diff options
Diffstat (limited to 'doc/api/crypto.md')
-rw-r--r-- | doc/api/crypto.md | 347 |
1 files changed, 174 insertions, 173 deletions
diff --git a/doc/api/crypto.md b/doc/api/crypto.md index b51a1abee0..930ca11c04 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -6,11 +6,12 @@ <!-- source_link=lib/crypto.js --> -The `crypto` module provides cryptographic functionality that includes a set of -wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify functions. +The `node:crypto` module provides cryptographic functionality that includes a +set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify +functions. ```mjs -const { createHmac } = await import('crypto'); +const { createHmac } = await import('node:crypto'); const secret = 'abcdefg'; const hash = createHmac('sha256', secret) @@ -22,7 +23,7 @@ console.log(hash); ``` ```cjs -const crypto = require('crypto'); +const crypto = require('node:crypto'); const secret = 'abcdefg'; const hash = crypto.createHmac('sha256', secret) @@ -36,8 +37,8 @@ console.log(hash); ## Determining if crypto support is unavailable It is possible for Node.js to be built without including support for the -`crypto` module. In such cases, attempting to `import` from `crypto` or -calling `require('crypto')` will result in an error being thrown. +`node:crypto` module. In such cases, attempting to `import` from `crypto` or +calling `require('node:crypto')` will result in an error being thrown. When using CommonJS, the error thrown can be caught using try/catch: @@ -46,7 +47,7 @@ When using CommonJS, the error thrown can be caught using try/catch: ```cjs let crypto; try { - crypto = require('crypto'); + crypto = require('node:crypto'); } catch (err) { console.log('crypto support is disabled!'); } @@ -64,7 +65,7 @@ of Node.js where crypto support is not enabled, consider using the ```mjs let crypto; try { - crypto = await import('crypto'); + crypto = await import('node:crypto'); } catch (err) { console.log('crypto support is disabled!'); } @@ -82,7 +83,7 @@ Netscape and was specified formally as part of [HTML5's `keygen` element][]. `<keygen>` is deprecated since [HTML 5.2][] and new projects should not use this element anymore. -The `crypto` module provides the `Certificate` class for working with SPKAC +The `node:crypto` module provides the `Certificate` class for working with SPKAC data. The most common usage is handling output generated by the HTML5 `<keygen>` element. Node.js uses [OpenSSL's SPKAC implementation][] internally. @@ -103,7 +104,7 @@ changes: includes a public key and a challenge. ```mjs -const { Certificate } = await import('crypto'); +const { Certificate } = await import('node:crypto'); const spkac = getSpkacSomehow(); const challenge = Certificate.exportChallenge(spkac); console.log(challenge.toString('utf8')); @@ -111,7 +112,7 @@ console.log(challenge.toString('utf8')); ``` ```cjs -const { Certificate } = require('crypto'); +const { Certificate } = require('node:crypto'); const spkac = getSpkacSomehow(); const challenge = Certificate.exportChallenge(spkac); console.log(challenge.toString('utf8')); @@ -135,7 +136,7 @@ changes: which includes a public key and a challenge. ```mjs -const { Certificate } = await import('crypto'); +const { Certificate } = await import('node:crypto'); const spkac = getSpkacSomehow(); const publicKey = Certificate.exportPublicKey(spkac); console.log(publicKey); @@ -143,7 +144,7 @@ console.log(publicKey); ``` ```cjs -const { Certificate } = require('crypto'); +const { Certificate } = require('node:crypto'); const spkac = getSpkacSomehow(); const publicKey = Certificate.exportPublicKey(spkac); console.log(publicKey); @@ -168,8 +169,8 @@ changes: `false` otherwise. ```mjs -import { Buffer } from 'buffer'; -const { Certificate } = await import('crypto'); +import { Buffer } from 'node:buffer'; +const { Certificate } = await import('node:crypto'); const spkac = getSpkacSomehow(); console.log(Certificate.verifySpkac(Buffer.from(spkac))); @@ -177,8 +178,8 @@ console.log(Certificate.verifySpkac(Buffer.from(spkac))); ``` ```cjs -const { Certificate } = require('crypto'); -const { Buffer } = require('buffer'); +const { Certificate } = require('node:crypto'); +const { Buffer } = require('node:buffer'); const