Are there any one-way hashing functions available in native JavaScript?

javascript hash

35,444

Solution 1

In 2020, there is a native API:

SubtleCrypto.digest()

https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest

example:

crypto.subtle
  .digest("SHA-256", new TextEncoder().encode("hello"))
  .then(console.log);

hex string conversion:

const digest = async ({ algorithm = "SHA-256", message }) =>
  Array.prototype.map
    .call(
      new Uint8Array(
        await crypto.subtle.digest(algorithm, new TextEncoder().encode(message))
      ),
      (x) => ("0" + x.toString(16)).slice(-2)
    )
    .join("");

digest({message: "hello"}).then(console.log)

Solution 2

JavaScript does not have native hashing, but there are many libraries.

I recommend crypto-js: https://code.google.com/p/crypto-js/

For example, to use SHA1, you simply:

<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/sha1.js"></script>
<script>
    var hash = CryptoJS.SHA1("Message");
</script>

Solution 3

Nothing is available in native JavaScript. You could use something like Murmurhash. There's a JavaScript implementation here: https://github.com/garycourt/murmurhash-js. I haven't used it though so can't vouch for it.

Update: now there are multiple Murmurhash3 implementations available in JavaScript. However, many of them have problems encoding strings to bytes and can produce different results compared to the reference C++ implementation. You can read an analysis on this here, the murmurhash3js-revisited library implements all three variants of the function and conforms to the reference.

Solution 4

Over the horizon, this may be possible with the currently experimental Web Crypto API

https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API

https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto

Granted, at the time of this writing it is unrealistic to use in a production environment and will likely be a moving target. However, come 5 years who knows?

View more solutions

35,444

buley

Updated on August 20, 2020

Comments

buley almost 4 years

I'd like to be able to create unique tokens* for users based on a hashed string. I know I could, for example, use a md5() library but as the purpose is not cryptographic I was wondering if there was anything I could use "out of the box." Are there any one-way hashing functions available in native JavaScript?

*I realize these won't be strictly unique. I'm ok with a small chance of hashing collision.
- Chance over 13 years
  
  you may like this question - stackoverflow.com/questions/105034/…
- buley over 13 years
  
  Yup, like that a lot. I need a one way hash vs. GUIDs. I have a a large string and want to hash it into a smaller string the same way every time. md5 works for that purposes but seems like overkill.
Adam Grant about 8 years

Personally, I'd really like to explore using this to share code between sites using localStorage (there's a hack allowing to use this cross domain). Crypto signing could protect against a site masking evil code as the saved version of jQuery, for example. CDN does this now, but requires an HTTP request.
Drowsy about 2 years

The SubtleCrypto API requires a TLS-enabled website, however. Are there any options that lack this constraint?