Skip to content

Commit 464b674

Browse files
tniessentniessen
committed
Adapt to KeyObject API
1 parent 11066fc commit 464b674

1 file changed

Lines changed: 10 additions & 19 deletions

File tree

doc/api/crypto.md

Lines changed: 10 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1157,6 +1157,16 @@ For private keys, the following encoding options can be used:
11571157
When PEM encoding was selected, the result will be a string, otherwise it will
11581158
be a buffer containing the data encoded as DER.
11591159

1160+
PKCS#1, SEC1, and PKCS#8 type keys can be encrypted by using a combination of
1161+
the `cipher` and `format` options. The PKCS#8 `type` can be used with any
1162+
`format` to encrypt any key algorithm (RSA, EC, or DH) by specifying a
1163+
`cipher`. PKCS#1 and SEC1 can only be encrypted by specifying a `cipher`
1164+
when the PEM `format` is used. For maximum compatibility, it is recommended
1165+
to use PKCS#8 for encrypted private keys. Since PKCS#8 defines its own
1166+
encryption mechanism, PEM-level encryption is not supported when encrypting
1167+
a PKCS#8 key. See [RFC 5208][] for PKCS#8 encryption and [RFC 1421][] for
1168+
PKCS#1 and SEC1 encryption.
1169+
11601170
### keyObject.symmetricSize
11611171
<!-- YAML
11621172
added: v11.6.0
@@ -1923,16 +1933,6 @@ generateKeyPair('rsa', {
19231933
On completion, `callback` will be called with `err` set to `undefined` and
19241934
`publicKey` / `privateKey` representing the generated key pair.
19251935

1926-
PKCS#1, SEC1, and PKCS#8 type keys can be encrypted by using a combination of
1927-
the `cipher` and `format` options. The PKCS#8 `type` can be used with any
1928-
`format` to encrypt any key algorithm (RSA, EC, or DH) by specifying a
1929-
`cipher`. PKCS#1 and SEC1 can only be encrypted by specifying a `cipher`
1930-
when the PEM `format` is used. For maximum compatibility, it is recommended
1931-
to use PKCS#8 for encrypted private keys. Since PKCS#8 defines its own
1932-
encryption mechanism, PEM-level encryption is not supported when encrypting
1933-
a PKCS#8 key. See [RFC 5208] for PKCS#8 encryption and [RFC 1421][] for
1934-
PKCS#1 and SEC1 encryption.
1935-
19361936
If this method is invoked as its [`util.promisify()`][]ed version, it returns
19371937
a `Promise` for an `Object` with `publicKey` and `privateKey` properties.
19381938

@@ -1993,15 +1993,6 @@ const { publicKey, privateKey } = generateKeyPairSync('rsa', {
19931993
The return value `{ publicKey, privateKey }` represents the generated key pair.
19941994
When PEM encoding was selected, the respective key will be a string, otherwise
19951995
it will be a buffer containing the data encoded as DER.
1996-
PKCS#1, SEC1, and PKCS#8 type keys can be encrypted by using a combination of
1997-
the `cipher` and `format` options. The PKCS#8 `type` can be used with any
1998-
`format` to encrypt any key algorithm (RSA, EC, or DH) by specifying a
1999-
`cipher`. PKCS#1 and SEC1 can only be encrypted by specifying a `cipher`
2000-
when the PEM `format` is used. For maximum compatibility, it is recommended
2001-
to use PKCS#8 for encrypted private keys. Since PKCS#8 defines its own
2002-
encryption mechanism, PEM-level encryption is not supported when encrypting
2003-
a PKCS#8 key. See [RFC 5208] for PKCS#8 encryption and [RFC 1421][] for
2004-
PKCS#1 and SEC1 encryption.
20051996

20061997
### crypto.getCiphers()
20071998
<!-- YAML

0 commit comments

Comments
 (0)