@types/node

/** * The `node:crypto` module provides cryptographic functionality that includes a * set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify * functions. * * ```js * const { createHmac } = await import('node:crypto'); * * const secret = 'abcdefg'; * const hash = createHmac('sha256', secret) * .update('I love cupcakes') * .digest('hex'); * console.log(hash); * // Prints: * // c0fa1bc00531bd78ef38c628449c5102aeabd49b5dc3a2a516ea6ea959d6658e * ``` * @see [source](https://github.com/nodejs/node/blob/v22.x/lib/crypto.js) */ declare module "crypto" { import * as stream from "node:stream"; import { PeerCertificate } from "node:tls"; /** * SPKAC is a Certificate Signing Request mechanism originally implemented by * Netscape and was specified formally as part of HTML5's `keygen` element. * * `<keygen>` is deprecated since [HTML 5.2](https://www.w3.org/TR/html52/changes.html#features-removed) and new projects * should not use this element anymore. * * The `node:crypto` module provides the `Certificate` class for working with SPKAC * data. The most common usage is handling output generated by the HTML5 `<keygen>` element. Node.js uses [OpenSSL's SPKAC * implementation](https://www.openssl.org/docs/man3.0/man1/openssl-spkac.html) internally. * @since v0.11.8 */ class Certificate { /** * ```js * const { Certificate } = await import('node:crypto'); * const spkac = getSpkacSomehow(); * const challenge = Certificate.exportChallenge(spkac); * console.log(challenge.toString('utf8')); * // Prints: the challenge as a UTF8 string * ``` * @since v9.0.0 * @param encoding The `encoding` of the `spkac` string. * @return The challenge component of the `spkac` data structure, which includes a public key and a challenge. */ static exportChallenge(spkac: BinaryLike): Buffer; /** * ```js * const { Certificate } = await import('node:crypto'); * const spkac = getSpkacSomehow(); * const publicKey = Certificate.exportPublicKey(spkac); * console.log(publicKey); * // Prints: the public key as <Buffer ...> * ``` * @since v9.0.0 * @param encoding The `encoding` of the `spkac` string. * @return The public key component of the `spkac` data structure, which includes a public key and a challenge. */ static exportPublicKey(spkac: BinaryLike, encoding?: string): Buffer; /** * ```js * import { Buffer } from 'node:buffer'; * const { Certificate } = await import('node:crypto'); * * const spkac = getSpkacSomehow(); * console.log(Certificate.verifySpkac(Buffer.from(spkac))); * // Prints: true or false * ``` * @since v9.0.0 * @param encoding The `encoding` of the `spkac` string. * @return `true` if the given `spkac` data structure is valid, `false` otherwise. */ static verifySpkac(spkac: NodeJS.ArrayBufferView): boolean; /** * @deprecated * @param spkac * @returns The challenge component of the `spkac` data structure, * which includes a public key and a challenge. */ exportChallenge(spkac: BinaryLike): Buffer; /** * @deprecated * @param spkac * @param encoding The encoding of the spkac string. * @returns The public key component of the `spkac` data structure, * which includes a public key and a challenge. */ exportPublicKey(spkac: BinaryLike, encoding?: string): Buffer; /** * @deprecated * @param spkac * @returns `true` if the given `spkac` data structure is valid, * `false` otherwise. */ verifySpkac(spkac: NodeJS.ArrayBufferView): boolean; } namespace constants { // https://nodejs.org/dist/latest-v22.x/docs/api/crypto.html#crypto-constants const OPENSSL_VERSION_NUMBER: number; /** Applies multiple bug workarounds within OpenSSL. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html for detail. */ const SSL_OP_ALL: number; /** Instructs OpenSSL to allow a non-[EC]DHE-based key exchange mode for TLS v1.3 */ const SSL_OP_ALLOW_NO_DHE_KEX: number; /** Allows legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */ const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: number; /** Attempts to use the server's preferences instead of the client's when selecting a cipher. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */ const SSL_OP_CIPHER_SERVER_PREFERENCE: number; /** Instructs OpenSSL to use Cisco's version identifier of DTLS_BAD_VER. */ const SSL_OP_CISCO_ANYCONNECT: number; /** Instructs OpenSSL to turn on cookie exchange. */ const SSL_OP_COOKIE_EXCHANGE: number; /** Instructs OpenSSL to add server-hello extension from an early version of the cryptopro draft. */ const SSL_OP_CRYPTOPRO_TLSEXT_BUG: number; /** Instructs OpenSSL to disable a SSL 3.0/TLS 1.0 vulnerability workaround added in OpenSSL 0.9.6d. */ const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: number; /** Allows initial connection to servers that do not support RI. */ const SSL_OP_LEGACY_SERVER_CONNECT: number; /** Instructs OpenSSL to disable support for SSL/TLS compression. */ const SSL_OP_NO_COMPRESSION: number; /** Instructs OpenSSL to disable encrypt-then-MAC. */ const SSL_OP_NO_ENCRYPT_THEN_MAC: number; const SSL_OP_NO_QUERY_MTU: number; /** Instructs OpenSSL to disable renegotiation. */ const SSL_OP_NO_RENEGOTIATION: number; /** Instructs OpenSSL to always start a new session when performing renegotiation. */ const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: number; /** Instructs OpenSSL to turn off SSL v2 */ const SSL_OP_NO_SSLv2: number; /** Instructs OpenSSL to turn off SSL v3 */ const SSL_OP_NO_SSLv3: number; /** Instructs OpenSSL to disable use of RFC4507bis tickets. */ const SSL_OP_NO_TICKET: number; /** Instructs OpenSSL to turn off TLS v1 */ const SSL_OP_NO_TLSv1: number; /** Instructs OpenSSL to turn off TLS v1.1 */ const SSL_OP_NO_TLSv1_1: number; /** Instructs OpenSSL to turn off TLS v1.2 */ const SSL_OP_NO_TLSv1_2: number; /** Instructs OpenSSL to turn off TLS v1.3 */ const SSL_OP_NO_TLSv1_3: number; /** Instructs OpenSSL server to prioritize ChaCha20-Poly1305 when the client does. This option has no effect if `SSL_OP_CIPHER_SERVER_PREFERENCE` is not enabled. */ const SSL_OP_PRIORITIZE_CHACHA: number; /** Instructs OpenSSL to disable version rollback attack detection. */ const SSL_OP_TLS_ROLLBACK_BUG: number; const ENGINE_METHOD_RSA: number; const ENGINE_METHOD_DSA: number; const ENGINE_METHOD_DH: number; const ENGINE_METHOD_RAND: number; const ENGINE_METHOD_EC: number; const ENGINE_METHOD_CIPHERS: number; const ENGINE_METHOD_DIGESTS: number; const ENGINE_METHOD_PKEY_METHS: number; const ENGINE_METHOD_PKEY_ASN1_METHS: number; const ENGINE_METHOD_ALL: number; const ENGINE_METHOD_NONE: number; const DH_CHECK_P_NOT_SAFE_PRIME: number; const DH_CHECK_P_NOT_PRIME: number; const DH_UNABLE_TO_CHECK_GENERATOR: number; const DH_NOT_SUITABLE_GENERATOR: number; const RSA_PKCS1_PADDING: number; const RSA_SSLV23_PADDING: number; const RSA_NO_PADDING: number; const RSA_PKCS1_OAEP_PADDING: number; const RSA_X931_PADDING: number; const RSA_PKCS1_PSS_PADDING: number; /** Sets the salt length for RSA_PKCS1_PSS_PADDING to the digest size when signing or verifying. */ const RSA_PSS_SALTLEN_DIGEST: number; /** Sets the salt length for RSA_PKCS1_PSS_PADDING to the maximum permissible value when signing data. */ const RSA_PSS_SALTLEN_MAX_SIGN: number; /** Causes the salt length for RSA_PKCS1_PSS_PADDING to be determined automatically when verifying a signature. */ const RSA_PSS_SALTLEN_AUTO: number; const POINT_CONVERSION_COMPRESSED: number; const POINT_CONVERSION_UNCOMPRESSED: number; const POINT_CONVERSION_HYBRID: number; /** Specifies the built-in default cipher list used by Node.js (colon-separated values). */ const defaultCoreCipherList: string; /** Specifies the active default cipher list used by the current Node.js process (colon-separated values). */ const defaultCipherList: string; } interface HashOptions extends stream.TransformOptions { /** * For XOF hash functions such as `shake256`, the * outputLength option can be used to specify the desired output length in bytes. */ outputLength?: number | undefined; } /** @deprecated since v10.0.0 */ const fips: boolean; /** * Creates and returns a `Hash` object that can be used to generate hash digests * using the given `algorithm`. Optional `options` argument controls stream * behavior. For XOF hash functions such as `'shake256'`, the `outputLength` option * can be used to specify the desired output length in bytes. * * The `algorithm` is dependent on the available algorithms supported by the * version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc. * On recent releases of OpenSSL, `openssl list -digest-algorithms` will * display the available digest algorithms. * * Example: generating the sha256 sum of a file * * ```js * import { * createReadStream, * } from 'node:fs'; * import { argv } from 'node:process'; * const { * createHash, * } = await import('node:crypto'); * * const filename = argv[2]; * * const hash = createHash('sha256'); * * const input = createReadStream(filename); * input.on('readable', () => { * // Only one element is going to be produced by the * // hash stream. * const data = input.read(); * if (data) * hash.update(data); * else { * console.log(`${hash.digest('hex')} ${filename}`); * } * }); * ``` * @since v0.1.92 * @param options `stream.transform` options */ function createHash(algorithm: string, options?: HashOptions): Hash; /** * Creates and returns an `Hmac` object that uses the given `algorithm` and `key`. * Optional `options` argument controls stream behavior. * * The `algorithm` is dependent on the available algorithms supported by the * version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc. * On recent releases of OpenSSL, `openssl list -digest-algorithms` will * display the available digest algorithms. * * The `key` is the HMAC key used to generate the cryptographic HMAC hash. If it is * a `KeyObject`, its type must be `secret`. If it is a string, please consider `caveats when using strings as inputs to cryptographic APIs`. If it was * obtained from a cryptographically secure source of entropy, such as {@link randomBytes} or {@link generateKey}, its length should not * exceed the block size of `algorithm` (e.g., 512 bits for SHA-256). * * Example: generating the sha256 HMAC of a file * * ```js * import { * createReadStream, * } from 'node:fs'; * import { argv } from 'node:process'; * const { * createHmac, * } = await import('node:crypto'); * * const filename = argv[2]; * * const