crypto: refactoring internals, add WebCrypto

Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
author: James M Snell <jasnell@gmail.com> 2020-08-25 20:05:51 +0300
committer: James M Snell <jasnell@gmail.com> 2020-10-08 03:27:05 +0300
commit: dae283d96fd31ad0f30840a7e55ac97294f505ac (patch)
tree: 8f7f87e50411e8965cb83d9b280035f36d355fbc /doc/api/crypto.md
parent: ba77dc8597cbcf42feea59f1381512d421ec9cc5 (diff)
1 files changed, 431 insertions, 128 deletions
diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 9012322ec7b..5b22fc278ae 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -53,12 +53,18 @@ The `crypto` module provides the `Certificate` class for working with SPKAC
 data. The most common usage is handling output generated by the HTML5
 `<keygen>` element. Node.js uses [OpenSSL's SPKAC implementation][] internally.
 
-### `Certificate.exportChallenge(spkac)`
+### `Certificate.exportChallenge(spkac[, encoding])`
 <!-- YAML
 added: v9.0.0
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The spkac argument can be an ArrayBuffer. Limited the size of
+                 the spkac argument to a maximum of 2**31 - 1 bytes.
 -->
 
-* `spkac` {string | Buffer | TypedArray | DataView}
+* `spkac` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `encoding` {string} The [encoding][] of the `spkac` string.
 * Returns: {Buffer} The challenge component of the `spkac` data structure, which
   includes a public key and a challenge.
 
@@ -73,9 +79,14 @@ console.log(challenge.toString('utf8'));
 ### `Certificate.exportPublicKey(spkac[, encoding])`
 <!-- YAML
 added: v9.0.0
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The spkac argument can be an ArrayBuffer. Limited the size of
+                 the spkac argument to a maximum of 2**31 - 1 bytes.
 -->
 
-* `spkac` {string | Buffer | TypedArray | DataView}
+* `spkac` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `encoding` {string} The [encoding][] of the `spkac` string.
 * Returns: {Buffer} The public key component of the `spkac` data structure,
   which includes a public key and a challenge.
@@ -88,12 +99,19 @@ console.log(publicKey);
 // Prints: the public key as <Buffer ...>
 ```
 
-### `Certificate.verifySpkac(spkac)`
+### `Certificate.verifySpkac(spkac[, encoding])`
 <!-- YAML
 added: v9.0.0
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The spkac argument can be an ArrayBuffer. Added encoding.
+                 Limited the size of the spkac argument to a maximum of
+                 2**31 - 1 bytes.
 -->
 
-* `spkac` {Buffer | TypedArray | DataView}
+* `spkac` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `encoding` {string} The [encoding][] of the `spkac` string.
 * Returns: {boolean} `true` if the given `spkac` data structure is valid,
   `false` otherwise.
 
@@ -123,12 +141,13 @@ const cert1 = new crypto.Certificate();
 const cert2 = crypto.Certificate();
 ```
 
-#### `certificate.exportChallenge(spkac)`
+#### `certificate.exportChallenge(spkac[, encoding])`
 <!-- YAML
 added: v0.11.8
 -->
 
-* `spkac` {string | Buffer | TypedArray | DataView}
+* `spkac` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `encoding` {string} The [encoding][] of the `spkac` string.
 * Returns: {Buffer} The challenge component of the `spkac` data structure, which
   includes a public key and a challenge.
 
@@ -140,12 +159,13 @@ console.log(challenge.toString('utf8'));
 // Prints: the challenge as a UTF8 string
 ```
 
-#### `certificate.exportPublicKey(spkac)`
+#### `certificate.exportPublicKey(spkac[, encoding])`
 <!-- YAML
 added: v0.11.8
 -->
 
-* `spkac` {string | Buffer | TypedArray | DataView}
+* `spkac` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `encoding` {string} The [encoding][] of the `spkac` string.
 * Returns: {Buffer} The public key component of the `spkac` data structure,
   which includes a public key and a challenge.
 
@@ -157,12 +177,13 @@ console.log(publicKey);
 // Prints: the public key as <Buffer ...>
 ```
 
-#### `certificate.verifySpkac(spkac)`
+#### `certificate.verifySpkac(spkac[, encoding])`
 <!-- YAML
 added: v0.11.8
 -->
 
-* `spkac` {Buffer | TypedArray | DataView}
+* `spkac` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `encoding` {string} The [encoding][] of the `spkac` string.
 * Returns: {boolean} `true` if the given `spkac` data structure is valid,
   `false` otherwise.
 
@@ -199,30 +220,28 @@ const crypto = require('crypto');
 
 const algorithm = 'aes-192-cbc';
 const password = 'Password used to generate key';
-// Key length is dependent on the algorithm. In this case for aes192, it is
-// 24 bytes (192 bits).
-// Use async `crypto.scrypt()` instead.
-const key = crypto.scryptSync(password, 'salt', 24);
-// Use `crypto.randomBytes()` to generate a random iv instead of the static iv
-// shown here.
-const iv = Buffer.alloc(16, 0); // Initialization vector.
 
-const cipher = crypto.createCipheriv(algorithm, key, iv);
+// First, we'll generate the key. The key length is dependent on the algorithm.
+// In this case for aes192, it is 24 bytes (192 bits).
+crypto.scrypt(password, 'salt', 24, (err, key) => {
+  if (err) throw err;
+  // Then, we'll generate a random initialization vector
+  crypto.randomFill(new Uint8Array(16), (err, iv) => {
+    if (err) throw err;
+
+    // Once we have the key and iv, we can create and use the cipher...
+    const cipher = crypto.createCipheriv(algorithm, key, iv);
 
-let encrypted = '';
-cipher.on('readable', () => {
-  let chunk;
-  while (null !== (chunk = cipher.read())) {
-    encrypted += chunk.toString('hex');
-  }
-});
-cipher.on('end', () => {
-  console.log(encrypted);
-  // Prints: e5f79c5915c02171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffa
-});
+    let encrypted = '';
+    cipher.setEncoding('hex');
 
-cipher.write('some clear text data');
-cipher.end();
+    cipher.on('data', (chunk) => encrypted += chunk);
+    cipher.on('end', () => console.log(encrypted));
+
+    cipher.write('some clear text data');
+    cipher.end();
+  });
+});
 ```
 
 Example: Using `Cipher` and piped streams:
@@ -230,21 +249,29 @@ Example: Using `Cipher` and piped streams:
 ```js
 const crypto = require('crypto');
 const fs = require('fs');
+const { pipeline } = require('stream');
 
 const algorithm = 'aes-192-cbc';
 const password = 'Password used to generate key';
-// Use the async `crypto.scrypt()` instead.
-const key = crypto.scryptSync(password, 'salt', 24);
-// Use `crypto.randomBytes()` to generate a random iv instead of the static iv
-// shown here.
-const iv = Buffer.alloc(16, 0); // Initialization vector.
 
