Node.js Crypto Module
The pack contained all methos of the crypto node js module, the cards with methods description and code examples. Start learning process to getting cards direct to your messenger in case to learn Node.js Crypto Module from scratch or fill up your technical gaps.
You can start studying this pack. You'll receive 580 messages to help you review each card multiple times, following the principles of the forgetting curve.
Learn more about the spaced repetition method.Start Training
Schedule daily card reviews to quickly memorize or solidify the knowledge until it becomes second nature.
Learn more about daily practices.1/ 145
Crypto
The node:crypto module provides cryptographic functionality that includes a set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify functions.
Crypto
The node:crypto module provides cryptographic functionality that includes a set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify functions.
1/145
Determining if crypto support is unavailable
It is possible for Node.js to be built without including support for the node:crypto module. In such cases, attempting to import from crypto or calling require('node:crypto') will result in an error being thrown.
2/145
Class: Certificate
SPKAC is a Certificate Signing Request mechanism originally implemented by Netscape and was specified formally as part of HTML5's keygen element.
<keygen> is deprecated since HTML 5.2 and new projects should not use this element anymore.
3/145
exportChallenge
Exports a cryptographic challenge associated with a certificate, often used in secure communication protocols to verify ownership of a certificate or domain.
4/145
exportPublicKey
It allows to extract the public key material, which can then be used for cryptographic operations like encryption, signature verification, or sharing securely.
5/145
verifySpkac
It is used to verify and decode a SPKAC (Signed Public Key and Challenge) structure.
SPKAC is typically generated as part of the key generation and certificate signing request process in browsers.
6/145
Class: Cipher
Extends: <stream.Transform>
Instances of the Cipher class are used to encrypt data.
7/145
cipher.final()
It is used to finalize the encryption process.
After encrypting data in chunks using a Cipher object, you call cipher.final() to generate the final encrypted data block.
8/145
cipher.getAuthTag()
It is used with authenticated encryption modes, such as GCM (Galois/Counter Mode), to retrieve the authentication tag generated during the encryption process.
9/145
cipher.setAAD()
When using an authenticated encryption mode (GCM, CCM, OCB, and chacha20-poly1305 are currently supported), the method sets the value used for the additional authenticated data (AAD) input parameter.
10/145
setAutoPadding()
When using block encryption algorithms, the Cipher class will automatically add padding to the input data to the appropriate block size.
To disable the default padding call cipher.setAutoPadding(false).
11/145
update()
Updates the cipher with data.
If the inputEncoding argument is given, the data argument is a string using the specified encoding.
12/145
Class: Decipher
Extends: <stream.Transform>
Instances of the Decipher class are used to decrypt data.
13/145
final()
Once the decipher.final() method has been called, the Decipher object can no longer be used to decrypt data.
Attempts to call decipher.final() more than once will result in an error being thrown.
14/145
decipher.setAAD()
When using an authenticated encryption mode (GCM, CCM, OCB, and chacha20-poly1305 are currently supported), the decipher.setAAD() method sets the value used for the additional authenticated data (AAD) input parameter.
15/145
decipher.setAuthTag(buffer[, encoding])
buffer <string> | <Buffer> | <ArrayBuffer> | <TypedArray> | <DataView>
encoding <string> String encoding to use when buffer is a string.
Returns: <Decipher> The same Decipher for method chaining.
16/145
decipher.setAutoPadding([autoPadding])
autoPadding <boolean> Default: true
Returns: <Decipher> The same Decipher for method chaining.
Turning auto padding off will only work if the input data's length is a multiple of the ciphers block size.
17/145
decipher.update(data[, inputEncoding][, outputEncoding])
data <string> | <Buffer> | <TypedArray> | <DataView>
inputEncoding <string> The encoding of the data string.
outputEncoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
18/145
Class: DiffieHellman
The DiffieHellman class is a utility for creating Diffie-Hellman key exchanges.
Instances of the DiffieHellman class can be created using the crypto.createDiffieHellman() function.
19/145
diffieHellman.computeSecret(otherPublicKey[, inputEncoding][, outputEncoding])
otherPublicKey <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
inputEncoding <string> The encoding of an otherPublicKey string.
outputEncoding <string> The encoding of the return value.
