3 Stability: 2 - Unstable; API changes are being discussed for
4 future versions. Breaking changes will be minimized. See below.
6 Use `require('crypto')` to access this module.
8 The crypto module offers a way of encapsulating secure credentials to be
9 used as part of a secure HTTPS net or http connection.
11 It also offers a set of wrappers for OpenSSL's hash, hmac, cipher,
12 decipher, sign and verify methods.
15 ## crypto.setEngine(engine[, flags])
17 Load and set engine for some/all OpenSSL functions (selected by flags).
19 `engine` could be either an id or a path to the to the engine's shared library.
21 `flags` is optional and has `ENGINE_METHOD_ALL` value by default. It could take
22 one of or mix of following flags (defined in `constants` module):
27 * `ENGINE_METHOD_RAND`
28 * `ENGINE_METHOD_ECDH`
29 * `ENGINE_METHOD_ECDSA`
30 * `ENGINE_METHOD_CIPHERS`
31 * `ENGINE_METHOD_DIGESTS`
32 * `ENGINE_METHOD_STORE`
33 * `ENGINE_METHOD_PKEY_METH`
34 * `ENGINE_METHOD_PKEY_ASN1_METH`
36 * `ENGINE_METHOD_NONE`
39 ## crypto.getCiphers()
41 Returns an array with the names of the supported ciphers.
45 var ciphers = crypto.getCiphers();
46 console.log(ciphers); // ['AES-128-CBC', 'AES-128-CBC-HMAC-SHA1', ...]
51 Returns an array with the names of the supported hash algorithms.
55 var hashes = crypto.getHashes();
56 console.log(hashes); // ['sha', 'sha1', 'sha1WithRSAEncryption', ...]
59 ## crypto.createCredentials(details)
61 Stability: 0 - Deprecated. Use [tls.createSecureContext][] instead.
63 Creates a credentials object, with the optional details being a
66 * `pfx` : A string or buffer holding the PFX or PKCS12 encoded private
67 key, certificate and CA certificates
68 * `key` : A string holding the PEM encoded private key
69 * `passphrase` : A string of passphrase for the private key or pfx
70 * `cert` : A string holding the PEM encoded certificate
71 * `ca` : Either a string or list of strings of PEM encoded CA
72 certificates to trust.
73 * `crl` : Either a string or list of strings of PEM encoded CRLs
74 (Certificate Revocation List)
75 * `ciphers`: A string describing the ciphers to use or exclude.
77 <http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT>
78 for details on the format.
80 If no 'ca' details are given, then node.js will use the default
81 publicly trusted list of CAs as given in
82 <http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt>.
85 ## crypto.createHash(algorithm)
87 Creates and returns a hash object, a cryptographic hash with the given
88 algorithm which can be used to generate hash digests.
90 `algorithm` is dependent on the available algorithms supported by the
91 version of OpenSSL on the platform. Examples are `'sha1'`, `'md5'`,
92 `'sha256'`, `'sha512'`, etc. On recent releases, `openssl
93 list-message-digest-algorithms` will display the available digest
96 Example: this program that takes the sha1 sum of a file
98 var filename = process.argv[2];
99 var crypto = require('crypto');
100 var fs = require('fs');
102 var shasum = crypto.createHash('sha1');
104 var s = fs.ReadStream(filename);
105 s.on('data', function(d) {
109 s.on('end', function() {
110 var d = shasum.digest('hex');
111 console.log(d + ' ' + filename);
116 The class for creating hash digests of data.
118 It is a [stream](stream.html) that is both readable and writable. The
119 written data is used to compute the hash. Once the writable side of
120 the stream is ended, use the `read()` method to get the computed hash
121 digest. The legacy `update` and `digest` methods are also supported.