-const cipher = crypto.createCipheriv(algorithm, key, iv);
+// First, we'll generate the key. The key length is dependent on the algorithm.
+// In this case for aes192, it is 24 bytes (192 bits).
+crypto.scrypt(password, 'salt', 24, (err, key) => {
+  if (err) throw err;
+  // Then, we'll generate a random initialization vector
+  crypto.randomFill(new Uint8Array(16), (err, iv) => {
+    if (err) throw err;
+
+    const cipher = crypto.createCipheriv(algorithm, key, iv);
 
-const input = fs.createReadStream('test.js');
-const output = fs.createWriteStream('test.enc');
+    const input = fs.createReadStream('test.js');
+    const output = fs.createWriteStream('test.enc');
 
-input.pipe(cipher).pipe(output);
+    pipeline(input, cipher, output, (err) => {
+      if (err) throw err;
+    });
+  });
+});
 ```
 
 Example: Using the [`cipher.update()`][] and [`cipher.final()`][] methods:
@@ -254,18 +281,22 @@ const crypto = require('crypto');
 
 const algorithm = 'aes-192-cbc';
 const password = 'Password used to generate key';
-// Use the async `crypto.scrypt()` instead.
-const key = crypto.scryptSync(password, 'salt', 24);
-// Use `crypto.randomBytes` to generate a random iv instead of the static iv
-// shown here.
-const iv = Buffer.alloc(16, 0); // Initialization vector.
 
-const cipher = crypto.createCipheriv(algorithm, key, iv);
+// First, we'll generate the key. The key length is dependent on the algorithm.
+// In this case for aes192, it is 24 bytes (192 bits).
+crypto.scrypt(password, 'salt', 24, (err, key) => {
+  if (err) throw err;
+  // Then, we'll generate a random initialization vector
+  crypto.randomFill(new Uint8Array(16), (err, iv) => {
+    if (err) throw err;
 
-let encrypted = cipher.update('some clear text data', 'utf8', 'hex');
-encrypted += cipher.final('hex');
-console.log(encrypted);
-// Prints: e5f79c5915c02171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffa
+    const cipher = crypto.createCipheriv(algorithm, key, iv);
+
+    let encrypted = cipher.update('some clear text data', 'utf8', 'hex');
+    encrypted += cipher.final('hex');
+    console.log(encrypted);
+  });
+});
 ```
 
 ### `cipher.final([outputEncoding])`
@@ -287,18 +318,19 @@ once will result in an error being thrown.
 added: v1.0.0
 -->
 
-* `buffer` {Buffer | TypedArray | DataView}
+* `buffer` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `options` {Object} [`stream.transform` options][]
   * `plaintextLength` {number}
+  * `encoding` {string} The string encoding to use when `buffer` is a string.
 * Returns: {Cipher} for method chaining.
 
 When using an authenticated encryption mode (`GCM`, `CCM` and `OCB` are
 currently supported), the `cipher.setAAD()` method sets the value used for the
 _additional authenticated data_ (AAD) input parameter.
 
-The `options` argument is optional for `GCM` and `OCB`. When using `CCM`, the
-`plaintextLength` option must be specified and its value must match the length
-of the plaintext in bytes. See [CCM mode][].
+The `plaintextLength` option is optional for `GCM` and `OCB`. When using `CCM`,
+the `plaintextLength` option must be specified and its value must match the
+length of the plaintext in bytes. See [CCM mode][].
 
 The `cipher.setAAD()` method must be called before [`cipher.update()`][].
 
@@ -344,7 +376,7 @@ changes:
     description: The default `inputEncoding` changed from `binary` to `utf8`.
 -->
 
-* `data` {string | Buffer | TypedArray | DataView}
+* `data` {string|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of the data.
 * `outputEncoding` {string} The [encoding][] of the return value.
 * Returns: {Buffer | string}
@@ -480,14 +512,19 @@ than once will result in an error being thrown.
 <!-- YAML
 added: v1.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    decription: The buffer argument can be a string or ArrayBuffer and is
+                limited to no more than 2 ** 31 - 1 bytes.
   - version: v7.2.0
     pr-url: https://github.com/nodejs/node/pull/9398
     description: This method now returns a reference to `decipher`.
 -->
 
-* `buffer` {Buffer | TypedArray | DataView}
+* `buffer` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `options` {Object} [`stream.transform` options][]
   * `plaintextLength` {number}
+  * `encoding` {string} String encoding to use when `buffer` is a string.
 * Returns: {Decipher} for method chaining.
 
 When using an authenticated encryption mode (`GCM`, `CCM` and `OCB` are
@@ -500,10 +537,14 @@ of the ciphertext in bytes. See [CCM mode][].
 
 The `decipher.setAAD()` method must be called before [`decipher.update()`][].
 
-### `decipher.setAuthTag(buffer)`
+### `decipher.setAuthTag(buffer[, encoding])`
 <!-- YAML
 added: v1.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    decription: The buffer argument can be a string or ArrayBuffer and is
+                limited to no more than 2 ** 31 - 1 bytes.
   - version: v11.0.0
     pr-url: https://github.com/nodejs/node/pull/17825
     description: This method now throws if the GCM tag length is invalid.
@@ -512,7 +553,8 @@ changes:
     description: This method now returns a reference to `decipher`.
 -->
 
-* `buffer` {Buffer | TypedArray | DataView}
+* `buffer` {string|Buffer|ArrayBuffer|TypedArray|DataView}
+* `encoding` {string} String encoding to use when `buffer` is a string.
 * Returns: {Decipher} for method chaining.
 