20/145
diffieHellman.generateKeys([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
21/145
diffieHellman.getGenerator([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
Returns the Diffie-Hellman generator in the specified encoding. If encoding is provided a string is returned; otherwise a Buffer is returned.
22/145
diffieHellman.getPrime([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
Returns the Diffie-Hellman prime in the specified encoding. If encoding is provided a string is returned; otherwise a Buffer is returned.
23/145
diffieHellman.getPrivateKey([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
Returns the Diffie-Hellman private key in the specified encoding. If encoding is provided a string is returned; otherwise a Buffer is returned.
24/145
diffieHellman.getPublicKey([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
Returns the Diffie-Hellman public key in the specified encoding. If encoding is provided a string is returned; otherwise a Buffer is returned.
25/145
diffieHellman.setPrivateKey(privateKey[, encoding])
privateKey <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
encoding <string> The encoding of the privateKey string.
26/145
diffieHellman.setPublicKey(publicKey[, encoding])
publicKey <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
encoding <string> The encoding of the publicKey string.
27/145
diffieHellman.verifyError
A bit field containing any warnings and/or errors resulting from a check performed during initialization of the DiffieHellman object.
The following values are valid for this property (as defined in node:constants module):
DH_CHECK_P_NOT_SAFE_PRIME
DH_CHECK_P_NOT_PRIME
DH_NOT_SUITABLE_GENERATOR
28/145
Class: DiffieHellmanGroup
The DiffieHellmanGroup class takes a well-known modp group as its argument. It works the same as DiffieHellman, except that it does not allow changing its keys after creation. In other words, it does not implement setPublicKey() or setPrivateKey() methods.
29/145
Class: ECDH
The ECDH class is a utility for creating Elliptic Curve Diffie-Hellman (ECDH) key exchanges.
Instances of the ECDH class can be created using the crypto.createECDH() function.
30/145
Static method: ECDH.convertKey(key, curve[, inputEncoding[, outputEncoding[, format]]])
key <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
curve <string>
inputEncoding <string> The encoding of the key string.
outputEncoding <string> The encoding of the return value.
31/145
ecdh.computeSecret(otherPublicKey[, inputEncoding][, outputEncoding])
otherPublicKey <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
inputEncoding <string> The encoding of the otherPublicKey string.
outputEncoding <string> The encoding of the return value.
32/145
ecdh.generateKeys([encoding[, format]])
encoding <string> The encoding of the return value.
format <string> Default: 'uncompressed'
Returns: <Buffer> | <string>
If encoding is provided a string is returned; otherwise a Buffer is returned.
33/145
ecdh.getPrivateKey([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string> The EC Diffie-Hellman in the specified encoding.
If encoding is specified, a string is returned; otherwise a Buffer is returned.
34/145
ecdh.getPublicKey([encoding][, format])
encoding <string> The encoding of the return value.
format <string> Default: 'uncompressed'
Returns: <Buffer> | <string> The EC Diffie-Hellman public key in the specified encoding and format.
35/145
ecdh.setPrivateKey(privateKey[, encoding])
privateKey <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
encoding <string> The encoding of the privateKey string.
36/145
Class: Hash
Extends: <stream.Transform>
The Hash class is a utility for creating hash digests of data. It can be used in one of two ways:
As a stream that is both readable and writable, where data is written to produce a computed hash digest on the readable side, or
37/145
hash.copy([options])
options <Object> stream.transform options
Returns: <Hash>
Creates a new Hash object that contains a deep copy of the internal state of the current Hash object.
38/145
hash.digest([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
Calculates the digest of all of the data passed to be hashed (using the hash.update() method). If encoding is provided a string will be returned; otherwise a Buffer is returned.
39/145
hash.update(data[, inputEncoding])
data <string> | <Buffer> | <TypedArray> | <DataView>
inputEncoding <string> The encoding of the data string.
This can be called many times with new data as it is streamed.
40/145
Class: Hmac
Extends: <stream.Transform>
The Hmac class is a utility for creating cryptographic HMAC digests. It can be used in one of two ways:
As a stream that is both readable and writable, where data is written to produce a computed HMAC digest on the readable side, or
41/145
hmac.digest([encoding])
encoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
Calculates the HMAC digest of all of the data passed using hmac.update(). If encoding is provided a string is returned; otherwise a Buffer is returned;
42/145
hmac.update(data[, inputEncoding])
data <string> | <Buffer> | <TypedArray> | <DataView>
inputEncoding <string> The encoding of the data string.
