ReferencesBareModules

bare-crypto

Reference for bare-crypto: cryptographic primitives for Bare—hashing, HMAC, ciphers, key derivation, signing, random bytes, and WebCrypto.

stable

bare-crypto provides cryptographic primitives for Bare. The API follows the Node.js crypto module and also exposes a webcrypto interface. It's a native addon.

npm i bare-crypto

Usage

const { createHash, randomBytes } = require('bare-crypto')

const digest = createHash('sha256').update('hello').digest('hex')
console.log(digest)
console.log(randomBytes(16).toString('hex'))

API

Hashing and HMAC

`const hash = createHash(algorithm[, options])`

Create a Hash. Feed it with hash.update(data[, encoding]) and finalize with const digest = hash.digest([encoding]).

`const hmac = createHmac(algorithm, key[, options])`

Create an Hmac. Same update / digest interface as Hash.

Ciphers

`const cipher = createCipheriv(algorithm, key, iv[, options])`

Create a Cipher. Transform with cipher.update(data[, inputEncoding[, outputEncoding]]) and cipher.final([outputEncoding]). For AEAD modes, use cipher.setAAD(buffer[, options]) and cipher.getAuthTag(); cipher.setAutoPadding(pad) controls padding.

`const decipher = createDecipheriv(algorithm, key, iv[, options])`

Create a Decipher with the matching update / final interface, plus decipher.setAAD(...) and decipher.setAuthTag(authTag[, encoding]).

Random

`const buffer = randomBytes(size)` · `randomBytes(size, callback)`

Generate cryptographically strong random bytes (promise/callback forms).

`randomFill(buffer[, offset[, size]][, callback])` · `randomFillSync(...)` · `const uuid = randomUUID()`

Fill an existing buffer with random data, or generate a random UUID.

Key derivation, signing, and comparison

`pbkdf2(password, salt, iterations, keylen, digest[, callback])` · `pbkdf2Sync(...)`

PBKDF2 key derivation (promise/callback/sync forms).

`const { publicKey, privateKey } = generateKeyPair(type)`

Generate an asymmetric key pair.

`const signature = sign(algorithm, data, key)` · `const valid = verify(algorithm, data, key, signature)`

Produce and check signatures.

`const equal = timingSafeEqual(a, b)`

Constant-time buffer comparison.

WebCrypto and constants

`webcrypto`

The WebCrypto-style interface.

`constants.hash` · `constants.cipher` · `constants.signature` · `constants.keyType`

Tables of supported algorithm identifiers.

Builds on bare-assert and bare-stream (see Bare modules).

See also

Bare modules—the full bare-* catalog.
Bare runtime API—the runtime these primitives run on.
bare-fs—reading key material from disk.

bare-fetch

Previous Page

bare-subprocess

Next Page

On this page

Hashing and HMAC

const hash = createHash(algorithm[, options])

const hmac = createHmac(algorithm, key[, options])

const cipher = createCipheriv(algorithm, key, iv[, options])

const decipher = createDecipheriv(algorithm, key, iv[, options])

const buffer = randomBytes(size) · randomBytes(size, callback)

randomFill(buffer[, offset[, size]][, callback]) · randomFillSync(...) · const uuid = randomUUID()

Key derivation, signing, and comparison

pbkdf2(password, salt, iterations, keylen, digest[, callback]) · pbkdf2Sync(...)

const { publicKey, privateKey } = generateKeyPair(type)

const signature = sign(algorithm, data, key) · const valid = verify(algorithm, data, key, signature)

const equal = timingSafeEqual(a, b)

WebCrypto and constants

constants.hash · constants.cipher · constants.signature · constants.keyType

Related modules