 When using an authenticated encryption mode (`GCM`, `CCM` and `OCB` are
@@ -554,7 +596,7 @@ changes:
     description: The default `inputEncoding` changed from `binary` to `utf8`.
 -->
 
-* `data` {string | Buffer | TypedArray | DataView}
+* `data` {string|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of the `data` string.
 * `outputEncoding` {string} The [encoding][] of the return value.
 * Returns: {Buffer | string}
@@ -610,7 +652,7 @@ assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex'));
 added: v0.5.0
 -->
 
-* `otherPublicKey` {string | Buffer | TypedArray | DataView}
+* `otherPublicKey` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of an `otherPublicKey` string.
 * `outputEncoding` {string} The [encoding][] of the return value.
 * Returns: {Buffer | string}
@@ -693,7 +735,7 @@ string is returned; otherwise a [`Buffer`][] is returned.
 added: v0.5.0
 -->
 
-* `privateKey` {string | Buffer | TypedArray | DataView}
+* `privateKey` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `encoding` {string} The [encoding][] of the `privateKey` string.
 
 Sets the Diffie-Hellman private key. If the `encoding` argument is provided,
@@ -706,7 +748,7 @@ to be a [`Buffer`][], `TypedArray`, or `DataView`.
 added: v0.5.0
 -->
 
-* `publicKey` {string | Buffer | TypedArray | DataView}
+* `publicKey` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `encoding` {string} The [encoding][] of the `publicKey` string.
 
 Sets the Diffie-Hellman public key. If the `encoding` argument is provided,
@@ -793,7 +835,7 @@ assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex'));
 added: v10.0.0
 -->
 
-* `key` {string | Buffer | TypedArray | DataView}
+* `key` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `curve` {string}
 * `inputEncoding` {string} The [encoding][] of the `key` string.
 * `outputEncoding` {string} The [encoding][] of the return value.
@@ -849,7 +891,7 @@ changes:
                  error
 -->
 
-* `otherPublicKey` {string | Buffer | TypedArray | DataView}
+* `otherPublicKey` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of the `otherPublicKey` string.
 * `outputEncoding` {string} The [encoding][] of the return value.
 * Returns: {Buffer | string}
@@ -924,7 +966,7 @@ returned.
 added: v0.11.14
 -->
 
-* `privateKey` {string | Buffer | TypedArray | DataView}
+* `privateKey` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `encoding` {string} The [encoding][] of the `privateKey` string.
 
 Sets the EC Diffie-Hellman private key.
@@ -944,7 +986,7 @@ deprecated: v5.2.0
 
 > Stability: 0 - Deprecated
 
-* `publicKey` {string | Buffer | TypedArray | DataView}
+* `publicKey` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `encoding` {string} The [encoding][] of the `publicKey` string.
 
 Sets the EC Diffie-Hellman public key.
@@ -1105,7 +1147,7 @@ changes:
     description: The default `inputEncoding` changed from `binary` to `utf8`.
 -->
 
-* `data` {string | Buffer | TypedArray | DataView}
+* `data` {string|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of the `data` string.
 
 Updates the hash content with the given `data`, the encoding of which
@@ -1202,7 +1244,7 @@ changes:
     description: The default `inputEncoding` changed from `binary` to `utf8`.
 -->
 
-* `data` {string | Buffer | TypedArray | DataView}
+* `data` {string|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of the `data` string.
 
 Updates the `Hmac` content with the given `data`, the encoding of which
@@ -1413,6 +1455,9 @@ console.log(verify.verify(publicKey, signature));
 <!-- YAML
 added: v0.1.92
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The privateKey can also be an ArrayBuffer and CryptoKey.
   - version: v12.0.0
     pr-url: https://github.com/nodejs/node/pull/26960
     description: This function now supports RSA-PSS keys.
@@ -1424,12 +1469,14 @@ changes:
     description: Support for RSASSA-PSS and additional options was added.
 -->
 
-* `privateKey` {Object | string | Buffer | KeyObject}
+<!--lint disable maximum-line-length remark-lint-->
+* `privateKey` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
   * `dsaEncoding` {string}
   * `padding` {integer}
   * `saltLength` {integer}
 * `outputEncoding` {string} The [encoding][] of the return value.
 * Returns: {Buffer | string}
+<!--lint enable maximum-line-length remark-lint-->
 
 Calculates the signature on all the data passed through using either
 [`sign.update()`][] or [`sign.write()`][stream-writable-write].
@@ -1471,7 +1518,7 @@ changes:
     description: The default `inputEncoding` changed from `binary` to `utf8`.
 -->
 
-* `data` {string | Buffer | TypedArray | DataView}
+* `data` {string|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of the `data` string.
 
 Updates the `Sign` content with the given `data`, the encoding of which
@@ -1511,7 +1558,7 @@ changes:
     description: The default `inputEncoding` changed from `binary` to `utf8`.
 -->
 
-* `data` {string | Buffer | TypedArray | DataView}
+* `data` {string|Buffer|TypedArray|DataView}
 * `inputEncoding` {string} The [encoding][] of the `data` string.
 
 Updates the `Verify` content with the given `data`, the encoding of which
@@ -1526,6 +1573,9 @@ This can be called many times with new data as it is streamed.
 <!-- YAML
 added: v0.1.92
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The object can also be an ArrayBuffer and CryptoKey.
   - version: v12.0.0
     pr-url: https://github.com/nodejs/node/pull/26960
     description: This function now supports RSA-PSS keys.
@@ -1537,14 +1587,16 @@ changes:
     description: Support for RSASSA-PSS and additional options was added.
 -->
 
-* `object` {Object | string | Buffer | KeyObject}
+<!--lint disable maximum-line-length remark-lint-->
+* `object` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
   * `dsaEncoding` {string}
   * `padding` {integer}
   * `saltLength` {integer}
-* `signature` {string | Buffer | TypedArray | DataView}
+* `signature` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `signatureEncoding` {string} The [encoding][] of the `signature` string.
 * Returns: {boolean} `true` or `false` depending on the validity of the
   signature for the data and public key.
+<!--lint enable maximum-line-length remark-lint-->
 
 Verifies the provided data using the given `object` and `signature`.
 
