How can I convert Sha-512 hash in Java to its Node.js equivalent

Question

I have a simple hashing function in Java that I rewrote in Node.js but they produce different result.

Here is the Java:

public static String get_SHA_512_SecurePassword(String str, String customerId) {
    try {
        MessageDigest instance = MessageDigest.getInstance("SHA-512");
        instance.update(customerId.getBytes(StandardCharsets.UTF_8));
        byte[] digest = instance.digest(str.getBytes(StandardCharsets.UTF_8));
        StringBuilder sb = new StringBuilder();
        for (byte b : digest) {
            sb.append(Integer.toString((b & 255) + 256, 16).substring(1));
        }
        return sb.toString();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
        return null;
    }
}

and here is the Node.js equivalent I produced.

let crypto = require('crypto');

function get_SHA_512_SecurePassword(str, customerId) {
    let hash = crypto.createHash('sha512')
    hash.update(customerId, 'utf8')
    let value = hash.digest(str, 'uft8')
    console.log(value.toString('hex'))
    return value.toString('hex');
}

Can anyone explain what I am doing wrong or why they are different if I reproduced right?

Answer 1

You're very nearly there, the issue is that the .digest function does not take an argument in Node.js, so we'll call .update twice, once with customerId, then with str. We don't actually need to pass the string encoding to the .update function since utf8 is the default encoding.

const crypto = require('crypto');

function get_SHA_512_SecurePassword(str, customerId) {
    const hash = crypto.createHash('sha512');
    const digest = hash.update(customerId, "utf-8").update(str, "utf-8").digest();
    return digest.toString("hex");
}

console.log(get_SHA_512_SecurePassword("hello", "world"));

This Node.js example outputs:

3e64afa1cb7d643aa36f63b8d092ad76b1f04ff557abbb3d05f5b9037abf68a6606a8885d51bec8f6f39ee7d0badd504241c3704e777a51c21a9723e285fb9b8

Which should be the same output as the Java code.

Answer 2

Your problem is that you use the crypto wrong in node.js. The digest() method in java is a little different than in crypto in node.js

Java MessageDigest Api Doc

digest(byte[] input) Performs a final update on the digest using the specified array of bytes, then completes the digest computation.

So in java you provide another string in digest and consumes it to produce a new hash and then produces the output

In node.js however the documentation for hmac.digest() states Crypto Doc

hmac.digest([encoding])

Calculates the HMAC digest of all of the data passed using hmac.update(). If encoding is provided a string is returned; otherwise a Buffer is returned;

So it will not accept another string to be encoded like you pass str in that function. It will accept only an encoding.

So in your code

function get_SHA_512_SecurePassword(str, customerId) {
    let hash = crypto.createHash('sha512')
    hash.update(customerId, 'utf8')
    let value = hash.digest(str, 'uft8') <-----this is wrong
    console.log(value.toString('hex'))
    return value.toString('hex');
}

The following would be the right one

  function get_SHA_512_SecurePassword(str, customerId) {
        let hash = crypto.createHash('sha512')

        hash.update(customerId, 'utf8')
        hash.update(str, 'utf8')
        let value = hash.digest('hex')

        console.log(value)
        return value;
    }