{"_id":"noble-hashes","_rev":"4597287","name":"noble-hashes","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2, Scrypt","dist-tags":{"latest":"0.3.1"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"time":{"modified":"2026-04-10T17:09:40.000Z","created":"2021-10-06T19:02:15.450Z","0.3.1":"2021-10-28T06:53:11.894Z","0.3.0":"2021-10-27T18:16:57.205Z","0.2.2":"2021-10-18T04:13:20.856Z","0.2.1":"2021-10-17T05:36:40.427Z","0.2.0":"2021-10-14T02:15:01.853Z","0.1.1":"2021-10-07T23:13:37.907Z","0.1.0":"2021-10-06T19:02:15.450Z"},"users":{},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-hashes.git"},"versions":{"0.3.1":{"name":"noble-hashes","version":"0.3.1","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2, Scrypt","main":"lib/index.js","directories":{"lib":"lib","test":"test"},"scripts":{"bench":"node test/benchmark/index.js","bench-install":"cd test/benchmark && npm install && cd ../../","build":"tsc -d","build-release":"rollup -c rollup.config.js","lint":"prettier --print-width 100 --single-quote --check src","test":"node test/index.js","test-dos":"node test/slow-dos.test.js","test-big":"node test/slow-big.test.js"},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-hashes.git"},"license":"MIT","browser":{"crypto":false},"devDependencies":{"@rollup/plugin-commonjs":"21.0.0","@rollup/plugin-node-resolve":"13.0.5","micro-bmark":"^0.1.3","micro-should":"^0.2.0","prettier":"2.4.1","rollup":"~2.58.0","typescript":"~4.4.0"},"keywords":["sha","sha2","sha3","sha256","sha512","keccak","ripemd160","blake2","blake3","hmac","hkdf","pbkdf2","scrypt","kdf","hash","cryptography","security","noble"],"types":"./lib/index.d.ts","gitHead":"7b26d35707b7f31080f171832df66cbf30579e25","bugs":{"url":"https://github.com/paulmillr/noble-hashes/issues"},"homepage":"https://github.com/paulmillr/noble-hashes#readme","_id":"noble-hashes@0.3.1","_nodeVersion":"16.11.0","_npmVersion":"8.1.0","dist":{"shasum":"8c6085b779509b09d2f2d2aecce67650fb411d1c","size":34037,"noattachment":false,"key":"/noble-hashes/-/noble-hashes-0.3.1.tgz","tarball":"http://registry.cnpm.dingdandao.com/noble-hashes/download/noble-hashes-0.3.1.tgz"},"_npmUser":{"name":"paulmillr","email":"paul@paulmillr.com"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/noble-hashes_0.3.1_1635403991723_0.1781826593657696"},"_hasShrinkwrap":false,"publish_time":1635403991894,"deprecated":"Switch to namespaced @noble/hashes for security and feature updates","_cnpm_publish_time":1635403991894,"_cnpmcore_publish_time":"2021-12-15T17:13:44.000Z"},"0.3.0":{"name":"noble-hashes","version":"0.3.0","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2, Scrypt","main":"lib/index.js","directories":{"lib":"lib","test":"test"},"scripts":{"bench":"node test/benchmark/index.js","bench-install":"cd test/benchmark && npm install && cd ../../","build":"tsc -d","build-release":"rollup -c rollup.config.js","lint":"prettier --print-width 100 --single-quote --check src","test":"node test/index.js","test-dos":"node test/slow-dos.test.js","test-big":"node test/slow-big.test.js"},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-hashes.git"},"license":"MIT","browser":{"crypto":false},"devDependencies":{"@rollup/plugin-commonjs":"21.0.0","@rollup/plugin-node-resolve":"13.0.5","micro-bmark":"^0.1.3","micro-should":"^0.2.0","prettier":"2.4.1","rollup":"~2.58.0","typescript":"~4.4.0"},"keywords":["sha","sha2","sha3","sha256","sha512","keccak","ripemd160","blake2","blake3","hmac","hkdf","pbkdf2","scrypt","kdf","hash","cryptography","security","noble"],"types":"./lib/index.d.ts","gitHead":"eee16b5d6bed8c67b3bbf887160ac811a7fedc04","bugs":{"url":"https://github.com/paulmillr/noble-hashes/issues"},"homepage":"https://github.com/paulmillr/noble-hashes#readme","_id":"noble-hashes@0.3.0","_nodeVersion":"16.11.0","_npmVersion":"8.1.0","dist":{"shasum":"bb057ce21f14de0a796f1270ebb66c4a95eb0988","size":34030,"noattachment":false,"key":"/noble-hashes/-/noble-hashes-0.3.