UNPKG

46.4 kBTypeScriptView Raw
1declare module 'node:crypto' {
2 export * from 'crypto';
3}
4
5declare module 'crypto' {
6 import * as stream from 'node:stream';
7
8 interface Certificate {
9 /**
10 * @param spkac
11 * @returns The challenge component of the `spkac` data structure,
12 * which includes a public key and a challenge.
13 */
14 exportChallenge(spkac: BinaryLike): Buffer;
15 /**
16 * @param spkac
17 * @param encoding The encoding of the spkac string.
18 * @returns The public key component of the `spkac` data structure,
19 * which includes a public key and a challenge.
20 */
21 exportPublicKey(spkac: BinaryLike, encoding?: string): Buffer;
22 /**
23 * @param spkac
24 * @returns `true` if the given `spkac` data structure is valid,
25 * `false` otherwise.
26 */
27 verifySpkac(spkac: NodeJS.ArrayBufferView): boolean;
28 }
29 const Certificate: Certificate & {
30 /** @deprecated since v14.9.0 - Use static methods of `crypto.Certificate` instead. */
31 new (): Certificate;
32 /** @deprecated since v14.9.0 - Use static methods of `crypto.Certificate` instead. */
33 (): Certificate;
34 };
35
36 namespace constants {
37 // https://nodejs.org/dist/latest-v10.x/docs/api/crypto.html#crypto_crypto_constants
38 const OPENSSL_VERSION_NUMBER: number;
39
40 /** Applies multiple bug workarounds within OpenSSL. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html for detail. */
41 const SSL_OP_ALL: number;
42 /** Allows legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */
43 const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: number;
44 /** Attempts to use the server's preferences instead of the client's when selecting a cipher. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */
45 const SSL_OP_CIPHER_SERVER_PREFERENCE: number;
46 /** Instructs OpenSSL to use Cisco's "speshul" version of DTLS_BAD_VER. */
47 const SSL_OP_CISCO_ANYCONNECT: number;
48 /** Instructs OpenSSL to turn on cookie exchange. */
49 const SSL_OP_COOKIE_EXCHANGE: number;
50 /** Instructs OpenSSL to add server-hello extension from an early version of the cryptopro draft. */
51 const SSL_OP_CRYPTOPRO_TLSEXT_BUG: number;
52 /** Instructs OpenSSL to disable a SSL 3.0/TLS 1.0 vulnerability workaround added in OpenSSL 0.9.6d. */
53 const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: number;
54 /** Instructs OpenSSL to always use the tmp_rsa key when performing RSA operations. */
55 const SSL_OP_EPHEMERAL_RSA: number;
56 /** Allows initial connection to servers that do not support RI. */
57 const SSL_OP_LEGACY_SERVER_CONNECT: number;
58 const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: number;
59 const SSL_OP_MICROSOFT_SESS_ID_BUG: number;
60 /** Instructs OpenSSL to disable the workaround for a man-in-the-middle protocol-version vulnerability in the SSL 2.0 server implementation. */
61 const SSL_OP_MSIE_SSLV2_RSA_PADDING: number;
62 const SSL_OP_NETSCAPE_CA_DN_BUG: number;
63 const SSL_OP_NETSCAPE_CHALLENGE_BUG: number;
64 const SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG: number;
65 const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: number;
66 /** Instructs OpenSSL to disable support for SSL/TLS compression. */
67 const SSL_OP_NO_COMPRESSION: number;
68 const SSL_OP_NO_QUERY_MTU: number;
69 /** Instructs OpenSSL to always start a new session when performing renegotiation. */
70 const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: number;
71 const SSL_OP_NO_SSLv2: number;
72 const SSL_OP_NO_SSLv3: number;
73 const SSL_OP_NO_TICKET: number;
74 const SSL_OP_NO_TLSv1: number;
75 const SSL_OP_NO_TLSv1_1: number;
76 const SSL_OP_NO_TLSv1_2: number;
77 const SSL_OP_PKCS1_CHECK_1: number;
78 const SSL_OP_PKCS1_CHECK_2: number;
79 /** Instructs OpenSSL to always create a new key when using temporary/ephemeral DH parameters. */
80 const SSL_OP_SINGLE_DH_USE: number;
81 /** Instructs OpenSSL to always create a new key when using temporary/ephemeral ECDH parameters. */
82 const SSL_OP_SINGLE_ECDH_USE: number;
83 const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: number;
84 const SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG: number;
85 const SSL_OP_TLS_BLOCK_PADDING_BUG: number;
86 const SSL_OP_TLS_D5_BUG: number;
87 /** Instructs OpenSSL to disable version rollback attack detection. */
88 const SSL_OP_TLS_ROLLBACK_BUG: number;
89
90 const ENGINE_METHOD_RSA: number;
91 const ENGINE_METHOD_DSA: number;
92 const ENGINE_METHOD_DH: number;
93 const ENGINE_METHOD_RAND: number;
94 const ENGINE_METHOD_EC: number;
95 const ENGINE_METHOD_CIPHERS: number;
96 const ENGINE_METHOD_DIGESTS: number;
97 const ENGINE_METHOD_PKEY_METHS: number;
98 const ENGINE_METHOD_PKEY_ASN1_METHS: number;
99 const ENGINE_METHOD_ALL: number;
100 const ENGINE_METHOD_NONE: number;
101
102 const DH_CHECK_P_NOT_SAFE_PRIME: number;
103 const DH_CHECK_P_NOT_PRIME: number;
104 const DH_UNABLE_TO_CHECK_GENERATOR: number;
105 const DH_NOT_SUITABLE_GENERATOR: number;
106
107 const ALPN_ENABLED: number;
108
109 const RSA_PKCS1_PADDING: number;
110 const RSA_SSLV23_PADDING: number;
111 const RSA_NO_PADDING: number;
112 const RSA_PKCS1_OAEP_PADDING: number;
113 const RSA_X931_PADDING: number;
114 const RSA_PKCS1_PSS_PADDING: number;
115 /** Sets the salt length for RSA_PKCS1_PSS_PADDING to the digest size when signing or verifying. */
116 const RSA_PSS_SALTLEN_DIGEST: number;
117 /** Sets the salt length for RSA_PKCS1_PSS_PADDING to the maximum permissible value when signing data. */
118 const RSA_PSS_SALTLEN_MAX_SIGN: number;
119 /** Causes the salt length for RSA_PKCS1_PSS_PADDING to be determined automatically when verifying a signature. */
120 const RSA_PSS_SALTLEN_AUTO: number;
121
122 const POINT_CONVERSION_COMPRESSED: number;
123 const POINT_CONVERSION_UNCOMPRESSED: number;
124 const POINT_CONVERSION_HYBRID: number;
125
126 /** Specifies the built-in default cipher list used by Node.js (colon-separated values). */
127 const defaultCoreCipherList: string;
128 /** Specifies the active default cipher list used by the current Node.js process (colon-separated values). */
129 const defaultCipherList: string;
130 }
131
132 interface HashOptions extends stream.TransformOptions {
133 /**
134 * For XOF hash functions such as `shake256`, the
135 * outputLength option can be used to specify the desired output length in bytes.
