@types/node 20.19.25 → 24.10.4

{node v20.19 → node v24.10}/crypto.d.ts

@@ -14,7 +14,7 @@
  * // Prints:
  * //   c0fa1bc00531bd78ef38c628449c5102aeabd49b5dc3a2a516ea6ea959d6658e
  * ```
- * @see [source](https://github.com/nodejs/node/blob/v20.13.1/lib/crypto.js)
+ * @see [source](https://github.com/nodejs/node/blob/v24.x/lib/crypto.js)
  */
 declare module "crypto" {
     import { NonSharedBuffer } from "node:buffer";
@@ -97,7 +97,7 @@ declare module "crypto" {
         verifySpkac(spkac: NodeJS.ArrayBufferView): boolean;
     }
     namespace constants {
-        // https://nodejs.org/dist/latest-v20.x/docs/api/crypto.html#crypto-constants
+        // https://nodejs.org/dist/latest-v24.x/docs/api/crypto.html#crypto-constants
         const OPENSSL_VERSION_NUMBER: number;
         /** Applies multiple bug workarounds within OpenSSL. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html for detail. */
         const SSL_OP_ALL: number;
@@ -592,18 +592,8 @@ declare module "crypto" {
          */
         static from(key: webcrypto.CryptoKey): KeyObject;
         /**
-         * For asymmetric keys, this property represents the type of the key. Supported key
-         * types are:
-         *
-         * * `'rsa'` (OID 1.2.840.113549.1.1.1)
-         * * `'rsa-pss'` (OID 1.2.840.113549.1.1.10)
-         * * `'dsa'` (OID 1.2.840.10040.4.1)
-         * * `'ec'` (OID 1.2.840.10045.2.1)
-         * * `'x25519'` (OID 1.3.101.110)
-         * * `'x448'` (OID 1.3.101.111)
-         * * `'ed25519'` (OID 1.3.101.112)
-         * * `'ed448'` (OID 1.3.101.113)
-         * * `'dh'` (OID 1.2.840.113549.1.3.1)
+         * For asymmetric keys, this property represents the type of the key. See the
+         * supported [asymmetric key types](https://nodejs.org/docs/latest-v24.x/api/crypto.html#asymmetric-key-types).
          *
          * This property is `undefined` for unrecognized `KeyObject` types and symmetric
          * keys.
@@ -663,6 +653,19 @@ declare module "crypto" {
          * @since v11.6.0
          */
         symmetricKeySize?: number;
+        /**
+         * Converts a `KeyObject` instance to a `CryptoKey`.
+         * @since 22.10.0
+         */
+        toCryptoKey(
+            algorithm:
+                | webcrypto.AlgorithmIdentifier
+                | webcrypto.RsaHashedImportParams
+                | webcrypto.EcKeyImportParams
+                | webcrypto.HmacImportParams,
+            extractable: boolean,
+            keyUsages: readonly webcrypto.KeyUsage[],
+        ): webcrypto.CryptoKey;
         /**
          * Depending on the type of this `KeyObject`, this property is either`'secret'` for secret (symmetric) keys, `'public'` for public (asymmetric) keys
          * or `'private'` for private (asymmetric) keys.
@@ -689,56 +692,6 @@ declare module "crypto" {
         /** @default 16 */
         authTagLength?: number | undefined;
     }
-    /**
-     * Creates and returns a `Cipher` object that uses the given `algorithm` and `password`.
-     *
-     * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
-     * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength`option is not required but can be used to set the length of the authentication
-     * tag that will be returned by `getAuthTag()` and defaults to 16 bytes.
-     * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
-     *
-     * The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On
-     * recent OpenSSL releases, `openssl list -cipher-algorithms` will
-     * display the available cipher algorithms.
-     *
-     * The `password` is used to derive the cipher key and initialization vector (IV).
-     * The value must be either a `'latin1'` encoded string, a `Buffer`, a`TypedArray`, or a `DataView`.
-     *
-     * **This function is semantically insecure for all**
-     * **supported ciphers and fatally flawed for ciphers in counter mode (such as CTR,**
-     * **GCM, or CCM).**
-     *
-     * The implementation of `crypto.createCipher()` derives keys using the OpenSSL
-     * function [`EVP_BytesToKey`](https://www.openssl.org/docs/man3.0/man3/EVP_BytesToKey.html) with the digest algorithm set to MD5, one
-     * iteration, and no salt. The lack of salt allows dictionary attacks as the same
-     * password always creates the same key. The low iteration count and
-     * non-cryptographically secure hash algorithm allow passwords to be tested very
-     * rapidly.
-     *
-     * In line with OpenSSL's recommendation to use a more modern algorithm instead of [`EVP_BytesToKey`](https://www.openssl.org/docs/man3.0/man3/EVP_BytesToKey.html) it is recommended that
-     * developers derive a key and IV on
-     * their own using {@link scrypt} and to use {@link createCipheriv} to create the `Cipher` object. Users should not use ciphers with counter mode
-     * (e.g. CTR, GCM, or CCM) in `crypto.createCipher()`. A warning is emitted when
-     * they are used in order to avoid the risk of IV reuse that causes
-     * vulnerabilities. For the case when IV is reused in GCM, see [Nonce-Disrespecting Adversaries](https://github.com/nonce-disrespect/nonce-disrespect) for details.
-     * @since v0.1.94
-     * @deprecated Since v10.0.0 - Use {@link createCipheriv} instead.
-     * @param options `stream.transform` options
-     */
-    function createCipher(algorithm: CipherCCMTypes, password: BinaryLike, options: CipherCCMOptions): CipherCCM;
-    /** @deprecated since v10.0.0 use `createCipheriv()` */
-    function createCipher(algorithm: CipherGCMTypes, password: BinaryLike, options?: CipherGCMOptions): CipherGCM;
-    /** @deprecated since v10.0.0 use `createCipheriv()` */
-    function createCipher(algorithm: CipherOCBTypes, password: BinaryLike, options: CipherOCBOptions): CipherOCB;
-    /** @deprecated since v10.0.0 use `createCipheriv()` */
-    function createCipher(
-        algorithm: CipherChaCha20Poly1305Types,
-        password: BinaryLike,
-        options?: CipherChaCha20Poly1305Options,
-    ): CipherChaCha20Poly1305;
-    /** @deprecated since v10.0.0 use `createCipheriv()` */
-    function createCipher(algorithm: string, password: BinaryLike, options?: stream.TransformOptions): Cipher;
     /**
      * Creates and returns a `Cipher` object, with the given `algorithm`, `key` and
      * initialization vector (`iv`).
@@ -798,9 +751,9 @@ declare module "crypto" {
         key: CipherKey,
         iv: BinaryLike | null,
         options?: stream.TransformOptions,
-    ): Cipher;
+    ): Cipheriv;
     /**
-     * Instances of the `Cipher` class are used to encrypt data. The class can be
+     * Instances of the `Cipheriv` class are used to encrypt data. The class can be
      * used in one of two ways:
      *
      * * As a `stream` that is both readable and writable, where plain unencrypted
@@ -808,11 +761,11 @@ declare module "crypto" {
      * * Using the `cipher.update()` and `cipher.final()` methods to produce
      * the encrypted data.
      *
-     * The {@link createCipher} or {@link createCipheriv} methods are
-     * used to create `Cipher` instances. `Cipher` objects are not to be created
+     * The {@link createCipheriv} method is
+     * used to create `Cipheriv` instances. `Cipheriv` objects are not to be created
      * directly using the `new` keyword.
      *
-     * Example: Using `Cipher` objects as streams:
+     * Example: Using `Cipheriv` objects as streams:
      *
      * ```js
      * const {
@@ -847,7 +800,7 @@ declare module "crypto" {
      * });
      * ```
      *
-     * Example: Using `Cipher` and piped streams:
+     * Example: Using `Cipheriv` and piped streams:
      *
      * ```js
      * import {
@@ -918,7 +871,7 @@ declare module "crypto" {
      * ```
      * @since v0.1.94
      */
-    class Cipher extends stream.Transform {
+    class Cipheriv extends stream.Transform {
         private constructor();
         /**
          * Updates the cipher with `data`. If the `inputEncoding` argument is given,
@@ -939,7 +892,7 @@ declare module "crypto" {
         update(data: NodeJS.ArrayBufferView, inputEncoding: undefined, outputEncoding: Encoding): string;
         update(data: string, inputEncoding: Encoding | undefined, outputEncoding: Encoding): string;
         /**
-         * Once the `cipher.final()` method has been called, the `Cipher` object can no
+         * Once the `cipher.final()` method has been called, the `Cipheriv` object can no
          * longer be used to encrypt data. Attempts to call `cipher.final()` more than
          * once will result in an error being thrown.
          * @since v0.1.94
@@ -949,7 +902,7 @@ declare module "crypto" {
         final(): NonSharedBuffer;
         final(outputEncoding: BufferEncoding): string;
         /**
-         * When using block encryption algorithms, the `Cipher` class will automatically
+         * When using block encryption algorithms, the `Cipheriv` class will automatically
          * add padding to the input data to the appropriate block size. To disable the
          * default padding call `cipher.setAutoPadding(false)`.
          *
@@ -965,7 +918,7 @@ declare module "crypto" {
          */
         setAutoPadding(autoPadding?: boolean): this;
     }
-    interface CipherCCM extends Cipher {
+    interface CipherCCM extends Cipheriv {
         setAAD(
             buffer: NodeJS.ArrayBufferView,
             options: {
@@ -974,7 +927,7 @@ declare module "crypto" {
         ): this;
         getAuthTag(): NonSharedBuffer;
     }
-    interface CipherGCM extends Cipher {
+    interface CipherGCM extends Cipheriv {
         setAAD(
             buffer: NodeJS.ArrayBufferView,
             options?: {
@@ -983,7 +936,7 @@ declare module "crypto" {
         ): this;
         getAuthTag(): NonSharedBuffer;
     }
-    interface CipherOCB extends Cipher {
+    interface CipherOCB extends Cipheriv {
         setAAD(
             buffer: NodeJS.ArrayBufferView,
             options?: {
@@ -992,7 +945,7 @@ declare module "crypto" {
         ): this;
         getAuthTag(): NonSharedBuffer;
     }
-    interface CipherChaCha20Poly1305 extends Cipher {
+    interface CipherChaCha20Poly1305 extends Cipheriv {
         setAAD(
             buffer: NodeJS.ArrayBufferView,
             options: {
@@ -1002,46 +955,7 @@ declare module "crypto" {
         getAuthTag(): NonSharedBuffer;
     }
     /**
-     * Creates and returns a `Decipher` object that uses the given `algorithm` and `password` (key).