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/noble-hashes/download/noble-hashes-0.3.0.tgz"},"_npmUser":{"name":"paulmillr","email":"paul@paulmillr.com"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/noble-hashes_0.3.0_1635358617030_0.9558450833733438"},"_hasShrinkwrap":false,"publish_time":1635358617205,"deprecated":"Switch to namespaced @noble/hashes for security and feature updates","_cnpm_publish_time":1635358617205,"_cnpmcore_publish_time":"2021-12-15T17:13:44.272Z"},"0.2.2":{"name":"noble-hashes","version":"0.2.2","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE, HMAC, HKDF, PBKDF2, Scrypt","main":"lib/index.js","directories":{"lib":"lib","test":"test"},"scripts":{"bench":"node test/benchmark/index.js","bench-install":"cd test/benchmark && npm install && cd ../../","build":"tsc -d","build-release":"rollup -c rollup.config.js","lint":"prettier --print-width 100 --single-quote --check src","test":"node test/index.js","test-dos":"node test/slow-dos.test.js","test-big":"node test/slow-big.test.js"},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-hashes.git"},"license":"MIT","browser":{"crypto":false},"devDependencies":{"@rollup/plugin-commonjs":"21.0.0","@rollup/plugin-node-resolve":"13.0.5","micro-bmark":"^0.1.3","micro-should":"^0.2.0","prettier":"2.4.1","rollup":"~2.58.0","typescript":"~4.4.0"},"keywords":["sha","sha2","sha3","sha256","sha512","keccak","ripemd160","blake2","hmac","hkdf","pbkdf2","scrypt","kdf","hash","cryptography","security","noble"],"types":"./lib/index.d.ts","gitHead":"2d2fbec680dcf83bd9d7056463cd8e44e839624d","bugs":{"url":"https://github.com/paulmillr/noble-hashes/issues"},"homepage":"https://github.com/paulmillr/noble-hashes#readme","_id":"noble-hashes@0.2.2","_nodeVersion":"16.11.0","_npmVersion":"8.1.0","dist":{"shasum":"f174cc18ba2fd1ee8b416e4da568f6706f00bb34","size":28799,"noattachment":false,"key":"/noble-hashes/-/noble-hashes-0.2.2.tgz","tarball":"http://registry.cnpm.dingdandao.com/noble-hashes/download/noble-hashes-0.2.2.tgz"},"_npmUser":{"name":"paulmillr","email":"paul@paulmillr.com"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/noble-hashes_0.2.2_1634530400681_0.36166737823264694"},"_hasShrinkwrap":false,"publish_time":1634530400856,"deprecated":"Switch to namespaced @noble/hashes for security and feature updates","_cnpm_publish_time":1634530400856,"_cnpmcore_publish_time":"2021-12-15T17:13:44.577Z"},"0.2.1":{"name":"noble-hashes","version":"0.2.1","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE, HMAC, HKDF, PBKDF2, Scrypt","main":"lib/index.js","directories":{"lib":"lib","test":"test"},"scripts":{"bench":"node test/benchmark/index.js","bench-install":"cd test/benchmark && npm install && cd ../../","build":"tsc -d","build-release":"rollup -c rollup.config.js","lint":"prettier --print-width 100 --single-quote --check src","test":"node test/index.js","test-dos":"node test/slow-dos.test.js","test-big":"node test/slow-big.test.js"},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-hashes.git"},"license":"MIT","browser":{"crypto":false},"devDependencies":{"@rollup/plugin-commonjs":"21.0.0","@rollup/plugin-node-resolve":"13.0.5","micro-bmark":"^0.1.3","micro-should":"^0.2.0","prettier":"2.4.1","rollup":"~2.58.0","typescript":"~4.3.5"},"keywords":["sha","sha2","sha3","sha256","sha512","keccak","ripemd160","blake2","hmac","hkdf","pbkdf2","scrypt","kdf","hash","cryptography","security","noble"],"types":"./lib/index.d.ts","gitHead":"3cb616ff42990cf99e553cd711c86ac151aa2c15","bugs":{"url":"https://github.com/paulmillr/noble-hashes/issues"},"homepage":"https://github.com/paulmillr/noble-hashes#readme","_id":"noble-hashes@0.2.1","_nodeVersion":"16.11.0","_npmVersion":"8.1.0","dist":{"shasum":"2a84d5939fc521bcc196edfaebde3f3bb6a54709","size":28299,"noattachment":false,"key":"/noble-hashes/-/noble-hashes-0.2.1.tgz","tarball":"http://registry.cnpm.dingdandao.com/noble-hashes/download/noble-hashes-0.2.1.tgz"},"_npmUser":{"name":"paulmillr","email":"paul@paulmillr.com"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/noble-hashes_0.2.1_1634449000082_0.9272927298571474"},"_hasShrinkwrap":false,"publish_time":1634449000427,"deprecated":"Switch