node-red-contrib-tak-registration 0.11.5 → 0.12.0

package/node_modules/@types/node/crypto.d.ts

@@ -14,7 +14,7 @@
  * // Prints:
  * //   c0fa1bc00531bd78ef38c628449c5102aeabd49b5dc3a2a516ea6ea959d6658e
  * ```
- * @see [source](https://github.com/nodejs/node/blob/v20.2.0/lib/crypto.js)
+ * @see [source](https://github.com/nodejs/node/blob/v20.13.1/lib/crypto.js)
  */
 declare module "crypto" {
     import * as stream from "node:stream";
@@ -27,7 +27,7 @@ declare module "crypto" {
      * should not use this element anymore.
      *
      * The `node:crypto` module provides the `Certificate` class for working with SPKAC
-     * data. The most common usage is handling output generated by the HTML5`<keygen>` element. Node.js uses [OpenSSL's SPKAC
+     * data. The most common usage is handling output generated by the HTML5 `<keygen>` element. Node.js uses [OpenSSL's SPKAC
      * implementation](https://www.openssl.org/docs/man3.0/man1/openssl-spkac.html) internally.
      * @since v0.11.8
      */
@@ -100,11 +100,13 @@ declare module "crypto" {
         const OPENSSL_VERSION_NUMBER: number;
         /** Applies multiple bug workarounds within OpenSSL. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html for detail. */
         const SSL_OP_ALL: number;
+        /** Instructs OpenSSL to allow a non-[EC]DHE-based key exchange mode for TLS v1.3 */
+        const SSL_OP_ALLOW_NO_DHE_KEX: number;
         /** Allows legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */
         const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: number;
         /** Attempts to use the server's preferences instead of the client's when selecting a cipher. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html. */
         const SSL_OP_CIPHER_SERVER_PREFERENCE: number;
-        /** Instructs OpenSSL to use Cisco's "speshul" version of DTLS_BAD_VER. */
+        /** Instructs OpenSSL to use Cisco's version identifier of DTLS_BAD_VER. */
         const SSL_OP_CISCO_ANYCONNECT: number;
         /** Instructs OpenSSL to turn on cookie exchange. */
         const SSL_OP_COOKIE_EXCHANGE: number;
@@ -116,15 +118,29 @@ declare module "crypto" {
         const SSL_OP_LEGACY_SERVER_CONNECT: number;
         /** Instructs OpenSSL to disable support for SSL/TLS compression. */
         const SSL_OP_NO_COMPRESSION: number;
+        /** Instructs OpenSSL to disable encrypt-then-MAC. */
+        const SSL_OP_NO_ENCRYPT_THEN_MAC: number;
         const SSL_OP_NO_QUERY_MTU: number;
+        /** Instructs OpenSSL to disable renegotiation. */
+        const SSL_OP_NO_RENEGOTIATION: number;
         /** Instructs OpenSSL to always start a new session when performing renegotiation. */
         const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: number;
+        /** Instructs OpenSSL to turn off SSL v2 */
         const SSL_OP_NO_SSLv2: number;
+        /** Instructs OpenSSL to turn off SSL v3 */
         const SSL_OP_NO_SSLv3: number;
+        /** Instructs OpenSSL to disable use of RFC4507bis tickets. */
         const SSL_OP_NO_TICKET: number;
+        /** Instructs OpenSSL to turn off TLS v1 */
         const SSL_OP_NO_TLSv1: number;
+        /** Instructs OpenSSL to turn off TLS v1.1 */
         const SSL_OP_NO_TLSv1_1: number;
+        /** Instructs OpenSSL to turn off TLS v1.2 */
         const SSL_OP_NO_TLSv1_2: number;
+        /** Instructs OpenSSL to turn off TLS v1.3 */
+        const SSL_OP_NO_TLSv1_3: number;
+        /** Instructs OpenSSL server to prioritize ChaCha20-Poly1305 when the client does. This option has no effect if `SSL_OP_CIPHER_SERVER_PREFERENCE` is not enabled. */
+        const SSL_OP_PRIORITIZE_CHACHA: number;
         /** Instructs OpenSSL to disable version rollback attack detection. */
         const SSL_OP_TLS_ROLLBACK_BUG: number;
         const ENGINE_METHOD_RSA: number;
@@ -363,7 +379,7 @@ declare module "crypto" {
          * @since v13.1.0
          * @param options `stream.transform` options
          */
-        copy(options?: stream.TransformOptions): Hash;
+        copy(options?: HashOptions): Hash;
         /**
          * Updates the hash content with the given `data`, the encoding of which
          * is given in `inputEncoding`.
@@ -454,6 +470,7 @@ declare module "crypto" {
      * //   7fd04df92f636fd450bc841c9418e5825c17f33ad9c87c518115a45971f7f77e
      * ```
      * @since v0.1.94
+     * @deprecated Since v20.13.0 Calling `Hmac` class directly with `Hmac()` or `new Hmac()` is deprecated due to being internals, not intended for public use. Please use the {@link createHmac} method to create Hmac instances.
