2012-02-27 20:08:02 +01:00
|
|
|
# Crypto
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-10-11 17:32:36 +02:00
|
|
|
Stability: 2 - Unstable; API changes are being discussed for
|
|
|
|
future versions. Breaking changes will be minimized. See below.
|
2012-03-03 00:14:03 +01:00
|
|
|
|
2010-10-28 14:18:16 +02:00
|
|
|
Use `require('crypto')` to access this module.
|
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
The crypto module requires OpenSSL to be available on the underlying platform.
|
|
|
|
It offers a way of encapsulating secure credentials to be used as part
|
|
|
|
of a secure HTTPS net or http connection.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
|
|
|
It also offers a set of wrappers for OpenSSL's hash, hmac, cipher, decipher, sign and verify methods.
|
|
|
|
|
2012-10-13 01:26:14 +02:00
|
|
|
|
|
|
|
## crypto.getCiphers()
|
|
|
|
|
|
|
|
Returns an array with the names of the supported ciphers.
|
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
var ciphers = crypto.getCiphers();
|
|
|
|
console.log(ciphers); // ['AES128-SHA', 'AES256-SHA', ...]
|
|
|
|
|
|
|
|
|
2012-10-13 02:44:11 +02:00
|
|
|
## crypto.getHashes()
|
|
|
|
|
|
|
|
Returns an array with the names of the supported hash algorithms.
|
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
var hashes = crypto.getHashes();
|
|
|
|
console.log(hashes); // ['sha', 'sha1', 'sha1WithRSAEncryption', ...]
|
|
|
|
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createCredentials(details)
|
2010-10-28 14:18:16 +02:00
|
|
|
|
|
|
|
Creates a credentials object, with the optional details being a dictionary with keys:
|
|
|
|
|
2012-05-13 21:38:23 +02:00
|
|
|
* `pfx` : A string or buffer holding the PFX or PKCS12 encoded private key, certificate and CA certificates
|
2012-02-10 06:58:58 +01:00
|
|
|
* `key` : A string holding the PEM encoded private key
|
2012-05-13 21:38:23 +02:00
|
|
|
* `passphrase` : A string of passphrase for the private key or pfx
|
2012-02-10 06:58:58 +01:00
|
|
|
* `cert` : A string holding the PEM encoded certificate
|
|
|
|
* `ca` : Either a string or list of strings of PEM encoded CA certificates to trust.
|
|
|
|
* `crl` : Either a string or list of strings of PEM encoded CRLs (Certificate Revocation List)
|
|
|
|
* `ciphers`: A string describing the ciphers to use or exclude. Consult
|
2012-02-09 17:14:39 +01:00
|
|
|
<http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT> for details
|
|
|
|
on the format.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
If no 'ca' details are given, then node.js will use the default publicly trusted list of CAs as given in
|
|
|
|
<http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt>.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createHash(algorithm)
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Creates and returns a hash object, a cryptographic hash with the given algorithm
|
|
|
|
which can be used to generate hash digests.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
`algorithm` is dependent on the available algorithms supported by the version
|
|
|
|
of OpenSSL on the platform. Examples are `'sha1'`, `'md5'`, `'sha256'`, `'sha512'`, etc.
|
|
|
|
On recent releases, `openssl list-message-digest-algorithms` will display the available digest algorithms.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-04-03 10:09:00 +02:00
|
|
|
Example: this program that takes the sha1 sum of a file
|
|
|
|
|
|
|
|
var filename = process.argv[2];
|
|
|
|
var crypto = require('crypto');
|
|
|
|
var fs = require('fs');
|
|
|
|
|
|
|
|
var shasum = crypto.createHash('sha1');
|
|
|
|
|
|
|
|
var s = fs.ReadStream(filename);
|
|
|
|
s.on('data', function(d) {
|
|
|
|
shasum.update(d);
|
|
|
|
});
|
|
|
|
|
|
|
|
s.on('end', function() {
|
|
|
|
var d = shasum.digest('hex');
|
|
|
|
console.log(d + ' ' + filename);
|
|
|
|
});
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## Class: Hash
|
|
|
|
|
|
|
|
The class for creating hash digests of data.
