diff --git a/doc/api/crypto.md b/doc/api/crypto.md index 5de68740aa3fe8..ae6e51ef13accf 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -36,7 +36,7 @@ try { } ``` -## Class: Certificate +## Class: `Certificate` @@ -51,7 +51,7 @@ The `crypto` module provides the `Certificate` class for working with SPKAC data. The most common usage is handling output generated by the HTML5 `` element. Node.js uses [OpenSSL's SPKAC implementation][] internally. -### Certificate.exportChallenge(spkac) +### `Certificate.exportChallenge(spkac)` @@ -68,7 +68,7 @@ console.log(challenge.toString('utf8')); // Prints: the challenge as a UTF8 string ``` -### Certificate.exportPublicKey(spkac\[, encoding\]) +### `Certificate.exportPublicKey(spkac[, encoding])` @@ -86,7 +86,7 @@ console.log(publicKey); // Prints: the public key as ``` -### Certificate.verifySpkac(spkac) +### `Certificate.verifySpkac(spkac)` @@ -108,7 +108,7 @@ As a still supported legacy interface, it is possible (but not recommended) to create new instances of the `crypto.Certificate` class as illustrated in the examples below. -#### new crypto.Certificate() +#### `new crypto.Certificate()` Instances of the `Certificate` class can be created using the `new` keyword or by calling `crypto.Certificate()` as a function: @@ -120,7 +120,7 @@ const cert1 = new crypto.Certificate(); const cert2 = crypto.Certificate(); ``` -#### certificate.exportChallenge(spkac) +#### `certificate.exportChallenge(spkac)` @@ -137,7 +137,7 @@ console.log(challenge.toString('utf8')); // Prints: the challenge as a UTF8 string ``` -#### certificate.exportPublicKey(spkac) +#### `certificate.exportPublicKey(spkac)` @@ -154,7 +154,7 @@ console.log(publicKey); // Prints: the public key as ``` -#### certificate.verifySpkac(spkac) +#### `certificate.verifySpkac(spkac)` @@ -170,7 +170,7 @@ console.log(cert.verifySpkac(Buffer.from(spkac))); // Prints: true or false ``` -## Class: Cipher +## Class: `Cipher` @@ -265,7 +265,7 @@ console.log(encrypted); // Prints: e5f79c5915c02171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffa ``` -### cipher.final(\[outputEncoding\]) +### `cipher.final([outputEncoding])` @@ -279,7 +279,7 @@ Once the `cipher.final()` method has been called, the `Cipher` object can no longer be used to encrypt data. Attempts to call `cipher.final()` more than once will result in an error being thrown. -### cipher.setAAD(buffer\[, options\]) +### `cipher.setAAD(buffer[, options])` @@ -299,7 +299,7 @@ of the plaintext in bytes. See [CCM mode][]. The `cipher.setAAD()` method must be called before [`cipher.update()`][]. -### cipher.getAuthTag() +### `cipher.getAuthTag()` @@ -312,7 +312,7 @@ added: v1.0.0 The `cipher.getAuthTag()` method should only be called after encryption has been completed using the [`cipher.final()`][] method. -### cipher.setAutoPadding(\[autoPadding\]) +### `cipher.setAutoPadding([autoPadding])` @@ -332,7 +332,7 @@ using `0x0` instead of PKCS padding. The `cipher.setAutoPadding()` method must be called before [`cipher.final()`][]. -### cipher.update(data\[, inputEncoding\]\[, outputEncoding\]) +### `cipher.update(data[, inputEncoding][, outputEncoding])` @@ -459,7 +459,7 @@ console.log(decrypted); // Prints: some clear text data ``` -### decipher.final(\[outputEncoding\]) +### `decipher.final([outputEncoding])` @@ -473,7 +473,7 @@ Once the `decipher.final()` method has been called, the `Decipher` object can no longer be used to decrypt data. Attempts to call `decipher.final()` more than once will result in an error being thrown. -### decipher.setAAD(buffer\[, options\]) +### `decipher.setAAD(buffer[, options])` @@ -541,7 +541,7 @@ multiple of the ciphers block size. The `decipher.setAutoPadding()` method must be called before [`decipher.final()`][]. -### decipher.update(data\[, inputEncoding\]\[, outputEncoding\]) +### `decipher.update(data[, inputEncoding][, outputEncoding])` @@ -601,7 +601,7 @@ const bobSecret = bob.computeSecret(aliceKey); assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex')); ``` -### diffieHellman.computeSecret(otherPublicKey\[, inputEncoding\]\[, outputEncoding\]) +### `diffieHellman.computeSecret(otherPublicKey[, inputEncoding][, outputEncoding])` @@ -622,7 +622,7 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], If `outputEncoding` is given a string is returned; otherwise, a [`Buffer`][] is returned. -### diffieHellman.generateKeys(\[encoding\]) +### `diffieHellman.generateKeys([encoding])` @@ -636,7 +636,7 @@ transferred to the other party. If `encoding` is provided a string is returned; otherwise a [`Buffer`][] is returned. -### diffieHellman.getGenerator(\[encoding\]) +### `diffieHellman.getGenerator([encoding])` @@ -648,7 +648,7 @@ Returns the Diffie-Hellman generator in the specified `encoding`. If `encoding` is provided a string is returned; otherwise a [`Buffer`][] is returned. -### diffieHellman.getPrime(\[encoding\]) +### `diffieHellman.getPrime([encoding])` @@ -660,7 +660,7 @@ Returns the Diffie-Hellman prime in the specified `encoding`. If `encoding` is provided a string is returned; otherwise a [`Buffer`][] is returned. -### diffieHellman.getPrivateKey(\[encoding\]) +### `diffieHellman.getPrivateKey([encoding])` @@ -672,7 +672,7 @@ Returns the Diffie-Hellman private key in the specified `encoding`. If `encoding` is provided a string is returned; otherwise a [`Buffer`][] is returned. -### diffieHellman.getPublicKey(\[encoding\]) +### `diffieHellman.getPublicKey([encoding])` @@ -684,7 +684,7 @@ Returns the Diffie-Hellman public key in the specified `encoding`. If `encoding` is provided a string is returned; otherwise a [`Buffer`][] is returned. -### diffieHellman.setPrivateKey(privateKey\[, encoding\]) +### `diffieHellman.setPrivateKey(privateKey[, encoding])` @@ -697,7 +697,7 @@ Sets the Diffie-Hellman private key. If the `encoding` argument is provided, to be a string. If no `encoding` is provided, `privateKey` is expected to be a [`Buffer`][], `TypedArray`, or `DataView`. -### diffieHellman.setPublicKey(publicKey\[, encoding\]) +### `diffieHellman.setPublicKey(publicKey[, encoding])` @@ -710,7 +710,7 @@ Sets the Diffie-Hellman public key. If the `encoding` argument is provided, to be a string. If no `encoding` is provided, `publicKey` is expected to be a [`Buffer`][], `TypedArray`, or `DataView`. -### diffieHellman.verifyError +### `diffieHellman.verifyError` @@ -726,7 +726,7 @@ module): * `DH_UNABLE_TO_CHECK_GENERATOR` * `DH_NOT_SUITABLE_GENERATOR` -## Class: DiffieHellmanGroup +## Class: `DiffieHellmanGroup` @@ -753,7 +753,7 @@ modp17 modp18 ``` -## Class: ECDH +## Class: `ECDH` @@ -784,7 +784,7 @@ assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex')); // OK ``` -### Class Method: ECDH.convertKey(key, curve\[, inputEncoding\[, outputEncoding\[, format\]\]\]) +### Class Method: `ECDH.convertKey(key, curve[, inputEncoding[, outputEncoding[, format]]])` @@ -832,7 +832,7 @@ const uncompressedKey = ECDH.convertKey(compressedKey, console.log(uncompressedKey === ecdh.getPublicKey('hex')); ``` -### ecdh.computeSecret(otherPublicKey\[, inputEncoding\]\[, outputEncoding\]) +### `ecdh.computeSecret(otherPublicKey[, inputEncoding][, outputEncoding])` @@ -887,7 +887,7 @@ The `format` argument specifies point encoding and can be `'compressed'` or If `encoding` is