@types/node 24.6.2 → 24.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. node/README.md +1 -1
  2. node/crypto.d.ts +515 -139
  3. node/fs.d.ts +4 -0
  4. node/http.d.ts +10 -0
  5. node/http2.d.ts +1 -1
  6. node/index.d.ts +2 -0
  7. node/inspector.d.ts +24 -0
  8. node/inspector.generated.d.ts +181 -0
  9. node/package.json +3 -3
  10. node/sqlite.d.ts +6 -4
  11. node/stream/web.d.ts +6 -55
  12. node/test.d.ts +29 -3
  13. node/ts5.6/index.d.ts +2 -0
  14. node/ts5.7/index.d.ts +2 -0
  15. node/web-globals/crypto.d.ts +32 -0
  16. node/web-globals/streams.d.ts +22 -0
node/crypto.d.ts CHANGED
@@ -591,21 +591,8 @@ declare module "crypto" {
591
591
  */
592
592
  static from(key: webcrypto.CryptoKey): KeyObject;
593
593
  /**
594
- * For asymmetric keys, this property represents the type of the key. Supported key
595
- * types are:
596
- *
597
- * * `'rsa'` (OID 1.2.840.113549.1.1.1)
598
- * * `'rsa-pss'` (OID 1.2.840.113549.1.1.10)
599
- * * `'dsa'` (OID 1.2.840.10040.4.1)
600
- * * `'ec'` (OID 1.2.840.10045.2.1)
601
- * * `'x25519'` (OID 1.3.101.110)
602
- * * `'x448'` (OID 1.3.101.111)
603
- * * `'ed25519'` (OID 1.3.101.112)
604
- * * `'ed448'` (OID 1.3.101.113)
605
- * * `'dh'` (OID 1.2.840.113549.1.3.1)
606
- * * `'ml-dsa-44'` (OID 2.16.840.1.101.3.4.3.17)
607
- * * `'ml-dsa-65'` (OID 2.16.840.1.101.3.4.3.18)
608
- * * `'ml-dsa-87'` (OID 2.16.840.1.101.3.4.3.19)
594
+ * For asymmetric keys, this property represents the type of the key. See the
595
+ * supported [asymmetric key types](https://nodejs.org/docs/latest-v24.x/api/crypto.html#asymmetric-key-types).
609
596
  *
610
597
  * This property is `undefined` for unrecognized `KeyObject` types and symmetric
611
598
  * keys.
@@ -2460,17 +2447,21 @@ declare module "crypto" {
2460
2447
  */
2461
2448
  function timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
2462
2449
  type KeyType =
2463
- | "rsa"
2464
- | "rsa-pss"
2450
+ | "dh"
2465
2451
  | "dsa"
2466
2452
  | "ec"
2467
2453
  | "ed25519"
2468
2454
  | "ed448"
2469
- | "x25519"
2470
- | "x448"
2471
2455
  | "ml-dsa-44"
2472
2456
  | "ml-dsa-65"
2473
- | "ml-dsa-87";
2457
+ | "ml-dsa-87"
2458
+ | "ml-kem-1024"
2459
+ | "ml-kem-512"
2460
+ | "ml-kem-768"
2461
+ | "rsa-pss"
2462
+ | "rsa"
2463
+ | "x25519"
2464
+ | "x448";
2474
2465
  type KeyFormat = "pem" | "der" | "jwk";
2475
2466
  interface BasePrivateKeyEncodingOptions<T extends KeyFormat> {
2476
2467
  format: T;
@@ -2486,6 +2477,7 @@ declare module "crypto" {
2486
2477
  interface X25519KeyPairKeyObjectOptions {}
2487
2478
  interface X448KeyPairKeyObjectOptions {}
2488
2479
  interface MLDSAKeyPairKeyObjectOptions {}
2480
+ interface MLKEMKeyPairKeyObjectOptions {}
2489
2481
  interface ECKeyPairKeyObjectOptions {
2490
2482
  /**
2491
2483
  * Name of the curve to use
@@ -2659,6 +2651,15 @@ declare module "crypto" {
2659
2651
  type: "pkcs8";
2660
2652
  };
2661
2653
  }
2654
+ interface MLKEMKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
2655
+ publicKeyEncoding: {
2656
+ type: "spki";
2657
+ format: PubF;
2658
+ };
2659
+ privateKeyEncoding: BasePrivateKeyEncodingOptions<PrivF> & {
2660
+ type: "pkcs8";
2661
+ };
2662
+ }
2662
2663
  interface KeyPairSyncResult<T1 extends string | Buffer, T2 extends string | Buffer> {
2663
2664
  publicKey: T1;
2664
2665
  privateKey: T2;
@@ -2702,8 +2703,8 @@ declare module "crypto" {
2702
2703
  * When PEM encoding was selected, the respective key will be a string, otherwise
2703
2704
  * it will be a buffer containing the data encoded as DER.
2704
2705
  * @since v10.12.0
2705
- * @param type Must be `'rsa'`, `'rsa-pss'`, `'dsa'`, `'ec'`, `'ed25519'`,
2706
- * `'ed448'`, `'x25519'`, `'x448'`, `'dh'`, `'ml-dsa-44'`, `'ml-dsa-65'`, or `'ml-dsa-87'`.
2706
+ * @param type The asymmetric key type to generate. See the
2707
+ * supported [asymmetric key types](https://nodejs.org/docs/latest-v24.x/api/crypto.html#asymmetric-key-types).