|
|
|
|
|
|
|
|
Returned by `crypto.createHash`.
|
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### hash.update(data, [input_encoding])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-22 15:39:53 +01:00
|
|
|
Updates the hash content with the given `data`, the encoding of which is given
|
2012-09-12 22:35:59 +02:00
|
|
|
in `input_encoding` and can be `'buffer'`, `'utf8'`, `'ascii'` or `'binary'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
This can be called many times with new data as it is streamed.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### hash.digest([encoding])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Calculates the digest of all of the passed data to be hashed.
|
2012-09-12 22:35:59 +02:00
|
|
|
The `encoding` can be `'buffer'`, `'hex'`, `'binary'` or `'base64'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-07-29 20:03:58 +02:00
|
|
|
Note: `hash` object can not be used after `digest()` method been called.
|
|
|
|
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createHmac(algorithm, key)
|
2010-10-28 14:18:16 +02:00
|
|
|
|
|
|
|
Creates and returns a hmac object, a cryptographic hmac with the given algorithm and key.
|
|
|
|
|
|
|
|
`algorithm` is dependent on the available algorithms supported by OpenSSL - see createHash above.
|
|
|
|
`key` is the hmac key to be used.
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## Class: Hmac
|
|
|
|
|
|
|
|
Class for creating cryptographic hmac content.
|
|
|
|
|
|
|
|
Returned by `crypto.createHmac`.
|
|
|
|
|
2010-10-28 14:18:16 +02:00
|
|
|
### hmac.update(data)
|
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Update the hmac content with the given `data`.
|
|
|
|
This can be called many times with new data as it is streamed.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### hmac.digest([encoding])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Calculates the digest of all of the passed data to the hmac.
|
2012-09-12 22:35:59 +02:00
|
|
|
The `encoding` can be `'buffer'`, `'hex'`, `'binary'` or `'base64'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-07-29 20:03:58 +02:00
|
|
|
Note: `hmac` object can not be used after `digest()` method been called.
|
|
|
|
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createCipher(algorithm, password)
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-07-24 08:56:23 +02:00
|
|
|
Creates and returns a cipher object, with the given algorithm and password.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
`algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc.
|
2011-07-24 08:56:23 +02:00
|
|
|
On recent releases, `openssl list-cipher-algorithms` will display the
|
|
|
|
available cipher algorithms.
|
2012-06-12 22:02:35 +02:00
|
|
|
`password` is used to derive key and IV, which must be a `'binary'` encoded
|
|
|
|
string or a [buffer](buffer.html).
|
2011-07-24 08:56:23 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createCipheriv(algorithm, key, iv)
|
2011-07-24 08:56:23 +02:00
|
|
|
|
|
|
|
Creates and returns a cipher object, with the given algorithm, key and iv.
|
|
|
|
|
2012-06-12 22:02:35 +02:00
|
|
|
`algorithm` is the same as the argument to `createCipher()`.
|
|
|
|
`key` is the raw key used by the algorithm.
|
|
|
|
`iv` is an [initialization
|
|
|
|
vector](http://en.wikipedia.org/wiki/Initialization_vector).
|
|
|
|
|
|
|
|
`key` and `iv` must be `'binary'` encoded strings or [buffers](buffer.html).
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## Class: Cipher
|
|
|
|
|
|
|
|
Class for encrypting data.
|
|
|
|
|
|
|
|
Returned by `crypto.createCipher` and `crypto.createCipheriv`.
|
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### cipher.update(data, [input_encoding], [output_encoding])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
Updates the cipher with `data`, the encoding of which is given in
|
2012-09-12 22:35:59 +02:00
|
|
|
`input_encoding` and can be `'buffer'`, `'utf8'`, `'ascii'` or `'binary'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
2011-12-27 09:43:58 +01:00
|
|
|
|
|
|
|
The `output_encoding` specifies the output format of the enciphered data,
|
2012-10-11 00:44:47 +02:00
|
|
|
and can be `'buffer'`, `'binary'`, `'base64'` or `'hex'`. Defaults to
|
|
|
|
`'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
|
|
|
Returns the enciphered contents, and can be called many times with new data as it is streamed.