123 Returned by `crypto.createHash`.
125 ### hash.update(data[, input_encoding])
127 Updates the hash content with the given `data`, the encoding of which
128 is given in `input_encoding` and can be `'utf8'`, `'ascii'` or
129 `'binary'`. If no encoding is provided and the input is a string an
130 encoding of `'binary'` is enforced. If `data` is a `Buffer` then
131 `input_encoding` is ignored.
133 This can be called many times with new data as it is streamed.
135 ### hash.digest([encoding])
137 Calculates the digest of all of the passed data to be hashed. The
138 `encoding` can be `'hex'`, `'binary'` or `'base64'`. If no encoding
139 is provided, then a buffer is returned.
141 Note: `hash` object can not be used after `digest()` method has been
145 ## crypto.createHmac(algorithm, key)
147 Creates and returns a hmac object, a cryptographic hmac with the given
150 It is a [stream](stream.html) that is both readable and writable. The
151 written data is used to compute the hmac. Once the writable side of
152 the stream is ended, use the `read()` method to get the computed
153 digest. The legacy `update` and `digest` methods are also supported.
155 `algorithm` is dependent on the available algorithms supported by
156 OpenSSL - see createHash above. `key` is the hmac key to be used.
160 Class for creating cryptographic hmac content.
162 Returned by `crypto.createHmac`.
164 ### hmac.update(data)
166 Update the hmac content with the given `data`. This can be called
167 many times with new data as it is streamed.
169 ### hmac.digest([encoding])
171 Calculates the digest of all of the passed data to the hmac. The
172 `encoding` can be `'hex'`, `'binary'` or `'base64'`. If no encoding
173 is provided, then a buffer is returned.
175 Note: `hmac` object can not be used after `digest()` method has been
179 ## crypto.createCipher(algorithm, password)
181 Creates and returns a cipher object, with the given algorithm and
184 `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On
185 recent releases, `openssl list-cipher-algorithms` will display the
186 available cipher algorithms. `password` is used to derive key and IV,
187 which must be a `'binary'` encoded string or a [buffer](buffer.html).
189 It is a [stream](stream.html) that is both readable and writable. The
190 written data is used to compute the hash. Once the writable side of
191 the stream is ended, use the `read()` method to get the enciphered
192 contents. The legacy `update` and `final` methods are also supported.
194 Note: `createCipher` derives keys with the OpenSSL function [EVP_BytesToKey][]
195 with the digest algorithm set to MD5, one iteration, and no salt. The lack of
196 salt allows dictionary attacks as the same password always creates the same key.
197 The low iteration count and non-cryptographically secure hash algorithm allow
198 passwords to be tested very rapidly.
200 In line with OpenSSL's recommendation to use pbkdf2 instead of EVP_BytesToKey it
201 is recommended you derive a key and iv yourself with [crypto.pbkdf2][] and to
202 then use [createCipheriv()][] to create the cipher stream.
204 ## crypto.createCipheriv(algorithm, key, iv)
206 Creates and returns a cipher object, with the given algorithm, key and
209 `algorithm` is the same as the argument to `createCipher()`. `key` is
210 the raw key used by the algorithm. `iv` is an [initialization
211 vector](http://en.wikipedia.org/wiki/Initialization_vector).
213 `key` and `iv` must be `'binary'` encoded strings or
214 [buffers](buffer.html).
218 Class for encrypting data.
220 Returned by `crypto.createCipher` and `crypto.createCipheriv`.
222 Cipher objects are [streams](stream.html) that are both readable and
223 writable. The written plain text data is used to produce the
224 encrypted data on the readable side. The legacy `update` and `final`
225 methods are also supported.
227 ### cipher.update(data[, input_encoding][, output_encoding])
229 Updates the cipher with `data`, the encoding of which is given in
230 `input_encoding` and can be `'utf8'`, `'ascii'` or `'binary'`. If no
231 encoding is provided, then a buffer is expected.
232 If `data` is a `Buffer` then `input_encoding` is ignored.
234 The `output_encoding` specifies the output format of the enciphered
235 data, and can be `'binary'`, `'base64'` or `'hex'`. If no encoding is
236 provided, then a buffer is returned.