2707
2708
  */
2708
2709
  function generateKeyPairSync(
2709
2710
  type: "rsa",
@@ -2861,6 +2862,26 @@ declare module "crypto" {
2861
2862
  type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
2862
2863
  options?: MLDSAKeyPairKeyObjectOptions,
2863
2864
  ): KeyPairKeyObjectResult;
2865
+ function generateKeyPairSync(
2866
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
2867
+ options: MLKEMKeyPairOptions<"pem", "pem">,
2868
+ ): KeyPairSyncResult<string, string>;
2869
+ function generateKeyPairSync(
2870
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
2871
+ options: MLKEMKeyPairOptions<"pem", "der">,
2872
+ ): KeyPairSyncResult<string, Buffer>;
2873
+ function generateKeyPairSync(
2874
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
2875
+ options: MLKEMKeyPairOptions<"der", "pem">,
2876
+ ): KeyPairSyncResult<Buffer, string>;
2877
+ function generateKeyPairSync(
2878
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
2879
+ options: MLKEMKeyPairOptions<"der", "der">,
2880
+ ): KeyPairSyncResult<Buffer, Buffer>;
2881
+ function generateKeyPairSync(
2882
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
2883
+ options?: MLKEMKeyPairKeyObjectOptions,
2884
+ ): KeyPairKeyObjectResult;
2864
2885
  /**
2865
2886
  * Generates a new asymmetric key pair of the given `type`. RSA, RSA-PSS, DSA, EC,
2866
2887
  * Ed25519, Ed448, X25519, X448, and DH are currently supported.
@@ -2898,8 +2919,8 @@ declare module "crypto" {
2898
2919
  * If this method is invoked as its `util.promisify()` ed version, it returns
2899
2920
  * a `Promise` for an `Object` with `publicKey` and `privateKey` properties.
2900
2921
  * @since v10.12.0
2901
- * @param type Must be `'rsa'`, `'rsa-pss'`, `'dsa'`, `'ec'`, `'ed25519'`,
2902
- * `'ed448'`, `'x25519'`, `'x448'`, `'dh'`, `'ml-dsa-44'`, `'ml-dsa-65'`, or `'ml-dsa-87'`.
2922
+ * @param type The asymmetric key type to generate. See the
2923
+ * supported [asymmetric key types](https://nodejs.org/docs/latest-v24.x/api/crypto.html#asymmetric-key-types).
2903
2924
  */
2904
2925
  function generateKeyPair(
2905
2926
  type: "rsa",
@@ -3126,6 +3147,31 @@ declare module "crypto" {
3126
3147
  options: MLDSAKeyPairKeyObjectOptions | undefined,
3127
3148
  callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
3128
3149
  ): void;
3150
+ function generateKeyPair(
3151
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3152
+ options: MLKEMKeyPairOptions<"pem", "pem">,
3153
+ callback: (err: Error | null, publicKey: string, privateKey: string) => void,
3154
+ ): void;
3155
+ function generateKeyPair(
3156
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3157
+ options: MLKEMKeyPairOptions<"pem", "der">,
3158
+ callback: (err: Error | null, publicKey: string, privateKey: Buffer) => void,
3159
+ ): void;
3160
+ function generateKeyPair(
3161
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3162
+ options: MLKEMKeyPairOptions<"der", "pem">,
3163
+ callback: (err: Error | null, publicKey: Buffer, privateKey: string) => void,
3164
+ ): void;
3165
+ function generateKeyPair(
3166
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3167
+ options: MLKEMKeyPairOptions<"der", "der">,
3168
+ callback: (err: Error | null, publicKey: Buffer, privateKey: Buffer) => void,
3169
+ ): void;
3170
+ function generateKeyPair(
3171
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3172
+ options: MLKEMKeyPairKeyObjectOptions | undefined,
3173
+ callback: (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => void,
3174
+ ): void;
3129
3175
  namespace generateKeyPair {
3130
3176
  function __promisify__(
3131
3177
  type: "rsa",
@@ -3400,6 +3446,38 @@ declare module "crypto" {
3400
3446
  type: "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87",
3401
3447
  options?: MLDSAKeyPairKeyObjectOptions,
3402
3448
  ): Promise<KeyPairKeyObjectResult>;
3449
+ function __promisify__(
3450
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3451
+ options: MLKEMKeyPairOptions<"pem", "pem">,
3452
+ ): Promise<{
3453
+ publicKey: string;
3454
+ privateKey: string;
3455
+ }>;
3456
+ function __promisify__(
3457
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3458
+ options: MLKEMKeyPairOptions<"pem", "der">,
3459
+ ): Promise<{
3460
+ publicKey: string;
3461
+ privateKey: Buffer;
3462
+ }>;
3463
+ function __promisify__(
3464
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3465
+ options: MLKEMKeyPairOptions<"der", "pem">,
3466
+ ): Promise<{
3467
+ publicKey: Buffer;
3468
+ privateKey: string;
3469
+ }>;
3470
+ function __promisify__(
3471
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3472
+ options: MLKEMKeyPairOptions<"der", "der">,
3473
+ ): Promise<{
3474
+ publicKey: Buffer;
3475
+ privateKey: Buffer;
3476
+ }>;
3477
+ function __promisify__(
3478
+ type: "ml-kem-1024" | "ml-kem-512" | "ml-kem-768",
3479
+ options?: MLKEMKeyPairKeyObjectOptions,
3480
+ ): Promise<KeyPairKeyObjectResult>;
3403
3481
  }
3404
3482
  /**
3405
3483
  * Calculates and returns the signature for `data` using the given private key and
@@ -3461,9 +3539,37 @@ declare module "crypto" {
3461
3539
  callback: (error: Error | null, result: boolean) => void,
3462
3540
  ): void;
3463
3541
  /**
3464
- * Computes the Diffie-Hellman secret based on a `privateKey` and a `publicKey`.
3465
- * Both keys must have the same `asymmetricKeyType`, which must be one of `'dh'`
3466
- * (for Diffie-Hellman), `'ec'`, `'x448'`, or `'x25519'` (for ECDH).
3542
+ * Key decapsulation using a KEM algorithm with a private key.
