> For the complete documentation index, see [llms.txt](https://docs.rulecube.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.rulecube.com/v2.5/language-reference/crypto.md). # Crypto Collection of cryptographic functions. ### Static properties #### forge *object* The Forge library (node-forge) (advanced usage). #### node *object* The Node Crypto library (advanced usage). ### Methods #### encrypt ```javascript encrypt(text: string, key: string) ``` Encrypts a string using the AES algorithm. Returns a base64 encoded string. The result is not deterministic. **Parameters** **text *****string*** The text to encrypt. **key *****string*** The encryption key. **Return type** string **Examples** ```javascript // Encrypts a string using the AES algorithm: Crypto.encrypt('my secret text', 'my secret key') ``` #### decrypt ```javascript decrypt(text: string, key: string) ``` Decrypts a string using the AES algorithm. **Parameters** **text *****string*** The text to decrypt. **key *****string*** The encryption key. **Return type** string **Examples** ```javascript // Decrypts a string using the AES algorithm: Crypto.decrypt('my encrypted text', 'my secret key') ``` #### convertString ```javascript convertString(str: string, inputEncoding: 'ascii' | 'utf8' | 'utf-8' | 'utf16le' | 'utf-16le' | 'ucs2' | 'ucs-2' | 'base64' | 'base64url' | 'latin1' | 'binary' | 'hex', outputEncoding: 'ascii' | 'utf8' | 'utf-8' | 'utf16le' | 'utf-16le' | 'ucs2' | 'ucs-2' | 'base64' | 'base64url' | 'latin1' | 'binary' | 'hex') ``` Converts a string from one encoding to another. **Parameters** **str *****string*** The string to convert. **inputEncoding *****'ascii' | 'utf8' | 'utf-8' | 'utf16le' | 'utf-16le' | 'ucs2' | 'ucs-2' | 'base64' | 'base64url' | 'latin1' | 'binary' | 'hex'*** The encoding of the input string. **outputEncoding *****'ascii' | 'utf8' | 'utf-8' | 'utf16le' | 'utf-16le' | 'ucs2' | 'ucs-2' | 'base64' | 'base64url' | 'latin1' | 'binary' | 'hex'*** The encoding of the output string. **Return type** string **Examples** ```javascript // Converts a string from one encoding to another: Crypto.convertString('my text', 'utf8', 'base64') ``` #### hash ```javascript hash(text: string, algorithm: string, outputEncoding?: string) ``` Calculates the hash of a string using a specific algorithm. **Parameters** **text *****string*** The plain text to hash. **algorithm *****string*** The algorithm to use. E.g. "sha256" or "sha512". **outputEncoding *****string*** (optional) The encoding of the output. Default is 'base64'. Other options are 'hex' and 'binary'. **Return type** string **Examples** ```javascript // Calculates the SHA256 hash of a string: Crypto.hash('my secret text', 'sha256') // Calculates the SHA256 hash of a string and returns it as a hex string: Crypto.hash('my secret text', 'sha256', 'hex') ``` #### hmacHash ```javascript hmacHash(text: string, key: string, algorithm: string, outputEncoding?: string) ``` Calculates the HMAC hash of a string using a base64 key. **Parameters** **text *****string*** The plain text to hash. **key *****string*** The base64 key. **algorithm *****string*** The algorithm to use. E.g. "sha256" or "sha512". **outputEncoding *****string*** (optional) The encoding of the output. Default is 'base64'. Other options are 'hex' and 'binary'. **Return type** string **Examples** ```javascript // Calculates the HMAC SHA256 hash of a string using a base64 key: Crypto.hmacHash('my secret text', btoa('my secret key'), 'sha256') // Calculates the HMAC SHA256 hash of a string using a base64 key and returns it as a hex string: Crypto.hmacHash('my secret text', btoa('my secret key'), 'sha256', 'hex') ``` #### sign ```javascript sign(text: string, key: string | { key?: string, passphrase?: string, padding?: number, saltLength?: number, format?: string, type?: string, encoding?: string }, algorithm?: string, outputEncoding?: string) ``` Signs a string using a specific algorithm. **Parameters** **text *****string*** The plain text to sign. **key *****string | { key?: string, passphrase?: string, padding?: number, saltLength?: number, format?: string, type?: string, encoding?: string }*** The key to use for signing. **algorithm *****string*** (optional) The algorithm to use. E.g. "sha256" or "sha512". Default is "sha256". **outputEncoding *****string*** (optional) The encoding of the output. Default is 'base64'. Other options are 'hex' and 'binary'. **Return type** string **Examples** ```javascript Crypto.sign("my secret text", privateKey, "sha256") ``` #### sha256 ```javascript sha256(text: string, outputEncoding?: string) ``` Calculates the SHA256 hash of a string. **Parameters** **text *****string*** The plain text to hash. **outputEncoding *****string*** (optional) The encoding of the output. Default is 'base64'. Other options are 'hex' and 'binary'. **Return type** string **Examples** ```javascript // Calculates the SHA256 hash of a string: Crypto.sha256('my secret text') // Calculates the SHA256 hash of a string and returns it as a hex string: Crypto.sha256('my secret text', 'hex') ``` #### hmacSha256 ```javascript hmacSha256(text: string, key: string, outputEncoding?: string) ``` Calculates the HMAC SHA256 hash of a string using a base64 key. **Parameters** **text *****string*** The plain text to hash. **key *****string*** The base64 key. **outputEncoding *****string*** (optional) The encoding of the output. Default is 'base64'. Other options are 'hex' and 'binary'. **Return type** string **Examples** ```javascript // Calculates the HMAC SHA256 hash of a string using a base64 key (btoa converts a string to base64): Crypto.hmacSha256('my secret text', btoa('my secret key')) ``` #### getPrivateKeyFromCertificate ```javascript getPrivateKeyFromCertificate(certificate: string) ``` Converts a base64 encoded PKCS12 DER certificate to a PEM private key **Parameters** **certificate *****string*** The base64 certificate. **Return type** string **Examples** ```javascript // Gets a private key from a base64 certificate: Crypto.getPrivateKeyFromCertificate('base64 certificate') ``` #### getClientAssertion ```javascript getClientAssertion(tokenEndpoint: string, issuer: string, expirationTime: number, certificateThumbprint: string, privateKey: string) ``` Creates a JWT client\_assertion string for use in an OAuth 2.0 call from a certificate thumbprint and private key **Parameters** **tokenEndpoint *****string*** The token endpoint the client assertion is used for. **issuer *****string*** The issuer where the client assertion is for. **expirationTime *****number*** The expiration time of the client assertion. **certificateThumbprint *****string*** The certificate thumbprint that is used to sign the client assertion. **privateKey *****string*** The private key that is used to sign the client assertion. **Return type** string **Examples** ```javascript // Gets a client assertion that expires in 1 hour: Crypto.getClientAssertion('token endpoint', 'issuer', 3600, 'thumbprint', 'private key') ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.rulecube.com/v2.5/language-reference/crypto.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.