238 Returns the enciphered contents, and can be called many times with new
239 data as it is streamed.
241 ### cipher.final([output_encoding])
243 Returns any remaining enciphered contents, with `output_encoding`
244 being one of: `'binary'`, `'base64'` or `'hex'`. If no encoding is
245 provided, then a buffer is returned.
247 Note: `cipher` object can not be used after `final()` method has been
250 ### cipher.setAutoPadding(auto_padding=true)
252 You can disable automatic padding of the input data to block size. If
253 `auto_padding` is false, the length of the entire input data must be a
254 multiple of the cipher's block size or `final` will fail. Useful for
255 non-standard padding, e.g. using `0x0` instead of PKCS padding. You
256 must call this before `cipher.final`.
258 ### cipher.getAuthTag()
260 For authenticated encryption modes (currently supported: GCM), this
261 method returns a `Buffer` that represents the _authentication tag_ that
262 has been computed from the given data. Should be called after
263 encryption has been completed using the `final` method!
265 ### cipher.setAAD(buffer)
267 For authenticated encryption modes (currently supported: GCM), this
268 method sets the value used for the additional authenticated data (AAD) input
272 ## crypto.createDecipher(algorithm, password)
274 Creates and returns a decipher object, with the given algorithm and
275 key. This is the mirror of the [createCipher()][] above.
277 ## crypto.createDecipheriv(algorithm, key, iv)
279 Creates and returns a decipher object, with the given algorithm, key
280 and iv. This is the mirror of the [createCipheriv()][] above.
284 Class for decrypting data.
286 Returned by `crypto.createDecipher` and `crypto.createDecipheriv`.
288 Decipher objects are [streams](stream.html) that are both readable and
289 writable. The written enciphered data is used to produce the
290 plain-text data on the the readable side. The legacy `update` and
291 `final` methods are also supported.
293 ### decipher.update(data[, input_encoding][, output_encoding])
295 Updates the decipher with `data`, which is encoded in `'binary'`,
296 `'base64'` or `'hex'`. If no encoding is provided, then a buffer is
298 If `data` is a `Buffer` then `input_encoding` is ignored.
300 The `output_decoding` specifies in what format to return the
301 deciphered plaintext: `'binary'`, `'ascii'` or `'utf8'`. If no
302 encoding is provided, then a buffer is returned.
304 ### decipher.final([output_encoding])
306 Returns any remaining plaintext which is deciphered, with
307 `output_encoding` being one of: `'binary'`, `'ascii'` or `'utf8'`. If
308 no encoding is provided, then a buffer is returned.
310 Note: `decipher` object can not be used after `final()` method has been
313 ### decipher.setAutoPadding(auto_padding=true)
315 You can disable auto padding if the data has been encrypted without
316 standard block padding to prevent `decipher.final` from checking and
317 removing it. Can only work if the input data's length is a multiple of
318 the ciphers block size. You must call this before streaming data to
321 ### decipher.setAuthTag(buffer)
323 For authenticated encryption modes (currently supported: GCM), this
324 method must be used to pass in the received _authentication tag_.
325 If no tag is provided or if the ciphertext has been tampered with,
326 `final` will throw, thus indicating that the ciphertext should
327 be discarded due to failed authentication.
329 ### decipher.setAAD(buffer)
331 For authenticated encryption modes (currently supported: GCM), this
332 method sets the value used for the additional authenticated data (AAD) input
336 ## crypto.createSign(algorithm)
338 Creates and returns a signing object, with the given algorithm. On
339 recent OpenSSL releases, `openssl list-public-key-algorithms` will
340 display the available signing algorithms. Examples are `'RSA-SHA256'`.
344 Class for generating signatures.
346 Returned by `crypto.createSign`.
348 Sign objects are writable [streams](stream.html). The written data is
349 used to generate the signature. Once all of the data has been
350 written, the `sign` method will return the signature. The legacy
351 `update` method is also supported.