hmac = createHmac('sha256', 'a secret'); * * const input = createReadStream(filename); * input.on('readable', () => { * // Only one element is going to be produced by the * // hash stream. * const data = input.read(); * if (data) * hmac.update(data); * else { * console.log(`${hmac.digest('hex')} ${filename}`); * } * }); * ``` * @since v0.1.94 * @param options `stream.transform` options */ function createHmac(algorithm: string, key: BinaryLike | KeyObject, options?: stream.TransformOptions): Hmac; // https://nodejs.org/api/buffer.html#buffer_buffers_and_character_encodings type BinaryToTextEncoding = "base64" | "base64url" | "hex" | "binary"; type CharacterEncoding = "utf8" | "utf-8" | "utf16le" | "utf-16le" | "latin1"; type LegacyCharacterEncoding = "ascii" | "binary" | "ucs2" | "ucs-2"; type Encoding = BinaryToTextEncoding | CharacterEncoding | LegacyCharacterEncoding; type ECDHKeyFormat = "compressed" | "uncompressed" | "hybrid"; /** * The `Hash` class is a utility for creating hash digests of data. It can be * used in one of two ways: * * * As a `stream` that is both readable and writable, where data is written * to produce a computed hash digest on the readable side, or * * Using the `hash.update()` and `hash.digest()` methods to produce the * computed hash. * * The {@link createHash} method is used to create `Hash` instances. `Hash`objects are not to be created directly using the `new` keyword. * * Example: Using `Hash` objects as streams: * * ```js * const { * createHash, * } = await import('node:crypto'); * * const hash = createHash('sha256'); * * hash.on('readable', () => { * // Only one element is going to be produced by the * // hash stream. * const data = hash.read(); * if (data) { * console.log(data.toString('hex')); * // Prints: * // 6a2da20943931e9834fc12cfe5bb47bbd9ae43489a30726962b576f4e3993e50 * } * }); * * hash.write('some data to hash'); * hash.end(); * ``` * * Example: Using `Hash` and piped streams: * * ```js * import { createReadStream } from 'node:fs'; * import { stdout } from 'node:process'; * const { createHash } = await import('node:crypto'); * * const hash = createHash('sha256'); * * const input = createReadStream('test.js'); * input.pipe(hash).setEncoding('hex').pipe(stdout); * ``` * * Example: Using the `hash.update()` and `hash.digest()` methods: * * ```js * const { * createHash, * } = await import('node:crypto'); * * const hash = createHash('sha256'); * * hash.update('some data to hash'); * console.log(hash.digest('hex')); * // Prints: * // 6a2da20943931e9834fc12cfe5bb47bbd9ae43489a30726962b576f4e3993e50 * ``` * @since v0.1.92 */ class Hash extends stream.Transform { private constructor(); /** * Creates a new `Hash` object that contains a deep copy of the internal state * of the current `Hash` object. * * The optional `options` argument controls stream behavior. For XOF hash * functions such as `'shake256'`, the `outputLength` option can be used to * specify the desired output length in bytes. * * An error is thrown when an attempt is made to copy the `Hash` object after * its `hash.digest()` method has been called. * * ```js * // Calculate a rolling hash. * const { * createHash, * } = await import('node:crypto'); * * const hash = createHash('sha256'); * * hash.update('one'); * console.log(hash.copy().digest('hex')); * * hash.update('two'); * console.log(hash.copy().digest('hex')); * * hash.update('three'); * console.log(hash.copy().digest('hex')); * * // Etc. * ``` * @since v13.1.0 * @param options `stream.transform` options */ copy(options?: HashOptions): Hash; /** * Updates the hash content with the given `data`, the encoding of which * is given in `inputEncoding`. * If `encoding` is not provided, and the `data` is a string, an * encoding of `'utf8'` is enforced. If `data` is a `Buffer`, `TypedArray`, or`DataView`, then `inputEncoding` is ignored. * * This can be called many times with new data as it is streamed. * @since v0.1.92 * @param inputEncoding The `encoding` of the `data` string. */ update(data: BinaryLike): Hash; update(data: string, inputEncoding: Encoding): Hash; /** * Calculates the digest of all of the data passed to be hashed (using the `hash.update()` method). * If `encoding` is provided a string will be returned; otherwise * a `Buffer` is returned. * * The `Hash` object can not be used again after `hash.digest()` method has been * called. Multiple calls will cause an error to be thrown. * @since v0.1.92 * @param encoding The `encoding` of the return value. */ digest(): Buffer; digest(encoding: BinaryToTextEncoding): string; } /** * The `Hmac` class is a utility for creating cryptographic HMAC digests. It can * be used in one of two ways: * * * As a `stream` that is both readable and writable, where data is written * to produce a computed HMAC digest on the readable side, or * * Using the `hmac.update()` and `hmac.digest()` methods to produce the * computed HMAC digest. * * The {@link createHmac} method is used to create `Hmac` instances. `Hmac`objects are not to be created directly using the `new` keyword. * * Example: Using `Hmac` objects as streams: * * ```js * const { * createHmac, * } = await import('node:crypto'); * * const