3543
+ *
3544
+ * Supported key types and their KEM algorithms are:
3545
+ *
3546
+ * * `'rsa'` RSA Secret Value Encapsulation
3547
+ * * `'ec'` DHKEM(P-256, HKDF-SHA256), DHKEM(P-384, HKDF-SHA256), DHKEM(P-521, HKDF-SHA256)
3548
+ * * `'x25519'` DHKEM(X25519, HKDF-SHA256)
3549
+ * * `'x448'` DHKEM(X448, HKDF-SHA512)
3550
+ * * `'ml-kem-512'` ML-KEM
3551
+ * * `'ml-kem-768'` ML-KEM
3552
+ * * `'ml-kem-1024'` ML-KEM
3553
+ *
3554
+ * If `key` is not a {@link KeyObject}, this function behaves as if `key` had been
3555
+ * passed to `crypto.createPrivateKey()`.
3556
+ *
3557
+ * If the `callback` function is provided this function uses libuv's threadpool.
3558
+ * @since v24.7.0
3559
+ */
3560
+ function decapsulate(
3561
+ key: KeyLike | PrivateKeyInput | JsonWebKeyInput,
3562
+ ciphertext: ArrayBuffer | NodeJS.ArrayBufferView,
3563
+ ): Buffer;
3564
+ function decapsulate(
3565
+ key: KeyLike | PrivateKeyInput | JsonWebKeyInput,
3566
+ ciphertext: ArrayBuffer | NodeJS.ArrayBufferView,
3567
+ callback: (err: Error, sharedKey: Buffer) => void,
3568
+ ): void;
3569
+ /**
3570
+ * Computes the Diffie-Hellman shared secret based on a `privateKey` and a `publicKey`.
3571
+ * Both keys must have the same `asymmetricKeyType` and must support either the DH or
3572
+ * ECDH operation.
3467
3573
  *
3468
3574
  * If the `callback` function is provided this function uses libuv's threadpool.
3469
3575
  * @since v13.9.0, v12.17.0
@@ -3473,6 +3579,30 @@ declare module "crypto" {
3473
3579
  options: { privateKey: KeyObject; publicKey: KeyObject },
3474
3580
  callback: (err: Error | null, secret: Buffer) => void,
3475
3581
  ): void;
3582
+ /**
3583
+ * Key encapsulation using a KEM algorithm with a public key.
3584
+ *
3585
+ * Supported key types and their KEM algorithms are:
3586
+ *
3587
+ * * `'rsa'` RSA Secret Value Encapsulation
3588
+ * * `'ec'` DHKEM(P-256, HKDF-SHA256), DHKEM(P-384, HKDF-SHA256), DHKEM(P-521, HKDF-SHA256)
3589
+ * * `'x25519'` DHKEM(X25519, HKDF-SHA256)
3590
+ * * `'x448'` DHKEM(X448, HKDF-SHA512)
3591
+ * * `'ml-kem-512'` ML-KEM
3592
+ * * `'ml-kem-768'` ML-KEM
3593
+ * * `'ml-kem-1024'` ML-KEM
3594
+ *
3595
+ * If `key` is not a {@link KeyObject}, this function behaves as if `key` had been
3596
+ * passed to `crypto.createPublicKey()`.
3597
+ *
3598
+ * If the `callback` function is provided this function uses libuv's threadpool.
3599
+ * @since v24.7.0
3600
+ */
3601
+ function encapsulate(key: KeyLike | PublicKeyInput | JsonWebKeyInput): { sharedKey: Buffer; ciphertext: Buffer };
3602
+ function encapsulate(
3603
+ key: KeyLike | PublicKeyInput | JsonWebKeyInput,
3604
+ callback: (err: Error, result: { sharedKey: Buffer; ciphertext: Buffer }) => void,
3605
+ ): void;
3476
3606
  interface OneShotDigestOptions {
3477
3607
  /**
3478
3608
  * Encoding used to encode the returned digest.
@@ -4115,6 +4245,130 @@ declare module "crypto" {
4115
4245
  * @return Returns `typedArray`.
4116
4246
  */
4117
4247
  function getRandomValues<T extends webcrypto.BufferSource>(typedArray: T): T;
4248
+ type Argon2Algorithm = "argon2d" | "argon2i" | "argon2id";
4249
+ interface Argon2Parameters {
4250
+ /**
4251
+ * REQUIRED, this is the password for password hashing applications of Argon2.
4252
+ */
4253
+ message: string | ArrayBuffer | NodeJS.ArrayBufferView;
4254
+ /**
4255
+ * REQUIRED, must be at least 8 bytes long. This is the salt for password hashing applications of Argon2.
4256
+ */
4257
+ nonce: string | ArrayBuffer | NodeJS.ArrayBufferView;
4258
+ /**
4259
+ * REQUIRED, degree of parallelism determines how many computational chains (lanes)
4260
+ * can be run. Must be greater than 1 and less than `2**24-1`.
4261
+ */
4262
+ parallelism: number;
4263
+ /**
4264
+ * REQUIRED, the length of the key to generate. Must be greater than 4 and
4265
+ * less than `2**32-1`.
4266
+ */
4267
+ tagLength: number;
4268
+ /**
4269
+ * REQUIRED, memory cost in 1KiB blocks. Must be greater than
4270
+ * `8 * parallelism` and less than `2**32-1`. The actual number of blocks is rounded
4271
+ * down to the nearest multiple of `4 * parallelism`.
4272
+ */
4273
+ memory: number;
4274
+ /**
4275
+ * REQUIRED, number of passes (iterations). Must be greater than 1 and less
4276
+ * than `2**32-1`.
4277
+ */
4278
+ passes: number;
4279
+ /**
4280
+ * OPTIONAL, Random additional input,
4281
+ * similar to the salt, that should **NOT** be stored with the derived key. This is known as pepper in
4282
+ * password hashing applications. If used, must have a length not greater than `2**32-1` bytes.
