diff options
author | Tobias Nießen <tniessen@tnie.de> | 2019-01-03 18:59:34 +0100 |
---|---|---|
committer | Daniel Bevenius <daniel.bevenius@gmail.com> | 2019-01-07 07:33:35 +0100 |
commit | 7afdfaec083310baa66c05daf33409a7b55528dd (patch) | |
tree | 4d8b5ce10517efbc38356b2db244e726d7030cc5 /doc/api/crypto.md | |
parent | 7ed790e9dbf7827056b2859a57e9ad72863c1d50 (diff) | |
download | android-node-v8-7afdfaec083310baa66c05daf33409a7b55528dd.tar.gz android-node-v8-7afdfaec083310baa66c05daf33409a7b55528dd.tar.bz2 android-node-v8-7afdfaec083310baa66c05daf33409a7b55528dd.zip |
crypto: fix key object wrapping in sync keygen
PR-URL: https://github.com/nodejs/node/pull/25326
Fixes: https://github.com/nodejs/node/issues/25322
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'doc/api/crypto.md')
-rw-r--r-- | doc/api/crypto.md | 23 |
1 files changed, 9 insertions, 14 deletions
diff --git a/doc/api/crypto.md b/doc/api/crypto.md index bc842062d0..95b1e9114a 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -1951,18 +1951,8 @@ changes: - `publicExponent`: {number} Public exponent (RSA). **Default:** `0x10001`. - `divisorLength`: {number} Size of `q` in bits (DSA). - `namedCurve`: {string} Name of the curve to use (EC). - - `publicKeyEncoding`: {Object} - - `type`: {string} Must be one of `'pkcs1'` (RSA only) or `'spki'`. - - `format`: {string} Must be `'pem'` or `'der'`. - - `privateKeyEncoding`: {Object} - - `type`: {string} Must be one of `'pkcs1'` (RSA only), `'pkcs8'` or - `'sec1'` (EC only). - - `format`: {string} Must be `'pem'` or `'der'`. - - `cipher`: {string} If specified, the private key will be encrypted with - the given `cipher` and `passphrase` using PKCS#5 v2.0 password based - encryption. - - `passphrase`: {string | Buffer} The passphrase to use for encryption, see - `cipher`. + - `publicKeyEncoding`: {Object} See [`keyObject.export()`][]. + - `privateKeyEncoding`: {Object} See [`keyObject.export()`][]. * Returns: {Object} - `publicKey`: {string | Buffer | KeyObject} - `privateKey`: {string | Buffer | KeyObject} @@ -1970,8 +1960,13 @@ changes: Generates a new asymmetric key pair of the given `type`. Only RSA, DSA and EC are currently supported. -It is recommended to encode public keys as `'spki'` and private keys as -`'pkcs8'` with encryption: +If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function +behaves as if [`keyObject.export()`][] had been called on its result. Otherwise, +the respective part of the key is returned as a [`KeyObject`]. + +When encoding public keys, it is recommended to use `'spki'`. When encoding +private keys, it is recommended to use `'pks8'` with a strong passphrase, and to +keep the passphrase confidential. ```js const { generateKeyPairSync } = require('crypto'); |