@@ -1632,6 +1684,10 @@ This property is deprecated. Please use `crypto.setFips()` and
 added: v0.1.94
 deprecated: v10.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The password argument can be an ArrayBuffer and is limited to
+                 a maximum of 2 ** 31 - 1 bytes.
   - version: v10.10.0
     pr-url: https://github.com/nodejs/node/pull/21447
     description: Ciphers in OCB mode are now supported.
@@ -1644,7 +1700,7 @@ changes:
 > Stability: 0 - Deprecated: Use [`crypto.createCipheriv()`][] instead.
 
 * `algorithm` {string}
-* `password` {string | Buffer | TypedArray | DataView}
+* `password` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `options` {Object} [`stream.transform` options][]
 * Returns: {Cipher}
 
@@ -1687,6 +1743,10 @@ Adversaries][] for details.
 <!-- YAML
 added: v0.1.94
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The password and iv arguments can be an ArrayBuffer and are
+                 each limited to a maximum of 2 ** 31 - 1 bytes.
   - version: v11.6.0
     pr-url: https://github.com/nodejs/node/pull/24234
     description: The `key` argument can now be a `KeyObject`.
@@ -1709,8 +1769,8 @@ changes:
 -->
 
 * `algorithm` {string}
-* `key` {string | Buffer | TypedArray | DataView | KeyObject}
-* `iv` {string | Buffer | TypedArray | DataView | null}
+* `key` {string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+* `iv` {string|ArrayBuffer|Buffer|TypedArray|DataView|null}
 * `options` {Object} [`stream.transform` options][]
 * Returns: {Cipher}
 
@@ -1755,7 +1815,7 @@ changes:
 > Stability: 0 - Deprecated: Use [`crypto.createDecipheriv()`][] instead.
 
 * `algorithm` {string}
-* `password` {string | Buffer | TypedArray | DataView}
+* `password` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `options` {Object} [`stream.transform` options][]
 * Returns: {Decipher}
 
@@ -1805,8 +1865,8 @@ changes:
 -->
 
 * `algorithm` {string}
-* `key` {string | Buffer | TypedArray | DataView | KeyObject}
-* `iv` {string | Buffer | TypedArray | DataView | null}
+* `key` {string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+* `iv` {string|ArrayBuffer|Buffer|TypedArray|DataView|null}
 * `options` {Object} [`stream.transform` options][]
 * Returns: {Decipher}
 
@@ -1854,10 +1914,10 @@ changes:
                  from `binary` to `utf8`.
 -->
 
-* `prime` {string | Buffer | TypedArray | DataView}
+* `prime` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `primeEncoding` {string} The [encoding][] of the `prime` string.
-* `generator` {number | string | Buffer | TypedArray | DataView} **Default:**
-  `2`
+* `generator` {number|string|ArrayBuffer|Buffer|TypedArray|DataView}
+  **Default:** `2`
 * `generatorEncoding` {string} The [encoding][] of the `generator` string.
 * Returns: {DiffieHellman}
 
@@ -1960,14 +2020,20 @@ input.on('readable', () => {
 <!-- YAML
 added: v0.1.94
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The key can also be an ArrayBuffer or CryptoKey. The
+                 encoding option was added. The key cannot contain
+                 more than 2 ** 32 - 1 bytes.
   - version: v11.6.0
     pr-url: https://github.com/nodejs/node/pull/24234
     description: The `key` argument can now be a `KeyObject`.
 -->
 
 * `algorithm` {string}
-* `key` {string | Buffer | TypedArray | DataView | KeyObject}
+* `key` {string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
 * `options` {Object} [`stream.transform` options][]
+  * `encoding` {string} The string encoding to use when `key` is a string.
 * Returns: {Hmac}
 
 Creates and returns an `Hmac` object that uses the given `algorithm` and `key`.
@@ -2007,15 +2073,24 @@ input.on('readable', () => {
 ### `crypto.createPrivateKey(key)`
 <!-- YAML
 added: v11.6.0
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The key can also be an ArrayBuffer. The encoding option was
+                 added. The key cannot contain more than 2 ** 32 - 1 bytes.
 -->
 
-* `key` {Object | string | Buffer}
-  * `key`: {string | Buffer} The key material, either in PEM or DER format.
+<!--lint disable maximum-line-length remark-lint-->
+* `key` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView}
+  * `key`: {string|ArrayBuffer|Buffer|TypedArray|DataView} The key material,
+    either in PEM or DER format.
   * `format`: {string} Must be `'pem'` or `'der'`. **Default:** `'pem'`.
   * `type`: {string} Must be `'pkcs1'`, `'pkcs8'` or `'sec1'`. This option is
      required only if the `format` is `'der'` and ignored if it is `'pem'`.
   * `passphrase`: {string | Buffer} The passphrase to use for decryption.
+  * `encoding`: {string} The string encoding to use when `key` is a string.
 * Returns: {KeyObject}
+<!--lint enable maximum-line-length remark-lint-->
 
 Creates and returns a new key object containing a private key. If `key` is a
 string or `Buffer`, `format` is assumed to be `'pem'`; otherwise, `key`
@@ -2028,6 +2103,10 @@ of the passphrase is limited to 1024 bytes.
 <!-- YAML
 added: v11.6.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The key can also be an ArrayBuffer. The encoding option was
+                 added. The key cannot contain more than 2 ** 32 - 1 bytes.
   - version: v11.13.0
     pr-url: https://github.com/nodejs/node/pull/26278
     description: The `key` argument can now be a `KeyObject` with type
@@ -2037,12 +2116,15 @@ changes:
     description: The `key` argument can now be a private key.
 -->
 
