Crypto algorithm list
Solution 1
The learning here is that ciphers
and hashes
are different and use different algorithms. With node's crypto
use .getCiphers()
and .getHashes()
methods to return an array with the names of the supported ciphers
and hashes
respectively.
var crypto = require('crypto')
console.log(crypto.getCiphers())
console.log(crypto.getHashes())
Which logs the following ciphers:
[ 'CAST-cbc',
'aes-128-cbc',
'aes-128-cbc-hmac-sha1',
'aes-128-cfb',
'aes-128-cfb1',
'aes-128-cfb8',
'aes-128-ctr',
'aes-128-ecb',
'aes-128-gcm',
'aes-128-ofb',
'aes-128-xts',
'aes-192-cbc',
'aes-192-cfb',
'aes-192-cfb1',
'aes-192-cfb8',
'aes-192-ctr',
'aes-192-ecb',
'aes-192-gcm',
'aes-192-ofb',
'aes-256-cbc',
'aes-256-cbc-hmac-sha1',
'aes-256-cfb',
'aes-256-cfb1',
'aes-256-cfb8',
'aes-256-ctr',
'aes-256-ecb',
'aes-256-gcm',
'aes-256-ofb',
'aes-256-xts',
'aes128',
'aes192',
'aes256',
'bf',
'bf-cbc',
'bf-cfb',
'bf-ecb',
'bf-ofb',
'blowfish',
'camellia-128-cbc',
'camellia-128-cfb',
'camellia-128-cfb1',
'camellia-128-cfb8',
'camellia-128-ecb',
'camellia-128-ofb',
'camellia-192-cbc',
'camellia-192-cfb',
'camellia-192-cfb1',
'camellia-192-cfb8',
'camellia-192-ecb',
'camellia-192-ofb',
'camellia-256-cbc',
'camellia-256-cfb',
'camellia-256-cfb1',
'camellia-256-cfb8',
'camellia-256-ecb',
'camellia-256-ofb',
'camellia128',
'camellia192',
'camellia256',
'cast',
'cast-cbc',
'cast5-cbc',
'cast5-cfb',
'cast5-ecb',
'cast5-ofb',
'des',
'des-cbc',
'des-cfb',
'des-cfb1',
'des-cfb8',
'des-ecb',
'des-ede',
'des-ede-cbc',
'des-ede-cfb',
'des-ede-ofb',
'des-ede3',
'des-ede3-cbc',
'des-ede3-cfb',
'des-ede3-cfb1',
'des-ede3-cfb8',
'des-ede3-ofb',
'des-ofb',
'des3',
'desx',
'desx-cbc',
'id-aes128-GCM',
'id-aes192-GCM',
'id-aes256-GCM',
'idea',
'idea-cbc',
'idea-cfb',
'idea-ecb',
'idea-ofb',
'rc2',
'rc2-40-cbc',
'rc2-64-cbc',
'rc2-cbc',
'rc2-cfb',
'rc2-ecb',
'rc2-ofb',
'rc4',
'rc4-40',
'rc4-hmac-md5',
'seed',
'seed-cbc',
'seed-cfb',
'seed-ecb',
'seed-ofb' ]
And the following hashes
:
[ 'DSA',
'DSA-SHA',
'DSA-SHA1',
'DSA-SHA1-old',
'RSA-MD4',
'RSA-MD5',
'RSA-MDC2',
'RSA-RIPEMD160',
'RSA-SHA',
'RSA-SHA1',
'RSA-SHA1-2',
'RSA-SHA224',
'RSA-SHA256',
'RSA-SHA384',
'RSA-SHA512',
'dsaEncryption',
'dsaWithSHA',
'dsaWithSHA1',
'dss1',
'ecdsa-with-SHA1',
'md4',
'md4WithRSAEncryption',
'md5',
'md5WithRSAEncryption',
'mdc2',
'mdc2WithRSA',
'ripemd',
'ripemd160',
'ripemd160WithRSA',
'rmd160',
'sha',
'sha1',
'sha1WithRSAEncryption',
'sha224',
'sha224WithRSAEncryption',
'sha256',
'sha256WithRSAEncryption',
'sha384',
'sha384WithRSAEncryption',
'sha512',
'sha512WithRSAEncryption',
'shaWithRSAEncryption',
'ssl2-md5',
'ssl3-md5',
'ssl3-sha1',
'whirlpool' ]
Here's my settings:
-
openssl version
isOpenSSL 0.9.8zg 14 July 2015
-
node --version
isv0.12.4
Solution 2
The openssl docs have a page listing all valid cipher strings: http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
Solution 3
CAST-cbc
aes-128-cbc
aes-128-cbc-hmac-sha1
aes-128-cfb
aes-128-cfb1
aes-128-cfb8
aes-128-ctr
aes-128-ecb
aes-128-gcm
aes-128-ofb
aes-128-xts
aes-192-cbc
aes-192-cfb
aes-192-cfb1
aes-192-cfb8
aes-192-ctr
aes-192-ecb
aes-192-gcm
aes-192-ofb
aes-256-cbc
aes-256-cbc-hmac-sha1
aes-256-cfb
aes-256-cfb1
aes-256-cfb8
aes-256-ctr
aes-256-ecb
aes-256-gcm
aes-256-ofb
aes-256-xts
aes128
aes192
aes256
bf
bf-cbc