353 ### sign.update(data)
355 Updates the sign object with data. This can be called many times
356 with new data as it is streamed.
358 ### sign.sign(private_key[, output_format])
360 Calculates the signature on all the updated data passed through the
363 `private_key` can be an object or a string. If `private_key` is a string, it is
364 treated as the key with no passphrase.
368 * `key` : A string holding the PEM encoded private key
369 * `passphrase` : A string of passphrase for the private key
371 Returns the signature in `output_format` which can be `'binary'`,
372 `'hex'` or `'base64'`. If no encoding is provided, then a buffer is
375 Note: `sign` object can not be used after `sign()` method has been
378 ## crypto.createVerify(algorithm)
380 Creates and returns a verification object, with the given algorithm.
381 This is the mirror of the signing object above.
385 Class for verifying signatures.
387 Returned by `crypto.createVerify`.
389 Verify objects are writable [streams](stream.html). The written data
390 is used to validate against the supplied signature. Once all of the
391 data has been written, the `verify` method will return true if the
392 supplied signature is valid. The legacy `update` method is also
395 ### verifier.update(data)
397 Updates the verifier object with data. This can be called many times
398 with new data as it is streamed.
400 ### verifier.verify(object, signature[, signature_format])
402 Verifies the signed data by using the `object` and `signature`.
403 `object` is a string containing a PEM encoded object, which can be
404 one of RSA public key, DSA public key, or X.509 certificate.
405 `signature` is the previously calculated signature for the data, in
406 the `signature_format` which can be `'binary'`, `'hex'` or `'base64'`.
407 If no encoding is specified, then a buffer is expected.
409 Returns true or false depending on the validity of the signature for
410 the data and public key.
412 Note: `verifier` object can not be used after `verify()` method has been
415 ## crypto.createDiffieHellman(prime_length[, generator])
417 Creates a Diffie-Hellman key exchange object and generates a prime of
418 `prime_length` bits and using an optional specific numeric `generator`.
419 If no `generator` is specified, then `2` is used.
421 ## crypto.createDiffieHellman(prime[, prime_encoding][, generator][, generator_encoding])
423 Creates a Diffie-Hellman key exchange object using the supplied `prime` and an
424 optional specific `generator`.
425 `generator` can be a number, string, or Buffer.
426 If no `generator` is specified, then `2` is used.
427 `prime_encoding` and `generator_encoding` can be `'binary'`, `'hex'`, or `'base64'`.
428 If no `prime_encoding` is specified, then a Buffer is expected for `prime`.
429 If no `generator_encoding` is specified, then a Buffer is expected for `generator`.
431 ## Class: DiffieHellman
433 The class for creating Diffie-Hellman key exchanges.
435 Returned by `crypto.createDiffieHellman`.
437 ### diffieHellman.verifyError
439 A bit field containing any warnings and/or errors as a result of a check performed
440 during initialization. The following values are valid for this property
441 (defined in `constants` module):
443 * `DH_CHECK_P_NOT_SAFE_PRIME`
444 * `DH_CHECK_P_NOT_PRIME`
445 * `DH_UNABLE_TO_CHECK_GENERATOR`
446 * `DH_NOT_SUITABLE_GENERATOR`
448 ### diffieHellman.generateKeys([encoding])
450 Generates private and public Diffie-Hellman key values, and returns
451 the public key in the specified encoding. This key should be
452 transferred to the other party. Encoding can be `'binary'`, `'hex'`,
453 or `'base64'`. If no encoding is provided, then a buffer is returned.
455 ### diffieHellman.computeSecret(other_public_key[, input_encoding][, output_encoding])
457 Computes the shared secret using `other_public_key` as the other
458 party's public key and returns the computed shared secret. Supplied
459 key is interpreted using specified `input_encoding`, and secret is
460 encoded using specified `output_encoding`. Encodings can be
461 `'binary'`, `'hex'`, or `'base64'`. If the input encoding is not
462 provided, then a buffer is expected.
