The SubtleCrypto.digest() method returns a Promise of a digest generated from the hash function and text given as parameters.
Warning: Older insecure hash functions, like MD5, are not supported by this method. Even a supported method, SHA-1, is considered weak, has been broken and should be avoided for cryptographic applications.
Syntax
var hash = crypto.subtle.digest(algo, buffer);
Parameters
algois aDOMStringdefining the hash function to use. Supported values are:SHA-1,SHA-256,SHA-384, andSHA-512.bufferis anArrayBufferor anArrayBufferViewcontaining the data to be hashed using the hashing algorithm.
Return value
hashis aPromisethat returns anArrayBufferof the hash on success.
Example
Here's an example that computes the sha256 of a string and display its hex digest.
function sha256(str) {
// We transform the string into an arraybuffer.
var buffer = new TextEncoder("utf-8").encode(str);
return crypto.subtle.digest("SHA-256", buffer).then(function (hash) {
return hex(hash);
});
}
function hex(buffer) {
var hexCodes = [];
var view = new DataView(buffer);
for (var i = 0; i < view.byteLength; i += 4) {
// Using getUint32 reduces the number of iterations needed (we process 4 bytes each time)
var value = view.getUint32(i)
// toString(16) will give the hex representation of the number without padding
var stringValue = value.toString(16)
// We use concatenation and slice for padding
var padding = '00000000'
var paddedValue = (padding + stringValue).slice(-padding.length)
hexCodes.push(paddedValue);
}
// Join all the hex strings into one
return hexCodes.join("");
}
sha256("foobar").then(function(digest) {
console.log(digest);
}); // outputs "c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2"
And an example using async/await.
async function sha256(message) {
// encode as UTF-8
const msgBuffer = new TextEncoder('utf-8').encode(message);
// hash the message
const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
// convert ArrayBuffer to Array
const hashArray = Array.from(new Uint8Array(hashBuffer));
// convert bytes to hex string
const hashHex = hashArray.map(b => ('00' + b.toString(16)).slice(-2)).join('');
return hashHex;
}
sha256('abc').then(hash => console.log(hash));
(async function() {
const hash = await sha256('abc');
}());
Specifications
| Specification | Status | Comment |
|---|---|---|
| Web Cryptography API The definition of 'SubtleCrypto.digest()' in that specification. |
Recommendation | Initial definition. |
Browser compatibility
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
| Feature | Chrome | Edge | Firefox | Internet Explorer | Opera | Safari |
|---|---|---|---|---|---|---|
| Basic support | 37 | 12 | 34 32 — 341 | 112 | 24 | 7 |
| Feature | Android webview | Chrome for Android | Edge mobile | Firefox for Android | Opera Android | iOS Safari | Samsung Internet |
|---|---|---|---|---|---|---|---|
| Basic support | 37 | 37 | 12 | 34 32 — 341 | 24 | 7 | 6.0 |
1. From version 32 until version 34 (exclusive): this feature is behind the dom.webcrypto.enabled preference (needs to be set to true). To change preferences in Firefox, visit about:config.
2. Returns CryptoOperation instead of Promise
See also
CryptoandCrypto.subtle.SubtleCrypto, the interface it belongs to.
Document Tags and Contributors
Tags:
Contributors to this page:
gregtatum,
fscholz,
vitaly-zdanevich,
fhenneke,
programmer5000,
tophf,
bergus,
chrisveness,
abbycar,
teemuremes,
pstricker,
Sebastianz,
GaspardP,
ttaubert,
tOkeshu,
teoli,
mesh.a
Last updated by:
gregtatum,