136 */
137 outputLength?: number;
138 }
139
140 /** @deprecated since v10.0.0 */
141 const fips: boolean;
142
143 function createHash(algorithm: string, options?: HashOptions): Hash;
144 function createHmac(algorithm: string, key: BinaryLike | KeyObject, options?: stream.TransformOptions): Hmac;
145
146 // https://nodejs.org/api/buffer.html#buffer_buffers_and_character_encodings
147 type BinaryToTextEncoding = 'base64' | 'hex';
148 type CharacterEncoding = 'utf8' | 'utf-8' | 'utf16le' | 'latin1';
149 type LegacyCharacterEncoding = 'ascii' | 'binary' | 'ucs2' | 'ucs-2';
150
151 type Encoding = BinaryToTextEncoding | CharacterEncoding | LegacyCharacterEncoding;
152
153 type ECDHKeyFormat = 'compressed' | 'uncompressed' | 'hybrid';
154
155 class Hash extends stream.Transform {
156 private constructor();
157 copy(): Hash;
158 update(data: BinaryLike): Hash;
159 update(data: string, input_encoding: Encoding): Hash;
160 digest(): Buffer;
161 digest(encoding: BinaryToTextEncoding): string;
162 }
163 class Hmac extends stream.Transform {
164 private constructor();
165 update(data: BinaryLike): Hmac;
166 update(data: string, input_encoding: Encoding): Hmac;
167 digest(): Buffer;
168 digest(encoding: BinaryToTextEncoding): string;
169 }
170
171 type KeyObjectType = 'secret' | 'public' | 'private';
172
173 interface KeyExportOptions<T extends KeyFormat> {
174 type: 'pkcs1' | 'spki' | 'pkcs8' | 'sec1';
175 format: T;
176 cipher?: string;
177 passphrase?: string | Buffer;
178 }
179
180 class KeyObject {
181 private constructor();
182 asymmetricKeyType?: KeyType;
183 /**
184 * For asymmetric keys, this property represents the size of the embedded key in
185 * bytes. This property is `undefined` for symmetric keys.
186 */
187 asymmetricKeySize?: number;
188 export(options: KeyExportOptions<'pem'>): string | Buffer;
189 export(options?: KeyExportOptions<'der'>): Buffer;
190 symmetricKeySize?: number;
191 type: KeyObjectType;
192 }
193
194 type CipherCCMTypes = 'aes-128-ccm' | 'aes-192-ccm' | 'aes-256-ccm' | 'chacha20-poly1305';
195 type CipherGCMTypes = 'aes-128-gcm' | 'aes-192-gcm' | 'aes-256-gcm';
196
197 type BinaryLike = string | NodeJS.ArrayBufferView;
198
199 type CipherKey = BinaryLike | KeyObject;
200
201 interface CipherCCMOptions extends stream.TransformOptions {
202 authTagLength: number;
203 }
204 interface CipherGCMOptions extends stream.TransformOptions {
205 authTagLength?: number;
206 }
207 /** @deprecated since v10.0.0 use `createCipheriv()` */
208 function createCipher(algorithm: CipherCCMTypes, password: BinaryLike, options: CipherCCMOptions): CipherCCM;
209 /** @deprecated since v10.0.0 use `createCipheriv()` */
210 function createCipher(algorithm: CipherGCMTypes, password: BinaryLike, options?: CipherGCMOptions): CipherGCM;
211 /** @deprecated since v10.0.0 use `createCipheriv()` */
212 function createCipher(algorithm: string, password: BinaryLike, options?: stream.TransformOptions): Cipher;
213
214 function createCipheriv(
215 algorithm: CipherCCMTypes,
216 key: CipherKey,
217 iv: BinaryLike | null,
218 options: CipherCCMOptions,
219 ): CipherCCM;
220 function createCipheriv(
221 algorithm: CipherGCMTypes,
222 key: CipherKey,
223 iv: BinaryLike | null,
224 options?: CipherGCMOptions,
225 ): CipherGCM;
226 function createCipheriv(
227 algorithm: string,
228 key: CipherKey,
229 iv: BinaryLike | null,
230 options?: stream.TransformOptions,
231 ): Cipher;
232
233 class Cipher extends stream.Transform {
234 private constructor();
235 update(data: BinaryLike): Buffer;
236 update(data: string, input_encoding: Encoding): Buffer;
237 update(data: NodeJS.ArrayBufferView, input_encoding: undefined, output_encoding: Encoding): string;
238 update(data: string, input_encoding: Encoding | undefined, output_encoding: Encoding): string;
239 final(): Buffer;
240 final(output_encoding: BufferEncoding): string;
241 setAutoPadding(auto_padding?: boolean): this;
242 // getAuthTag(): Buffer;
243 // setAAD(buffer: NodeJS.ArrayBufferView): this;
244 }
245 interface CipherCCM extends Cipher {
246 setAAD(buffer: NodeJS.ArrayBufferView, options: { plaintextLength: number }): this;
247 getAuthTag(): Buffer;
248 }
249 interface CipherGCM extends Cipher {
250 setAAD(buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number }): this;
251 getAuthTag(): Buffer;
252 }
253 /** @deprecated since v10.0.0 use `createDecipheriv()` */
254 function createDecipher(algorithm: CipherCCMTypes, password: BinaryLike, options: CipherCCMOptions): DecipherCCM;
255 /** @deprecated since v10.0.0 use `createDecipheriv()` */
256 function createDecipher(algorithm: CipherGCMTypes, password: BinaryLike, options?: CipherGCMOptions): DecipherGCM;
257 /** @deprecated since v10.0.0 use `createDecipheriv()` */
258 function createDecipher(algorithm: string, password: BinaryLike, options?: stream.TransformOptions): Decipher;
259
260 function createDecipheriv(
261 algorithm: CipherCCMTypes,
262 key: CipherKey,
263 iv: BinaryLike | null,
264 options: CipherCCMOptions,
265 ): DecipherCCM;
266 function createDecipheriv(
267 algorithm: CipherGCMTypes,
268 key: CipherKey,
