search

kjur / jsrsasign

The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES and JSON Web Signature/Token in pure JavaScript.
https://kjur.github.io/jsrsasign
Other
3.28k stars 645 forks source link

Message digest calculation different to openssl #565

Closed mariusheine closed 2 years ago

mariusheine commented 2 years ago

I try to calculate sha256 message digests for arbitrary files with the crypto.MessageDigest class.

The calculated digest should be equal to the outcome of openssl dgst -sha256 [file].

However this seems not to be the case.

Here is a reproduction repo: https://github.com/mariusheine/repro-jsrsasign-digest

I ran it with in a following environment: node -v v16.18.0 npm -v 8.19.2

To directly start using it you can simply open it via gitpod via https://gitpod.io/#https://github.com/mariusheine/repro-jsrsasign-digest

Thx in advance for your great library and hopefully you cna help me somehow.

kjur commented 2 years ago

Hi @mariusheine , I'll check it.

kjur commented 2 years ago

As for binary data, please use updateHex like this:

    const filepath = `${__dirname}/files/${filename}`;

    const messageDigest = new jsrsasign.KJUR.crypto.MessageDigest({
        alg: 'sha256',
        prov: 'cryptojs',
    });

    const dataHex = jsrsasign.rstrtohex(fs.readFileSync(filepath, 'binary'));
    messageDigest.updateHex(dataHex);
    const digest = messageDigest.digest();
mariusheine commented 2 years ago

@kjur Awesome thx a lot for your quick help.