Lines Matching refs:crypto
7 <!-- source_link=lib/crypto.js -->
9 The `crypto` module provides cryptographic functionality that includes a set of
12 Use `require('crypto')` to access this module.
15 const crypto = require('crypto');
18 const hash = crypto.createHmac('sha256', secret)
26 ## Determining if crypto support is unavailable
29 `crypto` module. In such cases, calling `require('crypto')` will result in an
33 let crypto;
35 crypto = require('crypto');
37 console.log('crypto support is disabled!');
52 The `crypto` module provides the `Certificate` class for working with SPKAC
66 const { Certificate } = require('crypto');
84 const { Certificate } = require('crypto');
101 const { Certificate } = require('crypto');
112 the `crypto.Certificate` class as illustrated in the examples below.
114 #### `new crypto.Certificate()`
117 or by calling `crypto.Certificate()` as a function:
120 const crypto = require('crypto');
122 const cert1 = new crypto.Certificate();
123 const cert2 = crypto.Certificate();
136 const cert = require('crypto').Certificate();
153 const cert = require('crypto').Certificate();
170 const cert = require('crypto').Certificate();
191 The [`crypto.createCipher()`][] or [`crypto.createCipheriv()`][] methods are
198 const crypto = require('crypto');
204 // Use async `crypto.scrypt()` instead.
205 const key = crypto.scryptSync(password, 'salt', 24);
206 // Use `crypto.randomBytes()` to generate a random iv instead of the static iv
210 const cipher = crypto.createCipheriv(algorithm, key, iv);
231 const crypto = require('crypto');
236 // Use the async `crypto.scrypt()` instead.
237 const key = crypto.scryptSync(password, 'salt', 24);
238 // Use `crypto.randomBytes()` to generate a random iv instead of the static iv
242 const cipher = crypto.createCipheriv(algorithm, key, iv);
253 const crypto = require('crypto');
257 // Use the async `crypto.scrypt()` instead.
258 const key = crypto.scryptSync(password, 'salt', 24);
259 // Use `crypto.randomBytes` to generate a random iv instead of the static iv
263 const cipher = crypto.createCipheriv(algorithm, key, iv);
383 The [`crypto.createDecipher()`][] or [`crypto.createDecipheriv()`][] methods are
390 const crypto = require('crypto');
396 // Use the async `crypto.scrypt()` instead.
397 const key = crypto.scryptSync(password, 'salt', 24);
401 const decipher = crypto.createDecipheriv(algorithm, key, iv);
424 const crypto = require('crypto');
429 // Use the async `crypto.scrypt()` instead.
430 const key = crypto.scryptSync(password, 'salt', 24);
434 const decipher = crypto.createDecipheriv(algorithm, key, iv);
445 const crypto = require('crypto');
449 // Use the async `crypto.scrypt()` instead.
450 const key = crypto.scryptSync(password, 'salt', 24);
454 const decipher = crypto.createDecipheriv(algorithm, key, iv);
586 [`crypto.createDiffieHellman()`][] function.
589 const crypto = require('crypto');
593 const alice = crypto.createDiffieHellman(2048);
597 const bob = crypto.createDiffieHellman(alice.getPrime(), alice.getGenerator());
745 const dh = crypto.createDiffieHellmanGroup(name);
771 [`crypto.createECDH()`][] function.
774 const crypto = require('crypto');
778 const alice = crypto.createECDH('secp521r1');
782 const bob = crypto.createECDH('secp521r1');