to namespaced @noble/hashes for security and feature updates","_cnpm_publish_time":1634449000427,"_cnpmcore_publish_time":"2021-12-15T17:13:44.805Z"},"0.2.0":{"name":"noble-hashes","version":"0.2.0","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE, HMAC, HKDF, PBKDF2, Scrypt","main":"lib/index.js","directories":{"lib":"lib","test":"test"},"scripts":{"bench":"node test/benchmark/index.js","bench-install":"cd test/benchmark && npm install && cd ../../","build":"tsc -d","build-release":"rollup -c rollup.config.js","lint":"prettier --print-width 100 --single-quote --check src","test":"node test/index.js","test-dos":"node test/slow-dos.test.js","test-big":"node test/slow-big.test.js"},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-hashes.git"},"license":"MIT","browser":{"crypto":false},"devDependencies":{"@rollup/plugin-commonjs":"21.0.0","@rollup/plugin-node-resolve":"13.0.5","micro-bmark":"^0.1.3","micro-should":"^0.2.0","prettier":"2.4.1","rollup":"~2.58.0","typescript":"~4.3.5"},"keywords":["sha","sha2","sha3","sha256","sha512","keccak","ripemd160","blake2","hmac","hkdf","pbkdf2","scrypt","kdf","hash","cryptography","security","noble"],"types":"./lib/index.d.ts","gitHead":"b74d8856ba46b02c385e540974f7a078112aec31","bugs":{"url":"https://github.com/paulmillr/noble-hashes/issues"},"homepage":"https://github.com/paulmillr/noble-hashes#readme","_id":"noble-hashes@0.2.0","_nodeVersion":"16.11.0","_npmVersion":"8.0.0","dist":{"shasum":"652f926067e45937699bea29deaaa07b2c1d2da9","size":28314,"noattachment":false,"key":"/noble-hashes/-/noble-hashes-0.2.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/noble-hashes/download/noble-hashes-0.2.0.tgz"},"_npmUser":{"name":"paulmillr","email":"paul@paulmillr.com"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/noble-hashes_0.2.0_1634177701628_0.5749645763535594"},"_hasShrinkwrap":false,"publish_time":1634177701853,"deprecated":"Switch to namespaced @noble/hashes for security and feature updates","_cnpm_publish_time":1634177701853,"_cnpmcore_publish_time":"2021-12-15T17:13:45.009Z"},"0.1.1":{"name":"noble-hashes","version":"0.1.1","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE, HMAC, HKDF, PBKDF2, Scrypt","main":"lib/index.js","directories":{"lib":"lib","test":"test"},"scripts":{"bench":"node test/benchmark/index.js","bench-install":"cd test/benchmark && npm install && cd ../../","build":"tsc -d","build-release":"rollup -c rollup.config.js","lint":"prettier --print-width 100 --single-quote --check src","test":"node test/index.js","test-dos":"node test/slow-dos.test.js","test-big":"node test/slow-big.test.js"},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-hashes.git"},"license":"MIT","browser":{"crypto":false},"devDependencies":{"@rollup/plugin-commonjs":"21.0.0","@rollup/plugin-node-resolve":"13.0.5","micro-bmark":"^0.1.3","micro-should":"^0.2.0","prettier":"2.4.1","rollup":"~2.58.0","typescript":"~4.3.5"},"keywords":["sha","sha2","sha3","sha256","sha512","keccak","ripemd160","blake2","hmac","hkdf","pbkdf2","scrypt","kdf","hash","cryptography","security","noble"],"types":"./lib/index.d.ts","gitHead":"1407328994c91fc935a71457062fe81418f38dbb","bugs":{"url":"https://github.com/paulmillr/noble-hashes/issues"},"homepage":"https://github.com/paulmillr/noble-hashes#readme","_id":"noble-hashes@0.1.1","_nodeVersion":"16.10.0","_npmVersion":"7.24.0","dist":{"shasum":"1848aaecabd364455e8d7f461e017cccbd36ebab","size":28219,"noattachment":false,"key":"/noble-hashes/-/noble-hashes-0.1.1.tgz","tarball":"http://registry.cnpm.dingdandao.com/noble-hashes/download/noble-hashes-0.1.1.tgz"},"_npmUser":{"name":"paulmillr","email":"paul@paulmillr.com"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/noble-hashes_0.1.1_1633648417712_0.1298824639985503"},"_hasShrinkwrap":false,"publish_time":1633648417907,"deprecated":"Switch