|
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### cipher.final([output_encoding])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
Returns any remaining enciphered contents, with `output_encoding` being one of:
|
2012-10-11 00:44:47 +02:00
|
|
|
`'buffer'`, `'binary'`, `'base64'` or `'hex'`. Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-07-29 20:03:58 +02:00
|
|
|
Note: `cipher` object can not be used after `final()` method been called.
|
|
|
|
|
2011-12-02 21:04:13 +01:00
|
|
|
### cipher.setAutoPadding(auto_padding=true)
|
|
|
|
|
|
|
|
You can disable automatic padding of the input data to block size. If `auto_padding` is false,
|
|
|
|
the length of the entire input data must be a multiple of the cipher's block size or `final` will fail.
|
|
|
|
Useful for non-standard padding, e.g. using `0x0` instead of PKCS padding. You must call this before `cipher.final`.
|
|
|
|
|
2011-07-29 20:03:58 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createDecipher(algorithm, password)
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Creates and returns a decipher object, with the given algorithm and key.
|
2012-06-06 21:05:18 +02:00
|
|
|
This is the mirror of the [createCipher()][] above.
|
2011-07-24 08:56:23 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createDecipheriv(algorithm, key, iv)
|
2011-07-24 08:56:23 +02:00
|
|
|
|
|
|
|
Creates and returns a decipher object, with the given algorithm, key and iv.
|
2012-06-06 21:05:18 +02:00
|
|
|
This is the mirror of the [createCipheriv()][] above.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## Class: Decipher
|
|
|
|
|
|
|
|
Class for decrypting data.
|
|
|
|
|
|
|
|
Returned by `crypto.createDecipher` and `crypto.createDecipheriv`.
|
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### decipher.update(data, [input_encoding], [output_encoding])
|
|
|
|
|
2012-09-12 22:35:59 +02:00
|
|
|
Updates the decipher with `data`, which is encoded in `'buffer'`, `'binary'`,
|
2012-10-11 00:44:47 +02:00
|
|
|
`'base64'` or `'hex'`. Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
The `output_decoding` specifies in what format to return the deciphered
|
2012-09-12 22:35:59 +02:00
|
|
|
plaintext: `'buffer'`, `'binary'`, `'ascii'` or `'utf8'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### decipher.final([output_encoding])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Returns any remaining plaintext which is deciphered,
|
2012-09-12 22:35:59 +02:00
|
|
|
with `output_encoding` being one of: `'buffer'`, `'binary'`, `'ascii'` or
|
|
|
|
`'utf8'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-07-29 20:03:58 +02:00
|
|
|
Note: `decipher` object can not be used after `final()` method been called.
|
|
|
|
|
2011-12-02 21:04:13 +01:00
|
|
|
### decipher.setAutoPadding(auto_padding=true)
|
|
|
|
|
|
|
|
You can disable auto padding if the data has been encrypted without standard block padding to prevent
|
|
|
|
`decipher.final` from checking and removing it. Can only work if the input data's length is a multiple of the
|
|
|
|
ciphers block size. You must call this before streaming data to `decipher.update`.
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createSign(algorithm)
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Creates and returns a signing object, with the given algorithm.
|
|
|
|
On recent OpenSSL releases, `openssl list-public-key-algorithms` will display
|
|
|
|
the available signing algorithms. Examples are `'RSA-SHA256'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## Class: Signer
|
|
|
|
|
|
|
|
Class for generating signatures.
|
|
|
|
|
|
|
|
Returned by `crypto.createSign`.
|
|
|
|
|
2010-10-28 14:18:16 +02:00
|
|
|
### signer.update(data)
|
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Updates the signer object with data.
|
|
|
|
This can be called many times with new data as it is streamed.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### signer.sign(private_key, [output_format])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Calculates the signature on all the updated data passed through the signer.
|
|
|
|
`private_key` is a string containing the PEM encoded private key for signing.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-09-12 22:35:59 +02:00
|
|
|
Returns the signature in `output_format` which can be `'buffer'`, `'binary'`,
|
2012-10-11 00:44:47 +02:00
|
|
|
`'hex'` or `'base64'`. Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-07-29 20:03:58 +02:00
|
|
|
Note: `signer` object can not be used after `sign()` method been called.
