sign.sign(privateKey[, outputEncoding])


使用 sign.update()sign.write() 计算通过的所有数据的签名。

如果 privateKey 不是 KeyObject,则此函数的行为就像将 privateKey 传给 crypto.createPrivateKey() 一样。 如果是对象,则可以传入以下额外属性:

  • dsaEncoding <string> 对于 DSA 和 ECDSA,此选项指定生成签名的格式。 它可以是以下之一:

    • 'der'(默认):DER 编码的 ASN.1 签名结构编码 (r, s)
    • 'ieee-p1363': IEEE-P1363 中提议的签名格式 r || s
  • padding <integer> RSA 的可选填充值,以下之一:

    • crypto.constants.RSA_PKCS1_PADDING(默认)
    • crypto.constants.RSA_PKCS1_PSS_PADDING

    RSA_PKCS1_PSS_PADDING 将使用具有与 RFC 4055 的第 3.1 章节中指定的消息签名相同的散列函数的 MGF1,除非 MGF1 散列函数已被指定为符合 RFC 4055 的第 3.3 章节的密钥的一部分。

  • saltLength <integer> 填充为 RSA_PKCS1_PSS_PADDING 时的盐长度。 特殊值 crypto.constants.RSA_PSS_SALTLEN_DIGEST 将盐长度设置为摘要大小,crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN(默认值)将其设置为最大允许值。

如果提供了 outputEncoding,则返回字符串;否则返回 Buffer

Sign 对象在调用 sign.sign() 方法后不能再次使用。 多次调用 sign.sign() 将导致抛出错误。

Calculates the signature on all the data passed through using either sign.update() or sign.write().

If privateKey is not a KeyObject, this function behaves as if privateKey had been passed to crypto.createPrivateKey(). If it is an object, the following additional properties can be passed:

  • dsaEncoding <string> For DSA and ECDSA, this option specifies the format of the generated signature. It can be one of the following:

    • 'der' (default): DER-encoded ASN.1 signature structure encoding (r, s).
    • 'ieee-p1363': Signature format r || s as proposed in IEEE-P1363.
  • padding <integer> Optional padding value for RSA, one of the following:

    • crypto.constants.RSA_PKCS1_PADDING (default)
    • crypto.constants.RSA_PKCS1_PSS_PADDING

    RSA_PKCS1_PSS_PADDING will use MGF1 with the same hash function used to sign the message as specified in section 3.1 of RFC 4055, unless an MGF1 hash function has been specified as part of the key in compliance with section 3.3 of RFC 4055.

  • saltLength <integer> Salt length for when padding is RSA_PKCS1_PSS_PADDING. The special value crypto.constants.RSA_PSS_SALTLEN_DIGEST sets the salt length to the digest size, crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN (default) sets it to the maximum permissible value.

If outputEncoding is provided a string is returned; otherwise a Buffer is returned.

The Sign object can not be again used after sign.sign() method has been called. Multiple calls to sign.sign() will result in an error being thrown.