### decipher.setAutoPadding(auto_padding=true)
When data has been encrypted without standard block padding, calling
-`decipher.setAuthPadding(false)` will disable automatic padding to prevent
+`decipher.setAutoPadding(false)` will disable automatic padding to prevent
[`decipher.final()`][] from checking for and removing padding.
Turning auto padding off will only work if the input data's length is a
const assert = require('assert');
// Generate Alice's keys...
-const alice = crypto.createDiffieHellman(11);
+const alice = crypto.createDiffieHellman(2048);
const alice_key = alice.generateKeys();
// Generate Bob's keys...
-const bob = crypto.createDiffieHellman(11);
+const bob = crypto.createDiffieHellman(alice.getPrime(), alice.getGenerator());
const bob_key = bob.generateKeys();
// Exchange and generate the secret...
const alice_secret = alice.computeSecret(bob_key);
const bob_secret = bob.computeSecret(alice_key);
-assert(alice_secret, bob_secret);
- // OK
+// OK
+assert.equal(alice_secret.toString('hex'), bob_secret.toString('hex'));
```
### diffieHellman.computeSecret(other_public_key[, input_encoding][, output_encoding])
The `Hmac` object can not be used again after `hmac.digest()` has been
called. Multiple calls to `hmac.digest()` will result in an error being thrown.
-### hmac.update(data)
+### hmac.update(data[, input_encoding])
-Update the `Hmac` content with the given `data`. This can be called
-many times with new data as it is streamed.
+Updates the `Hmac` content with the given `data`, the encoding of which
+is given in `input_encoding` and can be `'utf8'`, `'ascii'` or
+`'binary'`. If `encoding` is not provided, and the `data` is a string, an
+encoding of `'utf8'` is enforced. If `data` is a [`Buffer`][] then
+`input_encoding` is ignored.
+
+This can be called many times with new data as it is streamed.
## Class: Sign
// Prints the calculated signature
```
+A [`sign`][] instance can also be created by just passing in the digest
+algorithm name, in which case OpenSSL will infer the full signature algorithm
+from the type of the PEM-formatted private key, including algorithms that
+do not have directly exposed name constants, e.g. 'ecdsa-with-SHA256'.
+
+Example: signing using ECDSA with SHA256
+
+```js
+const crypto = require('crypto');
+const sign = crypto.createSign('sha256');
+
+sign.update('some data to sign');
+
+const private_key = '-----BEGIN EC PRIVATE KEY-----\n' +
+ 'MHcCAQEEIF+jnWY1D5kbVYDNvxxo/Y+ku2uJPDwS0r/VuPZQrjjVoAoGCCqGSM49\n' +
+ 'AwEHoUQDQgAEurOxfSxmqIRYzJVagdZfMMSjRNNhB8i3mXyIMq704m2m52FdfKZ2\n' +
+ 'pQhByd5eyj3lgZ7m7jbchtdgyOF8Io/1ng==\n' +
+ '-----END EC PRIVATE KEY-----\n';
+
+console.log(sign.sign(private_key).toString('hex'));
+```
+
### sign.sign(private_key[, output_format])
Calculates the signature on all the data passed through using either
The `Sign` object can not be again used after `sign.sign()` method has been
called. Multiple calls to `sign.sign()` will result in an error being thrown.
-### sign.update(data)
+### sign.update(data[, input_encoding])
-Updates the sign object with the given `data`. This can be called many times
-with new data as it is streamed.
+Updates the `Sign` content with the given `data`, the encoding of which
+is given in `input_encoding` and can be `'utf8'`, `'ascii'` or
+`'binary'`. If `encoding` is not provided, and the `data` is a string, an
+encoding of `'utf8'` is enforced. If `data` is a [`Buffer`][] then
+`input_encoding` is ignored.
+
+This can be called many times with new data as it is streamed.
## Class: Verify
// Prints true or false
```
-### verifier.update(data)
+### verifier.update(data[, input_encoding])
+
+Updates the `Verify` content with the given `data`, the encoding of which
+is given in `input_encoding` and can be `'utf8'`, `'ascii'` or
+`'binary'`. If `encoding` is not provided, and the `data` is a string, an
+encoding of `'utf8'` is enforced. If `data` is a [`Buffer`][] then
+`input_encoding` is ignored.
-Updates the verifier object with the given `data`. This can be called many
-times with new data as it is streamed.
+This can be called many times with new data as it is streamed.
### verifier.verify(object, signature[, signature_format])
available cipher algorithms.
The `password` is used to derive the cipher key and initialization vector (IV).
-The value must be either a `'binary'` encoded string or a [`Buffer`[].
+The value must be either a `'binary'` encoded string or a [`Buffer`][].
The implementation of `crypto.createCipher()` derives keys using the OpenSSL
function [`EVP_BytesToKey`][] with the digest algorithm set to MD5, one
// Synchronous
const buf = crypto.randomBytes(256);
console.log(
- `${buf.length}` bytes of random data: ${buf.toString('hex')});
+ `${buf.length} bytes of random data: ${buf.toString('hex')}`);
```
The `crypto.randomBytes()` method will block until there is sufficient entropy.
projects / platform / upstream / nodejs.git / blobdiff