type
: {string} Must be'rsa'
,'dsa'
,'ec'
,'ed25519'
,'ed448'
,'x25519'
,'x448'
, or'dh'
.options
: {Object}modulusLength
: {number} Key size in bits (RSA, DSA).publicExponent
: {number} Public exponent (RSA). Default:0x10001
.divisorLength
: {number} Size ofq
in bits (DSA).namedCurve
: {string} Name of the curve to use (EC).prime
: {Buffer} The prime parameter (DH).primeLength
: {number} Prime length in bits (DH).generator
: {number} Custom generator (DH). Default:2
.groupName
: {string} Diffie-Hellman group name (DH). See [crypto.getDiffieHellman()
][].publicKeyEncoding
: {Object} See [keyObject.export()
][].privateKeyEncoding
: {Object} See [keyObject.export()
][].
- Returns: {Object}
publicKey
: {string | Buffer | KeyObject}privateKey
: {string | Buffer | KeyObject}
Generates a new asymmetric key pair of the given type
. RSA, DSA, EC, Ed25519,
Ed448, X25519, X448, and DH are currently supported.
If a publicKeyEncoding
or privateKeyEncoding
was specified, this function
behaves as if [keyObject.export()
][] had been called on its result. Otherwise,
the respective part of the key is returned as a [KeyObject
][].
When encoding public keys, it is recommended to use 'spki'
. When encoding
private keys, it is recommended to use 'pkcs8'
with a strong passphrase,
and to keep the passphrase confidential.
const { generateKeyPairSync } = require('crypto');
const { publicKey, privateKey } = generateKeyPairSync('rsa', {
modulusLength: 4096,
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
cipher: 'aes-256-cbc',
passphrase: 'top secret'
}
});
The return value { publicKey, privateKey }
represents the generated key pair.
When PEM encoding was selected, the respective key will be a string, otherwise
it will be a buffer containing the data encoded as DER.