-* `key` {Object | string | Buffer | KeyObject}
-  * `key`: {string | Buffer}
+<!--lint disable maximum-line-length remark-lint-->
+* `key` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView}
+  * `key`: {string|ArrayBuffer|Buffer|TypedArray|DataView}
   * `format`: {string} Must be `'pem'` or `'der'`. **Default:** `'pem'`.
   * `type`: {string} Must be `'pkcs1'` or `'spki'`. This option is required
     only if the `format` is `'der'`.
+  * `encoding` {string} The string encoding to use when `key` is a string.
 * Returns: {KeyObject}
+<!--lint enable maximum-line-length remark-lint-->
 
 Creates and returns a new key object containing a public key. If `key` is a
 string or `Buffer`, `format` is assumed to be `'pem'`; if `key` is a `KeyObject`
@@ -2059,12 +2141,18 @@ extracted from the returned `KeyObject`. Similarly, if a `KeyObject` with type
 `'private'` is given, a new `KeyObject` with type `'public'` will be returned
 and it will be impossible to extract the private key from the returned object.
 
-### `crypto.createSecretKey(key)`
+### `crypto.createSecretKey(key[, encoding])`
 <!-- YAML
 added: v11.6.0
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The key can also be an ArrayBuffer. The encoding argument was
+                 added. The key cannot contain more than 2 ** 32 - 1 bytes.
 -->
 
-* `key` {Buffer | TypedArray | DataView}
+* `key` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `encoding` {string} The string encoding when `key` is a string.
 * Returns: {KeyObject}
 
 Creates and returns a new key object containing a secret key for symmetric
@@ -2125,6 +2213,61 @@ Computes the Diffie-Hellman secret based on a `privateKey` and a `publicKey`.
 Both keys must have the same `asymmetricKeyType`, which must be one of `'dh'`
 (for Diffie-Hellman), `'ec'` (for ECDH), `'x448'`, or `'x25519'` (for ECDH-ES).
 