spkac = getSpkacSomehow(); console.log(Certificate.verifySpkac(Buffer.from(spkac))); @@ -198,14 +199,14 @@ Instances of the `Certificate` class can be created using the `new` keyword or by calling `crypto.Certificate()` as a function: ```mjs -const { Certificate } = await import('crypto'); +const { Certificate } = await import('node:crypto'); const cert1 = new Certificate(); const cert2 = Certificate(); ``` ```cjs -const { Certificate } = require('crypto'); +const { Certificate } = require('node:crypto'); const cert1 = new Certificate(); const cert2 = Certificate(); @@ -223,7 +224,7 @@ added: v0.11.8 includes a public key and a challenge. ```mjs -const { Certificate } = await import('crypto'); +const { Certificate } = await import('node:crypto'); const cert = Certificate(); const spkac = getSpkacSomehow(); const challenge = cert.exportChallenge(spkac); @@ -232,7 +233,7 @@ console.log(challenge.toString('utf8')); ``` ```cjs -const { Certificate } = require('crypto'); +const { Certificate } = require('node:crypto'); const cert = Certificate(); const spkac = getSpkacSomehow(); const challenge = cert.exportChallenge(spkac); @@ -252,7 +253,7 @@ added: v0.11.8 which includes a public key and a challenge. ```mjs -const { Certificate } = await import('crypto'); +const { Certificate } = await import('node:crypto'); const cert = Certificate(); const spkac = getSpkacSomehow(); const publicKey = cert.exportPublicKey(spkac); @@ -261,7 +262,7 @@ console.log(publicKey); ``` ```cjs -const { Certificate } = require('crypto'); +const { Certificate } = require('node:crypto'); const cert = Certificate(); const spkac = getSpkacSomehow(); const publicKey = cert.exportPublicKey(spkac); @@ -281,8 +282,8 @@ added: v0.11.8 `false` otherwise. ```mjs -import { Buffer } from 'buffer'; -const { Certificate } = await import('crypto'); +import { Buffer } from 'node:buffer'; +const { Certificate } = await import('node:crypto'); const cert = Certificate(); const spkac = getSpkacSomehow(); @@ -291,8 +292,8 @@ console.log(cert.verifySpkac(Buffer.from(spkac))); ``` ```cjs -const { Certificate } = require('crypto'); -const { Buffer } = require('buffer'); +const { Certificate } = require('node:crypto'); +const { Buffer } = require('node:buffer'); const cert = Certificate(); const spkac = getSpkacSomehow(); @@ -327,7 +328,7 @@ const { scrypt, randomFill, createCipheriv -} = await import('crypto'); +} = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -360,7 +361,7 @@ const { scrypt, randomFill, createCipheriv -} = require('crypto'); +} = require('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -404,7 +405,7 @@ const { scrypt, randomFill, createCipheriv -} = await import('crypto'); +} = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -433,17 +434,17 @@ scrypt(password, 'salt', 24, (err, key) => { const { createReadStream, createWriteStream, -} = require('fs'); +} = require('node:fs'); const { pipeline -} = require('stream'); +} = require('node:stream'); const { scrypt, randomFill, createCipheriv, -} = require('crypto'); +} = require('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -475,7 +476,7 @@ const { scrypt, randomFill, createCipheriv -} = await import('crypto'); +} = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -502,7 +503,7 @@ const { scrypt, randomFill, createCipheriv, -} = require('crypto'); +} = require('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -655,11 +656,11 @@ directly using the `new` keyword. Example: Using `Decipher` objects as streams: ```mjs -import { Buffer } from 'buffer'; +import { Buffer } from 'node:buffer'; const { scryptSync, createDecipheriv -} = await import('crypto'); +} = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -694,8 +695,8 @@ decipher.end(); const { scryptSync, createDecipheriv, -} = require('crypto'); -const { Buffer } = require('buffer'); +} = require('node:crypto'); +const { Buffer } = require('node:buffer'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -733,11 +734,11 @@ import { createReadStream, createWriteStream, } from 'fs'; -import { Buffer } from 'buffer'; +import { Buffer } from 'node:buffer'; const { scryptSync, createDecipheriv -} = await import('crypto'); +} = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -758,12 +759,12 @@ input.pipe(decipher).pipe(output); const { createReadStream, createWriteStream, -} = require('fs'); +} = require('node:fs'); const { scryptSync, createDecipheriv, -} = require('crypto'); -const { Buffer } = require('buffer'); +} = require('node:crypto'); +const { Buffer } = require('node:buffer'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -783,11 +784,11 @@ input.pipe(decipher).pipe(output); Example: Using the [`decipher.update()`][] and [`decipher.final()`][] methods: ```mjs -import { Buffer } from 'buffer'; +import { Buffer } from 'node:buffer'; const { scryptSync, createDecipheriv -} = await import('crypto'); +} = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -811,8 +812,8 @@ console.log(decrypted); const { scryptSync, createDecipheriv, -} = require('crypto'); -const { Buffer } = require('buffer'); +} = require('node:crypto'); +const { Buffer } = require('node:buffer'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; @@ -981,11 +982,11 @@ Instances of the `DiffieHellman` class can be created using the [`crypto.createDiffieHellman()`][] function. ```mjs -import assert from 'assert'; +import assert from 'node:assert'; const { createDiffieHellman -} = await import('crypto'); +} = await import('node:crypto'); // Generate Alice's keys... const alice = createDiffieHellman(2048); @@ -1004,11 +1005,11 @@ assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex')); ``` ```cjs -const assert = require('assert'); +const assert = require('node:assert'); const { createDiffieHellman, -} = require('crypto'); +} = require('node:crypto'); // Generate Alice's keys... const alice = createDiffieHellman(2048); @@ -1152,8 +1153,7 @@ added: v0.11.12 A bit field containing any warnings and/or errors resulting from a check performed during initialization of the `DiffieHellman` object. -The following values are valid for this property (as defined in `constants` -module): +The following values are valid for this property (as defined in `node:constants` module): * `DH_CHECK_P_NOT_SAFE_PRIME` * `DH_CHECK_P_NOT_PRIME` @@ -1172,12 +1172,12 @@ its keys after creation. In other words, it does not implement `setPublicKey()` or `setPrivateKey()` methods. ```mjs -const { createDiffieHellmanGroup } = await import('crypto'); +const { createDiffieHellmanGroup } = await import('node:crypto'); const dh = createDiffieHellmanGroup('modp1'); ``` ```cjs -const { createDiffieHellmanGroup } = require('crypto'); +const { createDiffieHellmanGroup } = require('node:crypto'); const dh = createDiffieHellmanGroup('modp1'); ``` @@ -1209,11 +1209,11 @@ Instances of the `ECDH` class can be created using the [`crypto.createECDH()`][] function. ```mjs -import assert from 'assert'; +import assert from 'node:assert'; const { createECDH -} = await import('crypto'); +} = await import('node:crypto'); // Generate Alice's keys... const alice = createECDH('secp521r1'); @@ -1232,11 +1232,11 @@ assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex')); ``` ```cjs -const assert = require('assert'); +const assert = require('node:assert'); const { createECDH, -} = require('crypto'); +} = require('node:crypto'); // Generate Alice's keys... const alice = createECDH('secp521r1'); @@ -1289,7 +1289,7 @@ Example (uncompressing a key): const { createECDH, ECDH -} = await import('crypto'); +} = await import('node:crypto'); const ecdh = createECDH('secp256k1'); ecdh.generateKeys(); @@ -1310,7 +1310,7 @@ console.log(uncompressedKey === ecdh.getPublicKey('hex')); const { createECDH, ECDH, -} = require('crypto'); +} = require('node:crypto'); const ecdh = createECDH('secp256k1'); ecdh.generateKeys(); @@ -1461,7 +1461,7 @@ Example (obtaining a shared secret): const { createECDH, createHash -} = await import('crypto'); +} = await import('node:crypto'); const alice = createECDH('secp256k1'); const bob = createECDH('secp256k1'); @@ -1488,7 +1488,7 @@ console.log(aliceSecret === bobSecret); const { createECDH, createHash, -} = require('crypto'); +} = require('node:crypto'); const alice = createECDH('secp256k1'); const bob = createECDH('secp256k1'); @@ -1535,7 +1535,7 @@ Example: Using `Hash` objects as streams: ```mjs const { createHash -} = await import('crypto'); +} = await import('node:crypto'); const hash = createHash('sha256'); @@ -1557,7 +1557,7 @@ hash.end(); ```cjs const { createHash, -} = require('crypto'); +} = require('node:crypto'); const hash = createHash('sha256'); @@ -1579,9 +1579,9 @@ hash.end(); Example: Using `Hash` and piped streams: ```mjs -import { createReadStream } from 'fs'; -import { stdout } from 'process'; -const { createHash } = await import('crypto'); +import { createReadStream } from 'node:fs'; +import { stdout } from 'node:process'; +const { createHash } = await import('node:crypto'); const hash = createHash('sha256'); @@ -1590,9 +1590,9 @@ input.pipe(hash).setEncoding('hex').pipe(stdout); ``` ```cjs -const { createReadStream } = require('fs'); -const { createHash } = require('crypto'); -const { stdout } = require('process'); +const { createReadStream } = require('node:fs'); +const { createHash } = require('node:crypto'); +const { stdout } = require('node:process'); const hash = createHash('sha256'); @@ -1605,7 +1605,7 @@ Example: Using the [`hash.update()`][] and [`hash.digest()`][] methods: ```mjs const { createHash -} = await import('crypto'); +} = await import('node:crypto'); const hash = createHash('sha256'); @@ -1618,7 +1618,7 @@ console.log(hash.digest('hex')); ```cjs const { createHash, -} = require('crypto'); +} = require('node:crypto'); const hash = createHash('sha256'); @@ -1651,7 +1651,7 @@ its [`hash.digest()`][] method has been called. // Calculate a rolling hash. const { createHash -} = await import('crypto'); +} = await import('node:crypto'); const hash = createHash('sha256'); @@ -1671,7 +1671,7 @@ console.log(hash.copy().digest('hex')); // Calculate a rolling hash. const { createHash, -} = require('crypto'); +} = require('node:crypto'); const hash = createHash('sha256'); @@ -1749,7 +1749,7 @@ Example: Using `Hmac` objects as streams: ```mjs const { createHmac -} = await import('crypto'); +} = await import('node:crypto'); const hmac = createHmac('sha256', 'a secret'); @@ -1771,7 +1771,7 @@ hmac.end(); ```cjs const { createHmac, -} = require('crypto'); +} = require('node:crypto'); const hmac = createHmac('sha256', 'a secret'); @@ -1793,11 +1793,11 @@ hmac.end(); Example: Using `Hmac` and piped streams: ```mjs -import { createReadStream } from 'fs'; -import { stdout } from 'process'; +import { createReadStream } from 'node:fs'; +import { stdout } from 'node:process'; const { createHmac -} = await import('crypto'); +} = await import('node:crypto'); const hmac = createHmac('sha256', 'a secret'); @@ -1808,11 +1808,11 @@ input.pipe(hmac).pipe(stdout); ```cjs const { createReadStream, -} = require('fs'); +} = require('node:fs'); const { createHmac, -} = require('crypto'); -const { stdout } = require('process'); +} = require('node:crypto'); +const { stdout } = require('node:process'); const hmac = createHmac('sha256', 'a secret'); @@ -1825,7 +1825,7 @@ Example: Using the [`hmac.update()`][] and [`hmac.digest()`][] methods: ```mjs const { createHmac -} = await import('crypto'); +} = await import('node:crypto'); const hmac = createHmac('sha256', 'a secret'); @@ -1838,7 +1838,7 @@ console.log(hmac.digest('hex')); ```cjs const { createHmac, -} = require('crypto'); +} = require('node:crypto'); const hmac = createHmac('sha256', 'a secret'); @@ -1927,7 +1927,7 @@ added: v15.0.0 Example: Converting a `CryptoKey` instance to a `KeyObject`: ```mjs -const { webcrypto, KeyObject } = await import('crypto'); +const { webcrypto, KeyObject } = await import('node:crypto'); const { subtle } = webcrypto; const key = await subtle.generateKey({ @@ -1947,7 +1947,7 @@ const { subtle, }, KeyObject, -} = require('crypto'); +} = require('node:crypto'); (async function() { const key = await subtle.generateKey({ @@ -2151,7 +2151,7 @@ const { generateKeyPairSync, createSign, createVerify -} = await import('crypto'); +} = await import('node:crypto'); const { privateKey, publicKey } = generateKeyPairSync('ec', { namedCurve: 'sect239k1' @@ -2174,7 +2174,7 @@ const { generateKeyPairSync, createSign, createVerify, -} = require('crypto'); +} = require('node:crypto'); const { privateKey, publicKey } = generateKeyPairSync('ec', { namedCurve: 'sect239k1' @@ -2199,7 +2199,7 @@ const { generateKeyPairSync, createSign, createVerify -} = await import('crypto'); +} = await import('node:crypto'); const { privateKey, publicKey } = generateKeyPairSync('rsa', { modulusLength: 2048, @@ -2222,7 +2222,7 @@ const { generateKeyPairSync, createSign, createVerify, -} = require('crypto'); +} = require('node:crypto'); const { privateKey, publicKey } = generateKeyPairSync('rsa', { modulusLength: 2048, @@ -2455,7 +2455,7 @@ Encapsulates an X509 certificate and provides read-only access to its information. ```mjs -const { X509Certificate } = await import('crypto'); +const { X509Certificate } = await import('node:crypto'); const x509 = new X509Certificate('{... pem encoded cert ...