269 iv: BinaryLike | null,
270 options?: CipherGCMOptions,
271 ): DecipherGCM;
272 function createDecipheriv(
273 algorithm: string,
274 key: CipherKey,
275 iv: BinaryLike | null,
276 options?: stream.TransformOptions,
277 ): Decipher;
278
279 class Decipher extends stream.Transform {
280 private constructor();
281 update(data: NodeJS.ArrayBufferView): Buffer;
282 update(data: string, input_encoding: Encoding): Buffer;
283 update(data: NodeJS.ArrayBufferView, input_encoding: undefined, output_encoding: Encoding): string;
284 update(data: string, input_encoding: Encoding | undefined, output_encoding: Encoding): string;
285 final(): Buffer;
286 final(output_encoding: BufferEncoding): string;
287 setAutoPadding(auto_padding?: boolean): this;
288 // setAuthTag(tag: NodeJS.ArrayBufferView): this;
289 // setAAD(buffer: NodeJS.ArrayBufferView): this;
290 }
291 interface DecipherCCM extends Decipher {
292 setAuthTag(buffer: NodeJS.ArrayBufferView): this;
293 setAAD(buffer: NodeJS.ArrayBufferView, options: { plaintextLength: number }): this;
294 }
295 interface DecipherGCM extends Decipher {
296 setAuthTag(buffer: NodeJS.ArrayBufferView): this;
297 setAAD(buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number }): this;
298 }
299
300 interface PrivateKeyInput {
301 key: string | Buffer;
302 format?: KeyFormat;
303 type?: 'pkcs1' | 'pkcs8' | 'sec1';
304 passphrase?: string | Buffer;
305 }
306
307 interface PublicKeyInput {
308 key: string | Buffer;
309 format?: KeyFormat;
310 type?: 'pkcs1' | 'spki';
311 }
312
313 function createPrivateKey(key: PrivateKeyInput | string | Buffer): KeyObject;
314 function createPublicKey(key: PublicKeyInput | string | Buffer | KeyObject): KeyObject;
315 function createSecretKey(key: NodeJS.ArrayBufferView): KeyObject;
316
317 function createSign(algorithm: string, options?: stream.WritableOptions): Signer;
318
319 type DSAEncoding = 'der' | 'ieee-p1363';
320
321 interface SigningOptions {
322 /**
323 * @See crypto.constants.RSA_PKCS1_PADDING
324 */
325 padding?: number;
326 saltLength?: number;
327 dsaEncoding?: DSAEncoding;
328 }
329
330 interface SignPrivateKeyInput extends PrivateKeyInput, SigningOptions {}
331 interface SignKeyObjectInput extends SigningOptions {
332 key: KeyObject;
333 }
334 interface VerifyPublicKeyInput extends PublicKeyInput, SigningOptions {}
335 interface VerifyKeyObjectInput extends SigningOptions {
336 key: KeyObject;
337 }
338
339 type KeyLike = string | Buffer | KeyObject;
340
341 class Signer extends stream.Writable {
342 private constructor();
343
344 update(data: BinaryLike): Signer;
345 update(data: string, input_encoding: Encoding): Signer;
346 sign(private_key: KeyLike | SignKeyObjectInput | SignPrivateKeyInput): Buffer;
347 sign(
348 private_key: KeyLike | SignKeyObjectInput | SignPrivateKeyInput,
349 output_format: BinaryToTextEncoding,
350 ): string;
351 }
352
353 function createVerify(algorithm: string, options?: stream.WritableOptions): Verify;
354 class Verify extends stream.Writable {
355 private constructor();
356
357 update(data: BinaryLike): Verify;
358 update(data: string, input_encoding: Encoding): Verify;
359 verify(
360 object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput,
361 signature: NodeJS.ArrayBufferView,
362 ): boolean;
363 verify(
364 object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput,
365 signature: string,
366 signature_format?: BinaryToTextEncoding,
367 ): boolean;
368 // https://nodejs.org/api/crypto.html#crypto_verifier_verify_object_signature_signature_format
369 // The signature field accepts a TypedArray type, but it is only available starting ES2017
370 }
371 function createDiffieHellman(prime_length: number, generator?: number | NodeJS.ArrayBufferView): DiffieHellman;
372 function createDiffieHellman(prime: NodeJS.ArrayBufferView): DiffieHellman;
373 function createDiffieHellman(prime: string, prime_encoding: BinaryToTextEncoding): DiffieHellman;
374 function createDiffieHellman(
375 prime: string,
376 prime_encoding: BinaryToTextEncoding,
377 generator: number | NodeJS.ArrayBufferView,
378 ): DiffieHellman;
379 function createDiffieHellman(
380 prime: string,
381 prime_encoding: BinaryToTextEncoding,
382 generator: string,
383 generator_encoding: BinaryToTextEncoding,
384 ): DiffieHellman;
385 class DiffieHellman {
386 private constructor();
387 generateKeys(): Buffer;
388 generateKeys(encoding: BinaryToTextEncoding): string;
389 computeSecret(other_public_key: NodeJS.ArrayBufferView): Buffer;
390 computeSecret(other_public_key: string, input_encoding: BinaryToTextEncoding): Buffer;
391 computeSecret(other_public_key: NodeJS.ArrayBufferView, output_encoding: BinaryToTextEncoding): string;
392 computeSecret(
393 other_public_key: string,
394 input_encoding: BinaryToTextEncoding,
395 output_encoding: BinaryToTextEncoding,
396 ): string;
397 getPrime(): Buffer;
398 getPrime(encoding: BinaryToTextEncoding): string;
399 getGenerator(): Buffer;
400 getGenerator(encoding: BinaryToTextEncoding): string;
401 getPublicKey(): Buffer;
402 getPublicKey(encoding: BinaryToTextEncoding): string;
403 getPrivateKey(): Buffer;