811 Use [`crypto.getCurves()`][] to obtain a list of available curve names.
824 const { createECDH, ECDH } = require('crypto');
966 const crypto = require('crypto');
967 const alice = crypto.createECDH('secp256k1');
968 const bob = crypto.createECDH('secp256k1');
974 crypto.createHash('sha256').update('alice', 'utf8').digest()
1003 The [`crypto.createHash()`][] method is used to create `Hash` instances. `Hash`
1009 const crypto = require('crypto');
1010 const hash = crypto.createHash('sha256');
1030 const crypto = require('crypto');
1032 const hash = crypto.createHash('sha256');
1041 const crypto = require('crypto');
1042 const hash = crypto.createHash('sha256');
1070 const crypto = require('crypto');
1071 const hash = crypto.createHash('sha256');
1136 The [`crypto.createHmac()`][] method is used to create `Hmac` instances. `Hmac`
1142 const crypto = require('crypto');
1143 const hmac = crypto.createHmac('sha256', 'a secret');
1163 const crypto = require('crypto');
1165 const hmac = crypto.createHmac('sha256', 'a secret');
1174 const crypto = require('crypto');
1175 const hmac = crypto.createHmac('sha256', 'a secret');
1233 [`crypto.createSecretKey()`][], [`crypto.createPublicKey()`][] and
1234 [`crypto.createPrivateKey()`][] methods are used to create `KeyObject`
1364 The [`crypto.createSign()`][] method is used to create `Sign` instances. The
1371 const crypto = require('crypto');
1373 const { privateKey, publicKey } = crypto.generateKeyPairSync('ec', {
1377 const sign = crypto.createSign('SHA256');
1382 const verify = crypto.createVerify('SHA256');
1392 const crypto = require('crypto');
1394 const { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
1398 const sign = crypto.createSign('SHA256');
1403 const verify = crypto.createVerify('SHA256');
1441 `privateKey` had been passed to [`crypto.createPrivateKey()`][]. If it is an
1449 * `crypto.constants.RSA_PKCS1_PADDING` (default)
1450 * `crypto.constants.RSA_PKCS1_PSS_PADDING`
1458 `crypto.constants.RSA_PSS_SALTLEN_DIGEST` sets the salt length to the digest
1459 size, `crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN` (default) sets it to the
1503 The [`crypto.createVerify()`][] method is used to create `Verify` instances.
1560 `object` had been passed to [`crypto.createPublicKey()`][]. If it is an
1568 * `crypto.constants.RSA_PKCS1_PADDING` (default)
1569 * `crypto.constants.RSA_PKCS1_PSS_PADDING`
1577 `crypto.constants.RSA_PSS_SALTLEN_DIGEST` sets the salt length to the digest
1578 size, `crypto.constants.RSA_PSS_SALTLEN_AUTO` (default) causes it to be
1594 ## `crypto` module methods and properties
1596 ### `crypto.constants`
1601 * Returns: {Object} An object containing commonly used constants for crypto and
1605 ### `crypto.DEFAULT_ENCODING`
1617 The `crypto.DEFAULT_ENCODING` mechanism is provided for backward compatibility
1624 ### `crypto.fips`
1632 Property for checking and controlling whether a FIPS compliant crypto provider
1635 This property is deprecated. Please use `crypto.setFips()` and
1636 `crypto.getFips()` instead.
1638 ### `crypto.createCipher(algorithm, password[, options])`
1652 > Stability: 0 - Deprecated: Use [`crypto.createCipheriv()`][] instead.
1678 The implementation of `crypto.createCipher()` derives keys using the OpenSSL
1687 their own using [`crypto.scrypt()`][] and to use [`crypto.createCipheriv()`][]
1689 (e.g. CTR, GCM, or CCM) in `crypto.createCipher()`. A warning is emitted when
1694 ### `crypto.createCipheriv(algorithm, key, iv[, options])`
1753 ### `crypto.createDecipher(algorithm, password[, options])`
1763 > Stability: 0 - Deprecated: Use [`crypto.createDecipheriv()`][] instead.
1778 The implementation of `crypto.createDecipher()` derives keys using the OpenSSL
1787 their own using [`crypto.scrypt()`][] and to use [`crypto.createDecipheriv()`][]
1790 ### `crypto.createDecipheriv(algorithm, key, iv[, options])`
1849 ### `crypto.createDiffieHellman(prime[, primeEncoding][, generator][, generatorEncoding])`
1884 ### `crypto.createDiffieHellman(primeLength[, generator])`
1897 ### `crypto.createDiffieHellmanGroup(name)`
1905 An alias for [`crypto.getDiffieHellman()`][]
1907 ### `crypto.createECDH(curveName)`
1917 [`crypto.getCurves()`][] to obtain a list of available curve names. On recent
1921 ### `crypto.createHash(algorithm[, options])`
1949 const crypto = require('crypto');
1952 const hash = crypto.createHash('sha256');
1967 ### `crypto.createHmac(algorithm, key[, options])`
1997 const crypto = require('crypto');
2000 const hmac = crypto.createHmac('sha256', 'a secret');
2015 ### `crypto.createPrivateKey(key)`
2035 ### `crypto.createPublicKey(key)`
2064 [`crypto.createPrivateKey()`][] had been called, except that the type of the
2070 ### `crypto.createSecretKey(key)`
2081 ### `crypto.createSign(algorithm[, options])`
2091 [`crypto.getHashes()`][] to obtain the names of the available digest algorithms.