+### `crypto.generateKey(type, options, callback)`
+<!-- YAML
+added: REPLACEME
+-->
+
+* `type`: {string} The intended use of the generated secret key. Currently
+  accepted values are `'hmac'` and `'aes'`.
+* `options`: {Object}
+  * `length`: {number} The bit length of the key to generate. This must be a
+    value greater than 0.
+    * If `type` is `'hmac'`, the minimum is 1, and the maximum length is
+      2<sup>31</sup>-1. If the value is not a multiple of 8, the generated
+      key will be truncated to `Math.floor(length / 8)`.
+    * If `type` is `'aes'`, the length must be one of `128` or `256`.
+* `callback`: {Function}
+  * `err`: {Error}
+  * `key`: {KeyObject}
+
+Asynchronously generates a new random secret key of the given `length`. The
+`type` will determine which validations will be performed on the `length`.
+
+```js
+const { generateKey } = require('crypto');
+
+generateKey('hmac', { length: 64 }, (err, key) => {
+  if (err) throw err;
+  console.log(key.export().toString('hex'));  // 46e..........620
+});
+```
+
+### `crypto.generateKeySync(type, options)`
+<!-- YAML
+added: REPLACEME
+-->
+
+* `type`: {string} The intended use of the generated secret key. Currently
+  accepted values are `'hmac'` and `'aes'`.
+* `options`: {Object}
+  * `length`: {number} The bit length of the key to generate.
+    * If `type` is `'hmac'`, the minimum is 1, and the maximum length is
+      2<sup>31</sup>-1. If the value is not a multiple of 8, the generated
+      key will be truncated to `Math.floor(length / 8)`.
+    * If `type` is `'aes'`, the length must be one of `128` or `256`.
+* Returns: {KeyObject}
+
+Synchronously generates a new random secret key of the given `length`. The
+`type` will determine which validations will be performed on the `length`.
+
+```js
+const { generateKeySync } = require('crypto');
+
+const key = generateKeySync('hmac', 64);
+console.log(key.export().toString('hex'));  // e89..........41e
+```
+
 ### `crypto.generateKeyPair(type, options, callback)`
 <!-- YAML
 added: v10.12.0
@@ -2351,10 +2494,84 @@ const hashes = crypto.getHashes();
 console.log(hashes); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...]
 ```
 
+### `crypto.hkdf(digest, key, salt, info, keylen, callback)`
+<!-- YAML
+added: REPLACEME
+-->
+
+* `digest` {string} The digest algorithm to use.
+* `key` {string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject} The secret
+  key. It must be at least one byte in length.
+* `salt` {string|ArrayBuffer|Buffer|TypedArray|DataView} The salt value. Must
+  be provided but can be zero-length.
+* `info` {string|ArrayBuffer|Buffer|TypedArray|DataView} Additional info value.
+  Must be provided but can be zero-length, and cannot be more than 1024 bytes.
+* `keylen` {number} The length of the key to generate. Must be greater than 0.
+  The maximum allowable value is `255` times the number of bytes produced by
+  the selected digest function (e.g. `sha512` generates 64-byte hashes, making
+  the maximum HKDF output 16320 bytes).
+* `callback` {Function}
+  * `err` {Error}
+  * `derivedKey` {Buffer}
+
+HKDF is a simple key derivation function defined in RFC 5869. The given `key`,
+`salt` and `info` are used with the `digest` to derive a key of `keylen` bytes.
+
+The supplied `callback` function is called with two arguments: `err` and
+`derivedKey`. If an errors occurs while deriving the key, `err` will be set;
+otherwise `err` will be `null`. The successfully generated `derivedKey` will
+be passed to the callback as an {ArrayBuffer}. An error will be thrown if any
+of the input aguments specify invalid values or types.
+
+```js
+const crypto = require('crypto');
+crypto.hkdf('sha512', 'key', 'salt', 'info', 64, (err, derivedKey) => {
+  if (err) throw err;
+  console.log(Buffer.from(derivedKey).toString('hex'));  // '24156e2...5391653'
+});
+```
+
+### `crypto.hkdfSync(digest, key, salt, info, keylen)`
+<!-- YAML
+added: REPLACEME
+-->
+
+* `digest` {string} The digest algorithm to use.
+* `key` {string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject} The secret
+  key. It must be at least one byte in length.
+* `salt` {string|ArrayBuffer|Buffer|TypedArray|DataView} The salt value. Must
+  be provided but can be zero-length.
+* `info` {string|ArrayBuffer|Buffer|TypedArray|DataView} Additional info value.
+  Must be provided but can be zero-length, and cannot be more than 1024 bytes.
+* `keylen` {number} The length of the key to generate. Must be greater than 0.
+  The maximum allowable value is `255` times the number of bytes produced by
+  the selected digest function (e.g. `sha512` generates 64-byte hashes, making
+  the maximum HKDF output 16320 bytes).
+* Returns: {ArrayBuffer}
+
+Provides a synchronous HKDF key derivation function as defined in RFC 5869. The
+given `key`, `salt` and `info` are used with the `digest` to derive a key of
+`keylen` bytes.
+
+The successfully generated `derivedKey` will be returned as an {ArrayBuffer}.
+
+An error will be thrown if any of the input aguments specify invalid values or
+types, or if the derived key cannot be generated.
+
+```js
+const crypto = require('crypto');
+const derivedKey = crypto.hkdfSync('sha512', 'key', 'salt', 'info', 64);
+console.log(Buffer.from(derivedKey).toString('hex'));  // '24156e2...5391653'
+```
+
 ### `crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)`
 <!-- YAML
 added: v0.5.5
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The password and salt arguments can also be ArrayBuffer
+                 instances.
   - version: v14.0.0
     pr-url: https://github.com/nodejs/node/pull/30578
     description: The `iterations` parameter is now restricted to positive
@@ -2372,8 +2589,8 @@ changes:
                  from `binary` to `utf8`.
 -->
 
-* `password` {string|Buffer|TypedArray|DataView}
-* `salt` {string|Buffer|TypedArray|DataView}
+* `password` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `salt` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `iterations` {number}
 * `keylen` {number}
 * `digest` {string}
@@ -2497,6 +2714,12 @@ An array of supported digest functions can be retrieved using
 <!-- YAML
 added: v0.11.14
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: Added string, ArrayBuffer, and CryptoKey as allowable key
+                 types. The oaepLabel can be an ArrayBuffer. The buffer can
+                 be a string or ArrayBuffer. All types that accept buffers
+                 are limited to a maximum of 2 ** 31 - 1 bytes.
   - version: v12.11.0
     pr-url: https://github.com/nodejs/node/pull/29489
     description: The `oaepLabel` option was added.
@@ -2508,17 +2731,19 @@ changes:
     description: This function now supports key objects.
 -->
 
-* `privateKey` {Object | string | Buffer | KeyObject}
+<!--lint disable maximum-line-length remark-lint-->
+* `privateKey` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
   * `oaepHash` {string} The hash function to use for OAEP padding and MGF1.
     **Default:** `'sha1'`
-  * `oaepLabel` {Buffer | TypedArray | DataView} The label to use for OAEP
-     padding. If not specified, no label is used.
+  * `oaepLabel` {string|ArrayBuffer|Buffer|TypedArray|DataView} The label to
+     use for OAEP padding. If not specified, no label is used.
   * `padding` {crypto.constants} An optional padding value defined in
     `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING`,
     `crypto.constants.RSA_PKCS1_PADDING`, or
     `crypto.constants.RSA_PKCS1_OAEP_PADDING`.
-* `buffer` {Buffer | TypedArray | DataView}
+* `buffer` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * Returns: {Buffer} A new `Buffer` with the decrypted content.
+<!--lint enable maximum-line-length remark-lint-->
 
 Decrypts `buffer` with `privateKey`. `buffer` was previously encrypted using
 the corresponding public key, for example using [`crypto.publicEncrypt()`][].
@@ -2532,19 +2757,31 @@ object, the `padding` property can be passed. Otherwise, this function uses
 <!-- YAML
 added: v1.1.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: Added string, ArrayBuffer, and CryptoKey as allowable key
+                 types. The passphrase can be an ArrayBuffer. The buffer can
+                 be a string or ArrayBuffer. All types that accept buffers
+                 are limited to a maximum of 2 ** 31 - 1 bytes.
   - version: v11.6.0
     pr-url: https://github.com/nodejs/node/pull/24234
     description: This function now supports key objects.
 -->
 
-* `privateKey` {Object | string | Buffer | KeyObject}
-  * `key` {string | Buffer | KeyObject} A PEM encoded private key.
-  * `passphrase` {string | Buffer} An optional passphrase for the private key.
+<!--lint disable maximum-line-length remark-lint-->
+* `privateKey` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+  * `key` {string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+    A PEM encoded private key.
+  * `passphrase` {string|ArrayBuffer|Buffer|TypedArray|DataView} An optional
+    passphrase for the private key.
   * `padding` {crypto.constants} An optional padding value defined in
     `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING` or
     `crypto.constants.RSA_PKCS1_PADDING`.
-* `buffer` {Buffer | TypedArray | DataView}
+  * `encoding` {string} The string encoding to use when `buffer`, `key`,
+    or 'passphrase` are strings.
+* `buffer` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * Returns: {Buffer} A new `Buffer` with the encrypted content.
+<!--lint enable maximum-line-length remark-lint-->
 
 Encrypts `buffer` with `privateKey`. The returned data can be decrypted using
 the corresponding public key, for example using [`crypto.publicDecrypt()`][].
@@ -2558,18 +2795,29 @@ object, the `padding` property can be passed. Otherwise, this function uses
 <!-- YAML
 added: v1.1.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: Added string, ArrayBuffer, and CryptoKey as allowable key
+                 types. The passphrase can be an ArrayBuffer. The buffer can
+                 be a string or ArrayBuffer. All types that accept buffers
+                 are limited to a maximum of 2 ** 31 - 1 bytes.
   - version: v11.6.0
     pr-url: https://github.com/nodejs/node/pull/24234
     description: This function now supports key objects.
 -->
 
-* `key` {Object | string | Buffer | KeyObject}
-  * `passphrase` {string | Buffer} An optional passphrase for the private key.
+<!--lint disable maximum-line-length remark-lint-->
+* `key` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+  * `passphrase` {string|ArrayBuffer|Buffer|TypedArray|DataView} An optional
+    passphrase for the private key.
   * `padding` {crypto.constants} An optional padding value defined in
     `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING` or
     `crypto.constants.RSA_PKCS1_PADDING`.
-* `buffer` {Buffer | TypedArray | DataView}
+  * `encoding` {string} The string encoding to use when `buffer`, `key`,
+    or 'passphrase` are strings.
+* `buffer` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * Returns: {Buffer} A new `Buffer` with the decrypted content.
+<!--lint enable maximum-line-length remark-lint-->
 
 Decrypts `buffer` with `key`.`buffer` was previously encrypted using
 the corresponding private key, for example using [`crypto.privateEncrypt()`][].
@@ -2586,6 +2834,12 @@ be passed instead of a public key.
 <!-- YAML
 added: v0.11.14
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: Added string, ArrayBuffer, and CryptoKey as allowable key
+                 types. The oaepLabel and passphrase can be ArrayBuffers. The
+                 buffer can be a string or ArrayBuffer. All types that accept
+                 buffers are limited to a maximum of 2 ** 31 - 1 bytes.
   - version: v12.11.0
     pr-url: https://github.com/nodejs/node/pull/29489
     description: The `oaepLabel` option was added.
@@ -2597,19 +2851,25 @@ changes:
     description: This function now supports key objects.
 -->
 
-* `key` {Object | string | Buffer | KeyObject}
-  * `key` {string | Buffer | KeyObject} A PEM encoded public or private key.
+<!--lint disable maximum-line-length remark-lint-->
+* `key` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+  * `key` {string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+    A PEM encoded public or private key, {KeyObject}, or {CryptoKey}.
   * `oaepHash` {string} The hash function to use for OAEP padding and MGF1.
     **Default:** `'sha1'`
-  * `oaepLabel` {Buffer | TypedArray | DataView} The label to use for OAEP
-     padding. If not specified, no label is used.
-  * `passphrase` {string | Buffer} An optional passphrase for the private key.
+  * `oaepLabel` {string|ArrayBuffer|Buffer|TypedArray|DataView} The label to
+    use for OAEP padding. If not specified, no label is used.
+  * `passphrase` {string|ArrayBuffer|Buffer|TypedArray|DataView} An optional
+    passphrase for the private key.
   * `padding` {crypto.constants} An optional padding value defined in
     `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING`,
     `crypto.constants.RSA_PKCS1_PADDING`, or
     `crypto.constants.RSA_PKCS1_OAEP_PADDING`.
-* `buffer` {Buffer | TypedArray | DataView}
+  * `encoding` {string} The string encoding to use when `buffer`, `key`,
+    `oaepLabel`, or 'passphrase` are strings.
+* `buffer` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * Returns: {Buffer} A new `Buffer` with the encrypted content.
+<!--lint enable maximum-line-length remark-lint-->
 
 Encrypts the content of `buffer` with `key` and returns a new
 [`Buffer`][] with encrypted content. The returned data can be decrypted using
@@ -2633,7 +2893,8 @@ changes:
                  `ERR_INVALID_CALLBACK`.
 -->
 
-* `size` {number}
+* `size` {number} The number of bytes to generate.  The `size` must
+  not be larger than `2**31 - 1`.
 * `callback` {Function}
   * `err` {Error}
   * `buf` {Buffer}
@@ -2693,10 +2954,13 @@ changes:
     description: The `buffer` argument may be any `TypedArray` or `DataView`.
 -->
 
-* `buffer` {Buffer|TypedArray|DataView} Must be supplied.
+* `buffer` {ArrayBuffer|Buffer|TypedArray|DataView} Must be supplied. The
+  size of the provided `buffer` must not be larger than `2**31 - 1`.
 * `offset` {number} **Default:** `0`
-* `size` {number} **Default:** `buffer.length - offset`
-* Returns: {Buffer|TypedArray|DataView} The object passed as `buffer` argument.
+* `size` {number} **Default:** `buffer.length - offset`. The `size` must
+  not be larger than `2**31 - 1`.
+* Returns: {ArrayBuffer|Buffer|TypedArray|DataView} The object passed as
+  `buffer` argument.
 
 Synchronous version of [`crypto.randomFill()`][].
 
@@ -2712,7 +2976,8 @@ crypto.randomFillSync(buf, 5, 5);
 console.log(buf.toString('hex'));
 ```
 