-     *
-     * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the
-     * authentication tag in bytes, see `CCM mode`.
-     * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
-     *
-     * **This function is semantically insecure for all**
-     * **supported ciphers and fatally flawed for ciphers in counter mode (such as CTR,**
-     * **GCM, or CCM).**
-     *
-     * The implementation of `crypto.createDecipher()` derives keys using the OpenSSL
-     * function [`EVP_BytesToKey`](https://www.openssl.org/docs/man3.0/man3/EVP_BytesToKey.html) with the digest algorithm set to MD5, one
-     * iteration, and no salt. The lack of salt allows dictionary attacks as the same
-     * password always creates the same key. The low iteration count and
-     * non-cryptographically secure hash algorithm allow passwords to be tested very
-     * rapidly.
-     *
-     * In line with OpenSSL's recommendation to use a more modern algorithm instead of [`EVP_BytesToKey`](https://www.openssl.org/docs/man3.0/man3/EVP_BytesToKey.html) it is recommended that
-     * developers derive a key and IV on
-     * their own using {@link scrypt} and to use {@link createDecipheriv} to create the `Decipher` object.
-     * @since v0.1.94
-     * @deprecated Since v10.0.0 - Use {@link createDecipheriv} instead.
-     * @param options `stream.transform` options
-     */
-    function createDecipher(algorithm: CipherCCMTypes, password: BinaryLike, options: CipherCCMOptions): DecipherCCM;
-    /** @deprecated since v10.0.0 use `createDecipheriv()` */
-    function createDecipher(algorithm: CipherGCMTypes, password: BinaryLike, options?: CipherGCMOptions): DecipherGCM;
-    /** @deprecated since v10.0.0 use `createDecipheriv()` */
-    function createDecipher(algorithm: CipherOCBTypes, password: BinaryLike, options: CipherOCBOptions): DecipherOCB;
-    /** @deprecated since v10.0.0 use `createDecipheriv()` */
-    function createDecipher(
-        algorithm: CipherChaCha20Poly1305Types,
-        password: BinaryLike,
-        options?: CipherChaCha20Poly1305Options,
-    ): DecipherChaCha20Poly1305;
-    /** @deprecated since v10.0.0 use `createDecipheriv()` */
-    function createDecipher(algorithm: string, password: BinaryLike, options?: stream.TransformOptions): Decipher;
-    /**
-     * Creates and returns a `Decipher` object that uses the given `algorithm`, `key` and initialization vector (`iv`).
+     * Creates and returns a `Decipheriv` object that uses the given `algorithm`, `key` and initialization vector (`iv`).
      *
      * The `options` argument controls stream behavior and is optional except when a
      * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the
@@ -1098,9 +1012,9 @@ declare module "crypto" {
         key: CipherKey,
         iv: BinaryLike | null,
         options?: stream.TransformOptions,
-    ): Decipher;
+    ): Decipheriv;
     /**
-     * Instances of the `Decipher` class are used to decrypt data. The class can be
+     * Instances of the `Decipheriv` class are used to decrypt data. The class can be
      * used in one of two ways:
      *
      * * As a `stream` that is both readable and writable, where plain encrypted
@@ -1108,11 +1022,11 @@ declare module "crypto" {
      * * Using the `decipher.update()` and `decipher.final()` methods to
      * produce the unencrypted data.
      *
-     * The {@link createDecipher} or {@link createDecipheriv} methods are
-     * used to create `Decipher` instances. `Decipher` objects are not to be created
+     * The {@link createDecipheriv} method is
+     * used to create `Decipheriv` instances. `Decipheriv` objects are not to be created
      * directly using the `new` keyword.
      *
-     * Example: Using `Decipher` objects as streams:
+     * Example: Using `Decipheriv` objects as streams:
      *
      * ```js
      * import { Buffer } from 'node:buffer';
@@ -1151,7 +1065,7 @@ declare module "crypto" {
      * decipher.end();
      * ```
      *
-     * Example: Using `Decipher` and piped streams:
+     * Example: Using `Decipheriv` and piped streams:
      *
      * ```js
      * import {
@@ -1207,7 +1121,7 @@ declare module "crypto" {
      * ```
      * @since v0.1.94
      */
-    class Decipher extends stream.Transform {
+    class Decipheriv extends stream.Transform {
         private constructor();
         /**
          * Updates the decipher with `data`. If the `inputEncoding` argument is given,
@@ -1228,7 +1142,7 @@ declare module "crypto" {
         update(data: NodeJS.ArrayBufferView, inputEncoding: undefined, outputEncoding: Encoding): string;
         update(data: string, inputEncoding: Encoding | undefined, outputEncoding: Encoding): string;
         /**
-         * Once the `decipher.final()` method has been called, the `Decipher` object can
+         * Once the `decipher.final()` method has been called, the `Decipheriv` object can
          * no longer be used to decrypt data. Attempts to call `decipher.final()` more
          * than once will result in an error being thrown.
          * @since v0.1.94
@@ -1251,7 +1165,7 @@ declare module "crypto" {
          */
         setAutoPadding(auto_padding?: boolean): this;
     }
-    interface DecipherCCM extends Decipher {
+    interface DecipherCCM extends Decipheriv {
         setAuthTag(buffer: NodeJS.ArrayBufferView): this;
         setAAD(
             buffer: NodeJS.ArrayBufferView,
@@ -1260,7 +1174,7 @@ declare module "crypto" {
             },
         ): this;
     }
-    interface DecipherGCM extends Decipher {
+    interface DecipherGCM extends Decipheriv {
         setAuthTag(buffer: NodeJS.ArrayBufferView): this;
         setAAD(
             buffer: NodeJS.ArrayBufferView,
@@ -1269,7 +1183,7 @@ declare module "crypto" {
             },
         ): this;
     }
-    interface DecipherOCB extends Decipher {
+    interface DecipherOCB extends Decipheriv {
         setAuthTag(buffer: NodeJS.ArrayBufferView): this;
         setAAD(
             buffer: NodeJS.ArrayBufferView,
@@ -1278,7 +1192,7 @@ declare module "crypto" {
             },
         ): this;
     }
-    interface DecipherChaCha20Poly1305 extends Decipher {
+    interface DecipherChaCha20Poly1305 extends Decipheriv {
         setAuthTag(buffer: NodeJS.ArrayBufferView): this;
         setAAD(
             buffer: NodeJS.ArrayBufferView,
@@ -1397,6 +1311,7 @@ declare module "crypto" {
      * @since v0.1.92
      * @param options `stream.Writable` options
      */
+    // TODO: signing algorithm type
     function createSign(algorithm: string, options?: stream.WritableOptions): Sign;
     type DSAEncoding = "der" | "ieee-p1363";
     interface SigningOptions {
@@ -1406,6 +1321,7 @@ declare module "crypto" {
         padding?: number | undefined;
         saltLength?: number | undefined;
         dsaEncoding?: DSAEncoding | undefined;
+        context?: ArrayBuffer | NodeJS.ArrayBufferView | undefined;
     }
     interface SignPrivateKeyInput extends PrivateKeyInput, SigningOptions {}
     interface SignKeyObjectInput extends SigningOptions {
@@ -2274,7 +2190,7 @@ declare module "crypto" {
      */
     function publicEncrypt(
         key: RsaPublicKey | RsaPrivateKey | KeyLike,
-        buffer: NodeJS.ArrayBufferView,
+        buffer: NodeJS.ArrayBufferView | string,
     ): NonSharedBuffer;
     /**
      * Decrypts `buffer` with `key`.`buffer` was previously encrypted using
@@ -2289,7 +2205,7 @@ declare module "crypto" {
      */
     function publicDecrypt(
         key: RsaPublicKey | RsaPrivateKey | KeyLike,
-        buffer: NodeJS.ArrayBufferView,
+        buffer: NodeJS.ArrayBufferView | string,
     ): NonSharedBuffer;
     /**
      * Decrypts `buffer` with `privateKey`. `buffer` was previously encrypted using
@@ -2299,7 +2215,10 @@ declare module "crypto" {
      * object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_OAEP_PADDING`.
      * @since v0.11.14
      */
-    function privateDecrypt(privateKey: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): NonSharedBuffer;
+    function privateDecrypt(
+        privateKey: RsaPrivateKey | KeyLike,
+        buffer: NodeJS.ArrayBufferView | string,
+    ): NonSharedBuffer;
     /**
      * Encrypts `buffer` with `privateKey`. The returned data can be decrypted using
      * the corresponding public key, for example using {@link publicDecrypt}.
@@ -2308,7 +2227,10 @@ declare module "crypto" {
      * object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_PADDING`.