to namespaced @noble/hashes for security and feature updates","_cnpm_publish_time":1633648417907,"_cnpmcore_publish_time":"2021-12-15T17:13:45.228Z"},"0.1.0":{"name":"noble-hashes","version":"0.1.0","description":"Fast 0-dependency JS implementation of SHA2, SHA3, RIPEMD, BLAKE, HMAC, HKDF, PBKDF2, Scrypt","main":"lib/index.js","directories":{"lib":"lib","test":"test"},"scripts":{"bench":"node test/benchmark/index.js","bench-install":"cd test/benchmark && npm install && cd ../../","build":"tsc -d","build-release":"rollup -c rollup.config.js","lint":"prettier --print-width 100 --single-quote --check src","test":"node test/index.js","test-dos":"node test/slow-dos.test.js","test-big":"node test/slow-big.test.js"},"author":{"name":"Paul Miller","url":"https://paulmillr.com"},"repository":{"type":"git","url":"git+https://github.com/paulmillr/noble-secp256k1.git"},"license":"MIT","browser":{"crypto":false},"devDependencies":{"@rollup/plugin-commonjs":"21.0.0","@rollup/plugin-node-resolve":"13.0.5","micro-bmark":"^0.1.3","micro-should":"^0.2.0","prettier":"2.4.1","rollup":"~2.58.0","typescript":"~4.3.5"},"keywords":["sha","sha2","sha3","sha256","sha512","keccak","ripemd160","blake2","hmac","hkdf","pbkdf2","scrypt","kdf","hash","cryptography","security","noble"],"types":"./lib/index.d.ts","gitHead":"3d8ba3c07471c12462da596d97d193c0c00f0e81","bugs":{"url":"https://github.com/paulmillr/noble-secp256k1/issues"},"homepage":"https://github.com/paulmillr/noble-secp256k1#readme","_id":"noble-hashes@0.1.0","_nodeVersion":"16.10.0","_npmVersion":"7.24.0","dist":{"shasum":"06c017ffbe6f7a34da03a31de0259f7b0df8a80d","size":27541,"noattachment":false,"key":"/noble-hashes/-/noble-hashes-0.1.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/noble-hashes/download/noble-hashes-0.1.0.tgz"},"_npmUser":{"name":"paulmillr","email":"paul@paulmillr.com"},"maintainers":[{"name":"paulmillr","email":"paul@paulmillr.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/noble-hashes_0.1.0_1633546935290_0.28122694107205937"},"_hasShrinkwrap":false,"publish_time":1633546935450,"deprecated":"Switch to namespaced @noble/hashes for security and feature updates","_cnpm_publish_time":1633546935450,"_cnpmcore_publish_time":"2021-12-15T17:13:45.489Z"}},"readme":"# noble-hashes ![Node CI](https://github.com/paulmillr/noble-hashes/workflows/Node%20CI/badge.svg) [![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier)\n\nFast, secure & minimal JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2 & Scrypt.\n\n- **noble** family, zero dependencies\n- ???? Helps JS bundlers with lack of entry point; ensures small size of your app\n- ???? No unrolled loops: makes it much easier to verify and reduces source code size 2-5x\n- ???? Ultra-fast, hand-optimized for caveats of JS engines\n- ???? Unique tests ensure correctness: chained tests, sliding window tests, DoS tests\n- ???? Differential fuzzing ensures even more correctness with [cryptofuzz](https://github.com/guidovranken/cryptofuzz)\n- ???? Scrypt supports `n: 2**22` with 4GB arrays while other implementations crash on `2**21` or even `2**20`, `maxmem` security param, `onProgress` callback\n- ???? SHA3 supports Keccak, KangarooTwelve and MarsupilamiFourteen\n- All primitives are just ~2KLOC / 41KB minified / 14KB gzipped. SHA256-only is 240LOC / 7KB minified / 3KB gzipped\n\nThe library's initial development was funded by [Ethereum Foundation](https://ethereum.org/).