hmac = createHmac('sha256', 'a secret'); * * hmac.on('readable', () => { * // Only one element is going to be produced by the * // hash stream. * const data = hmac.read(); * if (data) { * console.log(data.toString('hex')); * // Prints: * // 7fd04df92f636fd450bc841c9418e5825c17f33ad9c87c518115a45971f7f77e * } * }); * * hmac.write('some data to hash'); * hmac.end(); * ``` * * Example: Using `Hmac` and piped streams: * * ```js * import { createReadStream } from 'node:fs'; * import { stdout } from 'node:process'; * const { * createHmac, * } = await import('node:crypto'); * * const hmac = createHmac('sha256', 'a secret'); * * const input = createReadStream('test.js'); * input.pipe(hmac).pipe(stdout); * ``` * * Example: Using the `hmac.update()` and `hmac.digest()` methods: * * ```js * const { * createHmac, * } = await import('node:crypto'); * * const hmac = createHmac('sha256', 'a secret'); * * hmac.update('some data to hash'); * console.log(hmac.digest('hex')); * // Prints: * // 7fd04df92f636fd450bc841c9418e5825c17f33ad9c87c518115a45971f7f77e * ``` * @since v0.1.94 * @deprecated Since v20.13.0 Calling `Hmac` class directly with `Hmac()` or `new Hmac()` is deprecated due to being internals, not intended for public use. Please use the {@link createHmac} method to create Hmac instances. */ class Hmac extends stream.Transform { private constructor(); /** * Updates the `Hmac` content with the given `data`, the encoding of which * is given in `inputEncoding`. * If `encoding` is not provided, and the `data` is a string, an * encoding of `'utf8'` is enforced. If `data` is a `Buffer`, `TypedArray`, or`DataView`, then `inputEncoding` is ignored. * * This can be called many times with new data as it is streamed. * @since v0.1.94 * @param inputEncoding The `encoding` of the `data` string. */ update(data: BinaryLike): Hmac; update(data: string, inputEncoding: Encoding): Hmac; /** * Calculates the HMAC digest of all of the data passed using `hmac.update()`. * If `encoding` is * provided a string is returned; otherwise a `Buffer` is returned; * * The `Hmac` object can not be used again after `hmac.digest()` has been * called. Multiple calls to `hmac.digest()` will result in an error being thrown. * @since v0.1.94 * @param encoding The `encoding` of the return value. */ digest(): Buffer; digest(encoding: BinaryToTextEncoding): string; } type KeyObjectType = "secret" | "public" | "private"; interface KeyExportOptions<T extends KeyFormat> { type: "pkcs1" | "spki" | "pkcs8" | "sec1"; format: T; cipher?: string | undefined; passphrase?: string | Buffer | undefined; } interface JwkKeyExportOptions { format: "jwk"; } interface JsonWebKey { crv?: string | undefined; d?: string | undefined; dp?: string | undefined; dq?: string | undefined; e?: string | undefined; k?: string | undefined; kty?: string | undefined; n?: string | undefined; p?: string | undefined; q?: string | undefined; qi?: string | undefined; x?: string | undefined; y?: string | undefined; [key: string]: unknown; } interface AsymmetricKeyDetails { /** * Key size in bits (RSA, DSA). */ modulusLength?: number | undefined; /** * Public exponent (RSA). */ publicExponent?: bigint | undefined; /** * Name of the message digest (RSA-PSS). */ hashAlgorithm?: string | undefined; /** * Name of the message digest used by MGF1 (RSA-PSS). */ mgf1HashAlgorithm?: string | undefined; /** * Minimal salt length in bytes (RSA-PSS). */ saltLength?: number | undefined; /** * Size of q in bits (DSA). */ divisorLength?: number | undefined; /** * Name of the curve (EC). */ namedCurve?: string | undefined; } /** * Node.js uses a `KeyObject` class to represent a symmetric or asymmetric key, * and each kind of key exposes different functions. The {@link createSecretKey}, {@link createPublicKey} and {@link createPrivateKey} methods are used to create `KeyObject`instances. `KeyObject` * objects are not to be created directly using the `new`keyword. * * Most applications should consider using the new `KeyObject` API instead of * passing keys as strings or `Buffer`s due to improved security features. * * `KeyObject` instances can be passed to other threads via `postMessage()`. * The receiver obtains a cloned `KeyObject`, and the `KeyObject` does not need to * be listed in the `transferList` argument. * @since v11.6.0 */ class KeyObject { private constructor(); /** * Example: Converting a `CryptoKey` instance to a `KeyObject`: * * ```js * const { KeyObject } = await import('node:crypto'); * const { subtle } = globalThis.crypto; * * const key = await subtle.generateKey({ * name: 'HMAC', * hash: 'SHA-256', * length: 256, * }, true, ['sign', 'verify']); * * const keyObject = KeyObject.from(key); * console.log(keyObject.symmetricKeySize); * // Prints: 32 (symmetric key size in bytes) * ``` * @since v15.0.0 */ static from(key: webcrypto.CryptoKey): KeyObject; /** * For asymmetric keys, this property represents the type of the key. Supported key * types are: * * * `'rsa'` (OID 1.2.840.113549.1.1.1) * * `'rsa-pss'` (OID 1.2.840.113549.1.1.10) * * `'dsa'` (OID 1.2.840.10040.4.1) * * `'ec'` (OID 1.2.840.10045.2.1) * * `'x25519'` (OID 1.3.101.110) * * `'x448'` (OID 