UNPKG

51.1 kBTypeScriptView Raw
1declare module 'crypto' {
2 import * as stream from 'stream';
3
4 interface Certificate {
5 /**
6 * @param spkac
7 * @returns The challenge component of the `spkac` data structure,
8 * which includes a public key and a challenge.
9 */
10 exportChallenge(spkac: BinaryLike): Buffer;
11 /**
12 * @param spkac
13 * @param encoding The encoding of the spkac string.
14 * @returns The public key component of the `spkac` data structure,
15 * which includes a public key and a challenge.
16 */
17 exportPublicKey(spkac: BinaryLike, encoding?: string): Buffer;
18 /**
19 * @param spkac
20 * @returns `true` if the given `spkac` data structure is valid,
21 * `false` otherwise.
22 */
23 verifySpkac(spkac: NodeJS.ArrayBufferView): boolean;
24 }
25 const Certificate: Certificate & {
26 /** @deprecated since v14.9.0 - Use static methods of `crypto.Certificate` instead. */
27 new (): Certificate;
28 /** @deprecated since v14.9.0 - Use static methods of `crypto.Certificate` instead. */
29 (): Certificate;
30 };
31
32 namespace constants {
33 // https://nodejs.org/dist/latest-v10.x/docs/api/crypto.html#crypto_crypto_constants
34 const OPENSSL_VERSION_NUMBER: number;
35
36 /** Applies multiple bug workarounds within OpenSSL. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html for detail. */
37 const SSL_OP_ALL: number;
38 /** Allows legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */
39 const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: number;
40 /** Attempts to use the server's preferences instead of the client's when selecting a cipher. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */
41 const SSL_OP_CIPHER_SERVER_PREFERENCE: number;
42 /** Instructs OpenSSL to use Cisco's "speshul" version of DTLS_BAD_VER. */
43 const SSL_OP_CISCO_ANYCONNECT: number;
44 /** Instructs OpenSSL to turn on cookie exchange. */
45 const SSL_OP_COOKIE_EXCHANGE: number;
46 /** Instructs OpenSSL to add server-hello extension from an early version of the cryptopro draft. */
47 const SSL_OP_CRYPTOPRO_TLSEXT_BUG: number;
48 /** Instructs OpenSSL to disable a SSL 3.0/TLS 1.0 vulnerability workaround added in OpenSSL 0.9.6d. */
49 const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: number;
50 /** Instructs OpenSSL to always use the tmp_rsa key when performing RSA operations. */
51 const SSL_OP_EPHEMERAL_RSA: number;
52 /** Allows initial connection to servers that do not support RI. */
53 const SSL_OP_LEGACY_SERVER_CONNECT: number;
54 const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: number;
55 const SSL_OP_MICROSOFT_SESS_ID_BUG: number;
56 /** Instructs OpenSSL to disable the workaround for a man-in-the-middle protocol-version vulnerability in the SSL 2.0 server implementation. */
57 const SSL_OP_MSIE_SSLV2_RSA_PADDING: number;
58 const SSL_OP_NETSCAPE_CA_DN_BUG: number;
59 const SSL_OP_NETSCAPE_CHALLENGE_BUG: number;
60 const SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG: number;
61 const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: number;
62 /** Instructs OpenSSL to disable support for SSL/TLS compression. */
63 const SSL_OP_NO_COMPRESSION: number;
64 const SSL_OP_NO_QUERY_MTU: number;
65 /** Instructs OpenSSL to always start a new session when performing renegotiation. */
66 const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: number;
67 const SSL_OP_NO_SSLv2: number;
68 const SSL_OP_NO_SSLv3: number;
69 const SSL_OP_NO_TICKET: number;
70 const SSL_OP_NO_TLSv1: number;
71 const SSL_OP_NO_TLSv1_1: number;
72 const SSL_OP_NO_TLSv1_2: number;
73 const SSL_OP_PKCS1_CHECK_1: number;
74 const SSL_OP_PKCS1_CHECK_2: number;
75 /** Instructs OpenSSL to always create a new key when using temporary/ephemeral DH parameters. */
76 const SSL_OP_SINGLE_DH_USE: number;
77 /** Instructs OpenSSL to always create a new key when using temporary/ephemeral ECDH parameters. */
78 const SSL_OP_SINGLE_ECDH_USE: number;
79 const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: number;
80 const SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG: number;
81 const SSL_OP_TLS_BLOCK_PADDING_BUG: number;
82 const SSL_OP_TLS_D5_BUG: number;
83 /** Instructs OpenSSL to disable version rollback attack detection. */
84 const SSL_OP_TLS_ROLLBACK_BUG: number;
85
86 const ENGINE_METHOD_RSA: number;
87 const ENGINE_METHOD_DSA: number;
88 const ENGINE_METHOD_DH: number;
89 const ENGINE_METHOD_RAND: number;
90 const ENGINE_METHOD_EC: number;
91 const ENGINE_METHOD_CIPHERS: number;
92 const ENGINE_METHOD_DIGESTS: number;
93 const ENGINE_METHOD_PKEY_METHS: number;
94 const ENGINE_METHOD_PKEY_ASN1_METHS: number;
95 const ENGINE_METHOD_ALL: number;
96 const ENGINE_METHOD_NONE: number;
97
98 const DH_CHECK_P_NOT_SAFE_PRIME: number;
99 const DH_CHECK_P_NOT_PRIME: number;
100 const DH_UNABLE_TO_CHECK_GENERATOR: number;
101 const DH_NOT_SUITABLE_GENERATOR: number;
102
103 const ALPN_ENABLED: number;
104
105 const RSA_PKCS1_PADDING: number;
106 const RSA_SSLV23_PADDING: number;
107 const RSA_NO_PADDING: number;
108 const RSA_PKCS1_OAEP_PADDING: number;
109 const RSA_X931_PADDING: number;
110 const RSA_PKCS1_PSS_PADDING: number;
111 /** Sets the salt length for RSA_PKCS1_PSS_PADDING to the digest size when signing or verifying. */
112 const RSA_PSS_SALTLEN_DIGEST: number;
113 /** Sets the salt length for RSA_PKCS1_PSS_PADDING to the maximum permissible value when signing data. */
114 const RSA_PSS_SALTLEN_MAX_SIGN: number;
115 /** Causes the salt length for RSA_PKCS1_PSS_PADDING to be determined automatically when verifying a signature. */
116 const RSA_PSS_SALTLEN_AUTO: number;
117
118 const POINT_CONVERSION_COMPRESSED: number;
119 const POINT_CONVERSION_UNCOMPRESSED: number;
120 const POINT_CONVERSION_HYBRID: number;
121
122 /** Specifies the built-in default cipher list used by Node.js (colon-separated values). */
123 const defaultCoreCipherList: string;
124 /** Specifies the active default cipher list used by the current Node.js process (colon-separated values). */
125 const defaultCipherList: string;
126 }
127
128 interface HashOptions extends stream.TransformOptions {
129 /**
130 * For XOF hash functions such as `shake256`, the
131 * outputLength option can be used to specify the desired output length in bytes.
