Module basic module

Module crypto

Encryption algorithm module

Instructions:

1
var crypto = require('crypto');

Object

Cipher

Cipher Constructor, see Cipher

1
Cipher crypto.Cipher;

PKey

PKey Constructor, see PKey

1
PKey crypto.PKey;

X509Cert

X509Cert Constructor, see X509Cert

1
X509Cert crypto.X509Cert;

X509Crl

X509Crl Constructor, see X509Crl

1
X509Crl crypto.X509Crl;

X509Req

X509Req Constructor, see X509Req

1
X509Req crypto.X509Req;

Static function

createHash

Create an information summary object based on the given algorithm name

1
static Digest crypto.createHash(String algo);

Call parameters:

  • algo: String, specifies the algorithm of the message digest object

Return result:

  • Digest, Return information summary object

createHmac

Create an hmac information digest object based on the given algorithm name

1 2
static Digest crypto.createHmac(String algo, Buffer key);

Call parameters:

  • algo: String, specifies the algorithm of the message digest object
  • key: Buffer, Binary signature key

Return result:

  • Digest, Return information summary object

loadPKey

Load a key file in PEM/DER format

1 2
static PKey crypto.loadPKey(String filename, String password = "");

Call parameters:

  • filename: String, key file name
  • password: String, decrypt password

Return result:

  • PKey, Returns an object containing the key

loadCert

Load a certificate in CRT/PEM/DER/TXT format, which can be called multiple times

1
static X509Cert crypto.loadCert(String filename);

Call parameters:

  • filename: String, certificate file name

Return result:

  • X509Cert, Returns the object containing the certificate

loadFile loads mozilla's certdata,txt, which can be downloaded and used at http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt


loadCrl

Load a revocation certificate in PEM/DER format, which can be called multiple times

1
static X509Crl crypto.loadCrl(String filename);

Call parameters:

  • filename: String, file name of revoked certificate

Return result:

  • X509Crl, Returns the object containing the revoked certificate

loadReq

Load a certificate request in PEM/DER format, which can be called multiple times

1
static X509Req crypto.loadReq(String filename);

Call parameters:

  • filename: String, certificate request file name

Return result:

  • X509Req, Returns the object containing the requested certificate

randomBytes

Generate random numbers of specified size, use havege generator

1
static Buffer crypto.randomBytes(Integer size) async;

Call parameters:

  • size: Integer, specify the size of the random number generated

Return result:

  • Buffer, Return the generated random number

simpleRandomBytes

Generate a low-intensity random number of a specified size, using a fast algorithm

1
static Buffer crypto.simpleRandomBytes(Integer size) async;

Call parameters:

  • size: Integer, specify the size of the random number generated

Return result:

  • Buffer, Return the generated random number

pseudoRandomBytes

Generate pseudo-random numbers of specified size, using entropy generator

1
static Buffer crypto.pseudoRandomBytes(Integer size) async;

Call parameters:

  • size: Integer, specify the size of the random number generated

Return result:

  • Buffer, Return the generated random number

randomArt

Generate a visual character image of the given data

1 2 3
static String crypto.randomArt(Buffer data, String title, Integer size = 8);

Call parameters:

  • data: Buffer, Specify the data to be displayed
  • title: String, specifies the title of the character image, multi-byte characters will cause a width error
  • size: Integer, character image size

Return result:

  • String, Return the generated visual string image

genRsaKey

Generate an RSA private key

1
static PKey crypto.genRsaKey(Integer size) async;

Call parameters:

  • size: Integer, specify the RSA key length, bit as the unit

Return result:

  • PKey, Return the object containing the generated private key

genEcKey

Generate an EC private key

1
static PKey crypto.genEcKey(String curve = "secp521r1") async;

Call parameters:

  • curve: String, specify preset elliptic curve, optional values ​​are: "secp521r1", "brainpoolP512r1", "secp384r1", "brainpoolP384r1", "secp256r1", "secp256k1", "brainpoolP256r1", "secp224r1", "secp224k1", "secp192r1", "secp192k1"

Return result:

  • PKey, Return the object containing the generated private key

genSm2Key

Generate an SM2 private key

1
static PKey crypto.genSm2Key() async;

Return result:

  • PKey, Return the object containing the generated private key

pbkdf1

Generate the required binary key according to pbkdf1 according to the plaintext password

1 2 3 4 5
static Buffer crypto.pbkdf1(Buffer password, Buffer salt, Integer iterations, Integer size, Integer algo) async;

Call parameters:

  • password: Buffer, Specify the password used
  • salt: Buffer, Specify the salt used by hmac
  • iterations: Integer, specify the number of iterations
  • size: Integer, specify key size
  • algo: Integer, specify what to use hash Algorithm, see hash Module

Return result:

  • Buffer, Return the generated binary key

Generate the required binary key according to pbkdf1 according to the plaintext password

1 2 3 4 5
static Buffer crypto.pbkdf1(Buffer password, Buffer salt, Integer iterations, Integer size, String algoName) async;

Call parameters:

  • password: Buffer, Specify the password used
  • salt: Buffer, Specify the salt used by hmac
  • iterations: Integer, specify the number of iterations
  • size: Integer, specify key size
  • algoName: String, specify what to use hash Algorithm, see hash Module

Return result:

  • Buffer, Return the generated binary key

pbkdf2

According to rfc2898, generate the required binary key according to the plaintext password

1 2 3 4 5
static Buffer crypto.pbkdf2(Buffer password, Buffer salt, Integer iterations, Integer size, Integer algo) async;

Call parameters:

  • password: Buffer, Specify the password used
  • salt: Buffer, Specify the salt used by hmac
  • iterations: Integer, specify the number of iterations
  • size: Integer, specify key size
  • algo: Integer, specify what to use hash Algorithm, see hash Module

Return result:

  • Buffer, Return the generated binary key

According to rfc2898, generate the required binary key according to the plaintext password

1 2 3 4 5
static Buffer crypto.pbkdf2(Buffer password, Buffer salt, Integer iterations, Integer size, String algoName) async;

Call parameters:

  • password: Buffer, Specify the password used
  • salt: Buffer, Specify the salt used by hmac
  • iterations: Integer, specify the number of iterations
  • size: Integer, specify key size
  • algoName: String, specify what to use hash Algorithm, see hash Module

Return result:

  • Buffer, Return the generated binary key

getHashes

Get the support of the crypto module hash(Abstract) Algorithms, such as'md5','sha224'

1
static Array crypto.getHashes();

Return result:

  • Array, Return to fibjs support hash Algorithm array

constant

AES

Specify symmetric encryption algorithm AES, support 128, 192, 256 bit keys, block cipher work mode supports ECB, CBC, CFB128, CTR, GCM, CCM, XTS

1
const crypto.AES = 1;

CAMELLIA

Specify symmetric encryption algorithm CAMELLIA, support 128, 192, 256 bit keys, block cipher work mode supports ECB, CBC, CFB128, CTR, GCM, CCM

1
const crypto.CAMELLIA = 2;

DES

Specify symmetric encryption algorithm DES, support 64-bit key, block cipher work mode supports ECB, CBC

1
const crypto.DES = 3;

DES_EDE

Specify symmetric encryption algorithm DES-EDE, support 128-bit key, block cipher work mode supports ECB, CBC

1
const crypto.DES_EDE = 4;

DES_EDE3

Specify symmetric encryption algorithm DES-EDE3, support 192-bit key, block cipher work mode supports ECB, CBC

1
const crypto.DES_EDE3 = 5;

BLOWFISH

Specify symmetric encryption algorithm BLOWFISH, support 192-bit key, block cipher work mode supports ECB, CBC, CFB64, CTR

1
const crypto.BLOWFISH = 6;

ARC4

Specify symmetric encryption algorithm ARC4, support 40, 56, 64, 128 bit keys

1
const crypto.ARC4 = 7;

ARIA

Specify symmetric encryption algorithm ARIA, support 128, 192, 256 bit keys, block cipher work mode supports ECB, CBC, CFB128, CTR, GCM, CCM

1
const crypto.ARIA = 8;

CHACHA20

Specify symmetric encryption algorithm CHACHA20, support 256-bit key, block cipher work mode supports POLY1305

1
const crypto.CHACHA20 = 9;

SM4

Specify symmetric encryption algorithm SM4, block cipher working mode supports ECB, CBC

1
const crypto.SM4 = 10;

ECB

Designated block cipher working mode supports ECB

1
const crypto.ECB = 1;

CBC

Designated block cipher working mode supports CBC

1
const crypto.CBC = 2;

CFB64

Designated block cipher working mode supports CFB64

1
const crypto.CFB64 = 3;

CFB128

Designated block cipher working mode supports CFB128

1
const crypto.CFB128 = 4;

OFB

Designated block cipher working mode supports OFB

1
const crypto.OFB = 5;

CTR

Designated block cipher working mode supports CTR

1
const crypto.CTR = 6;

GCM

Designated block cipher working mode supports GCM

1
const crypto.GCM = 7;

STREAM

Specify stream cipher mode

1
const crypto.STREAM = 8;

CCM

Designated block cipher working mode supports CCM

1
const crypto.CCM = 9;

XTS

Designated block cipher working mode supports XTS

1
const crypto.XTS = 10;

POLY1305

Designated block cipher working mode supports POLY1305

1
const crypto.POLY1305 = 11;

PKCS7

Specify the fill mode as PKCS7

1
const crypto.PKCS7 = 0;

ONE_AND_ZEROS

Specify fill mode as ONE_AND_ZEROS

1
const crypto.ONE_AND_ZEROS = 1;

ZEROS_AND_LEN

Specify the fill mode as ZEROS_AND_LEN

1
const crypto.ZEROS_AND_LEN = 2;

ZEROS

Specify the fill mode as ZEROS

1
const crypto.ZEROS = 3;

NOPADDING

Specify the filling mode as NOPADDING

1
const crypto.NOPADDING = 4;