}'); @@ -2463,7 +2463,7 @@ console.log(x509.subject); ``` ```cjs -const { X509Certificate } = require('crypto'); +const { X509Certificate } = require('node:crypto'); const x509 = new X509Certificate('{... pem encoded cert ...}'); @@ -2859,7 +2859,7 @@ added: v15.6.0 Verifies that this certificate was signed by the given public key. Does not perform any other validation checks on the certificate. -## `crypto` module methods and properties +## `node:crypto` module methods and properties ### `crypto.constants` @@ -3310,10 +3310,10 @@ Example: generating the sha256 sum of a file import { createReadStream } from 'fs'; -import { argv } from 'process'; +import { argv } from 'node:process'; const { createHash -} = await import('crypto'); +} = await import('node:crypto'); const filename = argv[2]; @@ -3335,11 +3335,11 @@ input.on('readable', () => { ```cjs const { createReadStream, -} = require('fs'); +} = require('node:fs'); const { createHash, -} = require('crypto'); -const { argv } = require('process'); +} = require('node:crypto'); +const { argv } = require('node:process'); const filename = argv[2]; @@ -3396,10 +3396,10 @@ Example: generating the sha256 HMAC of a file import { createReadStream } from 'fs'; -import { argv } from 'process'; +import { argv } from 'node:process'; const { createHmac -} = await import('crypto'); +} = await import('node:crypto'); const filename = argv[2]; @@ -3421,11 +3421,11 @@ input.on('readable', () => { ```cjs const { createReadStream, -} = require('fs'); +} = require('node:fs'); const { createHmac, -} = require('crypto'); -const { argv } = require('process'); +} = require('node:crypto'); +const { argv } = require('node:process'); const filename = argv[2]; @@ -3638,7 +3638,7 @@ Asynchronously generates a new random secret key of the given `length`. The ```mjs const { generateKey -} = await import('crypto'); +} = await import('node:crypto'); generateKey('hmac', { length: 64 }, (err, key) => { if (err) throw err; @@ -3649,7 +3649,7 @@ generateKey('hmac', { length: 64 }, (err, key) => { ```cjs const { generateKey, -} = require('crypto'); +} = require('node:crypto'); generateKey('hmac', { length: 64 }, (err, key) => { if (err) throw err; @@ -3727,7 +3727,7 @@ It is recommended to encode public keys as `'spki'` and private keys as ```mjs const { generateKeyPair -} = await import('crypto'); +} = await import('node:crypto'); generateKeyPair('rsa', { modulusLength: 4096, @@ -3749,7 +3749,7 @@ generateKeyPair('rsa', { ```cjs const { generateKeyPair, -} = require('crypto'); +} = require('node:crypto'); generateKeyPair('rsa', { modulusLength: 4096, @@ -3839,7 +3839,7 @@ and to keep the passphrase confidential. ```mjs const { generateKeyPairSync -} = await import('crypto'); +} = await import('node:crypto'); const { publicKey, @@ -3862,7 +3862,7 @@ const { ```cjs const { generateKeyPairSync, -} = require('crypto'); +} = require('node:crypto'); const { publicKey, @@ -3908,7 +3908,7 @@ Synchronously generates a new random secret key of the given `length`. The ```mjs const { generateKeySync -} = await import('crypto'); +} = await import('node:crypto'); const key = generateKeySync('hmac', { length: 64 }); console.log(key.export().toString('hex')); // e89..........41e @@ -3917,7 +3917,7 @@ console.log(key.export().toString('hex')); // e89..........41e ```cjs const { generateKeySync, -} = require('crypto'); +} = require('node:crypto'); const key = generateKeySync('hmac', { length: 64 }); console.log(key.export().toString('hex')); // e89..........41e @@ -4055,7 +4055,7 @@ added: v0.9.3 ```mjs const { getCiphers -} = await import('crypto'); +} = await import('node:crypto'); console.log(getCiphers()); // ['aes-128-cbc', 