      */
     class Hmac extends stream.Transform {
         private constructor();
@@ -637,6 +654,13 @@ declare module "crypto" {
         export(options: KeyExportOptions<"pem">): string | Buffer;
         export(options?: KeyExportOptions<"der">): Buffer;
         export(options?: JwkKeyExportOptions): JsonWebKey;
+        /**
+         * Returns `true` or `false` depending on whether the keys have exactly the same
+         * type, value, and parameters. This method is not [constant time](https://en.wikipedia.org/wiki/Timing_attack).
+         * @since v17.7.0, v16.15.0
+         * @param otherKeyObject A `KeyObject` with which to compare `keyObject`.
+         */
+        equals(otherKeyObject: KeyObject): boolean;
         /**
          * For secret keys, this property represents the size of the key in bytes. This
          * property is `undefined` for asymmetric keys.
@@ -665,7 +689,7 @@ declare module "crypto" {
         authTagLength: number;
     }
     /**
-     * Creates and returns a `Cipher` object that uses the given `algorithm` and`password`.
+     * Creates and returns a `Cipher` object that uses the given `algorithm` and `password`.
      *
      * The `options` argument controls stream behavior and is optional except when a
      * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
@@ -883,8 +907,8 @@ declare module "crypto" {
         private constructor();
         /**
          * Updates the cipher with `data`. If the `inputEncoding` argument is given,
-         * the `data`argument is a string using the specified encoding. If the `inputEncoding`argument is not given, `data` must be a `Buffer`, `TypedArray`, or`DataView`. If `data` is a `Buffer`,
-         * `TypedArray`, or `DataView`, then`inputEncoding` is ignored.
+         * the `data`argument is a string using the specified encoding. If the `inputEncoding`argument is not given, `data` must be a `Buffer`, `TypedArray`, or `DataView`. If `data` is a `Buffer`,
+         * `TypedArray`, or `DataView`, then `inputEncoding` is ignored.
          *
          * The `outputEncoding` specifies the output format of the enciphered
          * data. If the `outputEncoding`is specified, a string using the specified encoding is returned. If no`outputEncoding` is provided, a `Buffer` is returned.
@@ -954,10 +978,10 @@ declare module "crypto" {
         getAuthTag(): Buffer;
     }
     /**
-     * Creates and returns a `Decipher` object that uses the given `algorithm` and`password` (key).
+     * Creates and returns a `Decipher` object that uses the given `algorithm` and `password` (key).
      *
      * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
+     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the
      * authentication tag in bytes, see `CCM mode`.
      * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
      *
@@ -985,11 +1009,11 @@ declare module "crypto" {
     /** @deprecated since v10.0.0 use `createDecipheriv()` */
     function createDecipher(algorithm: string, password: BinaryLike, options?: stream.TransformOptions): Decipher;
     /**
-     * Creates and returns a `Decipher` object that uses the given `algorithm`, `key`and initialization vector (`iv`).
+     * Creates and returns a `Decipher` object that uses the given `algorithm`, `key` and initialization vector (`iv`).
      *
      * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
-     * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength`option is not required but can be used to restrict accepted authentication tags
+     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the
+     * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength` option is not required but can be used to restrict accepted authentication tags
      * to those with the specified length.
      * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
      *
@@ -1149,11 +1173,11 @@ declare module "crypto" {
         private constructor();
         /**
          * Updates the decipher with `data`. If the `inputEncoding` argument is given,
-         * the `data`argument is a string using the specified encoding. If the `inputEncoding`argument is not given, `data` must be a `Buffer`. If `data` is a `Buffer` then `inputEncoding` is
+         * the `data` argument is a string using the specified encoding. If the `inputEncoding` argument is not given, `data` must be a `Buffer`. If `data` is a `Buffer` then `inputEncoding` is
          * ignored.
          *
          * The `outputEncoding` specifies the output format of the enciphered
-         * data. If the `outputEncoding`is specified, a string using the specified encoding is returned. If no`outputEncoding` is provided, a `Buffer` is returned.
+         * data. If the `outputEncoding` is specified, a string using the specified encoding is returned. If no `outputEncoding` is provided, a `Buffer` is returned.
          *
          * The `decipher.update()` method can be called multiple times with new data until `decipher.final()` is called. Calling `decipher.update()` after `decipher.final()` will result in an error
          * being thrown.
@@ -1176,7 +1200,7 @@ declare module "crypto" {
         final(): Buffer;
         final(outputEncoding: BufferEncoding): string;
         /**
-         * When data has been encrypted without standard block padding, calling`decipher.setAutoPadding(false)` will disable automatic padding to prevent `decipher.final()` from checking for and
+         * When data has been encrypted without standard block padding, calling `decipher.setAutoPadding(false)` will disable automatic padding to prevent `decipher.final()` from checking for and
          * removing padding.