404 getPrivateKey(encoding: BinaryToTextEncoding): string;
405 setPublicKey(public_key: NodeJS.ArrayBufferView): void;
406 setPublicKey(public_key: string, encoding: BufferEncoding): void;
407 setPrivateKey(private_key: NodeJS.ArrayBufferView): void;
408 setPrivateKey(private_key: string, encoding: BufferEncoding): void;
409 verifyError: number;
410 }
411 function getDiffieHellman(group_name: string): DiffieHellman;
412 function pbkdf2(
413 password: BinaryLike,
414 salt: BinaryLike,
415 iterations: number,
416 keylen: number,
417 digest: string,
418 callback: (err: Error | null, derivedKey: Buffer) => any,
419 ): void;
420 function pbkdf2Sync(
421 password: BinaryLike,
422 salt: BinaryLike,
423 iterations: number,
424 keylen: number,
425 digest: string,
426 ): Buffer;
427
428 function randomBytes(size: number): Buffer;
429 function randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
430 function pseudoRandomBytes(size: number): Buffer;
431 function pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
432
433 function randomInt(max: number): number;
434 function randomInt(min: number, max: number): number;
435 function randomInt(max: number, callback: (err: Error | null, value: number) => void): void;
436 function randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void;
437
438 function randomFillSync<T extends NodeJS.ArrayBufferView>(buffer: T, offset?: number, size?: number): T;
439 function randomFill<T extends NodeJS.ArrayBufferView>(
440 buffer: T,
441 callback: (err: Error | null, buf: T) => void,
442 ): void;
443 function randomFill<T extends NodeJS.ArrayBufferView>(
444 buffer: T,
445 offset: number,
446 callback: (err: Error | null, buf: T) => void,
447 ): void;
448 function randomFill<T extends NodeJS.ArrayBufferView>(
449 buffer: T,
450 offset: number,
451 size: number,
452 callback: (err: Error | null, buf: T) => void,
453 ): void;
454
455 interface ScryptOptions {
456 cost?: number;
457 blockSize?: number;
458 parallelization?: number;
459 N?: number;
460 r?: number;
461 p?: number;
462 maxmem?: number;
463 }
464 function scrypt(
465 password: BinaryLike,
466 salt: BinaryLike,
467 keylen: number,
468 callback: (err: Error | null, derivedKey: Buffer) => void,
469 ): void;
470 function scrypt(
471 password: BinaryLike,
472 salt: BinaryLike,
473 keylen: number,
474 options: ScryptOptions,
475 callback: (err: Error | null, derivedKey: Buffer) => void,
476 ): void;
477 function scryptSync(password: BinaryLike, salt: BinaryLike, keylen: number, options?: ScryptOptions): Buffer;
478
479 interface RsaPublicKey {
480 key: KeyLike;
481 padding?: number;
482 }
483 interface RsaPrivateKey {
484 key: KeyLike;
485 passphrase?: string;
486 /**
487 * @default 'sha1'
488 */
489 oaepHash?: string;
490 oaepLabel?: NodeJS.TypedArray;
491 padding?: number;
492 }
493 function publicEncrypt(key: RsaPublicKey | RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
494 function publicDecrypt(key: RsaPublicKey | RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
495 function privateDecrypt(private_key: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
496 function privateEncrypt(private_key: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
497 function getCiphers(): string[];
498 function getCurves(): string[];
499 function getFips(): 1 | 0;
500 function getHashes(): string[];
501 class ECDH {
502 private constructor();
503 static convertKey(
504 key: BinaryLike,
505 curve: string,
506 inputEncoding?: BinaryToTextEncoding,
507 outputEncoding?: 'latin1' | 'hex' | 'base64',
508 format?: 'uncompressed' | 'compressed' | 'hybrid',
509 ): Buffer | string;
510 generateKeys(): Buffer;
511 generateKeys(encoding: BinaryToTextEncoding, format?: ECDHKeyFormat): string;
512 computeSecret(other_public_key: NodeJS.ArrayBufferView): Buffer;
513 computeSecret(other_public_key: string, input_encoding: BinaryToTextEncoding): Buffer;
514 computeSecret(other_public_key: NodeJS.ArrayBufferView, output_encoding: BinaryToTextEncoding): string;
515 computeSecret(
516 other_public_key: string,
517 input_encoding: BinaryToTextEncoding,
518 output_encoding: BinaryToTextEncoding,
519 ): string;
520 getPrivateKey(): Buffer;
521 getPrivateKey(encoding: BinaryToTextEncoding): string;
522 getPublicKey(): Buffer;
523 getPublicKey(encoding: BinaryToTextEncoding, format?: ECDHKeyFormat): string;
524 setPrivateKey(private_key: NodeJS.ArrayBufferView): void;
525 setPrivateKey(private_key: string, encoding: BinaryToTextEncoding): void;
526 }
527 function createECDH(curve_name: string): ECDH;
528 function timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
529 /** @deprecated since v10.0.0 */
530 const DEFAULT_ENCODING: BufferEncoding;
531
532 type KeyType = 'rsa' | 'dsa' | 'ec' | 'ed25519' | 'ed448' | 'x25519' | 'x448';
533 type KeyFormat = 'pem' | 'der';
534
535 interface BasePrivateKeyEncodingOptions<T extends KeyFormat> {
536 format: T;
537 cipher?: string;
538 passphrase?: string;
539 }
540
541 interface KeyPairKeyObjectResult {
542 publicKey: KeyObject;
543 privateKey: KeyObject;
544 }
545
546 interface ED25519KeyPairKeyObjectOptions {