'aes-128-ccm', ...] ``` @@ -4063,7 +4063,7 @@ console.log(getCiphers()); // ['aes-128-cbc', 'aes-128-ccm', ...] ```cjs const { getCiphers, -} = require('crypto'); +} = require('node:crypto'); console.log(getCiphers()); // ['aes-128-cbc', 'aes-128-ccm', ...] ``` @@ -4079,7 +4079,7 @@ added: v2.3.0 ```mjs const { getCurves -} = await import('crypto'); +} = await import('node:crypto'); console.log(getCurves()); // ['Oakley-EC2N-3', 'Oakley-EC2N-4', ...] ``` @@ -4087,7 +4087,7 @@ console.log(getCurves()); // ['Oakley-EC2N-3', 'Oakley-EC2N-4', ...] ```cjs const { getCurves, -} = require('crypto'); +} = require('node:crypto'); console.log(getCurves()); // ['Oakley-EC2N-3', 'Oakley-EC2N-4', ...] ``` @@ -4117,7 +4117,7 @@ Example (obtaining a shared secret): ```mjs const { getDiffieHellman -} = await import('crypto'); +} = await import('node:crypto'); const alice = getDiffieHellman('modp14'); const bob = getDiffieHellman('modp14'); @@ -4134,7 +4134,7 @@ console.log(aliceSecret === bobSecret); ```cjs const { getDiffieHellman, -} = require('crypto'); +} = require('node:crypto'); const alice = getDiffieHellman('modp14'); const bob = getDiffieHellman('modp14'); @@ -4171,7 +4171,7 @@ added: v0.9.3 ```mjs const { getHashes -} = await import('crypto'); +} = await import('node:crypto'); console.log(getHashes()); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...] ``` @@ -4179,7 +4179,7 @@ console.log(getHashes()); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...] ```cjs const { getHashes, -} = require('crypto'); +} = require('node:crypto'); console.log(getHashes()); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...] ``` @@ -4234,10 +4234,10 @@ be passed to the callback as an {ArrayBuffer}. An error will be thrown if any of the input arguments specify invalid values or types. ```mjs -import { Buffer } from 'buffer'; +import { Buffer } from 'node:buffer'; const { hkdf -} = await import('crypto'); +} = await import('node:crypto'); hkdf('sha512', 'key', 'salt', 'info', 64, (err, derivedKey) => { if (err) throw err; @@ -4248,8 +4248,8 @@ hkdf('sha512', 'key', 'salt', 'info', 64, (err, derivedKey) => { ```cjs const { hkdf, -} = require('crypto'); -const { Buffer } = require('buffer'); +} = require('node:crypto'); +const { Buffer } = require('node:buffer'); hkdf('sha512', 'key', 'salt', 'info', 64, (err, derivedKey) => { if (err) throw err; @@ -4286,10 +4286,10 @@ An error will be thrown if any of the input arguments specify invalid values or types, or if the derived key cannot be generated. ```mjs -import { Buffer } from 'buffer'; +import { Buffer } from 'node:buffer'; const { hkdfSync -} = await import('crypto'); +} = await import('node:crypto'); const derivedKey = hkdfSync('sha512', 'key', 'salt', 'info', 64); console.log(Buffer.from(derivedKey).toString('hex')); // '24156e2...5391653' @@ -4298,8 +4298,8 @@ console.log(Buffer.from(derivedKey).toString('hex')); // '24156e2...5391653' ```cjs const { hkdfSync, -} = require('crypto'); -const { Buffer } = require('buffer'); +} = require('node:crypto'); +const { Buffer } = require('node:buffer'); const derivedKey = hkdfSync('sha512', 'key', 'salt', 'info', 64); console.log(Buffer.from(derivedKey).toString('hex')); // '24156e2...5391653' @@ -4372,7 +4372,7 @@ When passing strings for `password` or `salt`, please consider ```mjs const { pbkdf2 -} = await import('crypto'); +} = await import('node:crypto'); pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => { if (err) throw err; @@ -4383,7 +4383,7 @@ pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => { ```cjs const { pbkdf2, -} = require('crypto'); +} = require('node:crypto'); pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => { if (err) throw err; @@ -4396,7 +4396,7 @@ The `crypto.DEFAULT_ENCODING` property can be used to change the way the deprecated and use should be avoided. ```mjs -import crypto from 'crypto'; +import crypto from 'node:crypto'; crypto.DEFAULT_ENCODING = 'hex'; crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => { if (err) throw err; @@ -4405,7 +4405,7 @@ crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => { ``` ```cjs -const crypto = require('crypto'); +const crypto = require('node:crypto'); crypto.DEFAULT_ENCODING = 'hex'; crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, derivedKey) => { if (err) throw err; @@ -4470,7 +4470,7 @@ When passing strings for `password` or `salt`, please consider ```mjs const { pbkdf2Sync -} = await import('crypto'); +} = await import('node:crypto'); const key = pbkdf2Sync('secret', 'salt', 100000, 64, 'sha512'); console.log(key.toString('hex')); // '3745e48...08d59ae' @@ -4479,7 +4479,7 @@ console.log(key.toString('hex')); // '3745e48...08d59ae' ```cjs const { pbkdf2Sync, -} = require('crypto'); +} = require('node:crypto'); const key = pbkdf2Sync('secret', 'salt', 100000, 64, 'sha512'); console.log(key.toString('hex')); // '3745e48...08d59ae' @@ -4490,14 +4490,14 @@ The `crypto.DEFAULT_ENCODING` property may be used to change the way the should be avoided. ```mjs -import crypto from 'crypto'; +import crypto from 'node:crypto'; crypto.DEFAULT_ENCODING = 'hex'; const key = crypto.pbkdf2Sync('secret', 'salt', 100000, 512, 'sha512'); console.log(key); // '3745e48...aa39b34' ``` ```cjs -const crypto = require('crypto'); +const crypto = require('node:crypto'); crypto.DEFAULT_ENCODING = 'hex'; const key = crypto.pbkdf2Sync('secret', 'salt', 100000, 512, 'sha512'); console.log(key); // '3745e48...aa39b34' @@ -4726,7 +4726,7 @@ If an error occurs, `err` will be an `Error` object; otherwise it is `null`. The // Asynchronous const { randomBytes -} = await import('crypto'); +} = await import('node:crypto'); randomBytes(256, (err, buf) => { if (err) throw err; @@ -4738,7 +4738,7 @@ randomBytes(256, (err, buf) => { // Asynchronous const { randomBytes, -} = require('crypto'); +} = require('node:crypto'); randomBytes(256, (err, buf) => { if (err) throw err; @@ -4754,7 +4754,7 @@ there is a problem generating the bytes. // Synchronous const { randomBytes -} = await import('crypto'); +} = await import('node:crypto'); const buf = randomBytes(256); console.log( @@ -4765,7 +4765,7 @@ console.log( // Synchronous const { randomBytes, -} = require('crypto'); +} = require('node:crypto'); const buf = randomBytes(256); console.log( @@ -4810,8 +4810,8 @@ changes: Synchronous version of [`crypto.randomFill()`][]. ```mjs -import { Buffer } from 'buffer'; -const { randomFillSync } = await import('crypto'); +import { Buffer } from 'node:buffer'; +const { randomFillSync } = await import('node:crypto'); const buf = Buffer.alloc(10); console.log(randomFillSync(buf).toString('hex')); @@ -4825,8 +4825,8 @@ console.log(buf.toString('hex')); ``` ```cjs -const { randomFillSync } = require('crypto'); -const { Buffer } = require('buffer'); +const { randomFillSync } = require('node:crypto'); +const { Buffer } = require('node:buffer'); const buf = Buffer.alloc(10); console.log(randomFillSync(buf).toString('hex')); @@ -4843,8 +4843,8 @@ Any `ArrayBuffer`, `TypedArray` or `DataView` instance may be passed as `buffer`. ```mjs -import { Buffer } from 'buffer'; -const { randomFillSync } = await import('crypto'); +import { Buffer } from 'node:buffer'; +const { randomFillSync } = await import('node:crypto'); const a = new Uint32Array(10); console.log(Buffer.from(randomFillSync(a).buffer, @@ -4859,8 +4859,8 @@ console.log(Buffer.from(randomFillSync(c)).toString('hex')); ``` ```cjs -const { randomFillSync } = require('crypto'); -const { Buffer } = require('buffer'); +const { randomFillSync } = require('node:crypto'); +const { Buffer } = require('node:buffer'); const a = new Uint32Array(10); console.log(Buffer.from(randomFillSync(a).buffer, @@ -4905,8 +4905,8 @@ requires that a callback is passed in. If the `callback` function is not provided, an error will be thrown. ```mjs -import { Buffer } from 'buffer'; -const { randomFill } = await import('crypto'); +import { Buffer } from 'node:buffer'; +const { randomFill } = await import('node:crypto'); const buf = Buffer.alloc(10); randomFill(buf, (err, buf) => { @@ -4927,8 +4927,8 @@ randomFill(buf, 5, 5, (err, buf) => { ``` ```cjs -const { randomFill } = require('crypto'); -const { Buffer } = require('buffer'); +const { randomFill } = require('node:crypto'); +const { Buffer } = require('node:buffer'); const buf = Buffer.alloc(10); randomFill(buf, (err, buf) => { @@ -4958,8 +4958,8 @@ contains finite numbers only, they are not drawn from a uniform random