This can be called many times with new data as it is streamed.
43/145
Class: KeyObject
Node.js uses a KeyObject class to represent a symmetric or asymmetric key, and each kind of key exposes different functions. The crypto.createSecretKey(), crypto.createPublicKey() and crypto.createPrivateKey() methods are used to create KeyObject instances. KeyObject objects are not to be created directly using the new keyword.
44/145
Static method: KeyObject.from(key)
key <CryptoKey>
Returns: <KeyObject>
Example: Converting a CryptoKey instance to a KeyObject:
45/145
keyObject.asymmetricKeyDetails
<Object> modulusLength: <number> Key size in bits (RSA, DSA). publicExponent: <bigint> Public exponent (RSA). hashAlgorithm: <string> Name of the message digest (RSA-PSS). mgf1HashAlgorithm: <string> Name of the message digest used by MGF1 (RSA-PSS). saltLength: <number> Minimal salt length in bytes (RSA-PSS). divisorLength: <number> Size of q in bits (DSA). namedCurve: <string> Name of the curve (EC).
46/145
keyObject.asymmetricKeyType
<string>
For asymmetric keys, this property represents the type of the key. Supported key types are:
'rsa' (OID 1.2.840.113549.1.1.1)
'rsa-pss' (OID 1.2.840.113549.1.1.10)
'dsa' (OID 1.2.840.10040.4.1)
'ec' (OID 1.2.840.10045.2.1)
'x25519' (OID 1.3.101.110)
'x448' (OID 1.3.101.111)
47/145
keyObject.equals(otherKeyObject)
otherKeyObject: <KeyObject> A KeyObject with which to compare keyObject.
Returns: <boolean>
Returns true or false depending on whether the keys have exactly the same type, value, and parameters. This method is not constant time.
48/145
keyObject.export([options])
options: <Object>
Returns: <string> | <Buffer> | <Object>
For symmetric keys, the following encoding options can be used:
format: <string> Must be 'buffer' (default) or 'jwk'.
For public keys, the following encoding options can be used:
49/145
keyObject.symmetricKeySize
<number>
For secret keys, this property represents the size of the key in bytes. This property is undefined for asymmetric keys.
50/145
keyObject.toCryptoKey(algorithm, extractable, keyUsages)
lint disable maximum-line-length remark-lint
algorithm: <AlgorithmIdentifier> | <RsaHashedImportParams> | <EcKeyImportParams> | <HmacImportParams>
lint enable maximum-line-length remark-lint
extractable: <boolean>
Returns: <CryptoKey>
51/145
keyObject.type
<string>
Depending on the type of this KeyObject, this property is either 'secret' for secret (symmetric) keys, 'public' for public (asymmetric) keys or 'private' for private (asymmetric) keys.
52/145
Class: Sign
Extends: <stream.Writable>
The Sign class is a utility for generating signatures. It can be used in one of two ways:
As a writable stream, where data to be signed is written and the sign.sign() method is used to generate and return the signature, or
53/145
sign.sign(privateKey[, outputEncoding])
lint disable maximum-line-length remark-lint
outputEncoding <string> The encoding of the return value.
Returns: <Buffer> | <string>
lint enable maximum-line-length remark-lint
If outputEncoding is provided a string is returned; otherwise a Buffer is returned.
54/145
sign.update(data[, inputEncoding])
data <string> | <Buffer> | <TypedArray> | <DataView>
inputEncoding <string> The encoding of the data string.
This can be called many times with new data as it is streamed.
55/145
Class: Verify
Extends: <stream.Writable>
The Verify class is a utility for verifying signatures. It can be used in one of two ways:
As a writable stream where written data is used to validate against the supplied signature, or
See Sign for examples.
56/145
verify.update(data[, inputEncoding])
data <string> | <Buffer> | <TypedArray> | <DataView>
inputEncoding <string> The encoding of the data string.
This can be called many times with new data as it is streamed.
57/145
verify.verify(object, signature[, signatureEncoding])
lint disable maximum-line-length remark-lint
signature <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
signatureEncoding <string> The encoding of the signature string.
lint enable maximum-line-length remark-lint
58/145
Class: X509Certificate
Encapsulates an X509 certificate and provides read-only access to its information.