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createVerify(algorithm)
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2010-11-18 13:00:24 +01:00
|
|
|
Creates and returns a verification object, with the given algorithm.
|
|
|
|
This is the mirror of the signing object above.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## Class: Verify
|
|
|
|
|
|
|
|
Class for verifying signatures.
|
|
|
|
|
|
|
|
Returned by `crypto.createVerify`.
|
|
|
|
|
2010-10-28 14:18:16 +02:00
|
|
|
### verifier.update(data)
|
|
|
|
|
2011-02-10 04:07:17 +01:00
|
|
|
Updates the verifier object with data.
|
2010-11-18 13:00:24 +01:00
|
|
|
This can be called many times with new data as it is streamed.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### verifier.verify(object, signature, [signature_format])
|
2010-10-28 14:18:16 +02:00
|
|
|
|
2011-06-09 03:20:17 +02:00
|
|
|
Verifies the signed data by using the `object` and `signature`. `object` is a
|
|
|
|
string containing a PEM encoded object, which can be one of RSA public key,
|
|
|
|
DSA public key, or X.509 certificate. `signature` is the previously calculated
|
2012-09-12 22:35:59 +02:00
|
|
|
signature for the data, in the `signature_format` which can be `'buffer'`,
|
2012-10-11 00:44:47 +02:00
|
|
|
`'binary'`, `'hex'` or `'base64'`. Defaults to `'buffer'`.
|
2010-10-28 14:18:16 +02:00
|
|
|
|
|
|
|
Returns true or false depending on the validity of the signature for the data and public key.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-07-29 20:03:58 +02:00
|
|
|
Note: `verifier` object can not be used after `verify()` method been called.
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createDiffieHellman(prime_length)
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Creates a Diffie-Hellman key exchange object and generates a prime of the
|
|
|
|
given bit length. The generator used is `2`.
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.createDiffieHellman(prime, [encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Creates a Diffie-Hellman key exchange object using the supplied prime. The
|
2012-09-12 22:35:59 +02:00
|
|
|
generator used is `2`. Encoding can be `'buffer'`, `'binary'`, `'hex'`, or
|
|
|
|
`'base64'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## Class: DiffieHellman
|
|
|
|
|
|
|
|
The class for creating Diffie-Hellman key exchanges.
|
|
|
|
|
|
|
|
Returned by `crypto.createDiffieHellman`.
|
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.generateKeys([encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Generates private and public Diffie-Hellman key values, and returns the
|
|
|
|
public key in the specified encoding. This key should be transferred to the
|
|
|
|
other party. Encoding can be `'binary'`, `'hex'`, or `'base64'`.
|
2012-10-11 00:44:47 +02:00
|
|
|
Defaults to `'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.computeSecret(other_public_key, [input_encoding], [output_encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Computes the shared secret using `other_public_key` as the other party's
|
|
|
|
public key and returns the computed shared secret. Supplied key is
|
|
|
|
interpreted using specified `input_encoding`, and secret is encoded using
|
2012-09-12 22:35:59 +02:00
|
|
|
specified `output_encoding`. Encodings can be `'buffer'`, `'binary'`, `'hex'`,
|
2012-10-11 00:44:47 +02:00
|
|
|
or `'base64'`. The input encoding defaults to `'buffer'`.
