Skip to content

Commit

Permalink
doc: public keys don't accept passphrases
Browse files Browse the repository at this point in the history 
Since `crypto.publicDecrypt()` and `crypto.publicEncrypt()` accept both
public and private keys, make it clear that the `passphrase` option only
applies to private keys.

PR-URL: #16087
Ref: #16038
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Nikolai Vavilov <vvnicholas@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
  • Loading branch information
@bnoordhuis @targos
bnoordhuis authored and targos committed Oct 18, 2017
1 parent f501062 commit e34509e
Showing 1 changed file with 14 additions and 14 deletions.
28 changes: 14 additions & 14 deletions doc/api/crypto.md
View file
Expand Up @@ -1658,45 +1658,45 @@ Encrypts `buffer` with `privateKey`.
`privateKey` can be an object or a string. If `privateKey` is a string, it is
treated as the key with no passphrase and will use `RSA_PKCS1_PADDING`.

### crypto.publicDecrypt(publicKey, buffer)
### crypto.publicDecrypt(key, buffer)
<!-- YAML
added: v1.1.0
-->
- `publicKey` {Object | string}
- `key` {string} A PEM encoded public key.
- `passphrase` {string} An optional passphrase for the public key.
- `key` {Object | string}
- `key` {string} A PEM encoded public or private key.
- `passphrase` {string} An optional passphrase for the private key.
- `padding` {crypto.constants} An optional padding value defined in
`crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING` or
`RSA_PKCS1_PADDING`.
- `buffer` {Buffer | TypedArray | DataView}
- Returns: {Buffer} A new `Buffer` with the decrypted content.

Decrypts `buffer` with `publicKey`.
Decrypts `buffer` with `key`.

`publicKey` can be an object or a string. If `publicKey` is a string, it is
treated as the key with no passphrase and will use `RSA_PKCS1_PADDING`.
`key` can be an object or a string. If `key` is a string, it is treated as
the key with no passphrase and will use `RSA_PKCS1_PADDING`.

Because RSA public keys can be derived from private keys, a private key may
be passed instead of a public key.

### crypto.publicEncrypt(publicKey, buffer)
### crypto.publicEncrypt(key, buffer)
<!-- YAML
added: v0.11.14
-->
- `publicKey` {Object | string}
- `key` {string} A PEM encoded public key.
- `passphrase` {string} An optional passphrase for the public key.
- `key` {Object | string}
- `key` {string} A PEM encoded public or private key.
- `passphrase` {string} An optional passphrase for the private key.
- `padding` {crypto.constants} An optional padding value defined in
`crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING`,
`RSA_PKCS1_PADDING`, or `crypto.constants.RSA_PKCS1_OAEP_PADDING`.
- `buffer` {Buffer | TypedArray | DataView}
- Returns: {Buffer} A new `Buffer` with the encrypted content.

Encrypts the content of `buffer` with `publicKey` and returns a new
Encrypts the content of `buffer` with `key` and returns a new
[`Buffer`][] with encrypted content.

`publicKey` can be an object or a string. If `publicKey` is a string, it is
treated as the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`.
`key` can be an object or a string. If `key` is a string, it is treated as
the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`.

Because RSA public keys can be derived from private keys, a private key may
be passed instead of a public key.
Expand Down

0 comments on commit e34509e

Please sign in to comment.