UNPKG

@napi-rs/blake-hash/README.md

Version:

5.67 kBMarkdownView Raw

1# `@napi-rs/blake-hash`
2
3![https://github.com/Brooooooklyn/blake-hash/actions](https://github.com/Brooooooklyn/blake-hash/workflows/CI/badge.svg)
4![](https://img.shields.io/npm/dm/@napi-rs/blake-hash.svg?sanitize=true)
5[![Install size](https://packagephobia.com/badge?p=@napi-rs/blake-hash)](https://packagephobia.com/result?p=@napi-rs/blake-hash)
6
7Node.js binding for https://github.com/BLAKE3-team/BLAKE3. High performance, and no postinstall scripts.
8
9## Support matrix
10
11|                  | node12 | node14 | node16 |
12| ---------------- | ------ | ------ | ------ |
13| Windows x64      | ✓      | ✓      | ✓      |
14| Windows x32      | ✓      | ✓      | ✓      |
15| Windows arm64    | ✓      | ✓      | ✓      |
16| macOS x64        | ✓      | ✓      | ✓      |
17| macOS arm64      | ✓      | ✓      | ✓      |
18| Linux x64 gnu    | ✓      | ✓      | ✓      |
19| Linux x64 musl   | ✓      | ✓      | ✓      |
20| Linux arm gnu    | ✓      | ✓      | ✓      |
21| Linux arm64 gnu  | ✓      | ✓      | ✓      |
22| Linux arm64 musl | ✓      | ✓      | ✓      |
23| Android arm64    | ✓      | ✓      | ✓      |
24| FreeBSD x64      | ✓      | ✓      | ✓      |
25
26## Blake2
27
28Support `blake2b` `blake2bp` `blake2s` `blake2sp` algorithm.
29
30### Unkeyed Hash
31
32```js
33import { Blake2BHasher } from "@napi-rs/blake-hash";
34
35const hasher = new Blake2BHasher();
36hasher.update("content to be hash");
37hasher.digest("hex"); // could also be `base64` or `url-safe-base64`
38```
39
40### Keyed Hash
41
42```js
43import { Blake2BHasher, Blake2BParam } from "@napi-rs/blake-hash";
44
45const hashParams = new Blake2BParam();
46hashParams.personal("someone@email.com");
47const hash = Blake2BHasher.withParams(hashParams);
48
49hash.update("your secret");
50hash.digest("hex");
51```
52
53## Blake3
54
55### `Hash`
56
57#### Default hash function
58
59```js
60import { blake3 } from "@napi-rs/blake-hash";
61
62blake3("hello"); //ea8f163db38682925e4491c5e58d4bb3506ef8c14eb78a86e908c5624a67200f
63```
64
65#### Hasher
66
67```js
68import { Blake3Hasher } from "@napi-rs/blake-hash";
69
70const hasher = new Blake3Hasher();
71hasher.update("hello");
72hasher.digest("hex"); // ea8f163db38682925e4491c5e58d4bb3506ef8c14eb78a86e908c5624a67200f
73```
74
75### `KeyedHash`
76
77> Full documentation: https://docs.rs/blake3/latest/blake3/fn.keyed_hash.html
78
79```js
80import { randomBytes } from "crypto";
81
82import { Blake3Hasher } from "@napi-rs/blake-hash";
83
84const hasher = Blake3Hasher.newKeyed(randomBytes(32)); // The key must be 32 bytes
85hasher.update("hello");
86hasher.digest("hex"); // 9e8e05888735e59036c1ec66938f5bdb2b3933ce647918b739c23b699f1431a3
87```
88
89### `DeriveKey`
90
91Full documentation: https://docs.rs/blake3/latest/blake3/fn.derive_key.html
92
93> The key derivation function.
94>
95> Given cryptographic key material of any length and a context string of any length, this function outputs a 32-byte derived subkey. **The context string should be hardcoded, globally unique, and application-specific.** A good default format for such strings is `"[application] [commit timestamp] [purpose]"`, e.g., `"example.com 2019-12-25 16:18:03 session tokens v1"`.
96>
97> Key derivation is important when you want to use the same key in multiple algorithms or use cases. Using the same key with different cryptographic algorithms is generally forbidden, and deriving a separate subkey for each use case protects you from bad interactions. Derived keys also mitigate the damage from one part of your application accidentally leaking its key.
98>
99> As a rare exception to that general rule, however, it is possible to use `derive_key` itself with key material that you are already using with another algorithm. You might need to do this if you're adding features to an existing application, which does not yet use key derivation internally.
100>
101> However, you still must not share key material with algorithms that forbid key reuse entirely, like a one-time pad. For more on this, see sections 6.2 and 7.8 of the [BLAKE3 paper](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf).
102>
103> Note that BLAKE3 is not a password hash, and **`derive_key` should never be used with passwords.** Instead, use a dedicated password hash like [Argon2]. Password hashes are entirely different from generic hash functions, with opposite design requirements.
104>
105> [argon2]: https://en.wikipedia.org/wiki/Argon2
106
107```js
108import { Blake3Hasher } from "@napi-rs/blake-hash";
109
110const context = "BLAKE3 2021-11-10 12:13:59 example context";
111
112const hasher = Blake3Hasher.newDeriveKey(context);
113hasher.update("hello");
114hasher.digest("hex"); // e186adf36b0c4e421b2baa881e158a4b3b074626882a6e1dfb231aebb7e149ee
115```
116
117## Performance
118
119Compare with [`blake3`](https://github.com/connor4312/blake3) and [`blake2`](https://github.com/vrza/node-blake2).
120
121> Benchmark results were generated from GitHub Codespaces.
122
123```
124Running "digest big file blake2b" suite...
125Progress: 100%
126
127  blake2b-napi:
128    1 251 ops/s, ±0.49%   | fastest
129
130  blake2b-c++:
131    626 ops/s, ±2.11%     | slowest, 49.96% slower
132
133Finished 2 cases!
134  Fastest: blake2b-napi
135  Slowest: blake2b-c++
136Running "digest big file blake2s" suite...
137Progress: 100%
138
139  blake2s-napi:
140    745 ops/s, ±0.47%   | fastest
141
142  blake2s-c++:
143    604 ops/s, ±0.56%   | slowest, 18.93% slower
144
145Finished 2 cases!
146  Fastest: blake2s-napi
147  Slowest: blake2s-c++
148Running "digest big file blake3" suite...
149Progress: 100%
150
151  blake3-napi:
152    6 747 ops/s, ±0.90%   | fastest
153
154  blake3-neon:
155    6 669 ops/s, ±1.04%   | slowest, 1.16% slower
156
157Finished 2 cases!
158  Fastest: blake3-napi
159  Slowest: blake3-neon
160```
161
162## Other implementations
163
164- https://github.com/connor4312/blake3
165- https://github.com/vrza/node-blake2