132 */
133 outputLength?: number | undefined;
134 }
135
136 /** @deprecated since v10.0.0 */
137 const fips: boolean;
138
139 function createHash(algorithm: string, options?: HashOptions): Hash;
140 function createHmac(algorithm: string, key: BinaryLike | KeyObject, options?: stream.TransformOptions): Hmac;
141
142 // https://nodejs.org/api/buffer.html#buffer_buffers_and_character_encodings
143 type BinaryToTextEncoding = 'base64' | 'base64url' | 'hex';
144 type CharacterEncoding = 'utf8' | 'utf-8' | 'utf16le' | 'latin1';
145 type LegacyCharacterEncoding = 'ascii' | 'binary' | 'ucs2' | 'ucs-2';
146
147 type Encoding = BinaryToTextEncoding | CharacterEncoding | LegacyCharacterEncoding;
148
149 type ECDHKeyFormat = 'compressed' | 'uncompressed' | 'hybrid';
150
151 class Hash extends stream.Transform {
152 private constructor();
153 copy(): Hash;
154 update(data: BinaryLike): Hash;
155 update(data: string, input_encoding: Encoding): Hash;
156 digest(): Buffer;
157 digest(encoding: BinaryToTextEncoding): string;
158 }
159 class Hmac extends stream.Transform {
160 private constructor();
161 update(data: BinaryLike): Hmac;
162 update(data: string, input_encoding: Encoding): Hmac;
163 digest(): Buffer;
164 digest(encoding: BinaryToTextEncoding): string;
165 }
166
167 type KeyObjectType = 'secret' | 'public' | 'private';
168
169 interface KeyExportOptions<T extends KeyFormat> {
170 type: 'pkcs1' | 'spki' | 'pkcs8' | 'sec1';
171 format: T;
172 cipher?: string | undefined;
173 passphrase?: string | Buffer | undefined;
174 }
175
176 class KeyObject {
177 private constructor();
178 asymmetricKeyType?: KeyType | undefined;
179 /**
180 * For asymmetric keys, this property represents the size of the embedded key in
181 * bytes. This property is `undefined` for symmetric keys.
182 */
183 asymmetricKeySize?: number | undefined;
184 export(options: KeyExportOptions<'pem'>): string | Buffer;
185 export(options?: KeyExportOptions<'der'>): Buffer;
186 symmetricKeySize?: number | undefined;
187 type: KeyObjectType;
188 }
189
190 type CipherCCMTypes = 'aes-128-ccm' | 'aes-192-ccm' | 'aes-256-ccm' | 'chacha20-poly1305';
191 type CipherGCMTypes = 'aes-128-gcm' | 'aes-192-gcm' | 'aes-256-gcm';
192 type CipherOCBTypes = 'aes-128-ocb' | 'aes-192-ocb' | 'aes-256-ocb';
193
194 type BinaryLike = string | NodeJS.ArrayBufferView;
195
196 type CipherKey = BinaryLike | KeyObject;
197
198 interface CipherCCMOptions extends stream.TransformOptions {
199 authTagLength: number;
200 }
201 interface CipherGCMOptions extends stream.TransformOptions {
202 authTagLength?: number | undefined;
203 }
204 interface CipherOCBOptions extends stream.TransformOptions {
205 authTagLength: number;
206 }
207 /** @deprecated since v10.0.0 use `createCipheriv()` */
208 function createCipher(algorithm: CipherCCMTypes, password: BinaryLike, options: CipherCCMOptions): CipherCCM;
209 /** @deprecated since v10.0.0 use `createCipheriv()` */
210 function createCipher(algorithm: CipherGCMTypes, password: BinaryLike, options?: CipherGCMOptions): CipherGCM;
211 /** @deprecated since v10.0.0 use `createCipheriv()` */
212 function createCipher(algorithm: string, password: BinaryLike, options?: stream.TransformOptions): Cipher;
213
214 function createCipheriv(
215 algorithm: CipherCCMTypes,
216 key: CipherKey,
217 iv: BinaryLike,
218 options: CipherCCMOptions,
219 ): CipherCCM;
220 function createCipheriv(
221 algorithm: CipherOCBTypes,
222 key: CipherKey,
223 iv: BinaryLike,
224 options: CipherOCBOptions,
225 ): CipherOCB;
226 function createCipheriv(
227 algorithm: CipherGCMTypes,
228 key: CipherKey,
229 iv: BinaryLike,
230 options?: CipherGCMOptions,
231 ): CipherGCM;
232 function createCipheriv(
233 algorithm: string,
234 key: CipherKey,
235 iv: BinaryLike | null,
236 options?: stream.TransformOptions,
237 ): Cipher;
238
239 class Cipher extends stream.Transform {
240 private constructor();
241 update(data: BinaryLike): Buffer;
242 update(data: string, input_encoding: Encoding): Buffer;
243 update(data: NodeJS.ArrayBufferView, input_encoding: undefined, output_encoding: Encoding): string;
244 update(data: string, input_encoding: Encoding | undefined, output_encoding: Encoding): string;
245 final(): Buffer;
246 final(output_encoding: BufferEncoding): string;
247 setAutoPadding(auto_padding?: boolean): this;
248 // getAuthTag(): Buffer;
249 // setAAD(buffer: NodeJS.ArrayBufferView): this;
250 }
251 interface CipherCCM extends Cipher {
252 setAAD(buffer: NodeJS.ArrayBufferView, options: { plaintextLength: number }): this;
253 getAuthTag(): Buffer;
254 }
255 interface CipherGCM extends Cipher {
256 setAAD(buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number }): this;
257 getAuthTag(): Buffer;
258 }
259 interface CipherOCB extends Cipher {
260 setAAD(buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number }): this;
261 getAuthTag(): Buffer;
262 }
263 /** @deprecated since v10.0.0 use `createDecipheriv()` */
264 function createDecipher(algorithm: CipherCCMTypes, password: BinaryLike, options: CipherCCMOptions): DecipherCCM;
265 /** @deprecated since v10.0.0 use `createDecipheriv()` */
266 function createDecipher(algorithm: CipherGCMTypes, password: BinaryLike, options?: CipherGCMOptions): DecipherGCM;
267 /** @deprecated since v10.0.0 use `createDecipheriv()` */
268 function createDecipher(algorithm: string, password: BinaryLike, options?: stream.TransformOptions): Decipher;
269
270 function createDecipheriv(
271 algorithm: CipherCCMTypes,
272 key: CipherKey,
273 iv: BinaryLike,
274 options: CipherCCMOptions,
275 ): DecipherCCM;
276 function createDecipheriv(
277 algorithm: CipherOCBTypes,
278 key: CipherKey,
279 iv: BinaryLike,
280 options: CipherOCBOptions,
281 ): DecipherOCB;
282 function createDecipheriv(
283 algorithm: CipherGCMTypes,
284 key: CipherKey,
285 iv: BinaryLike,
286 options?: CipherGCMOptions,
