crypto.generateKeyPair(type, options, callback)
-
type<string> 必须是'rsa'、'rsa-pss'、'dsa'、'ec'、'ed25519'、'ed448'、'x25519'、'x448'、'dh'、'ml-dsa-44'1、'ml-dsa-65'1 或'ml-dsa-87'1。¥
type<string> Must be'rsa','rsa-pss','dsa','ec','ed25519','ed448','x25519','x448','dh','ml-dsa-44'1,'ml-dsa-65'1, or'ml-dsa-87'1. -
options<Object>-
modulusLength<number> 以位为单位的密钥大小(RSA、DSA)。¥
modulusLength<number> Key size in bits (RSA, DSA). -
publicExponent<number> 公共指数 (RSA)。默认值:0x10001。¥
publicExponent<number> Public exponent (RSA). Default:0x10001. -
hashAlgorithm<string> 消息摘要的名称 (RSA-PSS)。¥
hashAlgorithm<string> Name of the message digest (RSA-PSS). -
mgf1HashAlgorithm<string> MGF1 (RSA-PSS) 使用的消息摘要的名称。¥
mgf1HashAlgorithm<string> Name of the message digest used by MGF1 (RSA-PSS). -
saltLength<number> 以字节为单位的最小盐长度 (RSA-PSS)。¥
saltLength<number> Minimal salt length in bytes (RSA-PSS). -
divisorLength<number>q的大小(以位为单位)(DSA)。¥
divisorLength<number> Size ofqin bits (DSA). -
namedCurve<string> 要使用的曲线的名称 (EC)。¥
namedCurve<string> Name of the curve to use (EC). -
prime<Buffer> 主要参数 (DH)。¥
prime<Buffer> The prime parameter (DH). -
primeLength<number> 以位 (DH) 为单位的素数长度。¥
primeLength<number> Prime length in bits (DH). -
generator<number> 自定义生成器 (DH)。默认值:2。¥
generator<number> Custom generator (DH). Default:2. -
groupName<string> Diffie-Hellman 组名 (DH)。参见crypto.getDiffieHellman()。¥
groupName<string> Diffie-Hellman group name (DH). Seecrypto.getDiffieHellman(). -
paramEncoding<string> 必须是'named'或'explicit'(EC)。默认值:'named'。¥
paramEncoding<string> Must be'named'or'explicit'(EC). Default:'named'. -
publicKeyEncoding<Object> 参见keyObject.export()。¥
publicKeyEncoding<Object> SeekeyObject.export(). -
privateKeyEncoding<Object> 参见keyObject.export()。¥
privateKeyEncoding<Object> SeekeyObject.export().
-
-
callback<Function>-
err<Error> -
publicKey<string> | <Buffer> | <KeyObject> -
privateKey<string> | <Buffer> | <KeyObject>
-
生成给定 type 的新非对称密钥对。目前支持 RSA、RSA-PSS、DSA、EC、Ed25519、Ed448、X25519、X448、以及 DH。
¥Generates a new asymmetric key pair of the given type. RSA, RSA-PSS, DSA, EC,
Ed25519, Ed448, X25519, X448, and DH are currently supported.
如果指定了 publicKeyEncoding 或 privateKeyEncoding,则此函数的行为就像对其结果调用了 keyObject.export()。否则,密钥的相应部分将作为 KeyObject 返回。
¥If a publicKeyEncoding or privateKeyEncoding was specified, this function
behaves as if keyObject.export() had been called on its result. Otherwise,
the respective part of the key is returned as a KeyObject.
建议将公钥编码为 'spki',私钥编码为 'pkcs8',并加密以进行长期存储:
¥It is recommended to encode public keys as 'spki' and private keys as
'pkcs8' with encryption for long-term storage:
const {
generateKeyPair,
} = await import('node:crypto');
generateKeyPair('rsa', {
modulusLength: 4096,
publicKeyEncoding: {
type: 'spki',
format: 'pem',
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
cipher: 'aes-256-cbc',
passphrase: 'top secret',
},
}, (err, publicKey, privateKey) => {
// Handle errors and use the generated key pair.
});const {
generateKeyPair,
} = require('node:crypto');
generateKeyPair('rsa', {
modulusLength: 4096,
publicKeyEncoding: {
type: 'spki',
format: 'pem',
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
cipher: 'aes-256-cbc',
passphrase: 'top secret',
},
}, (err, publicKey, privateKey) => {
// Handle errors and use the generated key pair.
});完成后,callback 将被调用,err 设置为 undefined,publicKey / privateKey 代表生成的密钥对。
¥On completion, callback will be called with err set to undefined and
publicKey / privateKey representing the generated key pair.
如果此方法作为其 util.promisify() 版本被调用,则其将为具有 publicKey 和 privateKey 属性的 Object 返回 Promise。
¥If this method is invoked as its util.promisify()ed version, it returns
a Promise for an Object with publicKey and privateKey properties.