Forge vs Crypto wrong SHA-1 and question #583
Comments
alexandercerutti
changed the title
|
You may be having buffer or encoding issues. Do you have a short test case? It's easier to find problems that way. Forge should produce the correct results when used properly. Unfortunately there are some buffer and encoding API issues that make it more difficult to use than it should be. Fixing those are on the roadmap but we don't have a timeline for such improvements. |
|
First of all, thank you for the answer. let hashFlowForge = forge.md.sha1.create();
let hashFlow = crypto.createHash("sha1");
fs.createReadStream( **here a valid path of a file** )
.on("data", function(data) {
hashFlowForge.update(data);
hashFlow.update(data);
})
.on("end", function() {
console.log(hashFlowForge.digest().toHex())
console.log(hashFlow.digest("hex"))
});And, as I said before, the correct returned result is the Crypto one. Is the above code okay with your request? |
|
forge digests expect a binary string and does not work as expected when using node buffers directly. You need to convert the buffer to a binary string using the following program prints the following text, demonstating the issue (when using asciii only, the result is correct in all 3 cases): |
|
Thank you very much @MaxFichtelmann! It works! |
|
Yeah, that should work. There are some other ways to get a similar effect. We'd love a better docs. Patches are always welcome! |
|
I would contribute, but I'm completely a noob in the cryptographic field. I might help into creating a "nice formatted way" in which you can put descriptions, if you are interested. Not for spamming, but I did this documentation for a project of mine, if you are interested. |
|
We probably want docs autogenerated from the code comments. If you want to work on such a thing, open an issue and we can discuss. I imagine the doc strings there now need a bunch of cleanup for starters. Is this issue resolved now? |
|
Yep this is resolved, thank you :) |
Following this issue, I'm having the same problem with SHA-1.
In my case, I'm using Forge to calculate the SHA-1 of a file content from its Buffer.
Comparing Crypto to Forge results, I get something like this:
And the crypto is the correct one. How can I say that? I'm working with a Node.JS Apple Passes creator and macOS's Console app reports me that Forge sha1 is wrong (and it gives Crypto's one as the right one).
The issue ticket above has been closed with a "resolving this issue is on the roadmap".
Is this issue expected to be solved in short time or approximately how much? And the resolution regards only the SHA-256 or all SHAs?
Also, I have a question. When in your code say "raw" in the
md.updatemethod, you mean Buffer or whatever else? Thank you very much.The text was updated successfully, but these errors were encountered: