The crypto module provides cryptographic functionality including hashing, encryption, and secure random generation. Here's how to use it.
Hashing#
Loading code block...
HMAC (Hash-based Message Authentication)#
Loading code block...
Password Hashing#
Loading code block...
Random Bytes#
Loading code block...
UUID Generation#
Loading code block...
Symmetric Encryption (AES)#
Loading code block...
Asymmetric Encryption (RSA)#
Loading code block...
Digital Signatures#
Loading code block...
Key Derivation#
Loading code block...
Secure Token Generation#
Loading code block...
File Hashing#
Loading code block...
Best Practices#
Hashing:
✓ Use SHA-256 or SHA-512
✓ Use bcrypt/scrypt for passwords
✓ Always use salt
✓ Use timingSafeEqual for comparison
Encryption:
✓ Use AES-256-GCM for symmetric
✓ Use RSA-OAEP for asymmetric
✓ Generate random IVs
✓ Store keys securely
Random:
✓ Use crypto.randomBytes
✓ Use crypto.randomUUID for UUIDs
✓ Use crypto.randomInt for numbers
✓ Never use Math.random for security
Avoid:
✗ MD5 or SHA-1 for security
✗ Hardcoded keys/secrets
✗ ECB mode encryption
✗ Custom crypto implementations
Conclusion#
The Node.js crypto module provides comprehensive cryptographic functionality. Use modern algorithms like SHA-256 for hashing, AES-256-GCM for encryption, and scrypt for password hashing. Always use cryptographically secure random number generation and never roll your own crypto. Store keys securely and use appropriate key lengths for your security requirements.