\n\n### This library belongs to _noble_ crypto\n\n> **noble-crypto** — high-security, easily auditable set of contained cryptographic libraries and tools.\n\n- No dependencies, small files\n- Easily auditable TypeScript/JS code\n- Supported in all major browsers and stable node.js versions\n- All releases are signed with PGP keys\n- Check out all libraries:\n  [secp256k1](https://github.com/paulmillr/noble-secp256k1),\n  [ed25519](https://github.com/paulmillr/noble-ed25519),\n  [bls12-381](https://github.com/paulmillr/noble-bls12-381),\n  [hashes](https://github.com/paulmillr/noble-hashes)\n\n## Usage\n\nUse NPM in node.js / browser, or include single file from\n[GitHub's releases page](https://github.com/paulmillr/noble-hashes/releases):\n\n> npm install noble-hashes\n\nThe library does not have an entry point. It allows you to select specific primitives and drop everything else. If you only want to use sha256, just use the library with rollup or other bundlers. This is done to make your bundles tiny.\n\n```js\nconst { sha256 } = require('noble-hashes/lib/sha256');\nconsole.log(sha256(new Uint8Array([1, 2, 3])));\n// Uint8Array(32) [3, 144,  88, 198, 242, 192, 203,  73, ...]\n\n// you could also pass strings that will be UTF8-encoded to Uint8Array\nconsole.log(sha256('abc'))); // == sha256(new TextEncoder().encode('abc'))\n\n// sha384 is here, because it uses same internals as sha512\nconst { sha512, sha512_256, sha384 } = require('noble-hashes/lib/sha512');\n// prettier-ignore\nconst {\n  sha3_224, sha3_256, sha3_384, sha3_512,\n  keccak_224, keccak_256, keccak_384, keccak_512,\n  shake128, shake256\n} = require('noble-hashes/lib/sha3');\n// prettier-ignore\nconst {\n  cshake128, cshake256, kmac128, kmac256, k12, m14\n} = require('noble-hashes/lib/sha3-addons');\nconst { ripemd160 } = require('noble-hashes/lib/ripemd160');\nconst { blake3 } = require('noble-hashes/lib/blake3');\nconst { blake2b } = require('noble-hashes/lib/blake2b');\nconst { blake2s } = require('noble-hashes/lib/blake2s');\nconst { hmac } = require('noble-hashes/lib/hmac');\nconst { hkdf } = require('noble-hashes/lib/hkdf');\nconst { pbkdf2, pbkdf2Async } = require('noble-hashes/lib/pbkdf2');\nconst { scrypt, scryptAsync } = require('noble-hashes/lib/scrypt');\n\n// small utility method that converts bytes to hex\nconst { bytesToHex as toHex } = require('noble-hashes/lib/utils');\nconsole.log(toHex(sha256('abc')));\n// ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad\n```\n\n## API\n\nAll hash functions:\n\n- can be called directly, with `Uint8Array`.\n- return `Uint8Array`\n- can receive `string`, which is automatically converted to `Uint8Array`\n  via utf8 encoding **(not hex)**\n- support hashing 4GB of data per update on 64-bit systems (unlimited with streaming)\n\n```ts\nfunction hash(message: Uint8Array | string): Uint8Array;\nhash(new Uint8Array([1, 3]));\nhash('string') == hash(new TextEncoder().encode('string'));\n```\n\nAll hash functions can be constructed via `hash.create()` method:\n\n- the result is `Hash` subclass instance, which has `update()` and `digest()` methods\n- `digest()` finalizes the hash and makes it no longer usable\n\n```ts\nhash\n  .create()\n  .update(new Uint8Array([1, 3]))\n  .digest();\n```\n\n_Some_ hash functions can also receive `options` object, which can be either passed as a:\n\n- second argument to hash function: `blake3('abc', { key: 'd', dkLen: 32 })`\n- first argument to class initializer: `blake3.create({ context: 'e', dkLen: 32 })`\n\n## Modules\n- [SHA2 (sha256, sha512, sha512_256)](#sha2-sha256-sha512-sha512_256)\n- [SHA3 (sha3_256, keccak_256, etc)](#sha3-sha3_256-keccak_256-etc)\n- [SHA3 Addons (cSHAKE, KMAC, KangarooTwelve, MarsupilamiFourteen)](#sha3-addons-cshake-kmac-kangarootwelve-marsupilamifourteen)\n- [RIPEMD-160](#ripemd-160)\n- [BLAKE2b, BLAKE2s](#blake2b-blake2s)\n- [BLAKE3](#blake3)\n- [HMAC](#hmac)\n- [HKDF](#hkdf)\n- [PBKDF2](#pbkdf2)\n- [Scrypt](#scrypt)\n- [utils](#utils)\n\n##### SHA2 (sha256, sha512, sha512_256)\n\n```typescript\nimport { sha256 } from 'noble-hashes/lib/sha256.js';\nconst h1a = sha256('abc');\nconst h1b = sha256\n  .create()\n  .update(Uint8Array.from([1, 2, 3]))\n  .digest();\n```\n\n```typescript\nimport { sha512 } from 'noble-hashes/lib/sha512.js';\nconst h2a = sha512('abc');\nconst h2b = sha512\n  .create()\n  .update(Uint8Array.from([1, 2, 3]))\n  .digest();\n\n// SHA512/256 variant\nimport { sha512_256 } from 'noble-hashes/lib/sha512.js';\nconst h3a = sha512_256('abc');\nconst h3b = sha512_256\n  .create()\n  .update(Uint8Array.from([1, 2, 3]))\n  .digest();\n\n// SHA384\nimport { sha384 } from 'noble-hashes/lib/sha512.js';\nconst h4a = sha384('abc');\nconst h4b = sha384\n  .create()\n  .update(Uint8Array.from([1, 2, 3]))\n  .digest();\n```\n\nSee [RFC 4634](https://datatracker.ietf.org/doc/html/rfc4634) and [the paper on SHA512/256](https://eprint.iacr.org/2010/548.pdf).\n\n##### SHA3 (sha3_256, keccak_256, etc)\n\n```typescript\nimport {\n  sha3_224,\n  sha3_256,\n  sha3_384,\n  sha3_512,\n  keccak_224,\n  keccak_256,\n  keccak_384,\n  keccak_512,\n  shake128,\n  shake256\n} from 'noble-hashes/lib/sha3.js';\nconst h5a = sha3_256('abc');\nconst h5b = sha3_256\n  .create()\n  .update(Uint8Array.from([1, 2, 3]))\n  .digest();\nconst h6a = keccak_256('abc');\nconst h7a = shake128('abc', { dkLen: 512 });\nconst h7b = shake256('abc', { dkLen: 512 })\n```\n\nSee ([FIPS PUB 202](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf), [Website](https://keccak.team/keccak.html)).\n\nCheck out [the differences between SHA-3 and Keccak](https://crypto.stackexchange.com/questions/15727/what-are-the-key-differences-between-the-draft-sha-3-standard-and-the-keccak-sub)\n\n##### SHA3 Addons (cSHAKE, KMAC, KangarooTwelve, MarsupilamiFourteen)\n\n```typescript\nimport {\n  cshake128, cshake256, kmac128, kmac256, k12, m14\n} from 'noble-hashes/lib/sha3-addons.js';\nconst h7c = cshake128('abc', { personalization: 'def' })\nconst h7d = cshake256('abc', { personalization: 'def' })\nconst h7e = kmac128('key', 'message')\nconst h7f = kmac256('key', 'message')\nconst h7h = k12('abc');\nconst h7g = m14('abc')\n```\n\n???? K12 and M14 are basically faster versions of Keccak.\n\nSee [KangarooTwelve Paper](https://keccak.team/files/KangarooTwelve.pdf), [RFC Draft](https://www.ietf.org/archive/id/draft-irtf-cfrg-kangarootwelve-06.txt), [Website](https://keccak.team/keccak.html) and [(NIST SP 800-185)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf)\n\n##### RIPEMD-160\n\n```typescript\nimport { ripemd160 } from 'noble-hashes/lib/ripemd160.js';\n// function ripemd160(data: Uint8Array): Uint8Array;\nconst hash8 = ripemd160('abc');\nconst hash9 = ripemd160()\n  .create()\n  .update(Uint8Array.from([1, 2, 3]))\n  .digest();\n```\n\nSee [RFC 2286](https://datatracker.ietf.org/doc/html/rfc2286), [Website](https://homes.esat.kuleuven.be/~bosselae/ripemd160.html)\n\n##### BLAKE2b, BLAKE2s\n\n```typescript\nimport { blake2b } from 'noble-hashes/lib/blake2b.js';\nimport { blake2s } from 'noble-hashes/lib/blake2s.js';\nconst h10a = blake2s('abc');\nconst b2params = { key: new Uint8Array([1]), personalization: t, salt: t, dkLen: 32 };\nconst h10b = blake2s('abc', b2params);\nconst h10c = blake2s\n  .create(b2params)\n  .update(Uint8Array.from([1, 2, 3]))\n  .digest();\n```\n\nSee [RFC 7693](https://datatracker.ietf.org/doc/html/rfc7693), [Website](https://www.blake2.net).\n\n##### BLAKE3\n\n```typescript\nimport { blake3 } from 'noble-hashes/lib/blake3.js';\n// All params are optional\nconst h11 = blake3('abc', { dkLen: 256, key: 'def', context: 'fji' })\n```\n\nSee [Website](https://blake3.io).