|
2011-12-27 09:43:58 +01:00
|
|
|
If no output encoding is given, the input encoding is used as output encoding.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.getPrime([encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Returns the Diffie-Hellman prime in the specified encoding, which can be
|
2012-10-11 00:44:47 +02:00
|
|
|
`'buffer'`, `'binary'`, `'hex'`, or `'base64'`. Defaults to `'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.getGenerator([encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Returns the Diffie-Hellman prime in the specified encoding, which can be
|
2012-10-11 00:44:47 +02:00
|
|
|
`'buffer'`, `'binary'`, `'hex'`, or `'base64'`. Defaults to `'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.getPublicKey([encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Returns the Diffie-Hellman public key in the specified encoding, which can
|
2012-10-11 00:44:47 +02:00
|
|
|
be `'binary'`, `'hex'`, or `'base64'`. Defaults to `'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.getPrivateKey([encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
|
|
|
Returns the Diffie-Hellman private key in the specified encoding, which can
|
2012-10-11 00:44:47 +02:00
|
|
|
be `'buffer'`, `'binary'`, `'hex'`, or `'base64'`. Defaults to
|
|
|
|
`'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.setPublicKey(public_key, [encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2012-09-12 22:35:59 +02:00
|
|
|
Sets the Diffie-Hellman public key. Key encoding can be `'buffer', ``'binary'`,
|
2012-10-11 00:44:47 +02:00
|
|
|
`'hex'` or `'base64'`. Defaults to `'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2011-12-27 09:43:58 +01:00
|
|
|
### diffieHellman.setPrivateKey(public_key, [encoding])
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2012-09-12 22:35:59 +02:00
|
|
|
Sets the Diffie-Hellman private key. Key encoding can be `'buffer'`, `'binary'`,
|
2012-10-11 00:44:47 +02:00
|
|
|
`'hex'` or `'base64'`. Defaults to `'buffer'`.
|
2011-01-19 02:00:38 +01:00
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.getDiffieHellman(group_name)
|
2012-01-22 19:24:37 +01:00
|
|
|
|
|
|
|
Creates a predefined Diffie-Hellman key exchange object.
|
|
|
|
The supported groups are: `'modp1'`, `'modp2'`, `'modp5'`
|
2012-06-06 21:05:18 +02:00
|
|
|
(defined in [RFC 2412][])
|
2012-01-22 19:24:37 +01:00
|
|
|
and `'modp14'`, `'modp15'`, `'modp16'`, `'modp17'`, `'modp18'`
|
2012-06-06 21:05:18 +02:00
|
|
|
(defined in [RFC 3526][]).
|
2012-01-22 19:24:37 +01:00
|
|
|
The returned object mimics the interface of objects created by
|
2012-06-06 21:05:18 +02:00
|
|
|
[crypto.createDiffieHellman()][] above, but
|
2012-01-22 19:24:37 +01:00
|
|
|
will not allow to change the keys (with
|
2012-06-06 21:05:18 +02:00
|
|
|
[diffieHellman.setPublicKey()][] for example).
|
2012-01-22 19:24:37 +01:00
|
|
|
The advantage of using this routine is that the parties don't have to
|
|
|
|
generate nor exchange group modulus beforehand, saving both processor and
|
|
|
|
communication time.
|
|
|
|
|
|
|
|
Example (obtaining a shared secret):
|
|
|
|
|
|
|
|
var crypto = require('crypto');
|
|
|
|
var alice = crypto.getDiffieHellman('modp5');
|
|
|
|
var bob = crypto.getDiffieHellman('modp5');
|
|
|
|
|
|
|
|
alice.generateKeys();
|
|
|
|
bob.generateKeys();
|
|
|
|
|
2012-10-11 00:44:47 +02:00
|
|
|
var alice_secret = alice.computeSecret(bob.getPublicKey(), null, 'hex');
|
|
|
|
var bob_secret = bob.computeSecret(alice.getPublicKey(), null, 'hex');
|
2012-01-22 19:24:37 +01:00
|
|
|
|
|
|
|
/* alice_secret and bob_secret should be the same */
|
|
|
|
console.log(alice_secret == bob_secret);
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.pbkdf2(password, salt, iterations, keylen, callback)
|
2011-08-11 11:40:55 +02:00
|
|
|
|
|
|
|
Asynchronous PBKDF2 applies pseudorandom function HMAC-SHA1 to derive
|
|
|
|
a key of given length from the given password, salt and iterations.