          *
          * Turning auto padding off will only work if the input data's length is a
@@ -1230,7 +1254,7 @@ declare module "crypto" {
         encoding?: string | undefined;
     }
     /**
-     * Asynchronously generates a new random secret key of the given `length`. The`type` will determine which validations will be performed on the `length`.
+     * Asynchronously generates a new random secret key of the given `length`. The `type` will determine which validations will be performed on the `length`.
      *
      * ```js
      * const {
@@ -1256,7 +1280,7 @@ declare module "crypto" {
         callback: (err: Error | null, key: KeyObject) => void,
     ): void;
     /**
-     * Synchronously generates a new random secret key of the given `length`. The`type` will determine which validations will be performed on the `length`.
+     * Synchronously generates a new random secret key of the given `length`. The `type` will determine which validations will be performed on the `length`.
      *
      * ```js
      * const {
@@ -1284,7 +1308,7 @@ declare module "crypto" {
     }
     /**
      * Creates and returns a new key object containing a private key. If `key` is a
-     * string or `Buffer`, `format` is assumed to be `'pem'`; otherwise, `key`must be an object with the properties described above.
+     * string or `Buffer`, `format` is assumed to be `'pem'`; otherwise, `key` must be an object with the properties described above.
      *
      * If the private key is encrypted, a `passphrase` must be specified. The length
      * of the passphrase is limited to 1024 bytes.
@@ -1293,7 +1317,7 @@ declare module "crypto" {
     function createPrivateKey(key: PrivateKeyInput | string | Buffer | JsonWebKeyInput): KeyObject;
     /**
      * Creates and returns a new key object containing a public key. If `key` is a
-     * string or `Buffer`, `format` is assumed to be `'pem'`; if `key` is a `KeyObject`with type `'private'`, the public key is derived from the given private key;
+     * string or `Buffer`, `format` is assumed to be `'pem'`; if `key` is a `KeyObject` with type `'private'`, the public key is derived from the given private key;
      * otherwise, `key` must be an object with the properties described above.
      *
      * If the format is `'pem'`, the `'key'` may also be an X.509 certificate.
@@ -1301,7 +1325,7 @@ declare module "crypto" {
      * Because public keys can be derived from private keys, a private key may be
      * passed instead of a public key. In that case, this function behaves as if {@link createPrivateKey} had been called, except that the type of the
      * returned `KeyObject` will be `'public'` and that the private key cannot be
-     * extracted from the returned `KeyObject`. Similarly, if a `KeyObject` with type`'private'` is given, a new `KeyObject` with type `'public'` will be returned
+     * extracted from the returned `KeyObject`. Similarly, if a `KeyObject` with type `'private'` is given, a new `KeyObject` with type `'public'` will be returned
      * and it will be impossible to extract the private key from the returned object.
      * @since v11.6.0
      */
@@ -1426,7 +1450,7 @@ declare module "crypto" {
         /**
          * Calculates the signature on all the data passed through using either `sign.update()` or `sign.write()`.
          *
-         * If `privateKey` is not a `KeyObject`, this function behaves as if`privateKey` had been passed to {@link createPrivateKey}. If it is an
+         * If `privateKey` is not a `KeyObject`, this function behaves as if `privateKey` had been passed to {@link createPrivateKey}. If it is an
          * object, the following additional properties can be passed:
          *
          * If `outputEncoding` is provided a string is returned; otherwise a `Buffer` is returned.
@@ -1444,7 +1468,7 @@ declare module "crypto" {
     /**
      * Creates and returns a `Verify` object that uses the given algorithm.
      * Use {@link getHashes} to obtain an array of names of the available
-     * signing algorithms. Optional `options` argument controls the`stream.Writable` behavior.
+     * signing algorithms. Optional `options` argument controls the `stream.Writable` behavior.
      *
      * In some cases, a `Verify` instance can be created using the name of a signature
      * algorithm, such as `'RSA-SHA256'`, instead of a digest algorithm. This will use
@@ -1464,7 +1488,7 @@ declare module "crypto" {
      * * Using the `verify.update()` and `verify.verify()` methods to verify
      * the signature.
      *
-     * The {@link createVerify} method is used to create `Verify` instances.`Verify` objects are not to be created directly using the `new` keyword.
+     * The {@link createVerify} method is used to create `Verify` instances. `Verify` objects are not to be created directly using the `new` keyword.
      *
      * See `Sign` for examples.
      * @since v0.1.92
@@ -1475,7 +1499,7 @@ declare module "crypto" {
          * Updates the `Verify` content with the given `data`, the encoding of which
          * is given in `inputEncoding`.
          * If `inputEncoding` is not provided, and the `data` is a string, an
-         * encoding of `'utf8'` is enforced. If `data` is a `Buffer`, `TypedArray`, or`DataView`, then `inputEncoding` is ignored.
+         * encoding of `'utf8'` is enforced. If `data` is a `Buffer`, `TypedArray`, or `DataView`, then `inputEncoding` is ignored.