\n\n##### HMAC\n\n```typescript\nimport { hmac } from 'noble-hashes/lib/hmac.js';\nimport { sha256 } from 'noble-hashes/lib/sha256.js';\nconst mac1 = hmac(sha256, 'key', 'message');\nconst mac2 = hmac.create(sha256, Uint8Array.from([1, 2, 3])).update(Uint8Array.from([4, 5, 6]).digest();\n```\n\nMatches [RFC 2104](https://datatracker.ietf.org/doc/html/rfc2104).\n\n##### HKDF\n\n```typescript\nimport { hkdf } from 'noble-hashes/lib/kdf.js';\nimport { sha256 } from 'noble-hashes/lib/sha256.js';\nimport { randomBytes } from 'noble-hashes/utils.js';\nconst inputKey = randomBytes(32);\nconst salt = randomBytes(32);\nconst info = 'abc';\nconst dkLen = 32;\nconst hk1 = hkdf(sha256, inputKey, salt, info, dkLen);\n\n// == same as\nimport { hkdf_extract, hkdf_expand } from 'noble-hashes/lib/kdf.js';\nimport { sha256 } from 'noble-hashes/lib/sha256.js';\nconst prk = hkdf_extract(sha256, inputKey, salt);\nconst hk2 = hkdf_expand(sha256, prk, info, dkLen);\n```\n\nMatches [RFC 5869](https://datatracker.ietf.org/doc/html/rfc5869).\n\n##### PBKDF2\n\n```typescript\nimport { pbkdf2, pbkdf2Async } from 'noble-hashes/lib/pbkdf2.js';\nimport { sha256 } from 'noble-hashes/lib/sha256.js';\nconst pbkey1 = pbkdf2(sha256, 'password', 'salt', { c: 32, dkLen: 32 });\nconst pbkey2 = await pbkdf2Async(sha256, 'password', 'salt', { c: 32, dkLen: 32 });\nconst pbkey3 = await pbkdf2Async(sha256, Uint8Array.from([1, 2, 3]), Uint8Array.from([4, 5, 6]), {\n  c: 32,\n  dkLen: 32,\n});\n```\n\nMatches [RFC 2898](https://datatracker.ietf.org/doc/html/rfc2898).\n\n##### Scrypt\n\n```typescript\nimport { scrypt, scryptAsync } from 'noble-hashes/lib/scrypt.js';\nconst scr1 = scrypt('password', 'salt', { N: 2 ** 16, r: 8, p: 1, dkLen: 32 });\nconst scr2 = await scryptAsync('password', 'salt', { N: 2 ** 16, r: 8, p: 1, dkLen: 32 });\nconst scr3 = await scryptAsync(Uint8Array.from([1, 2, 3]), Uint8Array.from([4, 5, 6]), {\n  N: 2 ** 22,\n  r: 8,\n  p: 1,\n  dkLen: 32,\n  onProgress(percentage) {\n    console.log('progress', percentage);\n  },\n  maxmem: 2 ** 32 + 128 * 8 * 1, // N * r * p * 128 + (128*r*p)\n});\n```\n\nMatches [RFC 7914](https://datatracker.ietf.org/doc/html/rfc7914), [Website](https://www.tarsnap.com/scrypt.html)\n\n- `N, r, p` are work factors. To understand them, see [the blog post](https://blog.filippo.io/the-scrypt-parameters/).\n- `dkLen` is the length of output bytes\n- It is common to use N from `2**10` to `2**22` and `{r: 8, p: 1, dkLen: 32}`\n- `onProgress` can be used with async version of the function to report progress to a user.\n\nMemory usage of scrypt is calculated with the formula `N * r * p * 128 + (128 * r * p)`, which means\n`{N: 2 ** 22, r: 8, p: 1}` will use 4GB + 1KB of memory. To prevent DoS, we limit scrypt to `1GB + 1KB` of RAM used,\nwhich corresponds to `{N: 2 ** 20, r: 8, p: 1}`. If you want to use higher values, increase `maxmem` using the formula above.\n\n_Note:_ noble supports `2**22` (4GB RAM) which is the highest amount amongst JS libs. Many other implementations don't support it.\nWe cannot support `2**23`, because there is a limitation in JS engines that makes allocating\narrays bigger than 4GB impossible, but we're looking into other possible solutions.\n\n##### utils\n\n```typescript\nimport { bytesToHex as toHex, randomBytes } from 'noble-hashes/lib/scrypt.js';\nconsole.log(toHex(randomBytes(32)));\n```\n\n- `bytesToHex` will convert `Uint8Array` to a hex string\n- `randomBytes(bytes)` will produce cryptographically secure random `Uint8Array` of length `bytes`\n\n## Security\n\nNoble is production-ready.\n\nThe library will be audited by an independent security firm in the next few months.\n\nThe library has been fuzzed by [Guido Vranken's cryptofuzz](https://github.com/guidovranken/cryptofuzz). You can run the fuzzer by yourself to check it.