4283
+ */
4284
+ secret?: string | ArrayBuffer | NodeJS.ArrayBufferView | undefined;
4285
+ /**
4286
+ * OPTIONAL, Additional data to
4287
+ * be added to the hash, functionally equivalent to salt or secret, but meant for
4288
+ * non-random data. If used, must have a length not greater than `2**32-1` bytes.
4289
+ */
4290
+ associatedData?: string | ArrayBuffer | NodeJS.ArrayBufferView | undefined;
4291
+ }
4292
+ /**
4293
+ * Provides an asynchronous [Argon2](https://www.rfc-editor.org/rfc/rfc9106.html) implementation. Argon2 is a password-based
4294
+ * key derivation function that is designed to be expensive computationally and
4295
+ * memory-wise in order to make brute-force attacks unrewarding.
4296
+ *
4297
+ * The `nonce` should be as unique as possible. It is recommended that a nonce is
4298
+ * random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details.
4299
+ *
4300
+ * When passing strings for `message`, `nonce`, `secret` or `associatedData`, please
4301
+ * consider [caveats when using strings as inputs to cryptographic APIs](https://nodejs.org/docs/latest-v24.x/api/crypto.html#using-strings-as-inputs-to-cryptographic-apis).
4302
+ *
4303
+ * The `callback` function is called with two arguments: `err` and `derivedKey`.
4304
+ * `err` is an exception object when key derivation fails, otherwise `err` is
4305
+ * `null`. `derivedKey` is passed to the callback as a `Buffer`.
4306
+ *
4307
+ * An exception is thrown when any of the input arguments specify invalid values
4308
+ * or types.
4309
+ *
4310
+ * ```js
4311
+ * const { argon2, randomBytes } = await import('node:crypto');
4312
+ *
4313
+ * const parameters = {
4314
+ * message: 'password',
4315
+ * nonce: randomBytes(16),
4316
+ * parallelism: 4,
4317
+ * tagLength: 64,
4318
+ * memory: 65536,
4319
+ * passes: 3,
4320
+ * };
4321
+ *
4322
+ * argon2('argon2id', parameters, (err, derivedKey) => {
4323
+ * if (err) throw err;
4324
+ * console.log(derivedKey.toString('hex')); // 'af91dad...9520f15'
4325
+ * });
4326
+ * ```
4327
+ * @since v24.7.0
4328
+ * @param algorithm Variant of Argon2, one of `"argon2d"`, `"argon2i"` or `"argon2id"`.
4329
+ * @experimental
4330
+ */
4331
+ function argon2(
4332
+ algorithm: Argon2Algorithm,
4333
+ parameters: Argon2Parameters,
4334
+ callback: (err: Error | null, derivedKey: Buffer) => void,
4335
+ ): void;
4336
+ /**
4337
+ * Provides a synchronous [Argon2][] implementation. Argon2 is a password-based
4338
+ * key derivation function that is designed to be expensive computationally and
4339
+ * memory-wise in order to make brute-force attacks unrewarding.
4340
+ *
4341
+ * The `nonce` should be as unique as possible. It is recommended that a nonce is
4342
+ * random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details.
4343
+ *
4344
+ * When passing strings for `message`, `nonce`, `secret` or `associatedData`, please
4345
+ * consider [caveats when using strings as inputs to cryptographic APIs](https://nodejs.org/docs/latest-v24.x/api/crypto.html#using-strings-as-inputs-to-cryptographic-apis).
4346
+ *
4347
+ * An exception is thrown when key derivation fails, otherwise the derived key is
4348
+ * returned as a `Buffer`.
4349
+ *
4350
+ * An exception is thrown when any of the input arguments specify invalid values
4351
+ * or types.
4352
+ *
4353
+ * ```js
4354
+ * const { argon2Sync, randomBytes } = await import('node:crypto');
4355
+ *
4356
+ * const parameters = {
4357
+ * message: 'password',
4358
+ * nonce: randomBytes(16),
4359
+ * parallelism: 4,
4360
+ * tagLength: 64,
4361
+ * memory: 65536,
4362
+ * passes: 3,
4363
+ * };
4364
+ *
4365
+ * const derivedKey = argon2Sync('argon2id', parameters);
4366
+ * console.log(derivedKey.toString('hex')); // 'af91dad...9520f15'
4367
+ * ```
4368
+ * @since v24.7.0
4369
+ * @experimental
4370
+ */
4371
+ function argon2Sync(algorithm: Argon2Algorithm, parameters: Argon2Parameters): Buffer;
4118
4372
  /**
4119
4373
  * A convenient alias for `crypto.webcrypto.subtle`.
