> For the complete documentation index, see [llms.txt](https://docs.n8n.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.crypto.md).

# Crypto

Use the Crypto node to perform cryptographic operations in workflows.

{% hint style="info" %}
**Credentials**

You can find authentication information for this node [here](https://github.com/n8n-io/n8n-docs/blob/main/integrations/builtin/credentials/crypto.md).
{% endhint %}

## Actions <a href="#actions" id="actions"></a>

* [**Decrypt** a string](#decrypt-parameters) with a passphrase or private key
* [**Encrypt** a string](#encrypt-parameters) with a passphrase or public key
* [**Generate** a random string](#generate-parameters)
* [**Hash** a text or file](#hash-parameters) in a specified format
* [**Hmac** a text or file](#hmac-parameters) in a specified format
* [**Sign** a string](#sign-parameters) using a private key

## Node parameters <a href="#node-parameters" id="node-parameters"></a>

{% hint style="info" %}
**This node can be used as an AI tool**

This node can be used to enhance the capabilities of an AI agent. When used in this way, many parameters can be set automatically, or with information directed by AI - find out more in the [AI tool parameters documentation](/build/integrate-ai/ai-examples/use-ai-for-parameters.md).
{% endhint %}

Node parameters depend on the action you select.

The **Hmac**, **Sign**, **Encrypt**, and **Decrypt** actions need [Crypto credentials](https://github.com/n8n-io/n8n-docs/blob/main/integrations/builtin/credentials/crypto.md). Each action uses the credential field it needs:

* **Hmac** uses the **Hmac Secret**.
* **Sign** uses the **Private Key**.
* **Encrypt** and **Decrypt** use the **Encryption Passphrase** for symmetric mode, or the **Encryption Public Key** and **Encryption Private Key** for asymmetric mode.

### Decrypt parameters <a href="#decrypt-parameters" id="decrypt-parameters"></a>

* **Mode**: Select the mode to use. This must match the mode used to encrypt the value. Choose from:
  * **Symmetric (Passphrase)**: Decrypt with a passphrase using an authenticated cipher.
  * **Asymmetric (RSA)**: Decrypt with an RSA private key.
* **Cipher**: When you select **Symmetric (Passphrase)**, choose the authenticated cipher to use. This must match the cipher used to encrypt the value. Choose from:
  * **AES-256-GCM**
  * **AES-192-GCM**
  * **AES-128-GCM**
  * **ChaCha20-Poly1305**
* **Value**: Enter the base64 string produced by the **Encrypt** action.
* **Property Name**: Enter the name of the property you want to write the decrypted value to.

### Encrypt parameters <a href="#encrypt-parameters" id="encrypt-parameters"></a>

* **Mode**: Select the mode to use. Choose from:
  * **Symmetric (Passphrase)**: Encrypt with a passphrase using an authenticated cipher.
  * **Asymmetric (RSA)**: Encrypt with an RSA public key.
* **Cipher**: When you select **Symmetric (Passphrase)**, choose the authenticated cipher to use. You must select the same cipher when you decrypt the value. Choose from:
  * **AES-256-GCM**
  * **AES-192-GCM**
  * **AES-128-GCM**
  * **ChaCha20-Poly1305**
* **Value**: Enter the value you want to encrypt.
* **Property Name**: Enter the name of the property you want to write the encrypted value to. The node writes the result as a base64 string.

{% hint style="info" %}
**RSA payload size**

Asymmetric (RSA) mode can only encrypt small payloads, around 190 bytes with a 2048-bit key. Use symmetric mode for larger data.
{% endhint %}

### Generate parameters <a href="#generate-parameters" id="generate-parameters"></a>

* **Property Name**: Enter the name of the property to write the random string to.
* **Type**: Select the encoding type to use to generate the string. Choose from:
  * **ASCII**
  * **BASE64**
  * **HEX**
  * **UUID**
* **Length**: When you select **ASCII**, **BASE64**, or **HEX**, enter the length of the generated string. The default is `32`.

### Hash parameters <a href="#hash-parameters" id="hash-parameters"></a>

* **Type**: Select the hash type to use. Choose from:
  * **MD5**
  * **SHA256**
  * **SHA3-256**
  * **SHA3-384**
  * **SHA3-512**
  * **SHA384**
  * **SHA512**
* **Binary File**: Turn this parameter on if the data you want to hash is from a binary file.
  * **Value**: If you turn off **Binary File**, enter the value you want to hash.
  * **Binary Property Name**: If you turn on **Binary File**, enter the name of the binary property that contains the data you want to hash.
* **Property Name**: Enter the name of the property you want to write the hash to.
* **Encoding**: Select the encoding type to use. Choose from:
  * **BASE64**
  * **HEX**

### Hmac parameters <a href="#hmac-parameters" id="hmac-parameters"></a>

* **Binary File**: Turn this parameter on if the data you want to create an Hmac for is from a binary file.
  * **Value**: If you turn off **Binary File**, enter the value you want to create an Hmac for.
  * **Binary Property Name**: If you turn on **Binary File**, enter the name of the binary property that contains the data you want to create an Hmac for.
* **Type**: Select the hash type to use. Choose from:
  * **MD5**
  * **SHA256**
  * **SHA3-256**
  * **SHA3-384**
  * **SHA3-512**
  * **SHA384**
  * **SHA512**
* **Property Name**: Enter the name of the property you want to write the Hmac to.
* **Encoding**: Select the encoding type to use. Choose from:
  * **BASE64**
  * **HEX**

This action uses the **Hmac Secret** from your [Crypto credentials](https://github.com/n8n-io/n8n-docs/blob/main/integrations/builtin/credentials/crypto.md).

### Sign parameters <a href="#sign-parameters" id="sign-parameters"></a>

* **Value**: Enter the value you want to sign.
* **Property Name**: Enter the name of the property you want to write the signed value to.
* **Algorithm Name or ID**: Choose an algorithm name from the list or specify an ID using an [expression](/build/work-with-data/expressions-versus-data-nodes.md).
* **Encoding**: Select the encoding type to use. Choose from:
  * **BASE64**
  * **HEX**

This action uses the **Private Key** from your [Crypto credentials](https://github.com/n8n-io/n8n-docs/blob/main/integrations/builtin/credentials/crypto.md).

## Templates and examples <a href="#templates-and-examples" id="templates-and-examples"></a>

[Browse Crypto integration templates](https://n8n.io/integrations/crypto) or [search all templates](https://n8n.io/workflows/)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.crypto.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.