      * @since v1.1.0
      */
-    function privateEncrypt(privateKey: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): NonSharedBuffer;
+    function privateEncrypt(
+        privateKey: RsaPrivateKey | KeyLike,
+        buffer: NodeJS.ArrayBufferView | string,
+    ): NonSharedBuffer;
     /**
      * ```js
      * const {
@@ -2546,7 +2468,34 @@ declare module "crypto" {
      * @since v6.6.0
      */
     function timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
-    type KeyType = "rsa" | "rsa-pss" | "dsa" | "ec" | "ed25519" | "ed448" | "x25519" | "x448";
+    type KeyType =
+        | "dh"
+        | "dsa"
+        | "ec"
+        | "ed25519"
+        | "ed448"
+        | "ml-dsa-44"
+        | "ml-dsa-65"
+        | "ml-dsa-87"
+        | "ml-kem-1024"
+        | "ml-kem-512"
+        | "ml-kem-768"
+        | "rsa-pss"
+        | "rsa"
+        | "slh-dsa-sha2-128f"
+        | "slh-dsa-sha2-128s"
+        | "slh-dsa-sha2-192f"
+        | "slh-dsa-sha2-192s"
+        | "slh-dsa-sha2-256f"
+        | "slh-dsa-sha2-256s"
+        | "slh-dsa-shake-128f"
+        | "slh-dsa-shake-128s"
+        | "slh-dsa-shake-192f"
+        | "slh-dsa-shake-192s"
+        | "slh-dsa-shake-256f"
+        | "slh-dsa-shake-256s"
+        | "x25519"
+        | "x448";
     type KeyFormat = "pem" | "der" | "jwk";
     interface BasePrivateKeyEncodingOptions<T extends KeyFormat> {
         format: T;
@@ -2561,6 +2510,9 @@ declare module "crypto" {
     interface ED448KeyPairKeyObjectOptions {}
     interface X25519KeyPairKeyObjectOptions {}
     interface X448KeyPairKeyObjectOptions {}
+    interface MLDSAKeyPairKeyObjectOptions {}
+    interface MLKEMKeyPairKeyObjectOptions {}
+    interface SLHDSAKeyPairKeyObjectOptions {}
     interface ECKeyPairKeyObjectOptions {
         /**
          * Name of the curve to use
@@ -2725,13 +2677,40 @@ declare module "crypto" {
             type: "pkcs8";
         };
     }
+    interface MLDSAKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
+        publicKeyEncoding: {
+            type: "spki";
+            format: PubF;
+        };
+        privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
+            type: "pkcs8";
+        };
+    }
+    interface MLKEMKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
+        publicKeyEncoding: {
+            type: "spki";
+            format: PubF;
+        };
+        privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
+            type: "pkcs8";
+        };
+    }
+    interface SLHDSAKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
+        publicKeyEncoding: {
+            type: "spki";
+            format: PubF;
+        };
+        privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
+            type: "pkcs8";
+        };
+    }
     interface KeyPairSyncResult<T1 extends string | Buffer, T2 extends string | Buffer> {
         publicKey: T1;
         privateKey: T2;
     }
     /**
      * Generates a new asymmetric key pair of the given `type`. RSA, RSA-PSS, DSA, EC,
-     * Ed25519, Ed448, X25519, X448, and DH are currently supported.
+     * Ed25519, Ed448, X25519, X448, DH, and ML-DSA are currently supported.
      *
      * If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function
      * behaves as if `keyObject.export()` had been called on its result. Otherwise,
@@ -2768,7 +2747,8 @@ declare module "crypto" {
      * When PEM encoding was selected, the respective key will be a string, otherwise
      * it will be a buffer containing the data encoded as DER.
      * @since v10.12.0
-     * @param type Must be `'rsa'`, `'rsa-pss'`, `'dsa'`, `'ec'`, `'ed25519'`, `'ed448'`, `'x25519'`, `'x448'`, or `'dh'`.
+     * @param type The asymmetric key type to generate. See the
+     * supported [asymmetric key types](https://nodejs.org/docs/latest-v24.x/api/crypto.html#asymmetric-key-types).
      */
     function generateKeyPairSync(
         type: "rsa",
@@ -2906,6 +2886,126 @@ declare module "crypto" {
         options: X448KeyPairOptions<"der", "der">,
     ): KeyPairSyncResult<NonSharedBuffer, NonSharedBuffer>;
     function generateKeyPairSync(type: "x448", options?: X448KeyPairKeyObjectOptions): KeyPairKeyObjectResult;
+    function generateKeyPairSync(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"pem", "pem">,
+    ): KeyPairSyncResult<string, string>;
+    function generateKeyPairSync(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"pem", "der">,
+    ): KeyPairSyncResult<string, NonSharedBuffer>;
+    function generateKeyPairSync(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"der", "pem">,
+    ): KeyPairSyncResult<NonSharedBuffer, string>;
+    function generateKeyPairSync(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"der", "der">,
+    ): KeyPairSyncResult<NonSharedBuffer, NonSharedBuffer>;
+    function generateKeyPairSync(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options?: MLDSAKeyPairKeyObjectOptions,
+    ): KeyPairKeyObjectResult;
+    function generateKeyPairSync(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"pem", "pem">,
+    ): KeyPairSyncResult<string, string>;
+    function generateKeyPairSync(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"pem", "der">,
+    ): KeyPairSyncResult<string, NonSharedBuffer>;
+    function generateKeyPairSync(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"der", "pem">,
+    ): KeyPairSyncResult<NonSharedBuffer, string>;
+    function generateKeyPairSync(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"der", "der">,
+    ): KeyPairSyncResult<NonSharedBuffer, NonSharedBuffer>;
+    function generateKeyPairSync(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options?: MLKEMKeyPairKeyObjectOptions,
+    ): KeyPairKeyObjectResult;
+    function generateKeyPairSync(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"pem", "pem">,
+    ): KeyPairSyncResult<string, string>;
+    function generateKeyPairSync(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"pem", "der">,
+    ): KeyPairSyncResult<string, Buffer>;
+    function generateKeyPairSync(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"der", "pem">,
+    ): KeyPairSyncResult<Buffer, string>;
+    function generateKeyPairSync(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"der", "der">,
+    ): KeyPairSyncResult<Buffer, Buffer>;
+    function generateKeyPairSync(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options?: SLHDSAKeyPairKeyObjectOptions,
+    ): KeyPairKeyObjectResult;
     /**
      * Generates a new asymmetric key pair of the given `type`. RSA, RSA-PSS, DSA, EC,
      * Ed25519, Ed448, X25519, X448, and DH are currently supported.
@@ -2943,7 +3043,8 @@ declare module "crypto" {
      * If this method is invoked as its `util.promisify()` ed version, it returns
      * a `Promise` for an `Object` with `publicKey` and `privateKey` properties.
      * @since v10.12.0
-     * @param type Must be `'rsa'`, `'rsa-pss'`, `'dsa'`, `'ec'`, `'ed25519'`, `'ed448'`, `'x25519'`, `'x448'`, or `'dh'`.
+     * @param type The asymmetric key type to generate. See the
+     * supported [asymmetric key types](https://nodejs.org/docs/latest-v24.x/api/crypto.html#asymmetric-key-types).
      */
     function generateKeyPair(
         type: "rsa",
@@ -3145,6 +3246,141 @@ declare module "crypto" {
         options: X448KeyPairKeyObjectOptions | undefined,
         callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
     ): void;
+    function generateKeyPair(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"pem", "pem">,
+        callback: (err: Error | null, publicKey: string, privateKey: string) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"pem", "der">,
+        callback: (err: Error | null, publicKey: string, privateKey: NonSharedBuffer) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"der", "pem">,
+        callback: (err: Error | null, publicKey: NonSharedBuffer, privateKey: string) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairOptions<"der", "der">,
+        callback: (err: Error | null, publicKey: NonSharedBuffer, privateKey: NonSharedBuffer) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+        options: MLDSAKeyPairKeyObjectOptions | undefined,
+        callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"pem", "pem">,
+        callback: (err: Error | null, publicKey: string, privateKey: string) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"pem", "der">,
+        callback: (err: Error | null, publicKey: string, privateKey: NonSharedBuffer) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"der", "pem">,
+        callback: (err: Error | null, publicKey: NonSharedBuffer, privateKey: string) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairOptions<"der", "der">,
+        callback: (err: Error | null, publicKey: NonSharedBuffer, privateKey: NonSharedBuffer) => void,
+    ): void;
+    function generateKeyPair(
+        type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+        options: MLKEMKeyPairKeyObjectOptions | undefined,
+        callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
+    ): void;
+    function generateKeyPair(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"pem", "pem">,
+        callback: (err: Error | null, publicKey: string, privateKey: string) => void,
+    ): void;
+    function generateKeyPair(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"pem", "der">,
+        callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
+    ): void;
+    function generateKeyPair(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"der", "pem">,
+        callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
+    ): void;
+    function generateKeyPair(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairOptions<"der", "der">,
+        callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
+    ): void;
+    function generateKeyPair(
+        type:
+            | "slh-dsa-sha2-128f"
+            | "slh-dsa-sha2-128s"
+            | "slh-dsa-sha2-192f"
+            | "slh-dsa-sha2-192s"
+            | "slh-dsa-sha2-256f"
+            | "slh-dsa-sha2-256s"
+            | "slh-dsa-shake-128f"
+            | "slh-dsa-shake-128s"
+            | "slh-dsa-shake-192f"
+            | "slh-dsa-shake-192s"
+            | "slh-dsa-shake-256f"
+            | "slh-dsa-shake-256s",
+        options: SLHDSAKeyPairKeyObjectOptions | undefined,
+        callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
+    ): void;
     namespace generateKeyPair {
         function __promisify__(
             type: "rsa",
@@ -3387,11 +3623,170 @@ declare module "crypto" {
             privateKey: NonSharedBuffer;
         }>;
