From 3469eb95538e5869b44b8acb5ec18bbefa2ab58d Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Sun, 8 Oct 2017 19:35:18 +0200 Subject: [PATCH] doc: public keys don't accept passphrases MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since `crypto.publicDecrypt()` and `crypto.publicEncrypt()` accept both public and private keys, make it clear that the `passphrase` option only applies to private keys. PR-URL: https://github.com/nodejs/node/pull/16087 Ref: https://github.com/nodejs/node/pull/16038 Reviewed-By: Colin Ihrig Reviewed-By: Anna Henningsen Reviewed-By: Nikolai Vavilov Reviewed-By: Tobias Nießen Reviewed-By: Daniel Bevenius Reviewed-By: James M Snell Reviewed-By: Ruben Bridgewater --- doc/api/crypto.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/doc/api/crypto.md b/doc/api/crypto.md index 45000c8c89d8a9..a9a96267991b96 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -1712,45 +1712,45 @@ Encrypts `buffer` with `privateKey`. `privateKey` can be an object or a string. If `privateKey` is a string, it is treated as the key with no passphrase and will use `RSA_PKCS1_PADDING`. -### crypto.publicDecrypt(publicKey, buffer) +### crypto.publicDecrypt(key, buffer) -- `publicKey` {Object | string} - - `key` {string} A PEM encoded public key. - - `passphrase` {string} An optional passphrase for the public key. +- `key` {Object | string} + - `key` {string} A PEM encoded public or private key. + - `passphrase` {string} An optional passphrase for the private key. - `padding` {crypto.constants} An optional padding value defined in `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING` or `RSA_PKCS1_PADDING`. - `buffer` {Buffer | TypedArray | DataView} - Returns: {Buffer} A new `Buffer` with the decrypted content. -Decrypts `buffer` with `publicKey`. +Decrypts `buffer` with `key`. -`publicKey` can be an object or a string. If `publicKey` is a string, it is -treated as the key with no passphrase and will use `RSA_PKCS1_PADDING`. +`key` can be an object or a string. If `key` is a string, it is treated as +the key with no passphrase and will use `RSA_PKCS1_PADDING`. Because RSA public keys can be derived from private keys, a private key may be passed instead of a public key. -### crypto.publicEncrypt(publicKey, buffer) +### crypto.publicEncrypt(key, buffer) -- `publicKey` {Object | string} - - `key` {string} A PEM encoded public key. - - `passphrase` {string} An optional passphrase for the public key. +- `key` {Object | string} + - `key` {string} A PEM encoded public or private key. + - `passphrase` {string} An optional passphrase for the private key. - `padding` {crypto.constants} An optional padding value defined in `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING`, `RSA_PKCS1_PADDING`, or `crypto.constants.RSA_PKCS1_OAEP_PADDING`. - `buffer` {Buffer | TypedArray | DataView} - Returns: {Buffer} A new `Buffer` with the encrypted content. -Encrypts the content of `buffer` with `publicKey` and returns a new +Encrypts the content of `buffer` with `key` and returns a new [`Buffer`][] with encrypted content. -`publicKey` can be an object or a string. If `publicKey` is a string, it is -treated as the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`. +`key` can be an object or a string. If `key` is a string, it is treated as +the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`. Because RSA public keys can be derived from private keys, a private key may be passed instead of a public key.