          *
          * This can be called many times with new data as it is streamed.
          * @since v0.1.92
@@ -1486,13 +1510,13 @@ declare module "crypto" {
         /**
          * Verifies the provided data using the given `object` and `signature`.
          *
-         * If `object` is not a `KeyObject`, this function behaves as if`object` had been passed to {@link createPublicKey}. If it is an
+         * If `object` is not a `KeyObject`, this function behaves as if `object` had been passed to {@link createPublicKey}. If it is an
          * object, the following additional properties can be passed:
          *
          * The `signature` argument is the previously calculated signature for the data, in
          * the `signatureEncoding`.
          * If a `signatureEncoding` is specified, the `signature` is expected to be a
-         * string; otherwise `signature` is expected to be a `Buffer`,`TypedArray`, or `DataView`.
+         * string; otherwise `signature` is expected to be a `Buffer`, `TypedArray`, or `DataView`.
          *
          * The `verify` object can not be used again after `verify.verify()` has been
          * called. Multiple calls to `verify.verify()` will result in an error being
@@ -1516,7 +1540,7 @@ declare module "crypto" {
      * Creates a `DiffieHellman` key exchange object using the supplied `prime` and an
      * optional specific `generator`.
      *
-     * The `generator` argument can be a number, string, or `Buffer`. If`generator` is not specified, the value `2` is used.
+     * The `generator` argument can be a number, string, or `Buffer`. If `generator` is not specified, the value `2` is used.
      *
      * If `primeEncoding` is specified, `prime` is expected to be a string; otherwise
      * a `Buffer`, `TypedArray`, or `DataView` is expected.
@@ -1602,7 +1626,7 @@ declare module "crypto" {
          * key is interpreted using the specified `inputEncoding`, and secret is
          * encoded using specified `outputEncoding`.
          * If the `inputEncoding` is not
-         * provided, `otherPublicKey` is expected to be a `Buffer`,`TypedArray`, or `DataView`.
+         * provided, `otherPublicKey` is expected to be a `Buffer`, `TypedArray`, or `DataView`.
          *
          * If `outputEncoding` is given a string is returned; otherwise, a `Buffer` is returned.
          * @since v0.5.0
@@ -1658,7 +1682,7 @@ declare module "crypto" {
         getPrivateKey(): Buffer;
         getPrivateKey(encoding: BinaryToTextEncoding): string;
         /**
-         * Sets the Diffie-Hellman public key. If the `encoding` argument is provided,`publicKey` is expected
+         * Sets the Diffie-Hellman public key. If the `encoding` argument is provided, `publicKey` is expected
          * to be a string. If no `encoding` is provided, `publicKey` is expected
          * to be a `Buffer`, `TypedArray`, or `DataView`.
          * @since v0.5.0
@@ -1761,10 +1785,10 @@ declare module "crypto" {
     /**
      * Provides an asynchronous Password-Based Key Derivation Function 2 (PBKDF2)
      * implementation. A selected HMAC digest algorithm specified by `digest` is
-     * applied to derive a key of the requested byte length (`keylen`) from the`password`, `salt` and `iterations`.
+     * applied to derive a key of the requested byte length (`keylen`) from the `password`, `salt` and `iterations`.
      *
-     * The supplied `callback` function is called with two arguments: `err` and`derivedKey`. If an error occurs while deriving the key, `err` will be set;
-     * otherwise `err` will be `null`. By default, the successfully generated`derivedKey` will be passed to the callback as a `Buffer`. An error will be
+     * The supplied `callback` function is called with two arguments: `err` and `derivedKey`. If an error occurs while deriving the key, `err` will be set;
+     * otherwise `err` will be `null`. By default, the successfully generated `derivedKey` will be passed to the callback as a `Buffer`. An error will be
      * thrown if any of the input arguments specify invalid values or types.
      *
      * The `iterations` argument must be a number set as high as possible. The
@@ -1804,7 +1828,7 @@ declare module "crypto" {
     /**
      * Provides a synchronous Password-Based Key Derivation Function 2 (PBKDF2)
      * implementation. A selected HMAC digest algorithm specified by `digest` is
-     * applied to derive a key of the requested byte length (`keylen`) from the`password`, `salt` and `iterations`.
+     * applied to derive a key of the requested byte length (`keylen`) from the `password`, `salt` and `iterations`.
      *
      * If an error occurs an `Error` will be thrown, otherwise the derived key will be
      * returned as a `Buffer`.
@@ -1843,7 +1867,7 @@ declare module "crypto" {
      *
      * If a `callback` function is provided, the bytes are generated asynchronously
      * and the `callback` function is invoked with two arguments: `err` and `buf`.
-     * If an error occurs, `err` will be an `Error` object; otherwise it is `null`. The`buf` argument is a `Buffer` containing the generated bytes.