59/145
new X509Certificate(buffer)
buffer <string> | <TypedArray> | <Buffer> | <DataView> A PEM or DER encoded X509 Certificate.
60/145
x509.ca
Type: <boolean> Will be true if this is a Certificate Authority (CA) certificate.
61/145
x509.checkEmail(email[, options])
email <string>
options <Object> subject <string> 'default', 'always', or 'never'. Default: 'default'.
Returns: <string> | <undefined> Returns email if the certificate matches, undefined if it does not.
62/145
x509.checkHost(name[, options])
name <string>
Returns: <string> | <undefined> Returns a subject name that matches name, or undefined if no subject name matches name.
Checks whether the certificate matches the given host name.
63/145
x509.checkIP(ip)
ip <string>
Returns: <string> | <undefined> Returns ip if the certificate matches, undefined if it does not.
Checks whether the certificate matches the given IP address (IPv4 or IPv6).
64/145
x509.checkIssued(otherCert)
otherCert <X509Certificate>
Returns: <boolean>
Checks whether this certificate was issued by the given otherCert.
65/145
x509.checkPrivateKey(privateKey)
privateKey <KeyObject> A private key.
Returns: <boolean>
Checks whether the public key for this certificate is consistent with the given private key.
66/145
x509.extKeyUsage
Type: <string[]>
An array detailing the key extended usages for this certificate.
67/145
x509.fingerprint
Type: <string>
The SHA-1 fingerprint of this certificate.
Because SHA-1 is cryptographically broken and because the security of SHA-1 is significantly worse than that of algorithms that are commonly used to sign certificates, consider using x509.fingerprint256 instead.
68/145
x509.fingerprint256
Type: <string>
The SHA-256 fingerprint of this certificate.
69/145
x509.fingerprint512
Type: <string>
The SHA-512 fingerprint of this certificate.
70/145
x509.infoAccess
Type: <string>
A textual representation of the certificate's authority information access extension.
71/145
x509.issuer
Type: <string>
The issuer identification included in this certificate.
72/145
x509.issuerCertificate
Type: <X509Certificate>
The issuer certificate or undefined if the issuer certificate is not available.
73/145
x509.publicKey
Type: <KeyObject>
The public key <KeyObject> for this certificate.
74/145
x509.raw
Type: <Buffer>
A Buffer containing the DER encoding of this certificate.
75/145
x509.serialNumber
Type: <string>
The serial number of this certificate.
Serial numbers are assigned by certificate authorities and do not uniquely identify certificates. Consider using x509.fingerprint256 as a unique identifier instead.
76/145
x509.subject
Type: <string>
The complete subject of this certificate.
77/145
x509.subjectAltName
Type: <string>
The subject alternative name specified for this certificate.
This is a comma-separated list of subject alternative names. Each entry begins with a string identifying the kind of the subject alternative name followed by a colon and the value associated with the entry.
78/145
x509.toJSON()
Type: <string>
There is no standard JSON encoding for X509 certificates. The toJSON() method returns a string containing the PEM encoded certificate.
79/145
x509.toLegacyObject()
Type: <Object>
Returns information about this certificate using the legacy certificate object encoding.
80/145
x509.toString()
Type: <string>
Returns the PEM-encoded certificate.
81/145
x509.validFrom
Type: <string>
The date/time from which this certificate is valid.
82/145
x509.validFromDate
Type: <Date>
The date/time from which this certificate is valid, encapsulated in a Date object.
83/145
x509.validTo
Type: <string>
The date/time until which this certificate is valid.
84/145
x509.validToDate
Type: <Date>
The date/time until which this certificate is valid, encapsulated in a Date object.
85/145
x509.verify(publicKey)
publicKey <KeyObject> A public key.
Returns: <boolean>
Verifies that this certificate was signed by the given public key. Does not perform any other validation checks on the certificate.
86/145
crypto.checkPrime(candidate[, options], callback)
candidate <ArrayBuffer> | <SharedArrayBuffer> | <TypedArray> | <Buffer> | <DataView> | <bigint> A possible prime encoded as a sequence of big endian octets of arbitrary length.
Checks the primality of the candidate.
