or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

asn1.mdasymmetric-cryptography.mdindex.mdlogging.mdmessage-digests.mdnetwork-http.mdpkcs.mdpki.mdrandom.mdsymmetric-encryption.mdtls.mdutilities.mdweb-forms.md
tile.json

tessl/npm-node-forge

JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
npmpkg:npm/node-forge@1.3.x

To install, run

npx @tessl/cli install tessl/npm-node-forge@1.3.0

index.mddocs/

Node-forge

Node-forge is a comprehensive JavaScript cryptographic library providing pure JavaScript implementations of network transports, cryptography ciphers, PKI, message digests, and utilities. It enables cryptographic operations in both Node.js and browser environments without relying on native crypto libraries.

Package Information

  • Package Name: node-forge
  • Package Type: npm
  • Language: JavaScript
  • Installation: npm install node-forge

Core Imports

const forge = require('node-forge');

ES6 import (with proper module bundling):

import forge from 'node-forge';

All functionality is accessed through the main forge object with namespaced modules.

Basic Usage

const forge = require('node-forge');

// Generate RSA key pair
const keypair = forge.pki.rsa.generateKeyPair(2048);

// Create and sign a certificate
const cert = forge.pki.createCertificate();
cert.publicKey = keypair.publicKey;
cert.serialNumber = '01';
cert.validity.notBefore = new Date();
cert.validity.notAfter = new Date();
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
cert.subject.attributes.push({name: 'commonName', value: 'example.com'});
cert.issuer.attributes = cert.subject.attributes;
cert.sign(keypair.privateKey, forge.md.sha256.create());

// Hash data
const md = forge.md.sha256.create();
md.update('Hello World');
const hash = md.digest().toHex();

// Encrypt data with AES
const key = forge.random.getBytesSync(32); // 256-bit key
const iv = forge.random.getBytesSync(16);  // 128-bit IV
const cipher = forge.cipher.createCipher('AES-CBC', key);
cipher.start({iv: iv});
cipher.update(forge.util.createBuffer('secret message'));
cipher.finish();
const encrypted = cipher.output.getBytes();

Architecture

Node-forge is organized into specialized modules that extend the main forge object:

  • Core Utilities: Buffer handling, encoding/decoding, type checking (forge.util)
  • Symmetric Cryptography: Block ciphers, modes, and implementations (forge.cipher, forge.aes)
  • Asymmetric Cryptography: RSA, Ed25519 key generation and operations (forge.pki.rsa, forge.ed25519)
  • Hash Functions: Message digests and HMAC (forge.md, forge.hmac)
  • PKI Framework: Certificate handling, PEM/DER conversion (forge.pki, forge.asn1)
  • Protocol Support: TLS implementation, SSH utilities (forge.tls, forge.ssh)
  • Standards Compliance: PKCS support, OID registry (forge.pkcs7, forge.oids)

Global Configuration

forge.options = {
  usePureJavaScript: boolean; // Force pure JS implementations (default: false)
}

Capabilities

Utilities and Buffer Management

Core utility functions for data manipulation, encoding/decoding, and buffer operations essential for cryptographic work.

forge.util.createBuffer(input?: string | ArrayBuffer, encoding?: string): ByteStringBuffer;
forge.util.encode64(input: string, maxline?: number): string;
forge.util.decode64(input: string): string;
forge.util.hexToBytes(hex: string): string;
forge.util.bytesToHex(bytes: string): string;

Utilities and Buffers

Symmetric Encryption

Block cipher implementations including AES, DES, and RC2 with support for various modes (CBC, CFB, OFB, CTR, GCM).

forge.cipher.createCipher(algorithm: string, key: string | ByteStringBuffer): BlockCipher;
forge.cipher.createDecipher(algorithm: string, key: string | ByteStringBuffer): BlockCipher;

interface BlockCipher {
  start(options?: {
    iv?: string | ByteStringBuffer;
    additionalData?: string; // For GCM mode
    tagLength?: number;      // For GCM mode
    tag?: string;           // For GCM decryption
  }): void;
  update(input?: ByteStringBuffer): void;
  finish(pad?: function): boolean;
  output: ByteStringBuffer;
}

Symmetric Encryption

Asymmetric Cryptography

RSA and Ed25519 implementations for key generation, encryption/decryption, and digital signatures.

forge.pki.rsa.generateKeyPair(
  bits: number, 
  e?: number, 
  options?: object, 
  callback?: function
): {privateKey: PrivateKey, publicKey: PublicKey} | void;

interface PublicKey {
  encrypt(data: string, scheme?: string, schemeOptions?: object): string;
  verify(digest: string, signature: string, scheme?: string): boolean;
}

interface PrivateKey {
  decrypt(data: string, scheme?: string, schemeOptions?: object): string;
  sign(messageDigest: MessageDigest, scheme?: string): string;
}