1	# `@napi-rs/blake-hash`
2
3	`![https://github.com/Brooooooklyn/blake-hash/actions](https://github.com/Brooooooklyn/blake-hash/workflows/CI/badge.svg)`
4	`![](https://img.shields.io/npm/dm/@napi-rs/blake-hash.svg?sanitize=true)`
5	`[![Install size](https://packagephobia.com/badge?p=@napi-rs/blake-hash)](https://packagephobia.com/result?p=@napi-rs/blake-hash)`
6
7	`Node.js binding for https://github.com/BLAKE3-team/BLAKE3. High performance, and no postinstall scripts.`
8
9	`## Support matrix`
10
11	`\| \| node12 \| node14 \| node16 \|`
12	`\| ---------------- \| ------ \| ------ \| ------ \|`
13	`\| Windows x64 \| ✓ \| ✓ \| ✓ \|`
14	`\| Windows x32 \| ✓ \| ✓ \| ✓ \|`
15	`\| Windows arm64 \| ✓ \| ✓ \| ✓ \|`
16	`\| macOS x64 \| ✓ \| ✓ \| ✓ \|`
17	`\| macOS arm64 \| ✓ \| ✓ \| ✓ \|`
18	`\| Linux x64 gnu \| ✓ \| ✓ \| ✓ \|`
19	`\| Linux x64 musl \| ✓ \| ✓ \| ✓ \|`
20	`\| Linux arm gnu \| ✓ \| ✓ \| ✓ \|`
21	`\| Linux arm64 gnu \| ✓ \| ✓ \| ✓ \|`
22	`\| Linux arm64 musl \| ✓ \| ✓ \| ✓ \|`
23	`\| Android arm64 \| ✓ \| ✓ \| ✓ \|`
24	`\| FreeBSD x64 \| ✓ \| ✓ \| ✓ \|`
25
26	`## Blake2`
27
28	Support `blake2b` `blake2bp` `blake2s` `blake2sp` algorithm.
29
30	`### Unkeyed Hash`
31
32	```js
33	`import { Blake2BHasher } from "@napi-rs/blake-hash";`
34
35	`const hasher = new Blake2BHasher();`
36	`hasher.update("content to be hash");`
37	hasher.digest("hex"); // could also be `base64` or `url-safe-base64`
38	```
39
40	`### Keyed Hash`
41
42	```js
43	`import { Blake2BHasher, Blake2BParam } from "@napi-rs/blake-hash";`
44
45	`const hashParams = new Blake2BParam();`
46	`hashParams.personal("someone@email.com");`
47	`const hash = Blake2BHasher.withParams(hashParams);`
48
49	`hash.update("your secret");`
50	`hash.digest("hex");`
51	```
52
53	`## Blake3`
54
55	### `Hash`
56
57	`#### Default hash function`
58
59	```js
60	`import { blake3 } from "@napi-rs/blake-hash";`
61
62	`blake3("hello"); //ea8f163db38682925e4491c5e58d4bb3506ef8c14eb78a86e908c5624a67200f`
63	```
64
65	`#### Hasher`
66
67	```js
68	`import { Blake3Hasher } from "@napi-rs/blake-hash";`
69
70	`const hasher = new Blake3Hasher();`
71	`hasher.update("hello");`
72	`hasher.digest("hex"); // ea8f163db38682925e4491c5e58d4bb3506ef8c14eb78a86e908c5624a67200f`
73	```
74
75	### `KeyedHash`
76
77	`> Full documentation: https://docs.rs/blake3/latest/blake3/fn.keyed_hash.html`
78
79	```js
80	`import { randomBytes } from "crypto";`
81
82	`import { Blake3Hasher } from "@napi-rs/blake-hash";`
83
84	`const hasher = Blake3Hasher.newKeyed(randomBytes(32)); // The key must be 32 bytes`
85	`hasher.update("hello");`
86	`hasher.digest("hex"); // 9e8e05888735e59036c1ec66938f5bdb2b3933ce647918b739c23b699f1431a3`
87	```
88
89	### `DeriveKey`
90
91	`Full documentation: https://docs.rs/blake3/latest/blake3/fn.derive_key.html`
92
93	`> The key derivation function.`
94	`>`