547 /**
548 * No options.
549 */
550 }
551
552 interface ED448KeyPairKeyObjectOptions {
553 /**
554 * No options.
555 */
556 }
557
558 interface X25519KeyPairKeyObjectOptions {
559 /**
560 * No options.
561 */
562 }
563
564 interface X448KeyPairKeyObjectOptions {
565 /**
566 * No options.
567 */
568 }
569
570 interface ECKeyPairKeyObjectOptions {
571 /**
572 * Name of the curve to use.
573 */
574 namedCurve: string;
575 }
576
577 interface RSAKeyPairKeyObjectOptions {
578 /**
579 * Key size in bits
580 */
581 modulusLength: number;
582
583 /**
584 * @default 0x10001
585 */
586 publicExponent?: number;
587 }
588
589 interface DSAKeyPairKeyObjectOptions {
590 /**
591 * Key size in bits
592 */
593 modulusLength: number;
594
595 /**
596 * Size of q in bits
597 */
598 divisorLength: number;
599 }
600
601 interface RSAKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
602 /**
603 * Key size in bits
604 */
605 modulusLength: number;
606 /**
607 * @default 0x10001
608 */
609 publicExponent?: number;
610
611 publicKeyEncoding: {
612 type: 'pkcs1' | 'spki';
613 format: PubF;
614 };
615 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
616 type: 'pkcs1' | 'pkcs8';
617 };
618 }
619
620 interface DSAKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
621 /**
622 * Key size in bits
623 */
624 modulusLength: number;
625 /**
626 * Size of q in bits
627 */
628 divisorLength: number;
629
630 publicKeyEncoding: {
631 type: 'spki';
632 format: PubF;
633 };
634 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
635 type: 'pkcs8';
636 };
637 }
638
639 interface ECKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
640 /**
641 * Name of the curve to use.
642 */
643 namedCurve: string;
644
645 publicKeyEncoding: {
646 type: 'pkcs1' | 'spki';
647 format: PubF;
648 };
649 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
650 type: 'sec1' | 'pkcs8';
651 };
652 }
653
654 interface ED25519KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
655 publicKeyEncoding: {
656 type: 'spki';
657 format: PubF;
658 };
659 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
660 type: 'pkcs8';
661 };
662 }
663
664 interface ED448KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
665 publicKeyEncoding: {
666 type: 'spki';
667 format: PubF;
668 };
669 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
670 type: 'pkcs8';
671 };
672 }
673
674 interface X25519KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
675 publicKeyEncoding: {
676 type: 'spki';
677 format: PubF;
678 };
679 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
680 type: 'pkcs8';
681 };
682 }
683
684 interface X448KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
685 publicKeyEncoding: {
686 type: 'spki';
687 format: PubF;
688 };
689 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
690 type: 'pkcs8';
691 };
692 }
693
694 interface KeyPairSyncResult<T1 extends string | Buffer, T2 extends string | Buffer> {
695 publicKey: T1;
696 privateKey: T2;
697 }
698
699 function generateKeyPairSync(
700 type: 'rsa',
701 options: RSAKeyPairOptions<'pem', 'pem'>,
702 ): KeyPairSyncResult<string, string>;
703 function generateKeyPairSync(
704 type: 'rsa',
705 options: RSAKeyPairOptions<'pem', 'der'>,
706 ): KeyPairSyncResult<string, Buffer>;
707 function generateKeyPairSync(
708 type: 'rsa',
709 options: RSAKeyPairOptions<'der', 'pem'>,
710 ): KeyPairSyncResult<Buffer, string>;
711 function generateKeyPairSync(
712 type: 'rsa',
713 options: RSAKeyPairOptions<'der', 'der'>,
714 ): KeyPairSyncResult<Buffer, Buffer>;
715 function generateKeyPairSync(type: 'rsa', options: RSAKeyPairKeyObjectOptions): KeyPairKeyObjectResult;
716
717 function generateKeyPairSync(
718 type: 'dsa',
719 options: DSAKeyPairOptions<'pem', 'pem'>,
720 ): KeyPairSyncResult<string, string>;
721 function generateKeyPairSync(
722 type: 'dsa',
723 options: DSAKeyPairOptions<'pem', 'der'>,
724 ): KeyPairSyncResult<string, Buffer>;
725 function generateKeyPairSync(
726 type: 'dsa',
727 options: DSAKeyPairOptions<'der', 'pem'>,
728 ): KeyPairSyncResult<Buffer, string>;
729 function generateKeyPairSync(
730 type: 'dsa',
731 options: DSAKeyPairOptions<'der', 'der'>,
732 ): KeyPairSyncResult<Buffer, Buffer>;
733 function generateKeyPairSync(type: 'dsa', options: DSAKeyPairKeyObjectOptions): KeyPairKeyObjectResult;
734
735 function generateKeyPairSync(
736 type: 'ec',
737 options: ECKeyPairOptions<'pem', 'pem'>,
738 ): KeyPairSyncResult<string, string>;
739 function generateKeyPairSync(
740 type: 'ec',
741 options: ECKeyPairOptions<'pem', 'der'>,
742 ): KeyPairSyncResult<string, Buffer>;
743 function generateKeyPairSync(
744 type: 'ec',
745 options: ECKeyPairOptions<'der', 'pem'>,
746 ): KeyPairSyncResult<Buffer, string>;
747 function generateKeyPairSync(
748 type: 'ec',
749 options: ECKeyPairOptions<'der', 'der'>,
750 ): KeyPairSyncResult<Buffer, Buffer>;
751 function generateKeyPairSync(type: 'ec', options: ECKeyPairKeyObjectOptions): KeyPairKeyObjectResult;
752
753 function generateKeyPairSync(
754 type: 'ed25519',
755 options: ED25519KeyPairOptions<'pem', 'pem'>,