1.3.101.111) * * `'ed25519'` (OID 1.3.101.112) * * `'ed448'` (OID 1.3.101.113) * * `'dh'` (OID 1.2.840.113549.1.3.1) * * This property is `undefined` for unrecognized `KeyObject` types and symmetric * keys. * @since v11.6.0 */ asymmetricKeyType?: KeyType | undefined; /** * This property exists only on asymmetric keys. Depending on the type of the key, * this object contains information about the key. None of the information obtained * through this property can be used to uniquely identify a key or to compromise * the security of the key. * * For RSA-PSS keys, if the key material contains a `RSASSA-PSS-params` sequence, * the `hashAlgorithm`, `mgf1HashAlgorithm`, and `saltLength` properties will be * set. * * Other key details might be exposed via this API using additional attributes. * @since v15.7.0 */ asymmetricKeyDetails?: AsymmetricKeyDetails | undefined; /** * For symmetric keys, the following encoding options can be used: * * For public keys, the following encoding options can be used: * * For private keys, the following encoding options can be used: * * The result type depends on the selected encoding format, when PEM the * result is a string, when DER it will be a buffer containing the data * encoded as DER, when [JWK](https://tools.ietf.org/html/rfc7517) it will be an object. * * When [JWK](https://tools.ietf.org/html/rfc7517) encoding format was selected, all other encoding options are * ignored. * * PKCS#1, SEC1, and PKCS#8 type keys can be encrypted by using a combination of * the `cipher` and `format` options. The PKCS#8 `type` can be used with any`format` to encrypt any key algorithm (RSA, EC, or DH) by specifying a`cipher`. PKCS#1 and SEC1 can only be * encrypted by specifying a `cipher`when the PEM `format` is used. For maximum compatibility, use PKCS#8 for * encrypted private keys. Since PKCS#8 defines its own * encryption mechanism, PEM-level encryption is not supported when encrypting * a PKCS#8 key. See [RFC 5208](https://www.rfc-editor.org/rfc/rfc5208.txt) for PKCS#8 encryption and [RFC 1421](https://www.rfc-editor.org/rfc/rfc1421.txt) for * PKCS#1 and SEC1 encryption. * @since v11.6.0 */ export(options: KeyExportOptions<"pem">): string | Buffer; export(options?: KeyExportOptions<"der">): Buffer; export(options?: JwkKeyExportOptions): JsonWebKey; /** * Returns `true` or `false` depending on whether the keys have exactly the same * type, value, and parameters. This method is not [constant time](https://en.wikipedia.org/wiki/Timing_attack). * @since v17.7.0, v16.15.0 * @param otherKeyObject A `KeyObject` with which to compare `keyObject`. */ equals(otherKeyObject: KeyObject): boolean; /** * For secret keys, this property represents the size of the key in bytes. This * property is `undefined` for asymmetric keys. * @since v11.6.0 */ symmetricKeySize?: number | undefined; /** * Converts a `KeyObject` instance to a `CryptoKey`. * @since 22.10.0 */ toCryptoKey( algorithm: | webcrypto.AlgorithmIdentifier | webcrypto.RsaHashedImportParams | webcrypto.EcKeyImportParams | webcrypto.HmacImportParams, extractable: boolean, keyUsages: readonly webcrypto.KeyUsage[], ): webcrypto.CryptoKey; /** * Depending on the type of this `KeyObject`, this property is either`'secret'` for secret (symmetric) keys, `'public'` for public (asymmetric) keys * or `'private'` for private (asymmetric) keys. * @since v11.6.0 */ type: KeyObjectType; } type CipherCCMTypes = "aes-128-ccm" | "aes-192-ccm" | "aes-256-ccm"; type CipherGCMTypes = "aes-128-gcm" | "aes-192-gcm" | "aes-256-gcm"; type CipherOCBTypes = "aes-128-ocb" | "aes-192-ocb" | "aes-256-ocb"; type CipherChaCha20Poly1305Types = "chacha20-poly1305"; type BinaryLike = string | NodeJS.ArrayBufferView; type CipherKey = BinaryLike | KeyObject; interface CipherCCMOptions extends stream.TransformOptions { authTagLength: number; } interface CipherGCMOptions extends stream.TransformOptions { authTagLength?: number | undefined; } interface CipherOCBOptions extends stream.TransformOptions { authTagLength: number; } interface CipherChaCha20Poly1305Options extends stream.TransformOptions { /** @default 16 */ authTagLength?: number | undefined; } /** * Creates and returns a `Cipher` object, with the given `algorithm`, `key` and * initialization vector (`iv`). * * The `options` argument controls stream behavior and is optional except when a * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength`option is not required but can be used to set the length of the authentication * tag that will be returned by `getAuthTag()` and defaults to 16 bytes. * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes. * * The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On * recent OpenSSL releases, `openssl list -cipher-algorithms` will * display the available cipher algorithms. * * The `key` is the raw key used by the `algorithm` and `iv` is an [initialization vector](https://en.wikipedia.org/wiki/Initialization_vector). Both arguments must be `'utf8'` encoded * strings,`Buffers`, `TypedArray`, or `DataView`s. The `key` may optionally be * a `KeyObject` of type `secret`. If the cipher does not need * an initialization vector, `iv` may be `null`. * * When passing strings for `key` or `iv`, please consider `caveats when using strings as inputs to cryptographic APIs`. * * Initialization vectors should be unpredictable and unique; ideally, they will be * cryptographically random. They do not have to be secret: IVs are typically just * added to ciphertext messages unencrypted. It may sound contradictory that * something has to be unpredictable and unique, but does not have to be secret; * remember that an attacker must not be able to predict ahead of time what a * given IV will be. * @since v0.1.94 * @param options `stream.transform` options */ function createCipheriv( algorithm: CipherCCMTypes, key: CipherKey, iv: BinaryLike, options: CipherCCMOptions, ): CipherCCM; function createCipheriv( algorithm: CipherOCBTypes, key: CipherKey, iv: BinaryLike, options: CipherOCBOptions, ): CipherOCB; function createCipheriv( algorithm: CipherGCMTypes, key: CipherKey, iv: BinaryLike, options?: CipherGCMOptions, ): CipherGCM; function createCipheriv( algorithm: CipherChaCha20Poly1305Types, key: CipherKey, iv: BinaryLike, options?: CipherChaCha20Poly1305Options, ): CipherChaCha20Poly1305; function createCipheriv( algorithm: string, key: CipherKey, iv: BinaryLike | null, options?: stream.TransformOptions, ): Cipher; /** * Instances of the `Cipher` class are used to encrypt data. The class can be * used in one of two ways: * * * As a `stream` that is both readable and writable, where plain unencrypted * data is written to produce encrypted data on the readable side, or * * Using the `cipher.update()` and `cipher.final()` methods to produce * the encrypted data. * * The {@link createCipheriv} method is * used to create `Cipher` instances. `Cipher` objects are not to be created * directly using the `new` keyword. * * Example: Using `Cipher` objects as streams: * * ```js * const { * scrypt, * randomFill, * createCipheriv, * } = await import('node:crypto'); * * const algorithm = 'aes-192-cbc'; * const password = 'Password used to generate key'; * * // First, we'll generate the key. The key length is dependent on the algorithm. * // In this case for aes192, it is 24 bytes (192 bits). * scrypt(password, 'salt', 24, (err, key) => { * if (err) throw err; * // Then, we'll generate a random initialization vector * randomFill(new Uint8Array(16), (err, iv) => { * if (err) throw err; * * // Once we have the key and iv, we can create and use the cipher... * const cipher = createCipheriv(algorithm, key, iv); * * let encrypted = ''; * cipher.setEncoding('hex'); * * cipher.on('data', (chunk) => encrypted += chunk); * cipher.on('end', () => console.log(encrypted)); * * cipher.write('some clear text data'); * cipher.end(); * }); * }); * ``` * * Example: Using `Cipher` and piped streams: * * ```js * import { * createReadStream, * createWriteStream, * } from 'node:fs'; * * import { * pipeline, * } from 'node:stream'; * * const { * scrypt, * randomFill, * createCipheriv, * } = await import('node:crypto'); * * const algorithm = 'aes-192-cbc'; * const password = 'Password used to generate key'; * * // First, we'll generate the key. The key length is dependent on the algorithm. * // In this case for aes192, it is 24 bytes (192 bits). * scrypt(password, 'salt', 24, (err, key) => { * if (err) throw err; * // Then, we'll generate a random initialization vector * randomFill(new Uint8Array(16), (err, iv) => { * if (err) throw err; * * const cipher = createCipheriv(algorithm, key, iv); * * const input = createReadStream('test.js'); * const output = createWriteStream('test.enc'); * * pipeline(input, cipher, output, (err) => { * if (err) throw err; * }); * }); * }); * ``` * * Example: Using the `cipher.update()` and `cipher.final()` methods: * * ```js * const { * scrypt, * randomFill, * createCipheriv, * } = await import('node:crypto'); * * const algorithm = 'aes-192-cbc'; * const password = 'Password used to generate key'; * * // First, we'll generate the key. The key length is dependent on the algorithm. * // In this case for aes192, it is 24 bytes (192 bits). * scrypt(password, 'salt', 24, (err, key) => { * if (err) throw err; * // Then, we'll generate a random initialization vector * randomFill(new Uint8Array(16), (err, iv) => { * if (err) throw err; * * const cipher = createCipheriv(algorithm, key, iv); * * let encrypted = cipher.update('some clear text data', 'utf8', 'hex'); * encrypted += cipher.final('hex'); * console.log(encrypted); * }); * }); * ``` * @since v0.1.94 */ class Cipher extends stream.Transform { private constructor(); /** * Updates the cipher with `data`. If the `inputEncoding` argument is given, * the `data`argument is a string using the specified encoding. If the `inputEncoding`argument is not given, `data` must be a `Buffer`, `TypedArray`, or `DataView`. If `data` is a `Buffer`, * `TypedArray`, or `DataView`, then `inputEncoding` is ignored. * * The `outputEncoding` specifies the output format of the enciphered * data. If the `outputEncoding`is specified, a string using the specified encoding is returned. If no`outputEncoding` is provided, a `Buffer` is returned. * * The `cipher.update()` method can be called multiple times with new data