|
|
|
|
The callback gets two arguments `(err, derivedKey)`.
|
2011-09-22 22:12:10 +02:00
|
|
|
|
2012-10-13 02:36:18 +02:00
|
|
|
## crypto.pbkdf2Sync(password, salt, iterations, keylen)
|
|
|
|
|
|
|
|
Synchronous PBKDF2 function. Returns derivedKey or throws error.
|
|
|
|
|
2012-02-27 20:08:02 +01:00
|
|
|
## crypto.randomBytes(size, [callback])
|
2011-09-22 22:12:10 +02:00
|
|
|
|
|
|
|
Generates cryptographically strong pseudo-random data. Usage:
|
|
|
|
|
|
|
|
// async
|
|
|
|
crypto.randomBytes(256, function(ex, buf) {
|
|
|
|
if (ex) throw ex;
|
|
|
|
console.log('Have %d bytes of random data: %s', buf.length, buf);
|
|
|
|
});
|
|
|
|
|
|
|
|
// sync
|
|
|
|
try {
|
|
|
|
var buf = crypto.randomBytes(256);
|
|
|
|
console.log('Have %d bytes of random data: %s', buf.length, buf);
|
|
|
|
} catch (ex) {
|
|
|
|
// handle error
|
2011-12-22 15:39:53 +01:00
|
|
|
}
|
2012-06-06 21:05:18 +02:00
|
|
|
|
2012-10-11 17:32:36 +02:00
|
|
|
## Proposed API Changes in Future Versions of Node
|
|
|
|
|
|
|
|
The Crypto module was added to Node before there was the concept of a
|
|
|
|
unified Stream API, and before there were Buffer objects for handling
|
|
|
|
binary data.
|
|
|
|
|
|
|
|
As such, the streaming classes don't have the typical methods found on
|
|
|
|
other Node classes, and many methods accept and return Binary-encoded
|
|
|
|
strings by default rather than Buffers.
|
|
|
|
|
|
|
|
A future version of node will make Buffers the default data type.
|
|
|
|
This will be a breaking change for some use cases, but not all.
|
|
|
|
|
|
|
|
For example, if you currently use the default arguments to the Sign
|
|
|
|
class, and then pass the results to the Verify class, without ever
|
|
|
|
inspecting the data, then it will continue to work as before. Where
|
|
|
|
you now get a binary string and then present the binary string to the
|
|
|
|
Verify object, you'll get a Buffer, and present the Buffer to the
|
|
|
|
Verify object.
|
|
|
|
|
|
|
|
However, if you are doing things with the string data that will not
|
|
|
|
work properly on Buffers (such as, concatenating them, storing in
|
|
|
|
databases, etc.), or you are passing binary strings to the crypto
|
2012-10-16 19:59:23 +02:00
|
|
|
functions without an encoding argument, then you will need to start
|
2012-10-11 17:32:36 +02:00
|
|
|
providing encoding arguments to specify which encoding you'd like to
|
|
|
|
use.
|
|
|
|
|
|
|
|
Also, a Streaming API will be provided, but this will be done in such
|
|
|
|
a way as to preserve the legacy API surface.
|
|
|
|
|
|
|
|
|
2012-06-06 21:05:18 +02:00
|
|
|
[createCipher()]: #crypto_crypto_createcipher_algorithm_password
|
|
|
|
[createCipheriv()]: #crypto_crypto_createcipheriv_algorithm_key_iv
|
|
|
|
[crypto.createDiffieHellman()]: #crypto_crypto_creatediffiehellman_prime_encoding
|
|
|
|
[diffieHellman.setPublicKey()]: #crypto_diffiehellman_setpublickey_public_key_encoding
|
|
|
|
[RFC 2412]: http://www.rfc-editor.org/rfc/rfc2412.txt
|
|
|
|
[RFC 3526]: http://www.rfc-editor.org/rfc/rfc3526.txt
|