What is the crypto module in Node.js?
Why Interviewers Ask This
Foundational questions like this help interviewers calibrate the rest of the interview. A confident, accurate answer signals that you have solid Node.js basics — a prerequisite for any developer role.
Answer
The crypto module provides cryptographic functionality including hashing, HMAC, encryption, decryption, and random bytes generation. Key uses: Hashing: crypto.createHash("sha256").update(data).digest("hex") — one-way hash for verifying data integrity or storing passwords (use bcrypt for passwords, not SHA); HMAC: crypto.createHmac("sha256", secret).update(data).digest("hex") — keyed hash for message authentication; Random bytes: crypto.randomBytes(32) — cryptographically secure random buffer for tokens, salts, nonces; crypto.randomUUID() (Node.js 14.17+) — generate a random UUID v4; Symmetric encryption: crypto.createCipheriv(algorithm, key, iv) / createDecipheriv() — AES encryption; Password hashing: use bcrypt or argon2 npm packages (not built-in crypto) as they implement proper salting and key stretching for passwords.
Pro Tip
This topic has Node.js-specific nuances that differ from general programming. Highlighting those nuances in your answer shows expertise rather than generic knowledge.