87/145
crypto.checkPrimeSync(candidate[, options])
candidate <ArrayBuffer> | <SharedArrayBuffer> | <TypedArray> | <Buffer> | <DataView> | <bigint> A possible prime encoded as a sequence of big endian octets of arbitrary length.
Checks the primality of the candidate.
88/145
crypto.constants
<Object>
An object containing commonly used constants for crypto and security related operations. The specific constants currently defined are described in Crypto constants.
89/145
crypto.createCipheriv(algorithm, key, iv[, options])
algorithm <string>
key <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> | <CryptoKey>
options <Object> stream.transform options
Returns: <Cipher>
90/145
crypto.createDecipheriv(algorithm, key, iv[, options])
algorithm <string>
key <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> | <CryptoKey>
options <Object> stream.transform options
Returns: <Decipher>
91/145
crypto.createDiffieHellman(prime[, primeEncoding][, generator][, generatorEncoding])
prime <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
primeEncoding <string> The encoding of the prime string.
generatorEncoding <string> The encoding of the generator string.
92/145
crypto.createDiffieHellman(primeLength[, generator])
primeLength <number>
generator <number> Default: 2
Returns: <DiffieHellman>
Creates a DiffieHellman key exchange object and generates a prime of primeLength bits using an optional specific numeric generator. If generator is not specified, the value 2 is used.
93/145
crypto.createDiffieHellmanGroup(name)
name <string>
Returns: <DiffieHellmanGroup>
An alias for crypto.getDiffieHellman()
94/145
crypto.createECDH(curveName)
curveName <string>
Returns: <ECDH>
95/145
crypto.createHash(algorithm[, options])
algorithm <string>
options <Object> stream.transform options
Returns: <Hash>
Example: generating the sha256 sum of a file
96/145
crypto.createHmac(algorithm, key[, options])
algorithm <string>
key <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> | <CryptoKey>
Returns: <Hmac>
Example: generating the sha256 HMAC of a file
97/145
crypto.createPrivateKey(key)
lint disable maximum-line-length remark-lint
Returns: <KeyObject>
lint enable maximum-line-length remark-lint
If the private key is encrypted, a passphrase must be specified. The length of the passphrase is limited to 1024 bytes.
98/145
crypto.createPublicKey(key)
lint disable maximum-line-length remark-lint
Returns: <KeyObject>
lint enable maximum-line-length remark-lint
If the format is 'pem', the 'key' may also be an X.509 certificate.
99/145
crypto.createSecretKey(key[, encoding])
key <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
encoding <string> The string encoding when key is a string.
Returns: <KeyObject>
100/145
crypto.createSign(algorithm[, options])
algorithm <string>
options <Object> stream.Writable options
Returns: <Sign>
101/145
crypto.createVerify(algorithm[, options])
algorithm <string>
options <Object> stream.Writable options
Returns: <Verify>
102/145
crypto.diffieHellman(options)
options: <Object> privateKey: <KeyObject> publicKey: <KeyObject>
Returns: <Buffer>
103/145
crypto.generateKey(type, options, callback)
type: <string> The intended use of the generated secret key. Currently accepted values are 'hmac' and 'aes'.
callback: <Function> err: <Error> key: <KeyObject>
104/145
crypto.generateKeyPair(type, options, callback)
type: <string> Must be 'rsa', 'rsa-pss', 'dsa', 'ec', 'ed25519', 'ed448', 'x25519', 'x448', or 'dh'.
Generates a new asymmetric key pair of the given type. RSA, RSA-PSS, DSA, EC, Ed25519, Ed448, X25519, X448, and DH are currently supported.
105/145
crypto.generateKeyPairSync(type, options)
type: <string> Must be 'rsa', 'rsa-pss', 'dsa', 'ec', 'ed25519', 'ed448', 'x25519', 'x448', or 'dh'.
Generates a new asymmetric key pair of the given type. RSA, RSA-PSS, DSA, EC, Ed25519, Ed448, X25519, X448, and DH are currently supported.
106/145
crypto.generateKeySync(type, options)
type: <string> The intended use of the generated secret key. Currently accepted values are 'hmac' and 'aes'.
Returns: <KeyObject>
107/145
crypto.generatePrime(size[, options[, callback]])
size <number> The size (in bits) of the prime to generate.
callback <Function> err <Error> prime <ArrayBuffer> | <bigint>
Generates a pseudorandom prime of size bits.