2100 ### `crypto.createVerify(algorithm[, options])`
2110 Use [`crypto.getHashes()`][] to obtain an array of names of the available
2120 ### `crypto.diffieHellman(options)`
2134 ### `crypto.generateKeyPair(type, options, callback)`
2164 [`crypto.getDiffieHellman()`][].
2183 const { generateKeyPair } = require('crypto');
2207 ### `crypto.generateKeyPairSync(type, options)`
2234 [`crypto.getDiffieHellman()`][].
2253 const { generateKeyPairSync } = require('crypto');
2273 ### `crypto.getCiphers()`
2282 const ciphers = crypto.getCiphers();
2286 ### `crypto.getCurves()`
2294 const curves = crypto.getCurves();
2298 ### `crypto.getDiffieHellman(groupName)`
2311 [`crypto.createDiffieHellman()`][], but will not allow changing
2320 const crypto = require('crypto');
2321 const alice = crypto.getDiffieHellman('modp14');
2322 const bob = crypto.getDiffieHellman('modp14');
2334 ### `crypto.getFips()`
2339 * Returns: {number} `1` if and only if a FIPS compliant crypto provider is
2343 ### `crypto.getHashes()`
2352 const hashes = crypto.getHashes();
2356 ### `crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)`
2408 const crypto = require('crypto');
2409 crypto.pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => {
2415 The `crypto.DEFAULT_ENCODING` property can be used to change the way the
2420 const crypto = require('crypto');
2421 crypto.DEFAULT_ENCODING = 'hex';
2422 crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => {
2429 [`crypto.getHashes()`][].
2435 ### `crypto.pbkdf2Sync(password, salt, iterations, keylen, digest)`
2479 const crypto = require('crypto');
2480 const key = crypto.pbkdf2Sync('secret', 'salt', 100000, 64, 'sha512');
2484 The `crypto.DEFAULT_ENCODING` property may be used to change the way the
2489 const crypto = require('crypto');
2490 crypto.DEFAULT_ENCODING = 'hex';
2491 const key = crypto.pbkdf2Sync('secret', 'salt', 100000, 512, 'sha512');
2496 [`crypto.getHashes()`][].
2498 ### `crypto.privateDecrypt(privateKey, buffer)`
2518 * `padding` {crypto.constants} An optional padding value defined in
2519 `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING`,
2520 `crypto.constants.RSA_PKCS1_PADDING`, or
2521 `crypto.constants.RSA_PKCS1_OAEP_PADDING`.
2526 the corresponding public key, for example using [`crypto.publicEncrypt()`][].
2529 `privateKey` had been passed to [`crypto.createPrivateKey()`][]. If it is an
2533 ### `crypto.privateEncrypt(privateKey, buffer)`
2545 * `padding` {crypto.constants} An optional padding value defined in
2546 `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING` or
2547 `crypto.constants.RSA_PKCS1_PADDING`.
2552 the corresponding public key, for example using [`crypto.publicDecrypt()`][].
2555 `privateKey` had been passed to [`crypto.createPrivateKey()`][]. If it is an
2559 ### `crypto.publicDecrypt(key, buffer)`
2570 * `padding` {crypto.constants} An optional padding value defined in
2571 `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING` or
2572 `crypto.constants.RSA_PKCS1_PADDING`.
2577 the corresponding private key, for example using [`crypto.privateEncrypt()`][].