+     * If an error occurs, `err` will be an `Error` object; otherwise it is `null`. The `buf` argument is a `Buffer` containing the generated bytes.
      *
      * ```js
      * // Asynchronous
@@ -1897,7 +1921,7 @@ declare module "crypto" {
      * Return a random integer `n` such that `min <= n < max`.  This
      * implementation avoids [modulo bias](https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle#Modulo_bias).
      *
-     * The range (`max - min`) must be less than 248. `min` and `max` must
+     * The range (`max - min`) must be less than 2**48. `min` and `max` must
      * be [safe integers](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isSafeInteger).
      *
      * If the `callback` function is not provided, the random integer is
@@ -2014,7 +2038,7 @@ declare module "crypto" {
      * });
      * ```
      *
-     * Any `ArrayBuffer`, `TypedArray`, or `DataView` instance may be passed as`buffer`.
+     * Any `ArrayBuffer`, `TypedArray`, or `DataView` instance may be passed as `buffer`.
      *
      * While this includes instances of `Float32Array` and `Float64Array`, this
      * function should not be used to generate random floating-point numbers. The
@@ -2094,7 +2118,7 @@ declare module "crypto" {
      *
      * When passing strings for `password` or `salt`, please consider `caveats when using strings as inputs to cryptographic APIs`.
      *
-     * The `callback` function is called with two arguments: `err` and `derivedKey`.`err` is an exception object when key derivation fails, otherwise `err` is`null`. `derivedKey` is passed to the
+     * The `callback` function is called with two arguments: `err` and `derivedKey`. `err` is an exception object when key derivation fails, otherwise `err` is `null`. `derivedKey` is passed to the
      * callback as a `Buffer`.
      *
      * An exception is thrown when any of the input arguments specify invalid values
@@ -2180,8 +2204,8 @@ declare module "crypto" {
      * Encrypts the content of `buffer` with `key` and returns a new `Buffer` with encrypted content. The returned data can be decrypted using
      * the corresponding private key, for example using {@link privateDecrypt}.
      *
-     * If `key` is not a `KeyObject`, this function behaves as if`key` had been passed to {@link createPublicKey}. If it is an
-     * object, the `padding` property can be passed. Otherwise, this function uses`RSA_PKCS1_OAEP_PADDING`.
+     * If `key` is not a `KeyObject`, this function behaves as if `key` had been passed to {@link createPublicKey}. If it is an
+     * object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_OAEP_PADDING`.
      *
      * Because RSA public keys can be derived from private keys, a private key may
      * be passed instead of a public key.
@@ -2192,8 +2216,8 @@ declare module "crypto" {
      * Decrypts `buffer` with `key`.`buffer` was previously encrypted using
      * the corresponding private key, for example using {@link privateEncrypt}.
      *
-     * If `key` is not a `KeyObject`, this function behaves as if`key` had been passed to {@link createPublicKey}. If it is an
-     * object, the `padding` property can be passed. Otherwise, this function uses`RSA_PKCS1_PADDING`.
+     * If `key` is not a `KeyObject`, this function behaves as if `key` had been passed to {@link createPublicKey}. If it is an
+     * object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_PADDING`.
      *
      * Because RSA public keys can be derived from private keys, a private key may
      * be passed instead of a public key.
@@ -2204,8 +2228,8 @@ declare module "crypto" {
      * Decrypts `buffer` with `privateKey`. `buffer` was previously encrypted using
      * the corresponding public key, for example using {@link publicEncrypt}.
      *
-     * If `privateKey` is not a `KeyObject`, this function behaves as if`privateKey` had been passed to {@link createPrivateKey}. If it is an
-     * object, the `padding` property can be passed. Otherwise, this function uses`RSA_PKCS1_OAEP_PADDING`.
+     * If `privateKey` is not a `KeyObject`, this function behaves as if `privateKey` had been passed to {@link createPrivateKey}. If it is an
+     * object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_OAEP_PADDING`.
      * @since v0.11.14
      */
     function privateDecrypt(privateKey: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
@@ -2213,8 +2237,8 @@ declare module "crypto" {
      * Encrypts `buffer` with `privateKey`. The returned data can be decrypted using
      * the corresponding public key, for example using {@link publicDecrypt}.
      *
-     * If `privateKey` is not a `KeyObject`, this function behaves as if`privateKey` had been passed to {@link createPrivateKey}. If it is an
-     * object, the `padding` property can be passed. Otherwise, this function uses`RSA_PKCS1_PADDING`.
+     * If `privateKey` is not a `KeyObject`, this function behaves as if `privateKey` had been passed to {@link createPrivateKey}. If it is an
+     * object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_PADDING`.
      * @since v1.1.0
      */
     function privateEncrypt(privateKey: RsaPrivateKey | KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
@@ -2309,9 +2333,9 @@ declare module "crypto" {
          * On recent OpenSSL releases, `openssl ecparam -list_curves` will also display
          * the name and description of each available elliptic curve.
