Skip to content

Commit a6d1e96

Browse files
committed
fail on private export with a passphrase
1 parent 44d49e0 commit a6d1e96

File tree

2 files changed

+13
-0
lines changed

2 files changed

+13
-0
lines changed

lib/internal/crypto/keys.js

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -228,6 +228,10 @@ const [
228228

229229
export(options) {
230230
if (options && options.format === 'jwk') {
231+
if (options.passphrase !== undefined) {
232+
throw new ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS(
233+
'jwk', 'does not support encryption');
234+
}
231235
const properties = this[kAsymmetricKeyJWKProperties]();
232236
return this[kHandle].exportJwk(properties);
233237
}

test/parallel/test-crypto-key-objects.js

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -199,6 +199,15 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
199199
jwk
200200
);
201201

202+
// Exporting the key using JWK should not work since this format does not
203+
// support key encryption
204+
assert.throws(() => {
205+
privateKey.export({ format: 'jwk', passphrase: 'secret' });
206+
}, {
207+
message: 'The selected key encoding jwk does not support encryption.',
208+
code: 'ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS'
209+
});
210+
202211
const publicDER = publicKey.export({
203212
format: 'der',
204213
type: 'pkcs1'

0 commit comments

Comments
 (0)