         function __promisify__(type: "x448", options?: X448KeyPairKeyObjectOptions): Promise<KeyPairKeyObjectResult>;
+        function __promisify__(
+            type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+            options: MLDSAKeyPairOptions<"pem", "pem">,
+        ): Promise<{
+            publicKey: string;
+            privateKey: string;
+        }>;
+        function __promisify__(
+            type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+            options: MLDSAKeyPairOptions<"pem", "der">,
+        ): Promise<{
+            publicKey: string;
+            privateKey: NonSharedBuffer;
+        }>;
+        function __promisify__(
+            type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+            options: MLDSAKeyPairOptions<"der", "pem">,
+        ): Promise<{
+            publicKey: NonSharedBuffer;
+            privateKey: string;
+        }>;
+        function __promisify__(
+            type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+            options: MLDSAKeyPairOptions<"der", "der">,
+        ): Promise<{
+            publicKey: NonSharedBuffer;
+            privateKey: NonSharedBuffer;
+        }>;
+        function __promisify__(
+            type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
+            options?: MLDSAKeyPairKeyObjectOptions,
+        ): Promise<KeyPairKeyObjectResult>;
+        function __promisify__(
+            type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+            options: MLKEMKeyPairOptions<"pem", "pem">,
+        ): Promise<{
+            publicKey: string;
+            privateKey: string;
+        }>;
+        function __promisify__(
+            type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+            options: MLKEMKeyPairOptions<"pem", "der">,
+        ): Promise<{
+            publicKey: string;
+            privateKey: NonSharedBuffer;
+        }>;
+        function __promisify__(
+            type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+            options: MLKEMKeyPairOptions<"der", "pem">,
+        ): Promise<{
+            publicKey: NonSharedBuffer;
+            privateKey: string;
+        }>;
+        function __promisify__(
+            type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+            options: MLKEMKeyPairOptions<"der", "der">,
+        ): Promise<{
+            publicKey: NonSharedBuffer;
+            privateKey: NonSharedBuffer;
+        }>;
+        function __promisify__(
+            type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
+            options?: MLKEMKeyPairKeyObjectOptions,
+        ): Promise<KeyPairKeyObjectResult>;
+        function __promisify__(
+            type:
+                | "slh-dsa-sha2-128f"
+                | "slh-dsa-sha2-128s"
+                | "slh-dsa-sha2-192f"
+                | "slh-dsa-sha2-192s"
+                | "slh-dsa-sha2-256f"
+                | "slh-dsa-sha2-256s"
+                | "slh-dsa-shake-128f"
+                | "slh-dsa-shake-128s"
+                | "slh-dsa-shake-192f"
+                | "slh-dsa-shake-192s"
+                | "slh-dsa-shake-256f"
+                | "slh-dsa-shake-256s",
+            options: SLHDSAKeyPairOptions<"pem", "pem">,
+        ): Promise<{
+            publicKey: string;
+            privateKey: string;
+        }>;
+        function __promisify__(
+            type:
+                | "slh-dsa-sha2-128f"
+                | "slh-dsa-sha2-128s"
+                | "slh-dsa-sha2-192f"
+                | "slh-dsa-sha2-192s"
+                | "slh-dsa-sha2-256f"
+                | "slh-dsa-sha2-256s"
+                | "slh-dsa-shake-128f"
+                | "slh-dsa-shake-128s"
+                | "slh-dsa-shake-192f"
+                | "slh-dsa-shake-192s"
+                | "slh-dsa-shake-256f"
+                | "slh-dsa-shake-256s",
+            options: SLHDSAKeyPairOptions<"pem", "der">,
+        ): Promise<{
+            publicKey: string;
+            privateKey: Buffer;
+        }>;
+        function __promisify__(
+            type:
+                | "slh-dsa-sha2-128f"
+                | "slh-dsa-sha2-128s"
+                | "slh-dsa-sha2-192f"
+                | "slh-dsa-sha2-192s"
+                | "slh-dsa-sha2-256f"
+                | "slh-dsa-sha2-256s"
+                | "slh-dsa-shake-128f"
+                | "slh-dsa-shake-128s"
+                | "slh-dsa-shake-192f"
+                | "slh-dsa-shake-192s"
+                | "slh-dsa-shake-256f"
+                | "slh-dsa-shake-256s",
+            options: SLHDSAKeyPairOptions<"der", "pem">,
+        ): Promise<{
+            publicKey: Buffer;
+            privateKey: string;
+        }>;
+        function __promisify__(
+            type:
+                | "slh-dsa-sha2-128f"
+                | "slh-dsa-sha2-128s"
+                | "slh-dsa-sha2-192f"
+                | "slh-dsa-sha2-192s"
+                | "slh-dsa-sha2-256f"
+                | "slh-dsa-sha2-256s"
+                | "slh-dsa-shake-128f"
+                | "slh-dsa-shake-128s"
+                | "slh-dsa-shake-192f"
+                | "slh-dsa-shake-192s"
+                | "slh-dsa-shake-256f"
+                | "slh-dsa-shake-256s",
+            options: SLHDSAKeyPairOptions<"der", "der">,
+        ): Promise<{
+            publicKey: Buffer;
+            privateKey: Buffer;
+        }>;
+        function __promisify__(
+            type:
+                | "slh-dsa-sha2-128f"
+                | "slh-dsa-sha2-128s"
+                | "slh-dsa-sha2-192f"
+                | "slh-dsa-sha2-192s"
+                | "slh-dsa-sha2-256f"
+                | "slh-dsa-sha2-256s"
+                | "slh-dsa-shake-128f"
+                | "slh-dsa-shake-128s"
+                | "slh-dsa-shake-192f"
+                | "slh-dsa-shake-192s"
+                | "slh-dsa-shake-256f"
+                | "slh-dsa-shake-256s",
+            options?: SLHDSAKeyPairKeyObjectOptions,
+        ): Promise<KeyPairKeyObjectResult>;
     }
     /**
      * Calculates and returns the signature for `data` using the given private key and
      * algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is
-     * dependent upon the key type (especially Ed25519 and Ed448).
+     * dependent upon the key type.
+     *
+     * `algorithm` is required to be `null` or `undefined` for Ed25519, Ed448, and
+     * ML-DSA.
      *
      * If `key` is not a `KeyObject`, this function behaves as if `key` had been
      * passed to {@link createPrivateKey}. If it is an object, the following
@@ -3412,8 +3807,12 @@ declare module "crypto" {
         callback: (error: Error | null, data: NonSharedBuffer) => void,
     ): void;
     /**
-     * Verifies the given signature for `data` using the given key and algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is dependent upon the
-     * key type (especially Ed25519 and Ed448).
+     * Verifies the given signature for `data` using the given key and algorithm. If
+     * `algorithm` is `null` or `undefined`, then the algorithm is dependent upon the
+     * key type.
+     *
+     * `algorithm` is required to be `null` or `undefined` for Ed25519, Ed448, and
+     * ML-DSA.
      *
      * If `key` is not a `KeyObject`, this function behaves as if `key` had been
      * passed to {@link createPublicKey}. If it is an object, the following
@@ -3441,16 +3840,102 @@ declare module "crypto" {
         callback: (error: Error | null, result: boolean) => void,
     ): void;
     /**
-     * Computes the Diffie-Hellman secret based on a `privateKey` and a `publicKey`.
-     * Both keys must have the same `asymmetricKeyType`, which must be one of `'dh'` (for Diffie-Hellman), `'ec'` (for ECDH), `'x448'`, or `'x25519'` (for ECDH-ES).
+     * Key decapsulation using a KEM algorithm with a private key.
+     *
+     * Supported key types and their KEM algorithms are:
+     *
+     * * `'rsa'` RSA Secret Value Encapsulation
+     * * `'ec'` DHKEM(P-256, HKDF-SHA256), DHKEM(P-384, HKDF-SHA256), DHKEM(P-521, HKDF-SHA256)
+     * * `'x25519'` DHKEM(X25519, HKDF-SHA256)
+     * * `'x448'` DHKEM(X448, HKDF-SHA512)
+     * * `'ml-kem-512'` ML-KEM
+     * * `'ml-kem-768'` ML-KEM
+     * * `'ml-kem-1024'` ML-KEM
+     *
+     * If `key` is not a {@link KeyObject}, this function behaves as if `key` had been
+     * passed to `crypto.createPrivateKey()`.
+     *
+     * If the `callback` function is provided this function uses libuv's threadpool.
+     * @since v24.7.0
+     */
+    function decapsulate(
+        key: KeyLike | PrivateKeyInput | JsonWebKeyInput,
+        ciphertext: ArrayBuffer | NodeJS.ArrayBufferView,
+    ): NonSharedBuffer;
+    function decapsulate(
+        key: KeyLike | PrivateKeyInput | JsonWebKeyInput,
+        ciphertext: ArrayBuffer | NodeJS.ArrayBufferView,
+        callback: (err: Error, sharedKey: NonSharedBuffer) => void,
+    ): void;
+    /**
+     * Computes the Diffie-Hellman shared secret based on a `privateKey` and a `publicKey`.
+     * Both keys must have the same `asymmetricKeyType` and must support either the DH or
+     * ECDH operation.
+     *
+     * If the `callback` function is provided this function uses libuv's threadpool.
      * @since v13.9.0, v12.17.0
      */
     function diffieHellman(options: { privateKey: KeyObject; publicKey: KeyObject }): NonSharedBuffer;
+    function diffieHellman(
+        options: { privateKey: KeyObject; publicKey: KeyObject },
+        callback: (err: Error | null, secret: NonSharedBuffer) => void,
+    ): void;
+    /**
+     * Key encapsulation using a KEM algorithm with a public key.
+     *
+     * Supported key types and their KEM algorithms are:
+     *
+     * * `'rsa'` RSA Secret Value Encapsulation
+     * * `'ec'` DHKEM(P-256, HKDF-SHA256), DHKEM(P-384, HKDF-SHA256), DHKEM(P-521, HKDF-SHA256)
+     * * `'x25519'` DHKEM(X25519, HKDF-SHA256)
+     * * `'x448'` DHKEM(X448, HKDF-SHA512)
+     * * `'ml-kem-512'` ML-KEM
+     * * `'ml-kem-768'` ML-KEM
+     * * `'ml-kem-1024'` ML-KEM
+     *
+     * If `key` is not a {@link KeyObject}, this function behaves as if `key` had been
+     * passed to `crypto.createPublicKey()`.
+     *
+     * If the `callback` function is provided this function uses libuv's threadpool.
+     * @since v24.7.0
+     */
+    function encapsulate(
+        key: KeyLike | PublicKeyInput | JsonWebKeyInput,
+    ): { sharedKey: NonSharedBuffer; ciphertext: NonSharedBuffer };
+    function encapsulate(
+        key: KeyLike | PublicKeyInput | JsonWebKeyInput,
+        callback: (err: Error, result: { sharedKey: NonSharedBuffer; ciphertext: NonSharedBuffer }) => void,
+    ): void;
+    interface OneShotDigestOptions {
+        /**
+         * Encoding used to encode the returned digest.