          *
-         * If `format` is not specified the point will be returned in `'uncompressed'`format.
+         * If `format` is not specified the point will be returned in `'uncompressed'` format.
          *
-         * If the `inputEncoding` is not provided, `key` is expected to be a `Buffer`,`TypedArray`, or `DataView`.
+         * If the `inputEncoding` is not provided, `key` is expected to be a `Buffer`, `TypedArray`, or `DataView`.
          *
          * Example (uncompressing a key):
          *
@@ -2352,7 +2376,7 @@ declare module "crypto" {
          * the public key in the specified `format` and `encoding`. This key should be
          * transferred to the other party.
          *
-         * The `format` argument specifies point encoding and can be `'compressed'` or`'uncompressed'`. If `format` is not specified, the point will be returned in`'uncompressed'` format.
+         * The `format` argument specifies point encoding and can be `'compressed'` or `'uncompressed'`. If `format` is not specified, the point will be returned in`'uncompressed'` format.
          *
          * If `encoding` is provided a string is returned; otherwise a `Buffer` is returned.
          * @since v0.11.14
@@ -2367,11 +2391,11 @@ declare module "crypto" {
          * key is interpreted using specified `inputEncoding`, and the returned secret
          * is encoded using the specified `outputEncoding`.
          * If the `inputEncoding` is not
-         * provided, `otherPublicKey` is expected to be a `Buffer`, `TypedArray`, or`DataView`.
+         * provided, `otherPublicKey` is expected to be a `Buffer`, `TypedArray`, or `DataView`.
          *
          * If `outputEncoding` is given a string will be returned; otherwise a `Buffer` is returned.
          *
-         * `ecdh.computeSecret` will throw an`ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY` error when `otherPublicKey`lies outside of the elliptic curve. Since `otherPublicKey` is
+         * `ecdh.computeSecret` will throw an`ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY` error when `otherPublicKey` lies outside of the elliptic curve. Since `otherPublicKey` is
          * usually supplied from a remote user over an insecure network,
          * be sure to handle this exception accordingly.
          * @since v0.11.14
@@ -2396,7 +2420,7 @@ declare module "crypto" {
         getPrivateKey(): Buffer;
         getPrivateKey(encoding: BinaryToTextEncoding): string;
         /**
-         * The `format` argument specifies point encoding and can be `'compressed'` or`'uncompressed'`. If `format` is not specified the point will be returned in`'uncompressed'` format.
+         * The `format` argument specifies point encoding and can be `'compressed'` or `'uncompressed'`. If `format` is not specified the point will be returned in`'uncompressed'` format.
          *
          * If `encoding` is specified, a string is returned; otherwise a `Buffer` is
          * returned.
@@ -2410,7 +2434,7 @@ declare module "crypto" {
         /**
          * Sets the EC Diffie-Hellman private key.
          * If `encoding` is provided, `privateKey` is expected
-         * to be a string; otherwise `privateKey` is expected to be a `Buffer`,`TypedArray`, or `DataView`.
+         * to be a string; otherwise `privateKey` is expected to be a `Buffer`, `TypedArray`, or `DataView`.
          *
          * If `privateKey` is not valid for the curve specified when the `ECDH` object was
          * created, an error is thrown. Upon setting the private key, the associated
@@ -2430,7 +2454,7 @@ declare module "crypto" {
      */
     function createECDH(curveName: string): ECDH;
     /**
-     * This function compares the underlying bytes that represent the given`ArrayBuffer`, `TypedArray`, or `DataView` instances using a constant-time
+     * This function compares the underlying bytes that represent the given `ArrayBuffer`, `TypedArray`, or `DataView` instances using a constant-time
      * algorithm.
      *
      * This function does not leak timing information that
@@ -2445,8 +2469,8 @@ declare module "crypto" {
      * entry, such as `Uint16Array`, the result will be computed using the platform
      * byte order.
      *
-     * **When both of the inputs are `Float32Array`s or`Float64Array`s, this function might return unexpected results due to IEEE 754**
-     * **encoding of floating-point numbers. In particular, neither `x === y` nor`Object.is(x, y)` implies that the byte representations of two floating-point**
+     * **When both of the inputs are `Float32Array`s or `Float64Array`s, this function might return unexpected results due to IEEE 754**
+     * **encoding of floating-point numbers. In particular, neither `x === y` nor `Object.is(x, y)` implies that the byte representations of two floating-point**
      * **numbers `x` and `y` are equal.**
      *
      * Use of `crypto.timingSafeEqual` does not guarantee that the _surrounding_ code
@@ -2475,6 +2499,10 @@ declare module "crypto" {
          * Name of the curve to use
          */
         namedCurve: string;
+        /**
+         * Must be `'named'` or `'explicit'`. Default: `'named'`.
+         */
+        paramEncoding?: "explicit" | "named" | undefined;
     }
     interface RSAKeyPairKeyObjectOptions {
         /**
@@ -2585,11 +2613,7 @@ declare module "crypto" {
             type: "pkcs8";
         };
     }
-    interface ECKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> {
-        /**
-         * Name of the curve to use.