until `cipher.final()` is called. Calling `cipher.update()` after `cipher.final()` will result in an error being * thrown. * @since v0.1.94 * @param inputEncoding The `encoding` of the data. * @param outputEncoding The `encoding` of the return value. */ update(data: BinaryLike): Buffer; update(data: string, inputEncoding: Encoding): Buffer; update(data: NodeJS.ArrayBufferView, inputEncoding: undefined, outputEncoding: Encoding): string; update(data: string, inputEncoding: Encoding | undefined, outputEncoding: Encoding): string; /** * Once the `cipher.final()` method has been called, the `Cipher` object can no * longer be used to encrypt data. Attempts to call `cipher.final()` more than * once will result in an error being thrown. * @since v0.1.94 * @param outputEncoding The `encoding` of the return value. * @return Any remaining enciphered contents. If `outputEncoding` is specified, a string is returned. If an `outputEncoding` is not provided, a {@link Buffer} is returned. */ final(): Buffer; final(outputEncoding: BufferEncoding): string; /** * When using block encryption algorithms, the `Cipher` class will automatically * add padding to the input data to the appropriate block size. To disable the * default padding call `cipher.setAutoPadding(false)`. * * When `autoPadding` is `false`, the length of the entire input data must be a * multiple of the cipher's block size or `cipher.final()` will throw an error. * Disabling automatic padding is useful for non-standard padding, for instance * using `0x0` instead of PKCS padding. * * The `cipher.setAutoPadding()` method must be called before `cipher.final()`. * @since v0.7.1 * @param [autoPadding=true] * @return for method chaining. */ setAutoPadding(autoPadding?: boolean): this; } interface CipherCCM extends Cipher { setAAD( buffer: NodeJS.ArrayBufferView, options: { plaintextLength: number; }, ): this; getAuthTag(): Buffer; } interface CipherGCM extends Cipher { setAAD( buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number; }, ): this; getAuthTag(): Buffer; } interface CipherOCB extends Cipher { setAAD( buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number; }, ): this; getAuthTag(): Buffer; } interface CipherChaCha20Poly1305 extends Cipher { setAAD( buffer: NodeJS.ArrayBufferView, options: { plaintextLength: number; }, ): this; getAuthTag(): Buffer; } /** * Creates and returns a `Decipher` object that uses the given `algorithm`, `key` and initialization vector (`iv`). * * The `options` argument controls stream behavior and is optional except when a * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength` option is not required but can be used to restrict accepted authentication tags * to those with the specified length. * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes. * * The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On * recent OpenSSL releases, `openssl list -cipher-algorithms` will * display the available cipher algorithms. * * The `key` is the raw key used by the `algorithm` and `iv` is an [initialization vector](https://en.wikipedia.org/wiki/Initialization_vector). Both arguments must be `'utf8'` encoded * strings,`Buffers`, `TypedArray`, or `DataView`s. The `key` may optionally be * a `KeyObject` of type `secret`. If the cipher does not need * an initialization vector, `iv` may be `null`. * * When passing strings for `key` or `iv`, please consider `caveats when using strings as inputs to cryptographic APIs`. * * Initialization vectors should be unpredictable and unique; ideally, they will be * cryptographically random. They do not have to be secret: IVs are typically just * added to ciphertext messages unencrypted. It may sound contradictory that * something has to be unpredictable and unique, but does not have to be secret; * remember that an attacker must not be able to predict ahead of time what a given * IV will be. * @since v0.1.94 * @param options `stream.transform` options */ function createDecipheriv( algorithm: CipherCCMTypes, key: CipherKey, iv: BinaryLike, options: CipherCCMOptions, ): DecipherCCM; function createDecipheriv( algorithm: CipherOCBTypes, key: CipherKey, iv: BinaryLike, options: CipherOCBOptions, ): DecipherOCB; function createDecipheriv( algorithm: CipherGCMTypes, key: CipherKey, iv: BinaryLike, options?: CipherGCMOptions, ): DecipherGCM; function createDecipheriv( algorithm: CipherChaCha20Poly1305Types, key: CipherKey, iv: BinaryLike, options?: CipherChaCha20Poly1305Options, ): DecipherChaCha20Poly1305; function createDecipheriv( algorithm: string, key: CipherKey, iv: BinaryLike | null, options?: stream.TransformOptions, ): Decipher; /** * Instances of the `Decipher` class are used to decrypt data. The class can be * used in one of two ways: * * * As a `stream` that is both readable and writable, where plain encrypted * data is written to produce unencrypted data on the readable side, or * * Using the `decipher.update()` and `decipher.final()` methods to * produce the unencrypted data. * * The {@link createDecipheriv} method is * used to create `Decipher` instances. `Decipher` objects are not to be created * directly using the `new` keyword. * * Example: Using `Decipher` objects as streams: * * ```js * import { Buffer } from 'node:buffer'; * const { * scryptSync, * createDecipheriv, * } = await import('node:crypto'); * * const algorithm = 'aes-192-cbc'; * const password = 'Password used to generate key'; * // Key length is dependent on the algorithm. In this case for aes192, it is * // 24 bytes (192 bits). * // Use the async `crypto.scrypt()` instead. * const key = scryptSync(password, 'salt', 24); * // The IV is usually passed along with the ciphertext. * const iv = Buffer.alloc(16, 0); // Initialization vector. * * const decipher = createDecipheriv(algorithm, key, iv); * * let decrypted = ''; * decipher.on('readable', () => { * let chunk; * while (null !