464 If no output encoding is given, then a buffer is returned.
466 ### diffieHellman.getPrime([encoding])
468 Returns the Diffie-Hellman prime in the specified encoding, which can
469 be `'binary'`, `'hex'`, or `'base64'`. If no encoding is provided,
470 then a buffer is returned.
472 ### diffieHellman.getGenerator([encoding])
474 Returns the Diffie-Hellman generator in the specified encoding, which can
475 be `'binary'`, `'hex'`, or `'base64'`. If no encoding is provided,
476 then a buffer is returned.
478 ### diffieHellman.getPublicKey([encoding])
480 Returns the Diffie-Hellman public key in the specified encoding, which
481 can be `'binary'`, `'hex'`, or `'base64'`. If no encoding is provided,
482 then a buffer is returned.
484 ### diffieHellman.getPrivateKey([encoding])
486 Returns the Diffie-Hellman private key in the specified encoding,
487 which can be `'binary'`, `'hex'`, or `'base64'`. If no encoding is
488 provided, then a buffer is returned.
490 ### diffieHellman.setPublicKey(public_key[, encoding])
492 Sets the Diffie-Hellman public key. Key encoding can be `'binary'`,
493 `'hex'` or `'base64'`. If no encoding is provided, then a buffer is
496 ### diffieHellman.setPrivateKey(private_key[, encoding])
498 Sets the Diffie-Hellman private key. Key encoding can be `'binary'`,
499 `'hex'` or `'base64'`. If no encoding is provided, then a buffer is
502 ## crypto.getDiffieHellman(group_name)
504 Creates a predefined Diffie-Hellman key exchange object. The
505 supported groups are: `'modp1'`, `'modp2'`, `'modp5'` (defined in [RFC
506 2412][]) and `'modp14'`, `'modp15'`, `'modp16'`, `'modp17'`,
507 `'modp18'` (defined in [RFC 3526][]). The returned object mimics the
508 interface of objects created by [crypto.createDiffieHellman()][]
509 above, but will not allow to change the keys (with
510 [diffieHellman.setPublicKey()][] for example). The advantage of using
511 this routine is that the parties don't have to generate nor exchange
512 group modulus beforehand, saving both processor and communication
515 Example (obtaining a shared secret):
517 var crypto = require('crypto');
518 var alice = crypto.getDiffieHellman('modp5');
519 var bob = crypto.getDiffieHellman('modp5');
521 alice.generateKeys();
524 var alice_secret = alice.computeSecret(bob.getPublicKey(), null, 'hex');
525 var bob_secret = bob.computeSecret(alice.getPublicKey(), null, 'hex');
527 /* alice_secret and bob_secret should be the same */
528 console.log(alice_secret == bob_secret);
530 ## crypto.createECDH(curve_name)
532 Creates a Elliptic Curve (EC) Diffie-Hellman key exchange object using a
533 predefined curve specified by `curve_name` string.
537 The class for creating EC Diffie-Hellman key exchanges.
539 Returned by `crypto.createECDH`.
541 ### ECDH.generateKeys([encoding[, format]])
543 Generates private and public EC Diffie-Hellman key values, and returns
544 the public key in the specified format and encoding. This key should be
545 transferred to the other party.
547 Format specifies point encoding and can be `'compressed'`, `'uncompressed'`, or
548 `'hybrid'`. If no format is provided - the point will be returned in
549 `'uncompressed'` format.
551 Encoding can be `'binary'`, `'hex'`, or `'base64'`. If no encoding is provided,
552 then a buffer is returned.