-         */
-        namedCurve: string;
+    interface ECKeyPairOptions<PubF extends KeyFormat, PrivF extends KeyFormat> extends ECKeyPairKeyObjectOptions {
         publicKeyEncoding: {
             type: "pkcs1" | "spki";
             format: PubF;
@@ -2823,7 +2847,7 @@ declare module "crypto" {
      * behaves as if `keyObject.export()` had been called on its result. Otherwise,
      * the respective part of the key is returned as a `KeyObject`.
      *
-     * It is recommended to encode public keys as `'spki'` and private keys as`'pkcs8'` with encryption for long-term storage:
+     * It is recommended to encode public keys as `'spki'` and private keys as `'pkcs8'` with encryption for long-term storage:
      *
      * ```js
      * const {
@@ -2847,7 +2871,7 @@ declare module "crypto" {
      * });
      * ```
      *
-     * On completion, `callback` will be called with `err` set to `undefined` and`publicKey` / `privateKey` representing the generated key pair.
+     * On completion, `callback` will be called with `err` set to `undefined` and `publicKey` / `privateKey` representing the generated key pair.
      *
      * If this method is invoked as its `util.promisify()` ed version, it returns
      * a `Promise` for an `Object` with `publicKey` and `privateKey` properties.
@@ -3321,7 +3345,7 @@ declare module "crypto" {
         callback: (error: Error | null, data: Buffer) => void,
     ): void;
     /**
-     * Verifies the given signature for `data` using the given key and algorithm. If`algorithm` is `null` or `undefined`, then the algorithm is dependent upon the
+     * Verifies the given signature for `data` using the given key and algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is dependent upon the
      * key type (especially Ed25519 and Ed448).
      *
      * If `key` is not a `KeyObject`, this function behaves as if `key` had been
@@ -3351,10 +3375,45 @@ declare module "crypto" {
     ): void;
     /**
      * Computes the Diffie-Hellman secret based on a `privateKey` and a `publicKey`.
-     * Both keys must have the same `asymmetricKeyType`, which must be one of `'dh'`(for Diffie-Hellman), `'ec'` (for ECDH), `'x448'`, or `'x25519'` (for ECDH-ES).
+     * Both keys must have the same `asymmetricKeyType`, which must be one of `'dh'` (for Diffie-Hellman), `'ec'` (for ECDH), `'x448'`, or `'x25519'` (for ECDH-ES).
      * @since v13.9.0, v12.17.0
      */
     function diffieHellman(options: { privateKey: KeyObject; publicKey: KeyObject }): Buffer;
+    /**
+     * A utility for creating one-shot hash digests of data. It can be faster than the object-based `crypto.createHash()` when hashing a smaller amount of data
+     * (<= 5MB) that's readily available. If the data can be big or if it is streamed, it's still recommended to use `crypto.createHash()` instead. The `algorithm`
+     * is dependent on the available algorithms supported by the version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc. On recent releases
+     * of OpenSSL, `openssl list -digest-algorithms` will display the available digest algorithms.
+     *
+     * Example:
+     *
+     * ```js
+     * const crypto = require('node:crypto');
+     * const { Buffer } = require('node:buffer');
+     *
+     * // Hashing a string and return the result as a hex-encoded string.
+     * const string = 'Node.js';
+     * // 10b3493287f831e81a438811a1ffba01f8cec4b7
+     * console.log(crypto.hash('sha1', string));
+     *
+     * // Encode a base64-encoded string into a Buffer, hash it and return
+     * // the result as a buffer.
+     * const base64 = 'Tm9kZS5qcw==';
+     * // <Buffer 10 b3 49 32 87 f8 31 e8 1a 43 88 11 a1 ff ba 01 f8 ce c4 b7>
+     * console.log(crypto.hash('sha1', Buffer.from(base64, 'base64'), 'buffer'));
+     * ```
+     * @since v21.7.0, v20.12.0
+     * @param data When `data` is a string, it will be encoded as UTF-8 before being hashed. If a different input encoding is desired for a string input, user
+     *             could encode the string into a `TypedArray` using either `TextEncoder` or `Buffer.from()` and passing the encoded `TypedArray` into this API instead.
+     * @param [outputEncoding='hex'] [Encoding](https://nodejs.org/docs/latest-v20.x/api/buffer.html#buffers-and-character-encodings) used to encode the returned digest.