4120
4374
  * @since v17.4.0
@@ -4129,21 +4383,30 @@ declare module "crypto" {
4129
4383
  const webcrypto: webcrypto.Crypto;
4130
4384
  namespace webcrypto {
4131
4385
  type BufferSource = ArrayBufferView | ArrayBuffer;
4132
- type KeyFormat = "jwk" | "pkcs8" | "raw" | "spki";
4386
+ type KeyFormat = "jwk" | "pkcs8" | "raw" | "raw-public" | "raw-secret" | "raw-seed" | "spki";
4133
4387
  type KeyType = "private" | "public" | "secret";
4134
4388
  type KeyUsage =
4135
- | "decrypt"
4136
- | "deriveBits"
4137
- | "deriveKey"
4138
4389
  | "encrypt"
4390
+ | "decrypt"
4139
4391
  | "sign"
4140
- | "unwrapKey"
4141
4392
  | "verify"
4142
- | "wrapKey";
4393
+ | "deriveKey"
4394
+ | "deriveBits"
4395
+ | "encapsulateBits"
4396
+ | "decapsulateBits"
4397
+ | "encapsulateKey"
4398
+ | "decapsulateKey"
4399
+ | "wrapKey"
4400
+ | "unwrapKey";
4143
4401
  type AlgorithmIdentifier = Algorithm | string;
4144
4402
  type HashAlgorithmIdentifier = AlgorithmIdentifier;
4145
4403
  type NamedCurve = string;
4146
4404
  type BigInteger = Uint8Array;
4405
+ interface AeadParams extends Algorithm {
4406
+ additionalData?: BufferSource;
4407
+ iv: BufferSource;
4408
+ tagLength: number;
4409
+ }
4147
4410
  interface AesCbcParams extends Algorithm {
4148
4411
  iv: BufferSource;
4149
4412
  }
@@ -4154,6 +4417,8 @@ declare module "crypto" {
4154
4417
  interface AesDerivedKeyParams extends Algorithm {
4155
4418
  length: number;
4156
4419
  }
4420
+ // TODO: remove in next major
4421
+ /** @deprecated Replaced by `AeadParams`. */
4157
4422
  interface AesGcmParams extends Algorithm {
4158
4423
  additionalData?: BufferSource;
4159
4424
  iv: BufferSource;
@@ -4168,6 +4433,14 @@ declare module "crypto" {
4168
4433
  interface Algorithm {
4169
4434
  name: string;
4170
4435
  }
4436
+ interface CShakeParams extends Algorithm {
4437
+ customization?: BufferSource;
4438
+ functionName?: BufferSource;
4439
+ length: number;
4440
+ }
4441
+ interface ContextParams extends Algorithm {
4442
+ context?: BufferSource;
4443
+ }
4171
4444
  interface EcKeyAlgorithm extends KeyAlgorithm {
4172
4445
  namedCurve: NamedCurve;
4173
4446
  }
@@ -4279,22 +4552,15 @@ declare module "crypto" {
4279
4552
  * An error will be thrown if the given `typedArray` is larger than 65,536 bytes.
4280
4553
  * @since v15.0.0
4281
4554
  */
4282
- getRandomValues<T extends Exclude<NodeJS.TypedArray, Float32Array | Float64Array>>(typedArray: T): T;
4555
+ getRandomValues<T extends Exclude<NodeJS.TypedArray, Float16Array | Float32Array | Float64Array>>(
4556
+ typedArray: T,
4557
+ ): T;
4283
4558
  /**
4284
4559
  * Generates a random {@link https://www.rfc-editor.org/rfc/rfc4122.txt RFC 4122} version 4 UUID.
4285
4560
  * The UUID is generated using a cryptographic pseudorandom number generator.
4286
4561
  * @since v16.7.0
4287
4562
  */
4288
4563
  randomUUID(): UUID;
4289
- CryptoKey: CryptoKeyConstructor;
4290
- }
4291
- // This constructor throws ILLEGAL_CONSTRUCTOR so it should not be newable.
4292
- interface CryptoKeyConstructor {
4293
- /** Illegal constructor */
4294
- (_: { readonly _: unique symbol }): never; // Allows instanceof to work but not be callable by the user.
4295
- readonly length: 0;
4296
- readonly name: "CryptoKey";
4297
- readonly prototype: CryptoKey;
4298
4564
  }
4299
4565
  /**
4300
4566
  * @since v15.0.0
@@ -4349,10 +4615,50 @@ declare module "crypto" {
4349
4615
  */
4350
4616
  publicKey: CryptoKey;
4351
4617
  }
4618
+ interface EncapsulatedBits {
4619
+ sharedKey: ArrayBuffer;
4620
+ ciphertext: ArrayBuffer;
4621
+ }
4622
+ interface EncapsulatedKey {
4623
+ sharedKey: CryptoKey;
4624
+ ciphertext: ArrayBuffer;
4625
+ }
4352
4626
  /**
4353
4627
  * @since v15.0.0
4354
4628
  */
4355
4629
  interface SubtleCrypto {
4630
+ /**
4631
+ * The algorithms currently supported include:
4632
+ *
4633
+ * * `'ML-KEM-512'`
4634
+ * * `'ML-KEM-768'`
4635
+ * * `'ML-KEM-1024'`
4636
+ * @since v24.7.0
4637
+ * @returns Fulfills with `ArrayBuffer` upon success.
4638
+ */
4639
+ decapsulateBits(
4640
+ decapsulationAlgorithm: AlgorithmIdentifier,
4641
+ decapsulationKey: CryptoKey,
4642
+ ciphertext: BufferSource,
4643
+ ): Promise<ArrayBuffer>;
4644
+ /**
4645
+ * The algorithms currently supported include:
4646
+ *
4647
+ * * `'ML-KEM-512'`
4648
+ * * `'ML-KEM-768'`
4649
+ * * `'ML-KEM-1024'`
4650
+ * @since v24.7.0
4651
+ * @param usages See [Key usages](https://nodejs.org/docs/latest-v24.x/api/webcrypto.html#cryptokeyusages).
4652
+ * @returns Fulfills with `CryptoKey` upon success.