distribution and have no meaningful lower or upper bounds. ```mjs -import { Buffer } from 'buffer'; -const { randomFill } = await import('crypto'); +import { Buffer } from 'node:buffer'; +const { randomFill } = await import('node:crypto'); const a = new Uint32Array(10); randomFill(a, (err, buf) => { @@ -4983,8 +4983,8 @@ randomFill(c, (err, buf) => { ``` ```cjs -const { randomFill } = require('crypto'); -const { Buffer } = require('buffer'); +const { randomFill } = require('node:crypto'); +const { Buffer } = require('node:buffer'); const a = new Uint32Array(10); randomFill(a, (err, buf) => { @@ -5047,7 +5047,7 @@ generated synchronously. // Asynchronous const { randomInt -} = await import('crypto'); +} = await import('node:crypto'); randomInt(3, (err, n) => { if (err) throw err; @@ -5059,7 +5059,7 @@ randomInt(3, (err, n) => { // Asynchronous const { randomInt, -} = require('crypto'); +} = require('node:crypto'); randomInt(3, (err, n) => { if (err) throw err; @@ -5071,7 +5071,7 @@ randomInt(3, (err, n) => { // Synchronous const { randomInt -} = await import('crypto'); +} = await import('node:crypto'); const n = randomInt(3); console.log(`Random number chosen from (0, 1, 2): ${n}`); @@ -5081,7 +5081,7 @@ console.log(`Random number chosen from (0, 1, 2): ${n}`); // Synchronous const { randomInt, -} = require('crypto'); +} = require('node:crypto'); const n = randomInt(3); console.log(`Random number chosen from (0, 1, 2): ${n}`); @@ -5091,7 +5091,7 @@ console.log(`Random number chosen from (0, 1, 2): ${n}`); // With `min` argument const { randomInt -} = await import('crypto'); +} = await import('node:crypto'); const n = randomInt(1, 7); console.log(`The dice rolled: ${n}`); @@ -5101,7 +5101,7 @@ console.log(`The dice rolled: ${n}`); // With `min` argument const { randomInt, -} = require('crypto'); +} = require('node:crypto'); const n = randomInt(1, 7); console.log(`The dice rolled: ${n}`); @@ -5188,7 +5188,7 @@ or types. ```mjs const { scrypt -} = await import('crypto'); +} = await import('node:crypto'); // Using the factory defaults. scrypt('password', 'salt', 64, (err, derivedKey) => { @@ -5205,7 +5205,7 @@ scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => { ```cjs const { scrypt, -} = require('crypto'); +} = require('node:crypto'); // Using the factory defaults. scrypt('password', 'salt', 64, (err, derivedKey) => { @@ -5269,7 +5269,7 @@ or types. ```mjs const { scryptSync -} = await import('crypto'); +} = await import('node:crypto'); // Using the factory defaults. const key1 = scryptSync('password', 'salt', 64); @@ -5282,7 +5282,7 @@ console.log(key2.toString('hex')); // '3745e48...aa39b34' ```cjs const { scryptSync, -} = require('crypto'); +} = require('node:crypto'); // Using the factory defaults. const key1 = scryptSync('password', 'salt', 64); @@ -5591,7 +5591,7 @@ instead. ### Support for weak or compromised algorithms -The `crypto` module still supports some algorithms which are already +The `node:crypto` module still supports some algorithms which are already compromised and are not currently recommended for use. The API also allows the use of ciphers and hashes with a small key size that are too weak for safe use. @@ -5647,12 +5647,12 @@ mode must adhere to certain restrictions when using the cipher API: authentication tag. ```mjs -import { Buffer } from 'buffer'; +import { Buffer } from 'node:buffer'; const { createCipheriv, createDecipheriv, randomBytes -} = await import('crypto'); +} = await import('node:crypto'); const key = 'keykeykeykeykeykeykeykey'; const nonce = randomBytes(12); @@ -5691,12 +5691,12 @@ console.log(receivedPlaintext); ``` ```cjs -const { Buffer } = require('buffer'); +const { Buffer } = require('node:buffer'); const { createCipheriv, createDecipheriv, randomBytes, -} = require('crypto'); +} = require('node:crypto'); const key = 'keykeykeykeykeykeykeykey'; const nonce = randomBytes(12); @@ -5737,7 +5737,8 @@ console.log(receivedPlaintext); ## Crypto constants The following constants exported by `crypto.constants` apply to various uses of -the `crypto`, `tls`, and `https` modules and are generally specific to OpenSSL. +the `node:crypto`, `node:tls`, and `node:https` modules and are generally +specific to OpenSSL. ### OpenSSL options |