287 ): DecipherGCM;
288 function createDecipheriv(
289 algorithm: string,
290 key: CipherKey,
291 iv: BinaryLike | null,
292 options?: stream.TransformOptions,
293 ): Decipher;
294
295 class Decipher extends stream.Transform {
296 private constructor();
297 update(data: NodeJS.ArrayBufferView): Buffer;
298 update(data: string, input_encoding: Encoding): Buffer;
299 update(data: NodeJS.ArrayBufferView, input_encoding: undefined, output_encoding: Encoding): string;
300 update(data: string, input_encoding: Encoding | undefined, output_encoding: Encoding): string;
301 final(): Buffer;
302 final(output_encoding: BufferEncoding): string;
303 setAutoPadding(auto_padding?: boolean): this;
304 // setAuthTag(tag: NodeJS.ArrayBufferView): this;
305 // setAAD(buffer: NodeJS.ArrayBufferView): this;
306 }
307 interface DecipherCCM extends Decipher {
308 setAuthTag(buffer: NodeJS.ArrayBufferView): this;
309 setAAD(buffer: NodeJS.ArrayBufferView, options: { plaintextLength: number }): this;
310 }
311 interface DecipherGCM extends Decipher {
312 setAuthTag(buffer: NodeJS.ArrayBufferView): this;
313 setAAD(buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number }): this;
314 }
315 interface DecipherOCB extends Decipher {
316 setAuthTag(buffer: NodeJS.ArrayBufferView): this;
317 setAAD(buffer: NodeJS.ArrayBufferView, options?: { plaintextLength: number }): this;
318 }
319
320 interface PrivateKeyInput {
321 key: string | Buffer;
322 format?: KeyFormat | undefined;
323 type?: 'pkcs1' | 'pkcs8' | 'sec1' | undefined;
324 passphrase?: string | Buffer | undefined;
325 }
326
327 interface PublicKeyInput {
328 key: string | Buffer;
329 format?: KeyFormat | undefined;
330 type?: 'pkcs1' | 'spki' | undefined;
331 }
332
333 function createPrivateKey(key: PrivateKeyInput | string | Buffer): KeyObject;
334 function createPublicKey(key: PublicKeyInput | string | Buffer | KeyObject): KeyObject;
335 function createSecretKey(key: NodeJS.ArrayBufferView): KeyObject;
336
337 function createSign(algorithm: string, options?: stream.WritableOptions): Signer;
338
339 type DSAEncoding = 'der' | 'ieee-p1363';
340
341 interface SigningOptions {
342 /**
343 * @See crypto.constants.RSA_PKCS1_PADDING
344 */
345 padding?: number | undefined;
346 saltLength?: number | undefined;
347 dsaEncoding?: DSAEncoding | undefined;
348 }
349
350 interface SignPrivateKeyInput extends PrivateKeyInput, SigningOptions {}
351 interface SignKeyObjectInput extends SigningOptions {
352 key: KeyObject;
353 }
354 interface VerifyPublicKeyInput extends PublicKeyInput, SigningOptions {}
355 interface VerifyKeyObjectInput extends SigningOptions {
356 key: KeyObject;
357 }
358
359 type KeyLike = string | Buffer | KeyObject;
360
361 class Signer extends stream.Writable {
362 private constructor();
363
364 update(data: BinaryLike): Signer;
365 update(data: string, input_encoding: Encoding): Signer;
366 sign(private_key: KeyLike | SignKeyObjectInput | SignPrivateKeyInput): Buffer;
367 sign(
368 private_key: KeyLike | SignKeyObjectInput | SignPrivateKeyInput,
369 output_format: BinaryToTextEncoding,
370 ): string;
371 }
372
373 function createVerify(algorithm: string, options?: stream.WritableOptions): Verify;
374 class Verify extends stream.Writable {
375 private constructor();
376
377 update(data: BinaryLike): Verify;
378 update(data: string, input_encoding: Encoding): Verify;
379 verify(
380 object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput,
381 signature: NodeJS.ArrayBufferView,
382 ): boolean;
383 verify(
384 object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput,
385 signature: string,
386 signature_format?: BinaryToTextEncoding,
387 ): boolean;
388 // https://nodejs.org/api/crypto.html#crypto_verifier_verify_object_signature_signature_format
389 // The signature field accepts a TypedArray type, but it is only available starting ES2017
390 }
391 function createDiffieHellman(prime_length: number, generator?: number | NodeJS.ArrayBufferView): DiffieHellman;
392 function createDiffieHellman(prime: NodeJS.ArrayBufferView): DiffieHellman;
393 function createDiffieHellman(prime: string, prime_encoding: BinaryToTextEncoding): DiffieHellman;
394 function createDiffieHellman(
395 prime: string,
396 prime_encoding: BinaryToTextEncoding,
397 generator: number | NodeJS.ArrayBufferView,
398 ): DiffieHellman;
399 function createDiffieHellman(
400 prime: string,
401 prime_encoding: BinaryToTextEncoding,
402 generator: string,
403 generator_encoding: BinaryToTextEncoding,
404 ): DiffieHellman;
405 class DiffieHellman {
406 private constructor();
407 generateKeys(): Buffer;
408 generateKeys(encoding: BinaryToTextEncoding): string;
409 computeSecret(otherPublicKey: NodeJS.ArrayBufferView, inputEncoding?: null, outputEncoding?: null): Buffer;
410 computeSecret(otherPublicKey: string, inputEncoding: BinaryToTextEncoding, outputEncoding?: null): Buffer;
411 computeSecret(otherPublicKey: NodeJS.ArrayBufferView, inputEncoding: null, outputEncoding: BinaryToTextEncoding): string;
412 computeSecret(
413 other_public_key: string,
414 input_encoding: BinaryToTextEncoding,
415 output_encoding: BinaryToTextEncoding,
416 ): string;
417 getPrime(): Buffer;
418 getPrime(encoding: BinaryToTextEncoding): string;
419 getGenerator(): Buffer;
420 getGenerator(encoding: BinaryToTextEncoding): string;
421 getPublicKey(): Buffer;
422 getPublicKey(encoding: BinaryToTextEncoding): string;
423 getPrivateKey(): Buffer;
424 getPrivateKey(encoding: BinaryToTextEncoding): string;
425 setPublicKey(public_key: NodeJS.ArrayBufferView): void;
426 setPublicKey(public_key: string, encoding: BufferEncoding): void;
427 setPrivateKey(private_key: NodeJS.ArrayBufferView): void;
428 setPrivateKey(private_key: string, encoding: BufferEncoding): void;
429 verifyError: number;
430 }
431 /**
432 * The `DiffieHellmanGroup` class takes a well-known modp group as its argument.