+     */
+    function hash(algorithm: string, data: BinaryLike, outputEncoding?: BinaryToTextEncoding): string;
+    function hash(algorithm: string, data: BinaryLike, outputEncoding: "buffer"): Buffer;
+    function hash(
+        algorithm: string,
+        data: BinaryLike,
+        outputEncoding?: BinaryToTextEncoding | "buffer",
+    ): string | Buffer;
     type CipherMode = "cbc" | "ccm" | "cfb" | "ctr" | "ecb" | "gcm" | "ocb" | "ofb" | "stream" | "wrap" | "xts";
     interface CipherInfoOptions {
         /**
@@ -3407,9 +3466,9 @@ declare module "crypto" {
      */
     function getCipherInfo(nameOrNid: string | number, options?: CipherInfoOptions): CipherInfo | undefined;
     /**
-     * HKDF is a simple key derivation function defined in RFC 5869\. The given `ikm`,`salt` and `info` are used with the `digest` to derive a key of `keylen` bytes.
+     * HKDF is a simple key derivation function defined in RFC 5869\. The given `ikm`, `salt` and `info` are used with the `digest` to derive a key of `keylen` bytes.
      *
-     * The supplied `callback` function is called with two arguments: `err` and`derivedKey`. If an errors occurs while deriving the key, `err` will be set;
+     * The supplied `callback` function is called with two arguments: `err` and `derivedKey`. If an errors occurs while deriving the key, `err` will be set;
      * otherwise `err` will be `null`. The successfully generated `derivedKey` will
      * be passed to the callback as an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer). An error will be thrown if any
      * of the input arguments specify invalid values or types.
@@ -3443,7 +3502,7 @@ declare module "crypto" {
     ): void;
     /**
      * Provides a synchronous HKDF key derivation function as defined in RFC 5869\. The
-     * given `ikm`, `salt` and `info` are used with the `digest` to derive a key of`keylen` bytes.
+     * given `ikm`, `salt` and `info` are used with the `digest` to derive a key of `keylen` bytes.
      *
      * The successfully generated `derivedKey` will be returned as an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer).
      *
@@ -3772,7 +3831,7 @@ declare module "crypto" {
     /**
      * Generates a pseudorandom prime of `size` bits.
      *
-     * If `options.safe` is `true`, the prime will be a safe prime -- that is,`(prime - 1) / 2` will also be a prime.
+     * If `options.safe` is `true`, the prime will be a safe prime -- that is, `(prime - 1) / 2` will also be a prime.
      *
      * The `options.add` and `options.rem` parameters can be used to enforce additional
      * requirements, e.g., for Diffie-Hellman:
@@ -3788,7 +3847,7 @@ declare module "crypto" {
      * * `options.rem` is ignored if `options.add` is not given.
      *
      * Both `options.add` and `options.rem` must be encoded as big-endian sequences
-     * if given as an `ArrayBuffer`, `SharedArrayBuffer`, `TypedArray`, `Buffer`, or`DataView`.
+     * if given as an `ArrayBuffer`, `SharedArrayBuffer`, `TypedArray`, `Buffer`, or `DataView`.
      *
      * By default, the prime is encoded as a big-endian sequence of octets
      * in an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer). If the `bigint` option is `true`, then a
@@ -3815,7 +3874,7 @@ declare module "crypto" {
     /**
      * Generates a pseudorandom prime of `size` bits.
      *
-     * If `options.safe` is `true`, the prime will be a safe prime -- that is,`(prime - 1) / 2` will also be a prime.
+     * If `options.safe` is `true`, the prime will be a safe prime -- that is, `(prime - 1) / 2` will also be a prime.
      *
      * The `options.add` and `options.rem` parameters can be used to enforce additional
      * requirements, e.g., for Diffie-Hellman:
@@ -3831,7 +3890,7 @@ declare module "crypto" {
      * * `options.rem` is ignored if `options.add` is not given.
      *
      * Both `options.add` and `options.rem` must be encoded as big-endian sequences
-     * if given as an `ArrayBuffer`, `SharedArrayBuffer`, `TypedArray`, `Buffer`, or`DataView`.
+     * if given as an `ArrayBuffer`, `SharedArrayBuffer`, `TypedArray`, `Buffer`, or `DataView`.
      *
      * By default, the prime is encoded as a big-endian sequence of octets
      * in an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer). If the `bigint` option is `true`, then a
@@ -3877,7 +3936,7 @@ declare module "crypto" {
      *
      * `engine` could be either an id or a path to the engine's shared library.
      *
-     * The optional `flags` argument uses `ENGINE_METHOD_ALL` by default. The `flags`is a bit field taking one of or a mix of the following flags (defined in`crypto.constants`):
+     * The optional `flags` argument uses `ENGINE_METHOD_ALL` by default. The `flags` is a bit field taking one of or a mix of the following flags (defined in `crypto.constants`):
      *
      * * `crypto.constants.ENGINE_METHOD_RSA`
      * * `crypto.constants.ENGINE_METHOD_DSA`
@@ -4450,6 +4509,14 @@ declare module "crypto" {
             ): Promise<ArrayBuffer>;
         }
     }
+
+    global {
+        var crypto: typeof globalThis extends {
+            crypto: infer T;
+            onmessage: any;
+        } ? T
+            : webcrypto.Crypto;
+    }
 }
 declare module "node:crypto" {
     export * from "crypto";