4653
+ */
4654
+ decapsulateKey(
4655
+ decapsulationAlgorithm: AlgorithmIdentifier,
4656
+ decapsulationKey: CryptoKey,
4657
+ ciphertext: BufferSource,
4658
+ sharedKeyAlgorithm: AlgorithmIdentifier | HmacImportParams | AesDerivedKeyParams,
4659
+ extractable: boolean,
4660
+ usages: KeyUsage[],
4661
+ ): Promise<CryptoKey>;
4356
4662
  /**
4357
4663
  * Using the method and parameters specified in `algorithm` and the keying material provided by `key`,
4358
4664
  * `subtle.decrypt()` attempts to decipher the provided `data`. If successful,
@@ -4360,14 +4666,16 @@ declare module "crypto" {
4360
4666
  *
4361
4667
  * The algorithms currently supported include:
4362
4668
  *
4363
- * - `'RSA-OAEP'`
4364
- * - `'AES-CTR'`
4365
- * - `'AES-CBC'`
4366
- * - `'AES-GCM'`
4669
+ * * `'AES-CBC'`
4670
+ * * `'AES-CTR'`
4671
+ * * `'AES-GCM'`
4672
+ * * `'AES-OCB'`
4673
+ * * `'ChaCha20-Poly1305'`
4674
+ * * `'RSA-OAEP'`
4367
4675
  * @since v15.0.0
4368
4676
  */
4369
4677
  decrypt(
4370
- algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
4678
+ algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
4371
4679
  key: CryptoKey,
4372
4680
  data: BufferSource,
4373
4681
  ): Promise<ArrayBuffer>;
@@ -4381,11 +4689,11 @@ declare module "crypto" {
4381
4689
  *
4382
4690
  * The algorithms currently supported include:
4383
4691
  *
4384
- * - `'ECDH'`
4385
- * - `'X25519'`
4386
- * - `'X448'`
4387
- * - `'HKDF'`
4388
- * - `'PBKDF2'`
4692
+ * * `'ECDH'`
4693
+ * * `'HKDF'`
4694
+ * * `'PBKDF2'`
4695
+ * * `'X25519'`
4696
+ * * `'X448'`
4389
4697
  * @since v15.0.0
4390
4698
  */
4391
4699
  deriveBits(
@@ -4407,11 +4715,11 @@ declare module "crypto" {
4407
4715
  *
4408
4716
  * The algorithms currently supported include:
4409
4717
  *
4410
- * - `'ECDH'`
4411
- * - `'X25519'`
4412
- * - `'X448'`
4413
- * - `'HKDF'`
4414
- * - `'PBKDF2'`
4718
+ * * `'ECDH'`
4719
+ * * `'HKDF'`
4720
+ * * `'PBKDF2'`
4721
+ * * `'X25519'`
4722
+ * * `'X448'`
4415
4723
  * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
4416
4724
  * @since v15.0.0
4417
4725
  */
@@ -4428,15 +4736,50 @@ declare module "crypto" {
4428
4736
  *
4429
4737
  * If `algorithm` is provided as a `<string>`, it must be one of:
4430
4738
  *
4431
- * - `'SHA-1'`
4432
- * - `'SHA-256'`
4433
- * - `'SHA-384'`
4434
- * - `'SHA-512'`
4739
+ * * `'cSHAKE128'`
4740
+ * * `'cSHAKE256'`
4741
+ * * `'SHA-1'`
4742
+ * * `'SHA-256'`
4743
+ * * `'SHA-384'`
4744
+ * * `'SHA-512'`
4745
+ * * `'SHA3-256'`
4746
+ * * `'SHA3-384'`
4747
+ * * `'SHA3-512'`
4435
4748
  *
4436
4749
  * If `algorithm` is provided as an `<Object>`, it must have a `name` property whose value is one of the above.
4437
4750
  * @since v15.0.0
4438
4751
  */
4439
- digest(algorithm: AlgorithmIdentifier, data: BufferSource): Promise<ArrayBuffer>;
4752
+ digest(algorithm: AlgorithmIdentifier | CShakeParams, data: BufferSource): Promise<ArrayBuffer>;
4753
+ /**
4754
+ * The algorithms currently supported include:
4755
+ *
4756
+ * * `'ML-KEM-512'`
4757
+ * * `'ML-KEM-768'`
4758
+ * * `'ML-KEM-1024'`
4759
+ * @since v24.7.0
4760
+ * @returns Fulfills with `EncapsulatedBits` upon success.
4761
+ */
4762
+ encapsulateBits(
4763
+ encapsulationAlgorithm: AlgorithmIdentifier,
4764
+ encapsulationKey: CryptoKey,
4765
+ ): Promise<EncapsulatedBits>;
4766
+ /**
4767
+ * The algorithms currently supported include:
4768
+ *
4769
+ * * `'ML-KEM-512'`
4770
+ * * `'ML-KEM-768'`
4771
+ * * `'ML-KEM-1024'`
4772
+ * @since v24.7.0
4773
+ * @param usages See [Key usages](https://nodejs.org/docs/latest-v24.x/api/webcrypto.html#cryptokeyusages).
4774
+ * @returns Fulfills with `EncapsulatedKey` upon success.
4775
+ */
4776
+ encapsulateKey(
4777
+ encapsulationAlgorithm: AlgorithmIdentifier,
4778
+ encapsulationKey: CryptoKey,
4779
+ sharedKeyAlgorithm: AlgorithmIdentifier | HmacImportParams | AesDerivedKeyParams,
4780
+ extractable: boolean,
4781
+ usages: KeyUsage[],
4782
+ ): Promise<EncapsulatedKey>;
4440
4783
  /**
4441
4784
  * Using the method and parameters specified by `algorithm` and the keying material provided by `key`,
4442
4785
  * `subtle.encrypt()` attempts to encipher `data`. If successful,
@@ -4444,14 +4787,16 @@ declare module "crypto" {
4444
4787
  *
4445
4788
  * The algorithms currently supported include:
4446
4789
  *
4447
- * - `'RSA-OAEP'`
4448
- * - `'AES-CTR'`
4449
- * - `'AES-CBC'`
4450
- * - `'AES-GCM'`
4790
+ * * `'AES-CBC'`
4791
+ * * `'AES-CTR'`
4792
+ * * `'AES-GCM'`
4793
+ * * `'AES-OCB'`
4794
+ * * `'ChaCha20-Poly1305'`
4795
+ * * `'RSA-OAEP'`
4451
4796
  * @since v15.0.0
4452
4797
  */
4453
4798
  encrypt(
4454
- algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
4799
+ algorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
4455
4800
  key: CryptoKey,
4456
4801
  data: BufferSource,
4457
4802
  ): Promise<ArrayBuffer>;
@@ -4465,35 +4810,45 @@ declare module "crypto" {
4465
4810
  *
4466
4811
  * When `format` is `'jwk'` and the export is successful, the returned promise will be resolved with a
4467
4812
  * JavaScript object conforming to the {@link https://tools.ietf.org/html/rfc7517 JSON Web Key} specification.