433 * It works the same as `DiffieHellman`, except that it does not allow changing its keys after creation.
434 * In other words, it does not implement `setPublicKey()` or `setPrivateKey()` methods.
435 *
436 * ```js
437 * const { createDiffieHellmanGroup } = await import('node:crypto');
438 * const dh = createDiffieHellmanGroup('modp1');
439 * ```
440 * The name (e.g. `'modp1'`) is taken from [RFC 2412](https://www.rfc-editor.org/rfc/rfc2412.txt) (modp1 and 2) and [RFC 3526](https://www.rfc-editor.org/rfc/rfc3526.txt):
441 * ```bash
442 * $ perl -ne 'print "$1\n" if /"(modp\d+)"/' src/node_crypto_groups.h
443 * modp1 # 768 bits
444 * modp2 # 1024 bits
445 * modp5 # 1536 bits
446 * modp14 # 2048 bits
447 * modp15 # etc.
448 * modp16
449 * modp17
450 * modp18
451 * ```
452 * @since v0.7.5
453 */
454 const DiffieHellmanGroup: DiffieHellmanGroupConstructor;
455 interface DiffieHellmanGroupConstructor {
456 new(name: string): DiffieHellmanGroup;
457 (name: string): DiffieHellmanGroup;
458 readonly prototype: DiffieHellmanGroup;
459 }
460 type DiffieHellmanGroup = Omit<DiffieHellman, 'setPublicKey' | 'setPrivateKey'>;
461 function getDiffieHellman(groupName: string): DiffieHellmanGroup;
462 /**
463 * An alias for {@link getDiffieHellman}
464 * @since v0.9.3
465 */
466 function createDiffieHellmanGroup(name: string): DiffieHellmanGroup;
467 function pbkdf2(
468 password: BinaryLike,
469 salt: BinaryLike,
470 iterations: number,
471 keylen: number,
472 digest: string,
473 callback: (err: Error | null, derivedKey: Buffer) => any,
474 ): void;
475 function pbkdf2Sync(
476 password: BinaryLike,
477 salt: BinaryLike,
478 iterations: number,
479 keylen: number,
480 digest: string,
481 ): Buffer;
482
483 function randomBytes(size: number): Buffer;
484 function randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
485 function pseudoRandomBytes(size: number): Buffer;
486 function pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
487
488 function randomInt(max: number): number;
489 function randomInt(min: number, max: number): number;
490 function randomInt(max: number, callback: (err: Error | null, value: number) => void): void;
491 function randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void;
492
493 function randomFillSync<T extends NodeJS.ArrayBufferView>(buffer: T, offset?: number, size?: number): T;
494 function randomFill<T extends NodeJS.ArrayBufferView>(
495 buffer: T,
496 callback: (err: Error | null, buf: T) => void,
497 ): void;
498 function randomFill<T extends NodeJS.ArrayBufferView>(
499 buffer: T,
500 offset: number,
501 callback: (err: Error | null, buf: T) => void,
502 ): void;
503 function randomFill<T extends NodeJS.ArrayBufferView>(
504 buffer: T,
505 offset: number,
506 size: number,
507 callback: (err: Error | null, buf: T) => void,
508 ): void;
509
510 interface RandomUUIDOptions {
511 /**
512 * By default, to improve performance,
513 * Node.js will pre-emptively generate and persistently cache enough
514 * random data to generate up to 128 random UUIDs. To generate a UUID
515 * without using the cache, set `disableEntropyCache` to `true`.
516 *
517 * @default `false`
518 */
519 disableEntropyCache?: boolean | undefined;
520 }
521
522 function randomUUID(options?: RandomUUIDOptions): string;
523
524 interface ScryptOptions {
525 cost?: number | undefined;
526 blockSize?: number | undefined;
527 parallelization?: number | undefined;
528 N?: number | undefined;
529 r?: number | undefined;
530 p?: number | undefined;
531 maxmem?: number | undefined;
532 }
533 function scrypt(
534 password: BinaryLike,
535 salt: BinaryLike,
536 keylen: number,
537 callback: (err: Error | null, derivedKey: Buffer) => void,
538 ): void;
539 function scrypt(
540 password: BinaryLike,
541 salt: BinaryLike,
542 keylen: number,
543 options: ScryptOptions,
544 callback: (err: Error | null, derivedKey: Buffer) => void,
545 ): void;
546 function scryptSync(password: BinaryLike, salt: BinaryLike, keylen: number, options?: ScryptOptions): Buffer;
547
548 interface RsaPublicKey {
549 key: KeyLike;
550 padding?: number | undefined;
551 }
552 interface RsaPrivateKey {
553 key: KeyLike;
554 passphrase?: string | undefined;
555 /**
556 * @default 'sha1'
557 */
558 oaepHash?: string | undefined;
559 oaepLabel?: NodeJS.TypedArray | undefined;
560 padding?: number | undefined;
561 }
562 function publicEncrypt(key: RsaPublicKey | RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
563 function publicDecrypt(key: RsaPublicKey | RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
564 function privateDecrypt(private_key: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
565 function privateEncrypt(private_key: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
566 function getCiphers(): string[];
567 function getCurves(): string[];
568 function getFips(): 1 | 0;
569 /**
570 * Enables the FIPS compliant crypto provider in a FIPS-enabled Node.js build. Throws an error if FIPS mode is not available.