108/145
crypto.generatePrimeSync(size[, options])
size <number> The size (in bits) of the prime to generate.
Returns: <ArrayBuffer> | <bigint>
Generates a pseudorandom prime of size bits.
If options.safe is true, the prime will be a safe prime -- that is, (prime - 1) / 2 will also be a prime.
109/145
crypto.getCipherInfo(nameOrNid[, options])
nameOrNid: <string> | <number> The name or nid of the cipher to query.
options: <Object> keyLength: <number> A test key length. ivLength: <number> A test IV length.
110/145
crypto.getCiphers()
Returns: <string[]> An array with the names of the supported cipher algorithms.
111/145
crypto.getCurves()
Returns: <string[]> An array with the names of the supported elliptic curves.
112/145
crypto.getDiffieHellman(groupName)
groupName <string>
Returns: <DiffieHellmanGroup>
Creates a predefined DiffieHellmanGroup key exchange object. The supported groups are listed in the documentation for DiffieHellmanGroup.
Example (obtaining a shared secret):
113/145
crypto.getFips()
Returns: <number> 1 if and only if a FIPS compliant crypto provider is currently in use, 0 otherwise. A future semver-major release may change the return type of this API to a <boolean>.
114/145
crypto.getHashes()
Returns: <string[]> An array of the names of the supported hash algorithms, such as 'RSA-SHA256'. Hash algorithms are also called "digest" algorithms.
115/145
crypto.getRandomValues(typedArray)
typedArray <Buffer> | <TypedArray> | <DataView> | <ArrayBuffer>
Returns: <Buffer> | <TypedArray> | <DataView> | <ArrayBuffer> Returns typedArray.
116/145
crypto.hash(algorithm, data[, outputEncoding])
algorithm <string> | <undefined>
outputEncoding <string> | <undefined> Encoding used to encode the returned digest. Default: 'hex'.
Returns: <string> | <Buffer>
Example:
117/145
crypto.hkdf(digest, ikm, salt, info, keylen, callback)
digest <string> The digest algorithm to use.
ikm <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> The input keying material. Must be provided but can be zero-length.
118/145
crypto.hkdfSync(digest, ikm, salt, info, keylen)
digest <string> The digest algorithm to use.
ikm <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> The input keying material. Must be provided but can be zero-length.
119/145
crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)
password <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
salt <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
iterations <number>
120/145
crypto.pbkdf2Sync(password, salt, iterations, keylen, digest)
password <string> | <Buffer> | <TypedArray> | <DataView>
salt <string> | <Buffer> | <TypedArray> | <DataView>
iterations <number>
keylen <number>
digest <string>
Returns: <Buffer>
121/145
crypto.privateDecrypt(privateKey, buffer)
lint disable maximum-line-length remark-lint
buffer <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
Returns: <Buffer> A new Buffer with the decrypted content.
lint enable maximum-line-length remark-lint
122/145
crypto.privateEncrypt(privateKey, buffer)
lint disable maximum-line-length remark-lint
buffer <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
Returns: <Buffer> A new Buffer with the encrypted content.
lint enable maximum-line-length remark-lint
123/145
crypto.publicDecrypt(key, buffer)
lint disable maximum-line-length remark-lint
buffer <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
Returns: <Buffer> A new Buffer with the decrypted content.
lint enable maximum-line-length remark-lint
124/145
crypto.publicEncrypt(key, buffer)
lint disable maximum-line-length remark-lint
buffer <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
Returns: <Buffer> A new Buffer with the encrypted content.
lint enable maximum-line-length remark-lint
125/145
crypto.randomBytes(size[, callback])
size <number> The number of bytes to generate. The size must not be larger than 2**31 - 1.
callback <Function> err <Error> buf <Buffer>
Returns: <Buffer> if the callback function is not provided.
126/145
crypto.randomFill(buffer[, offset][, size], callback)
buffer <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> Must be supplied. The size of the provided buffer must not be larger than 2**31 - 1.
offset <number> Default: 0
callback <Function> function(err, buf) {}.
127/145
crypto.randomFillSync(buffer[, offset][, size])
buffer <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> Must be supplied. The size of the provided buffer must not be larger than 2**31 - 1.
offset <number> Default: 0
Synchronous version of crypto.randomFill().