provided a string is returned; otherwise a [`Buffer`][] is returned. -### ecdh.getPrivateKey(\[encoding\]) +### `ecdh.getPrivateKey([encoding])` @@ -898,7 +898,7 @@ added: v0.11.14 If `encoding` is specified, a string is returned; otherwise a [`Buffer`][] is returned. -### ecdh.getPublicKey(\[encoding\]\[, format\]) +### `ecdh.getPublicKey([encoding][, format])` @@ -915,7 +915,7 @@ The `format` argument specifies point encoding and can be `'compressed'` or If `encoding` is specified, a string is returned; otherwise a [`Buffer`][] is returned. -### ecdh.setPrivateKey(privateKey\[, encoding\]) +### `ecdh.setPrivateKey(privateKey[, encoding])` @@ -932,7 +932,7 @@ If `privateKey` is not valid for the curve specified when the `ECDH` object was created, an error is thrown. Upon setting the private key, the associated public point (key) is also generated and set in the `ECDH` object. -### ecdh.setPublicKey(publicKey\[, encoding\]) +### `ecdh.setPublicKey(publicKey[, encoding])` @@ -1041,7 +1041,7 @@ console.log(hash.digest('hex')); // 6a2da20943931e9834fc12cfe5bb47bbd9ae43489a30726962b576f4e3993e50 ``` -### hash.copy(\[options\]) +### `hash.copy([options])` @@ -1076,7 +1076,7 @@ console.log(hash.copy().digest('hex')); // Etc. ``` -### hash.digest(\[encoding\]) +### `hash.digest([encoding])` @@ -1092,7 +1092,7 @@ a [`Buffer`][] is returned. The `Hash` object can not be used again after `hash.digest()` method has been called. Multiple calls will cause an error to be thrown. -### hash.update(data\[, inputEncoding\]) +### `hash.update(data[, inputEncoding])` @@ -1174,7 +1174,7 @@ console.log(hmac.digest('hex')); // 7fd04df92f636fd450bc841c9418e5825c17f33ad9c87c518115a45971f7f77e ``` -### hmac.digest(\[encoding\]) +### `hmac.digest([encoding])` @@ -1189,7 +1189,7 @@ provided a string is returned; otherwise a [`Buffer`][] is returned; The `Hmac` object can not be used again after `hmac.digest()` has been called. Multiple calls to `hmac.digest()` will result in an error being thrown. -### hmac.update(data\[, inputEncoding\]) +### `hmac.update(data[, inputEncoding])` @@ -1307,7 +1307,7 @@ encryption mechanism, PEM-level encryption is not supported when encrypting a PKCS#8 key. See [RFC 5208][] for PKCS#8 encryption and [RFC 1421][] for PKCS#1 and SEC1 encryption. -### keyObject.symmetricKeySize +### `keyObject.symmetricKeySize` @@ -1317,7 +1317,7 @@ added: v11.6.0 For secret keys, this property represents the size of the key in bytes. This property is `undefined` for asymmetric keys. -### keyObject.type +### `keyObject.type` @@ -1328,7 +1328,7 @@ Depending on the type of this `KeyObject`, this property is either `'secret'` for secret (symmetric) keys, `'public'` for public (asymmetric) keys or `'private'` for private (asymmetric) keys. -## Class: Sign +## Class: `Sign` @@ -1389,7 +1389,7 @@ console.log(verify.verify(publicKey, signature)); // Prints: true ``` -### sign.sign(privateKey\[, outputEncoding\]) +### `sign.sign(privateKey[, outputEncoding])` @@ -1482,7 +1482,7 @@ The [`crypto.createVerify()`][] method is used to create `Verify` instances. See [`Sign`][] for examples. -### verify.update(data\[, inputEncoding\]) +### `verify.update(data[, inputEncoding])` @@ -1574,7 +1574,7 @@ added: v6.3.0 security related operations. The specific constants currently defined are described in [Crypto Constants][]. -### crypto.DEFAULT_ENCODING +### `crypto.DEFAULT_ENCODING` @@ -1863,7 +1863,7 @@ Creates a `DiffieHellman` key exchange object and generates a prime of `primeLength` bits using an optional specific numeric `generator`. If `generator` is not specified, the value `2` is