571 * @since v10.0.0
572 * @param bool `true` to enable FIPS mode.
573 */
574 function setFips(bool: boolean): void;
575 function getHashes(): string[];
576 class ECDH {
577 private constructor();
578 static convertKey(
579 key: BinaryLike,
580 curve: string,
581 inputEncoding?: BinaryToTextEncoding,
582 outputEncoding?: 'latin1' | 'hex' | 'base64' | 'base64url',
583 format?: 'uncompressed' | 'compressed' | 'hybrid',
584 ): Buffer | string;
585 generateKeys(): Buffer;
586 generateKeys(encoding: BinaryToTextEncoding, format?: ECDHKeyFormat): string;
587 computeSecret(other_public_key: NodeJS.ArrayBufferView): Buffer;
588 computeSecret(other_public_key: string, input_encoding: BinaryToTextEncoding): Buffer;
589 computeSecret(other_public_key: NodeJS.ArrayBufferView, output_encoding: BinaryToTextEncoding): string;
590 computeSecret(
591 other_public_key: string,
592 input_encoding: BinaryToTextEncoding,
593 output_encoding: BinaryToTextEncoding,
594 ): string;
595 getPrivateKey(): Buffer;
596 getPrivateKey(encoding: BinaryToTextEncoding): string;
597 getPublicKey(): Buffer;
598 getPublicKey(encoding: BinaryToTextEncoding, format?: ECDHKeyFormat): string;
599 setPrivateKey(private_key: NodeJS.ArrayBufferView): void;
600 setPrivateKey(private_key: string, encoding: BinaryToTextEncoding): void;
601 }
602 function createECDH(curve_name: string): ECDH;
603 function timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
604 /** @deprecated since v10.0.0 */
605 const DEFAULT_ENCODING: BufferEncoding;
606
607 type KeyType = 'rsa' | 'dsa' | 'ec' | 'ed25519' | 'ed448' | 'x25519' | 'x448';
608 type KeyFormat = 'pem' | 'der';
609
610 interface BasePrivateKeyEncodingOptions<T extends KeyFormat> {
611 format: T;
612 cipher?: string | undefined;
613 passphrase?: string | undefined;
614 }
615
616 interface KeyPairKeyObjectResult {
617 publicKey: KeyObject;
618 privateKey: KeyObject;
619 }
620
621 interface ED25519KeyPairKeyObjectOptions {
622 /**
623 * No options.
624 */
625 }
626
627 interface ED448KeyPairKeyObjectOptions {
628 /**
629 * No options.
630 */
631 }
632
633 interface X25519KeyPairKeyObjectOptions {
634 /**
635 * No options.
636 */
637 }
638
639 interface X448KeyPairKeyObjectOptions {
640 /**
641 * No options.
642 */
643 }
644
645 interface ECKeyPairKeyObjectOptions {
646 /**
647 * Name of the curve to use.
648 */
649 namedCurve: string;
650 }
651
652 interface RSAKeyPairKeyObjectOptions {
653 /**
654 * Key size in bits
655 */
656 modulusLength: number;
657
658 /**
659 * @default 0x10001
660 */
661 publicExponent?: number | undefined;
662 }
663
664 interface DSAKeyPairKeyObjectOptions {
665 /**
666 * Key size in bits
667 */
668 modulusLength: number;
669
670 /**
671 * Size of q in bits
672 */
673 divisorLength: number;
674 }
675
676 interface RSAKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
677 /**
678 * Key size in bits
679 */
680 modulusLength: number;
681 /**
682 * @default 0x10001
683 */
684 publicExponent?: number | undefined;
685
686 publicKeyEncoding: {
687 type: 'pkcs1' | 'spki';
688 format: PubF;
689 };
690 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
691 type: 'pkcs1' | 'pkcs8';
692 };
693 }
694
695 interface DSAKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
696 /**
697 * Key size in bits
698 */
699 modulusLength: number;
700 /**
701 * Size of q in bits
702 */
703 divisorLength: number;
704
705 publicKeyEncoding: {
706 type: 'spki';
707 format: PubF;
708 };
709 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
710 type: 'pkcs8';
711 };
712 }
713
714 interface ECKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
715 /**
716 * Name of the curve to use.
717 */
718 namedCurve: string;
719
720 publicKeyEncoding: {
721 type: 'pkcs1' | 'spki';
722 format: PubF;
723 };
724 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
725 type: 'sec1' | 'pkcs8';
726 };
727 }
728
729 interface ED25519KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
730 publicKeyEncoding: {
731 type: 'spki';
732 format: PubF;
733 };
734 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
735 type: 'pkcs8';
736 };
737 }
738
739 interface ED448KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
740 publicKeyEncoding: {
741 type: 'spki';
742 format: PubF;
743 };
744 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
745 type: 'pkcs8';
746 };
747 }
748
749 interface X25519KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
750 publicKeyEncoding: {
751 type: 'spki';
752 format: PubF;
753 };
754 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
755 type: 'pkcs8';
756 };
757 }
758
759 interface X448KeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
760 publicKeyEncoding: {
761 type: 'spki';
762 format: PubF;
763 };
764 privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
765 type: 'pkcs8';
766 };
767 }
768
769 interface KeyPairSyncResult<T1 extends string | Buffer, T2 extends string | Buffer> {
770 publicKey: T1;
771 privateKey: T2;
772 }
773
774 function generateKeyPairSync(
775 type: 'rsa',
776 options: RSAKeyPairOptions<'pem', 'pem'>,
777 ): KeyPairSyncResult<string, string>;
778 function generateKeyPairSync(
779 type: 'rsa',
780 options: RSAKeyPairOptions<'pem', 'der'>,
781 ): KeyPairSyncResult<string, Buffer>;
782 function generateKeyPairSync(
783 type: 'rsa',
784 options: RSAKeyPairOptions<'der', 'pem'>,
785 ): KeyPairSyncResult<Buffer, string>;
786 function generateKeyPairSync(
787 type: 'rsa',
788 options: RSAKeyPairOptions<'der', 'der'>,
789 ): KeyPairSyncResult<Buffer, Buffer>;
790 function generateKeyPairSync(type: 'rsa', options: RSAKeyPairKeyObjectOptions): KeyPairKeyObjectResult;
791
792 function generateKeyPairSync(
793 type: 'dsa',
794 options: DSAKeyPairOptions<'pem', 'pem'>,
795 ): KeyPairSyncResult<string, string>;
796 function generateKeyPairSync(
797 type: 'dsa',
798 options: DSAKeyPairOptions<'pem', 'der'>,
799 ): KeyPairSyncResult<string, Buffer>;
800 function generateKeyPairSync(
801 type: 'dsa',
