How to fix Node.js ERR_CRYPTO_HASH_UPDATE_FAILED Hash update() failed internally?

Ensure inputs are valid Buffers or strings: Providing a well-formed Buffer ensures OpenSSL receives valid input for the update.

How to fix Node.js ERR_CRYPTO_HASH_UPDATE_FAILED Hash update() failed internally?

Recreate the Hash if this error occurs unexpectedly: Creating a new Hash object provides a fresh OpenSSL EVP context.

ERR_CRYPTO_HASH_UPDATE_FAILED

Node.jsERRORNotableCryptoHIGH confidence

Hash update() failed internally

Production Risk

Rare — if seen in production, investigate OpenSSL version and native addon interactions.

What this means

Thrown when the internal OpenSSL hash update operation fails. This is rare and usually indicates a problem at the OpenSSL level, such as memory corruption, a problem with the EVP context, or an invalid state in the hash object caused by native code.

Why it happens

1Internal OpenSSL EVP_DigestUpdate failure (memory or state corruption)
2Hash object used from native addon after improper lifecycle management
3Passing an invalid buffer type that OpenSSL cannot process

How to reproduce

Triggered when the OpenSSL EVP_DigestUpdate call inside hash.update() returns a failure.

trigger — this will error

// Hard to reproduce in pure JS; typically from a corrupted native state
const { createHash } = require('crypto');
const hash = createHash('sha256');
hash.update(Buffer.alloc(0)); // usually fine, but invalid internal state can trigger

expected output

Error [ERR_CRYPTO_HASH_UPDATE_FAILED]: Hash update failed

Fix 1

Ensure inputs are valid Buffers or strings

WHEN When the input type is uncertain

Ensure inputs are valid Buffers or strings

const input = Buffer.isBuffer(data) ? data : Buffer.from(String(data));
hash.update(input);

Why this works

Providing a well-formed Buffer ensures OpenSSL receives valid input for the update.

Fix 2

Recreate the Hash if this error occurs unexpectedly

WHEN When recovering from an unexpected failure

Recreate the Hash if this error occurs unexpectedly

try {
  hash.update(data);
} catch (err) {
  if (err.code === 'ERR_CRYPTO_HASH_UPDATE_FAILED') {
    hash = createHash('sha256'); // reset
    hash.update(data);
  }
}

Why this works

Creating a new Hash object provides a fresh OpenSSL EVP context.

Code examples

Triggerjs

// Hard to reproduce in pure JS; typically from a corrupted native state
const { createHash } = require('crypto');
const hash = createHash('sha256');
hash.update(Buffer.alloc(0)); // usually fine, but invalid internal state can trigger  // this triggers ERR_CRYPTO_HASH_UPDATE_FAILED

Handle in try/catchjs

try {
  // operation that may throw ERR_CRYPTO_HASH_UPDATE_FAILED
  riskyOperation()
} catch (err) {
  if (err.code === 'ERR_CRYPTO_HASH_UPDATE_FAILED') {
    console.error('ERR_CRYPTO_HASH_UPDATE_FAILED:', err.message)
  } else {
    throw err
  }
}

Defensive pattern to avoid itjs

// Validate inputs before calling the operation
function safe_err_crypto_hash_update_failed(...args) {
  // validate args here
  return performOperation(...args)
}

What not to do

✕ Share Hash objects between threads or use them from native code improperly

Concurrent or mismanaged native access corrupts the OpenSSL context.

Same error in other languages

RuntimeErrorin Python→

Sources

Official documentation ↗

Node.js Error Codes Documentation

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformNode.js Error Codes

CodeERR_CRYPTO_HASH_UPDATE_FAILED

ClassCrypto

SeverityERROR

TierNotable

ConfidenceHIGH

← All Node.js errors