-Any `TypedArray` or `DataView` instance may be passed as `buffer`.
+Any `ArrayBuffer`, `TypedArray` or `DataView` instance may be passed as
+`buffer`.
 
 ```js
 const a = new Uint32Array(10);
@@ -2726,6 +2991,9 @@ console.log(Buffer.from(crypto.randomFillSync(b).buffer,
 const c = new DataView(new ArrayBuffer(10));
 console.log(Buffer.from(crypto.randomFillSync(c).buffer,
                         c.byteOffset, c.byteLength).toString('hex'));
+
+const d = new ArrayBuffer(10);
+console.log(Buffer.from(crypto.randomFillSync(d)).toString('hex'));
 ```
 
 ### `crypto.randomFill(buffer[, offset][, size], callback)`
@@ -2739,9 +3007,11 @@ changes:
     description: The `buffer` argument may be any `TypedArray` or `DataView`.
 -->
 
-* `buffer` {Buffer|TypedArray|DataView} Must be supplied.
+* `buffer` {ArrayBuffer|Buffer|TypedArray|DataView} Must be supplied. The
+  size of the provided `buffer` must not be larger than `2**31 - 1`.
 * `offset` {number} **Default:** `0`
-* `size` {number} **Default:** `buffer.length - offset`
+* `size` {number} **Default:** `buffer.length - offset`. The `size` must
+  not be larger than `2**31 - 1`.
 * `callback` {Function} `function(err, buf) {}`.
 
 This function is similar to [`crypto.randomBytes()`][] but requires the first
@@ -2769,7 +3039,8 @@ crypto.randomFill(buf, 5, 5, (err, buf) => {
 });
 ```
 
-Any `TypedArray` or `DataView` instance may be passed as `buffer`.
+Any `ArrayBuffer` `TypedArray` or `DataView` instance may be passed as
+`buffer`.
 