802 options: DSAKeyPairOptions<'der', 'pem'>,
803 ): KeyPairSyncResult<Buffer, string>;
804 function generateKeyPairSync(
805 type: 'dsa',
806 options: DSAKeyPairOptions<'der', 'der'>,
807 ): KeyPairSyncResult<Buffer, Buffer>;
808 function generateKeyPairSync(type: 'dsa', options: DSAKeyPairKeyObjectOptions): KeyPairKeyObjectResult;
809
810 function generateKeyPairSync(
811 type: 'ec',
812 options: ECKeyPairOptions<'pem', 'pem'>,
813 ): KeyPairSyncResult<string, string>;
814 function generateKeyPairSync(
815 type: 'ec',
816 options: ECKeyPairOptions<'pem', 'der'>,
817 ): KeyPairSyncResult<string, Buffer>;
818 function generateKeyPairSync(
819 type: 'ec',
820 options: ECKeyPairOptions<'der', 'pem'>,
821 ): KeyPairSyncResult<Buffer, string>;
822 function generateKeyPairSync(
823 type: 'ec',
824 options: ECKeyPairOptions<'der', 'der'>,
825 ): KeyPairSyncResult<Buffer, Buffer>;
826 function generateKeyPairSync(type: 'ec', options: ECKeyPairKeyObjectOptions): KeyPairKeyObjectResult;
827
828 function generateKeyPairSync(
829 type: 'ed25519',
830 options: ED25519KeyPairOptions<'pem', 'pem'>,
831 ): KeyPairSyncResult<string, string>;
832 function generateKeyPairSync(
833 type: 'ed25519',
834 options: ED25519KeyPairOptions<'pem', 'der'>,
835 ): KeyPairSyncResult<string, Buffer>;
836 function generateKeyPairSync(
837 type: 'ed25519',
838 options: ED25519KeyPairOptions<'der', 'pem'>,
839 ): KeyPairSyncResult<Buffer, string>;
840 function generateKeyPairSync(
841 type: 'ed25519',
842 options: ED25519KeyPairOptions<'der', 'der'>,
843 ): KeyPairSyncResult<Buffer, Buffer>;
844 function generateKeyPairSync(type: 'ed25519', options?: ED25519KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
845
846 function generateKeyPairSync(
847 type: 'ed448',
848 options: ED448KeyPairOptions<'pem', 'pem'>,
849 ): KeyPairSyncResult<string, string>;
850 function generateKeyPairSync(
851 type: 'ed448',
852 options: ED448KeyPairOptions<'pem', 'der'>,
853 ): KeyPairSyncResult<string, Buffer>;
854 function generateKeyPairSync(
855 type: 'ed448',
856 options: ED448KeyPairOptions<'der', 'pem'>,
857 ): KeyPairSyncResult<Buffer, string>;
858 function generateKeyPairSync(
859 type: 'ed448',
860 options: ED448KeyPairOptions<'der', 'der'>,
861 ): KeyPairSyncResult<Buffer, Buffer>;
862 function generateKeyPairSync(type: 'ed448', options?: ED448KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
863
864 function generateKeyPairSync(
865 type: 'x25519',
866 options: X25519KeyPairOptions<'pem', 'pem'>,
867 ): KeyPairSyncResult<string, string>;
868 function generateKeyPairSync(
869 type: 'x25519',
870 options: X25519KeyPairOptions<'pem', 'der'>,
871 ): KeyPairSyncResult<string, Buffer>;
872 function generateKeyPairSync(
873 type: 'x25519',
874 options: X25519KeyPairOptions<'der', 'pem'>,
875 ): KeyPairSyncResult<Buffer, string>;
876 function generateKeyPairSync(
877 type: 'x25519',
878 options: X25519KeyPairOptions<'der', 'der'>,
879 ): KeyPairSyncResult<Buffer, Buffer>;
880 function generateKeyPairSync(type: 'x25519', options?: X25519KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
881
882 function generateKeyPairSync(
883 type: 'x448',
884 options: X448KeyPairOptions<'pem', 'pem'>,
885 ): KeyPairSyncResult<string, string>;
886 function generateKeyPairSync(
887 type: 'x448',
888 options: X448KeyPairOptions<'pem', 'der'>,
889 ): KeyPairSyncResult<string, Buffer>;
890 function generateKeyPairSync(
891 type: 'x448',
892 options: X448KeyPairOptions<'der', 'pem'>,
893 ): KeyPairSyncResult<Buffer, string>;
894 function generateKeyPairSync(
895 type: 'x448',
896 options: X448KeyPairOptions<'der', 'der'>,
897 ): KeyPairSyncResult<Buffer, Buffer>;
898 function generateKeyPairSync(type: 'x448', options?: X448KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
899
900 function generateKeyPair(
901 type: 'rsa',
902 options: RSAKeyPairOptions<'pem', 'pem'>,
903 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
904 ): void;
905 function generateKeyPair(
906 type: 'rsa',
907 options: RSAKeyPairOptions<'pem', 'der'>,
908 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
909 ): void;
910 function generateKeyPair(
911 type: 'rsa',
912 options: RSAKeyPairOptions<'der', 'pem'>,
913 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
914 ): void;
915 function generateKeyPair(
916 type: 'rsa',
917 options: RSAKeyPairOptions<'der', 'der'>,
918 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
919 ): void;
920 function generateKeyPair(
921 type: 'rsa',
922 options: RSAKeyPairKeyObjectOptions,
923 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
924 ): void;
925
926 function generateKeyPair(
927 type: 'dsa',
928 options: DSAKeyPairOptions<'pem', 'pem'>,
929 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
930 ): void;
931 function generateKeyPair(
932 type: 'dsa',
933 options: DSAKeyPairOptions<'pem', 'der'>,
934 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
935 ): void;
936 function generateKeyPair(
937 type: 'dsa',
938 options: DSAKeyPairOptions<'der', 'pem'>,
939 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
940 ): void;
941 function generateKeyPair(
942 type: 'dsa',
943 options: DSAKeyPairOptions<'der', 'der'>,
944 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
945 ): void;
946 function generateKeyPair(
947 type: 'dsa',
948 options: DSAKeyPairKeyObjectOptions,
949 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
950 ): void;
951
952 function generateKeyPair(
953 type: 'ec',
954 options: ECKeyPairOptions<'pem', 'pem'>,
955 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
956 ): void;
957 function generateKeyPair(
958 type: 'ec',
959 options: ECKeyPairOptions<'pem', 'der'>,
960 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
961 ): void;
962 function generateKeyPair(
963 type: 'ec',
964 options: ECKeyPairOptions<'der', 'pem'>,
965 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
966 ): void;
967 function generateKeyPair(
968 type: 'ec',
969 options: ECKeyPairOptions<'der', 'der'>,