95	> Given cryptographic key material of any length and a context string of any length, this function outputs a 32-byte derived subkey. The context string should be hardcoded, globally unique, and application-specific. A good default format for such strings is `"[application] [commit timestamp] [purpose]"`, e.g., `"example.com 2019-12-25 16:18:03 session tokens v1"`.
96	`>`
97	`> Key derivation is important when you want to use the same key in multiple algorithms or use cases. Using the same key with different cryptographic algorithms is generally forbidden, and deriving a separate subkey for each use case protects you from bad interactions. Derived keys also mitigate the damage from one part of your application accidentally leaking its key.`
98	`>`
99	> As a rare exception to that general rule, however, it is possible to use `derive_key` itself with key material that you are already using with another algorithm. You might need to do this if you're adding features to an existing application, which does not yet use key derivation internally.
100	`>`
101	`> However, you still must not share key material with algorithms that forbid key reuse entirely, like a one-time pad. For more on this, see sections 6.2 and 7.8 of the [BLAKE3 paper](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf).`
102	`>`
103	> Note that BLAKE3 is not a password hash, and `derive_key` should never be used with passwords. Instead, use a dedicated password hash like [Argon2]. Password hashes are entirely different from generic hash functions, with opposite design requirements.
104	`>`
105	`> [argon2]: https://en.wikipedia.org/wiki/Argon2`
106
107	```js
108	`import { Blake3Hasher } from "@napi-rs/blake-hash";`
109
110	`const context = "BLAKE3 2021-11-10 12:13:59 example context";`
111
112	`const hasher = Blake3Hasher.newDeriveKey(context);`
113	`hasher.update("hello");`
114	`hasher.digest("hex"); // e186adf36b0c4e421b2baa881e158a4b3b074626882a6e1dfb231aebb7e149ee`
115	```
116
117	`## Performance`
118
119	Compare with [`blake3`](https://github.com/connor4312/blake3) and [`blake2`](https://github.com/vrza/node-blake2).
120
121	`> Benchmark results were generated from GitHub Codespaces.`
122
123	```
124	`Running "digest big file blake2b" suite...`
125	`Progress: 100%`
126
127	`blake2b-napi:`
128	`1 251 ops/s, ±0.49% \| fastest`
129
130	`blake2b-c++:`
131	`626 ops/s, ±2.11% \| slowest, 49.96% slower`
132
133	`Finished 2 cases!`
134	`Fastest: blake2b-napi`
135	`Slowest: blake2b-c++`
136	`Running "digest big file blake2s" suite...`
137	`Progress: 100%`
138
139	`blake2s-napi:`
140	`745 ops/s, ±0.47% \| fastest`
141
142	`blake2s-c++:`
143	`604 ops/s, ±0.56% \| slowest, 18.93% slower`
144
145	`Finished 2 cases!`
146	`Fastest: blake2s-napi`
147	`Slowest: blake2s-c++`
148	`Running "digest big file blake3" suite...`
149	`Progress: 100%`
150
151	`blake3-napi:`
152	`6 747 ops/s, ±0.90% \| fastest`
153
154	`blake3-neon:`
155	`6 669 ops/s, ±1.04% \| slowest, 1.16% slower`
156
157	`Finished 2 cases!`
158	`Fastest: blake3-napi`
159	`Slowest: blake3-neon`
160	```
161
162	`## Other implementations`
163
164	`- https://github.com/connor4312/blake3`
165	`- https://github.com/vrza/node-blake2`