== (chunk = decipher.read())) { * decrypted += chunk.toString('utf8'); * } * }); * decipher.on('end', () => { * console.log(decrypted); * // Prints: some clear text data * }); * * // Encrypted with same algorithm, key and iv. * const encrypted = * 'e5f79c5915c02171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffa'; * decipher.write(encrypted, 'hex'); * decipher.end(); * ``` * * Example: Using `Decipher` and piped streams: * * ```js * import { * createReadStream, * createWriteStream, * } from 'node:fs'; * import { Buffer } from 'node:buffer'; * const { * scryptSync, * createDecipheriv, * } = await import('node:crypto'); * * const algorithm = 'aes-192-cbc'; * const password = 'Password used to generate key'; * // Use the async `crypto.scrypt()` instead. * const key = scryptSync(password, 'salt', 24); * // The IV is usually passed along with the ciphertext. * const iv = Buffer.alloc(16, 0); // Initialization vector. * * const decipher = createDecipheriv(algorithm, key, iv); * * const input = createReadStream('test.enc'); * const output = createWriteStream('test.js'); * * input.pipe(decipher).pipe(output); * ``` * * Example: Using the `decipher.update()` and `decipher.final()` methods: * * ```js * import { Buffer } from 'node:buffer'; * const { * scryptSync, * createDecipheriv, * } = await import('node:crypto'); * * const algorithm = 'aes-192-cbc'; * const password = 'Password used to generate key'; * // Use the async `crypto.scrypt()` instead. * const key = scryptSync(password, 'salt', 24); * // The IV is usually passed along with the ciphertext. * const iv = Buffer.alloc(16, 0); // Initialization vector. * * const decipher = createDecipheriv(algorithm, key, iv); * * // Encrypted using same algorithm, key and iv. * const encrypted = * 'e5f79c5915c02171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffa'; * let decrypted = decipher.update(encrypted, 'hex', 'utf8'); * decrypted += decipher.final('utf8'); * console.log(decrypted); * // Prints: some clear text data * ``` * @since v0.1.94 */ class Decipher extends stream.Transform { private constructor(); /** * Updates the decipher with `data`. If the `inputEncoding` argument is given, * the `data` argument is a string using the specified encoding. If the `inputEncoding` argument is not given, `data` must be a `Buffer`. If `data` is a `Buffer` then `inputEncoding` is * ignored. * * The `outputEncoding` specifies the output format of the enciphered * data. If the `outputEncoding` is specified, a string using the specified encoding is returned. If no `outputEncoding` is provided, a `Buffer` is returned. * * The `decipher.update()` method can be called multiple times with new data until `decipher.final()` is called. Calling `decipher.update()` after `decipher.final()` will result in an error * being thrown. * @since v0.1.94 * @param inputEncoding The `encoding` of the `data` string. * @param outputEncoding The `encoding` of the return value. */ update(data: NodeJS.ArrayBufferView): Buffer; update(data: string, inputEncoding: Encoding): Buffer; update(data: NodeJS.ArrayBufferView, inputEncoding: undefined, outputEncoding: Encoding): string; update(data: string, inputEncoding: Encoding | undefined, outputEncoding: Encoding): string; /** * Once the `decipher.final()` method has been called, the `Decipher` object can * no longer be used to decrypt data. Attempts to call `decipher.final()` more * than once will result in an error being thrown. * @since v0.1.94 * @param outputEncoding The `encoding` of the return value. * @return Any remaining deciphered contents. If `outputEncoding` is specified, a string is returned. If an `outputEncoding` is not provided, a {@link Buffer} is returned. */ final(): Buffer; final(outputEncoding: BufferEncoding): string; /** * When data has been encrypted without standard block padding, calling `decipher.setAutoPadding(false)` will disable automatic padding to prevent `decipher.final()` from checking for and * removing padding. * * Turning auto padding off will only work if the input data's length is a * multiple of the ciphers block size. * * The `decipher.setAutoPadding()` method must be called before `decipher.final()`. * @since v0.7.1 * @param [autoPadding=true] * @return for method chaining. */ setAutoPadding(auto_padding?: boolean): this; } interface DecipherCCM extends Decipher { setAuthTag(buffer: NodeJS.ArrayBufferView): this; setAAD( buffer: NodeJS.ArrayBufferView, options: { plain