An invalid crypto digest algorithm was used.

Q: How to fix Node.js ERR_CRYPTO_INVALID_DIGEST An invalid crypto digest algorithm was used.?

Use a Supported Algorithm: Use a known, valid digest algorithm. You can get a list of all available algorithms by calling `crypto.getHashes()`.

Q: How to fix Node.js ERR_CRYPTO_INVALID_DIGEST An invalid crypto digest algorithm was used.?

Validate Dynamic Algorithm Names: If the algorithm name is not a fixed string, validate it against the array of supported hashes returned by `crypto.getHashes()` before using it.

Production Risk

Low. This is typically a configuration or startup error that is caught during development. If it occurs in production, it's likely due to a misconfiguration.

What this means

This error is thrown by the `crypto` module when you try to use a digest algorithm (a hash function) that is not supported by the version of OpenSSL that your Node.js binary was compiled with. For example, using a misspelled algorithm name or an obsolete one like 'md2' will trigger this error.

Why it happens

1A typo in the algorithm name (e.g., 'sha265' instead of 'sha256').
2Attempting to use an algorithm that is not supported or has been deprecated for security reasons.
3Dynamically generating an algorithm name that results in an invalid string.

How to reproduce

This error occurs when `crypto.createHash()`, `crypto.createHmac()`, or similar methods are called with an algorithm name that is not found in the list of available digests.

trigger — this will error

const crypto = require('crypto');
try {
  // 'sha3-512' is a valid algorithm, but 'sha3' is not.
  crypto.createHash('sha3');
} catch (err) {
  console.error(err.message);
}

expected output

Digest method not supported

Fix 1

Use a Supported Algorithm

WHEN Creating a hash, HMAC, or other cryptographic primitive that requires a digest.

Use a Supported Algorithm

const crypto = require('crypto');
// Use a valid and secure algorithm like 'sha256'.
const hash = crypto.createHash('sha256');
hash.update('some data');
console.log(hash.digest('hex'));

Why this works

Use a known, valid digest algorithm. You can get a list of all available algorithms by calling `crypto.getHashes()`.

Fix 2

Validate Dynamic Algorithm Names

WHEN The algorithm name is provided by user input or configuration.

Validate Dynamic Algorithm Names

const crypto = require('crypto');
const supportedAlgs = crypto.getHashes();

function createHashFromConfig(alg) {
  if (!supportedAlgs.includes(alg)) {
    throw new Error('Unsupported hash algorithm: ' + alg);
  }
  return crypto.createHash(alg);
}

Why this works

If the algorithm name is not a fixed string, validate it against the array of supported hashes returned by `crypto.getHashes()` before using it.

Code examples

Triggerjs

const crypto = require('crypto');
try {
  // 'sha3-512' is a valid algorithm, but 'sha3' is not.
  crypto.createHash('sha3');
} catch (err) {
  console.error(err.message);  // this triggers ERR_CRYPTO_INVALID_DIGEST

Handle in try/catchjs

try {
  // operation that may throw ERR_CRYPTO_INVALID_DIGEST
  riskyOperation()
} catch (err) {
  if (err.code === 'ERR_CRYPTO_INVALID_DIGEST') {
    console.error('ERR_CRYPTO_INVALID_DIGEST:', err.message)
  } else {
    throw err
  }
}

Defensive pattern to avoid itjs

const { getHashes } = require('crypto')
function createHash(alg) {
  if (!getHashes().includes(alg)) throw new Error(`Unsupported hash: ${alg}`)
  return require('crypto').createHash(alg)
}

What not to do

Same error in other languages

ValueError (unknown hash)in Python→

Sources

Official documentation ↗

https://github.com/nodejs/node/blob/main/src/crypto/crypto_util.cc

More information ↗

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformNode.js Error Codes

CodeERR_CRYPTO_INVALID_DIGEST

ClassCrypto

SeverityERROR

TierNotable

ConfidenceHIGH

← All Node.js errors