2580 `key` had been passed to [`crypto.createPublicKey()`][]. If it is an
2587 ### `crypto.publicEncrypt(key, buffer)`
2609 * `padding` {crypto.constants} An optional padding value defined in
2610 `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING`,
2611 `crypto.constants.RSA_PKCS1_PADDING`, or
2612 `crypto.constants.RSA_PKCS1_OAEP_PADDING`.
2618 the corresponding private key, for example using [`crypto.privateDecrypt()`][].
2621 `key` had been passed to [`crypto.createPublicKey()`][]. If it is an
2628 ### `crypto.randomBytes(size[, callback])`
2654 const crypto = require('crypto');
2655 crypto.randomBytes(256, (err, buf) => {
2667 const buf = crypto.randomBytes(256);
2672 The `crypto.randomBytes()` method will not complete until there is
2682 The asynchronous version of `crypto.randomBytes()` is carried out in a single
2687 ### `crypto.randomFillSync(buffer[, offset][, size])`
2703 Synchronous version of [`crypto.randomFill()`][].
2707 console.log(crypto.randomFillSync(buf).toString('hex'));
2709 crypto.randomFillSync(buf, 5);
2713 crypto.randomFillSync(buf, 5, 5);
2721 console.log(Buffer.from(crypto.randomFillSync(a).buffer,
2725 console.log(Buffer.from(crypto.randomFillSync(b).buffer,
2729 console.log(Buffer.from(crypto.randomFillSync(c).buffer,
2733 ### `crypto.randomFill(buffer[, offset][, size], callback)`
2749 This function is similar to [`crypto.randomBytes()`][] but requires the first
2757 crypto.randomFill(buf, (err, buf) => {
2762 crypto.randomFill(buf, 5, (err, buf) => {
2768 crypto.randomFill(buf, 5, 5, (err, buf) => {
2778 crypto.randomFill(a, (err, buf) => {
2785 crypto.randomFill(b, (err, buf) => {
2792 crypto.randomFill(c, (err, buf) => {
2803 The asynchronous version of `crypto.randomFill()` is carried out in a single
2808 ### `crypto.randomInt([min, ]max[, callback])`
2828 crypto.randomInt(3, (err, n) => {
2836 const n = crypto.randomInt(3);
2842 const n = crypto.randomInt(1, 7);
2846 ### `crypto.randomUUID([options])`
2861 ### `crypto.scrypt(password, salt, keylen[, options], callback)`
2908 const crypto = require('crypto');
2910 crypto.scrypt('password', 'salt', 64, (err, derivedKey) => {
2915 crypto.scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => {
2921 ### `crypto.scryptSync(password, salt, keylen[, options])`
2965 const crypto = require('crypto');
2967 const key1 = crypto.scryptSync('password', 'salt', 64);
2970 const key2 = crypto.scryptSync('password', 'salt', 64, { N: 1024 });
2974 ### `crypto.setEngine(engine[, flags])`
2980 * `flags` {crypto.constants} **Default:** `crypto.constants.ENGINE_METHOD_ALL`
2988 `crypto.constants`):