554 ### ECDH.computeSecret(other_public_key[, input_encoding][, output_encoding])
556 Computes the shared secret using `other_public_key` as the other
557 party's public key and returns the computed shared secret. Supplied
558 key is interpreted using specified `input_encoding`, and secret is
559 encoded using specified `output_encoding`. Encodings can be
560 `'binary'`, `'hex'`, or `'base64'`. If the input encoding is not
561 provided, then a buffer is expected.
563 If no output encoding is given, then a buffer is returned.
565 ### ECDH.getPublicKey([encoding[, format]])
567 Returns the EC Diffie-Hellman public key in the specified encoding and format.
569 Format specifies point encoding and can be `'compressed'`, `'uncompressed'`, or
570 `'hybrid'`. If no format is provided - the point will be returned in
571 `'uncompressed'` format.
573 Encoding can be `'binary'`, `'hex'`, or `'base64'`. If no encoding is provided,
574 then a buffer is returned.
576 ### ECDH.getPrivateKey([encoding])
578 Returns the EC Diffie-Hellman private key in the specified encoding,
579 which can be `'binary'`, `'hex'`, or `'base64'`. If no encoding is
580 provided, then a buffer is returned.
582 ### ECDH.setPublicKey(public_key[, encoding])
584 Sets the EC Diffie-Hellman public key. Key encoding can be `'binary'`,
585 `'hex'` or `'base64'`. If no encoding is provided, then a buffer is
588 ### ECDH.setPrivateKey(private_key[, encoding])
590 Sets the EC Diffie-Hellman private key. Key encoding can be `'binary'`,
591 `'hex'` or `'base64'`. If no encoding is provided, then a buffer is
594 Example (obtaining a shared secret):
596 var crypto = require('crypto');
597 var alice = crypto.createECDH('secp256k1');
598 var bob = crypto.createECDH('secp256k1');
600 alice.generateKeys();
603 var alice_secret = alice.computeSecret(bob.getPublicKey(), null, 'hex');
604 var bob_secret = bob.computeSecret(alice.getPublicKey(), null, 'hex');
606 /* alice_secret and bob_secret should be the same */
607 console.log(alice_secret == bob_secret);
609 ## crypto.pbkdf2(password, salt, iterations, keylen[, digest], callback)
611 Asynchronous PBKDF2 function. Applies the selected HMAC digest function
612 (default: SHA1) to derive a key of the requested length from the password,
613 salt and number of iterations. The callback gets two arguments:
618 crypto.pbkdf2('secret', 'salt', 4096, 512, 'sha256', function(err, key) {
621 console.log(key.toString('hex')); // 'c5e478d...1469e50'
624 You can get a list of supported digest functions with
625 [crypto.getHashes()](#crypto_crypto_gethashes).
627 ## crypto.pbkdf2Sync(password, salt, iterations, keylen[, digest])
629 Synchronous PBKDF2 function. Returns derivedKey or throws error.
631 ## crypto.randomBytes(size[, callback])
633 Generates cryptographically strong pseudo-random data. Usage:
636 crypto.randomBytes(256, function(ex, buf) {
638 console.log('Have %d bytes of random data: %s', buf.length, buf);
643 var buf = crypto.randomBytes(256);
644 console.log('Have %d bytes of random data: %s', buf.length, buf);
647 // most likely, entropy sources are drained
650 NOTE: Will throw error or invoke callback with error, if there is not enough
651 accumulated entropy to generate cryptographically strong data. In other words,
652 `crypto.randomBytes` without callback will not block even if all entropy sources
655 ## crypto.pseudoRandomBytes(size[, callback])
657 Identical to `crypto.randomBytes` except that, instead of throwing an error when
658 there is not enough accumulated entropy to generate cryptographically strong
659 data, it will silently return **non**-cryptographically strong data.