+         * @default 'hex'
+         */
+        outputEncoding?: BinaryToTextEncoding | "buffer" | undefined;
+        /**
+         * For XOF hash functions such as 'shake256', the outputLength option
+         * can be used to specify the desired output length in bytes.
+         */
+        outputLength?: number | undefined;
+    }
+    interface OneShotDigestOptionsWithStringEncoding extends OneShotDigestOptions {
+        outputEncoding?: BinaryToTextEncoding | undefined;
+    }
+    interface OneShotDigestOptionsWithBufferEncoding extends OneShotDigestOptions {
+        outputEncoding: "buffer";
+    }
     /**
-     * A utility for creating one-shot hash digests of data. It can be faster than the object-based `crypto.createHash()` when hashing a smaller amount of data
-     * (<= 5MB) that's readily available. If the data can be big or if it is streamed, it's still recommended to use `crypto.createHash()` instead. The `algorithm`
-     * is dependent on the available algorithms supported by the version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc. On recent releases
-     * of OpenSSL, `openssl list -digest-algorithms` will display the available digest algorithms.
+     * A utility for creating one-shot hash digests of data. It can be faster than
+     * the object-based `crypto.createHash()` when hashing a smaller amount of data
+     * (<= 5MB) that's readily available. If the data can be big or if it is streamed,
+     * it's still recommended to use `crypto.createHash()` instead.
+     *
+     * The `algorithm` is dependent on the available algorithms supported by the
+     * version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc.
+     * On recent releases of OpenSSL, `openssl list -digest-algorithms` will
+     * display the available digest algorithms.
+     *
+     * If `options` is a string, then it specifies the `outputEncoding`.
      *
      * Example:
      *
@@ -3470,16 +3955,25 @@ declare module "crypto" {
      * console.log(crypto.hash('sha1', Buffer.from(base64, 'base64'), 'buffer'));
      * ```
      * @since v21.7.0, v20.12.0
-     * @param data When `data` is a string, it will be encoded as UTF-8 before being hashed. If a different input encoding is desired for a string input, user
-     *             could encode the string into a `TypedArray` using either `TextEncoder` or `Buffer.from()` and passing the encoded `TypedArray` into this API instead.
-     * @param [outputEncoding='hex'] [Encoding](https://nodejs.org/docs/latest-v20.x/api/buffer.html#buffers-and-character-encodings) used to encode the returned digest.
+     * @param data When `data` is a string, it will be encoded as UTF-8 before being hashed. If a different
+     * input encoding is desired for a string input, user could encode the string
+     * into a `TypedArray` using either `TextEncoder` or `Buffer.from()` and passing
+     * the encoded `TypedArray` into this API instead.
      */
-    function hash(algorithm: string, data: BinaryLike, outputEncoding?: BinaryToTextEncoding): string;
-    function hash(algorithm: string, data: BinaryLike, outputEncoding: "buffer"): NonSharedBuffer;
     function hash(
         algorithm: string,
         data: BinaryLike,
-        outputEncoding?: BinaryToTextEncoding | "buffer",
+        options?: OneShotDigestOptionsWithStringEncoding | BinaryToTextEncoding,
+    ): string;
+    function hash(
+        algorithm: string,
+        data: BinaryLike,
+        options: OneShotDigestOptionsWithBufferEncoding | "buffer",
+    ): NonSharedBuffer;
+    function hash(
+        algorithm: string,
+        data: BinaryLike,
+        options: OneShotDigestOptions | BinaryToTextEncoding | "buffer",
     ): string | NonSharedBuffer;
     type CipherMode = "cbc" | "ccm" | "cfb" | "ctr" | "ecb" | "gcm" | "ocb" | "ofb" | "stream" | "wrap" | "xts";
     interface CipherInfoOptions {
@@ -3782,16 +4276,36 @@ declare module "crypto" {
          * @since v15.6.0
          */
         readonly serialNumber: string;
+        /**
+         * The algorithm used to sign the certificate or `undefined` if the signature algorithm is unknown by OpenSSL.
+         * @since v24.9.0
+         */
+        readonly signatureAlgorithm: string | undefined;
+        /**
+         * The OID of the algorithm used to sign the certificate.
+         * @since v24.9.0
+         */
+        readonly signatureAlgorithmOid: string;
         /**
          * The date/time from which this certificate is considered valid.
          * @since v15.6.0
          */
         readonly validFrom: string;
+        /**
+         * The date/time from which this certificate is valid, encapsulated in a `Date` object.
+         * @since v22.10.0
+         */
+        readonly validFromDate: Date;
         /**
          * The date/time until which this certificate is considered valid.
          * @since v15.6.0
          */
         readonly validTo: string;
+        /**
+         * The date/time until which this certificate is valid, encapsulated in a `Date` object.
+         * @since v22.10.0
+         */
+        readonly validToDate: Date;
         constructor(buffer: BinaryLike);
         /**
          * Checks whether the certificate matches the given email address.
@@ -3844,7 +4358,23 @@ declare module "crypto" {
          */
         checkIP(ip: string): string | undefined;
         /**
-         * Checks whether this certificate was issued by the given `otherCert`.
+         * Checks whether this certificate was potentially issued by the given `otherCert`
+         * by comparing the certificate metadata.
+         *
+         * This is useful for pruning a list of possible issuer certificates which have been
+         * selected using a more rudimentary filtering routine, i.e. just based on subject
+         * and issuer names.
+         *
+         * Finally, to verify that this certificate's signature was produced by a private key
+         * corresponding to `otherCert`'s public key use `x509.verify(publicKey)`
+         * with `otherCert`'s public key represented as a `KeyObject`
+         * like so
+         *
+         * ```js
+         * if (!x509.verify(otherCert.publicKey)) {
+         *   throw new Error('otherCert did not issue x509');
+         * }
+         * ```
          * @since v15.6.0
          */
         checkIssued(otherCert: X509Certificate): boolean;
@@ -4028,6 +4558,130 @@ declare module "crypto" {
      * @return Returns `typedArray`.
      */
     function getRandomValues<T extends webcrypto.BufferSource>(typedArray: T): T;
+    type Argon2Algorithm = "argon2d" | "argon2i" | "argon2id";
+    interface Argon2Parameters {
+        /**
+         * REQUIRED, this is the password for password hashing applications of Argon2.
+         */
+        message: string | ArrayBuffer | NodeJS.ArrayBufferView;
+        /**
+         * REQUIRED, must be at least 8 bytes long. This is the salt for password hashing applications of Argon2.
+         */
+        nonce: string | ArrayBuffer | NodeJS.ArrayBufferView;
+        /**
+         * REQUIRED, degree of parallelism determines how many computational chains (lanes)
+         * can be run. Must be greater than 1 and less than `2**24-1`.
+         */
+        parallelism: number;
+        /**
+         * REQUIRED, the length of the key to generate. Must be greater than 4 and
+         * less than `2**32-1`.
+         */
+        tagLength: number;
+        /**
+         * REQUIRED, memory cost in 1KiB blocks. Must be greater than
+         * `8 * parallelism` and less than `2**32-1`. The actual number of blocks is rounded
+         * down to the nearest multiple of `4 * parallelism`.
+         */
+        memory: number;
+        /**
+         * REQUIRED, number of passes (iterations). Must be greater than 1 and less
+         * than `2**32-1`.
+         */
+        passes: number;
+        /**
+         * OPTIONAL, Random additional input,
+         * similar to the salt, that should **NOT** be stored with the derived key. This is known as pepper in
+         * password hashing applications. If used, must have a length not greater than `2**32-1` bytes.
+         */
+        secret?: string | ArrayBuffer | NodeJS.ArrayBufferView | undefined;
+        /**
+         * OPTIONAL, Additional data to
+         * be added to the hash, functionally equivalent to salt or secret, but meant for
+         * non-random data. If used, must have a length not greater than `2**32-1` bytes.
+         */
+        associatedData?: string | ArrayBuffer | NodeJS.ArrayBufferView | undefined;
+    }
+    /**
+     * Provides an asynchronous [Argon2](https://www.rfc-editor.org/rfc/rfc9106.html) implementation. Argon2 is a password-based
+     * key derivation function that is designed to be expensive computationally and
+     * memory-wise in order to make brute-force attacks unrewarding.
+     *
+     * The `nonce` should be as unique as possible. It is recommended that a nonce is
+     * random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details.
+     *
+     * When passing strings for `message`, `nonce`, `secret` or `associatedData`, please
+     * consider [caveats when using strings as inputs to cryptographic APIs](https://nodejs.org/docs/latest-v24.x/api/crypto.html#using-strings-as-inputs-to-cryptographic-apis).
+     *
+     * The `callback` function is called with two arguments: `err` and `derivedKey`.
+     * `err` is an exception object when key derivation fails, otherwise `err` is
+     * `null`. `derivedKey` is passed to the callback as a `Buffer`.
+     *
+     * An exception is thrown when any of the input arguments specify invalid values
+     * or types.
+     *
+     * ```js
+     * const { argon2, randomBytes } = await import('node:crypto');
+     *
+     * const parameters = {
+     *   message: 'password',
+     *   nonce: randomBytes(16),
+     *   parallelism: 4,
+     *   tagLength: 64,
+     *   memory: 65536,
+     *   passes: 3,
+     * };
+     *
+     * argon2('argon2id', parameters, (err, derivedKey) => {
+     *   if (err) throw err;
+     *   console.log(derivedKey.toString('hex'));  // 'af91dad...9520f15'
+     * });
+     * ```
+     * @since v24.7.0
+     * @param algorithm Variant of Argon2, one of `"argon2d"`, `"argon2i"` or `"argon2id"`.
+     * @experimental
+     */
+    function argon2(
+        algorithm: Argon2Algorithm,
+        parameters: Argon2Parameters,
+        callback: (err: Error | null, derivedKey: NonSharedBuffer) => void,
+    ): void;
+    /**
+     * Provides a synchronous [Argon2][] implementation. Argon2 is a password-based
+     * key derivation function that is designed to be expensive computationally and
+     * memory-wise in order to make brute-force attacks unrewarding.
