Node: crypto: add support for SHA3

Created on 1 Apr 2015 · 16Comments · Source: nodejs/node

It would be great to add support for SHA3 (Keccak) algorithm to crypto.createHash, cause NIST has approved it in back October 2012 and we need to install third-party extensions in our days to use it.

crypto

Source

bricss

👍2

Most helpful comment

Just wanted to mention that Keccak support is in OpenSSL (but unreleased as of yet): https://github.com/openssl/openssl/issues/439 so SHA3 will presumably get supported once the next OpenSSL gets out and Node upgrades to it.

passcod on 20 Sep 2017

👍4 ❤1

All 16 comments

Is SHA-3 even standardized yet? I don't think OpenSSL supports it yet either...

mscdex on 1 Apr 2015

Nope, it's not...

bricss on 1 Apr 2015

I don't think we support anything in core that isn't in OpenSSL.

We'll be upgrading to OpenSSL 1.0.2 soon, if that helps. (#589)

Fishrock123 on 1 Apr 2015

Yes, I agree, I should to first check OpenSSL for SHA3 support.

bricss on 1 Apr 2015

passcod on 20 Sep 2017

👍4 ❤1

Please reopen, please see https://www.openssl.org/blog/blog/2018/09/11/release111/

OpenSSL 1.1.1 Is Released
...
Support for various new cryptographic algorithms including:
SHA3
....

ppKrauss on 31 Jan 2019

@ppKrauss have you tried node 11.9.0? crypto.getHashes() suggests 'sha3' is supported.

sam-github on 31 Jan 2019

❤1 👍1

Thanks @sam-github , seems the problem... How to check my crypto-module version?

https://stackoverflow.com/q/54469183/287948

ppKrauss on 31 Jan 2019

Sorry @sam-github , now is working!

UBUNTU apt is ugly and confuse never updated NodeJS (!), but sudo n latest upgraded from "v8.8.1" to "v11.9.0"... Now is working fine (RSA-SHA3-256) !

Any clues about this question, "how to check crypto module version?"

ppKrauss on 31 Jan 2019

node -p process.versions.openssl

sam-github on 1 Feb 2019

👍3

It's in mind to implement that on previous LTS versions?

I am in 8.12.0
> crypto.getHashes()
>[ 'DSA', 'DSA-SHA', 'DSA-SHA1', 'DSA-SHA1-old', 'RSA-MD4', 'RSA-MD5', 'RSA-MDC2', 'RSA-RIPEMD160', 'RSA-SHA', 'RSA-SHA1', 'RSA-SHA1-2', 'RSA-SHA224', 'RSA-SHA256', 'RSA-SHA384', 'RSA-SHA512', 'dsaEncryption', 'dsaWithSHA', 'dsaWithSHA1', 'dss1', 'ecdsa-with-SHA1', 'md4', 'md4WithRSAEncryption', 'md5', 'md5WithRSAEncryption', 'mdc2', 'mdc2WithRSA', 'ripemd', 'ripemd160', 'ripemd160WithRSA', 'rmd160', 'sha', 'sha1', 'sha1WithRSAEncryption', 'sha224', 'sha224WithRSAEncryption', 'sha256', 'sha256WithRSAEncryption', 'sha384', 'sha384WithRSAEncryption', 'sha512', 'sha512WithRSAEncryption', 'shaWithRSAEncryption', 'ssl2-md5', 'ssl3-md5', 'ssl3-sha1', 'whirlpool' ]

RSginer on 22 May 2019

@RSginer OpenSSL 1.1.1 has already been backported to v10.x and will be in the next v10.x release. v8.x still only has OpenSSL 1.0.2 and there is no PR to backport OpenSSL 1.1.1 to that branch yet. It's unlikely v8.x will get it as it's been in maintenance mode since the beginning of this year and will EOL in December.

mscdex on 22 May 2019

👍3

@mscdex great! Thanks a lot

RSginer on 22 May 2019

@RSginer OpenSSL 1.1.1 has already been backported to v10.x and will be in the next v10.x release. v8.x still only has OpenSSL 1.0.2 and there is no PR to backport OpenSSL 1.1.1 to that branch yet. It's unlikely v8.x will get it as it's been in maintenance mode since the beginning of this year and will EOL in December.