661 ## Class: Certificate
663 The class used for working with signed public key & challenges. The most
664 common usage for this series of functions is when dealing with the `<keygen>`
665 element. http://www.openssl.org/docs/apps/spkac.html
667 Returned by `crypto.Certificate`.
669 ### Certificate.verifySpkac(spkac)
671 Returns true of false based on the validity of the SPKAC.
673 ### Certificate.exportChallenge(spkac)
675 Exports the encoded public key from the supplied SPKAC.
677 ### Certificate.exportPublicKey(spkac)
679 Exports the encoded challenge associated with the SPKAC.
681 ## crypto.publicEncrypt(public_key, buffer)
683 Encrypts `buffer` with `public_key`. Only RSA is currently supported.
685 `public_key` can be an object or a string. If `public_key` is a string, it is
686 treated as the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`.
690 * `key` : A string holding the PEM encoded private key
691 * `padding` : An optional padding value, one of the following:
692 * `constants.RSA_NO_PADDING`
693 * `constants.RSA_PKCS1_PADDING`
694 * `constants.RSA_PKCS1_OAEP_PADDING`
696 NOTE: All paddings are defined in `constants` module.
698 ## crypto.privateDecrypt(private_key, buffer)
700 Decrypts `buffer` with `private_key`.
702 `private_key` can be an object or a string. If `private_key` is a string, it is
703 treated as the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`.
707 * `key` : A string holding the PEM encoded private key
708 * `passphrase` : An optional string of passphrase for the private key
709 * `padding` : An optional padding value, one of the following:
710 * `constants.RSA_NO_PADDING`
711 * `constants.RSA_PKCS1_PADDING`
712 * `constants.RSA_PKCS1_OAEP_PADDING`
714 NOTE: All paddings are defined in `constants` module.
716 ## crypto.DEFAULT_ENCODING
718 The default encoding to use for functions that can take either strings
719 or buffers. The default value is `'buffer'`, which makes it default
720 to using Buffer objects. This is here to make the crypto module more
721 easily compatible with legacy programs that expected `'binary'` to be
722 the default encoding.
724 Note that new programs will probably expect buffers, so only use this
725 as a temporary measure.
727 ## Recent API Changes
729 The Crypto module was added to Node before there was the concept of a
730 unified Stream API, and before there were Buffer objects for handling
733 As such, the streaming classes don't have the typical methods found on
734 other Node classes, and many methods accepted and returned
735 Binary-encoded strings by default rather than Buffers. This was
736 changed to use Buffers by default instead.
738 This is a breaking change for some use cases, but not all.
740 For example, if you currently use the default arguments to the Sign
741 class, and then pass the results to the Verify class, without ever
742 inspecting the data, then it will continue to work as before. Where
743 you once got a binary string and then presented the binary string to
744 the Verify object, you'll now get a Buffer, and present the Buffer to
747 However, if you were doing things with the string data that will not
748 work properly on Buffers (such as, concatenating them, storing in
749 databases, etc.), or you are passing binary strings to the crypto
750 functions without an encoding argument, then you will need to start
751 providing encoding arguments to specify which encoding you'd like to
752 use. To switch to the previous style of using binary strings by
753 default, set the `crypto.DEFAULT_ENCODING` field to 'binary'. Note
754 that new programs will probably expect buffers, so only use this as a
758 [createCipher()]: #crypto_crypto_createcipher_algorithm_password
759 [createCipheriv()]: #crypto_crypto_createcipheriv_algorithm_key_iv
760 [crypto.createDiffieHellman()]: #crypto_crypto_creatediffiehellman_prime_encoding
761 [tls.createSecureContext]: tls.html#tls_tls_createsecurecontext_details
762 [diffieHellman.setPublicKey()]: #crypto_diffiehellman_setpublickey_public_key_encoding
763 [RFC 2412]: http://www.rfc-editor.org/rfc/rfc2412.txt
764 [RFC 3526]: http://www.rfc-editor.org/rfc/rfc3526.txt
765 [crypto.pbkdf2]: #crypto_crypto_pbkdf2_password_salt_iterations_keylen_callback
766 [EVP_BytesToKey]: https://www.openssl.org/docs/crypto/EVP_BytesToKey.html