+     *
+     * The `nonce` should be as unique as possible. It is recommended that a nonce is
+     * random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details.
+     *
+     * When passing strings for `message`, `nonce`, `secret` or `associatedData`, please
+     * consider [caveats when using strings as inputs to cryptographic APIs](https://nodejs.org/docs/latest-v24.x/api/crypto.html#using-strings-as-inputs-to-cryptographic-apis).
+     *
+     * An exception is thrown when key derivation fails, otherwise the derived key is
+     * returned as a `Buffer`.
+     *
+     * An exception is thrown when any of the input arguments specify invalid values
+     * or types.
+     *
+     * ```js
+     * const { argon2Sync, randomBytes } = await import('node:crypto');
+     *
+     * const parameters = {
+     *   message: 'password',
+     *   nonce: randomBytes(16),
+     *   parallelism: 4,
+     *   tagLength: 64,
+     *   memory: 65536,
+     *   passes: 3,
+     * };
+     *
+     * const derivedKey = argon2Sync('argon2id', parameters);
+     * console.log(derivedKey.toString('hex'));  // 'af91dad...9520f15'
+     * ```
+     * @since v24.7.0
+     * @experimental
+     */
+    function argon2Sync(algorithm: Argon2Algorithm, parameters: Argon2Parameters): NonSharedBuffer;
     /**
      * A convenient alias for `crypto.webcrypto.subtle`.
      * @since v17.4.0
@@ -4042,21 +4696,30 @@ declare module "crypto" {
     const webcrypto: webcrypto.Crypto;
     namespace webcrypto {
         type BufferSource = ArrayBufferView | ArrayBuffer;
-        type KeyFormat = "jwk" | "pkcs8" | "raw" | "spki";
+        type KeyFormat = "jwk" | "pkcs8" | "raw" | "raw-public" | "raw-secret" | "raw-seed" | "spki";
         type KeyType = "private" | "public" | "secret";
         type KeyUsage =
-            | "decrypt"
-            | "deriveBits"
-            | "deriveKey"
             | "encrypt"
+            | "decrypt"
             | "sign"
-            | "unwrapKey"
             | "verify"
-            | "wrapKey";
+            | "deriveKey"
+            | "deriveBits"
+            | "encapsulateBits"
+            | "decapsulateBits"
+            | "encapsulateKey"
+            | "decapsulateKey"
+            | "wrapKey"
+            | "unwrapKey";
         type AlgorithmIdentifier = Algorithm | string;
         type HashAlgorithmIdentifier = AlgorithmIdentifier;
         type NamedCurve = string;
         type BigInteger = Uint8Array;
+        interface AeadParams extends Algorithm {
+            additionalData?: BufferSource;
+            iv: BufferSource;
+            tagLength: number;
+        }
         interface AesCbcParams extends Algorithm {
             iv: BufferSource;
         }
@@ -4067,6 +4730,8 @@ declare module "crypto" {
         interface AesDerivedKeyParams extends Algorithm {
             length: number;
         }
+        // TODO: remove in next major
+        /** @deprecated Replaced by `AeadParams`. */
         interface AesGcmParams extends Algorithm {
             additionalData?: BufferSource;
             iv: BufferSource;
@@ -4081,6 +4746,23 @@ declare module "crypto" {
         interface Algorithm {
             name: string;
         }
+        interface Argon2Params extends Algorithm {
+            associatedData?: BufferSource;
+            memory: number;
+            nonce: BufferSource;
+            parallelism: number;
+            passes: number;
+            secretValue?: BufferSource;
+            version?: number;
+        }
+        interface CShakeParams extends Algorithm {
+            customization?: BufferSource;
+            functionName?: BufferSource;
+            length: number;
+        }
+        interface ContextParams extends Algorithm {
+            context?: BufferSource;
+        }
         interface EcKeyAlgorithm extends KeyAlgorithm {
             namedCurve: NamedCurve;
         }
@@ -4096,9 +4778,6 @@ declare module "crypto" {
         interface EcdsaParams extends Algorithm {
             hash: HashAlgorithmIdentifier;
         }
-        interface Ed448Params extends Algorithm {
-            context?: BufferSource;
-        }
         interface HkdfParams extends Algorithm {
             hash: HashAlgorithmIdentifier;
             info: BufferSource;
@@ -4139,6 +4818,19 @@ declare module "crypto" {
         interface KeyAlgorithm {
             name: string;
         }
+        interface KmacImportParams extends Algorithm {
+            length?: number;
+        }
+        interface KmacKeyAlgorithm extends KeyAlgorithm {
+            length: number;
+        }
+        interface KmacKeyGenParams extends Algorithm {
+            length?: number;
+        }
+        interface KmacParams extends Algorithm {
+            customization?: BufferSource;
+            length: number;
+        }
         interface Pbkdf2Params extends Algorithm {
             hash: HashAlgorithmIdentifier;
             iterations: number;
@@ -4192,22 +4884,15 @@ declare module "crypto" {
              * An error will be thrown if the given `typedArray` is larger than 65,536 bytes.
              * @since v15.0.0
              */
-            getRandomValues<T extends Exclude<NodeJS.TypedArray, Float32Array | Float64Array>>(typedArray: T): T;
+            getRandomValues<T extends Exclude<NodeJS.TypedArray, Float16Array | Float32Array | Float64Array>>(
+                typedArray: T,
+            ): T;
             /**
              * Generates a random {@link https://www.rfc-editor.org/rfc/rfc4122.txt RFC 4122} version 4 UUID.
              * The UUID is generated using a cryptographic pseudorandom number generator.
              * @since v16.7.0
              */
             randomUUID(): UUID;
-            CryptoKey: CryptoKeyConstructor;
-        }
-        // This constructor throws ILLEGAL_CONSTRUCTOR so it should not be newable.
-        interface CryptoKeyConstructor {
-            /** Illegal constructor */
-            (_: { readonly _: unique symbol }): never; // Allows instanceof to work but not be callable by the user.
-            readonly length: 0;
-            readonly name: "CryptoKey";
-            readonly prototype: CryptoKey;
         }
         /**
          * @since v15.0.0
@@ -4262,31 +4947,81 @@ declare module "crypto" {
              */
             publicKey: CryptoKey;
         }
+        interface EncapsulatedBits {
+            sharedKey: ArrayBuffer;
+            ciphertext: ArrayBuffer;
+        }
+        interface EncapsulatedKey {
+            sharedKey: CryptoKey;
+            ciphertext: ArrayBuffer;
+        }
         /**
          * @since v15.0.0
          */
         interface SubtleCrypto {
+            /**
+             * A message recipient uses their asymmetric private key to decrypt an
+             * "encapsulated key" (ciphertext), thereby recovering a temporary symmetric
+             * key (represented as `ArrayBuffer`) which is then used to decrypt a message.
+             *
+             * The algorithms currently supported include:
+             *
+             * * `'ML-KEM-512'`
+             * * `'ML-KEM-768'`
+             * * `'ML-KEM-1024'`
+             * @since v24.7.0
+             * @returns Fulfills with `ArrayBuffer` upon success.
+             */
+            decapsulateBits(
+                decapsulationAlgorithm: AlgorithmIdentifier,
+                decapsulationKey: CryptoKey,
+                ciphertext: BufferSource,
+            ): Promise<ArrayBuffer>;
+            /**
+             * A message recipient uses their asymmetric private key to decrypt an
+             * "encapsulated key" (ciphertext), thereby recovering a temporary symmetric
+             * key (represented as `CryptoKey`) which is then used to decrypt a message.
+             *
+             * The algorithms currently supported include:
+             *
+             * * `'ML-KEM-512'`
+             * * `'ML-KEM-768'`
+             * * `'ML-KEM-1024'`
+             * @since v24.7.0
+             * @param usages See [Key usages](https://nodejs.org/docs/latest-v24.x/api/webcrypto.html#cryptokeyusages).
+             * @returns Fulfills with `CryptoKey` upon success.
+             */
+            decapsulateKey(
+                decapsulationAlgorithm: AlgorithmIdentifier,
+                decapsulationKey: CryptoKey,
+                ciphertext: BufferSource,
+                sharedKeyAlgorithm: AlgorithmIdentifier | HmacImportParams | AesDerivedKeyParams | KmacImportParams,
+                extractable: boolean,
+                usages: KeyUsage[],
+            ): Promise<CryptoKey>;
             /**
              * Using the method and parameters specified in `algorithm` and the keying material provided by `key`,
-             * `subtle.decrypt()` attempts to decipher the provided `data`. If successful,
+             * this method attempts to decipher the provided `data`. If successful,
              * the returned promise will be resolved with an `<ArrayBuffer>` containing the plaintext result.
              *
              * The algorithms currently supported include:
              *
-             * - `'RSA-OAEP'`
-             * - `'AES-CTR'`
-             * - `'AES-CBC'`
-             * - `'AES-GCM'`
+             * * `'AES-CBC'`
+             * * `'AES-CTR'`
+             * * `'AES-GCM'`
+             * * `'AES-OCB'`
+             * * `'ChaCha20-Poly1305'`
+             * * `'RSA-OAEP'`
              * @since v15.0.0
              */
             decrypt(
-                algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
+                algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
                 key: CryptoKey,
                 data: BufferSource,
             ): Promise<ArrayBuffer>;
             /**
              * Using the method and parameters specified in `algorithm` and the keying material provided by `baseKey`,
-             * `subtle.deriveBits()` attempts to generate `length` bits.
+             * this method attempts to generate `length` bits.
              * The Node.js implementation requires that when `length` is a number it must be multiple of `8`.
              * When `length` is `null` the maximum number of bits for a given algorithm is generated. This is allowed
              * for the `'ECDH'`, `'X25519'`, and `'X448'` algorithms.