756 ): KeyPairSyncResult<string, string>;
757 function generateKeyPairSync(
758 type: 'ed25519',
759 options: ED25519KeyPairOptions<'pem', 'der'>,
760 ): KeyPairSyncResult<string, Buffer>;
761 function generateKeyPairSync(
762 type: 'ed25519',
763 options: ED25519KeyPairOptions<'der', 'pem'>,
764 ): KeyPairSyncResult<Buffer, string>;
765 function generateKeyPairSync(
766 type: 'ed25519',
767 options: ED25519KeyPairOptions<'der', 'der'>,
768 ): KeyPairSyncResult<Buffer, Buffer>;
769 function generateKeyPairSync(type: 'ed25519', options?: ED25519KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
770
771 function generateKeyPairSync(
772 type: 'ed448',
773 options: ED448KeyPairOptions<'pem', 'pem'>,
774 ): KeyPairSyncResult<string, string>;
775 function generateKeyPairSync(
776 type: 'ed448',
777 options: ED448KeyPairOptions<'pem', 'der'>,
778 ): KeyPairSyncResult<string, Buffer>;
779 function generateKeyPairSync(
780 type: 'ed448',
781 options: ED448KeyPairOptions<'der', 'pem'>,
782 ): KeyPairSyncResult<Buffer, string>;
783 function generateKeyPairSync(
784 type: 'ed448',
785 options: ED448KeyPairOptions<'der', 'der'>,
786 ): KeyPairSyncResult<Buffer, Buffer>;
787 function generateKeyPairSync(type: 'ed448', options?: ED448KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
788
789 function generateKeyPairSync(
790 type: 'x25519',
791 options: X25519KeyPairOptions<'pem', 'pem'>,
792 ): KeyPairSyncResult<string, string>;
793 function generateKeyPairSync(
794 type: 'x25519',
795 options: X25519KeyPairOptions<'pem', 'der'>,
796 ): KeyPairSyncResult<string, Buffer>;
797 function generateKeyPairSync(
798 type: 'x25519',
799 options: X25519KeyPairOptions<'der', 'pem'>,
800 ): KeyPairSyncResult<Buffer, string>;
801 function generateKeyPairSync(
802 type: 'x25519',
803 options: X25519KeyPairOptions<'der', 'der'>,
804 ): KeyPairSyncResult<Buffer, Buffer>;
805 function generateKeyPairSync(type: 'x25519', options?: X25519KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
806
807 function generateKeyPairSync(
808 type: 'x448',
809 options: X448KeyPairOptions<'pem', 'pem'>,
810 ): KeyPairSyncResult<string, string>;
811 function generateKeyPairSync(
812 type: 'x448',
813 options: X448KeyPairOptions<'pem', 'der'>,
814 ): KeyPairSyncResult<string, Buffer>;
815 function generateKeyPairSync(
816 type: 'x448',
817 options: X448KeyPairOptions<'der', 'pem'>,
818 ): KeyPairSyncResult<Buffer, string>;
819 function generateKeyPairSync(
820 type: 'x448',
821 options: X448KeyPairOptions<'der', 'der'>,
822 ): KeyPairSyncResult<Buffer, Buffer>;
823 function generateKeyPairSync(type: 'x448', options?: X448KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
824
825 function generateKeyPair(
826 type: 'rsa',
827 options: RSAKeyPairOptions<'pem', 'pem'>,
828 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
829 ): void;
830 function generateKeyPair(
831 type: 'rsa',
832 options: RSAKeyPairOptions<'pem', 'der'>,
833 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
834 ): void;
835 function generateKeyPair(
836 type: 'rsa',
837 options: RSAKeyPairOptions<'der', 'pem'>,
838 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
839 ): void;
840 function generateKeyPair(
841 type: 'rsa',
842 options: RSAKeyPairOptions<'der', 'der'>,
843 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
844 ): void;
845 function generateKeyPair(
846 type: 'rsa',
847 options: RSAKeyPairKeyObjectOptions,
848 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
849 ): void;
850
851 function generateKeyPair(
852 type: 'dsa',
853 options: DSAKeyPairOptions<'pem', 'pem'>,
854 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
855 ): void;
856 function generateKeyPair(
857 type: 'dsa',
858 options: DSAKeyPairOptions<'pem', 'der'>,
859 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
860 ): void;
861 function generateKeyPair(
862 type: 'dsa',
863 options: DSAKeyPairOptions<'der', 'pem'>,
864 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
865 ): void;
866 function generateKeyPair(
867 type: 'dsa',
868 options: DSAKeyPairOptions<'der', 'der'>,
869 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
870 ): void;
871 function generateKeyPair(
872 type: 'dsa',
873 options: DSAKeyPairKeyObjectOptions,
874 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
875 ): void;
876
877 function generateKeyPair(
878 type: 'ec',
879 options: ECKeyPairOptions<'pem', 'pem'>,
880 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
881 ): void;
882 function generateKeyPair(
883 type: 'ec',
884 options: ECKeyPairOptions<'pem', 'der'>,
885 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
886 ): void;
887 function generateKeyPair(
888 type: 'ec',
889 options: ECKeyPairOptions<'der', 'pem'>,
890 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
891 ): void;
892 function generateKeyPair(
893 type: 'ec',
894 options: ECKeyPairOptions<'der', 'der'>,
895 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
896 ): void;
897 function generateKeyPair(
898 type: 'ec',
899 options: ECKeyPairKeyObjectOptions,
900 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