4468
- * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
4813
+ * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
4814
+ * `'raw-public'`, or `'raw-seed'`.
4469
4815
  * @returns `<Promise>` containing `<ArrayBuffer>`.
4470
4816
  * @since v15.0.0
4471
4817
  */
4472
4818
  exportKey(format: "jwk", key: CryptoKey): Promise<JsonWebKey>;
4473
4819
  exportKey(format: Exclude<KeyFormat, "jwk">, key: CryptoKey): Promise<ArrayBuffer>;
4474
4820
  /**
4475
- * Using the method and parameters provided in `algorithm`,
4476
- * `subtle.generateKey()` attempts to generate new keying material.
4477
- * Depending the method used, the method may generate either a single `<CryptoKey>` or a `<CryptoKeyPair>`.
4821
+ * Using the method and parameters provided in `algorithm`, `subtle.generateKey()`
4822
+ * attempts to generate new keying material. Depending the method used, the method
4823
+ * may generate either a single `CryptoKey` or a `CryptoKeyPair`.
4478
4824
  *
4479
- * The `<CryptoKeyPair>` (public and private key) generating algorithms supported include:
4825
+ * The `CryptoKeyPair` (public and private key) generating algorithms supported
4826
+ * include:
4480
4827
  *
4481
- * - `'RSASSA-PKCS1-v1_5'`
4482
- * - `'RSA-PSS'`
4483
- * - `'RSA-OAEP'`
4484
- * - `'ECDSA'`
4485
- * - `'Ed25519'`
4486
- * - `'Ed448'`
4487
- * - `'ECDH'`
4488
- * - `'X25519'`
4489
- * - `'X448'`
4490
- * The `<CryptoKey>` (secret key) generating algorithms supported include:
4828
+ * * `'ECDH'`
4829
+ * * `'ECDSA'`
4830
+ * * `'Ed25519'`
4831
+ * * `'Ed448'`
4832
+ * * `'ML-DSA-44'`
4833
+ * * `'ML-DSA-65'`
4834
+ * * `'ML-DSA-87'`
4835
+ * * `'ML-KEM-512'`
4836
+ * * `'ML-KEM-768'`
4837
+ * * `'ML-KEM-1024'`
4838
+ * * `'RSA-OAEP'`
4839
+ * * `'RSA-PSS'`
4840
+ * * `'RSASSA-PKCS1-v1_5'`
4841
+ * * `'X25519'`
4842
+ * * `'X448'`
4491
4843
  *
4492
- * - `'HMAC'`
4493
- * - `'AES-CTR'`
4494
- * - `'AES-CBC'`
4495
- * - `'AES-GCM'`
4496
- * - `'AES-KW'`
4844
+ * The {CryptoKey} (secret key) generating algorithms supported include:
4845
+ * * `'AES-CBC'`
4846
+ * * `'AES-CTR'`
4847
+ * * `'AES-GCM'`
4848
+ * * `'AES-KW'`
4849
+ * * `'AES-OCB'`
4850
+ * * `'ChaCha20-Poly1305'`
4851
+ * * `'HMAC'`
4497
4852
  * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
4498
4853
  * @since v15.0.0
4499
4854
  */
@@ -4512,13 +4867,22 @@ declare module "crypto" {
4512
4867
  extractable: boolean,
4513
4868
  keyUsages: KeyUsage[],
4514
4869
  ): Promise<CryptoKeyPair | CryptoKey>;
4870
+ /**
4871
+ * Derives the public key from a given private key.
4872
+ * @since v24.7.0
4873
+ * @param key A private key from which to derive the corresponding public key.
4874
+ * @param keyUsages See [Key usages](https://nodejs.org/docs/latest-v24.x/api/webcrypto.html#cryptokeyusages).
4875
+ * @returns Fulfills with a `CryptoKey` upon success.
4876
+ */
4877
+ getPublicKey(key: CryptoKey, keyUsages: KeyUsage[]): Promise<CryptoKey>;
4515
4878
  /**
4516
4879
  * The `subtle.importKey()` method attempts to interpret the provided `keyData` as the given `format`
4517
4880
  * to create a `<CryptoKey>` instance using the provided `algorithm`, `extractable`, and `keyUsages` arguments.
4518
4881
  * If the import is successful, the returned promise will be resolved with the created `<CryptoKey>`.
4519
4882
  *
4520
4883
  * If importing a `'PBKDF2'` key, `extractable` must be `false`.
4521
- * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
4884
+ * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
4885
+ * `'raw-public'`, or `'raw-seed'`.
