Crypto
Related Docs:
object Crypto
| package crypto
The default encoding to use for functions that can take either strings or buffers.
The default encoding to use for functions that can take either strings or buffers. The default value is 'buffer', which makes methods default to Buffer objects.
The crypto.DEFAULT_ENCODING mechanism is provided for backwards compatibility with legacy programs that expect 'binary' to be the default encoding.
Creates and returns a Cipher object that uses the given algorithm and password.
Creates and returns a Cipher object that uses the given algorithm and password.
The algorithm is dependent on OpenSSL, examples are 'aes192', etc. On recent OpenSSL releases, openssl list-cipher-algorithms will display the available cipher algorithms.
The password is used to derive the cipher key and initialization vector (IV). The value must be either a 'binary' encoded string or a Buffer.
crypto.createCipher(algorithm, password)
Creates and returns a Decipher object that uses the given algorithm and password (key).
Creates and returns a Decipher object that uses the given algorithm and password (key). The implementation of crypto.createDecipher() derives keys using the OpenSSL function EVP_BytesToKey with the digest algorithm set to MD5, one iteration, and no salt. The lack of salt allows dictionary attacks as the same password always creates the same key. The low iteration count and non-cryptographically secure hash algorithm allow passwords to be tested very rapidly.
In line with OpenSSL's recommendation to use pbkdf2 instead of EVP_BytesToKey it is recommended that developers derive a key and IV on their own using crypto.pbkdf2() and to use crypto.createDecipheriv() to create the Decipher object.
crypto.createDecipher(algorithm, password)
Creates and returns a Hash object that can be used to generate hash digests using the given algorithm.
Creates and returns a Hash object that can be used to generate hash digests using the given algorithm.
The algorithm is dependent on the available algorithms supported by the version of OpenSSL on the platform. Examples are 'sha256', 'sha512', etc. On recent releases of OpenSSL, openssl list-message-digest-algorithms will display the available digest algorithms.
the given algorithm (e.g. 'sha256', 'sha512')
Creates and returns an Hmac object that uses the given algorithm and key.
Creates and returns an Hmac object that uses the given algorithm and key.
The algorithm is dependent on the available algorithms supported by the version of OpenSSL on the platform. Examples are 'sha256', 'sha512', etc. On recent releases of OpenSSL, openssl list-message-digest-algorithms will display the available digest algorithms.
the given algorithm (e.g. 'sha256', 'sha512')
The key is the HMAC key used to generate the cryptographic HMAC hash.
Creates and returns a Sign object that uses the given algorithm.
Creates and returns a Sign object that uses the given algorithm. On recent OpenSSL releases, openssl list-public-key-algorithms will display the available signing algorithms. One example is 'RSA-SHA256'.
the given algorithm (e.g. 'RSA-SHA256')
Creates and returns a Verify object that uses the given algorithm.
Creates and returns a Verify object that uses the given algorithm. On recent OpenSSL releases, openssl list-public-key-algorithms will display the available signing algorithms. One example is 'RSA-SHA256'.
the given algorithm (e.g. 'RSA-SHA256')
Property for checking and controlling whether a FIPS compliant crypto provider is currently in use.
Property for checking and controlling whether a FIPS compliant crypto provider is currently in use. Setting to true requires a FIPS build of Node.js.
Returns an array with the names of the supported cipher algorithms.
Returns an array with the names of the supported cipher algorithms.
the names of the supported cipher algorithms. // ['aes-128-cbc', 'aes-128-ccm', ...]
Provides a synchronous Password-Based Key Derivation Function 2 (PBKDF2) implementation.
Provides a synchronous Password-Based Key Derivation Function 2 (PBKDF2) implementation. A selected HMAC digest algorithm specified by digest is applied to derive a key of the requested byte length (keylen) from the password, salt and iterations.
If an error occurs an Error will be thrown, otherwise the derived key will be returned as a Buffer.
The iterations argument must be a number set as high as possible. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete.
The salt should also be as unique as possible. It is recommended that the salts are random and their lengths are greater than 16 bytes. See NIST SP 800-132 for details.
(Doc source: https://nodejs.org/api/crypto.html#crypto_crypto_pbkdf2sync_password_salt_iterations_keylen_digest)
The crypto module provides cryptographic functionality that includes a set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign and verify functions.
https://nodejs.org/dist/latest-v7.x/docs/api/crypto.html#crypto_crypto