bf-cfb
bf-ecb
bf-ofb
blowfish
camellia-128-cbc
camellia-128-cfb
camellia-128-cfb1
camellia-128-cfb8
camellia-128-ecb
camellia-128-ofb
camellia-192-cbc
camellia-192-cfb
camellia-192-cfb1
camellia-192-cfb8
camellia-192-ecb
camellia-192-ofb
camellia-256-cbc
camellia-256-cfb
camellia-256-cfb1
camellia-256-cfb8
camellia-256-ecb
camellia-256-ofb
camellia128
camellia192
camellia256
cast
cast-cbc
cast5-cbc
cast5-cfb
cast5-ecb
cast5-ofb
des
des-cbc
des-cfb
des-cfb1
des-cfb8
des-ecb
des-ede
des-ede-cbc
des-ede-cfb
des-ede-ofb
des-ede3
des-ede3-cbc
des-ede3-cfb
des-ede3-cfb1
des-ede3-cfb8
des-ede3-ofb
des-ofb
des3
desx
desx-cbc
id-aes128-GCM
id-aes192-GCM
id-aes256-GCM
idea
idea-cbc
idea-cfb
idea-ecb
idea-ofb
rc2
rc2-40-cbc
rc2-64-cbc
rc2-cbc
rc2-cfb
rc2-ecb
rc2-ofb
rc4
rc4-40
rc4-hmac-md5
seed
seed-cbc
seed-cfb
seed-ecb
seed-ofb
Solution 4
SHA-256 is not a cipher, it is a hash algorithm. That is probably why you didn't find it in a list of ciphers. The same goes for MD5 and all the various SHA algorithms.
Indeed, a hash algorithm is exactly what you need for HMAC. If you want to construct a MAC based on a block cipher, you'll need to use some other construction, such as OMAC/CMAC, PMAC or CBC-MAC.
Solution 5
I checked all of the cipher strings and everything in my gist and these are the only algo's that work with cipher to create a HMAC.
MD5
SHA
SHA1
SHA256
SHA384
ThomasReggi
Updated on July 09, 2022Comments
-
ThomasReggi almost 2 years
I'm trying to find a list of
strings
that can be used a a crypto algorithm to fit into this function, replacingSHA256
.crypto.createHmac("SHA256", secret).update(string).digest('base64'),
I've come to the understanding that crypto uses
openssl
, and that the algorithms are specific to each system running node.js.With the following commands you can see a list of all algorithms available for your system.
openssl list-cipher-algorithms openssl list-cipher-commands
I've outputted the content of those two commands to this gist.
What bothers me is that
SHA256
is not in either of those lists.I would really like the definitive algorithm list.
-
ThomasReggi over 11 yearsThanks for this, I had no clue.
-
Maarten Bodewes over 11 yearsMost of the time it is better to wait a bit (a day or two) for others to post answers, especially because your answer is plain wrong :) Best to delete it I suppose, before it gets modded into oblivion.
-
ThomasReggi over 11 years@owlstead Name another that can be used to create a hmac. Because if you can't I'm right. I've looped every string provided on this page, all produce errors except the above strings.
-
Maarten Bodewes over 11 yearsThe trouble was more in the name "cipher" (note spelling), for creating a HMAC you need a hash function, and as long as this list reflects the hash functions in openssl, it is correct (it is likely that support for SHA-224, SHA-512/256 and/or SHA-3 will be added in later releases).
-
Jevgeni Smirnov about 8 years@ThomasRegii, thanks, this was more nodejs specific answer.
-
Fandi Susanto over 7 yearsYou might want to read about encryption algorithms here: stackoverflow.com/questions/5554526/…
-
Nathan H over 5 years@ThomasRegii , old thread I know. Do you know what determines the list of ciphers? Is it the nodejs version, or the computer it’s running on?