used. -### crypto.createDiffieHellmanGroup(name) +### `crypto.createDiffieHellmanGroup(name)` @@ -1873,7 +1873,7 @@ added: v0.9.3 An alias for [`crypto.getDiffieHellman()`][] -### crypto.createECDH(curveName) +### `crypto.createECDH(curveName)` @@ -1887,7 +1887,7 @@ predefined curve specified by the `curveName` string. Use OpenSSL releases, `openssl ecparam -list_curves` will also display the name and description of each available elliptic curve. -### crypto.createHash(algorithm\[, options\]) +### `crypto.createHash(algorithm[, options])` @@ -2001,7 +2001,7 @@ must be an object with the properties described above. If the private key is encrypted, a `passphrase` must be specified. The length of the passphrase is limited to 1024 bytes. -### crypto.createPublicKey(key) +### `crypto.createPublicKey(key)` @@ -2047,7 +2047,7 @@ added: v11.6.0 Creates and returns a new key object containing a secret key for symmetric encryption or `Hmac`. -### crypto.createSign(algorithm\[, options\]) +### `crypto.createSign(algorithm[, options])` @@ -2066,7 +2066,7 @@ the corresponding digest algorithm. This does not work for all signature algorithms, such as `'ecdsa-with-SHA256'`, so it is best to always use digest algorithm names. -### crypto.createVerify(algorithm\[, options\]) +### `crypto.createVerify(algorithm[, options])` @@ -2086,7 +2086,7 @@ the corresponding digest algorithm. This does not work for all signature algorithms, such as `'ecdsa-with-SHA256'`, so it is best to always use digest algorithm names. -### crypto.generateKeyPair(type, options, callback) +### `crypto.generateKeyPair(type, options, callback)` @@ -2221,7 +2221,7 @@ const ciphers = crypto.getCiphers(); console.log(ciphers); // ['aes-128-cbc', 'aes-128-ccm', ...] ``` -### crypto.getCurves() +### `crypto.getCurves()` @@ -2233,7 +2233,7 @@ const curves = crypto.getCurves(); console.log(curves); // ['Oakley-EC2N-3', 'Oakley-EC2N-4', ...] ``` -### crypto.getDiffieHellman(groupName) +### `crypto.getDiffieHellman(groupName)` @@ -2269,7 +2269,7 @@ const bobSecret = bob.computeSecret(alice.getPublicKey(), null, 'hex'); console.log(aliceSecret === bobSecret); ``` -### crypto.getFips() +### `crypto.getFips()` @@ -2277,7 +2277,7 @@ added: v10.0.0 * Returns: {boolean} `true` if and only if a FIPS compliant crypto provider is currently in use. -### crypto.getHashes() +### `crypto.getHashes()` @@ -2290,7 +2290,7 @@ const hashes = crypto.getHashes(); console.log(hashes); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...] ``` -### crypto.pbkdf2(password, salt, iterations, keylen, digest, callback) +### `crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)` @@ -2873,7 +2873,7 @@ The flags below are deprecated in OpenSSL-1.1.0. * `crypto.constants.ENGINE_METHOD_ECDSA` * `crypto.constants.ENGINE_METHOD_STORE` -### crypto.setFips(bool) +### `crypto.setFips(bool)` @@ -2883,7 +2883,7 @@ added: v10.0.0 Enables the FIPS compliant crypto provider in a FIPS-enabled Node.js build. Throws an error if FIPS mode is not available. -### crypto.sign(algorithm, data, key) +### `crypto.sign(algorithm, data, key)` @@ -2917,7 +2917,7 @@ additional properties can be passed: size, `crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN` (default) sets it to the maximum permissible value. -### crypto.timingSafeEqual(a, b) +### `crypto.timingSafeEqual(a, b)` @@ -2939,7 +2939,7 @@ Use of `crypto.timingSafeEqual` does not guarantee that the *surrounding* code is timing-safe. Care should be taken to ensure that the surrounding code does not introduce timing vulnerabilities. -### crypto.verify(algorithm, data, key, signature) +### `crypto.verify(algorithm, data, key, signature)`