901 ): void;
902
903 function generateKeyPair(
904 type: 'ed25519',
905 options: ED25519KeyPairOptions<'pem', 'pem'>,
906 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
907 ): void;
908 function generateKeyPair(
909 type: 'ed25519',
910 options: ED25519KeyPairOptions<'pem', 'der'>,
911 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
912 ): void;
913 function generateKeyPair(
914 type: 'ed25519',
915 options: ED25519KeyPairOptions<'der', 'pem'>,
916 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
917 ): void;
918 function generateKeyPair(
919 type: 'ed25519',
920 options: ED25519KeyPairOptions<'der', 'der'>,
921 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
922 ): void;
923 function generateKeyPair(
924 type: 'ed25519',
925 options: ED25519KeyPairKeyObjectOptions | undefined,
926 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
927 ): void;
928
929 function generateKeyPair(
930 type: 'ed448',
931 options: ED448KeyPairOptions<'pem', 'pem'>,
932 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
933 ): void;
934 function generateKeyPair(
935 type: 'ed448',
936 options: ED448KeyPairOptions<'pem', 'der'>,
937 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
938 ): void;
939 function generateKeyPair(
940 type: 'ed448',
941 options: ED448KeyPairOptions<'der', 'pem'>,
942 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
943 ): void;
944 function generateKeyPair(
945 type: 'ed448',
946 options: ED448KeyPairOptions<'der', 'der'>,
947 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
948 ): void;
949 function generateKeyPair(
950 type: 'ed448',
951 options: ED448KeyPairKeyObjectOptions | undefined,
952 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
953 ): void;
954
955 function generateKeyPair(
956 type: 'x25519',
957 options: X25519KeyPairOptions<'pem', 'pem'>,
958 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
959 ): void;
960 function generateKeyPair(
961 type: 'x25519',
962 options: X25519KeyPairOptions<'pem', 'der'>,
963 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
964 ): void;
965 function generateKeyPair(
966 type: 'x25519',
967 options: X25519KeyPairOptions<'der', 'pem'>,
968 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
969 ): void;
970 function generateKeyPair(
971 type: 'x25519',
972 options: X25519KeyPairOptions<'der', 'der'>,
973 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
974 ): void;
975 function generateKeyPair(
976 type: 'x25519',
977 options: X25519KeyPairKeyObjectOptions | undefined,
978 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
979 ): void;
980
981 function generateKeyPair(
982 type: 'x448',
983 options: X448KeyPairOptions<'pem', 'pem'>,
984 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
985 ): void;
986 function generateKeyPair(
987 type: 'x448',
988 options: X448KeyPairOptions<'pem', 'der'>,
989 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
990 ): void;
991 function generateKeyPair(
992 type: 'x448',
993 options: X448KeyPairOptions<'der', 'pem'>,
994 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
995 ): void;
996 function generateKeyPair(
997 type: 'x448',
998 options: X448KeyPairOptions<'der', 'der'>,
999 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
1000 ): void;
1001 function generateKeyPair(
1002 type: 'x448',
1003 options: X448KeyPairKeyObjectOptions | undefined,
1004 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
1005 ): void;
1006
1007 namespace generateKeyPair {
1008 function __promisify__(
1009 type: 'rsa',
1010 options: RSAKeyPairOptions<'pem', 'pem'>,
1011 ): Promise<{ publicKey: string; privateKey: string }>;
1012 function __promisify__(
1013 type: 'rsa',
1014 options: RSAKeyPairOptions<'pem', 'der'>,
1015 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1016 function __promisify__(
1017 type: 'rsa',
1018 options: RSAKeyPairOptions<'der', 'pem'>,
1019 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1020 function __promisify__(
1021 type: 'rsa',
1022 options: RSAKeyPairOptions<'der', 'der'>,
1023 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1024 function __promisify__(type: 'rsa', options: RSAKeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1025
1026 function __promisify__(
1027 type: 'dsa',
1028 options: DSAKeyPairOptions<'pem', 'pem'>,
1029 ): Promise<{ publicKey: string; privateKey: string }>;
1030 function __promisify__(
1031 type: 'dsa',
1032 options: DSAKeyPairOptions<'pem', 'der'>,
1033 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1034 function __promisify__(
1035 type: 'dsa',
1036 options: DSAKeyPairOptions<'der', 'pem'>,
1037 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1038 function __promisify__(
1039 type: 'dsa',
1040 options: DSAKeyPairOptions<'der', 'der'>,
1041 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1042 function __promisify__(type: 'dsa', options: DSAKeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1043
1044 function __promisify__(
1045 type: 'ec',
1046 options: ECKeyPairOptions<'pem', 'pem'>,
1047 ): Promise<{ publicKey: string; privateKey: string }>;
1048 function __promisify__(