970 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
971 ): void;
972 function generateKeyPair(
973 type: 'ec',
974 options: ECKeyPairKeyObjectOptions,
975 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
976 ): void;
977
978 function generateKeyPair(
979 type: 'ed25519',
980 options: ED25519KeyPairOptions<'pem', 'pem'>,
981 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
982 ): void;
983 function generateKeyPair(
984 type: 'ed25519',
985 options: ED25519KeyPairOptions<'pem', 'der'>,
986 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
987 ): void;
988 function generateKeyPair(
989 type: 'ed25519',
990 options: ED25519KeyPairOptions<'der', 'pem'>,
991 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
992 ): void;
993 function generateKeyPair(
994 type: 'ed25519',
995 options: ED25519KeyPairOptions<'der', 'der'>,
996 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
997 ): void;
998 function generateKeyPair(
999 type: 'ed25519',
1000 options: ED25519KeyPairKeyObjectOptions | undefined,
1001 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
1002 ): void;
1003
1004 function generateKeyPair(
1005 type: 'ed448',
1006 options: ED448KeyPairOptions<'pem', 'pem'>,
1007 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
1008 ): void;
1009 function generateKeyPair(
1010 type: 'ed448',
1011 options: ED448KeyPairOptions<'pem', 'der'>,
1012 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
1013 ): void;
1014 function generateKeyPair(
1015 type: 'ed448',
1016 options: ED448KeyPairOptions<'der', 'pem'>,
1017 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
1018 ): void;
1019 function generateKeyPair(
1020 type: 'ed448',
1021 options: ED448KeyPairOptions<'der', 'der'>,
1022 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
1023 ): void;
1024 function generateKeyPair(
1025 type: 'ed448',
1026 options: ED448KeyPairKeyObjectOptions | undefined,
1027 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
1028 ): void;
1029
1030 function generateKeyPair(
1031 type: 'x25519',
1032 options: X25519KeyPairOptions<'pem', 'pem'>,
1033 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
1034 ): void;
1035 function generateKeyPair(
1036 type: 'x25519',
1037 options: X25519KeyPairOptions<'pem', 'der'>,
1038 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
1039 ): void;
1040 function generateKeyPair(
1041 type: 'x25519',
1042 options: X25519KeyPairOptions<'der', 'pem'>,
1043 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
1044 ): void;
1045 function generateKeyPair(
1046 type: 'x25519',
1047 options: X25519KeyPairOptions<'der', 'der'>,
1048 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
1049 ): void;
1050 function generateKeyPair(
1051 type: 'x25519',
1052 options: X25519KeyPairKeyObjectOptions | undefined,
1053 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
1054 ): void;
1055
1056 function generateKeyPair(
1057 type: 'x448',
1058 options: X448KeyPairOptions<'pem', 'pem'>,
1059 callback: (err: Error | null, publicKey: string, privateKey: string) => void,
1060 ): void;
1061 function generateKeyPair(
1062 type: 'x448',
1063 options: X448KeyPairOptions<'pem', 'der'>,
1064 callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
1065 ): void;
1066 function generateKeyPair(
1067 type: 'x448',
1068 options: X448KeyPairOptions<'der', 'pem'>,
1069 callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
1070 ): void;
1071 function generateKeyPair(
1072 type: 'x448',
1073 options: X448KeyPairOptions<'der', 'der'>,
1074 callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
1075 ): void;
1076 function generateKeyPair(
1077 type: 'x448',
1078 options: X448KeyPairKeyObjectOptions | undefined,
1079 callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
1080 ): void;
1081
1082 namespace generateKeyPair {
1083 function __promisify__(
1084 type: 'rsa',
1085 options: RSAKeyPairOptions<'pem', 'pem'>,
1086 ): Promise<{ publicKey: string; privateKey: string }>;
1087 function __promisify__(
1088 type: 'rsa',
1089 options: RSAKeyPairOptions<'pem', 'der'>,
1090 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1091 function __promisify__(
1092 type: 'rsa',
1093 options: RSAKeyPairOptions<'der', 'pem'>,
1094 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1095 function __promisify__(
1096 type: 'rsa',
1097 options: RSAKeyPairOptions<'der', 'der'>,
1098 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1099 function __promisify__(type: 'rsa', options: RSAKeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1100
1101 function __promisify__(
1102 type: 'dsa',
1103 options: DSAKeyPairOptions<'pem', 'pem'>,
1104 ): Promise<{ publicKey: string; privateKey: string }>;
1105 function __promisify__(
1106 type: 'dsa',
1107 options: DSAKeyPairOptions<'pem', 'der'>,
1108 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1109 function __promisify__(
1110 type: 'dsa',
1111 options: DSAKeyPairOptions<'der', 'pem'>,
1112 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1113 function __promisify__(
1114 type: 'dsa',
1115 options: DSAKeyPairOptions<'der', 'der'>,
1116 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1117 function __promisify__(type: 'dsa', options: DSAKeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1118
1119 function __promisify__(
1120 type: 'ec',
1121 options: ECKeyPairOptions<'pem', 'pem'>,
1122 ): Promise<{ publicKey: string; privateKey: string }>;
1123 function __promisify__(
1124 type: 'ec',
1125 options: ECKeyPairOptions<'pem', 'der'>,
1126 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1127 function __promisify__(
1128 type: 'ec',
1129 options: ECKeyPairOptions<'der', 'pem'>,
1130 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1131 function __promisify__(
1132 type: 'ec',
1133 options: ECKeyPairOptions<'der', 'der'>,
1134 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1135 function __promisify__(type: 'ec', options: ECKeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1136