 ```js
 const a = new Uint32Array(10);
@@ -2792,6 +3063,12 @@ crypto.randomFill(c, (err, buf) => {
   console.log(Buffer.from(buf.buffer, buf.byteOffset, buf.byteLength)
     .toString('hex'));
 });
+
+const d = new ArrayBuffer(10);
+crypto.randomFill(d, (err, buf) => {
+  if (err) throw err;
+  console.log(Buffer.from(buf).toString('hex'));
+});
 ```
 
 This API uses libuv's threadpool, which can have surprising and
@@ -2847,6 +3124,10 @@ console.log(`The dice rolled: ${n}`);
 <!-- YAML
 added: v10.5.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The password and salt arguments can also be ArrayBuffer
+                 instances.
   - version:
      - v12.8.0
      - v10.17.0
@@ -2858,8 +3139,8 @@ changes:
                  have been added.
 -->
 
-* `password` {string|Buffer|TypedArray|DataView}
-* `salt` {string|Buffer|TypedArray|DataView}
+* `password` {string|ArrayBuffer|Buffer|TypedArray|DataView}
+* `salt` {string|ArrayBuffer|Buffer|TypedArray|DataView}
 * `keylen` {number}
 * `options` {Object}
   * `cost` {number} CPU/memory cost parameter. Must be a power of two greater
@@ -3005,10 +3286,12 @@ Throws an error if FIPS mode is not available.
 added: v12.0.0
 -->
 
+<!--lint disable maximum-line-length remark-lint-->
 * `algorithm` {string | null | undefined}
-* `data` {Buffer | TypedArray | DataView}
-* `key` {Object | string | Buffer | KeyObject}
+* `data` {ArrayBuffer|Buffer|TypedArray|DataView}
+* `key` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
 * Returns: {Buffer}
+<!--lint enable maximum-line-length remark-lint-->
 
 Calculates and returns the signature for `data` using the given private key and
 algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is
@@ -3037,10 +3320,14 @@ additional properties can be passed:
 ### `crypto.timingSafeEqual(a, b)`
 <!-- YAML
 added: v6.6.0
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The a and b arguments can also be ArrayBuffer.
 -->
 
-* `a` {Buffer | TypedArray | DataView}
-* `b` {Buffer | TypedArray | DataView}
+* `a` {ArrayBuffer|Buffer|TypedArray|DataView}
+* `b` {ArrayBuffer|Buffer|TypedArray|DataView}
 * Returns: {boolean}
 
 This function is based on a constant-time algorithm.
@@ -3059,13 +3346,19 @@ not introduce timing vulnerabilities.
 ### `crypto.verify(algorithm, data, key, signature)`
 <!-- YAML
 added: v12.0.0
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/35093
+    description: The data, key, and signature arguments can also be ArrayBuffer.
 -->
 
-* `algorithm` {string | null | undefined}
-* `data` {Buffer | TypedArray | DataView}
-* `key` {Object | string | Buffer | KeyObject}
-* `signature` {Buffer | TypedArray | DataView}
+<!--lint disable maximum-line-length remark-lint-->
+* `algorithm` {string|null|undefined}
+* `data` {ArrayBuffer| Buffer|TypedArray|DataView}
+* `key` {Object|string|ArrayBuffer|Buffer|TypedArray|DataView|KeyObject|CryptoKey}
+* `signature` {ArrayBuffer|Buffer|TypedArray|DataView}
 * Returns: {boolean}
+<!--lint enable maximum-line-length remark-lint-->
 
 Verifies the given signature for `data` using the given key and algorithm. If
 `algorithm` is `null` or `undefined`, then the algorithm is dependent upon the
@@ -3096,6 +3389,15 @@ The `signature` argument is the previously calculated signature for the `data`.
 Because public keys can be derived from private keys, a private key or a public
 key may be passed for `key`.
 
+### `crypto.webcrypto`
+<!-- YAML
+added: REPLACEME
+-->
+
+Type: {Crypto} An implementation of the Web Crypto API standard.
+
+See the [Web Crypto API documentation][] for details.
+
 ## Notes
 
 ### Legacy streams API (prior to Node.js 0.10)
@@ -3573,6 +3875,7 @@ See the [list of SSL OP Flags][] for details.
 [RFC 3610]: https://www.rfc-editor.org/rfc/rfc3610.txt
 [RFC 4055]: https://www.rfc-editor.org/rfc/rfc4055.txt
 [RFC 5208]: https://www.rfc-editor.org/rfc/rfc5208.txt
+[Web Crypto API documentation]: webcrypto.md
 [`Buffer`]: buffer.md
 [`EVP_BytesToKey`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_BytesToKey.html
 [`KeyObject`]: #crypto_class_keyobject
@@ -3591,7 +3894,7 @@ See the [list of SSL OP Flags][] for details.
 [`crypto.createHmac()`]: #crypto_crypto_createhmac_algorithm_key_options
 [`crypto.createPrivateKey()`]: #crypto_crypto_createprivatekey_key
 [`crypto.createPublicKey()`]: #crypto_crypto_createpublickey_key
-[`crypto.createSecretKey()`]: #crypto_crypto_createsecretkey_key
+[`crypto.createSecretKey()`]: #crypto_crypto_createsecretkey_key_encoding
 [`crypto.createSign()`]: #crypto_crypto_createsign_algorithm_options
 [`crypto.createVerify()`]: #crypto_crypto_createverify_algorithm_options
 [`crypto.getCurves()`]: #crypto_crypto_getcurves
author	James M Snell <jasnell@gmail.com>	2020-08-25 20:05:51 +0300
committer	James M Snell <jasnell@gmail.com>	2020-10-08 03:27:05 +0300
commit	dae283d96fd31ad0f30840a7e55ac97294f505ac (patch)
tree	8f7f87e50411e8965cb83d9b280035f36d355fbc /doc/api/crypto.md
parent	ba77dc8597cbcf42feea59f1381512d421ec9cc5 (diff)