2990 * `crypto.constants.ENGINE_METHOD_RSA`
2991 * `crypto.constants.ENGINE_METHOD_DSA`
2992 * `crypto.constants.ENGINE_METHOD_DH`
2993 * `crypto.constants.ENGINE_METHOD_RAND`
2994 * `crypto.constants.ENGINE_METHOD_EC`
2995 * `crypto.constants.ENGINE_METHOD_CIPHERS`
2996 * `crypto.constants.ENGINE_METHOD_DIGESTS`
2997 * `crypto.constants.ENGINE_METHOD_PKEY_METHS`
2998 * `crypto.constants.ENGINE_METHOD_PKEY_ASN1_METHS`
2999 * `crypto.constants.ENGINE_METHOD_ALL`
3000 * `crypto.constants.ENGINE_METHOD_NONE`
3004 * `crypto.constants.ENGINE_METHOD_ECDH`
3005 * `crypto.constants.ENGINE_METHOD_ECDSA`
3006 * `crypto.constants.ENGINE_METHOD_STORE`
3008 ### `crypto.setFips(bool)`
3015 Enables the FIPS compliant crypto provider in a FIPS-enabled Node.js build.
3018 ### `crypto.sign(algorithm, data, key)`
3039 passed to [`crypto.createPrivateKey()`][]. If it is an object, the following
3047 * `crypto.constants.RSA_PKCS1_PADDING` (default)
3048 * `crypto.constants.RSA_PKCS1_PSS_PADDING`
3054 `crypto.constants.RSA_PSS_SALTLEN_DIGEST` sets the salt length to the digest
3055 size, `crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN` (default) sets it to the
3058 ### `crypto.timingSafeEqual(a, b)`
3080 Use of `crypto.timingSafeEqual` does not guarantee that the *surrounding* code
3084 ### `crypto.verify(algorithm, data, key, signature)`
3106 passed to [`crypto.createPublicKey()`][]. If it is an object, the following
3114 * `crypto.constants.RSA_PKCS1_PADDING` (default)
3115 * `crypto.constants.RSA_PKCS1_PSS_PADDING`
3121 `crypto.constants.RSA_PSS_SALTLEN_DIGEST` sets the salt length to the digest
3122 size, `crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN` (default) sets it to the
3136 binary data. As such, the many of the `crypto` defined classes have methods not
3160 The `crypto` module still supports some algorithms which are already
3165 Users should take full responsibility for selecting the crypto
3200 Many crypto libraries include the authentication tag in the ciphertext,
3212 const crypto = require('crypto');
3215 const nonce = crypto.randomBytes(12);
3219 const cipher = crypto.createCipheriv('aes-192-ccm', key, nonce, {
3232 const decipher = crypto.createDecipheriv('aes-192-ccm', key, nonce, {
3253 The following constants exported by `crypto.constants` apply to various uses of
3254 the `crypto`, `tls`, and `https` modules and are generally specific to OpenSSL.
3572 ### Node.js crypto constants
3609 [`EVP_BytesToKey`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_BytesToKey.html
3616 [`crypto.createCipher()`]: #crypto_crypto_createcipher_algorithm_password_options
3617 [`crypto.createCipheriv()`]: #crypto_crypto_createcipheriv_algorithm_key_iv_options
3618 [`crypto.createDecipher()`]: #crypto_crypto_createdecipher_algorithm_password_options
3619 [`crypto.createDecipheriv()`]: #crypto_crypto_createdecipheriv_algorithm_key_iv_options
3620 [`crypto.createDiffieHellman()`]: #crypto_crypto_creatediffiehellman_prime_primeencoding_generator_…
3621 [`crypto.createECDH()`]: #crypto_crypto_createecdh_curvename
3622 [`crypto.createHash()`]: #crypto_crypto_createhash_algorithm_options
3623 [`crypto.createHmac()`]: #crypto_crypto_createhmac_algorithm_key_options
3624 [`crypto.createPrivateKey()`]: #crypto_crypto_createprivatekey_key
3625 [`crypto.createPublicKey()`]: #crypto_crypto_createpublickey_key
3626 [`crypto.createSecretKey()`]: #crypto_crypto_createsecretkey_key
3627 [`crypto.createSign()`]: #crypto_crypto_createsign_algorithm_options
3628 [`crypto.createVerify()`]: #crypto_crypto_createverify_algorithm_options
3629 [`crypto.getCurves()`]: #crypto_crypto_getcurves
3630 [`crypto.getDiffieHellman()`]: #crypto_crypto_getdiffiehellman_groupname
3631 [`crypto.getHashes()`]: #crypto_crypto_gethashes
3632 [`crypto.privateDecrypt()`]: #crypto_crypto_privatedecrypt_privatekey_buffer
3633 [`crypto.privateEncrypt()`]: #crypto_crypto_privateencrypt_privatekey_buffer
3634 [`crypto.publicDecrypt()`]: #crypto_crypto_publicdecrypt_key_buffer
3635 [`crypto.publicEncrypt()`]: #crypto_crypto_publicencrypt_key_buffer
3636 [`crypto.randomBytes()`]: #crypto_crypto_randombytes_size_callback
3637 [`crypto.randomFill()`]: #crypto_crypto_randomfill_buffer_offset_size_callback
3638 [`crypto.scrypt()`]: #crypto_crypto_scrypt_password_salt_keylen_options_callback