1049 type: 'ec',
1050 options: ECKeyPairOptions<'pem', 'der'>,
1051 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1052 function __promisify__(
1053 type: 'ec',
1054 options: ECKeyPairOptions<'der', 'pem'>,
1055 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1056 function __promisify__(
1057 type: 'ec',
1058 options: ECKeyPairOptions<'der', 'der'>,
1059 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1060 function __promisify__(type: 'ec', options: ECKeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1061
1062 function __promisify__(
1063 type: 'ed25519',
1064 options: ED25519KeyPairOptions<'pem', 'pem'>,
1065 ): Promise<{ publicKey: string; privateKey: string }>;
1066 function __promisify__(
1067 type: 'ed25519',
1068 options: ED25519KeyPairOptions<'pem', 'der'>,
1069 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1070 function __promisify__(
1071 type: 'ed25519',
1072 options: ED25519KeyPairOptions<'der', 'pem'>,
1073 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1074 function __promisify__(
1075 type: 'ed25519',
1076 options: ED25519KeyPairOptions<'der', 'der'>,
1077 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1078 function __promisify__(
1079 type: 'ed25519',
1080 options?: ED25519KeyPairKeyObjectOptions,
1081 ): Promise<KeyPairKeyObjectResult>;
1082
1083 function __promisify__(
1084 type: 'ed448',
1085 options: ED448KeyPairOptions<'pem', 'pem'>,
1086 ): Promise<{ publicKey: string; privateKey: string }>;
1087 function __promisify__(
1088 type: 'ed448',
1089 options: ED448KeyPairOptions<'pem', 'der'>,
1090 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1091 function __promisify__(
1092 type: 'ed448',
1093 options: ED448KeyPairOptions<'der', 'pem'>,
1094 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1095 function __promisify__(
1096 type: 'ed448',
1097 options: ED448KeyPairOptions<'der', 'der'>,
1098 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1099 function __promisify__(type: 'ed448', options?: ED448KeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1100
1101 function __promisify__(
1102 type: 'x25519',
1103 options: X25519KeyPairOptions<'pem', 'pem'>,
1104 ): Promise<{ publicKey: string; privateKey: string }>;
1105 function __promisify__(
1106 type: 'x25519',
1107 options: X25519KeyPairOptions<'pem', 'der'>,
1108 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1109 function __promisify__(
1110 type: 'x25519',
1111 options: X25519KeyPairOptions<'der', 'pem'>,
1112 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1113 function __promisify__(
1114 type: 'x25519',
1115 options: X25519KeyPairOptions<'der', 'der'>,
1116 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1117 function __promisify__(
1118 type: 'x25519',
1119 options?: X25519KeyPairKeyObjectOptions,
1120 ): Promise<KeyPairKeyObjectResult>;
1121
1122 function __promisify__(
1123 type: 'x448',
1124 options: X448KeyPairOptions<'pem', 'pem'>,
1125 ): Promise<{ publicKey: string; privateKey: string }>;
1126 function __promisify__(
1127 type: 'x448',
1128 options: X448KeyPairOptions<'pem', 'der'>,
1129 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1130 function __promisify__(
1131 type: 'x448',
1132 options: X448KeyPairOptions<'der', 'pem'>,
1133 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1134 function __promisify__(
1135 type: 'x448',
1136 options: X448KeyPairOptions<'der', 'der'>,
1137 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1138 function __promisify__(type: 'x448', options?: X448KeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1139 }
1140
1141 /**
1142 * Calculates and returns the signature for `data` using the given private key and
1143 * algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is
1144 * dependent upon the key type (especially Ed25519 and Ed448).
1145 *
1146 * If `key` is not a [`KeyObject`][], this function behaves as if `key` had been
1147 * passed to [`crypto.createPrivateKey()`][].
1148 */
1149 function sign(
1150 algorithm: string | null | undefined,
1151 data: NodeJS.ArrayBufferView,
1152 key: KeyLike | SignKeyObjectInput | SignPrivateKeyInput,
1153 ): Buffer;
1154
1155 /**
1156 * Calculates and returns the signature for `data` using the given private key and
1157 * algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is
1158 * dependent upon the key type (especially Ed25519 and Ed448).
1159 *
1160 * If `key` is not a [`KeyObject`][], this function behaves as if `key` had been
1161 * passed to [`crypto.createPublicKey()`][].
1162 */
1163 function verify(
1164 algorithm: string | null | undefined,
1165 data: NodeJS.ArrayBufferView,
1166 key: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput,
1167 signature: NodeJS.ArrayBufferView,
1168 ): boolean;
1169
1170 /**
1171 * Computes the Diffie-Hellman secret based on a privateKey and a publicKey.
1172 * Both keys must have the same asymmetricKeyType, which must be one of
1173 * 'dh' (for Diffie-Hellman), 'ec' (for ECDH), 'x448', or 'x25519' (for ECDH-ES).
1174 */
1175 function diffieHellman(options: { privateKey: KeyObject; publicKey: KeyObject }): Buffer;
1176}