1137 function __promisify__(
1138 type: 'ed25519',
1139 options: ED25519KeyPairOptions<'pem', 'pem'>,
1140 ): Promise<{ publicKey: string; privateKey: string }>;
1141 function __promisify__(
1142 type: 'ed25519',
1143 options: ED25519KeyPairOptions<'pem', 'der'>,
1144 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1145 function __promisify__(
1146 type: 'ed25519',
1147 options: ED25519KeyPairOptions<'der', 'pem'>,
1148 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1149 function __promisify__(
1150 type: 'ed25519',
1151 options: ED25519KeyPairOptions<'der', 'der'>,
1152 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1153 function __promisify__(
1154 type: 'ed25519',
1155 options?: ED25519KeyPairKeyObjectOptions,
1156 ): Promise<KeyPairKeyObjectResult>;
1157
1158 function __promisify__(
1159 type: 'ed448',
1160 options: ED448KeyPairOptions<'pem', 'pem'>,
1161 ): Promise<{ publicKey: string; privateKey: string }>;
1162 function __promisify__(
1163 type: 'ed448',
1164 options: ED448KeyPairOptions<'pem', 'der'>,
1165 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1166 function __promisify__(
1167 type: 'ed448',
1168 options: ED448KeyPairOptions<'der', 'pem'>,
1169 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1170 function __promisify__(
1171 type: 'ed448',
1172 options: ED448KeyPairOptions<'der', 'der'>,
1173 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1174 function __promisify__(type: 'ed448', options?: ED448KeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1175
1176 function __promisify__(
1177 type: 'x25519',
1178 options: X25519KeyPairOptions<'pem', 'pem'>,
1179 ): Promise<{ publicKey: string; privateKey: string }>;
1180 function __promisify__(
1181 type: 'x25519',
1182 options: X25519KeyPairOptions<'pem', 'der'>,
1183 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1184 function __promisify__(
1185 type: 'x25519',
1186 options: X25519KeyPairOptions<'der', 'pem'>,
1187 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1188 function __promisify__(
1189 type: 'x25519',
1190 options: X25519KeyPairOptions<'der', 'der'>,
1191 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1192 function __promisify__(
1193 type: 'x25519',
1194 options?: X25519KeyPairKeyObjectOptions,
1195 ): Promise<KeyPairKeyObjectResult>;
1196
1197 function __promisify__(
1198 type: 'x448',
1199 options: X448KeyPairOptions<'pem', 'pem'>,
1200 ): Promise<{ publicKey: string; privateKey: string }>;
1201 function __promisify__(
1202 type: 'x448',
1203 options: X448KeyPairOptions<'pem', 'der'>,
1204 ): Promise<{ publicKey: string; privateKey: Buffer }>;
1205 function __promisify__(
1206 type: 'x448',
1207 options: X448KeyPairOptions<'der', 'pem'>,
1208 ): Promise<{ publicKey: Buffer; privateKey: string }>;
1209 function __promisify__(
1210 type: 'x448',
1211 options: X448KeyPairOptions<'der', 'der'>,
1212 ): Promise<{ publicKey: Buffer; privateKey: Buffer }>;
1213 function __promisify__(type: 'x448', options?: X448KeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
1214 }
1215
1216 /**
1217 * Calculates and returns the signature for `data` using the given private key and
1218 * algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is
1219 * dependent upon the key type (especially Ed25519 and Ed448).
1220 *
1221 * If `key` is not a [`KeyObject`][], this function behaves as if `key` had been
1222 * passed to [`crypto.createPrivateKey()`][].
1223 */
1224 function sign(
1225 algorithm: string | null | undefined,
1226 data: NodeJS.ArrayBufferView,
1227 key: KeyLike | SignKeyObjectInput | SignPrivateKeyInput,
1228 ): Buffer;
1229
1230 /**
1231 * Calculates and returns the signature for `data` using the given private key and
1232 * algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is
1233 * dependent upon the key type (especially Ed25519 and Ed448).
1234 *
1235 * If `key` is not a [`KeyObject`][], this function behaves as if `key` had been
1236 * passed to [`crypto.createPublicKey()`][].
1237 */
1238 function verify(
1239 algorithm: string | null | undefined,
1240 data: NodeJS.ArrayBufferView,
1241 key: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput,
1242 signature: NodeJS.ArrayBufferView,
1243 ): boolean;
1244
1245 /**
1246 * Computes the Diffie-Hellman secret based on a privateKey and a publicKey.
1247 * Both keys must have the same asymmetricKeyType, which must be one of
1248 * 'dh' (for Diffie-Hellman), 'ec' (for ECDH), 'x448', or 'x25519' (for ECDH-ES).
1249 */
1250 function diffieHellman(options: { privateKey: KeyObject; publicKey: KeyObject }): Buffer;
1251 /**
1252 * Load and set the `engine` for some or all OpenSSL functions (selected by flags).
1253 *
1254 * `engine` could be either an id or a path to the engine's shared library.
1255 *
1256 * The optional `flags` argument uses `ENGINE_METHOD_ALL` by default.
1257 * The `flags` is a bit field taking one of or a mix of the following flags (defined in `crypto.constants`):
1258 *
1259 * - `crypto.constants.ENGINE_METHOD_RSA`
1260 * - `crypto.constants.ENGINE_METHOD_DSA`
1261 * - `crypto.constants.ENGINE_METHOD_DH`
1262 * - `crypto.constants.ENGINE_METHOD_RAND`
1263 * - `crypto.constants.ENGINE_METHOD_EC`
1264 * - `crypto.constants.ENGINE_METHOD_CIPHERS`
1265 * - `crypto.constants.ENGINE_METHOD_DIGESTS`
1266 * - `crypto.constants.ENGINE_METHOD_PKEY_METHS`
1267 * - `crypto.constants.ENGINE_METHOD_PKEY_ASN1_METHS`
1268 * - `crypto.constants.ENGINE_METHOD_ALL`
1269 * - `crypto.constants.ENGINE_METHOD_NONE`
1270 *
1271 * The flags below are deprecated in OpenSSL-1.1.0.
1272 *
1273 * - `crypto.constants.ENGINE_METHOD_ECDH`
1274 * - `crypto.constants.ENGINE_METHOD_ECDSA`
1275 * - `crypto.constants.ENGINE_METHOD_STORE`
1276 * @since v0.11.11
1277 * @param [flags=crypto.constants.ENGINE_METHOD_ALL]
1278 */
1279 function setEngine(engine: string, flags?: number): void;
1280}
1281declare module 'node:crypto' {
1282 export * from 'crypto';
1283}
1284
\No newline at end of file