@@ -4294,45 +5029,50 @@ declare module "crypto" {
              *
              * The algorithms currently supported include:
              *
-             * - `'ECDH'`
-             * - `'X25519'`
-             * - `'X448'`
-             * - `'HKDF'`
-             * - `'PBKDF2'`
+             * * `'Argon2d'`
+             * * `'Argon2i'`
+             * * `'Argon2id'`
+             * * `'ECDH'`
+             * * `'HKDF'`
+             * * `'PBKDF2'`
+             * * `'X25519'`
+             * * `'X448'`
              * @since v15.0.0
              */
-            deriveBits(algorithm: EcdhKeyDeriveParams, baseKey: CryptoKey, length: number | null): Promise<ArrayBuffer>;
             deriveBits(
-                algorithm: AlgorithmIdentifier | HkdfParams | Pbkdf2Params,
+                algorithm: EcdhKeyDeriveParams,
+                baseKey: CryptoKey,
+                length?: number | null,
+            ): Promise<ArrayBuffer>;
+            deriveBits(
+                algorithm: EcdhKeyDeriveParams | HkdfParams | Pbkdf2Params | Argon2Params,
                 baseKey: CryptoKey,
                 length: number,
             ): Promise<ArrayBuffer>;
             /**
              * Using the method and parameters specified in `algorithm`, and the keying material provided by `baseKey`,
-             * `subtle.deriveKey()` attempts to generate a new <CryptoKey>` based on the method and parameters in `derivedKeyAlgorithm`.
+             * this method attempts to generate a new <CryptoKey>` based on the method and parameters in `derivedKeyAlgorithm`.
              *
              * Calling `subtle.deriveKey()` is equivalent to calling `subtle.deriveBits()` to generate raw keying material,
              * then passing the result into the `subtle.importKey()` method using the `deriveKeyAlgorithm`, `extractable`, and `keyUsages` parameters as input.
              *
              * The algorithms currently supported include:
              *
-             * - `'ECDH'`
-             * - `'X25519'`
-             * - `'X448'`
-             * - `'HKDF'`
-             * - `'PBKDF2'`
+             * * `'Argon2d'`
+             * * `'Argon2i'`
+             * * `'Argon2id'`
+             * * `'ECDH'`
+             * * `'HKDF'`
+             * * `'PBKDF2'`
+             * * `'X25519'`
+             * * `'X448'`
              * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
              * @since v15.0.0
              */
             deriveKey(
-                algorithm: AlgorithmIdentifier | EcdhKeyDeriveParams | HkdfParams | Pbkdf2Params,
+                algorithm: EcdhKeyDeriveParams | HkdfParams | Pbkdf2Params | Argon2Params,
                 baseKey: CryptoKey,
-                derivedKeyAlgorithm:
-                    | AlgorithmIdentifier
-                    | AesDerivedKeyParams
-                    | HmacImportParams
-                    | HkdfParams
-                    | Pbkdf2Params,
+                derivedKeyAlgorithm: AlgorithmIdentifier | HmacImportParams | AesDerivedKeyParams | KmacImportParams,
                 extractable: boolean,
                 keyUsages: readonly KeyUsage[],
             ): Promise<CryptoKey>;
@@ -4342,30 +5082,73 @@ declare module "crypto" {
              *
              * If `algorithm` is provided as a `<string>`, it must be one of:
              *
-             * - `'SHA-1'`
-             * - `'SHA-256'`
-             * - `'SHA-384'`
-             * - `'SHA-512'`
+             * * `'cSHAKE128'`
+             * * `'cSHAKE256'`
+             * * `'SHA-1'`
+             * * `'SHA-256'`
+             * * `'SHA-384'`
+             * * `'SHA-512'`
+             * * `'SHA3-256'`
+             * * `'SHA3-384'`
+             * * `'SHA3-512'`
              *
              * If `algorithm` is provided as an `<Object>`, it must have a `name` property whose value is one of the above.
              * @since v15.0.0
              */
-            digest(algorithm: AlgorithmIdentifier, data: BufferSource): Promise<ArrayBuffer>;
+            digest(algorithm: AlgorithmIdentifier | CShakeParams, data: BufferSource): Promise<ArrayBuffer>;
+            /**
+             * Uses a message recipient's asymmetric public key to encrypt a temporary symmetric key.
+             * This encrypted key is the "encapsulated key" represented as `EncapsulatedBits`.
+             *
+             * The algorithms currently supported include:
+             *
+             * * `'ML-KEM-512'`
+             * * `'ML-KEM-768'`
+             * * `'ML-KEM-1024'`
+             * @since v24.7.0
+             * @returns Fulfills with `EncapsulatedBits` upon success.
+             */
+            encapsulateBits(
+                encapsulationAlgorithm: AlgorithmIdentifier,
+                encapsulationKey: CryptoKey,
+            ): Promise<EncapsulatedBits>;
+            /**
+             * Uses a message recipient's asymmetric public key to encrypt a temporary symmetric key.
+             * This encrypted key is the "encapsulated key" represented as `EncapsulatedKey`.
+             *
+             * The algorithms currently supported include:
+             *
+             * * `'ML-KEM-512'`
+             * * `'ML-KEM-768'`
+             * * `'ML-KEM-1024'`
+             * @since v24.7.0
+             * @param usages See [Key usages](https://nodejs.org/docs/latest-v24.x/api/webcrypto.html#cryptokeyusages).
+             * @returns Fulfills with `EncapsulatedKey` upon success.
+             */
+            encapsulateKey(
+                encapsulationAlgorithm: AlgorithmIdentifier,
+                encapsulationKey: CryptoKey,
+                sharedKeyAlgorithm: AlgorithmIdentifier | HmacImportParams | AesDerivedKeyParams | KmacImportParams,
+                extractable: boolean,
+                usages: KeyUsage[],
+            ): Promise<EncapsulatedKey>;
             /**
              * Using the method and parameters specified by `algorithm` and the keying material provided by `key`,
-             * `subtle.encrypt()` attempts to encipher `data`. If successful,
+             * this method attempts to encipher `data`. If successful,
              * the returned promise is resolved with an `<ArrayBuffer>` containing the encrypted result.
              *
              * The algorithms currently supported include:
              *
-             * - `'RSA-OAEP'`
-             * - `'AES-CTR'`
-             * - `'AES-CBC'`
-             * - `'AES-GCM'`
+             * * `'AES-CBC'`
+             * * `'AES-CTR'`
+             * * `'AES-GCM'`
+             * * `'AES-OCB'`
+             * * `'ChaCha20-Poly1305'`
+             * * `'RSA-OAEP'`
              * @since v15.0.0
              */
             encrypt(
-                algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
+                algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
                 key: CryptoKey,
                 data: BufferSource,
             ): Promise<ArrayBuffer>;
@@ -4379,35 +5162,47 @@ declare module "crypto" {
              *
              * When `format` is `'jwk'` and the export is successful, the returned promise will be resolved with a
              * JavaScript object conforming to the {@link https://tools.ietf.org/html/rfc7517 JSON Web Key} specification.
-             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
+             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
+             * `'raw-public'`, or `'raw-seed'`.
              * @returns `<Promise>` containing `<ArrayBuffer>`.
              * @since v15.0.0
              */
             exportKey(format: "jwk", key: CryptoKey): Promise<JsonWebKey>;
             exportKey(format: Exclude<KeyFormat, "jwk">, key: CryptoKey): Promise<ArrayBuffer>;
             /**
-             * Using the method and parameters provided in `algorithm`,
-             * `subtle.generateKey()` attempts to generate new keying material.
-             * Depending the method used, the method may generate either a single `<CryptoKey>` or a `<CryptoKeyPair>`.
+             * Using the parameters provided in `algorithm`, this method
+             * attempts to generate new keying material. Depending on the algorithm used
+             * either a single `CryptoKey` or a `CryptoKeyPair` is generated.
              *
-             * The `<CryptoKeyPair>` (public and private key) generating algorithms supported include:
+             * The `CryptoKeyPair` (public and private key) generating algorithms supported
+             * include:
              *
-             * - `'RSASSA-PKCS1-v1_5'`
-             * - `'RSA-PSS'`
-             * - `'RSA-OAEP'`
-             * - `'ECDSA'`
-             * - `'Ed25519'`
-             * - `'Ed448'`
-             * - `'ECDH'`
-             * - `'X25519'`
-             * - `'X448'`
-             * The `<CryptoKey>` (secret key) generating algorithms supported include:
+             * * `'ECDH'`
+             * * `'ECDSA'`
+             * * `'Ed25519'`
+             * * `'Ed448'`
+             * * `'ML-DSA-44'`
+             * * `'ML-DSA-65'`
+             * * `'ML-DSA-87'`
+             * * `'ML-KEM-512'`
+             * * `'ML-KEM-768'`
+             * * `'ML-KEM-1024'`
+             * * `'RSA-OAEP'`
+             * * `'RSA-PSS'`
+             * * `'RSASSA-PKCS1-v1_5'`
+             * * `'X25519'`
+             * * `'X448'`
              *
-             * - `'HMAC'`
-             * - `'AES-CTR'`
-             * - `'AES-CBC'`
-             * - `'AES-GCM'`
-             * - `'AES-KW'`
+             * The `CryptoKey` (secret key) generating algorithms supported include:
+             * * `'AES-CBC'`
+             * * `'AES-CTR'`
+             * * `'AES-GCM'`
+             * * `'AES-KW'`
+             * * `'AES-OCB'`
+             * * `'ChaCha20-Poly1305'`
+             * * `'HMAC'`
+             * * `'KMAC128'`
+             * * `'KMAC256'`
              * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
              * @since v15.0.0
              */
@@ -4417,7 +5212,7 @@ declare module "crypto" {
                 keyUsages: readonly KeyUsage[],
             ): Promise<CryptoKeyPair>;
             generateKey(
-                algorithm: AesKeyGenParams | HmacKeyGenParams | Pbkdf2Params,
+                algorithm: AesKeyGenParams | HmacKeyGenParams | Pbkdf2Params | KmacKeyGenParams,
                 extractable: boolean,
                 keyUsages: readonly KeyUsage[],
             ): Promise<CryptoKey>;
@@ -4427,12 +5222,23 @@ declare module "crypto" {
                 keyUsages: KeyUsage[],
             ): Promise<CryptoKeyPair | CryptoKey>;
             /**
-             * The `subtle.importKey()` method attempts to interpret the provided `keyData` as the given `format`
-             * to create a `<CryptoKey>` instance using the provided `algorithm`, `extractable`, and `keyUsages` arguments.