Asymmetric Cryptography

Message Digests and HMAC

Cryptographic hash functions (MD5, SHA-1, SHA-256, SHA-512) and HMAC for message authentication.

forge.md.sha256.create(): MessageDigest;
forge.hmac.create(): HMACContext;

interface MessageDigest {
  start(): MessageDigest;
  update(message: string, encoding?: 'utf8' | 'raw'): MessageDigest;
  digest(): ByteStringBuffer;
}

interface HMACContext {
  start(md: string | MessageDigest, key: string | ByteStringBuffer): void;
  update(bytes: string): void;
  getMac(): ByteStringBuffer;
}

Message Digests and HMAC

Public Key Infrastructure

Certificate management, PEM/DER conversion, and X.509 certificate creation and validation.

forge.pki.createCertificate(): Certificate;
forge.pki.privateKeyFromPem(pem: string): PrivateKey;
forge.pki.privateKeyToPem(key: PrivateKey, maxline?: number): string;
forge.pki.certificateFromPem(pem: string): Certificate;
forge.pki.certificateToPem(certificate: Certificate, maxline?: number): string;

interface Certificate {
  serialNumber: string;
  validity: {notBefore: Date; notAfter: Date};
  subject: {attributes: Array<{name: string; value: string}>};
  issuer: {attributes: Array<{name: string; value: string}>};
  publicKey: PublicKey;
  sign(privateKey: PrivateKey, md: MessageDigest): void;
  verify(caStore: Certificate[]): boolean;
}

Public Key Infrastructure

ASN.1 Encoding and Decoding

ASN.1 DER encoding/decoding for working with cryptographic standards and certificate formats.

forge.asn1.create(
  tagClass: number, 
  type: number, 
  constructed: boolean, 
  value: any
): ASN1;
forge.asn1.fromDer(bytes: string | ByteStringBuffer): ASN1;
forge.asn1.toDer(obj: ASN1): ByteStringBuffer;

interface ASN1 {
  tagClass: number;
  type: number;
  constructed: boolean;
  value: any;
}

ASN.1 Encoding

PKCS Standards

Implementation of PKCS standards including PKCS#1 (RSA), PKCS#7 (CMS), and PKCS#12 (key stores).

forge.pkcs7.createSignedData(): PKCS7SignedData;
forge.pkcs7.messageFromPem(pem: string): PKCS7Message;
forge.pkcs12.toPkcs12Asn1(key: PrivateKey, cert: Certificate, password: string): ASN1;

PKCS Standards

Random Number Generation

Secure random number generation for cryptographic operations including key generation and IV creation.

forge.random.getBytes(count: number, callback?: function): string;
forge.random.getBytesSync(count: number): string;

Random Number Generation

TLS Implementation

Complete TLS client and server implementation for secure network communications.

forge.tls.createConnection(options: {
  server?: boolean;
  sessionId?: string;
  caStore?: Array<Certificate>;
  cipherSuites?: Array<object>;
  connected?: function;
  getCertificate?: function;
  getPrivateKey?: function;
}): TLSConnection;

TLS Implementation

Logging System

Cross-browser logging system with configurable log levels and multiple output targets.

forge.log.error(category: string, message: string, ...args: any[]): void;
forge.log.warning(category: string, message: string, ...args: any[]): void;
forge.log.info(category: string, message: string, ...args: any[]): void;
forge.log.debug(category: string, message: string, ...args: any[]): void;
forge.log.verbose(category: string, message: string, ...args: any[]): void;
forge.log.makeLogger(logFunction: function): Logger;

Logging System

Web Form Utilities

jQuery-based utilities for manipulating web forms and serializing form data to JSON objects.

forge.form.serialize(input: jQuery, sep?: string, dict?: object): object;

Web Form Utilities

Network and HTTP Client

HTTP client implementation with TLS support, cookie management, and XMLHttpRequest interface.

forge.http.createClient(options: object): HTTPClient;
forge.xhr.create(options?: object): XMLHttpRequest;
forge.xhr.init(options: object): void;

Network and HTTP

Common Types

interface ByteStringBuffer {
  putByte(byte: number): ByteStringBuffer;
  putBytes(bytes: string): ByteStringBuffer;
  putString(str: string): ByteStringBuffer;
  getByte(): number;
  getBytes(count?: number): string;
  length(): number;
  isEmpty(): boolean;
  toHex(): string;
  toString(): string;
}

interface MessageDigest {
  algorithm: string;
  blockLength: number;
  digestLength: number;
  start(): MessageDigest;
  update(message: string, encoding?: string): MessageDigest;
  digest(): ByteStringBuffer;
}