I'm not sure that this made it in. I updated to 10.15.3 and there's no sha-3

C:\foo>node -v
v10.15.3
C:\foo>node -p process.versions.openssl
1.1.0j
C:\foo>node
> require('crypto').getHashes()
[ 'RSA-MD4',
  'RSA-MD5',
  'RSA-MDC2',
  'RSA-RIPEMD160',
  'RSA-SHA1',
  'RSA-SHA1-2',
  'RSA-SHA224',
  'RSA-SHA256',
  'RSA-SHA384',
  'RSA-SHA512',
  'blake2b512',
  'blake2s256',
  'md4',
  'md4WithRSAEncryption',
  'md5',
  'md5-sha1',
  'md5WithRSAEncryption',
  'mdc2',
  'mdc2WithRSA',
  'ripemd',
  'ripemd160',
  'ripemd160WithRSA',
  'rmd160',
  'sha1',
  'sha1WithRSAEncryption',
  'sha224',
  'sha224WithRSAEncryption',
  'sha256',
  'sha256WithRSAEncryption',
  'sha384',
  'sha384WithRSAEncryption',
  'sha512',
  'sha512WithRSAEncryption',
  'ssl3-md5',
  'ssl3-sha1',
  'whirlpool' ]
>

troppoli on 16 Jul 2019

@troppoli You will find it in Node.js >= 12

bricss on 16 Jul 2019

@bricss @RSginer Sorry for the fire drill, my update to latest didn't get me the latest in LTS 10.16.0, and that does have sha-3

C:\foo>node -v
v10.16.0

C:\foo>node
> require('crypto').getHashes()
[ 'RSA-MD4',
  'RSA-MD5',
  'RSA-MDC2',
  'RSA-RIPEMD160',
  'RSA-SHA1',
  'RSA-SHA1-2',
  'RSA-SHA224',
  'RSA-SHA256',
  'RSA-SHA3-224',
  'RSA-SHA3-256',
  'RSA-SHA3-384',
  'RSA-SHA3-512',
  'RSA-SHA384',
  'RSA-SHA512',
  'RSA-SHA512/224',
  'RSA-SHA512/256',
  'RSA-SM3',
  'blake2b512',
  'blake2s256',
  'id-rsassa-pkcs1-v1_5-with-sha3-224',
  'id-rsassa-pkcs1-v1_5-with-sha3-256',
  'id-rsassa-pkcs1-v1_5-with-sha3-384',
  'id-rsassa-pkcs1-v1_5-with-sha3-512',
  'md4',
  'md4WithRSAEncryption',
  'md5',
  'md5-sha1',
  'md5WithRSAEncryption',
  'mdc2',
  'mdc2WithRSA',
  'ripemd',
  'ripemd160',
  'ripemd160WithRSA',
  'rmd160',
  'sha1',
  'sha1WithRSAEncryption',
  'sha224',
  'sha224WithRSAEncryption',
  'sha256',
  'sha256WithRSAEncryption',
  'sha3-224',
  'sha3-256',
  'sha3-384',
  'sha3-512',
  'sha384',
  'sha384WithRSAEncryption',
  'sha512',
  'sha512-224',
  'sha512-224WithRSAEncryption',
  'sha512-256',
  'sha512-256WithRSAEncryption',
  'sha512WithRSAEncryption',
  'shake128',
  'shake256',
  'sm3',
  'sm3WithRSAEncryption',
  'ssl3-md5',
  'ssl3-sha1',
  'whirlpool' ]
>

troppoli on 16 Jul 2019

Was this page helpful?

0 / 5 - 0 ratings