-             * If the import is successful, the returned promise will be resolved with the created `<CryptoKey>`.
+             * Derives the public key from a given private key.
+             * @since v24.7.0
+             * @param key A private key from which to derive the corresponding public key.
+             * @param keyUsages See [Key usages](https://nodejs.org/docs/latest-v24.x/api/webcrypto.html#cryptokeyusages).
+             * @returns Fulfills with a `CryptoKey` upon success.
+             */
+            getPublicKey(key: CryptoKey, keyUsages: KeyUsage[]): Promise<CryptoKey>;
+            /**
+             * This method attempts to interpret the provided `keyData`
+             * as the given `format` to create a `CryptoKey` instance using the provided
+             * `algorithm`, `extractable`, and `keyUsages` arguments. If the import is
+             * successful, the returned promise will be resolved with a {CryptoKey}
+             * representation of the key material.
              *
-             * If importing a `'PBKDF2'` key, `extractable` must be `false`.
-             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
+             * If importing KDF algorithm keys, `extractable` must be `false`.
+             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
+             * `'raw-public'`, or `'raw-seed'`.
              * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
              * @since v15.0.0
              */
@@ -4444,7 +5250,8 @@ declare module "crypto" {
                     | RsaHashedImportParams
                     | EcKeyImportParams
                     | HmacImportParams
-                    | AesKeyAlgorithm,
+                    | AesKeyAlgorithm
+                    | KmacImportParams,
                 extractable: boolean,
                 keyUsages: readonly KeyUsage[],
             ): Promise<CryptoKey>;
@@ -4456,62 +5263,81 @@ declare module "crypto" {
                     | RsaHashedImportParams
                     | EcKeyImportParams
                     | HmacImportParams
-                    | AesKeyAlgorithm,
+                    | AesKeyAlgorithm
+                    | KmacImportParams,
                 extractable: boolean,
                 keyUsages: KeyUsage[],
             ): Promise<CryptoKey>;
             /**
              * Using the method and parameters given by `algorithm` and the keying material provided by `key`,
-             * `subtle.sign()` attempts to generate a cryptographic signature of `data`. If successful,
+             * this method attempts to generate a cryptographic signature of `data`. If successful,
              * the returned promise is resolved with an `<ArrayBuffer>` containing the generated signature.
              *
              * The algorithms currently supported include:
              *
-             * - `'RSASSA-PKCS1-v1_5'`
-             * - `'RSA-PSS'`
-             * - `'ECDSA'`
-             * - `'Ed25519'`
-             * - `'Ed448'`
-             * - `'HMAC'`
+             * * `'ECDSA'`
+             * * `'Ed25519'`
+             * * `'Ed448'`
+             * * `'HMAC'`
+             * * `'KMAC128'`
+             * * `'KMAC256'`
+             * * `'ML-DSA-44'`
+             * * `'ML-DSA-65'`
+             * * `'ML-DSA-87'`
+             * * `'RSA-PSS'`
+             * * `'RSASSA-PKCS1-v1_5'`
              * @since v15.0.0
              */
             sign(
-                algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | Ed448Params,
+                algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | ContextParams | KmacParams,
                 key: CryptoKey,
                 data: BufferSource,
             ): Promise<ArrayBuffer>;
             /**
              * In cryptography, "wrapping a key" refers to exporting and then encrypting the keying material.
-             * The `subtle.unwrapKey()` method attempts to decrypt a wrapped key and create a `<CryptoKey>` instance.
+             * This method attempts to decrypt a wrapped key and create a `<CryptoKey>` instance.
              * It is equivalent to calling `subtle.decrypt()` first on the encrypted key data (using the `wrappedKey`, `unwrapAlgo`, and `unwrappingKey` arguments as input)
              * then passing the results in to the `subtle.importKey()` method using the `unwrappedKeyAlgo`, `extractable`, and `keyUsages` arguments as inputs.
              * If successful, the returned promise is resolved with a `<CryptoKey>` object.
              *
              * The wrapping algorithms currently supported include:
              *
-             * - `'RSA-OAEP'`
-             * - `'AES-CTR'`
-             * - `'AES-CBC'`
-             * - `'AES-GCM'`
-             * - `'AES-KW'`
+             * * `'AES-CBC'`
+             * * `'AES-CTR'`
+             * * `'AES-GCM'`
+             * * `'AES-KW'`
+             * * `'AES-OCB'`
+             * * `'ChaCha20-Poly1305'`
+             * * `'RSA-OAEP'`
              *
              * The unwrapped key algorithms supported include:
              *
-             * - `'RSASSA-PKCS1-v1_5'`
-             * - `'RSA-PSS'`
-             * - `'RSA-OAEP'`
-             * - `'ECDSA'`
-             * - `'Ed25519'`
-             * - `'Ed448'`
-             * - `'ECDH'`
-             * - `'X25519'`
-             * - `'X448'`
-             * - `'HMAC'`
-             * - `'AES-CTR'`
-             * - `'AES-CBC'`
-             * - `'AES-GCM'`
-             * - `'AES-KW'`
-             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
+             * * `'AES-CBC'`
+             * * `'AES-CTR'`
+             * * `'AES-GCM'`
+             * * `'AES-KW'`
+             * * `'AES-OCB'`
+             * * `'ChaCha20-Poly1305'`
+             * * `'ECDH'`
+             * * `'ECDSA'`
+             * * `'Ed25519'`
+             * * `'Ed448'`
+             * * `'HMAC'`
+             * * `'KMAC128'`
+             * * `'KMAC256'`
+             * * `'ML-DSA-44'`
+             * * `'ML-DSA-65'`
+             * * `'ML-DSA-87'`
+             * * `'ML-KEM-512'`
+             * * `'ML-KEM-768'`
+             * * `'ML-KEM-1024'`
+             * * `'RSA-OAEP'`
+             * * `'RSA-PSS'`
+             * * `'RSASSA-PKCS1-v1_5'`
+             * * `'X25519'`
+             * * `'X448'`
+             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
+             * `'raw-public'`, or `'raw-seed'`.
              * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
              * @since v15.0.0
              */
@@ -4519,40 +5345,46 @@ declare module "crypto" {
                 format: KeyFormat,
                 wrappedKey: BufferSource,
                 unwrappingKey: CryptoKey,
-                unwrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
+                unwrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
                 unwrappedKeyAlgorithm:
                     | AlgorithmIdentifier
                     | RsaHashedImportParams
                     | EcKeyImportParams
                     | HmacImportParams
-                    | AesKeyAlgorithm,
+                    | AesKeyAlgorithm
+                    | KmacImportParams,
                 extractable: boolean,
                 keyUsages: KeyUsage[],
             ): Promise<CryptoKey>;
             /**
              * Using the method and parameters given in `algorithm` and the keying material provided by `key`,
-             * `subtle.verify()` attempts to verify that `signature` is a valid cryptographic signature of `data`.
+             * This method attempts to verify that `signature` is a valid cryptographic signature of `data`.
              * The returned promise is resolved with either `true` or `false`.
              *
              * The algorithms currently supported include:
              *
-             * - `'RSASSA-PKCS1-v1_5'`
-             * - `'RSA-PSS'`
-             * - `'ECDSA'`
-             * - `'Ed25519'`
-             * - `'Ed448'`
-             * - `'HMAC'`
+             * * `'ECDSA'`
+             * * `'Ed25519'`
+             * * `'Ed448'`
+             * * `'HMAC'`
+             * * `'KMAC128'`
+             * * `'KMAC256'`
+             * * `'ML-DSA-44'`
+             * * `'ML-DSA-65'`
+             * * `'ML-DSA-87'`
+             * * `'RSA-PSS'`
+             * * `'RSASSA-PKCS1-v1_5'`
              * @since v15.0.0
              */
             verify(
-                algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | Ed448Params,
+                algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | ContextParams | KmacParams,
                 key: CryptoKey,
                 signature: BufferSource,
                 data: BufferSource,
             ): Promise<boolean>;
             /**
              * In cryptography, "wrapping a key" refers to exporting and then encrypting the keying material.
-             * The `subtle.wrapKey()` method exports the keying material into the format identified by `format`,
+             * This method exports the keying material into the format identified by `format`,
              * then encrypts it using the method and parameters specified by `wrapAlgo` and the keying material provided by `wrappingKey`.
              * It is the equivalent to calling `subtle.exportKey()` using `format` and `key` as the arguments,
              * then passing the result to the `subtle.encrypt()` method using `wrappingKey` and `wrapAlgo` as inputs.
@@ -4560,30 +5392,25 @@ declare module "crypto" {
              *
              * The wrapping algorithms currently supported include:
              *
-             * - `'RSA-OAEP'`
-             * - `'AES-CTR'`
-             * - `'AES-CBC'`
-             * - `'AES-GCM'`
-             * - `'AES-KW'`
-             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
+             * * `'AES-CBC'`
+             * * `'AES-CTR'`
+             * * `'AES-GCM'`
+             * * `'AES-KW'`
+             * * `'AES-OCB'`
+             * * `'ChaCha20-Poly1305'`
+             * * `'RSA-OAEP'`
+             * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
+             * `'raw-public'`, or `'raw-seed'`.
              * @since v15.0.0
              */
             wrapKey(
                 format: KeyFormat,
                 key: CryptoKey,
                 wrappingKey: CryptoKey,
-                wrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
+                wrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
             ): Promise<ArrayBuffer>;
         }
     }
-
-    global {
-        var crypto: typeof globalThis extends {
-            crypto: infer T;
-            onmessage: any;
-        } ? T
-            : webcrypto.Crypto;
-    }
 }
 declare module "node:crypto" {
     export * from "crypto";