashing
const hash512 = sjcl.hash.sha512.hash("Hello, World!");
const hex512 = sjcl.codec.hex.fromBits(hash512);
console.log(hex512); // 128 hex characters (512 bits)
// Large data streaming with SHA-512
const hasher512 = new sjcl.hash.sha512();
for (let i = 0; i < 1000; i++) {
hasher512.update("chunk " + i + " ");
}
const finalHash = hasher512.finalize();RIPEMD-160
Alternative hash function providing 160-bit outputs, designed as an alternative to SHA-1.
/**
* RIPEMD-160 hash constructor for streaming operations
* @param {Hash} [hash] - Optional existing hash state to copy
*/
new sjcl.hash.ripemd160(hash);
/**
* Compute RIPEMD-160 hash in one operation
* @param {BitArray|string} data - Data to hash
* @returns {BitArray} 160-bit hash as bit array
*/
sjcl.hash.ripemd160.hash(data);Instance Methods:
/**
* Reset hash state to initial values
*/
sjcl.hash.ripemd160.prototype.reset();
/**
* Add data to the hash
* @param {BitArray|string} data - Data to add to hash
*/
sjcl.hash.ripemd160.prototype.update(data);
/**
* Complete the hash and return result
* @returns {BitArray} Final hash value as bit array
*/
sjcl.hash.ripemd160.prototype.finalize();Usage Examples:
const sjcl = require('sjcl');
// RIPEMD-160 hashing
const ripemdHash = sjcl.hash.ripemd160.hash("Hello, World!");
const hexRipemd = sjcl.codec.hex.fromBits(ripemdHash);
console.log(hexRipemd); // 40 hex characters (160 bits)
// Streaming RIPEMD-160
const ripemdHasher = new sjcl.hash.ripemd160();
ripemdHasher.update("Hello, ");
ripemdHasher.update("World!");
const finalRipemd = ripemdHasher.finalize();Common Usage Patterns
File Hashing
Example of hashing large amounts of data using the streaming interface:
const sjcl = require('sjcl');
function hashLargeData(dataChunks) {
const hasher = new sjcl.hash.sha256();
dataChunks.forEach(chunk => {
// Convert string chunks to bit arrays if needed
const bits = typeof chunk === 'string'
? sjcl.codec.utf8String.toBits(chunk)
: chunk;
hasher.update(bits);
});
return hasher.finalize();
}
// Usage
const chunks = ["chunk1", "chunk2", "chunk3"];
const hash = hashLargeData(chunks);
const hexHash = sjcl.codec.hex.fromBits(hash);Hash Comparison
Secure hash comparison using constant-time equality:
const sjcl = require('sjcl');
function verifyHash(data, expectedHash) {
const actualHash = sjcl.hash.sha256.hash(data);
// Use bitArray.equal for constant-time comparison
return sjcl.bitArray.equal(actualHash, expectedHash);
}
// Usage
const data = "Hello, World!";
const storedHash = sjcl.hash.sha256.hash(data);
// Later verification
const isValid = verifyHash(data, storedHash);
console.log("Hash valid:", isValid);Hash Chain
Creating hash chains for integrity verification:
const sjcl = require('sjcl');
function createHashChain(data, rounds) {
let hash = sjcl.codec.utf8String.toBits(data);
for (let i = 0; i < rounds; i++) {
hash = sjcl.hash.sha256.hash(hash);
}
return hash;
}
// Usage
const chainHash = createHashChain("initial data", 1000);
const hexChain = sjcl.codec.hex.fromBits(chainHash);Performance Considerations
- SHA-256: Best balance of security and performance for most applications
- SHA-512: Higher security but slower, especially on 32-bit platforms
- SHA-1: Fastest but deprecated due to security vulnerabilities
- RIPEMD-160: Good alternative to SHA-1 with similar performance
- Streaming vs One-shot: Use streaming interface for large data to avoid memory issues
Security Recommendations
- Use SHA-256 or SHA-512 for new applications
- Avoid SHA-1 except for legacy compatibility
- Use streaming interface for large files to prevent memory exhaustion
- Use constant-time comparison (
sjcl.bitArray.equal) when comparing hashes - Consider salting when hashing passwords or user data
Install with Tessl CLI
npx tessl i tessl/npm-sjcl