\n\nA note on [timing attacks](https://en.wikipedia.org/wiki/Timing_attack): _JIT-compiler_ and _Garbage Collector_ make \"constant time\" extremely hard to achieve in a scripting language. Which means _any other JS library can't have constant-timeness_. Even statically typed Rust, a language without GC, [makes it harder to achieve constant-time](https://www.chosenplaintext.ca/open-source/rust-timing-shield/security) for some cases. If your goal is absolute security, don't use any JS lib — including bindings to native ones. Use low-level libraries & languages. Nonetheless we're targetting algorithmic constant time.\n\nWe consider infrastructure attacks like rogue NPM modules very important; that's why it's crucial to minimize the amount of 3rd-party dependencies & native bindings. If your app uses 500 dependencies, any dep could get hacked and you'll be downloading rootkits with every `npm install`. Our goal is to minimize this attack vector.\n\n## Speed\n\nBenchmarks measured on Apple M1 with macOS 12 using 32-byte inputs.\nNote that PBKDF2 and Scrypt are tested with extremely high work factor.\nTo run benchmarks, execute `npm run bench-install` and then `npm run bench`\n\n```\nSHA256 x 1,131,221 ops/sec @ 884ns/op\nSHA384 x 452,284 ops/sec @ 2μs/op\nSHA512 x 451,059 ops/sec @ 2μs/op\nSHA3-256, keccak256, shake256 x 185,494 ops/sec @ 5μs/op\nKangaroo12 x 300,480 ops/sec @ 3μs/op\nMarsupilami14 x 269,614 ops/sec @ 3μs/op\nBLAKE2b x 291,375 ops/sec @ 3μs/op\nBLAKE2s x 505,561 ops/sec @ 1μs/op\nBLAKE3 x 576,036 ops/sec @ 1μs/op\nHMAC-SHA256 x 342,583 ops/sec @ 2μs/op\nRIPEMD160 noble x 1,191,895 ops/sec @ 839ns/op\nHKDF-SHA256 x 115,500 ops/sec @ 8μs/op\nPBKDF2-HMAC-SHA256 262144 x 2 ops/sec @ 338ms/op\nPBKDF2-HMAC-SHA512 262144 x 0 ops/sec @ 1024ms/op\nScrypt r: 8, p: 1, n: 262144 x 1 ops/sec @ 637ms/op\n```\n\nCompare to native node.js implementation that uses C bindings instead of pure-js code:\n\n```\nSHA256 32B native x 1,164,144 ops/sec @ 859ns/op\nSHA384 32B native x 938,086 ops/sec @ 1μs/op\nSHA512 32B native x 946,969 ops/sec @ 1μs/op\nSHA3 32B native x 879,507 ops/sec @ 1μs/op\nkeccak, k12, m14 are not implemented\nBLAKE2b 32B native x 879,507 ops/sec @ 1μs/op\nBLAKE2s 32B native x 977,517 ops/sec @ 1μs/op\nBLAKE3 is not implemented\nRIPEMD160 32B native x 913,242 ops/sec @ 1μs/op\nHMAC-SHA256 32B native x 755,287 ops/sec @ 1μs/op\nHKDF-SHA256 32B native x 207,856 ops/sec @ 4μs/op\nPBKDF2-HMAC-SHA256 262144 native x 23 ops/sec @ 42ms/op\nScrypt 262144 native x 1 ops/sec @ 564ms/op\nScrypt 262144 scrypt.js x 0 ops/sec @ 1678ms/op\n```\n\nIt is possible to [make this library 4x+ faster](./test/benchmark/README.md) by\n_doing code generation of full loop unrolls_. We've decided against it. Reasons:\n\n- the library must be auditable, with minimum amount of code, and zero dependencies\n- most method invocations with the lib are going to be something like hashing 32b to 64kb of data\n- hashing big inputs is 10x faster with low-level languages, which means you should probably pick 'em instead\n\nThe current performance is good enough when compared to other projects; SHA256 takes only 900 nanoseconds to run.\n\n## Contributing & testing\n\n1. Clone the repository.\n2. `npm install` to install build dependencies like TypeScript\n3. `npm run build` to compile TypeScript code\n4. `npm run test` will execute all main tests. See [our approach to testing](./test/README.md)\n5. `npm run test-dos` will test against DoS; by measuring function complexity. **Takes ~20 minutes**\n6. `npm run test-big` will execute hashing on 4GB inputs,\n   scrypt with 1024 different `N, r, p` combinations, etc. **Takes several hours**. Using 8-32+ core CPU helps.\n\n## License\n\nThe MIT License (MIT)\n\nCopyright (c) 2021 Paul Miller [(https://paulmillr.com)](https://paulmillr.com)\n\nSee LICENSE file.\n","_attachments":{},"homepage":"https://github.com/paulmillr/noble-hashes#readme","bugs":{"url":"https://github.com/paulmillr/noble-hashes/issues"},"license":"MIT"}