128/145
crypto.randomInt([min, ]max[, callback])
min <integer> Start of random range (inclusive). Default: 0.
max <integer> End of random range (exclusive).
callback <Function> function(err, n) {}.
The range (max - min) must be less than 248. min and max must be safe integers.
129/145
crypto.randomUUID([options])
options <Object> disableEntropyCache <boolean> By default, to improve performance, Node.js generates and caches enough random data to generate up to 128 random UUIDs. To generate a UUID without using the cache, set disableEntropyCache to true. Default: false.
130/145
crypto.scrypt(password, salt, keylen[, options], callback)
password <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
salt <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
keylen <number>
131/145
crypto.scryptSync(password, salt, keylen[, options])
password <string> | <Buffer> | <TypedArray> | <DataView>
salt <string> | <Buffer> | <TypedArray> | <DataView>
keylen <number>
Returns: <Buffer>
132/145
crypto.secureHeapUsed()
Returns: <Object> total <number> The total allocated secure heap size as specified using the --secure-heap=n command-line flag. min <number> The minimum allocation from the secure heap as specified using the --secure-heap-min command-line flag. used <number> The total number of bytes currently allocated from the secure heap. utilization <number> The calculated ratio of used to total allocated bytes.
133/145
crypto.setEngine(engine[, flags])
engine <string>
flags <crypto.constants> Default: crypto.constants.ENGINE_METHOD_ALL
Load and set the engine for some or all OpenSSL functions (selected by flags). Support for custom engines in OpenSSL is deprecated from OpenSSL 3.
crypto.constants.ENGINE_METHOD_RSA
134/145
crypto.setFips(bool)
bool <boolean> true to enable FIPS mode.
Enables the FIPS compliant crypto provider in a FIPS-enabled Node.js build. Throws an error if FIPS mode is not available.
135/145
crypto.sign(algorithm, data, key[, callback])
lint disable maximum-line-length remark-lint
algorithm <string> | <null> | <undefined>
data <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
Returns: <Buffer> if the callback function is not provided.
136/145
crypto.subtle
Type: <SubtleCrypto>
A convenient alias for crypto.webcrypto.subtle.
137/145
crypto.timingSafeEqual(a, b)
a <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
b <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
Returns: <boolean>
138/145
crypto.verify(algorithm, data, key, signature[, callback])
lint disable maximum-line-length remark-lint
algorithm <string> | <null> | <undefined>
data <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView>
lint enable maximum-line-length remark-lint
139/145
crypto.webcrypto
Type: <Crypto> An implementation of the Web Crypto API standard.
See the Web Crypto API documentation for details.
140/145
Using strings as inputs to cryptographic APIs
For historical reasons, many cryptographic APIs provided by Node.js accept strings as inputs where the underlying cryptographic algorithm works on byte sequences. These instances include plaintexts, ciphertexts, symmetric keys, initialization vectors, passphrases, salts, authentication tags, and additional authenticated data.
141/145
Legacy streams API (prior to Node.js 0.10)
The Crypto module was added to Node.js before there was the concept of a unified Stream API, and before there were Buffer objects for handling binary data. As such, many crypto classes have methods not typically found on other Node.js classes that implement the streams API (e.g. update(), final(), or digest()). Also, many methods accepted and returned 'latin1' encoded strings by default rather than Buffers. This default was changed after Node.js v0.8 to use Buffer objects by default instead.
142/145
Support for weak or compromised algorithms
The node:crypto module still supports some algorithms which are already compromised and are not recommended for use. The API also allows the use of ciphers and hashes with a small key size that are too weak for safe use.
Based on the recommendations of NIST SP 800-131A:
143/145
CCM mode
CCM is one of the supported AEAD algorithms. Applications which use this mode must adhere to certain restrictions when using the cipher API:
The length of the initialization vector (nonce) N must be between 7 and 13 bytes (7 ≤ N ≤ 13).
144/145
FIPS mode
When using OpenSSL 3, Node.js supports FIPS 140-2 when used with an appropriate OpenSSL 3 provider, such as the FIPS provider from OpenSSL 3 which can be installed by following the instructions in OpenSSL's FIPS README file.
For FIPS support in Node.js you will need:
145/145
WitSlice © 2024