4522
4886
  * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
4523
4887
  * @since v15.0.0
4524
4888
  */
@@ -4553,16 +4917,19 @@ declare module "crypto" {
4553
4917
  *
4554
4918
  * The algorithms currently supported include:
4555
4919
  *
4556
- * - `'RSASSA-PKCS1-v1_5'`
4557
- * - `'RSA-PSS'`
4558
- * - `'ECDSA'`
4559
- * - `'Ed25519'`
4560
- * - `'Ed448'`
4561
- * - `'HMAC'`
4920
+ * * `'ECDSA'`
4921
+ * * `'Ed25519'`
4922
+ * * `'Ed448'`
4923
+ * * `'HMAC'`
4924
+ * * `'ML-DSA-44'`
4925
+ * * `'ML-DSA-65'`
4926
+ * * `'ML-DSA-87'`
4927
+ * * `'RSA-PSS'`
4928
+ * * `'RSASSA-PKCS1-v1_5'`
4562
4929
  * @since v15.0.0
4563
4930
  */
4564
4931
  sign(
4565
- algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | Ed448Params,
4932
+ algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | Ed448Params | ContextParams,
4566
4933
  key: CryptoKey,
4567
4934
  data: BufferSource,
4568
4935
  ): Promise<ArrayBuffer>;
@@ -4575,29 +4942,40 @@ declare module "crypto" {
4575
4942
  *
4576
4943
  * The wrapping algorithms currently supported include:
4577
4944
  *
4578
- * - `'RSA-OAEP'`
4579
- * - `'AES-CTR'`
4580
- * - `'AES-CBC'`
4581
- * - `'AES-GCM'`
4582
- * - `'AES-KW'`
4945
+ * * `'AES-CBC'`
4946
+ * * `'AES-CTR'`
4947
+ * * `'AES-GCM'`
4948
+ * * `'AES-KW'`
4949
+ * * `'AES-OCB'`
4950
+ * * `'ChaCha20-Poly1305'`
4951
+ * * `'RSA-OAEP'`
4583
4952
  *
4584
4953
  * The unwrapped key algorithms supported include:
4585
4954
  *
4586
- * - `'RSASSA-PKCS1-v1_5'`
4587
- * - `'RSA-PSS'`
4588
- * - `'RSA-OAEP'`
4589
- * - `'ECDSA'`
4590
- * - `'Ed25519'`
4591
- * - `'Ed448'`
4592
- * - `'ECDH'`
4593
- * - `'X25519'`
4594
- * - `'X448'`
4595
- * - `'HMAC'`
4596
- * - `'AES-CTR'`
4597
- * - `'AES-CBC'`
4598
- * - `'AES-GCM'`
4599
- * - `'AES-KW'`
4600
- * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
4955
+ * * `'AES-CBC'`
4956
+ * * `'AES-CTR'`
4957
+ * * `'AES-GCM'`
4958
+ * * `'AES-KW'`
4959
+ * * `'AES-OCB'`
4960
+ * * `'ChaCha20-Poly1305'`
4961
+ * * `'ECDH'`
4962
+ * * `'ECDSA'`
4963
+ * * `'Ed25519'`
4964
+ * * `'Ed448'`
4965
+ * * `'HMAC'`
4966
+ * * `'ML-DSA-44'`
4967
+ * * `'ML-DSA-65'`
4968
+ * * `'ML-DSA-87'`
4969
+ * * `'ML-KEM-512'`
4970
+ * * `'ML-KEM-768'`
4971
+ * * `'ML-KEM-1024'`
4972
+ * * `'RSA-OAEP'`
4973
+ * * `'RSA-PSS'`
4974
+ * * `'RSASSA-PKCS1-v1_5'`
4975
+ * * `'X25519'`
4976
+ * * `'X448'`
4977
+ * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
4978
+ * `'raw-public'`, or `'raw-seed'`.
4601
4979
  * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
4602
4980
  * @since v15.0.0
4603
4981
  */
@@ -4605,7 +4983,7 @@ declare module "crypto" {
4605
4983
  format: KeyFormat,
4606
4984
  wrappedKey: BufferSource,
4607
4985
  unwrappingKey: CryptoKey,
4608
- unwrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
4986
+ unwrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
4609
4987
  unwrappedKeyAlgorithm:
4610
4988
  | AlgorithmIdentifier
4611
4989
  | RsaHashedImportParams
@@ -4622,16 +5000,19 @@ declare module "crypto" {
4622
5000
  *
4623
5001
  * The algorithms currently supported include:
4624
5002
  *
4625
- * - `'RSASSA-PKCS1-v1_5'`
4626
- * - `'RSA-PSS'`
4627
- * - `'ECDSA'`
4628
- * - `'Ed25519'`
4629
- * - `'Ed448'`
4630
- * - `'HMAC'`
5003
+ * * `'ECDSA'`
5004
+ * * `'Ed25519'`
5005
+ * * `'Ed448'`[^secure-curves]
5006
+ * * `'HMAC'`
5007
+ * * `'ML-DSA-44'`
5008
+ * * `'ML-DSA-65'`
5009
+ * * `'ML-DSA-87'`
5010
+ * * `'RSA-PSS'`
5011
+ * * `'RSASSA-PKCS1-v1_5'`
4631
5012
  * @since v15.0.0
4632
5013
  */
4633
5014
  verify(
4634
- algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | Ed448Params,
5015
+ algorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams | Ed448Params | ContextParams,
4635
5016
  key: CryptoKey,
4636
5017
  signature: BufferSource,
4637
5018
  data: BufferSource,
@@ -4646,30 +5027,25 @@ declare module "crypto" {
4646
5027
  *
4647
5028
  * The wrapping algorithms currently supported include:
4648
5029
  *
4649
- * - `'RSA-OAEP'`
4650
- * - `'AES-CTR'`
4651
- * - `'AES-CBC'`
4652
- * - `'AES-GCM'`
4653
- * - `'AES-KW'`
4654
- * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.
5030
+ * * `'AES-CBC'`
5031
+ * * `'AES-CTR'`
5032
+ * * `'AES-GCM'`
5033
+ * * `'AES-KW'`
5034
+ * * `'AES-OCB'`
5035
+ * * `'ChaCha20-Poly1305'`
5036
+ * * `'RSA-OAEP'`
5037
+ * @param format Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, `'raw-secret'`,
5038
+ * `'raw-public'`, or `'raw-seed'`.
4655
5039
  * @since v15.0.0
4656
5040
  */
4657
5041
  wrapKey(
4658
5042
  format: KeyFormat,
4659
5043
  key: CryptoKey,
4660
5044
  wrappingKey: CryptoKey,
4661
- wrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams,
5045
+ wrapAlgorithm: AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AeadParams,
4662
5046
  ): Promise<ArrayBuffer>;
4663
5047
  }
4664
5048
  }
4665
-
4666
- global {
4667
- var crypto: typeof globalThis extends {
4668
- crypto: infer T;
4669
- onmessage: any;
4670
- } ? T
4671
- : webcrypto.Crypto;
4672
- }
4673
5049
  }
4674
5050
  declare module "node:crypto" {
4675
5051
  export * from "crypto";