Crypto

Node.js crypto module — cryptographic primitives and utilities. Also exposes the Web Crypto API via crypto.webcrypto.

Beyond this IDL surface, the enriched module also provides: createCipheriv, createDecipheriv, createSign, createVerify, generateKeyPairSync, generateKeyPair, createSecretKey, createPublicKey, createPrivateKey, createDiffieHellman, getDiffieHellman, createECDH, getCurves, publicEncrypt, privateDecrypt, publicDecrypt, privateEncrypt, sign, verify, hash, hkdfSync, hkdf, argon2Sync, argon2, encapsulate, decapsulate, getCipherInfo, getFips, setFips, checkPrime, checkPrimeSync, generatePrime, generatePrimeSync, pseudoRandomBytes, getRandomValues, secureHeapUsed, Certificate, DiffieHellman, DiffieHellmanGroup, ECDH, Sign, Verify, Cipheriv, Decipheriv, Hash, Hmac constructors, subtle, and webcrypto.

Module: node:crypto Support: Experimental Since: 1.1.0 Docs: Node.js Docs

16 members: 16 undocumented

Static Methods

⚪ createHash(algorithm, options)

Creates and returns a Hash object for the given algorithm.

⚪ createHmac(algorithm, key)

Creates and returns an Hmac object for the given algorithm and key.

⚪ randomBytes(size)

Generates cryptographically strong pseudorandom bytes.

⚪ randomFill(buffer, offset, size, callback)

Asynchronously fills a buffer with random bytes.

⚪ randomFillSync(buffer, offset, size)

Synchronously fills a buffer with random bytes.

⚪ randomInt(min, max, callback)

Returns a random integer n such that min <= n < max.

⚪ randomUUID()

Generates a random RFC 4122 version 4 UUID string.

⚪ pbkdf2Sync(password, salt, iterations, keylen, digest)

Synchronously derives a key using PBKDF2.

⚪ pbkdf2(password, salt, iterations, keylen, digest, callback)

Asynchronously derives a key using PBKDF2.

⚪ scryptSync(password, salt, keylen, options)

Synchronously derives a key using scrypt.

⚪ scrypt(password, salt, keylen, options, callback)

Asynchronously derives a key using scrypt.

⚪ timingSafeEqual(a, b)

Compares two buffers in constant time to prevent timing attacks.

⚪ getHashes()

Returns the list of supported hash algorithm names.

⚪ getCiphers()

Returns the list of supported cipher algorithm names.

Properties

⚪ constants

→ object

⚪ webcrypto

The Web Crypto API (SubtleCrypto) instance.

---

Details

`createHash(algorithm, options)`

static createHash(algorithm: string, options?: object): Hash

static createHash(algorithm: string, options?: object): Hash

Creates and returns a Hash object for the given algorithm.

Parameter	Type	Description
`algorithm`	string	Hash algorithm name (e.g. "sha256", "sha512")
`options (optional)`	object

Returns: Hash A new Hash instance Throws:

Error --- If the algorithm is not supported

`createHmac(algorithm, key)`

static createHmac(algorithm: string, key: (string or BufferSource)): Hmac

static createHmac(algorithm: string, key: (string or BufferSource)): Hmac

Creates and returns an Hmac object for the given algorithm and key.

Parameter	Type	Description
`algorithm`	string	HMAC algorithm name (e.g. "sha256")
`key`	(string or BufferSource)	Secret key as string or buffer

Returns: Hmac A new Hmac instance Throws:

Error --- If the algorithm is not supported

`randomBytes(size)`

static randomBytes(size: u32): Buffer

static randomBytes(size: u32): Buffer

Generates cryptographically strong pseudorandom bytes.

Parameter	Type	Description
`size`	u32	Number of bytes to generate

Returns: Buffer A Buffer of random bytes Throws:

Error --- If the entropy source is unavailable

`timingSafeEqual(a, b)`

static timingSafeEqual(a: BufferSource, b: BufferSource): boolean

static timingSafeEqual(a: BufferSource, b: BufferSource): boolean

Compares two buffers in constant time to prevent timing attacks.

Parameter	Type	Description
`a`	BufferSource	First buffer
`b`	BufferSource	Second buffer

Returns: boolean True if the buffers contain identical bytes Throws:

Error --- If the buffers are not the same length

Interface `Hash`

Incremental cryptographic hash computation object. Created via crypto.createHash(); not constructable directly.

Since: 1.1.0 Docs: Node.js Docs

3 members: 3 undocumented

Methods

⚪ update(data, inputEncoding)

Feeds data into the hash computation.

⚪ digest(encoding)

Finalizes the hash and returns the digest.

⚪ copy(options)

Creates a copy of the Hash in its current state.

---

Interface `Hmac`

Incremental HMAC computation object. Created via crypto.createHmac(); not constructable directly.

Since: 1.1.0 Docs: Node.js Docs

2 members: 2 undocumented

Methods

⚪ update(data, inputEncoding)

Feeds data into the hash computation.

⚪ digest(encoding)

Finalizes the hash and returns the digest.

---

Crypto

Static Methods

Properties

Details

createHash(algorithm, options)

createHmac(algorithm, key)

randomBytes(size)

timingSafeEqual(a, b)

Interface Hash

Methods

Interface Hmac

Methods

`createHash(algorithm, options)`

`createHmac(algorithm, key)`

`randomBytes(size)`

`timingSafeEqual(a, b)`

Interface `Hash`

Interface `Hmac`